A Safari exploit affecting the browser on both iOS and macOS has been released by security researcher Linus Henze. The exploit has been patched by Apple in iOS 12.1.1 so it is only available on devices running iOS 12.1 and lower.
This exploit can be potentially used for an iOS 12 – iOS 12.1.jailbreak, though that’s only on paper. Someone has to do the heavy lifting of actually using this exploit to create an iOS 12 – iOS 12.1 jailbreak. And since this is a Safari-based jailbreak, it can only be used to create a Safari-based jailbreak.
Want a free Safari 0day? (Ok, it's actually a 1day because it's fixed in the latest WebKit version, but it still works in the latest version of Safari) Then go to https://t.co/CD9IwHUQP8
— Linus Henze (@LinusHenze) December 6, 2018
Please don't do evil stuff with this.
Below is how Linus Henze explains the exploit:
"This is an optimization error in the way RegEx matching is handled. By setting lastIndex on a RegEx object to a JavaScript object which has the function toString defined, you can run code although the JIT thinks that RegEx matching is side effect free."
Earlier this week, another exploit was found in a core iOS/macOS framework that could potentially be used for an iOS 12 jailbreak. But again, whether someone is ready to put in all the hard work to develop an iOS 12 jailbreak is a question that remains unanswered.
If you are really looking forward to jailbreaking your iPhone running iOS 12 – iOS 12.1, you should avoid updating it to iOS 12.1.1. And if you already have, follow the guide to downgrade back to iOS 12.1 from iOS 12.1.1 before Apple stops signing it.
Source: iphonehacks