Update: Cox stated that the bug is not useful for breaking into Apple devices. Hype over.
To be clear: I do not have an iOS jailbreak, nor would I release it if I did. At some point I will write up the bug, which may be interesting to read about. It's not going to be useful for breaking into Apple devices.— Russ Cox (@_rsc) January 25, 2018
History may repeat itself. If you've been keeping up to date with the jailbreak community, you might know that Ian Beers exploit, async_wake, has already been used to create a fully working jailbreak for iOS 11. Unfortunately, the exploit supports up to iOS 11.1.2 which many users missed out on or lost after issues with their devices and the smörgåsbord of jailbreak tools which potentially caused issues and forced restores.
A, previously unknown by the jailbreak community, security researcher going under the name of Russ Cox has been confirmed to have discovered a kernel-level exploit in iOS 11.2 up to 11.2.1. The credibility comes from Apple's crediting the researcher in the changelog of iOS 11.2.5 where Apple credited "Russ Cox of Google".
Yes. Will tweet a link when I do.— Russ Cox (@_rsc) January 23, 2018
Cox states that the security vulnerability will be made public later and that he will "tweet a link" when he does release it. One part that's a little worrisome is the unenthusiastic tweet by Cox saying that the vulnerability is "honestly not that interesting":
Honestly not that interesting. You'll be disappointed.— Russ Cox (@_rsc) January 23, 2018
This could mean a couple of things. It could either mean that it's far from the researchers biggest achievements or that it's too weak to actually be useful for a jailbreak. The general assumption is the first statement as Apple mentioned that the exploit is capable of executing code with kernel privileges, which is a very good thing for jailbreak development:
"A malicious application may be able to execute arbitrary code with kernel privileges"
Cox has been quiet about the case since the second reply, however, as the news blow up we expect him to leave a full response regarding the matter. ModMy has reached out for comment regarding the situation and the article will be updated if new information surfaces.
What are your thoughts? Excited to see a kernel-level exploit for iOS 11.2? Let us know what you think in the comments section below!