If you’ve been following along during the past couple of days, especially following the release of iOS & iPadOS 17.5, then you’ve likely heard about the new PoC for a kernel vulnerability in AppleAVD impacting iOS & iPadOS 17.4.1 and older called CVE-2024-27804, which Apple cited as having the potential impact for an app to execute arbitrary code with kernel privileges
Just yesterday, following Apple’s release of iOS & iPadOS 17.5, security researcher Meysam Firouzi (@RootkitSMM) took to X (formerly Twitter) and said that they planned to publish a proof of concept (PoC) for a kernel vulnerability impacting iOS & iPadOS 17.4.1 and older dubbed CVE-2024-27804.
Apple on Monday released iOS & iPadOS 17.5, with a substantial part of that update incorporating a handful of security patches. At the very top of Apple’s “About the security content of iOS 17.5 and iPadOS 17.5” web page is CVE-2024-27804, a peculiar kernel vulnerability in AppleAVD which had the potential impact of an app being able to execute arbitrary code with kernel privileges.
You may recall that Apple recently started signing iOS & iPadOS 17.3.1 again for unknown reasons after initially unsigning it. In effect, this meant that iPhone and iPad users could downgrade to iOS & iPadOS 17.3.1 from newer firmware again because Apple’s online servers would have provided the green flag necessary to move forward with it.