Mai bincike axi0mX wani rauni a cikin bootrom loader na Apple na'urorin, wanda ke aiki a farkon mataki na taya, sa'an nan kuma canja wurin iko zuwa iBoot. Rashin lahani mai suna checkm8 kuma yana ba ka damar samun cikakken iko akan na'urar. Za a iya amfani da damar da aka buga don kewaya tabbatarwar firmware (Jailbreak), tsara booting sau biyu na sauran OS da nau'ikan iOS daban-daban.
Matsalar sanannen abu ne saboda Bootrom yana cikin ƙwaƙwalwar NAND mai karantawa kawai, wanda baya ba da izinin gyara matsalar a cikin na'urorin da aka riga aka saki (za'a iya gyara raunin kawai a cikin sabbin na'urori). Matsalar tana shafar A5 ta hanyar A11 SoCs da aka yi amfani da su a cikin samfuran da aka gina tsakanin 2011 da 2017, kama daga iPhone 4S zuwa ƙirar iPhone 8 da X.
An riga an haɗa sigar farko ta lambar don cin gajiyar rauni a cikin buɗaɗɗen kayan aikin (GPLv3). , tsara don cire dauri zuwa Apple firmware. Amfani a halin yanzu yana iyakance ga ayyukan ƙirƙirar juji na SecureROM, ɓarna maɓallan don firmware na iOS, da kunna JTAG. Cikakken tsarin yantad da sabon sakin iOS yana yiwuwa, amma har yanzu ba a aiwatar da shi ba saboda yana buƙatar ƙarin aiki. Currently, the exploit has already been adapted for SoC s5l8947x, s5l8950x, s5l8955x, s5l8960x, t8002, t8004, t8010, t8011 and t8015b, and in the future it will be expanded with support for s5l8940x, s5l8942x, s5l8945x, s5l8747 7000x, t7001, t7002, s8000, s8001, s8003, s8012 da tXNUMX.
source: budenet.ru