Pod2G Finds Another Exploit to Jailbreak iPod Touch 2G

Pod2G has found another exploit for the iPod touch 2G that may be used to provide a jailbreak for both MC and non-MC models.

A heap overflow exists in the iPod touch 2G (both old and new) bootrom’s DFU Mode when sending a USB control message of request type 0xA1, request 0×1.

On newer devices, the same USB message triggers a double free() when the image upload is marked as finished, also rebooting the device (but that’s not exploitable because the double free() happens in a row). posixninja analyzed and explained this one.

Geohot: There is an Unreleased Exploit in Every iPhone, iPad, iPod [Video]
RedSn0w Updated to Jailbreak iOS 4.1 on iPhone 3G, iPod Touch 2G

Related posts brought to you by Yet Another Related Posts Plugin.

This entry was posted by shadow on September 21, 2010 at 9:41 am, and is filled under Uncategorized. Follow any responses to this post through RSS 2.0. You can skip to the end and leave a response. Pinging is currently not allowed.