Older, jailbroken iPhones or Apple TVs possibly susceptible to CPU kernel vulnerability

By Mike Wuerthele

An ARM security update for the Cortex A8, Cortex A9, and Cortex A15 processors issued late on Wednesday suggests that older Apple iOS-based devices may be impacted by the CPU bug -- but they would have to be jailbroken, and running malware locally for the exploit to work.

ARM published developer documentation on Wednesday night talking about the trio of exploits, and they impacts ARM devices. CPUs by the company listed as affected include the Cortex A8, Cortex A9, and Cortex A15 processors -- the cores of which are found in Apple's A4, A5, A5X, and A6 chips.

On Thursday, 9to5Mac first collated a list of devices impacted by the flaw based on the ARM document, they include the iPhone 4, iPhone 4S, iPhone 5, and iPhone 5C. Apple's iPads possible affected include the original iPad, iPad 2, third generation iPad, and first generation iPad mini. The second and third generation Apple TV also utilize the possibly affected processor, as do the fourth and fifth generation iPod Touch.

It is possible that Apple's implementation of the Cortex processor silicon isn't impacted by the bug, given how Apple requires kernel memory to be handled, or what Apple may have done to the processors for use in an iOS device. Apple has issued no statement on the attack as of yet, but is clearly aware of it, as it already patched most if not all of the avenues of attack in macOS for modern hardware in December.

Apple is not currently shipping any of the afflicted devices. None of the possibly afflicted devices are still supported by Apple, either for repairs at a Genius Bar, or in software.

Devices like the original iPad are stuck on iOS 5, with the more recent devices left behind on iOS 9. The curated and managed aspect of the Apple iOS App Store has probably precluded any attack on older iPhones and iPads, given the review process and the apparent lack of any attack in the wild utilizing the exploit. The Apple TV units that use the afflicted processors had no app store, so only jailbroken units would have any chance of being impacted.

Linux and Android devices using the afflicted processors may or may not get an update. ARM refers users of those devices to install mitigations, or to check with Google regarding patches.