Hacker finds vulnerability in PS4 kernel that allows potential jailbreak
A hacker has discovered a vulnerability in the kernel of the PlayStation 4. He has made the exploit public, which could create a jailbreak that runs on firmware version 6.72 or lower.
The bug is a use after free exploit that can be exploited via the WebKit sandbox in the PlayStation 4. A local privilege escalation must be done via WebKit, after which a hacker can free a buffer and thus obtain kernel rights.
The discovered vulnerability is in console firmware version 7.02 and older; that firmware came out at the end of 2019. However, the exploit can only be exploited in conjunction with the privilege escalation in WebKit. It is in firmware versions up to 6.72, so users who are on a higher version are safe from it.
hacker Andy Nguyen brought the vulnerability to Sony’s attention in March through the company’s PlayStation bug bounty program on Hacker One. Sony paid out $10,000 as a reward. It is striking that Sony has agreed to the publication of details of the leak. When Sony launched the PlayStation program on HackerOne, the company said exploits should be kept quiet.
Since Nguyen has also published a proof-of-concept, it is theoretically possible to jailbreak the console. Therefore, they must be at most firmware version 6.72, at least until another WebKit exploit becomes known. There hasn’t been a jailbreak for Sony’s console for a long time.