Less than two weeks after Apple was accused of being reckless over an iOS security vulnerability, the company has addressed the problem, issuing a patch for iPhone and iPad devices.
The new security update tackles a recently discovered denial of service vulnerability, named “doorLock”. The vulnerability, first uncovered by security researcher Trevor Spiniolas, affects Apple HomeKit, in iOS versions 14.7 through 15.2. HomeKit is a software platform for the creation of smart home apps.
To demonstrate the problem, Spinolas recorded a short YouTube video. In it, he describes how to abuse the flaw, showing that all it takes is for a malicious actor to rename the HomeKit device to something with more than 500,000 characters.
Endless loop of freezes and reboots
An iOS app with access to Home data could, theoretically, change HomeKit device names, even if the target endpoint has no Home devices added. Given that this is not a “de jure” vulnerability, it’s a big question how antivirus apps would address it. There are no malware out there, abusing this flaw.
The device trying to load the long name would just freeze, with the user having no other way but to hard reset it. To add insult to injury, the reset would delete all stored data, and as soon as the device signs back into iCloud linked to the HomeKit device, it would freeze all over again.
Spinolas said he notified Apple of the bug in August last year, to no avail. However, Apple has now fixed the issue, in OS 15.2.1 and iPadOS 15.2.1 by adding improved input validation.
All iPad Pro models, all iPhones from the model 6 onwards, all iPad Air devices from the model 2 onwards, all iPads from the fifth generation to newer, all iPad minis, starting from version 4, as well as the seventh generation of iPod touch devices, are now protected.
- You might also want to check out our list of the best firewalls right now