Facepalm: Apple's iOS 15 (and of course, iPadOS 15) was a bug-ridden release. In addition to the many bugs that crippled the iPhone 13s, the operating system enabled at least zero-day vulnerabilities that Apple engineers had to quickly fix.
On Monday, Apple released an urgent security patch for Zero Day Defect in iOS 15 and iPadOS 15, which hackers are actively using. This patch was on the same day as iOS 15.0.1 was released.
This bug (CVE-2021-30883) causes a memory corruption error in IOMobileFrameBuffer, a kernel function that allows developers to customize how their applications are allocated. Use system memory to control the monitor. An application may be able to execute arbitrary code with kernel privileges, says Apple Patch Notes. "Apple is aware of a report that this issue has been actively exploited." However, shortly after the release of Apple iOS and iPadOS 15.0.2, security researcher Sar Ammar published a blog post explaining the abuse and creating a proof-of-concept (POC) scheme to show "100% of the occasions" business. Ammar said the flaw was "great for jailbreaks" because it was accessible from the app's sandbox.
Apple uses iOS 15.0.2 a few hours after 15.0.1 to fix today's bugs