Hacker TheFloW has confirmed that it will be announcing a new PS4 kernel exploit at the security conference TyphoonCon in Seoul this May. The hackers have not disclosed whether the conference will feature a full disclosure of the exploit or just a “simple” demonstration. This exploit takes advantage of a bug in the PS4's IPv6 protocol implementation. IPv6 appears to be a good source of vulnerability for this scene.
TyphoonCon and new PS4 kernel exploit by TheFloW
Typhooncon is an annual security conference founded in 2018. From the website:
TyphoonCon brings together security researchers for an extensive two-day world-class conference led by industry-leading experts, specialists, and innovators.
Typhoon Cong focuses on highly technical and offensive security issues such as vulnerability discovery, advanced exploitation techniques, and reverse engineering.Typhoon Cong is
It was founded on the belief that researchers want to share their research, discoveries, and experiences with other security enthusiasts.
We've known for quite some time that something “big” is coming to PS4 and PS5, as TheFloW himself announced in September 2023. A new rumor is circulating that a crash occurred in a proof of concept. is based on an old network vulnerability from 2006, and it is likely that he will be one of the vulnerabilities exploited by TheFloW in an upcoming presentation.
This could be a match, considering the hackers have said they are using the PlayStation's network protocols in their attacks.
This talk describes the successful exploitation of kernel vulnerabilities in network protocols on the FreeBSD-based PlayStation 4. Demonstrates how to exploit internals of the IPv6 protocol to achieve information leakage and redirect control flow to obtain RCE with kernel privileges on the console. The exploit strategy could also apply to his XNU as they share very similar code. Additionally, this exploit allows jailbreaking without requiring a user entry point such as a WebKit exploit.
There's a lot of information to reveal here, but here's what's interesting about this scene: This appears to be only for his PS4 (no mention of PS5) and will allow him to jailbreak. Currently, it is believed that this may work up to firmware 11.00, and that 11.02 has “something” patched, but the list of actually affected firmware is yet to be confirmed by hackers. Not.
What about PS5?
Surprisingly missing from the announcement is the PS5. As of now, the only kernel exploit published for PS5 is based on a vulnerability published by TheFloW himself in September 2022. Notably, that vulnerability was also based on his IPv6 vulnerability.
Hackers were thought to have focused their recent efforts on PS5 (and PS4 was “on top”). In particular, the much talked about PoC also crashes the PS5. However, the PS5 is known to be more difficult to hack than its predecessors, so TheFloW may have faced difficulties in attacking the PS5 with the same vulnerability. Or he simply chooses to enjoy his PS4. PS4 is the console he's now familiar with.
What do you do next?
If you own a PS4 and want to jailbreak it anew, our advice, as always, is to leave it alone. Stop console updates. Anyone running 11.02 or later is almost certainly at risk from this exploit.
It is still unclear if and when the exploit will be published after that. Of course, we hope this happens, but even if it does, it could take months before a successful jailbreak (in recent history, TheFloW has used his disclosure as an on-the-ground exercise). Jailbreak is actually implemented based on this)
If you're in Seoul from May 30th to 31st, why not attend the TyphoonCon conference? Tickets are $400 for two days (expected price for this type of event), and more information about the conference, Andy's talk, and tickets can be found here: https://typhooncon.com/playstation-4-kernel-rce- andy -Nguyen/
sauce: flow
