Hacker qwertyoruiop just released a Webkit exploit for PS4s running on Firmware 4.0x.
According to the hacker, the exploit works up to firmware 4.06 at least (update: users have independently confirmed this also works on firmware 4.07), but it has been patched in firmware 4.50. People have confirmed the exploit seems to behave as expected on their 4.0x PS4, others have confirmed it works on firmware 3.55 as well.
This is what this should look like if your PS4 is vulnerable to the exploit:
screenshot by @DJShinter
On firmware 4.50, this is the (self explanatory) error you’ll get:
Screenshot by @walidboy23
Details on the PS4 4.0x Webkit exploit
I assume people can start digging into the details of the exploit, however qwertyoruiop gave the precision that the exploit is triggered by a Use After Free vulnerability. We might see a writeup on the vulnerability at some point.
What does the PS4 4.0x Webkit Exploit mean to the end user?
This is not a full console jailbreak, simply a usermode exploit within webkit at this point. The hacker gave the precision that this gives you arbitrary read/write, meaning hackers can start poking into memory. I would expect an upcoming release of known tools such as PS4 playground for tinkerers to easily start playing.
In other words, this is not something that is directly useful to the end user, and does not imply any jailbreak is coming soon (Firmware 3.55 has had a webkit exploit for quite some time now, but is still not fully hacked). Nevertheless, this is the first public released exploit for PS4 in a very long time (the last release was a 3.55 Webkit PoC in August 2016), and could trigger some further releases if it sparkles interest in the scene.