ATV2 iOS 5.2.1 release downgrade attempts (Solved)


I had a perfectly working FC jailbreak going with 9B179b (5.0 / 5.1), and I was eyeing the 5.2 release for a few weeks.  So I decided today that I wanted to have an untethered version finally so I could actually have a nice stable version with xbmc 12.1 having 11.1 prior.  Was anxious to do the 5.2 update and release.

Of course I didn’t see that all the ATV release became 5.2.1 and now I’m completely FUBAR!!!  NO!!!

Even worse, I figured that my 3194 error was related to some bug with the blobs, and a few other sites recommened to do a proper restore before doing the jailbreak version so I DID A REGULAR RESTORE WITH ITUNES BRINGING IT TO 5.2.1 without me realizing it.  DAMMIT!

So although I have my saved blobs for 5.0, Seas0nPass says my ATV is not eligible for this release, and even downgrading the iTunes to 10.7 and trying to force the old SP IPSW that I had from before, although tethered, spits out an error 11.

I’m kicking myself in the arse so badly right now.  :frowning:

If you think there may be anything I can try given I still have saved blobs despite the fact I did actualy upgrade to 5.2.1… open to suggestions. 

Might as well… nothing else I can do…

Current solution here:

I´m in the same case as you, f***!! I hope someone can help us…

me too, f my life

I currently havwe a 5.2 installed on a Jailbroken Apple TV 2. Running ATV Flash

I want to remove ATV Flash, things aren’t working properly and I am just plain not enjoying the program.

Is there anyway I can go about doing this without having to restore to 5.2.1???


How do I go about it then?

Well I able to successfully downgrade my ATV to 5.0_9B179b, using iFaith to make a pre-signed ipsw.

Problem is, I believe that’s a tethered only release, and sn0wbreeze, it only can verify 5.0_9B206f… so my blobs were useless with it.

I tried seas0npass again as it was saying the ATV wasn’t eligible thinking that perhaps with the new downgrade it is, however it’s also saying “not eligible”?

So seems I can downgrade to what I had before, but as it’s tethered, sn0wbreeze can’t help me and seas0npass (which jailbroke this thing before, albeit tethered) won’t recognize it.

So seems like I’m truely screwed.  Althought I do have blobs, and can downgrade it… not much use if I still cannot jailbreak it.



Follow this thread will help

Thanks for the link, but as I mentioned in my post:

  • sn0wbreeze doesnt support tethered ipsw’s - neither selectable in the pulldown nor if you force it to load a valid ipsw from apple
  • I only have the shsh blobs for 1 tethered release (the one I first jailbroke).
  • seas0npass doesnt recognize the atv2 even after downgrading.

Ironically the only reason I bothered starting this process was the fact I wanted to move to an UNtethered release, and I missed the signing window by freaking 48 hours.

So what I need is a solution that:

  • jailbreaks tethered versions of ipsw’s
  • or allow seas0npass to not reject my atv2


I see what do you mean now… but just curious have you try to use ifaith to see if you happen to have other shsh blobs saved? might want to try that first see if you do have then you are save if you are not then i guess either you have to wait or go back to tether jailbreak again lol

At this point of time only sn0wbreeze and ifaith will be a solution for you… no otherway around. Seas0npass will not work any more to jailbreak device because apple already stopped signing older firmware…

I am in the same boat. Thought I would update today and found myself in this mess. Is there any solution for osx with ifaith and sn0wbreeze. I think I am SOL on the OSX side. 

Oh man, this does not look good at all.  Found this from another site referencing this:

(aka specific release to address jailbreaking loopholes)

I am so hating myself now, this looks to be a very long wait for those of us that must.

Apple TV 5.2.1

  • Apple TVAvailable for: Apple TV 2nd generation and later

    Impact: A local user may be able to execute unsigned code

    Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.


    CVE-2013-0977 : evad3rs

  • Apple TVAvailable for: Apple TV 2nd generation and later

    Impact: A local user may be able to determine the address of structures in the kernel

    Description: An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context.


    CVE-2013-0978 : evad3rs

  • Apple TVAvailable for: Apple TV 2nd generation and later

    Impact: A local user may be able to execute arbitrary code in the kernel

    Description: The IOUSBDeviceFamily driver used pipe object pointers that came from userspace. This issue was addressed by performing additional validation of pipe object pointers.


    CVE-2013-0981 : evad3rs



It is already stated on many sites that the new update closed 4 of 7 exploits, but evad3rs has put out a statement that they are holding on to a handful of other exploits for future jailbreaks.

Ah, I didn’t pickup on that MightyJew. Thanks for clarifying and good to know.

With my luck that means the next release with be a tethered release and I’ll be back where I started. :smiley:

You know that if you’re ok with just a tethered jailbreak for now this firmware below here can be flashed on atv 2 with any firmware even 5.2.1 and you’ll get a tether jailbreak running 4.4.2. I’ve used this several times before. this is my backup plan for when apple stop signing and I have an atv2 that isn’t on a jailbreakable version without any shsh blobbed save.

Thanks for the link, so do you simply shift-restore from an iTunes 10.7 to install this signed version and then do a tethered boot from Seas0nPass?

I will give it a shot, although it’s slow to download without a subscription.  If this works… dang.  You’ll be my hero.

EDIT:  Ahh… you referring to this litte gem?

EDIT #2: 

Nope, Guess not. 

That link’s procedure didn’t work but downloading your prior ipsw didn’t either.  How do I flash your ipsw on a 5.0/5.1, and likewise how do I tether it?  Seas0nPass will seem not to tether prior versions and even prior versions of SP itself I ran seemed to still talk about 5.2 (perhaps a windows reg key?).

So what I can do:

  • Downgrade to an unjailbroken 5.0_9B179b

Would like to clarify:

  • How to flash your ipsw (thanks btw!)
  • boot tethered - from which app, and recommended method

Tank ya.


Yes once you download the firmware you don’t have to do anything else except shift restore. then afterwards I use seasonpass to tetherboot the device. You might try putting your atv2 in pwned mode first then flash it. I’ve had more success flashing custom firmware in that mode. Also when boot tethering from season pass right click the boot tether button. this will let you choose which firmware boot tether you want. choose 4.4.2

FYI that link to the thread you have there isn’t exactly the same. That link assumes you have an shsh blob. This firmware was made by some generic shsh blob someone made. I was surprise the first time I flashed this that it worked even though it was made from an shsh blob that didn’t belong to my ATV2.

Ok clear.
I did use iRef to put it into pwned mode, tried flashing it but got a 1604 error. Will try again using other methods and let you know.

Also which version of seas0npass should I use? I saw something odd last night. I have about 3-4 versions of seas0npass that I was using and each time:

  • tethered pull down only referenced the last ipsw at the time that SP version was released
  • even if I selected the pull down version or I simply clicked on the tethered boot button it gave a pop up saying that 5.2 doesn’t require a tether!
    So something is telling those versions that I attempted to run a 5.2 JB.
    Any idea how to get around that or force SP to tethered boot a 4.4.2?

Appreciate your help…

I’m in the exact same boat with my brother-in-law’s ATV2 on 9B179b.


Tried all suggestions that can be found on internet for the past 2 days, but it seems we’re screwed :frowning:

Will follow this topic with great interest!

well in case it helps here’s the version of the software I use and my season pass doesn’t pop up with that message.


If I had an atv2 that isn’t jailbroken or has a tethered jailbreak I would go through the process again for you but currently all my atv2 are untethered and I’d rather not risk going back to tethered jailbreak.