Edit: After looking through the PSJailbreak writeup it seems like they are really similar after all. Both target the descriptors allocated on the heap.
Yeah, very similar. They both use time-of-allocation vs time-of-use style attacks on the length of the descriptor to trigger some kind of buffer overflow which corrupt heap data structures.
However the PSJailbreak writeup doesn't actually go into details of the buffer overflow (it wasn't written by the original exploiter, just by people re-implementing it; They didn't care enough to fully work out how it worked) so it's not clear if it's the byte-swapping function that was overflowing, or some other function.
