A non-trivial amount of the iOS platform has been rev-eng'd (incidentally, largely with IDA and those kernel sources to create binaries with intact symbols + binary comparison heuristics[1]). XNU is largely based on FreeBSD so I'd be surprised if that wasn't an additional vehicle people were using (In a similar vein, fail0verflow used the syscode table information from FreeBSD with WebKit and ROPgadgets to fully compromise the PS3.)

RE: this specific exploit, here's the POC making it around the security sphere (thanks @heisecode!) https://github.com/heisecode/Bug_POCs

[1] https://static.googleusercontent.com/media/www.zynamics.com/...

Apple continues to open source their version of XNU, although there has been an increasing lag between the release of each OS version and the corresponding sources. The latest available sources are from 10.11.2, three minor versions behind.

Apple has also shifted to pushing a lot of sensitive/proprietary code into kernel extensions (the new Apple File System being one example), for which they don't release source code (generally speaking).