CVEs-PoC/2018/CVE-2018-11264.md

### [CVE-2018-11264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11264)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Automobile%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Wear&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Copy%20Without%20Checking%20Size%20of%20Input%20in%20Biometrics&color=brighgreen)

### Description

Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660.

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins

#### Github
No PoCs found on GitHub currently.