CVEs-PoC/2018/CVE-2018-5867.md

### [CVE-2018-5867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5867)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Automobile%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Wear&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20in%20TrustZone&color=brighgreen)

### Description

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins

#### Github
No PoCs found on GitHub currently.