CVEs-PoC/2017/CVE-2017-2729.md

### [CVE-2017-2729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2729)
![](https://img.shields.io/static/v1?label=Product&message=Honor%205A&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Versions%20earlier%20than%20CAM-TL00C01B193%2CVersions%20earlier%20than%20CAM-TL00HC00B193%2CVersions%20earlier%20than%20CAM-UL00C00B193%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Overflow&color=brightgreen)

### Description

The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ethicalhackeragnidhra/BootStomp
- https://github.com/ucsb-seclab/BootStomp