CVEs-PoC/2017/CVE-2017-18124.md

### [CVE-2017-18124](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18124)
![](https://img.shields.io/static/v1?label=Product&message=Small%20Cell%20SoC%2C%20Snapdragon%20Automobile%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Wear&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=FSM9055%2C%20IPQ4019%2C%20MDM9206%2C%20MDM9607%2C%20MDM9625%2C%20MDM9635M%2C%20MDM9640%2C%20MDM9645%2C%20MDM9650%2C%20MDM9655%2C%20MSM8909W%2C%20MSM8996AU%2C%20SD%20210%2FSD%20212%2FSD%20205%2C%20SD%20410%2F12%2C%20SD%20425%2C%20SD%20430%2C%20SD%20450%2C%20SD%20615%2F16%2FSD%20415%2C%20SD%20617%2C%20SD%20625%2C%20SD%20650%2F52%2C%20SD%20800%2C%20SD%20810%2C%20SD%20820%2C%20SD%20820A%2C%20SD%20835%2C%20SD%20845%2C%20SD%20850%2C%20SDA660%2C%20SDX20%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20of%20Out-of-range%20Pointer%20Offset%20in%20Core&color=brightgreen)

### Description

During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins

#### Github
- https://github.com/ARPSyndicate/cvemon