CVEs-PoC/2017/CVE-2017-18173.md

### [CVE-2017-18173](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18173)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Mobile&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=SD%20425%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20427%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20430%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20435%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20450%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20625%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20810%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20820%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SD%20835%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SDM630%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SDM636%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=SDM660%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=Snapdragon_High_Med_2016%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE190%3A%20Integer%20Overflow%20or%20Wraparound&color=brightgreen)

### Description

In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins

#### Github
- https://github.com/ARPSyndicate/cvemon