CVE-2019-14040 PoC — 多款Qualcomm产品资源管理错误漏洞

Source

https://github.com/tamirzb/CVE-2019-14040

Associated Vulnerability

Title:多款Qualcomm产品资源管理错误漏洞 (CVE-2019-14040)
Description:Qualcomm MDM9206等都是美国高通（Qualcomm）公司的产品。MDM9206是一款中央处理器（CPU）产品。MDM9607是一款中央处理器（CPU）产品。SDX24是一款调制解调器。多款Qualcomm产品中的QSEE存在资源管理错误漏洞。攻击者可利用该漏洞造成产品异常，例如执行未知代码。以下产品及版本版本受到影响：Qualcomm APQ8009；APQ8017；APQ8053；APQ8096AU；APQ8098；MDM9150；MDM9206；MDM9207C；MDM9607；MDM

Description

PoC code for CVE-2019-14040

Readme

# CVE-2019-14040

Proof-of-concept code for CVE-2019-14040

More details about the vulnerability are available [in the blog post](https://blog.zimperium.com/multiple-kernel-vulnerabilities-affecting-all-qualcomm-devices).

If you have any questions, you are welcome to DM me on Twitter ([@tamir_zb](https://twitter.com/tamir_zb)).


## Build & Run

In order to build, run Android NDK's `ndk-build`.

In order to run the PoC, run the binary using the following command:

    LD_PRELOAD=libQSEEComAPI.so ./qseecom_uaf

Make sure to run it from a context where `/dev/qseecom` is accessible.

## Result

Running this on a Pixel 3 running Android 9 causes the kernel to panic. In
theory this PoC should work on other Android devices and versions without any
modifications but I have not tested it.

File Snapshot


 [4.0K]  /data/pocs/769b19408b031530674817a5b7fb51aa06f48fc1
├── [4.0K]  jni
│   ├── [ 263]  Android.mk
│   ├── [6.3K]  ion.h
│   ├── [6.0K]  msm_ion.h
│   ├── [ 10K]  QSEEComAPI.h
│   ├── [ 11K]  qseecom.h
│   └── [5.9K]  qseecom_uaf.c
├── [ 34K]  LICENSE
└── [ 793]  README.md

1 directory, 8 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!