CVE-2023-38538

🗓️ 04 Oct 2023 19:10:49Reported by facebookType

Race condition in event subsystem causes heap use-after-free issue in audio/video calls, leading to app termination or unexpected control flo

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2023-38538	4 Oct 202320:15	–	attackerkb
Circl	CVE-2023-38538	5 Oct 202300:13	–	circl
CNNVD	WhatsApp Competitive Conditions Issue Vulnerability	4 Oct 202300:00	–	cnnvd
CVE	CVE-2023-38538	4 Oct 202319:10	–	cve
EUVD	EUVD-2023-42337	3 Oct 202520:07	–	euvd
NVD	CVE-2023-38538	4 Oct 202320:15	–	nvd
OSV	CVE-2023-38538	4 Oct 202320:15	–	osv
Prion	Race condition	4 Oct 202320:15	–	prion
Positive Technologies	PT-2023-26502 · Facebook +1 · Whatsapp Business For Android +6	4 Oct 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-38538	23 May 202504:08	–	redhatcve

[
  {
    "defaultStatus": "affected",
    "product": "WhatsApp Desktop for Mac",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "2.2338.12",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "WhatsApp Desktop for Windows",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "2.2320.2",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "WhatsApp Business for iOS",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "2.23.10.77",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "WhatsApp for iOS",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "2.23.10.77",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "WhatsApp Business for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "2.23.10.77",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "WhatsApp for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "2.23.10.77",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
whatsapp	www.whatsapp.com/security/advisories/2023/

04 Oct 2023 19:10Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15

EPSS0.00202