Design/Logic Flaw

2019-06-1417:29:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON

When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. An off-by-one error meant that data was written beyond the allocated space on the stack. This issue affects WhatsApp for Android starting in version 2.18.180 and was fixed in version 2.18.295. It also affects WhatsApp Business for Android starting in version v2.18.103 and was fixed in version v2.18.150.

CPENameOperatorVersion
whatsappge2.18.103
whatsapplt2.18.150
whatsappge2.18.180
whatsapplt2.18.295

Name	Operator	Version
whatsapp	ge	2.18.103
whatsapp	lt	2.18.150
whatsapp	ge	2.18.180
whatsapp	lt	2.18.295

References

www.facebook.com/security/advisories/cve-2018-6339/