CVE-2018-6339
N/A
N/A
Summary
When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. An off-by-one error meant that data was written beyond the allocated space on the stack. This issue affects WhatsApp for Android starting in version 2.18.180 and was fixed in version 2.18.295. It also affects WhatsApp Business for Android starting in version v2.18.103 and was fixed in version v2.18.150.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| WhatsApp for Android | 2.18.295 | affected | |
| WhatsApp for Android | 2.18.180 < unspecified | affected | |
| WhatsApp for Android | unspecified < 2.18.180 | unaffected | |
| WhatsApp Business for Android | 2.18.150 | affected | |
| WhatsApp Business for Android | 2.18.103 < unspecified | affected | |
| WhatsApp Business for Android | unspecified < 2.18.103 | unaffected |
Weaknesses
- CWE-121: Stack-based Buffer Overflow (CWE-121)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.