WhatsApp Photograph Filter Bug Might Have Uncovered Your Knowledge to Distant Attackers


A now-patched high-severity safety vulnerability in WhatApp’s picture filter characteristic may have been abused to ship a malicious picture over the messaging app to learn delicate data from the app’s reminiscence.

Tracked as CVE-2020-1910 (CVSS rating: 7.8), the flaw considerations an out-of-bounds learn/write and stems from making use of particular picture filters to a rogue picture and sending the altered picture to an unwitting recipient, thereby enabling an attacker to entry invaluable knowledge saved the app’s reminiscence.

“A lacking bounds examine in WhatsApp for Android previous to v2.21.1.13 and WhatsApp Enterprise for Android previous to v2.21.1.13 may have allowed out-of-bounds learn and write if a person utilized particular picture filters to a specially-crafted picture and despatched the ensuing picture,” WhatsApp noted in its advisory printed in February 2021.

Cybersecurity agency Check Point Analysis, which disclosed the problem to the Fb-owned platform on November 10, 2020, stated it was capable of crash WhatsApp by switching between numerous filters on the malicious GIF information.

Particularly, the problem was rooted in an “applyFilterIntoBuffer()” operate that handles picture filters, which takes the supply picture, applies the filter chosen by the person, and copies the consequence into the vacation spot buffer. By reverse-engineering the “libwhatsapp.so” library, the researchers discovered that the weak operate relied on the idea that each the supply and filtered photographs have the identical dimensions and likewise the identical RGBA colour format.

Given that every RGBA pixel is saved as 4 bytes, a malicious picture having just one byte per pixel may be exploited to realize an out-of-bounds reminiscence entry for the reason that “operate tries to learn and replica 4 occasions the quantity of the allotted supply picture buffer.”

WhatsApp stated it has “no motive to imagine customers would have been impacted by this bug.” Since WhatsApp model, the corporate has added two new checks on the supply picture and filter picture that make sure that each supply and filter photographs are in RGBA format and that the picture has 4 bytes per pixel to forestall unauthorized reads.

Source link