Buffer overflow in Facebook Whatsapp Business For Android

CVE-2018-6339

When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. An off-by-one error meant that data was written beyond the allocated space on the stack. This issue affec…

Vulnerability class: Buffer Overflow

EPSS: 0.004 (63.2th percentile) — read the EPSS interpretation.

Affected products

Facebook Whatsapp Business For Android — versions 2.18.150, 2.18.103, unspecified
Facebook Whatsapp For Android — versions 2.18.295, 2.18.180, unspecified

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

References

www.facebook.com/security/advisories/cve-2018-6339/ (x_refsource_MISC)