Buffer overflow in Facebook Whatsapp For Android

CVE-2018-6344

A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS pr…

Vulnerability class: Buffer Overflow

EPSS: 0.006 (68.5th percentile) — read the EPSS interpretation.

Affected products

Facebook Whatsapp For Android — versions 2.18.293, unspecified
Facebook Whatsapp For Ios — versions 2.18.93, unspecified
Facebook Whatsapp For Windows Phone — versions 2.18.172, unspecified

Weakness classification (CWE)

CWE-122 — Heap-based Buffer Overflow

References

googleprojectzero.blogspot.com/2018/12/adventures-in-video-conferencing-part-3… (x_refsource_MISC)
106365 (vdb-entry, x_refsource_BID)