Buffer overflow in Facebook Whatsapp Business For Android

CVE-2021-24041

A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image.

Vulnerability class: Buffer Overflow

EPSS: 0.009 (76.1th percentile) — read the EPSS interpretation.

Affected products

Facebook Whatsapp Business For Android — versions unspecified, v2.21.22.7
Facebook Whatsapp For Android — versions unspecified, v2.21.22.7

Weakness classification (CWE)

CWE-122 — Heap-based Buffer Overflow

References

www.whatsapp.com/security/advisories/2021/ (x_refsource_CONFIRM)