WhatsApp Image Filter Bug Vulnerability Unveiled

WhatsApp Image
WhatsApp Image

A new vulnerability in WhatsApp that could allow an cyber attacker to read information from the WhatsApp memory.

According to Check Point Research (CPR) research, a new Out-Of-Bounds read-write vulnerability in the popular messaging application. The issue, which has been patched and remains theoretical, would have required complex steps and extensive user interaction in order to exploit, and could have allowed an attacker to read sensitive information from WhatsApp memory.

The vulnerability related to the WhatsApp image filter functionality and was triggered when a user opened an attachment that contained a maliciously crafted image file, then tried to apply a filter, and then sent the image with the filter applied back to the attacker.

Check CVE-2020-1910 Details

A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image.

The vulnerable function takes as input 3 AndroidBitmap objects:

“src_jbitmap” – Represents the input image.
“flt_jbitmap” – Represents the filter to apply.
“dst_jbitmap” – Holds the result of the new image.

The vulnerable function first calls to “AndroidBitmap_getInfo” on the source and filter images to get the struct “AndroidBitmapInfo”.

The structure holds the following members: “width”, “height”, “stride” (number of bytes per row), “format” and “flags”.

Also See: WhatsApp Chats on Google Search

WhatsApp Response

“People should have no doubt that end-to-end encryption continues to work as intended and people’s messages remain safe and secure,” WhatsApp said in a statement. “This report involves multiple steps a user would have needed to take and we have no reason to believe users would have been impacted by this bug.

That said, even the most complex scenarios researchers identify can help increase security for users. As with any tech product, we recommend that users keep their apps and operating systems up to date, to download updates whenever they’re available, to report suspicious messages, and to reach out to us if they experience issues using WhatsApp.”

WhatsApp Update

WhatsApp fixed the vulnerability in the version 2.21.1.13.

You need to check your WhatsApp as well as your Mobile operating system too for updation.

The fixed function has two new checks on the source image and filter image:

  • Validates that the image format equals 1 (ANDROID_BITMAP_FORMAT_RGBA_8888). This means that both source and filter images must be in RGBA format.
  • Validates image size by checking that the (strideheight)/4 equals widthheight.
  • Because “stride” equals the number of bytes per pixel multiplied by width, the second check actually ensures that the image indeed has 4 bytes per pixel.

WhatsApp Faces Biggest Fine $267 Million For Breaching European GDPR.

Techcrunch reported, Ireland’s Data Protection Commission (DPC) has just announced a €225 million (~$267M) for WhatsApp.

In a statement responding to the DPC’s decision, WhatsApp disputed the findings and dubbed the penalty “entirely disproportionate” as well as confirming it will appeal, writing:

“WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate. We will appeal this decision.”

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Previous Article
DNSMonster

DNSMONSTER- Passive DNS Capture/Monitoring Framework

Next Article
403Bypasser

403bypasser - To Bypass 403 Restricted Directory

Related Posts
Total
0
Share