CVE-2018-6339

Published: Jun 14, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. An off-by-one error meant that data was written beyond the allocated space on the stack. This issue affects WhatsApp for Android starting in version 2.18.180 and was fixed in version 2.18.295. It also affects WhatsApp Business for Android starting in version v2.18.103 and was fixed in version v2.18.150.

Vendor	Product	Versions
Facebook	WhatsApp for Android	affected `2.18.295` affected `2.18.180 - < unspecified` unaffected `unspecified - < 2.18.180`
Facebook	WhatsApp Business for Android	affected `2.18.150` affected `2.18.103 - < unspecified` unaffected `unspecified - < 2.18.103`

Weaknesses (CWE)

CWE-121

References

https://www.facebook.com/security/advisories/cve-2018-6339/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-6339

Description

Affected Products

Weaknesses (CWE)

References