CVE-2020-1910

Name of the Vulnerable Software and Affected Versions WhatsApp versions prior to v2.21.1.13 WhatsApp Business versions prior to v2.21.1.13

Description The issue is related to a missing bounds check in the applyFilterIntoBuffer() function, which can lead to out-of-bounds read and write. This can occur when a user applies specific image filters to a specially crafted image and sends the resulting image. The vulnerability can allow a remote attacker to cause a denial of service or access sensitive information from the WhatsApp memory.

Recommendations For WhatsApp versions prior to v2.21.1.13, update to version v2.21.1.13 or later. For WhatsApp Business versions prior to v2.21.1.13, update to version v2.21.1.13 or later. As a temporary workaround, consider avoiding the use of specific image filters in WhatsApp until the issue is resolved.