PT-2019-11019 · Facebook · Whatsapp For Android+1

Published

2019-06-14

Updated

2025-09-03

CVE-2018-6339

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: WhatsApp for Android versions 2.18.180 through 2.18.294 WhatsApp Business for Android versions 2.18.103 through 2.18.149

Description: The issue arises from a stack allocation failure when receiving calls using WhatsApp on Android, specifically due to an off-by-one error that causes data to be written beyond the allocated space on the stack.

Recommendations: For WhatsApp for Android versions 2.18.180 through 2.18.294, update to version 2.18.295 or later. For WhatsApp Business for Android versions 2.18.103 through 2.18.149, update to version 2.18.150 or later.

Fix

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119

Related Identifiers

CVE-2018-6339

Affected Products

Whatsapp Business For Android

Whatsapp For Android

PT-2019-11019 · Facebook · Whatsapp For Android+1

CVE-2018-6339

Weakness Enumeration

Related Identifiers

Affected Products

References · 4