Researchers from checkpoint have identified a new vulnerability using which an attacker could have exploited a high security vulnerability using which an adversary read sensitive information from the memory of an application simply through the message app by sending a specially crafted image. The vulnerability with CVE-2020-1910 can crash WhatsApp by switching between various filters on malicious GIF files .
“Check Point Research (CPR) recently revealed a new Out-Of-Bounds read-write vulnerability in the popular messaging application. The issue, which has been patched and remains theoretical, would have required complex steps and extensive user interaction in order to exploit, and could have allowed an attacker to read sensitive information from WhatsApp memory. WhatsApp confirmed that they saw no evidence of abuse related to this vulnerability.” reads the advisory.
Whatsapp has also released a statement to this vulnerability which states “This report involves multiple steps a user would have needed to take and we have no reason to believe users would have been impacted by this bug. That said, even the most complex scenarios researchers identify can help increase security for users. As with any tech product, we recommend that users keep their apps and operating systems up to date, to download updates whenever they’re available, to report suspicious messages, and to reach out to us if they experience issues using WhatsApp.”
Whatsapp had released the fix in the version 188.8.131.52 during the February month security updates which had introduced two new checks in source image and filter image as like below:
- Validates that the image format equals 1 (ANDROID_BITMAP_FORMAT_RGBA_8888). This means that both source and filter images must be in RGBA format.
- Validates image size by checking that the (stride*height)/4 equals width*height.
Because “stride” equals the number of bytes per pixel multiplied by width, the second check actually ensures that the image indeed has 4 bytes per pixel.