WhatsApp Photo Filter Bug Allows Sensitive Info to Be Lifted

2021-09-02 12:28

Image filters are of course the built-in visual-effects tools in WhatsApp used to change the color, saturation, tone, sharpness and more of a photo taken.

"Src jbitmap" - Represents the input image.

It first calls to a function called "AndroidBitmap getInfo" to get data about the source and filter image, which results in a structure called "AndroidBitmapInfo".

The fixed function has two new checks on the source image and filter image, according to CPR:. Validates that the image format equals 1.

Validates image size by checking that the/4 equals width*height.

Because "Stride" equals the number of bytes per pixel multiplied by width, the second check actually ensures that the image indeed has 4 bytes per pixel.

News URL

https://threatpost.com/whatsapp-photo-filter-bug-allows-sensitive-info-to-be-lifted/169141/

#whatsapp

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Whatsapp		5	1	11	13	16	41