Security News > 2021 > September > WhatsApp Photo Filter Bug Could Have Exposed Your Data to Remote Attackers

A now-patched high-severity security vulnerability in WhatApp's image filter feature could have been abused to send a malicious image over the messaging app to read sensitive information from the app's memory.

Tracked as CVE-2020-1910, the flaw concerns an out-of-bounds read/write and stems from applying specific image filters to a rogue image and sending the altered image to an unwitting recipient, thereby enabling an attacker to access valuable data stored the app's memory.

Specifically, the issue was rooted in an "ApplyFilterIntoBuffer()" function that handles image filters, which takes the source image, applies the filter selected by the user, and copies the result into the destination buffer.

By reverse-engineering the "Libwhatsapp.so" library, the researchers found that the vulnerable function relied on the assumption that both the source and filtered images have the same dimensions and also the same RGBA color format.

Given that each RGBA pixel is stored as 4 bytes, a malicious image having only 1 byte per pixel can be exploited to achieve an out-of-bounds memory access since the "Function tries to read and copy 4 times the amount of the allocated source image buffer."

WhatsApp said it has "No reason to believe users would have been impacted by this bug." Since WhatsApp version 2.21.1.13, the company has added two new checks on the source image and filter image that ensure that both source and filter images are in RGBA format and that the image has 4 bytes per pixel to prevent unauthorized reads.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/rRknLTaJs5E/whatsapp-photo-filter-bug-could-have.html