WhatsApp fixed a severe heap corruption bug in its non-WebRTC video conferencing implementation which could allow attackers to crash the iOS and Android builds by sending a malformed RTP packet when calling the victim.
As detailed in Natalie Silvanovich's bug report, the vulnerability could have been exploited by a malicious party with the knowledge needed to create and send a malformed RTP packet to the WhatsApp mobile app for iOS and Android.
The WhatsApp RTP heap corruption issue was first reported on August 31 by the Google Project Zero team member, and it was fixed on September 28 in WhatsApp for Android and on October 3 for the iOS counterpart.
Silvanovich says in her report that the issue was triggered when a WhatsApp user received a video call containing the malicious RTP packet designed to crash the mobile application by inducing a memory corruption error.
The memory corruption error that could crash WhatsApp on iOS and Android devices is now fixed
The Google Project Zero researcher also provides a proof-of-concept which can be used to exploit vulnerable versions of WhatsApp after being applied on the attacker's device.
"Restart WhatsApp and call the target device and pick up the call. The device will crash in a few seconds," is the final step needed to reproduce the issue according to "WhatsApp: Heap Corruption in RTP processing" issue description.
Ann Yeh, a WhatsApp spokeswoman told Reuters in an e-mail that “We routinely engage with security researchers from around the world to ensure WhatsApp remains safe and reliable. We promptly issued a fix to the latest version of WhatsApp to resolve this issue.”
According to Mark Zuckerberg, Whatsapp passed the 1 billion user mark in 2016, and it has apps for all popular desktop and mobile operating systems (e.g., iOS, Android, Windows, macOS).
Memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation http://t.co/5sCmNznh4P — Natalie Silvanovich (@natashenka) October 9, 2018