When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for Android prior to 2.18.248 and WhatsApp Business for Android prior to 2.18.132.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 03 Sep 2025 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Whatsapp whatsapp Business
CPEs cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:business:android:*:* cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:android:*:*
Vendors & Products Whatsapp whatsapp Business

cve-icon MITRE

Status: PUBLISHED

Assigner: facebook

Published:

Updated: 2024-08-05T06:01:48.760Z

Reserved: 2018-01-26T00:00:00

Link: CVE-2018-6349

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-06-14T17:29:02.127

Modified: 2025-09-03T17:36:53.303

Link: CVE-2018-6349

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.