An animated GIF is an image encoded in a graphics interchange format (GIF), which contains a number of images or frames in a single file and is described by its own graphic control extension. The frames are presented in a specific order in order to convey animation. An animated GIF can loop endlessly or stop after a few sequences. 

About the vulnerability…

A new vulnerability has been discovered in Watsapp which allows hackers to gain access to your files and messages by leveraging malicious
In a technical write-up on Github, a Singapore-based researcher has the flaw, noting that the security flaw arises from a double-free bug in WhatsApp. However, the vulnerability has been addressed by the company in version 2.19.244.
Here’s a short clip about the vulnerability that was discovered.

About CVE-2019-11932

A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service.

Here’s how WhatsApp’s double-bug puts your phone at risk

The WhatsApp double bug vulnerability can be exploited by sending a malicious GIF file to a user via any channel.

Once the GIF is on the phone, the attack gets triggered as soon as the user opens WhatsApp’s media gallery. Since WhatsApp shows previews of every media (including the malicious GIF), it will set-off the double-free bug and place the Remote Code Execution exploit.

How to use the vulnerability…

  • 1. send the GIF file to the user via any channel. One of them could be as Document via WhatsApp or If the attacker is in the contact list of the user (i.e. a friend), the corrupted GIF is downloaded automatically without any user interaction.
  • 2. User wants to send a media file to any of his/her WhatsApp friend. So the user presses on the Paper clip button and opens the WhatsApp Gallery to choose a media file to send to his friend. Take note that the user does not have to send anything because just opening the WhatsApp Gallery will trigger the bug. No additional touch after pressing WhatsApp Gallery is necessary.
  • 3.Since WhatsApp shows previews of every media (including the GIF file received), it will trigger the double-free bug and our RCE exploit.

How to protect yourself…

If you’re on an iPhone or iOS device, just head to your App store and hit ‘Update’ next to WhatsApp Messenger.

If you have an Android, go to your Play Store and tap ‘Update’.

“Automatic updates minimize the risk of delaying or forgetting to apply an update, and limit the chance that cybercriminals will gain access to your devices and sensitive personal and financial data.”

credits : Mudit dube,

By admin

One thought on “Watsapp had a bug that can be exploitable through a gif – CVE-2019-11932”

Leave a Reply

Your email address will not be published. Required fields are marked *