Memory Exhaustion in Open Whisper Signal for iOS
CVE-2018-16132

8.6HIGH

Key Information:

Vendor: Signal
Status: Signal
Vendor: CVE Published:; 29 August 2018

What is CVE-2018-16132?

The image rendering component in the Open Whisper Signal app up to version 2.29.0 for iOS does not adequately validate the size of incoming images. This oversight allows attackers to send disproportionately large images, which, when processed, can deplete the device's available memory. Consequently, this can lead to the application crashing and potentially force a restart of the user's device.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/bugtraq/2018/Aug/57

x_refsource_MISC

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 29, 2018
Vulnerability Reserved
Aug 29, 2018

JSON

Signal

What is CVE-2018-16132?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.