CVE-2021-31323 : Security Advisory and Response
Learn about CVE-2021-31323 impacting Telegram Android, iOS, and macOS versions below 7.1, allowing remote attackers to corrupt heap memory via animated stickers.
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. This vulnerability could allow a remote attacker to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
Understanding CVE-2021-31323
This section will provide insights into the nature and impact of the CVE-2021-31323 vulnerability.
What is CVE-2021-31323?
CVE-2021-31323 is a Heap Buffer Overflow vulnerability affecting Telegram Android, iOS, and macOS versions below 7.1. The issue resides in the LottieParserImpl::parseDashProperty function of the custom rlottie library fork.
The Impact of CVE-2021-31323
The CVE-2021-31323 vulnerability could be exploited by a remote attacker to tamper with heap memory beyond its allocated limits, potentially leading to a range of security risks on the targeted device.
Technical Details of CVE-2021-31323
This section delves into the specifics of the vulnerability.
Vulnerability Description
The vulnerability is characterized by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function, which could allow a malicious attacker to corrupt heap memory by using a specially crafted animated sticker.
Affected Systems and Versions
Telegram Android versions earlier than 7.1.0 (2090), Telegram iOS versions before 7.1, and Telegram macOS versions prior to 7.1 are confirmed to be impacted by this vulnerability.
Exploitation Mechanism
An attacker can exploit this vulnerability remotely by sending a crafted animated sticker to a target user, triggering the Heap Buffer Overflow in the rlottie library fork.
Mitigation and Prevention
To protect systems from CVE-2021-31323, immediate actions and long-term security practices are recommended.
Immediate Steps to Take
Users are advised to update their Telegram applications to versions 7.1 or above to mitigate the risk of exploitation through this vulnerability.
Long-Term Security Practices
Practicing good security hygiene, such as being cautious with incoming messages and attachments, can help prevent future vulnerabilities.
Patching and Updates
Regularly updating Telegram across all platforms ensures that security patches are applied promptly, reducing the likelihood of falling victim to known vulnerabilities.