aCropalypse gif aCropalypse(CVE-2023-21036)related GIF PoC The aCropalypse reported affects PNG, but a similar exploit exists in GIF images PoC This is original GIF Image case02gif
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android - |
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources aCropalypse Now, starring any 2018-or-later device
If you've owned a Google Pixel smartphone since the 3 series came out in 2018, bad news: any screenshot that you've cropped or redacted on your Pixel can be potentially restored without much fuss. Reverse engineers Simon Aarons and David Buchanan, who found the bug and produced a proof-of-concept recovery tool, respectively, dubbed it aCropalypse, and noted "this bug is a bad one" for folks concerned about their privacy. The flaw lies in how Google's image-editing app Markup, available for...