SB20190927101 - Information disclosure in Google, Google Android
Published: September 27, 2019 Updated: August 8, 2020
Security Bulletin ID
SB20190927101
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Physical access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Information disclosure (CVE-ID: CVE-2019-2190)
The vulnerability allows a local authenticated user to gain access to sensitive information.
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-68771598
Remediation
Install update from vendor's website.