CVE-2019-2190

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a missing bounds check in LG's LAF component, which could lead to a leak of information in a protected disk partition. This might result in local information disclosure via USB, requiring User execution privileges. Notably, user interaction is not necessary for exploitation.

Recommendations For Android kernel, consider applying a patch that includes a bounds check in the LAF component to prevent information disclosure. As a temporary workaround, restrict access to the protected disk partition to minimize the risk of exploitation.