CVE-2020-0178

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description The issue is related to a missing permission check in the getAllConfigFlags function of SettingsProvider.cpp. This could lead to local information disclosure of config flags without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android version Android-10, consider restricting access to sensitive config flags until a patch is available. As a temporary workaround, review and enforce proper permission checks for the getAllConfigFlags function to minimize the risk of information disclosure.