As the company reports, vulnerability this could allow an attacker to cause a "permanent" denial of service (DoS), sending users a specially designed message. The company does not further explain what this alarming description means and there is no indication that the defect has been exploited by anyone so far. malicious user, but surely other users wouldn't want to find out the hard way.
All in all, the update fixes 15 CVEs (2019-12-01) and 5 CVEs (2019-12-05), with other 22 patch elements for Qualcomm.
Patch level 2019-12-01
This is the level that affects most Appliances third-party phones, not manufactured by Google itself. If the patch level on your phone uses the date '01' next to the month, it means that you receive the security updates by that date, which means all that is needed.
Three fixes at this level have been described as critical, but for two of them - CVE-2019-2222 and CVE-2019-2223 - this designation applies only to versions 8.0, 8.1 and 9. On Android 10 they are just important. This could be due to the fact that Android 10 has additional mitigations or because it uses Project Mainline, through which some critical updates are implemented faster through Google Play.
A bug that was recently discovered and repaired secretly recently by the Play Store was a hijacking bug that affected Google's camera app.
How useful was this post?
Average rating / 5. Vote count:
No votes so far! Be the first to rate this post.