Headline
CVE-2019-9461: Pixel Update Bulletin—September 2019 | Android Open Source Project
In the Android kernel in VPN routing there is a possible information disclosure. This could lead to remote information disclosure by an adjacent network attacker with no additional execution privileges needed. User interaction is not needed for exploitation.
Published September 3, 2019 | Updated September 12, 2019
The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices (Google devices). For Google devices, security patch levels of 2019-09-05 or later address all issues in this bulletin and all issues in the September 2019 Android Security Bulletin. To learn how to check a device’s security patch level, see Check & update your Android version.
All supported Google devices will receive an update to the 2019-09-05 patch level. We encourage all customers to accept these updates for their devices.
Announcements
In addition to the security vulnerabilities described in the September 2019 Android Security Bulletin, supported Google devices that are updated to Android 10 also contain patches for the security vulnerabilities described in this bulletin. Partners were notified that these issues are addressed in Android 10.
Security patches
The following tables include security patches that are addressed on Pixel devices with Android 10. Vulnerabilities are grouped under the component that they affect. Issues are described in the below tables and include CVE ID, associated references, type of vulnerability, severity, and updated Android Open Source Project (AOSP) versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.
Broadcom components
CVE
References
Type
Severity
Component
CVE-2019-9426
A-110460199*
EoP
Moderate
Bluetooth
LG components
CVE
References
Type
Severity
Component
CVE-2019-9436
A-127320561*
EoP
Moderate
Bootloader
CVE-2019-2191
A-68770980*
ID
Moderate
Bootloader
CVE-2019-2190
A-68771598*
ID
Moderate
Bootloader
Kernel components
CVE
References
Type
Severity
Component
CVE-2019-9345
A-27915347*
EoP
High
Kernel
CVE-2019-9461
A-120209610*
ID
High
VPN
CVE-2019-9248
A-120279144*
EoP
Moderate
Touch driver
CVE-2019-9270
A-65123745*
EoP
Moderate
Wi-Fi
CVE-2019-2182
A-128700140
Upstream kernel
EoP
Moderate
Kernel MMU
CVE-2019-9271
A-69006201*
EoP
Moderate
MNH driver
CVE-2019-9273
A-70241598*
EoP
Moderate
Touch driver
CVE-2019-9274
A-70809925*
EoP
Moderate
MNH driver
CVE-2019-9275
A-71508439*
EoP
Moderate
MNH driver
CVE-2019-9276
A-70294179*
EoP
Moderate
Touch driver
CVE-2019-9441
A-69006882*
EoP
Moderate
MNH driver
CVE-2019-9442
A-69808778*
EoP
Moderate
MNH driver
CVE-2019-9443
A-70896844*
EoP
Moderate
VL53L0 driver
CVE-2019-9446
A-118617506*
EoP
Moderate
Touch driver
CVE-2019-9447
A-119120571
Upstream kernel
EoP
Moderate
Touch driver
CVE-2019-9448
A-120141999
Upstream kernel
EoP
Moderate
Touch driver
CVE-2019-9450
A-120141034
Upstream kernel
EoP
Moderate
Touch driver
CVE-2019-9451
A-120211415
Upstream kernel
EoP
Moderate
Touch driver
CVE-2019-9454
A-129148475
Upstream kernel
EoP
Moderate
I2C driver
CVE-2019-9456
A-71362079
Upstream kernel
EoP
Moderate
USB driver
CVE-2019-9457
A-116716935
Upstream kernel
EoP
Moderate
Kernel
CVE-2019-9458
A-117989855
Upstream kernel
EoP
Moderate
Video driver
CVE-2019-8912
A-125367761
Upstream kernel
EoP
Moderate
Crypto
CVE-2018-18397
A-124036248
Upstream kernel
EoP
Moderate
Storage
CVE-2018-14614
A-116406552
Upstream kernel
EoP
Moderate
Storage
CVE-2018-1000199
A-110918800
Upstream kernel
EoP
Moderate
ptrace
CVE-2018-13096
A-113148557
Upstream kernel
EoP
Moderate
Storage
CVE-2018-5803
A-112406370
Upstream kernel
DoS
Moderate
SCTP
CVE-2019-2189
A-112312381
EoP
Moderate
Image driver
CVE-2019-2188
A-112309571*
EoP
Moderate
Image driver
CVE-2017-16939
A-70521013
Upstream kernel
EoP
Moderate
Netlink XFRM
CVE-2018-20169
A-120783657
Upstream kernel
ID
Moderate
USB driver
CVE-2019-9245
A-120491338
Upstream kernel
ID
Moderate
Storage driver
CVE-2019-9444
A-78597155
Upstream kernel
ID
Moderate
Storage driver
CVE-2019-9445
A-118153030
Upstream kernel
ID
Moderate
Storage driver
CVE-2019-9449
A-120141031
Upstream kernel
ID
Moderate
Touch driver
CVE-2019-9452
A-120211708
Upstream kernel
ID
Moderate
Touch driver
CVE-2019-9453
A-126558260
Upstream kernel
ID
Moderate
Storage driver
CVE-2019-9455
A-121035792
Upstream kernel
ID
Moderate
Video driver
CVE-2018-19985
A-131963918
Upstream kernel
ID
Moderate
USB driver
CVE-2018-20511
A-123742046
Upstream kernel
ID
Moderate
nNet/AppleTalk
CVE-2018-1000204
A-113096593
Upstream kernel
ID
Moderate
Storage
Qualcomm components
CVE
References
Type
Severity
Component
CVE-2017-14888
A-70237718
QC-CR#2119729
N/A
Moderate
WLAN host
CVE-2018-3573
A-72957667
QC-CR#2124525
N/A
Moderate
Bootloader
CVE-2017-15844
A-67749071
QC-CR#2127276
N/A
Moderate
Kernel
CVE-2018-3574
A-72957321
QC-CR#2148121 [2] [3]
N/A
Moderate
Kernel
CVE-2018-5861
A-77527684
QC-CR#2167135
N/A
Moderate
Bootloader
CVE-2018-11302
A-109741923
QC-CR#2209355
N/A
Moderate
WLAN host
CVE-2018-5919
A-65423852
QC-CR#2213280
N/A
Moderate
WLAN host
CVE-2018-11818
A-111127974
QC-CR#2170083 [2]
N/A
Moderate
MDSS driver
CVE-2018-11832
A-111127793
QC-CR#2212896
N/A
Moderate
Kernel
CVE-2018-11893
A-111127990
QC-CR#2231992
N/A
Moderate
WLAN host
CVE-2018-11919
A-79217930
QC-CR#2209134 [2] [3]
N/A
Moderate
Kernel
CVE-2018-11939
A-77237693
QC-CR#2254305
N/A
Moderate
WLAN host
CVE-2018-11823
A-112277122
QC-CR#2204519
N/A
Moderate
Power
CVE-2018-11929
A-112277631
QC-CR#2231300
N/A
Moderate
WLAN host
CVE-2018-11943
A-72117228
QC-CR#2257823
N/A
Moderate
Bootloader
CVE-2018-11947
A-112277911
QC-CR#2246110 [2]
N/A
Moderate
WLAN host
CVE-2018-11947
A-112278406
QC-CR#2272696
N/A
Moderate
WLAN host
CVE-2018-11942
A-112278151
QC-CR#2257688
N/A
Moderate
WLAN host
CVE-2018-11983
A-80095430
QC-CR#2262576
N/A
Moderate
Kernel
CVE-2018-11984
A-80435805
QC-CR#2266693
N/A
Moderate
Kernel
CVE-2018-11987
A-70638103
QC-CR#2258691
N/A
Moderate
Kernel
CVE-2018-11985
A-114041193
QC-CR#2163851
N/A
Moderate
Bootloader
CVE-2018-11988
A-114041748
QC-CR#2172134 [2]
N/A
Moderate
Kernel
CVE-2018-11986
A-62916765
QC-CR#2266969
N/A
Moderate
Camera
CVE-2018-12010
A-62711756
QC-CR#2268386
N/A
Moderate
Kernel
CVE-2018-12006
A-77237704
QC-CR#2257685 [2]
N/A
Moderate
Display
CVE-2018-13893
A-80302295
QC-CR#2291309 [2]
N/A
Moderate
diag_mask
CVE-2018-12011
A-109697864
QC-CR#2274853
N/A
Moderate
Kernel
CVE-2018-13912
A-119053502
QC-CR#2283160 [2]
N/A
Moderate
Camera
CVE-2018-13913
A-119053530
QC-CR#2286485 [2]
N/A
Moderate
Display
CVE-2018-3564
A-119052383
QC-CR#2225279
N/A
Moderate
DSP services
CVE-2019-2248
A-122474006
QC-CR#2328906
N/A
Moderate
Display
CVE-2019-2277
A-127512945
QC-CR#2342812
N/A
Moderate
WLAN host
CVE-2019-2263
A-116024809
QC-CR#2076623
N/A
Moderate
Kernel
CVE-2019-2345
A-110849476
QC-CR#2115578
N/A
Moderate
Camera
CVE-2019-2306
A-115907574
QC-CR#2337383 [2]
N/A
Moderate
Display
CVE-2019-2299
A-117988970
QC-CR#2243169
N/A
Moderate
WLAN host
CVE-2019-2312
A-117885392
QC-CR#2341890
N/A
Moderate
WLAN host
CVE-2019-2314
A-120028144
QC-CR#2357704
N/A
Moderate
Display
CVE-2019-2314
A-120029095
QC-CR#2357704
N/A
Moderate
Display
CVE-2019-2302
A-130565935
QC-CR#2300516
N/A
Moderate
WLAN host
CVE-2019-10506
A-117885703
QC-CR#2252793
N/A
Moderate
WLAN host
CVE-2018-13890
A-111274306
QC-CR#2288818
N/A
Moderate
WLAN host
CVE-2019-10507
A-132170503
QC-CR#2253396
N/A
Moderate
WLAN host
CVE-2019-10508
A-132173922
QC-CR#2288818
N/A
Moderate
WLAN host
CVE-2019-2284
A-132173427
QC-CR#2358765
N/A
Moderate
Camera
CVE-2019-2333
A-132171964
QC-CR#2381014 [2] [3]
N/A
Moderate
Kernel
CVE-2019-2341
A-132172264
QC-CR#2389324 [2]
N/A
Moderate
Audio
CVE-2019-10497
A-132173298
QC-CR#2395102
N/A
Moderate
Audio
CVE-2019-10542
A-134440623
QC-CR#2359884
N/A
Moderate
WLAN host
CVE-2019-10502
A-134441002
QC-CR#2401297 [2] [3]
N/A
Moderate
Camera
CVE-2019-10528
A-63528466
QC-CR#2133028 [2]
N/A
Moderate
Kernel
CVE-2018-11825
A-117985523
QC-CR#2205722
N/A
Moderate
WLAN host
CVE-2019-10565
A-129275872
QC-CR#2213706
N/A
Moderate
Camera
Qualcomm closed-source components
CVE
References
Type
Severity
Component
CVE-2018-11899
A-69383398*
N/A
Moderate
Closed-source component
CVE-2019-2298
A-118897119*
N/A
Moderate
Closed-source component
CVE-2019-2281
A-129765896*
N/A
Moderate
Closed-source component
CVE-2019-2343
A-130566880*
N/A
Moderate
Closed-source component
Functional patches
Please see this post for a description of features included with Android 10.
Common questions and answers
This section answers common questions that may occur after reading this bulletin.
1. How do I determine if my device is updated to address these issues?
Security patch levels of 2019-09-05 or later address all issues associated with the 2019-09-05 security patch level and all previous patch levels. To learn how to check a device’s security patch level, read the instructions on the Google device update schedule.
2. What do the entries in the Type column mean?
Entries in the Type column of the vulnerability details table reference the classification of the security vulnerability.
Abbreviation
Definition
RCE
Remote code execution
EoP
Elevation of privilege
ID
Information disclosure
DoS
Denial of service
N/A
Classification not available
3. What do the entries in the References column mean?
Entries under the References column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.
Prefix
Reference
A-
Android bug ID
QC-
Qualcomm reference number
M-
MediaTek reference number
N-
NVIDIA reference number
B-
Broadcom reference number
4. What does an * next to the Android bug ID in the References column mean?
Issues that are not publicly available have an * next to the Android bug ID in the References column. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.
5. Why are security vulnerabilities split between this bulletin and the Android Security Bulletins?
Security vulnerabilities that are documented in the Android Security Bulletins are required to declare the latest security patch level on Android devices. Additional security vulnerabilities, such as those documented in this bulletin are not required for declaring a security patch level.
Versions
Version
Date
Notes
1.0
September 3, 2019
Bulletin published.
1.1
September 12, 2019
Bulletin updated.