In cleardatadlg_text of strings.xml, there is a possible situation when "Clear storage" functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "fixes": [ "https://android.googlesource.com/platform/packages/apps/Settings/+/7d22136fb086da3edff0664d8fe5f5e0b70fd77d", "https://android.googlesource.com/platform/packages/apps/Settings/+/8a69cc392158a8b2ef7e79b93d67210c62a33956" ], "spl": "2022-02-05", "severity": "High", "types": [ "ID" ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/apps/Settings/+/6024ea553a5f662f4693bd203aedbbcce049a15e", "https://android.googlesource.com/platform/packages/apps/Settings/+/6cd48383a10f4d513fbbeffc31309f5ee4a7f381" ], "spl": "2022-02-05", "severity": "High", "types": [ "ID" ] }