Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in trusty_remote_provisioning_context.cpp. CreateDeviceInfo contains an out-of-bounds read due to a missing boundary check. An attacker could exploit this vulnerability to cause an information leak.