Google has finally patched a privacy vulnerability in its Chrome web browser for Android that exposes users' device model and firmware version, eventually enabling remote attackers to identify unpatched devices and exploit known vulnerabilities.
The vulnerability, which has not yet given any CVE number, is an information disclosure bug that resides in the way the Google Chrome for Android generates 'User Agent' string containing the Android version number and build tag information, which includes device name and its firmware build.

The link for this article located at The Hacker News is no longer available.