It's amusing seeing all the devices impacted by a relatively harmless old Android Open Source Project 8.0.0 build system bug: github.com/AndroidHardeni.
The release signing scripts had a temporary regression where they didn't replace the fingerprint for boot images when resigning.
Conversation
Replying to
It was very obvious since it caused a standard build consistency check to fail... so it's not clear how so many device vendors managed to ship it like this.
Maybe not surprising when they don't have a developer spend literally 5 minutes to enable control_privapp_permissions...
1