Guoygang

**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to an elevation of privilege vulnerability in the Upstream Linux linux kernel, affecting the Android product. **Recommendations** For Android kernel, apply the fix provided in Android ID A-36007735 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.12.1 **Description** The issue allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides in the driver override implementation in drivers/base/platform.c. **Recommendations** For Linux kernel versions prior to 4.12.1, update to version 4.12.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.10.9 **Description** The issue is related to incorrect error handling in the set mempolicy and mbind compat syscalls in mm/mempolicy.c. This allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. **Recommendations** For Linux kernel versions prior to 4.10.9, update to version 4.10.9 or later to resolve the issue.