Jesse Chang

**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to an integer overflow in the FingerTipS touch screen driver, which could lead to a possible out of bounds read. This may result in local information disclosure, requiring System execution privileges for exploitation. No user interaction is needed for exploitation. **Recommendations** For Android kernel, consider applying a patch or fix to address the integer overflow issue in the FingerTipS touch screen driver as soon as it becomes available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to a heap buffer overflow in the FingerTipS touch screen driver, which could lead to a local escalation of privilege. This requires System execution privileges and does not need user interaction for exploitation. **Recommendations** For Android kernel, consider applying a patch or fix to address the heap buffer overflow issue in the FingerTipS touch screen driver as soon as one becomes available. As a temporary workaround, restricting access to the `fts driver test write` function may help minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Android kernel versions (affected versions not specified) Description: The issue is related to a buffer read out of bounds in the fts driver test write function of fts proc.c, a component of the Android kernel's Touch driver. This could lead to local information disclosure, requiring System execution privileges for exploitation. No user interaction is needed for exploitation. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.