Lee Campbell

**Name of the Vulnerable Software and Affected Versions** Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-06-01 **Description** The issue is related to the Activity Manager component in the Android operating system, which does not properly terminate process groups. This allows attackers to obtain sensitive information via a crafted application. The vulnerability can be exploited by a remote attacker to gain confidential information using a specially designed application. **Recommendations** For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later. For Android versions 6.x before 2016-06-01, ensure that all security patches released up to 2016-06-01 are applied.

**Name of the Vulnerable Software and Affected Versions** ppp versions prior to 2.4.7 **Description** The issue is related to an integer overflow in the getword function in options.c in pppd, which can trigger a heap-based buffer overflow. This overflow can corrupt security-relevant variables, potentially allowing attackers to access privileged options. The vulnerability can be exploited remotely and may lead to a violation of confidentiality, integrity, and availability of protected information. **Recommendations** For versions prior to 2.4.7, update to version 2.4.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the options file to minimize the risk of exploitation.