Martina Lindorfer

**Name of the Vulnerable Software and Affected Versions** Google Chrome on Android versions prior to 135.0.7049.52 **Description** The issue is related to an inappropriate implementation in Custom Tabs, allowing a remote attacker to perform privilege escalation via a crafted app if the user is convinced to engage in specific UI gestures. **Recommendations** For versions prior to 135.0.7049.52, update to version 135.0.7049.52 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-11-05 **Description** An issue in the kernel ION subsystem could allow a local malicious application to execute arbitrary code within the context of the kernel, potentially leading to a local permanent device compromise. This may require reflashing the operating system to repair the device. **Recommendations** For versions prior to 2016-11-05, update the Android operating system to a version released on or after 2016-11-05 to resolve the issue.