Zlbzlb815@163.Com

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.10 through Kernel-3.18 **Description** An elevation of privilege issue in the kernel ION subsystem could allow a local malicious application to execute arbitrary code within the context of the kernel, potentially leading to a local permanent device compromise. This may require reflashing the operating system to repair the device. The issue is related to insufficient access control in the ION subsystem. **Recommendations** For Android versions Kernel-3.10 through Kernel-3.18, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 7.0 through 7.1.1 **Description** A remote denial of service issue in libskia could allow an attacker to use a specially crafted file to cause a device hang or reboot. This issue is related to inadequate access control in the libskia service of the Android operating system. The exploitation of this issue may enable a remote attacker to cause device hang or reboot using a specially crafted file. **Recommendations** For Android versions 7.0 through 7.1.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.