1 page.title=Nexus - 2015 10 2 @jd:body 3 4 <!-- 5 Copyright 2016 The Android Open Source Project 6 7 Licensed under the Apache License, Version 2.0 (the "License"); 8 you may not use this file except in compliance with the License. 9 You may obtain a copy of the License at 10 11 http://www.apache.org/licenses/LICENSE-2.0 12 13 Unless required by applicable law or agreed to in writing, software 14 distributed under the License is distributed on an "AS IS" BASIS, 15 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 See the License for the specific language governing permissions and 17 limitations under the License. 18 --> 19 <div id="qv-wrapper"> 20 <div id="qv"> 21 <ol id="auto-toc"> 22 </ol> 23 </div> 24 </div> 25 26 <p> 27 <em> 28 : 2015 10 5 | : 2015 10 12 29 </em> 30 </p> 31 <p> 32 Google Android 33 Nexus . 34 Nexus 35 <a href="https://developers.google.com/android/nexus/images"> 36 Google 37 </a> 38 . LMY48T (: LMY48W) 2015 10 1 39 Android M . 40 <a href="https://support.google.com/nexus/answer/4457705"> 41 Nexus 42 </a> 43 . 44 </p> 45 <p> 46 2015 9 10 , 47 Android (AOSP) 48 . 49 </p> 50 <p> 51 52 , MMS 53 . 54 </p> 55 <p> 56 57 . SafetyNet Android 58 <a href="http://source.android.com/security/bulletin/2015-10-01.html#mitigations"> 59 Android 60 </a> 61 62 <a href="http://source.android.com/security/enhancements/index.html"> 63 64 </a> 65 . 66 . 67 </p> 68 <h2 id="security_vulnerability_summary" style="margin-bottom:0px"> 69 70 </h2> 71 <hr/> 72 <p> 73 , ID(CVE), 74 . 75 <a href="http://source.android.com/security/overview/updates-resources.html#severity"> 76 77 </a> 78 79 80 . 81 </p> 82 <table> 83 <tbody> 84 <tr> 85 <th> 86 87 </th> 88 <th> 89 CVE 90 </th> 91 <th> 92 93 </th> 94 </tr> 95 <tr> 96 <td> 97 libstagefright 98 </td> 99 <td> 100 CVE-2015-3873 101 <br/> 102 CVE-2015-3872 103 <br/> 104 CVE-2015-3871 105 <br/> 106 CVE-2015-3868 107 <br/> 108 CVE-2015-3867 109 <br/> 110 CVE-2015-3869 111 <br/> 112 CVE-2015-3870 113 <br/> 114 CVE-2015-3823 115 <br/> 116 CVE-2015-6598 117 <br/> 118 CVE-2015-6599 119 <br/> 120 CVE-2015-6600 121 <br/> 122 CVE-2015-6603 123 <br/> 124 CVE-2015-6601 125 <br/> 126 CVE-2015-3876 127 <br/> 128 CVE-2015-6604 129 </td> 130 <td> 131 132 </td> 133 </tr> 134 <tr> 135 <td> 136 Sonivox 137 </td> 138 <td> 139 CVE-2015-3874 140 </td> 141 <td> 142 143 </td> 144 </tr> 145 <tr> 146 <td> 147 libutils 148 </td> 149 <td> 150 CVE-2015-3875 151 <br/> 152 CVE-2015-6602 153 </td> 154 <td> 155 156 </td> 157 </tr> 158 <tr> 159 <td> 160 Skia 161 </td> 162 <td> 163 CVE-2015-3877 164 </td> 165 <td> 166 167 </td> 168 </tr> 169 <tr> 170 <td> 171 libFLAC 172 </td> 173 <td> 174 CVE-2014-9028 175 </td> 176 <td> 177 178 </td> 179 </tr> 180 <tr> 181 <td> 182 183 </td> 184 <td> 185 CVE-2015-3863 186 </td> 187 <td> 188 189 </td> 190 </tr> 191 <tr> 192 <td> 193 194 </td> 195 <td> 196 CVE-2015-3879 197 </td> 198 <td> 199 200 </td> 201 </tr> 202 <tr> 203 <td> 204 Android 205 </td> 206 <td> 207 CVE-2015-3865 208 </td> 209 <td> 210 211 </td> 212 </tr> 213 <tr> 214 <td> 215 216 </td> 217 <td> 218 CVE-2015-6596 219 </td> 220 <td> 221 222 </td> 223 </tr> 224 <tr> 225 <td> 226 227 </td> 228 <td> 229 CVE-2015-6606 230 </td> 231 <td> 232 233 </td> 234 </tr> 235 <tr> 236 <td> 237 238 </td> 239 <td> 240 CVE-2015-3878 241 </td> 242 <td> 243 244 </td> 245 </tr> 246 <tr> 247 <td> 248 249 </td> 250 <td> 251 CVE-2015-3847 252 </td> 253 <td> 254 255 </td> 256 </tr> 257 <tr> 258 <td> 259 SQLite 260 </td> 261 <td> 262 CVE-2015-6607 263 </td> 264 <td> 265 266 </td> 267 </tr> 268 <tr> 269 <td> 270 (DoS) 271 </td> 272 <td> 273 CVE-2015-6605 274 <br/> 275 CVE-2015-3862 276 </td> 277 <td> 278 279 </td> 280 </tr> 281 </tbody> 282 </table> 283 <h2 id="mitigations" style="margin-bottom:0px"> 284 285 </h2> 286 <hr/> 287 <p> 288 SafetyNet 289 <a href="http://source.android.com/security/enhancements/index.html"> 290 Android 291 </a> 292 . Android 293 . 294 </p> 295 <ul> 296 <li> 297 Android Android 298 . 299 Android . 300 </li> 301 <li> 302 Android 303 SafetyNet 304 . Google Play . 305 Google Play 306 . 307 308 . 309 310 . 311 </li> 312 <li> 313 Google 314 315 . 316 </li> 317 </ul> 318 <h2 id="acknowledgements" style="margin-bottom:0px"> 319 320 </h2> 321 <hr/> 322 <p> 323 . 324 </p> 325 <ul> 326 <li> 327 Brennan Lautner: CVE-2015-3863 328 </li> 329 <li> 330 Qihoo 360 C0re Yajin Zhou, Lei Wu, Xuxian Jiang: CVE-2015-3868, 331 CVE-2015-3869, CVE-2015-3865, CVE-2015-3862 332 </li> 333 <li> 334 Copperhead Security Daniel Micay(daniel.micay (a] copperhead.co): CVE-2015-3875 335 </li> 336 <li> 337 Alibaba dragonltx: CVE-2015-6599 338 </li> 339 <li> 340 Google Project Zero Ian Beer, Steven Vittitoe: CVE-2015-6604 341 </li> 342 <li> 343 Fundacin Dr. Manuel Sadosky Programa STIC Joaqun Rinaudo(@xeroxnir), Ivn Arce(@4Dgifts): CVE-2015-3870 344 </li> 345 <li> 346 Zimperium Josh Drake: CVE-2015-3876, CVE-2015-6602 347 </li> 348 <li> 349 Exodus Intelligence Jordan Gruskovnjak(@jgrusko): CVE-2015-3867 350 </li> 351 <li> 352 Trend Micro Peter Pi: CVE-2015-3872, CVE-2015-3871 353 </li> 354 <li> 355 Qihoo 360 Technology Co. Ltd Ping Li: CVE-2015-3878 356 </li> 357 <li> 358 Seven Shen: CVE-2015-6600, CVE-2015-3847 359 </li> 360 <li> 361 Baidu X-Team Wangtao(neobyte): CVE-2015-6598 362 </li> 363 <li> 364 Trend Micro Inc. Wish Wu(@wish_wu): CVE-2015-3823 365 </li> 366 </ul> 367 <p> 368 Chrome , Google , Project Zero Google 369 . 370 </p> 371 <h2 id="security_vulnerability_details" style="margin-bottom:0px"> 372 373 </h2> 374 <hr/> 375 <p> 376 377 <a href="http://source.android.com/security/bulletin/2015-10-01.html#security_vulnerability_summary"> 378 379 </a> 380 381 . , CVE, , , 382 . 383 AOSP 384 ID . AOSP 385 ID . 386 </p> 387 <h3 id="remote_code_execution_vulnerabilities_in_libstagefright"> 388 libstagefright 389 </h3> 390 <p> 391 libstagefright 392 393 . 394 </p> 395 <p> 396 397 . 398 3 399 . 400 </p> 401 <table> 402 <tbody> 403 <tr> 404 <th> 405 CVE 406 </th> 407 <th> 408 AOSP 409 </th> 410 <th> 411 412 </th> 413 <th> 414 415 </th> 416 <th> 417 418 </th> 419 </tr> 420 <tr> 421 <td rowspan="14"> 422 CVE-2015-3873 423 </td> 424 <td> 425 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c23e3dd8af7397f023aae040c4a03dd14091cbed"> 426 ANDROID-20674086 427 </a> 428 [ 429 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/9abb7401df730b5c510f6b8dac2716a0928d9623"> 430 2 431 </a> 432 , 433 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b62a73b860757143d3b140b2985fdae71e18d675"> 434 3 435 </a> 436 , 437 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b2ae4351539de9aa4667fcb3e02ba40d9c6bd094"> 438 4 439 </a> 440 ] 441 </td> 442 <td rowspan="13"> 443 444 </td> 445 <td rowspan="13"> 446 5.1 447 </td> 448 <td rowspan="13"> 449 Google 450 </td> 451 </tr> 452 <tr> 453 <td> 454 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3fd96683850cf27648e036180acb149fac362242"> 455 ANDROID-20674674 456 </a> 457 [ 458 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/65842db06c2d77e53cc5ac61692160d844cc7d0a"> 459 2 460 </a> 461 , 462 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/38eff9af5c032bf12f89d6e94df05f65eef51afc"> 463 3 464 </a> 465 , 466 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/91860b89488b3ee4644c539e89e657fbb79fb6ad"> 467 4 468 </a> 469 ] 470 </td> 471 </tr> 472 <tr> 473 <td> 474 <a href="https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/2e941e40ce76eb13b273479a4ee8fb6e40d33795"> 475 ANDROID-20718524 476 </a> 477 </td> 478 </tr> 479 <tr> 480 <td> 481 <a href="https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/06ca06ac6107f88530cc67225c47537621bb41a5"> 482 ANDROID-21048776 483 </a> 484 </td> 485 </tr> 486 <tr> 487 <td> 488 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/dc5e47f013bfbb74c5c35ad976aa98d480cb351b"> 489 ANDROID-21443020 490 </a> 491 </td> 492 </tr> 493 <tr> 494 <td> 495 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f11e95b21007f24e5ab77298370855f9f085b2d7"> 496 ANDROID-21814993 497 </a> 498 </td> 499 </tr> 500 <tr> 501 <td> 502 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f810a8298aea13fa177060cdc10c8297eac69c49"> 503 ANDROID-22008959 504 </a> 505 </td> 506 </tr> 507 <tr> 508 <td> 509 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7913508110c80da87fb085514208adbd874d7d54"> 510 ANDROID-22077698 511 </a> 512 </td> 513 </tr> 514 <tr> 515 <td> 516 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/073e4f6748f5d7deb095c42fad9271cb99e22d07"> 517 ANDROID-22388975 518 </a> 519 </td> 520 </tr> 521 <tr> 522 <td> 523 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/bf47eb9c67ed364f3c288954857aab9d9311db4c"> 524 ANDROID-22845824 525 </a> 526 </td> 527 </tr> 528 <tr> 529 <td> 530 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b158a9a5bcfe21480f57bc58d45517f1a81cca39"> 531 ANDROID-23016072 532 </a> 533 </td> 534 </tr> 535 <tr> 536 <td> 537 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5a132594b531f1f48098a790927f82080cc27f61"> 538 ANDROID-23247055 539 </a> 540 </td> 541 </tr> 542 <tr> 543 <td> 544 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/d2ebc0b9e147f9406db20ec4df61da50e3614ee4"> 545 ANDROID-23248776 546 </a> 547 </td> 548 </tr> 549 <tr> 550 <td> 551 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3179e3b3531b5fe93dc7f5b2c378e27010a406d5"> 552 ANDROID-20721050 553 </a> 554 </td> 555 <td> 556 557 </td> 558 <td> 559 5.0 5.1 560 </td> 561 <td> 562 Google 563 </td> 564 </tr> 565 <tr> 566 <td> 567 CVE-2015-3823 568 </td> 569 <td> 570 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/407d475b797fdc595299d67151230dc6e3835ccd"> 571 ANDROID-21335999 572 </a> 573 </td> 574 <td> 575 576 </td> 577 <td> 578 5.1 579 </td> 580 <td> 581 2015 5 20 582 </td> 583 </tr> 584 <tr> 585 <td> 586 CVE-2015-6600 587 </td> 588 <td> 589 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/e6f5d47a7f9eab8a0009f8a563de473cd47d3110"> 590 ANDROID-22882938 591 </a> 592 </td> 593 <td> 594 595 </td> 596 <td> 597 5.1 598 </td> 599 <td> 600 2015 7 31 601 </td> 602 </tr> 603 <tr> 604 <td> 605 CVE-2015-6601 606 </td> 607 <td> 608 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/738a753a3ca7bf8f9f608ca941575626265294e4"> 609 ANDROID-22935234 610 </a> 611 </td> 612 <td> 613 614 </td> 615 <td> 616 5.1 617 </td> 618 <td> 619 2015 8 3 620 </td> 621 </tr> 622 <tr> 623 <td> 624 CVE-2015-3869 625 </td> 626 <td> 627 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/450e1015b7939292ca988dd1b4f0303a094478e9"> 628 ANDROID-23036083 629 </a> 630 </td> 631 <td> 632 633 </td> 634 <td> 635 5.1 636 </td> 637 <td> 638 2015 8 4 639 </td> 640 </tr> 641 <tr> 642 <td> 643 CVE-2015-3870 644 </td> 645 <td> 646 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/4bce636865bdf0e2a79fc9a5d9a69107649c850d"> 647 ANDROID-22771132 648 </a> 649 </td> 650 <td> 651 652 </td> 653 <td> 654 5.1 655 </td> 656 <td> 657 2015 8 5 658 </td> 659 </tr> 660 <tr> 661 <td> 662 CVE-2015-3871 663 </td> 664 <td> 665 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c570778430a22b5488cae72982cf9fb8033dbda3"> 666 ANDROID-23031033 667 </a> 668 </td> 669 <td> 670 671 </td> 672 <td> 673 5.1 674 </td> 675 <td> 676 2015 8 6 677 </td> 678 </tr> 679 <tr> 680 <td> 681 CVE-2015-3868 682 </td> 683 <td> 684 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/937c6bedd4b6e5c6cb29a238eb459047dedd3486"> 685 ANDROID-23270724 686 </a> 687 </td> 688 <td> 689 690 </td> 691 <td> 692 5.1 693 </td> 694 <td> 695 2015 8 6 696 </td> 697 </tr> 698 <tr> 699 <td> 700 CVE-2015-6604 701 </td> 702 <td> 703 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f51115bd8e44c2779b74477277c6f6046916e7cf"> 704 ANDROID-23129786 705 </a> 706 </td> 707 <td> 708 709 </td> 710 <td> 711 5.1 712 </td> 713 <td> 714 2015 8 11 715 </td> 716 </tr> 717 <tr> 718 <td> 719 CVE-2015-3867 720 </td> 721 <td> 722 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7e9ac3509d72e8dc6f1316b5ce0a0066638b9737"> 723 ANDROID-23213430 724 </a> 725 </td> 726 <td> 727 728 </td> 729 <td> 730 5.1 731 </td> 732 <td> 733 2015 8 14 734 </td> 735 </tr> 736 <tr> 737 <td> 738 CVE-2015-6603 739 </td> 740 <td> 741 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c37f7f6fa0cb7f55cdc5b2d4ccbf2c87c3bc6c3b"> 742 ANDROID-23227354 743 </a> 744 </td> 745 <td> 746 747 </td> 748 <td> 749 5.1 750 </td> 751 <td> 752 2015 8 15 753 </td> 754 </tr> 755 <tr> 756 <td> 757 CVE-2015-3876 758 </td> 759 <td> 760 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c580c836c1941fb4912e1dd4e08626caf98a62c7"> 761 ANDROID-23285192 762 </a> 763 </td> 764 <td> 765 766 </td> 767 <td> 768 5.1 769 </td> 770 <td> 771 2015 8 15 772 </td> 773 </tr> 774 <tr> 775 <td> 776 CVE-2015-6598 777 </td> 778 <td> 779 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/ba6093a4c6997b9d36d9700ee8c974941bf82e3a"> 780 ANDROID-23306638 781 </a> 782 </td> 783 <td> 784 785 </td> 786 <td> 787 5.1 788 </td> 789 <td> 790 2015 8 18 791 </td> 792 </tr> 793 <tr> 794 <td> 795 CVE-2015-3872 796 </td> 797 <td> 798 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/4d46f6f18f5160b8992ec1e66ef1844212fc7d48"> 799 ANDROID-23346388 800 </a> 801 </td> 802 <td> 803 804 </td> 805 <td> 806 5.1 807 </td> 808 <td> 809 2015 8 19 810 </td> 811 </tr> 812 <tr> 813 <td> 814 CVE-2015-6599 815 </td> 816 <td> 817 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/af7e33f6043c0be1c0310d675884e3b263ca2438"> 818 ANDROID-23416608 819 </a> 820 </td> 821 <td> 822 823 </td> 824 <td> 825 5.1 826 </td> 827 <td> 828 2015 8 21 829 </td> 830 </tr> 831 </tbody> 832 </table> 833 <h3 id="remote_code_execution_vulnerabilities_in_sonivox"> 834 Sonivox 835 </h3> 836 <p> 837 Sonivox 838 839 . 840 841 . 842 3 843 . 844 </p> 845 <table> 846 <tbody> 847 <tr> 848 <th> 849 CVE 850 </th> 851 <th> 852 AOSP 853 </th> 854 <th> 855 856 </th> 857 <th> 858 859 </th> 860 <th> 861 862 </th> 863 </tr> 864 <tr> 865 <td rowspan="3"> 866 CVE-2015-3874 867 </td> 868 <td> 869 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/8cbef48ba6e3d3f844b895f8ca1a1aee74414fff"> 870 ANDROID-23335715 871 </a> 872 </td> 873 <td rowspan="3"> 874 875 </td> 876 <td rowspan="3"> 877 5.1 878 </td> 879 <td rowspan="3"> 880 881 </td> 882 </tr> 883 <tr> 884 <td> 885 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/5d2e7de37d4a28cf25cc5d0c64b3a29c1824dc0a"> 886 ANDROID-23307276 887 </a> 888 [ 889 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/f333a822c38c3d92f40e8f1686348e6a62c291"> 890 2 891 </a> 892 ] 893 </td> 894 </tr> 895 <tr> 896 <td> 897 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/8a9f53ee2c661e8b5b94d6e9fbb8af3baa34310d"> 898 ANDROID-23286323 899 </a> 900 </td> 901 </tr> 902 </tbody> 903 </table> 904 <h3 id="remote_code_execution_vulnerabilities_in_libutils"> 905 libutils 906 </h3> 907 <p> 908 libutils . 909 910 911 . 912 </p> 913 <p> 914 API 915 MMS 916 . 917 918 . 919 3 . 920 </p> 921 <table> 922 <tbody> 923 <tr> 924 <th> 925 CVE 926 </th> 927 <th> 928 AOSP 929 </th> 930 <th> 931 932 </th> 933 <th> 934 935 </th> 936 <th> 937 938 </th> 939 </tr> 940 <tr> 941 <td> 942 CVE-2015-3875 943 </td> 944 <td> 945 <a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/0cc9a6e6e1f8e675c1238e5e05418cabcc699b52"> 946 ANDROID-22952485 947 </a> 948 </td> 949 <td> 950 951 </td> 952 <td> 953 5.1 954 </td> 955 <td> 956 2015 8 15 957 </td> 958 </tr> 959 <tr> 960 <td> 961 CVE-2015-6602 962 </td> 963 <td> 964 <a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/e0dce90b0de2b2b7c2baae8035f810a55526effb"> 965 ANDROID-23290056 966 </a> 967 [ 968 <a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/5b85b1d40d619c2064d321364f212ebfeb6ba185"> 969 2 970 </a> 971 ] 972 </td> 973 <td> 974 975 </td> 976 <td> 977 5.1 978 </td> 979 <td> 980 2015 8 15 981 </td> 982 </tr> 983 </tbody> 984 </table> 985 <h3 id="remote_code_execution_vulnerability_in_skia"> 986 Skia 987 </h3> 988 <p> 989 Skia 990 991 . 992 , MMS 993 994 . 995 </p> 996 <table> 997 <tbody> 998 <tr> 999 <th> 1000 CVE 1001 </th> 1002 <th> 1003 AOSP 1004 </th> 1005 <th> 1006 1007 </th> 1008 <th> 1009 1010 </th> 1011 <th> 1012 1013 </th> 1014 </tr> 1015 <tr> 1016 <td> 1017 CVE-2015-3877 1018 </td> 1019 <td> 1020 <a href="https://android.googlesource.com/platform%2Fexternal%2Fskia/+/55ad31336a6de7037139820558c5de834797c09e"> 1021 ANDROID-20723696 1022 </a> 1023 </td> 1024 <td> 1025 1026 </td> 1027 <td> 1028 5.1 1029 </td> 1030 <td> 1031 2015 7 30 1032 </td> 1033 </tr> 1034 </tbody> 1035 </table> 1036 <h3 id="remote_code_execution_vulnerabilities_in_libflac"> 1037 libFLAC 1038 </h3> 1039 <p> 1040 libFLAC . 1041 1042 . 1043 </p> 1044 <p> 1045 API , 1046 1047 . 1048 . 1049 3 1050 . 1051 </p> 1052 <table> 1053 <tbody> 1054 <tr> 1055 <th> 1056 CVE 1057 </th> 1058 <th> 1059 AOSP 1060 </th> 1061 <th> 1062 1063 </th> 1064 <th> 1065 1066 </th> 1067 <th> 1068 1069 </th> 1070 </tr> 1071 <tr> 1072 <td> 1073 CVE-2014-9028 1074 </td> 1075 <td> 1076 <a href="https://android.googlesource.com/platform%2Fexternal%2Fflac/+/fe03f73d86bb415f5d5145f0de091834d89ae3a9"> 1077 ANDROID-18872897 1078 </a> 1079 [ 1080 <a href="https://android.googlesource.com/platform%2Fexternal%2Fflac/+/5859ae22db0a2d16af3e3ca19d582de37daf5eb6"> 1081 2 1082 </a> 1083 ] 1084 </td> 1085 <td> 1086 1087 </td> 1088 <td> 1089 5.1 1090 </td> 1091 <td> 1092 2014 11 14 1093 </td> 1094 </tr> 1095 </tbody> 1096 </table> 1097 <p> 1098 </p> 1099 <h3 id="elevation_of_privilege_vulnerability_in_keystore"> 1100 1101 </h3> 1102 <p> 1103 1104 KeyStore API . 1105 1106 . 3 1107 1108 . 1109 </p> 1110 <table> 1111 <tbody> 1112 <tr> 1113 <th> 1114 CVE 1115 </th> 1116 <th> 1117 AOSP 1118 </th> 1119 <th> 1120 1121 </th> 1122 <th> 1123 1124 </th> 1125 <th> 1126 1127 </th> 1128 </tr> 1129 <tr> 1130 <td> 1131 CVE-2015-3863 1132 </td> 1133 <td> 1134 <a href="https://android.googlesource.com/platform%2Fsystem%2Fsecurity/+/0d5935262dbbcaf2cf6145529ffd71a728ef4609"> 1135 ANDROID-22802399 1136 </a> 1137 </td> 1138 <td> 1139 1140 </td> 1141 <td> 1142 5.1 1143 </td> 1144 <td> 1145 2015 7 28 1146 </td> 1147 </tr> 1148 </tbody> 1149 </table> 1150 <h3 id="elevation_of_privilege_vulnerability_in_media_player_framework"> 1151 1152 </h3> 1153 <p> 1154 1155 1156 . 3 1157 1158 . 1159 </p> 1160 <table> 1161 <tbody> 1162 <tr> 1163 <th> 1164 CVE 1165 </th> 1166 <th> 1167 AOSP 1168 </th> 1169 <th> 1170 1171 </th> 1172 <th> 1173 1174 </th> 1175 <th> 1176 1177 </th> 1178 </tr> 1179 <tr> 1180 <td> 1181 CVE-2015-3879 1182 </td> 1183 <td> 1184 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/aa4da6fa7ca2454f0713de0a5a583b5b8160166b"> 1185 ANDROID-23223325 1186 </a> 1187 [2]* 1188 </td> 1189 <td> 1190 1191 </td> 1192 <td> 1193 5.1 1194 </td> 1195 <td> 1196 2015 8 14 1197 </td> 1198 </tr> 1199 </tbody> 1200 </table> 1201 <p> 1202 * AOSP . 1203 <a href="https://developers.google.com/android/nexus/drivers"> 1204 Google 1205 </a> 1206 Nexus . 1207 </p> 1208 <h3 id="elevation_of_privilege_vulnerability_in_android_runtime"> 1209 Android 1210 </h3> 1211 <p> 1212 Android 1213 1214 . 3 1215 1216 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1217 1218 </a> 1219 1220 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1221 SignatureOrSystem 1222 </a> 1223 . 1224 </p> 1225 <table> 1226 <tbody> 1227 <tr> 1228 <th> 1229 CVE 1230 </th> 1231 <th> 1232 AOSP 1233 </th> 1234 <th> 1235 1236 </th> 1237 <th> 1238 1239 </th> 1240 <th> 1241 1242 </th> 1243 </tr> 1244 <tr> 1245 <td> 1246 CVE-2015-3865 1247 </td> 1248 <td> 1249 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/ff8dc21278b19b22ed8dc9f9475850838336d351"> 1250 ANDROID-23050463 1251 </a> 1252 [ 1253 <a href="https://android.googlesource.com/platform%2Fcts/+/3f7334822ba4cc53f81f22f3519093bf4e1d7f89"> 1254 2 1255 </a> 1256 ] 1257 </td> 1258 <td> 1259 1260 </td> 1261 <td> 1262 5.1 1263 </td> 1264 <td> 1265 2015 8 8 1266 </td> 1267 </tr> 1268 </tbody> 1269 </table> 1270 <h3 id="elevation_of_privilege_vulnerabilities_in_mediaserver"> 1271 1272 </h3> 1273 <p> 1274 1275 1276 . 3 1277 1278 . 1279 </p> 1280 <table> 1281 <tbody> 1282 <tr> 1283 <th> 1284 CVE 1285 </th> 1286 <th> 1287 AOSP 1288 </th> 1289 <th> 1290 1291 </th> 1292 <th> 1293 1294 </th> 1295 <th> 1296 1297 </th> 1298 </tr> 1299 <tr> 1300 <td rowspan="3"> 1301 CVE-2015-6596 1302 </td> 1303 <td> 1304 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b97ee930e4f7ed1587b869c92b4aa1dc90b641cc"> 1305 ANDROID-20731946 1306 </a> 1307 </td> 1308 <td rowspan="2"> 1309 1310 </td> 1311 <td rowspan="2"> 1312 5.1 1313 </td> 1314 <td rowspan="2"> 1315 1316 </td> 1317 </tr> 1318 <tr> 1319 <td> 1320 ANDROID-20719651* 1321 </td> 1322 </tr> 1323 <tr> 1324 <td> 1325 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/9ef830c6dbd4f6000b94abee3df14b9e27a38294"> 1326 ANDROID-19573085 1327 </a> 1328 </td> 1329 <td> 1330 1331 </td> 1332 <td> 1333 5.0 - 6.0 1334 </td> 1335 <td> 1336 Google 1337 </td> 1338 </tr> 1339 </tbody> 1340 </table> 1341 <p> 1342 * AOSP . 1343 <a href="https://developers.google.com/android/nexus/drivers"> 1344 Google 1345 </a> 1346 Nexus . 1347 </p> 1348 <h3 id="elevation_of_privilege_vulnerability_in_secure_element_evaluation_kit"> 1349 1350 </h3> 1351 <p> 1352 <a href="http://seek-for-android.github.io/"> 1353 SEEK 1354 </a> 1355 ( , SmartCard API ) 1356 . 1357 3 1358 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1359 1360 </a> 1361 1362 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1363 SignatureOrSystem 1364 </a> 1365 . 1366 </p> 1367 <table> 1368 <tbody> 1369 <tr> 1370 <th> 1371 CVE 1372 </th> 1373 <th> 1374 AOSP 1375 </th> 1376 <th> 1377 1378 </th> 1379 <th> 1380 1381 </th> 1382 <th> 1383 1384 </th> 1385 </tr> 1386 <tr> 1387 <td> 1388 CVE-2015-6606 1389 </td> 1390 <td> 1391 ANDROID-22301786* 1392 </td> 1393 <td> 1394 1395 </td> 1396 <td> 1397 5.1 1398 </td> 1399 <td> 1400 2015 6 30 1401 </td> 1402 </tr> 1403 </tbody> 1404 </table> 1405 <p> 1406 * 1407 <a href="http://seek-for-android.github.io/"> 1408 Android SEEK 1409 </a> 1410 . 1411 </p> 1412 <h3 id="elevation_of_privilege_vulnerability_in_media_projection"> 1413 1414 </h3> 1415 <p> 1416 1417 . 1418 . 1419 1420 . 1421 . 1422 </p> 1423 <table> 1424 <tbody> 1425 <tr> 1426 <th> 1427 CVE 1428 </th> 1429 <th> 1430 AOSP 1431 </th> 1432 <th> 1433 1434 </th> 1435 <th> 1436 1437 </th> 1438 <th> 1439 1440 </th> 1441 </tr> 1442 <tr> 1443 <td> 1444 CVE-2015-3878 1445 </td> 1446 <td> 1447 <a href="https://android.googlesource.com/platform/frameworks/base/+/b3145760db5d58a107fd1ffd8eeec67d983d45f3"> 1448 ANDROID-23345192 1449 </a> 1450 </td> 1451 <td> 1452 1453 </td> 1454 <td> 1455 5.0 - 6.0 1456 </td> 1457 <td> 1458 2015 8 18 1459 </td> 1460 </tr> 1461 </tbody> 1462 </table> 1463 <h3 id="elevation_of_privilege_vulnerability_in_bluetooth"> 1464 1465 </h3> 1466 <p> 1467 Android 1468 SMS . 1469 . 1470 </p> 1471 <table> 1472 <tbody> 1473 <tr> 1474 <th> 1475 CVE 1476 </th> 1477 <th> 1478 AOSP 1479 </th> 1480 <th> 1481 1482 </th> 1483 <th> 1484 1485 </th> 1486 <th> 1487 1488 </th> 1489 </tr> 1490 <tr> 1491 <td> 1492 CVE-2015-3847 1493 </td> 1494 <td> 1495 <a href="https://android.googlesource.com/platform%2Fpackages%2Fapps%2FBluetooth/+/19004c751f36aa2b01d3e03d4f761d8897542bd2"> 1496 ANDROID-22343270 1497 </a> 1498 </td> 1499 <td> 1500 1501 </td> 1502 <td> 1503 5.1 1504 </td> 1505 <td> 1506 2015 7 8 1507 </td> 1508 </tr> 1509 </tbody> 1510 </table> 1511 <h3 id="elevation_of_privilege_vulnerabilities_in_sqlite"> 1512 SQLite 1513 </h3> 1514 <p> 1515 SQLite . 1516 1517 SQL . 1518 1519 . 1520 </p> 1521 <p> 1522 2015 4 8 AOSP SQLite 1523 3.8.9 ( 1524 <a href="https://android-review.googlesource.com/#/c/145961/"> 1525 https://android-review.googlesource.com/#/c/145961/ 1526 </a> 1527 ). 1528 </p> 1529 <p> 1530 Android 4.4 SQLite (SQLite 3.7.11) 1531 Android 5.0 5.1 SQLite (SQLite 3.8.6) . 1532 </p> 1533 <table> 1534 <tbody> 1535 <tr> 1536 <th> 1537 CVE 1538 </th> 1539 <th> 1540 AOSP 1541 </th> 1542 <th> 1543 1544 </th> 1545 <th> 1546 1547 </th> 1548 <th> 1549 1550 </th> 1551 </tr> 1552 <tr> 1553 <td> 1554 CVE-2015-6607 1555 </td> 1556 <td> 1557 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsqlite/+/3fcd43a0f1ef02756029e12af3cb9ba9faa13364"> 1558 ANDROID-20099586 1559 </a> 1560 </td> 1561 <td> 1562 1563 </td> 1564 <td> 1565 5.1 1566 </td> 1567 <td> 1568 2015 4 7 1569 <br/> 1570 1571 </td> 1572 </tr> 1573 </tbody> 1574 </table> 1575 <h3 id="denial_of_service_vulnerabilities_in_mediaserver"> 1576 (DoS) 1577 </h3> 1578 <p> 1579 1580 . 1581 1582 . 1583 </p> 1584 <table> 1585 <tbody> 1586 <tr> 1587 <th> 1588 CVE 1589 </th> 1590 <th> 1591 AOSP 1592 </th> 1593 <th> 1594 1595 </th> 1596 <th> 1597 1598 </th> 1599 <th> 1600 1601 </th> 1602 </tr> 1603 <tr> 1604 <td rowspan="3"> 1605 CVE-2015-6605 1606 </td> 1607 <td> 1608 <a href="https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/36ec928f52271dd1feb4c86b18026564220629e9"> 1609 ANDROID-20915134 1610 </a> 1611 </td> 1612 <td rowspan="2"> 1613 1614 </td> 1615 <td rowspan="2"> 1616 5.1 1617 </td> 1618 <td rowspan="2"> 1619 Google 1620 </td> 1621 </tr> 1622 <tr> 1623 <td> 1624 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3ce293842fed1b3abd2ff0aecd2a0c70a55086ee"> 1625 ANDROID-23142203 1626 </a> 1627 </td> 1628 </tr> 1629 <tr> 1630 <td> 1631 <a href="https://android.googlesource.com/platform%2Fexternal%2Flibhevc/+/2b67e532653b815e2341a0ac0b59d1b0ef82170d"> 1632 ANDROID-22278703 1633 </a> 1634 </td> 1635 <td> 1636 1637 </td> 1638 <td> 1639 5.0 - 6.0 1640 </td> 1641 <td> 1642 Google 1643 </td> 1644 </tr> 1645 <tr> 1646 <td> 1647 CVE-2015-3862 1648 </td> 1649 <td> 1650 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f26400c9d01a0e2f71690d5ebc644270f098d590"> 1651 ANDROID-22954006 1652 </a> 1653 </td> 1654 <td> 1655 1656 </td> 1657 <td> 1658 5.1 1659 </td> 1660 <td> 1661 2015 8 2 1662 </td> 1663 </tr> 1664 </tbody> 1665 </table> 1666 <h2 id="revisions" style="margin-bottom:0px"> 1667 1668 </h2> 1669 <hr/> 1670 <ul> 1671 <li> 1672 2015 10 5: . 1673 </li> 1674 <li> 1675 2015 10 7: AOSP , CVE-2014-9028 1676 . 1677 </li> 1678 <li> 1679 2015 10 12: CVE-2015-3868, CVE-2015-3869, 1680 CVE-2015-3865, CVE-2015-3862 . 1681 </li> 1682 </ul> 1683 </div> 1684 <div class="content-footer-sac" itemscope="" itemtype="http://schema.org/SiteNavigationElement"> 1685 <div class="layout-content-col col-9" style="padding-top:4px"> 1686 </div> 1687 <div class="paging-links layout-content-col col-4"> 1688 </div> 1689 </div> 1690 </div> 1691
