1 page.title=Android 2016 12 2 @jd:body 3 <!-- 4 Copyright 2016 The Android Open Source Project 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 http://www.apache.org/licenses/LICENSE-2.0 9 Unless required by applicable law or agreed to in writing, software 10 distributed under the License is distributed on an "AS IS" BASIS, 11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 See the License for the specific language governing permissions and 13 limitations under the License. 14 --> 15 16 <p><em>2016 12 5 | 2016 12 7 </em></p> 17 <p> 18 Android Android 19 . (OTA) 20 Google . Google 21 <a href="https://developers.google.com/android/nexus/images">Google </a> . 2016 12 5 22 . <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 23 . 24 </p> 25 <p> 26 2016 11 7 . 27 Android (AOSP) 28 , . 29 30 AOSP . 31 </p> 32 <p> 33 , 34 35 . 36 </p> 37 <p> 38 39 . <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android 40 <a href="{@docRoot}security/enhancements/index.html">Android </a> 41 <a href="#mitigations">Android Google </a> . 42 </p> 43 <p> 44 . 45 </p> 46 <h2 id="announcements"></h2> 47 <ul> 48 <li> Android Android 49 50 . 51 <a href="#common-questions-and-answers"> </a> . 52 <ul> 53 <li><strong>2016-12-01</strong>: . 54 2016-12-01 55 .</li> 56 <li><strong>2016-12-05</strong>: . 57 2016-12-01 2016-12-05 58 .</li> 59 </ul> 60 </li> 61 <li> Google 2016 12 5 62 OTA .</li> 63 </ul> 64 <h2 id="security-vulnerability-summary"> </h2> 65 <p> 66 , ID(CVE), 67 Google 68 . <a href="{@docRoot}security/overview/updates-resources.html#severity"> </a> 69 70 71 . 72 </p> 73 <h3 id="2016-12-01-summary">2016-12-01 </h3> 74 <p> 75 2016-12-01 . 76 </p> 77 <table> 78 <col width="55%"> 79 <col width="20%"> 80 <col width="13%"> 81 <col width="12%"> 82 <tr> 83 <th></th> 84 <th>CVE</th> 85 <th></th> 86 <th>Google </th> 87 </tr> 88 <tr> 89 <td>CURL/LIBCURL </td> 90 <td>CVE-2016-5419, CVE-2016-5420, CVE-2016-5421</td> 91 <td></td> 92 <td></td> 93 </tr> 94 <tr> 95 <td>libziparchive </td> 96 <td>CVE-2016-6762</td> 97 <td></td> 98 <td></td> 99 </tr> 100 <tr> 101 <td> (DoS) </td> 102 <td>CVE-2016-6763</td> 103 <td></td> 104 <td></td> 105 </tr> 106 <tr> 107 <td> (DoS) </td> 108 <td>CVE-2016-6766, CVE-2016-6765, CVE-2016-6764, CVE-2016-6767</td> 109 <td></td> 110 <td></td> 111 </tr> 112 <tr> 113 <td>Framesequence </td> 114 <td>CVE-2016-6768</td> 115 <td></td> 116 <td></td> 117 </tr> 118 <tr> 119 <td>Smart Lock </td> 120 <td>CVE-2016-6769</td> 121 <td></td> 122 <td>*</td> 123 </tr> 124 <tr> 125 <td> API </td> 126 <td>CVE-2016-6770</td> 127 <td></td> 128 <td></td> 129 </tr> 130 <tr> 131 <td> </td> 132 <td>CVE-2016-6771</td> 133 <td></td> 134 <td></td> 135 </tr> 136 <tr> 137 <td>Wi-Fi </td> 138 <td>CVE-2016-6772</td> 139 <td></td> 140 <td></td> 141 </tr> 142 <tr> 143 <td> </td> 144 <td>CVE-2016-6773</td> 145 <td></td> 146 <td></td> 147 </tr> 148 <tr> 149 <td> </td> 150 <td>CVE-2016-6774</td> 151 <td></td> 152 <td></td> 153 </tr> 154 </table> 155 <p> 156 * Android 7.0 Google 157 . 158 </p> 159 <h3 id="2016-12-05-summary">2016-12-05 160 </h3> 161 <p> 162 2016-12-01 2016-12-05 163 . 164 </p> 165 <table> 166 <col width="55%"> 167 <col width="20%"> 168 <col width="13%"> 169 <col width="12%"> 170 <tr> 171 <th></th> 172 <th>CVE</th> 173 <th></th> 174 <th>Google </th> 175 </tr> 176 <tr> 177 <td> </td> 178 <td>CVE-2016-4794, CVE-2016-5195</td> 179 <td></td> 180 <td></td> 181 </tr> 182 <tr> 183 <td>NVIDIA GPU </td> 184 <td>CVE-2016-6775, CVE-2016-6776, CVE-2016-6777</td> 185 <td></td> 186 <td></td> 187 </tr> 188 <tr> 189 <td> </td> 190 <td>CVE-2015-8966</td> 191 <td></td> 192 <td>*</td> 193 </tr> 194 <tr> 195 <td>NVIDIA </td> 196 <td>CVE-2016-6915, CVE-2016-6916, CVE-2016-6917</td> 197 <td></td> 198 <td></td> 199 </tr> 200 <tr> 201 <td> ION </td> 202 <td>CVE-2016-9120</td> 203 <td></td> 204 <td></td> 205 </tr> 206 <tr> 207 <td>Qualcomm </td> 208 <td>CVE-2016-8411</td> 209 <td></td> 210 <td></td> 211 </tr> 212 <tr> 213 <td> </td> 214 <td>CVE-2014-4014</td> 215 <td></td> 216 <td></td> 217 </tr> 218 <tr> 219 <td> </td> 220 <td>CVE-2015-8967</td> 221 <td></td> 222 <td></td> 223 </tr> 224 <tr> 225 <td>HTC </td> 226 <td>CVE-2016-6778, CVE-2016-6779, CVE-2016-6780</td> 227 <td></td> 228 <td></td> 229 </tr> 230 <tr> 231 <td>MediaTek </td> 232 <td>CVE-2016-6492, CVE-2016-6781, CVE-2016-6782, CVE-2016-6783, 233 CVE-2016-6784, CVE-2016-6785</td> 234 <td></td> 235 <td>*</td> 236 </tr> 237 <tr> 238 <td>Qualcomm </td> 239 <td>CVE-2016-6761, CVE-2016-6760, CVE-2016-6759, CVE-2016-6758</td> 240 <td></td> 241 <td></td> 242 </tr> 243 <tr> 244 <td>Qualcomm </td> 245 <td>CVE-2016-6755</td> 246 <td></td> 247 <td></td> 248 </tr> 249 <tr> 250 <td> </td> 251 <td>CVE-2016-6786, CVE-2016-6787</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td>MediaTek I2C </td> 257 <td>CVE-2016-6788</td> 258 <td></td> 259 <td>*</td> 260 </tr> 261 <tr> 262 <td>NVIDIA libomx </td> 263 <td>CVE-2016-6789, CVE-2016-6790</td> 264 <td></td> 265 <td></td> 266 </tr> 267 <tr> 268 <td>Qualcomm </td> 269 <td>CVE-2016-6791, CVE-2016-8391, CVE-2016-8392</td> 270 <td></td> 271 <td></td> 272 </tr> 273 <tr> 274 <td> </td> 275 <td>CVE-2015-7872</td> 276 <td></td> 277 <td></td> 278 </tr> 279 <tr> 280 <td>Synaptics </td> 281 <td>CVE-2016-8393, CVE-2016-8394</td> 282 <td></td> 283 <td></td> 284 </tr> 285 <tr> 286 <td>Broadcom Wi-Fi </td> 287 <td>CVE-2014-9909, CVE-2014-9910</td> 288 <td></td> 289 <td>*</td> 290 </tr> 291 <tr> 292 <td>MediaTek </td> 293 <td>CVE-2016-8396</td> 294 <td></td> 295 <td>*</td> 296 </tr> 297 <tr> 298 <td>NVIDIA </td> 299 <td>CVE-2016-8397</td> 300 <td></td> 301 <td></td> 302 </tr> 303 <tr> 304 <td>GPS (DoS) </td> 305 <td>CVE-2016-5341</td> 306 <td></td> 307 <td></td> 308 </tr> 309 <tr> 310 <td>NVIDIA (DoS) </td> 311 <td>CVE-2016-8395</td> 312 <td></td> 313 <td></td> 314 </tr> 315 <tr> 316 <td> </td> 317 <td>CVE-2016-8399</td> 318 <td></td> 319 <td></td> 320 </tr> 321 <tr> 322 <td>Qualcomm </td> 323 <td>CVE-2016-6756, CVE-2016-6757</td> 324 <td></td> 325 <td></td> 326 </tr> 327 <tr> 328 <td>NVIDIA librm </td> 329 <td>CVE-2016-8400</td> 330 <td></td> 331 <td></td> 332 </tr> 333 <tr> 334 <td> </td> 335 <td>CVE-2016-8401, CVE-2016-8402, CVE-2016-8403, CVE-2016-8404, 336 CVE-2016-8405, CVE-2016-8406, CVE-2016-8407</td> 337 <td></td> 338 <td></td> 339 </tr> 340 <tr> 341 <td>NVIDIA </td> 342 <td>CVE-2016-8408, CVE-2016-8409</td> 343 <td></td> 344 <td></td> 345 </tr> 346 <tr> 347 <td>Qualcomm </td> 348 <td>CVE-2016-8410</td> 349 <td></td> 350 <td></td> 351 </tr> 352 </table> 353 <p> 354 * Android 7.0 Google 355 . 356 </p> 357 <h2 id="mitigations">Android Google </h2> 358 <p> 359 SafetyNet <a href="{@docRoot}security/enhancements/index.html">Android </a> 360 . 361 Android 362 . 363 </p> 364 <ul> 365 <li>Android Android 366 . Android 367 .</li> 368 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"> </a> 369 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> 370 . <a href="http://www.android.com/gms">Google </a> 371 Google Play 372 . Google 373 Play 374 375 . 376 377 . 378 .</li> 379 <li> Google 380 .</li> 381 </ul> 382 383 <h2 id="acknowledgements"> </h2> 384 <p> 385 . 386 </p> 387 388 <ul> 389 <li>Alibaba Mobile Security Group Baozeng Ding, Chengming Yang, Peng Xiao, 390 Ning You, Yang Dong, Chao Yang, Yi Zhang, Yang Song: CVE-2016-6783, 391 CVE-2016-6784, CVE-2016-6785</li> 392 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>, Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6789, CVE-2016-6790</li> 393 <li>Christian Seel: CVE-2016-6769</li> 394 <li>Google David Benjamin, Kenny Root: CVE-2016-6767</li> 395 <li>Tencent, KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>) 396 Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-6776, 397 CVE-2016-6787</li> 398 <li><a href="http://www.ms509.com">MS509Team</a> En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>): CVE-2016-6763</li> 399 <li>Qihoo 360 Technology Co. Ltd., 400 IceSword Lab Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), 401 <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6779, CVE-2016-6778, CVE-2016-8401, CVE-2016-8402, 402 CVE-2016-8403, CVE-2016-8409, CVE-2016-8408, CVE-2016-8404</li> 403 <li>Qihoo 360 Technology Co. Ltd, IceSword Lab Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: 404 CVE-2016-6788, CVE-2016-6781, CVE-2016-6782, CVE-2016-8396</li> 405 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a>, <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>, <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6791, CVE-2016-8391, 406 CVE-2016-8392</li> 407 <li>Project Zero Mark Brand: CVE-2016-6772</li> 408 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>: 409 CVE-2016-6770, CVE-2016-6774</li> 410 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6761, CVE-2016-6759, 411 CVE-2016-8400</li> 412 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6760</li> 413 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6759</li> 414 <li>Tesla Motors Product Security Team Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): 415 CVE-2016-6915, CVE-2016-6916, CVE-2016-6917</li> 416 <li>Nightwatch Cybersecurity Research(<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>): CVE-2016-5341</li> 417 <li>Baidu X-Lab Pengfei Ding(), Chenfu Bao(), Lenx Wei(): 418 CVE-2016-6755, CVE-2016-6756</li> 419 <li>Trend Micro Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): 420 CVE-2016-8397, CVE-2016-8405, CVE-2016-8406, CVE-2016-8407</li> 421 <li>Tencent, KeenLab() 422 Qidan He()(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2016-8399, CVE-2016-8395</li> 423 <li>Tencent, KeenLab() 424 Qidan He()(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>), 425 Marco Grassi(<a href="https://twitter.com/marcograss">@marcograss</a>): CVE-2016-6768</li> 426 <li>Richard Shupak: CVE-2016-5341</li> 427 <li>IBM X-Force Research Sagi Kedmi: CVE-2016-8393, CVE-2016-8394</li> 428 <li>Trend Micro Inc., Mobile Threat Research Team 429 Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-6757</li> 430 <li>Alibaba Inc. Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): 431 CVE-2016-6773</li> 432 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6765</li> 433 <li><a href="http://www.trendmicro.com">Trend Micro Inc.</a>, <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile Threat Response Team</a> 434 Wish Wu(<a href="https://twitter.com/wish_wu">@wish_wu</a>)(<a href="http://weibo.com/wishlinux"></a>): 435 CVE-2016-6704</li> 436 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6786, CVE-2016-6780, 437 CVE-2016-6775</li> 438 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6777</li> 439 <li>Tencent Security Platform Department Yuxiang Li: CVE-2016-6771</li> 440 <li>Qihoo 360 Technology Co.Ltd., Chengdu Security Response Center 441 Zhe Jin(): CVE-2016-6764, CVE-2016-6766</li> 442 <li>Qihoo 360 Technology Co. Ltd., Chengdu Security 443 Response Center <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: CVE-2016-6762</li> 444 </ul> 445 <p> 446 Bottle Tech MengLuo Gou(<a href="https://twitter.com/idhyt3r">@idhyt3r</a>) 447 Google Yong Wang()(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>), Zubin Mithra 448 . 449 </p> 450 451 <h2 id="2016-12-01-details">2016-12-01 452 </h2> 453 <p> 454 <a href="#2016-12-01-summary">2016-12-01 455 </a> 456 . 457 , CVE, 458 , , Google , 459 AOSP ( ), 460 . 461 AOSP ID 462 . 463 ID .</p> 464 465 466 <h3 id="rce-in-curl-libcurl">CURL/LIBCURL 467 </h3> 468 <p> 469 CURL LIBCURL 470 . 471 472 . 473 . 474 </p> 475 476 <table> 477 <col width="18%"> 478 <col width="18%"> 479 <col width="10%"> 480 <col width="19%"> 481 <col width="17%"> 482 <col width="17%"> 483 <tr> 484 <th>CVE</th> 485 <th></th> 486 <th></th> 487 <th> Google </th> 488 <th> AOSP </th> 489 <th> </th> 490 </tr> 491 <tr> 492 <td>CVE-2016-5419</td> 493 <td>A-31271247</td> 494 <td></td> 495 <td></td> 496 <td>7.0</td> 497 <td>2016 8 3</td> 498 </tr> 499 <tr> 500 <td>CVE-2016-5420</td> 501 <td>A-31271247</td> 502 <td></td> 503 <td></td> 504 <td>7.0</td> 505 <td>2016 8 3</td> 506 </tr> 507 <tr> 508 <td>CVE-2016-5421</td> 509 <td>A-31271247</td> 510 <td></td> 511 <td></td> 512 <td>7.0</td> 513 <td>2016 8 3</td> 514 </tr> 515 </table> 516 517 518 <h3 id="eop-in-libziparchive">libziparchive 519 </h3> 520 <p> 521 libziparchive 522 523 . 524 525 . 526 </p> 527 528 <table> 529 <col width="18%"> 530 <col width="18%"> 531 <col width="10%"> 532 <col width="19%"> 533 <col width="17%"> 534 <col width="17%"> 535 <tr> 536 <th>CVE</th> 537 <th></th> 538 <th></th> 539 <th> Google </th> 540 <th> AOSP </th> 541 <th> </th> 542 </tr> 543 <tr> 544 <td>CVE-2016-6762</td> 545 <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c"> 546 A-31251826</a> 547 [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>] 548 </td> 549 <td></td> 550 <td></td> 551 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 552 <td>2016 8 28</td> 553 </tr> 554 </table> 555 556 557 <h3 id="dos-in-telephony"> (DoS) </h3> 558 <p> 559 (DoS) 560 . 561 562 . 563 </p> 564 565 <table> 566 <col width="18%"> 567 <col width="18%"> 568 <col width="10%"> 569 <col width="19%"> 570 <col width="17%"> 571 <col width="17%"> 572 <tr> 573 <th>CVE</th> 574 <th></th> 575 <th></th> 576 <th> Google </th> 577 <th> AOSP </th> 578 <th> </th> 579 </tr> 580 <tr> 581 <td>CVE-2016-6763</td> 582 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1294620627b1e9afdf4bd0ad51c25ed3daf80d84"> 583 A-31530456</a></td> 584 <td></td> 585 <td></td> 586 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 587 <td>2016 9 12</td> 588 </tr> 589 </table> 590 591 592 <h3 id="dos-in-mediaserver"> (DoS) </h3> 593 <p> 594 (DoS) 595 . 596 . 597 </p> 598 599 <table> 600 <col width="18%"> 601 <col width="18%"> 602 <col width="10%"> 603 <col width="19%"> 604 <col width="17%"> 605 <col width="17%"> 606 <tr> 607 <th>CVE</th> 608 <th></th> 609 <th></th> 610 <th> Google </th> 611 <th> AOSP </th> 612 <th> </th> 613 </tr> 614 <tr> 615 <td>CVE-2016-6766 </td> 616 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 617 A-31318219</a></td> 618 <td></td> 619 <td></td> 620 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 621 <td>2016 9 5</td> 622 </tr> 623 <tr> 624 <td>CVE-2016-6765</td> 625 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/fd9cc97d4dfe2a2fbce2c0f1704d7a27ce7cbc44"> 626 A-31449945</a></td> 627 <td></td> 628 <td></td> 629 <td>4.4.4, 5.0.2, 5.1.1, 7.0</td> 630 <td>2016 9 13</td> 631 </tr> 632 <tr> 633 <td>CVE-2016-6764</td> 634 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 635 A-31681434</a></td> 636 <td></td> 637 <td></td> 638 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 639 <td>2016 9 22</td> 640 </tr> 641 <tr> 642 <td>CVE-2016-6767</td> 643 <td>A-31833604</td> 644 <td></td> 645 <td>*</td> 646 <td>4.4.4</td> 647 <td>Google </td> 648 </tr> 649 </table> 650 651 <p> 652 * Android 7.0 Google 653 . 654 </p> 655 656 657 <h3 id="rce-in-framesequence-library">Framesequence 658 </h3> 659 <p> 660 Framesequence 661 662 . Framesequence 663 664 . 665 </p> 666 667 <table> 668 <col width="18%"> 669 <col width="18%"> 670 <col width="10%"> 671 <col width="19%"> 672 <col width="17%"> 673 <col width="17%"> 674 <tr> 675 <th>CVE</th> 676 <th></th> 677 <th></th> 678 <th> Google </th> 679 <th> AOSP </th> 680 <th> </th> 681 </tr> 682 <tr> 683 <td>CVE-2016-6768</td> 684 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/0ada9456d0270cb0e357a43d9187a6418d770760"> 685 A-31631842</a></td> 686 <td></td> 687 <td></td> 688 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 689 <td>2016 9 19</td> 690 </tr> 691 </table> 692 693 694 <h3 id="eop-in-smart-lock">Smart Lock 695 </h3> 696 <p> 697 Smart Lock PIN 698 Smart Lock . 699 Smart Lock 700 . 701 </p> 702 703 <table> 704 <col width="18%"> 705 <col width="18%"> 706 <col width="10%"> 707 <col width="19%"> 708 <col width="17%"> 709 <col width="17%"> 710 <tr> 711 <th>CVE</th> 712 <th></th> 713 <th></th> 714 <th> Google </th> 715 <th> AOSP </th> 716 <th> </th> 717 </tr> 718 <tr> 719 <td>CVE-2016-6769</td> 720 <td>A-29055171</td> 721 <td></td> 722 <td>*</td> 723 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 724 <td>2016 5 27</td> 725 </tr> 726 </table> 727 <p> 728 * Android 7.0 Google 729 . 730 </p> 731 732 733 <h3 id="eop-in-framework-apis"> API 734 </h3> 735 <p> 736 API 737 . 738 739 . 740 </p> 741 742 <table> 743 <col width="18%"> 744 <col width="18%"> 745 <col width="10%"> 746 <col width="19%"> 747 <col width="17%"> 748 <col width="17%"> 749 <tr> 750 <th>CVE</th> 751 <th></th> 752 <th></th> 753 <th> Google </th> 754 <th> AOSP </th> 755 <th> </th> 756 </tr> 757 <tr> 758 <td>CVE-2016-6770</td> 759 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc"> 760 A-30202228</a></td> 761 <td></td> 762 <td></td> 763 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 764 <td>2016 7 16</td> 765 </tr> 766 </table> 767 768 769 <h3 id="eop-in-telephony"> 770 </h3> 771 <p> 772 773 . 774 . 775 </p> 776 777 <table> 778 <col width="18%"> 779 <col width="18%"> 780 <col width="10%"> 781 <col width="19%"> 782 <col width="17%"> 783 <col width="17%"> 784 <tr> 785 <th>CVE</th> 786 <th></th> 787 <th></th> 788 <th> Google </th> 789 <th> AOSP </th> 790 <th> </th> 791 </tr> 792 <tr> 793 <td>CVE-2016-6771</td> 794 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a39ff9526aee6f2ea4f6e02412db7b33d486fd7d"> 795 A-31566390</a></td> 796 <td></td> 797 <td></td> 798 <td>6.0, 6.0.1, 7.0</td> 799 <td>2016 9 17</td> 800 </tr> 801 </table> 802 803 804 <h3 id="eop-in-wi-fi">Wi-Fi </h3> 805 <p> 806 Wi-Fi 807 808 . 809 . 810 </p> 811 812 <table> 813 <col width="18%"> 814 <col width="18%"> 815 <col width="10%"> 816 <col width="19%"> 817 <col width="17%"> 818 <col width="17%"> 819 <tr> 820 <th>CVE</th> 821 <th></th> 822 <th></th> 823 <th> Google </th> 824 <th> AOSP </th> 825 <th> </th> 826 </tr> 827 <tr> 828 <td>CVE-2016-6772</td> 829 <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484"> 830 A-31856351</a> 831 [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> 832 <td></td> 833 <td></td> 834 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 835 <td>2016 9 30</td> 836 </tr> 837 </table> 838 839 840 <h3 id="id-in-mediaserver"> 841 </h3> 842 <p> 843 844 . 845 846 . 847 </p> 848 849 <table> 850 <col width="18%"> 851 <col width="18%"> 852 <col width="10%"> 853 <col width="19%"> 854 <col width="17%"> 855 <col width="17%"> 856 <tr> 857 <th>CVE</th> 858 <th></th> 859 <th></th> 860 <th> Google </th> 861 <th> AOSP </th> 862 <th> </th> 863 </tr> 864 <tr> 865 <td>CVE-2016-6773</td> 866 <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0"> 867 A-30481714</a> 868 [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> 869 <td></td> 870 <td></td> 871 <td>6.0, 6.0.1, 7.0</td> 872 <td>2016 7 27</td> 873 </tr> 874 </table> 875 876 877 <h3 id="id-in-package-manager"> 878 </h3> 879 <p> 880 881 882 . 883 . 884 </p> 885 886 <table> 887 <col width="18%"> 888 <col width="18%"> 889 <col width="10%"> 890 <col width="19%"> 891 <col width="17%"> 892 <col width="17%"> 893 <tr> 894 <th>CVE</th> 895 <th></th> 896 <th></th> 897 <th> Google </th> 898 <th> AOSP </th> 899 <th> </th> 900 </tr> 901 <tr> 902 <td>CVE-2016-6774</td> 903 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e2d4f5fc313ecb4ba587b20fff6d346f8cd51775"> 904 A-31251489</a></td> 905 <td></td> 906 <td></td> 907 <td>7.0</td> 908 <td>2016 8 29</td> 909 </tr> 910 </table> 911 912 913 <h2 id="2016-12-05-details">2016-12-05 914 </h2> 915 <p> 916 <a href="#2016-12-05-summary">2016-12-05 917 </a> 918 . , 919 CVE, , , Google , 920 AOSP ( ), . 921 AOSP ID 922 . 923 ID .</p> 924 925 <h3 id="eop-in-kernel-memory-subsystem"> 926 </h3> 927 <p> 928 929 930 . 931 , 932 . 933 </p> 934 935 <table> 936 <col width="19%"> 937 <col width="20%"> 938 <col width="10%"> 939 <col width="23%"> 940 <col width="17%"> 941 <tr> 942 <th>CVE</th> 943 <th></th> 944 <th></th> 945 <th> Google </th> 946 <th> </th> 947 </tr> 948 <tr> 949 <td>CVE-2016-4794</td> 950 <td>A-31596597<br> 951 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"> 952 </a> 953 [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> 954 <td></td> 955 <td>Pixel C, Pixel, Pixel XL</td> 956 <td>2016 4 17</td> 957 </tr> 958 <tr> 959 <td>CVE-2016-5195</td> 960 <td>A-32141528<br> 961 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> 962 </a> 963 [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> 964 <td></td> 965 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 966 Player, Pixel, Pixel XL</td> 967 <td>2016 10 12</td> 968 </tr> 969 </table> 970 971 972 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 973 </h3> 974 <p> 975 NVIDIA GPU 976 977 . 978 , 979 . 980 </p> 981 982 <table> 983 <col width="19%"> 984 <col width="20%"> 985 <col width="10%"> 986 <col width="23%"> 987 <col width="17%"> 988 <tr> 989 <th>CVE</th> 990 <th></th> 991 <th></th> 992 <th> Google </th> 993 <th> </th> 994 </tr> 995 <tr> 996 <td>CVE-2016-6775</td> 997 <td>A-31222873*<br>N-CVE-2016-6775</td> 998 <td></td> 999 <td>Nexus 9</td> 1000 <td>2016 8 25</td> 1001 </tr> 1002 <tr> 1003 <td>CVE-2016-6776</td> 1004 <td>A-31680980*<br>N-CVE-2016-6776</td> 1005 <td></td> 1006 <td>Nexus 9</td> 1007 <td>2016 9 22</td> 1008 </tr> 1009 <tr> 1010 <td>CVE-2016-6777</td> 1011 <td>A-31910462*<br>N-CVE-2016-6777</td> 1012 <td></td> 1013 <td>Nexus 9</td> 1014 <td>2016 10 3</td> 1015 </tr> 1016 </table> 1017 <p> 1018 * . 1019 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1020 . 1021 </p> 1022 1023 <h3 id="eop-in-kernel"> </h3> 1024 <p> 1025 1026 1027 . 1028 , 1029 . 1030 </p> 1031 1032 <table> 1033 <col width="19%"> 1034 <col width="20%"> 1035 <col width="10%"> 1036 <col width="23%"> 1037 <col width="17%"> 1038 <tr> 1039 <th>CVE</th> 1040 <th></th> 1041 <th></th> 1042 <th> Google </th> 1043 <th> </th> 1044 </tr> 1045 <tr> 1046 <td>CVE-2015-8966</td> 1047 <td>A-31435731<br> 1048 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> 1049 </a></td> 1050 <td></td> 1051 <td>*</td> 1052 <td>2016 9 10</td> 1053 </tr> 1054 </table> 1055 <p> 1056 * Android 7.0 Google 1057 . 1058 </p> 1059 1060 1061 <h3 id="eop-in-nvidia-video-driver">NVIDIA 1062 </h3> 1063 <p> 1064 NVIDIA 1065 1066 . 1067 , 1068 . 1069 </p> 1070 1071 <table> 1072 <col width="19%"> 1073 <col width="20%"> 1074 <col width="10%"> 1075 <col width="23%"> 1076 <col width="17%"> 1077 <tr> 1078 <th>CVE</th> 1079 <th></th> 1080 <th></th> 1081 <th> Google </th> 1082 <th> </th> 1083 </tr> 1084 <tr> 1085 <td>CVE-2016-6915</td> 1086 <td>A-31471161* 1087 <br>N-CVE-2016-6915</td> 1088 <td></td> 1089 <td>Nexus 9</td> 1090 <td>2016 9 13</td> 1091 </tr> 1092 <tr> 1093 <td>CVE-2016-6916</td> 1094 <td>A-32072350* 1095 <br>N-CVE-2016-6916</td> 1096 <td></td> 1097 <td>Nexus 9, Pixel C</td> 1098 <td>2016 9 13</td> 1099 </tr> 1100 <tr> 1101 <td>CVE-2016-6917</td> 1102 <td>A-32072253* 1103 <br>N-CVE-2016-6917</td> 1104 <td></td> 1105 <td>Nexus 9</td> 1106 <td>2016 9 13</td> 1107 </tr> 1108 </table> 1109 <p> 1110 * . 1111 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1112 . 1113 </p> 1114 1115 <h3 id="eop-in-kernel-ion-driver"> ION 1116 </h3> 1117 <p> 1118 ION 1119 . 1120 , 1121 . 1122 </p> 1123 1124 <table> 1125 <col width="19%"> 1126 <col width="20%"> 1127 <col width="10%"> 1128 <col width="23%"> 1129 <col width="17%"> 1130 <tr> 1131 <th>CVE</th> 1132 <th></th> 1133 <th></th> 1134 <th> Google </th> 1135 <th> </th> 1136 </tr> 1137 <tr> 1138 <td>CVE-2016-9120</td> 1139 <td>A-31568617<br> 1140 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> 1141 </a></td> 1142 <td></td> 1143 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player</td> 1144 <td>2016 9 16</td> 1145 </tr> 1146 </table> 1147 1148 <h3>Qualcomm </h3> 1149 <p> 1150 Qualcomm Qualcomm AMSS 2015 11 1151 . 1152 </p> 1153 <table> 1154 <col width="19%"> 1155 <col width="20%"> 1156 <col width="10%"> 1157 <col width="23%"> 1158 <col width="17%"> 1159 <tr> 1160 <th>CVE</th> 1161 <th></th> 1162 <th>*</th> 1163 <th> Google </th> 1164 <th> </th> 1165 </tr> 1166 <tr> 1167 <td>CVE-2016-8411</td> 1168 <td>A-31805216**</td> 1169 <td></td> 1170 <td>Nexus 6, Nexus 6P, Android One</td> 1171 <td>Qualcomm </td> 1172 </tr> 1173 </table> 1174 <p>* .</p> 1175 <p>** . 1176 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1177 . 1178 </p> 1179 1180 <h3 id="eop-in-kernel-file-system"> 1181 </h3> 1182 <p> 1183 1184 1185 . 1186 1187 . 1188 </p> 1189 1190 <table> 1191 <col width="19%"> 1192 <col width="20%"> 1193 <col width="10%"> 1194 <col width="23%"> 1195 <col width="17%"> 1196 <tr> 1197 <th>CVE</th> 1198 <th></th> 1199 <th></th> 1200 <th> Google </th> 1201 <th> </th> 1202 </tr> 1203 <tr> 1204 <td>CVE-2014-4014</td> 1205 <td>A-31252187<br> 1206 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> 1207 </a></td> 1208 <td></td> 1209 <td>Nexus 6, Nexus Player</td> 1210 <td>2014 6 10</td> 1211 </tr> 1212 </table> 1213 1214 1215 <h3 id="eop-in-kernel-2"> </h3> 1216 <p> 1217 1218 1219 . 1220 . 1221 </p> 1222 1223 <table> 1224 <col width="19%"> 1225 <col width="20%"> 1226 <col width="10%"> 1227 <col width="23%"> 1228 <col width="17%"> 1229 <tr> 1230 <th>CVE</th> 1231 <th></th> 1232 <th></th> 1233 <th> Google </th> 1234 <th> </th> 1235 </tr> 1236 <tr> 1237 <td>CVE-2015-8967</td> 1238 <td>A-31703084<br> 1239 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> 1240 </a></td> 1241 <td></td> 1242 <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Pixel, Pixel XL</td> 1243 <td>2015 1 8</td> 1244 </tr> 1245 </table> 1246 1247 1248 <h3 id="eop-in-htc-sound-codec-driver">HTC 1249 </h3> 1250 <p> 1251 HTC 1252 1253 . 1254 . 1255 </p> 1256 1257 <table> 1258 <col width="19%"> 1259 <col width="20%"> 1260 <col width="10%"> 1261 <col width="23%"> 1262 <col width="17%"> 1263 <tr> 1264 <th>CVE</th> 1265 <th></th> 1266 <th></th> 1267 <th> Google </th> 1268 <th> </th> 1269 </tr> 1270 <tr> 1271 <td>CVE-2016-6778</td> 1272 <td>A-31384646*</td> 1273 <td></td> 1274 <td>Nexus 9</td> 1275 <td>2016 2 25</td> 1276 </tr> 1277 <tr> 1278 <td>CVE-2016-6779</td> 1279 <td>A-31386004*</td> 1280 <td></td> 1281 <td>Nexus 9</td> 1282 <td>2016 2 25</td> 1283 </tr> 1284 <tr> 1285 <td>CVE-2016-6780</td> 1286 <td>A-31251496*</td> 1287 <td></td> 1288 <td>Nexus 9</td> 1289 <td>2016 8 30</td> 1290 </tr> 1291 </table> 1292 <p> 1293 * . 1294 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1295 . 1296 </p> 1297 1298 <h3 id="eop-in-mediatek-driver">MediaTek 1299 </h3> 1300 <p> 1301 MediaTek 1302 1303 . 1304 . 1305 </p> 1306 1307 <table> 1308 <col width="19%"> 1309 <col width="20%"> 1310 <col width="10%"> 1311 <col width="23%"> 1312 <col width="17%"> 1313 <tr> 1314 <th>CVE</th> 1315 <th></th> 1316 <th></th> 1317 <th> Google </th> 1318 <th> </th> 1319 </tr> 1320 <tr> 1321 <td>CVE-2016-6492</td> 1322 <td>A-28175122<br>MT-ALPS02696413</td> 1323 <td></td> 1324 <td>*</td> 1325 <td>2016 4 11</td> 1326 </tr> 1327 <tr> 1328 <td>CVE-2016-6781</td> 1329 <td>A-31095175<br>MT-ALPS02943455</td> 1330 <td></td> 1331 <td>*</td> 1332 <td>2016 8 22</td> 1333 </tr> 1334 <tr> 1335 <td>CVE-2016-6782</td> 1336 <td>A-31224389<br>MT-ALPS02943506</td> 1337 <td></td> 1338 <td>*</td> 1339 <td>2016 8 24</td> 1340 </tr> 1341 <tr> 1342 <td>CVE-2016-6783</td> 1343 <td>A-31350044<br>MT-ALPS02943437</td> 1344 <td></td> 1345 <td>*</td> 1346 <td>2016 9 6</td> 1347 </tr> 1348 <tr> 1349 <td>CVE-2016-6784</td> 1350 <td>A-31350755<br>MT-ALPS02961424</td> 1351 <td></td> 1352 <td>*</td> 1353 <td>2016 9 6</td> 1354 </tr> 1355 <tr> 1356 <td>CVE-2016-6785</td> 1357 <td>A-31748056<br>MT-ALPS02961400</td> 1358 <td></td> 1359 <td>*</td> 1360 <td>2016 9 25</td> 1361 </tr> 1362 </table> 1363 <p> 1364 * Android 7.0 Google 1365 . 1366 </p> 1367 1368 1369 <h3 id="eop-in-qualcomm-media-codecs">Qualcomm 1370 </h3> 1371 <p> 1372 Qualcomm 1373 1374 . 1375 1376 . 1377 </p> 1378 1379 <table> 1380 <col width="19%"> 1381 <col width="20%"> 1382 <col width="10%"> 1383 <col width="23%"> 1384 <col width="17%"> 1385 <tr> 1386 <th>CVE</th> 1387 <th></th> 1388 <th></th> 1389 <th> Google </th> 1390 <th> </th> 1391 </tr> 1392 <tr> 1393 <td>CVE-2016-6761</td> 1394 <td>A-29421682* 1395 <br>QC-CR#1055792</td> 1396 <td></td> 1397 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1398 Pixel XL</td> 1399 <td>2016 6 16</td> 1400 </tr> 1401 <tr> 1402 <td>CVE-2016-6760</td> 1403 <td>A-29617572* 1404 <br>QC-CR#1055783</td> 1405 <td></td> 1406 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1407 Pixel XL</td> 1408 <td>2016 6 23</td> 1409 </tr> 1410 <tr> 1411 <td>CVE-2016-6759</td> 1412 <td>A-29982686* 1413 <br>QC-CR#1055766</td> 1414 <td></td> 1415 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1416 Pixel XL</td> 1417 <td>2016 7 4</td> 1418 </tr> 1419 <tr> 1420 <td>CVE-2016-6758</td> 1421 <td>A-30148882* 1422 <br>QC-CR#1071731</td> 1423 <td></td> 1424 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1425 Pixel XL</td> 1426 <td>2016 7 13</td> 1427 </tr> 1428 </table> 1429 <p> 1430 * . 1431 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1432 . 1433 </p> 1434 1435 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm 1436 </h3> 1437 <p> 1438 Qualcomm 1439 1440 . 1441 . 1442 </p> 1443 1444 <table> 1445 <col width="19%"> 1446 <col width="20%"> 1447 <col width="10%"> 1448 <col width="23%"> 1449 <col width="17%"> 1450 <tr> 1451 <th>CVE</th> 1452 <th></th> 1453 <th></th> 1454 <th> Google </th> 1455 <th> </th> 1456 </tr> 1457 <tr> 1458 <td>CVE-2016-6755</td> 1459 <td>A-30740545<br> 1460 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> 1461 QC-CR#1065916</a></td> 1462 <td></td> 1463 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1464 <td>2016 8 3</td> 1465 </tr> 1466 </table> 1467 1468 1469 <h3 id="eop-in-kernel-performance-subsystem"> 1470 </h3> 1471 <p> 1472 1473 . 1474 . 1475 </p> 1476 1477 <table> 1478 <col width="19%"> 1479 <col width="20%"> 1480 <col width="10%"> 1481 <col width="23%"> 1482 <col width="17%"> 1483 <tr> 1484 <th>CVE</th> 1485 <th></th> 1486 <th></th> 1487 <th> Google </th> 1488 <th> </th> 1489 </tr> 1490 <tr> 1491 <td>CVE-2016-6786</td> 1492 <td>A-30955111 1493 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"> </a></td> 1494 <td></td> 1495 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 1496 Player, Pixel, Pixel XL</td> 1497 <td>2016 8 18</td> 1498 </tr> 1499 <tr> 1500 <td>CVE-2016-6787</td> 1501 <td>A-31095224 1502 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"> </a></td> 1503 <td></td> 1504 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 1505 Player, Pixel, Pixel XL</td> 1506 <td>2016 8 22</td> 1507 </tr> 1508 </table> 1509 1510 1511 <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C 1512 </h3> 1513 <p> 1514 MediaTek I2C 1515 1516 . 1517 . 1518 </p> 1519 1520 <table> 1521 <col width="19%"> 1522 <col width="20%"> 1523 <col width="10%"> 1524 <col width="23%"> 1525 <col width="17%"> 1526 <tr> 1527 <th>CVE</th> 1528 <th></th> 1529 <th></th> 1530 <th> Google </th> 1531 <th> </th> 1532 </tr> 1533 <tr> 1534 <td>CVE-2016-6788</td> 1535 <td>A-31224428<br>MT-ALPS02943467</td> 1536 <td></td> 1537 <td>*</td> 1538 <td>2016 8 24</td> 1539 </tr> 1540 </table> 1541 <p> 1542 * Android 7.0 Google 1543 . 1544 </p> 1545 1546 1547 <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx 1548 </h3> 1549 <p> 1550 NVIDIA libomx (libnvomx) 1551 1552 . 1553 1554 . 1555 </p> 1556 1557 <table> 1558 <col width="19%"> 1559 <col width="20%"> 1560 <col width="10%"> 1561 <col width="23%"> 1562 <col width="17%"> 1563 <tr> 1564 <th>CVE</th> 1565 <th></th> 1566 <th></th> 1567 <th> Google </th> 1568 <th> </th> 1569 </tr> 1570 <tr> 1571 <td>CVE-2016-6789</td> 1572 <td>A-31251973* 1573 <br>N-CVE-2016-6789</td> 1574 <td></td> 1575 <td>Pixel C</td> 1576 <td>2016 8 29</td> 1577 </tr> 1578 <tr> 1579 <td>CVE-2016-6790</td> 1580 <td>A-31251628* 1581 <br>N-CVE-2016-6790</td> 1582 <td></td> 1583 <td>Pixel C</td> 1584 <td>2016 8 28</td> 1585 </tr> 1586 </table> 1587 <p> 1588 * . 1589 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1590 . 1591 </p> 1592 1593 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm 1594 </h3> 1595 <p> 1596 Qualcomm 1597 1598 . 1599 . 1600 </p> 1601 1602 <table> 1603 <col width="19%"> 1604 <col width="20%"> 1605 <col width="10%"> 1606 <col width="23%"> 1607 <col width="17%"> 1608 <tr> 1609 <th>CVE</th> 1610 <th></th> 1611 <th></th> 1612 <th> Google </th> 1613 <th> </th> 1614 </tr> 1615 <tr> 1616 <td>CVE-2016-6791</td> 1617 <td>A-31252384<br> 1618 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1619 QC-CR#1071809</a></td> 1620 <td></td> 1621 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1622 <td>2016 8 31</td> 1623 </tr> 1624 <tr> 1625 <td>CVE-2016-8391</td> 1626 <td>A-31253255<br> 1627 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1628 QC-CR#1072166</a></td> 1629 <td></td> 1630 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1631 <td>2016 8 31</td> 1632 </tr> 1633 <tr> 1634 <td>CVE-2016-8392</td> 1635 <td>A-31385862<br> 1636 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1637 QC-CR#1073136</a></td> 1638 <td></td> 1639 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1640 <td>2016 9 8</td> 1641 </tr> 1642 </table> 1643 1644 1645 <h3 id="eop-in-kernel-security-subsystem"> 1646 </h3> 1647 <p> 1648 1649 1650 . 1651 . 1652 </p> 1653 1654 <table> 1655 <col width="19%"> 1656 <col width="20%"> 1657 <col width="10%"> 1658 <col width="23%"> 1659 <col width="17%"> 1660 <tr> 1661 <th>CVE</th> 1662 <th></th> 1663 <th></th> 1664 <th> Google </th> 1665 <th> </th> 1666 </tr> 1667 <tr> 1668 <td>CVE-2015-7872</td> 1669 <td>A-31253168<br> 1670 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> 1671 </a></td> 1672 <td></td> 1673 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1674 Pixel XL</td> 1675 <td>2016 8 31</td> 1676 </tr> 1677 </table> 1678 1679 1680 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 1681 </h3> 1682 <p> 1683 Synaptics 1684 1685 . 1686 . 1687 </p> 1688 1689 <table> 1690 <col width="19%"> 1691 <col width="20%"> 1692 <col width="10%"> 1693 <col width="23%"> 1694 <col width="17%"> 1695 <tr> 1696 <th>CVE</th> 1697 <th></th> 1698 <th></th> 1699 <th> Google </th> 1700 <th> </th> 1701 </tr> 1702 <tr> 1703 <td>CVE-2016-8393</td> 1704 <td>A-31911920*</td> 1705 <td></td> 1706 <td>Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td> 1707 <td>2016 9 8</td> 1708 </tr> 1709 <tr> 1710 <td>CVE-2016-8394</td> 1711 <td>A-31913197*</td> 1712 <td></td> 1713 <td>Nexus 9, Android One</td> 1714 <td>2016 9 8</td> 1715 </tr> 1716 </table> 1717 <p> 1718 * . 1719 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1720 . 1721 </p> 1722 1723 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 1724 </h3> 1725 <p> 1726 Broadcom Wi-Fi 1727 1728 . 1729 . 1730 </p> 1731 1732 <table> 1733 <col width="19%"> 1734 <col width="20%"> 1735 <col width="10%"> 1736 <col width="23%"> 1737 <col width="17%"> 1738 <tr> 1739 <th>CVE</th> 1740 <th></th> 1741 <th></th> 1742 <th> Google </th> 1743 <th> </th> 1744 </tr> 1745 <tr> 1746 <td>CVE-2014-9909</td> 1747 <td>A-31676542<br>B-RB#26684</td> 1748 <td></td> 1749 <td>*</td> 1750 <td>2016 9 21</td> 1751 </tr> 1752 <tr> 1753 <td>CVE-2014-9910</td> 1754 <td>A-31746399<br>B-RB#26710</td> 1755 <td></td> 1756 <td>*</td> 1757 <td>2016 9 26</td> 1758 </tr> 1759 </table> 1760 <p> 1761 * Android 7.0 Google 1762 . 1763 </p> 1764 1765 1766 <h3 id="id-in-mediatek-video-driver">MediaTek 1767 </h3> 1768 <p> 1769 MediaTek 1770 . 1771 1772 . 1773 </p> 1774 1775 <table> 1776 <col width="19%"> 1777 <col width="20%"> 1778 <col width="10%"> 1779 <col width="23%"> 1780 <col width="17%"> 1781 <tr> 1782 <th>CVE</th> 1783 <th></th> 1784 <th></th> 1785 <th> Google </th> 1786 <th> </th> 1787 </tr> 1788 <tr> 1789 <td>CVE-2016-8396</td> 1790 <td>A-31249105</td> 1791 <td></td> 1792 <td>*</td> 1793 <td>2016 8 26</td> 1794 </tr> 1795 </table> 1796 <p> 1797 * Android 7.0 Google 1798 . 1799 </p> 1800 1801 1802 <h3 id="id-in-nvidia-video-driver">NVIDIA 1803 </h3> 1804 <p> 1805 NVIDIA 1806 . 1807 1808 . 1809 </p> 1810 1811 <table> 1812 <col width="19%"> 1813 <col width="20%"> 1814 <col width="10%"> 1815 <col width="23%"> 1816 <col width="17%"> 1817 <tr> 1818 <th>CVE</th> 1819 <th></th> 1820 <th></th> 1821 <th> Google </th> 1822 <th> </th> 1823 </tr> 1824 <tr> 1825 <td>CVE-2016-8397</td> 1826 <td>A-31385953*<br> 1827 N-CVE-2016-8397</td> 1828 <td></td> 1829 <td>Nexus 9</td> 1830 <td>2016 9 8</td> 1831 </tr> 1832 </table> 1833 <p> 1834 * . 1835 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1836 . 1837 </p> 1838 1839 <h3 id="dos-in-gps">GPS (DoS) </h3> 1840 <p> 1841 Qualcomm GPS (DoS) 1842 . 1843 . 1844 </p> 1845 1846 <table> 1847 <col width="19%"> 1848 <col width="20%"> 1849 <col width="10%"> 1850 <col width="23%"> 1851 <col width="17%"> 1852 <tr> 1853 <th>CVE</th> 1854 <th></th> 1855 <th></th> 1856 <th> Google </th> 1857 <th> </th> 1858 </tr> 1859 <tr> 1860 <td>CVE-2016-5341</td> 1861 <td>A-31470303*</td> 1862 <td></td> 1863 <td>Nexus 6, Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, 1864 Pixel XL</td> 1865 <td>2016 6 21</td> 1866 </tr> 1867 </table> 1868 <p> 1869 * . 1870 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1871 . 1872 </p> 1873 1874 <h3 id="dos-in-nvidia-camera-driver">NVIDIA 1875 (DoS) </h3> 1876 <p> 1877 NVIDIA (DoS) 1878 , 1879 . 1880 . 1881 </p> 1882 1883 <table> 1884 <col width="19%"> 1885 <col width="20%"> 1886 <col width="10%"> 1887 <col width="23%"> 1888 <col width="17%"> 1889 <tr> 1890 <th>CVE</th> 1891 <th></th> 1892 <th></th> 1893 <th> Google </th> 1894 <th> </th> 1895 </tr> 1896 <tr> 1897 <td>CVE-2016-8395</td> 1898 <td>A-31403040* 1899 <br>N-CVE-2016-8395</td> 1900 <td></td> 1901 <td>Pixel C</td> 1902 <td>2016 9 9</td> 1903 </tr> 1904 </table> 1905 <p> 1906 * . 1907 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1908 . 1909 </p> 1910 1911 <h3 id="eop-in-kernel-networking-subsystem"> 1912 </h3> 1913 <p> 1914 1915 1916 . 1917 , 1918 . 1919 </p> 1920 1921 <table> 1922 <col width="19%"> 1923 <col width="20%"> 1924 <col width="10%"> 1925 <col width="23%"> 1926 <col width="17%"> 1927 <tr> 1928 <th>CVE</th> 1929 <th></th> 1930 <th></th> 1931 <th> Google </th> 1932 <th> </th> 1933 </tr> 1934 <tr> 1935 <td>CVE-2016-8399</td> 1936 <td>A-31349935*</td> 1937 <td></td> 1938 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 1939 Player, Pixel, Pixel XL</td> 1940 <td>2016 9 5</td> 1941 </tr> 1942 </table> 1943 <p> 1944 * . 1945 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1946 . 1947 </p> 1948 1949 <h3 id="id-in-qualcomm-components">Qualcomm 1950 </h3> 1951 <p> 1952 Qualcomm 1953 1954 . 1955 . 1956 </p> 1957 1958 <table> 1959 <col width="19%"> 1960 <col width="20%"> 1961 <col width="10%"> 1962 <col width="23%"> 1963 <col width="17%"> 1964 <tr> 1965 <th>CVE</th> 1966 <th></th> 1967 <th></th> 1968 <th> Google </th> 1969 <th> </th> 1970 </tr> 1971 <tr> 1972 <td>CVE-2016-6756</td> 1973 <td>A-29464815<br> 1974 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> 1975 QC-CR#1042068</a> 1976 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> 1977 <td></td> 1978 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1979 <td>2016 6 17</td> 1980 </tr> 1981 <tr> 1982 <td>CVE-2016-6757</td> 1983 <td>A-30148242<br> 1984 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> 1985 QC-CR#1052821</a></td> 1986 <td></td> 1987 <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> 1988 <td>2016 7 13</td> 1989 </tr> 1990 </table> 1991 1992 1993 <h3 id="id-in-nvidia-librm-library">NVIDIA librm 1994 </h3> 1995 <p> 1996 NVIDIA librm (libnvrm) 1997 1998 . 1999 . 2000 </p> 2001 2002 <table> 2003 <col width="19%"> 2004 <col width="20%"> 2005 <col width="10%"> 2006 <col width="23%"> 2007 <col width="17%"> 2008 <tr> 2009 <th>CVE</th> 2010 <th></th> 2011 <th></th> 2012 <th> Google </th> 2013 <th> </th> 2014 </tr> 2015 <tr> 2016 <td>CVE-2016-8400</td> 2017 <td>A-31251599* 2018 <br>N-CVE-2016-8400</td> 2019 <td></td> 2020 <td>Pixel C</td> 2021 <td>2016 8 29</td> 2022 </tr> 2023 </table> 2024 <p> 2025 * . 2026 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2027 . 2028 </p> 2029 2030 <h3 id="id-in-kernel-components"> 2031 </h3> 2032 <p> 2033 ION , Binder, USB , 2034 2035 . 2036 2037 . 2038 </p> 2039 2040 <table> 2041 <col width="19%"> 2042 <col width="20%"> 2043 <col width="10%"> 2044 <col width="23%"> 2045 <col width="17%"> 2046 <tr> 2047 <th>CVE</th> 2048 <th></th> 2049 <th></th> 2050 <th> Google </th> 2051 <th> </th> 2052 </tr> 2053 <tr> 2054 <td>CVE-2016-8401</td> 2055 <td>A-31494725*</td> 2056 <td></td> 2057 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2058 Player, Pixel, Pixel XL</td> 2059 <td>2016 9 13</td> 2060 </tr> 2061 <tr> 2062 <td>CVE-2016-8402</td> 2063 <td>A-31495231*</td> 2064 <td></td> 2065 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2066 Player, Pixel, Pixel XL</td> 2067 <td>2016 9 13</td> 2068 </tr> 2069 <tr> 2070 <td>CVE-2016-8403</td> 2071 <td>A-31495348*</td> 2072 <td></td> 2073 <td>Nexus 9</td> 2074 <td>2016 9 13</td> 2075 </tr> 2076 <tr> 2077 <td>CVE-2016-8404</td> 2078 <td>A-31496950*</td> 2079 <td></td> 2080 <td>Nexus 9</td> 2081 <td>2016 9 13</td> 2082 </tr> 2083 <tr> 2084 <td>CVE-2016-8405</td> 2085 <td>A-31651010*</td> 2086 <td></td> 2087 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2088 Player, Pixel, Pixel XL</td> 2089 <td>2016 9 21</td> 2090 </tr> 2091 <tr> 2092 <td>CVE-2016-8406</td> 2093 <td>A-31796940*</td> 2094 <td></td> 2095 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2096 Player, Pixel, Pixel XL</td> 2097 <td>2016 9 27</td> 2098 </tr> 2099 <tr> 2100 <td>CVE-2016-8407</td> 2101 <td>A-31802656*</td> 2102 <td></td> 2103 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2104 <td>2016 9 28</td> 2105 </tr> 2106 </table> 2107 <p> 2108 * . 2109 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2110 . 2111 </p> 2112 2113 <h3 id="id-in-nvidia-video-driver-2">NVIDIA 2114 </h3> 2115 <p> 2116 NVIDIA 2117 . 2118 2119 2120 . 2121 </p> 2122 2123 <table> 2124 <col width="19%"> 2125 <col width="20%"> 2126 <col width="10%"> 2127 <col width="23%"> 2128 <col width="17%"> 2129 <tr> 2130 <th>CVE</th> 2131 <th></th> 2132 <th></th> 2133 <th> Google </th> 2134 <th> </th> 2135 </tr> 2136 <tr> 2137 <td>CVE-2016-8408</td> 2138 <td>A-31496571* 2139 <br>N-CVE-2016-8408</td> 2140 <td></td> 2141 <td>Nexus 9</td> 2142 <td>2016 9 13</td> 2143 </tr> 2144 <tr> 2145 <td>CVE-2016-8409</td> 2146 <td>A-31495687* 2147 <br>N-CVE-2016-8409</td> 2148 <td></td> 2149 <td>Nexus 9</td> 2150 <td>2016 9 13</td> 2151 </tr> 2152 </table> 2153 <p> 2154 * . 2155 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2156 . 2157 </p> 2158 2159 <h3 id="id-in-qualcomm-sound-driver">Qualcomm 2160 </h3> 2161 <p> 2162 Qualcomm 2163 . 2164 . 2165 </p> 2166 2167 <table> 2168 <col width="19%"> 2169 <col width="20%"> 2170 <col width="10%"> 2171 <col width="23%"> 2172 <col width="17%"> 2173 <tr> 2174 <th>CVE</th> 2175 <th></th> 2176 <th></th> 2177 <th> Google </th> 2178 <th> </th> 2179 </tr> 2180 <tr> 2181 <td>CVE-2016-8410</td> 2182 <td>A-31498403<br> 2183 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> 2184 QC-CR#987010</a></td> 2185 <td></td> 2186 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td> 2187 <td>Google </td> 2188 </tr> 2189 </table> 2190 2191 <h2 id="common-questions-and-answers"> </h2> 2192 <p> 2193 . 2194 </p> 2195 <p> 2196 <strong>1. ? 2197 </strong> 2198 </p> 2199 <p> 2200 2201 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 2202 . 2203 </p> 2204 <ul> 2205 <li>2016-12-01 2016-12-01 2206 .</li> 2207 <li>2016-12-05 2208 2016-12-05 .</li> 2209 </ul> 2210 <p> 2211 2212 . 2213 </p> 2214 <ul> 2215 <li>[ro.build.version.security_patch]:[2016-12-01]</li> 2216 <li>[ro.build.version.security_patch]:[2016-12-05]</li> 2217 </ul> 2218 <p> 2219 <strong>2. ?</strong> 2220 </p> 2221 <p> 2222 Android Android 2223 2224 . Android 2225 . 2226 </p> 2227 <ul> 2228 <li>2016 12 1 2229 2230 .</li> 2231 <li>2016 12 5 2232 2233 .</li> 2234 </ul> 2235 <p> 2236 . 2237 </p> 2238 <p> 2239 <strong>3. Google ?</strong> 2240 </p> 2241 <p> 2242 <a href="#2016-12-01-details">2016 12 1</a> <a href="#2016-12-05-details">2016 12 5</a> <em> Google </em> . Google . . 2243 </p> 2244 <ul> 2245 <li><strong> Google </strong>: Google Pixel 2246 <em> Google </em> 2247 '' . '' <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a> 2248 . Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9, 2249 Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> 2250 <li><strong> Google </strong>: Google 2251 , Google <em> Google </em> 2252 .</li> 2253 <li><strong>Google </strong>: Android 7.0 Google 2254 , <em> Google </em> '' 2255 .</li> 2256 </ul> 2257 <p> 2258 <strong>4. ?</strong> 2259 </p> 2260 <p> 2261 <em></em> 2262 . 2263 . 2264 </p> 2265 <table> 2266 <tr> 2267 <th></th> 2268 <th> </th> 2269 </tr> 2270 <tr> 2271 <td>A-</td> 2272 <td>Android ID</td> 2273 </tr> 2274 <tr> 2275 <td>QC-</td> 2276 <td>Qualcomm </td> 2277 </tr> 2278 <tr> 2279 <td>M-</td> 2280 <td>MediaTek </td> 2281 </tr> 2282 <tr> 2283 <td>N-</td> 2284 <td>NVIDIA </td> 2285 </tr> 2286 <tr> 2287 <td>B-</td> 2288 <td>Broadcom </td> 2289 </tr> 2290 </table> 2291 <h2 id="revisions"> </h2> 2292 <ul> 2293 <li>2016 12 5: </li> 2294 <li>2016 12 7: AOSP 2295 CVE-2016-6915, CVE-2016-6916, CVE-2016-6917 </li> 2296 </ul> 2297
