Home | History | Annotate | Download | only in bulletin
      1 page.title=Android  2017 1
      2 @jd:body
      3 
      4 <!--
      5     Copyright 2016 The Android Open Source Project
      6 
      7     Licensed under the Apache License, Version 2.0 (the "License");
      8     you may not use this file except in compliance with the License.
      9     You may obtain a copy of the License at
     10 
     11         http://www.apache.org/licenses/LICENSE-2.0
     12 
     13     Unless required by applicable law or agreed to in writing, software
     14     distributed under the License is distributed on an "AS IS" BASIS,
     15     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     16     See the License for the specific language governing permissions and
     17     limitations under the License.
     18 -->
     19 <p><em>2017 1 3  | 2017 1 5 </em></p>
     20 
     21 <p>Android   Android     
     22  .   (OTA)  
     23 Google    . Google   
     24 <a href="https://developers.google.com/android/nexus/images">Google  </a> .    2017 1 5
     25      . <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus  </a>
     26        .</p>
     27 
     28 <p>    2016 12 5  .       Android  (AOSP) 
     29 ,    .
     30 
     31   AOSP     .</p>
     32 
     33 <p>        
     34   , MMS      
     35         .</p>
     36 
     37 <p>        
     38  . <a href="#mitigations">SafetyNet</a>  Android   
     39 <a href="{@docRoot}security/enhancements/index.html">Android   </a>     
     40   <a href="https://developer.android.com/training/safetynet/index.html">Android  Google  </a>  .</p>
     41 
     42 <p>       .</p>
     43 
     44 <h2 id="announcements"></h2>
     45 <ul>
     46   <li>  Android   Android   
     47          
     48          .
     49    <a href="#common-questions-and-answers">   </a>
     50   .
     51    <ul>
     52      <li><strong>2017-01-01</strong>:     . 
     53         2017-01-01       
     54         .</li>
     55      <li><strong>2017-01-05</strong>:     . 
     56         2017-01-01 2017-01-05       
     57          .</li>
     58    </ul>
     59   </li>
     60   <li> Google  2017 1 5     OTA
     61     .</li>
     62 </ul>
     63 <h2 id="security-vulnerability-summary">  </h2>
     64 <p>    ,     ID(CVE),
     65    Google    
     66  . <a href="{@docRoot}security/overview/updates-resources.html#severity"> </a>
     67         
     68          
     69  .</p>
     70 
     71 <h3 id="2017-01-01-summary">2017-01-01
     72    </h3>
     73 <p>  2017-01-01     .</p>
     74 
     75 <table>
     76   <col width="55%">
     77   <col width="20%">
     78   <col width="13%">
     79   <col width="12%">
     80   <tr>
     81    <th></th>
     82    <th>CVE</th>
     83    <th></th>
     84    <th>Google   </th>
     85   </tr>
     86   <tr>
     87    <td>c-ares    </td>
     88    <td>CVE-2016-5180</td>
     89    <td></td>
     90    <td></td>
     91   </tr>
     92   <tr>
     93    <td>Framesequence    </td>
     94    <td>CVE-2017-0382</td>
     95    <td></td>
     96    <td></td>
     97   </tr>
     98   <tr>
     99    <td> API   </td>
    100    <td>CVE-2017-0383</td>
    101    <td></td>
    102    <td></td>
    103   </tr>
    104   <tr>
    105    <td>    </td>
    106    <td>CVE-2017-0384, CVE-2017-0385</td>
    107    <td></td>
    108    <td></td>
    109   </tr>
    110   <tr>
    111    <td>libnl   </td>
    112    <td>CVE-2017-0386</td>
    113    <td></td>
    114    <td></td>
    115   </tr>
    116   <tr>
    117    <td>    </td>
    118    <td>CVE-2017-0387</td>
    119    <td></td>
    120    <td></td>
    121   </tr>
    122   <tr>
    123    <td>     </td>
    124    <td>CVE-2017-0388</td>
    125    <td></td>
    126    <td></td>
    127   </tr>
    128   <tr>
    129    <td>   (DoS) </td>
    130    <td>CVE-2017-0389</td>
    131    <td></td>
    132    <td></td>
    133   </tr>
    134   <tr>
    135    <td>   (DoS) </td>
    136    <td>CVE-2017-0390, CVE-2017-0391, CVE-2017-0392, CVE-2017-0393</td>
    137    <td></td>
    138    <td></td>
    139   </tr>
    140   <tr>
    141    <td>   (DoS) </td>
    142    <td>CVE-2017-0394</td>
    143    <td></td>
    144    <td></td>
    145   </tr>
    146   <tr>
    147    <td>   </td>
    148    <td>CVE-2017-0395</td>
    149    <td></td>
    150    <td></td>
    151   </tr>
    152   <tr>
    153    <td>    </td>
    154    <td>CVE-2017-0381, CVE-2017-0396, CVE-2017-0397</td>
    155    <td></td>
    156    <td></td>
    157   </tr>
    158   <tr>
    159    <td>    </td>
    160    <td>CVE-2017-0398, CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td>
    161    <td></td>
    162    <td></td>
    163   </tr>
    164 </table>
    165 
    166 <h3 id="2017-01-05-summary">2017-01-05    </h3>
    167 <p>2017-01-01     2017-01-05
    168     .</p>
    169 
    170 <table>
    171   <col width="55%">
    172   <col width="20%">
    173   <col width="13%">
    174   <col width="12%">
    175   <tr>
    176    <th></th>
    177    <th>CVE</th>
    178    <th></th>
    179    <th>Google   </th>
    180   </tr>
    181   <tr>
    182    <td>      </td>
    183    <td>CVE-2015-3288</td>
    184    <td></td>
    185    <td></td>
    186   </tr>
    187   <tr>
    188    <td>Qualcomm    </td>
    189    <td>CVE-2016-8422, CVE-2016-8423</td>
    190    <td></td>
    191    <td></td>
    192   </tr>
    193   <tr>
    194    <td>     </td>
    195    <td>CVE-2015-5706</td>
    196    <td></td>
    197    <td>*</td>
    198   </tr>
    199   <tr>
    200    <td>NVIDIA GPU    </td>
    201    <td>CVE-2016-8424, CVE-2016-8425, CVE-2016-8426, CVE-2016-8482,
    202        CVE-2016-8427, CVE-2016-8428, CVE-2016-8429, CVE-2016-8430,
    203        CVE-2016-8431, CVE-2016-8432</td>
    204    <td></td>
    205    <td></td>
    206   </tr>
    207   <tr>
    208    <td>MediaTek    </td>
    209    <td>CVE-2016-8433</td>
    210    <td></td>
    211    <td>*</td>
    212   </tr>
    213   <tr>
    214    <td>Qualcomm GPU    </td>
    215    <td>CVE-2016-8434</td>
    216    <td></td>
    217    <td></td>
    218   </tr>
    219   <tr>
    220    <td>NVIDIA GPU    </td>
    221    <td>CVE-2016-8435</td>
    222    <td></td>
    223    <td></td>
    224   </tr>
    225   <tr>
    226    <td>Qualcomm     </td>
    227    <td>CVE-2016-8436</td>
    228    <td></td>
    229    <td>*</td>
    230   </tr>
    231   <tr>
    232    <td>Qualcomm  </td>
    233    <td>CVE-2016-5080, CVE-2016-8398, CVE-2016-8437, CVE-2016-8438,
    234        CVE-2016-8439, CVE-2016-8440, CVE-2016-8441, CVE-2016-8442,
    235        CVE-2016-8443, CVE-2016-8459</td>
    236    <td></td>
    237    <td>*</td>
    238   </tr>
    239   <tr>
    240    <td>Qualcomm    </td>
    241    <td>CVE-2016-8412, CVE-2016-8444</td>
    242    <td></td>
    243    <td></td>
    244   </tr>
    245   <tr>
    246    <td>MediaTek    </td>
    247    <td>CVE-2016-8445, CVE-2016-8446, CVE-2016-8447, CVE-2016-8448</td>
    248    <td></td>
    249    <td>*</td>
    250   </tr>
    251   <tr>
    252    <td>Qualcomm Wi-Fi    </td>
    253    <td>CVE-2016-8415</td>
    254    <td></td>
    255    <td></td>
    256   </tr>
    257   <tr>
    258    <td>NVIDIA GPU    </td>
    259    <td>CVE-2016-8449</td>
    260    <td></td>
    261    <td></td>
    262   </tr>
    263   <tr>
    264    <td>Qualcomm     </td>
    265    <td>CVE-2016-8450</td>
    266    <td></td>
    267    <td></td>
    268   </tr>
    269   <tr>
    270    <td>Synaptics     </td>
    271    <td>CVE-2016-8451</td>
    272    <td></td>
    273    <td>*</td>
    274   </tr>
    275   <tr>
    276    <td>      </td>
    277    <td>CVE-2016-7042</td>
    278    <td></td>
    279    <td></td>
    280   </tr>
    281   <tr>
    282    <td>      </td>
    283    <td>CVE-2017-0403</td>
    284    <td></td>
    285    <td></td>
    286   </tr>
    287   <tr>
    288    <td>      </td>
    289    <td>CVE-2017-0404</td>
    290    <td></td>
    291    <td></td>
    292   </tr>
    293   <tr>
    294    <td>Qualcomm Wi-Fi    </td>
    295    <td>CVE-2016-8452</td>
    296    <td></td>
    297    <td></td>
    298   </tr>
    299   <tr>
    300    <td>Qualcomm     </td>
    301    <td>CVE-2016-5345</td>
    302    <td></td>
    303    <td></td>
    304   </tr>
    305   <tr>
    306    <td>      </td>
    307    <td>CVE-2016-9754</td>
    308    <td></td>
    309    <td></td>
    310   </tr>
    311   <tr>
    312    <td>Broadcom Wi-Fi    </td>
    313    <td>CVE-2016-8453, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457</td>
    314    <td></td>
    315    <td></td>
    316   </tr>
    317   <tr>
    318    <td>Synaptics     </td>
    319    <td>CVE-2016-8458</td>
    320    <td></td>
    321    <td></td>
    322   </tr>
    323   <tr>
    324    <td>NVIDIA     </td>
    325    <td>CVE-2016-8460</td>
    326    <td></td>
    327    <td></td>
    328   </tr>
    329   <tr>
    330    <td>   </td>
    331    <td>CVE-2016-8461, CVE-2016-8462</td>
    332    <td></td>
    333    <td></td>
    334   </tr>
    335   <tr>
    336    <td>Qualcomm FUSE    (DoS) </td>
    337    <td>CVE-2016-8463</td>
    338    <td></td>
    339    <td>*</td>
    340   </tr>
    341   <tr>
    342    <td>  (DoS) </td>
    343    <td>CVE-2016-8467</td>
    344    <td></td>
    345    <td></td>
    346   </tr>
    347   <tr>
    348    <td>Broadcom Wi-Fi    </td>
    349    <td>CVE-2016-8464, CVE-2016-8465, CVE-2016-8466</td>
    350    <td></td>
    351    <td></td>
    352   </tr>
    353   <tr>
    354    <td>   </td>
    355    <td>CVE-2016-8467</td>
    356    <td></td>
    357    <td></td>
    358   </tr>
    359   <tr>
    360    <td>Binder   </td>
    361    <td>CVE-2016-8468</td>
    362    <td></td>
    363    <td></td>
    364   </tr>
    365   <tr>
    366    <td>NVIDIA     </td>
    367    <td>CVE-2016-8469</td>
    368    <td></td>
    369    <td></td>
    370   </tr>
    371   <tr>
    372    <td>MediaTek    </td>
    373    <td>CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</td>
    374    <td></td>
    375    <td>*</td>
    376   </tr>
    377   <tr>
    378    <td>STMicroelectronics    </td>
    379    <td>CVE-2016-8473, CVE-2016-8474</td>
    380    <td></td>
    381    <td></td>
    382   </tr>
    383   <tr>
    384    <td>Qualcomm      </td>
    385    <td>CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td>
    386    <td></td>
    387    <td></td>
    388   </tr>
    389   <tr>
    390    <td>HTC     </td>
    391    <td>CVE-2016-8475</td>
    392    <td></td>
    393    <td></td>
    394   </tr>
    395   <tr>
    396    <td>    (DoS) </td>
    397    <td>CVE-2014-9420</td>
    398    <td></td>
    399    <td></td>
    400   </tr>
    401 </table>
    402 <p>*  Android 7.0  Google      
    403    .</p>
    404 
    405 <h2 id="mitigations">Android  Google 
    406 </h2>
    407 <p> SafetyNet  <a href="{@docRoot}security/enhancements/index.html">Android  </a> 
    408       .
    409    Android   
    410    .</p>
    411 <ul>
    412   <li>Android      Android  
    413     .      Android
    414     .</li>
    415   <li>Android  <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">   </a>
    416      
    417   <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">   SafetyNet</a> 
    418     .   <a href="http://www.android.com/gms">Google  </a>     
    419    Google Play      . Google
    420   Play      
    421          
    422      .   
    423          
    424    .        
    425        .</li>
    426   <li>  Google       
    427      .</li>
    428 </ul>
    429 <h2 id="acknowledgements"> </h2>
    430 <p>    .</p>
    431 <ul>
    432   <li>Alexandru Blanda: CVE-2017-0390</li>
    433   <li>Copperhead Security Daniel Micay: CVE-2017-0397</li>
    434   <li>Tencent Xuanwu Lab
    435   Daxing Guo(<a href="https://twitter.com/freener0">@freener0</a>): CVE-2017-0386</li>
    436   <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2017-0392</li>
    437   <li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)
    438 Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-8412,
    439   CVE-2016-8444, CVE-2016-8427, CVE-2017-0403</li>
    440   <li>Shellphish Grill Team donfos(Aravind Machiry), UC Santa Barbara:
    441   CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</li>
    442   <li><a href="http://www.ms509.com">MS509Team</a> En He(<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>): CVE-2017-0394</li>
    443   <li>Qihoo 360 Technology Co. Ltd.
    444 IceSword Lab Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 
    445 <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8464</li>
    446   <li>Google WebM: CVE-2017-0393</li>
    447   <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. Alpha
    448   Guang Gong()(<a href="http://twitter.com/oldfresher">@oldfresher</a>)
    449 : CVE-2017-0387</li>
    450   <li>Qihoo 360 Technology Co. Ltd Alpha Team Hao Chen, Guang Gong:
    451   CVE-2016-8415, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457,
    452   CVE-2016-8465</li>
    453   <li>Qihoo 360 IceSword Lab Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)  <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8475</li>
    454   <li>Jon Sawyer(<a href="http://twitter.com/jcase">@jcase</a>)  Sean Beaupre
    455   (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>): CVE-2016-8462</li>
    456   <li>Jon Sawyer(<a href="http://twitter.com/jcase">@jcase</a>), Sean Beaupre(<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>), Ben Actis(<a href="https://twitter.com/ben_ra">@Ben_RA</a>): CVE-2016-8461</li>
    457   <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0383</li>
    458   <li>Monk Avel: CVE-2017-0396, CVE-2017-0399</li>
    459   <li>Trend Micro Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-8469, CVE-2016-8424, CVE-2016-8428, CVE-2016-8429,
    460   CVE-2016-8460, CVE-2016-8473, CVE-2016-8474</li>
    461   <li>Tencent KeenLab()
    462   Qidan He()(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2017-0382</li>
    463   <li>IBM Security X-Force Roee Hay, Michael Goberman: CVE-2016-8467</li>
    464   <li>Trend Micro Mobile Threat Research Team
    465   Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-8466</li>
    466   <li>Stephen Morrow: CVE-2017-0389</li>
    467   <li>Mobile Threat Research Team, <a href="http://www.trendmicro.com">Trend Micro</a>
    468   V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0381</li>
    469   <li>Alibaba Inc. Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>):
    470   CVE-2017-0391</li>
    471   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0402, CVE-2017-0398</li>
    472   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0400</li>
    473   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, <a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0384, CVE-2017-0385</li>
    474   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0401</li>
    475   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a>, <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-8431, CVE-2016-8432,
    476   CVE-2016-8435</li>
    477   <li>Alibaba Inc. Yong Wang()(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>), 
    478   Jun Cheng: CVE-2017-0404</li>
    479   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-8425, CVE-2016-8426,
    480   CVE-2016-8449</li>
    481   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:bigwyfone (a] gmail.com">Yanfeng Wang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-8430, CVE-2016-8482</li>
    482   <li>Tencent Security Platform Department
    483   Yuxiang Li(<a href="https://twitter.com/xbalien29">@Xbalien29</a>): CVE-2017-0395</li>
    484   <li><a href="https://twitter.com/0xr0ot">Cheetah Mobile</a> Security Research Lab
    485  Zhanpeng Zhao()(<a href="http://www.cmcm.com/">@0xr0ot</a>):
    486   CVE-2016-8451</li>
    487 </ul>
    488 <p>      
    489 .</p>
    490 <ul>
    491   <li>Alibaba Mobile Security Group Baozeng Ding, Chengming Yang, Peng Xiao, Ning You, Yang Dong, Chao Yang, Yi Zhang, Yang Song</li>
    492   <li>Trend Micro Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>)</li>
    493   <li>Google Zubin Mithra</li>
    494 </ul>
    495 
    496 <h2 id="2017-01-01-details">2017-01-01   
    497 </h2>
    498 <p>
    499    <a href="#2017-01-01-summary">2017-01-01   
    500  </a>    
    501   .
    502    ,    CVE,
    503  , ,  Google ,
    504  AOSP ( ),   
    505   .  
    506 AOSP         ID
    507 .        
    508   ID     .</p>
    509 
    510 
    511 <h3 id="rce-in-c-ares">c-ares    </h3>
    512 <p>
    513 c-ares         
    514           
    515 .    
    516          .
    517 </p>
    518 
    519 <table>
    520   <col width="18%">
    521   <col width="17%">
    522   <col width="10%">
    523   <col width="19%">
    524   <col width="18%">
    525   <col width="17%">
    526   <tr>
    527     <th>CVE</th>
    528     <th></th>
    529     <th></th>
    530     <th> Google </th>
    531     <th> AOSP </th>
    532     <th> </th>
    533   </tr>
    534   <tr>
    535     <td>CVE-2016-5180</td>
    536     <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677">
    537         A-32205736</a></td>
    538     <td></td>
    539     <td></td>
    540     <td>7.0</td>
    541     <td>2016 9 29</td>
    542   </tr>
    543 </table>
    544 
    545 
    546 <h3 id="rce-vulnerability-in-framesequence">Framesequence
    547    </h3>
    548 <p>
    549 Framesequence        
    550         
    551     .   Framesequence 
    552       
    553   .
    554 </p>
    555 <table>
    556   <col width="18%">
    557   <col width="17%">
    558   <col width="10%">
    559   <col width="19%">
    560   <col width="18%">
    561   <col width="17%">
    562   <tr>
    563    <th>CVE</th>
    564    <th></th>
    565    <th></th>
    566    <th> Google </th>
    567    <th> AOSP </th>
    568    <th> </th>
    569   </tr>
    570   <tr>
    571    <td>CVE-2017-0382</td>
    572    <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7">
    573        A-32338390</a></td>
    574    <td></td>
    575    <td></td>
    576    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    577    <td>2016 10 21</td>
    578   </tr>
    579 </table>
    580 <h3 id="eop-in-framework-apis"> API
    581   </h3>
    582 <p>
    583  API       
    584         
    585 .         
    586          
    587 .
    588 </p>
    589 <table>
    590   <col width="18%">
    591   <col width="17%">
    592   <col width="10%">
    593   <col width="19%">
    594   <col width="18%">
    595   <col width="17%">
    596   <tr>
    597    <th>CVE</th>
    598    <th></th>
    599    <th></th>
    600    <th> Google </th>
    601    <th> AOSP </th>
    602    <th> </th>
    603   </tr>
    604   <tr>
    605    <td>CVE-2017-0383</td>
    606    <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266">
    607        A-31677614</a></td>
    608    <td></td>
    609    <td></td>
    610    <td>7.0, 7.1.1</td>
    611    <td>2016 9 21</td>
    612   </tr>
    613 </table>
    614 <h3 id="eop-in-audioserver"> 
    615   </h3>
    616 <p>
    617         
    618         
    619 .         
    620          
    621 .
    622 </p>
    623 <table>
    624   <col width="18%">
    625   <col width="17%">
    626   <col width="10%">
    627   <col width="19%">
    628   <col width="18%">
    629   <col width="17%">
    630   <tr>
    631    <th>CVE</th>
    632    <th></th>
    633    <th></th>
    634    <th> Google </th>
    635    <th> AOSP </th>
    636    <th> </th>
    637   </tr>
    638   <tr>
    639    <td>CVE-2017-0384</td>
    640    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">
    641        A-32095626</a></td>
    642    <td></td>
    643    <td></td>
    644    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    645    <td>2016 10 11</td>
    646   </tr>
    647   <tr>
    648    <td>CVE-2017-0385</td>
    649    <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358">
    650        A-32585400</a></td>
    651    <td></td>
    652    <td></td>
    653    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    654    <td>2016 10 11</td>
    655   </tr>
    656 </table>
    657 <h3 id="eop-in-libnl">libnl
    658   </h3>
    659 <p>
    660 libnl        
    661         
    662 .         
    663          
    664 .
    665 </p>
    666 <table>
    667   <col width="18%">
    668   <col width="17%">
    669   <col width="10%">
    670   <col width="19%">
    671   <col width="18%">
    672   <col width="17%">
    673   <tr>
    674    <th>CVE</th>
    675    <th></th>
    676    <th></th>
    677    <th> Google </th>
    678    <th> AOSP </th>
    679    <th> </th>
    680   </tr>
    681   <tr>
    682    <td>CVE-2017-0386</td>
    683    <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a">
    684        A-32255299</a></td>
    685    <td></td>
    686    <td></td>
    687    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    688    <td>2016 10 18</td>
    689   </tr>
    690 </table>
    691 <h3 id="eop-in-mediaserver"> 
    692   </h3>
    693 <p>
    694         
    695         
    696 .         
    697          
    698 .
    699 </p>
    700 <table>
    701   <col width="18%">
    702   <col width="17%">
    703   <col width="10%">
    704   <col width="19%">
    705   <col width="18%">
    706   <col width="17%">
    707   <tr>
    708    <th>CVE</th>
    709    <th></th>
    710    <th></th>
    711    <th> Google </th>
    712    <th> AOSP </th>
    713    <th> </th>
    714   </tr>
    715   <tr>
    716    <td>CVE-2017-0387</td>
    717    <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f">
    718        A-32660278</a></td>
    719    <td></td>
    720    <td></td>
    721    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    722    <td>2016 11 4</td>
    723   </tr>
    724 </table>
    725 <h3 id="id-in-external-storage-provider">  
    726   </h3>
    727 <p>
    728       
    729         SD 
    730    .        
    731     .
    732 </p>
    733 <table>
    734   <col width="18%">
    735   <col width="17%">
    736   <col width="10%">
    737   <col width="19%">
    738   <col width="18%">
    739   <col width="17%">
    740   <tr>
    741    <th>CVE</th>
    742    <th></th>
    743    <th></th>
    744    <th> Google </th>
    745    <th> AOSP </th>
    746    <th> </th>
    747   </tr>
    748   <tr>
    749    <td>CVE-2017-0388</td>
    750    <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9">
    751        A-32523490</a></td>
    752    <td></td>
    753    <td></td>
    754    <td>6.0, 6.0.1, 7.0, 7.1.1</td>
    755    <td>Google </td>
    756   </tr>
    757 </table>
    758 <h3 id="dos-in-core-networking"> 
    759  (DoS) </h3>
    760 <p>
    761           
    762        .  
    763         .
    764 </p>
    765 <table>
    766   <col width="18%">
    767   <col width="17%">
    768   <col width="10%">
    769   <col width="19%">
    770   <col width="18%">
    771   <col width="17%">
    772   <tr>
    773    <th>CVE</th>
    774    <th></th>
    775    <th></th>
    776    <th> Google </th>
    777    <th> AOSP </th>
    778    <th> </th>
    779   </tr>
    780   <tr>
    781    <td>CVE-2017-0389</td>
    782    <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7">
    783        A-31850211</a>
    784 [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 
    785 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td>
    786    <td></td>
    787    <td></td>
    788    <td>6.0, 6.0.1, 7.0, 7.1.1</td>
    789    <td>2016 7 20</td>
    790   </tr>
    791 </table>
    792 <h3 id="dos-in-mediaserver"> 
    793  (DoS) </h3>
    794 <p>
    795          
    796        .  
    797         .
    798 </p>
    799 <table>
    800   <col width="18%">
    801   <col width="17%">
    802   <col width="10%">
    803   <col width="19%">
    804   <col width="18%">
    805   <col width="17%">
    806   <tr>
    807    <th>CVE</th>
    808    <th></th>
    809    <th></th>
    810    <th> Google </th>
    811    <th> AOSP </th>
    812    <th> </th>
    813   </tr>
    814   <tr>
    815    <td>CVE-2017-0390</td>
    816    <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0">
    817        A-31647370</a></td>
    818    <td></td>
    819    <td></td>
    820    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    821    <td>2016 9 19</td>
    822   </tr>
    823   <tr>
    824    <td>CVE-2017-0391</td>
    825    <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f">
    826        A-32322258</a></td>
    827    <td></td>
    828    <td></td>
    829    <td>6.0, 6.0.1, 7.0, 7.1.1</td>
    830    <td>2016 10 20</td>
    831   </tr>
    832   <tr>
    833    <td>CVE-2017-0392</td>
    834    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c">
    835        A-32577290</a></td>
    836    <td></td>
    837    <td></td>
    838    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    839    <td>2016 10 29</td>
    840   </tr>
    841   <tr>
    842    <td>CVE-2017-0393</td>
    843    <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc">
    844        A-30436808</a></td>
    845    <td></td>
    846    <td></td>
    847    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    848    <td>Google </td>
    849   </tr>
    850 </table>
    851 <h3 id="dos-in-telephony"> 
    852  (DoS) </h3>
    853 <p>
    854        
    855      .  
    856         .
    857 </p>
    858 <table>
    859   <col width="18%">
    860   <col width="17%">
    861   <col width="10%">
    862   <col width="19%">
    863   <col width="18%">
    864   <col width="17%">
    865   <tr>
    866    <th>CVE</th>
    867    <th></th>
    868    <th></th>
    869    <th> Google </th>
    870    <th> AOSP </th>
    871    <th> </th>
    872   </tr>
    873   <tr>
    874    <td>CVE-2017-0394</td>
    875    <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d">
    876        A-31752213</a></td>
    877    <td></td>
    878    <td></td>
    879    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    880    <td>2016 9 23</td>
    881   </tr>
    882 </table>
    883 <h3 id="eop-in-contacts">
    884   </h3>
    885 <p>
    886        
    887      .  
    888   (     
    889     )     
    890   .
    891 </p>
    892 <table>
    893   <col width="18%">
    894   <col width="17%">
    895   <col width="10%">
    896   <col width="19%">
    897   <col width="18%">
    898   <col width="17%">
    899   <tr>
    900    <th>CVE</th>
    901    <th></th>
    902    <th></th>
    903    <th> Google </th>
    904    <th> AOSP </th>
    905    <th> </th>
    906   </tr>
    907   <tr>
    908    <td>CVE-2017-0395</td>
    909    <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b">
    910        A-32219099</a></td>
    911    <td></td>
    912    <td></td>
    913    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    914    <td>2016 10 15</td>
    915   </tr>
    916 </table>
    917 <h3 id="id-in-mediaserver"> 
    918   </h3>
    919 <p>
    920         
    921       .  
    922        
    923    .
    924 </p>
    925 <table>
    926   <col width="18%">
    927   <col width="17%">
    928   <col width="10%">
    929   <col width="19%">
    930   <col width="18%">
    931   <col width="17%">
    932   <tr>
    933    <th>CVE</th>
    934    <th></th>
    935    <th></th>
    936    <th> Google </th>
    937    <th> AOSP </th>
    938    <th> </th>
    939   </tr>
    940     <tr>
    941     <td>CVE-2017-0381</td>
    942     <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7">
    943         A-31607432</a></td>
    944     <td></td>
    945     <td></td>
    946     <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    947     <td>2016 9 18</td>
    948   </tr>
    949   <tr>
    950    <td>CVE-2017-0396</td>
    951    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7">
    952        A-31781965</a></td>
    953    <td></td>
    954    <td></td>
    955    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    956    <td>2016 9 27</td>
    957   </tr>
    958   <tr>
    959    <td>CVE-2017-0397</td>
    960    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c">
    961        A-32377688</a></td>
    962    <td></td>
    963    <td></td>
    964    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    965    <td>2016 10 21</td>
    966   </tr>
    967 </table>
    968 <h3 id="id-in-audioserver"> 
    969   </h3>
    970 <p>
    971         
    972       .  
    973        
    974    .
    975 </p>
    976 <table>
    977   <col width="18%">
    978   <col width="17%">
    979   <col width="10%">
    980   <col width="19%">
    981   <col width="18%">
    982   <col width="17%">
    983   <tr>
    984    <th>CVE</th>
    985    <th></th>
    986    <th></th>
    987    <th> Google </th>
    988    <th> AOSP </th>
    989    <th> </th>
    990   </tr>
    991   <tr>
    992    <td>CVE-2017-0398</td>
    993    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">
    994        A-32438594</a></td>
    995    <td></td>
    996    <td></td>
    997    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    998    <td>2016 10 25</td>
    999   </tr>
   1000   <tr>
   1001    <td>CVE-2017-0398</td>
   1002    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">
   1003        A-32635664</a></td>
   1004    <td></td>
   1005    <td></td>
   1006    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1007    <td>2016 10 25</td>
   1008   </tr>
   1009   <tr>
   1010    <td>CVE-2017-0398</td>
   1011    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">
   1012        A-32624850</a></td>
   1013    <td></td>
   1014    <td></td>
   1015    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1016    <td>2016 10 25</td>
   1017   </tr>
   1018   <tr>
   1019    <td>CVE-2017-0399</td>
   1020    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   1021        A-32247948</a>
   1022 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   1023    <td></td>
   1024    <td></td>
   1025    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1026    <td>2016 10 18</td>
   1027   </tr>
   1028   <tr>
   1029    <td>CVE-2017-0400</td>
   1030    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   1031        A-32584034</a>
   1032 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   1033    <td></td>
   1034    <td></td>
   1035    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1036    <td>2016 10 25</td>
   1037   </tr>
   1038   <tr>
   1039    <td>CVE-2017-0401</td>
   1040    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">
   1041        A-32448258</a></td>
   1042    <td></td>
   1043    <td></td>
   1044    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1045    <td>2016 10 26</td>
   1046   </tr>
   1047   <tr>
   1048    <td>CVE-2017-0402</td>
   1049    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   1050        A-32436341</a>
   1051 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   1052    <td></td>
   1053    <td></td>
   1054    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1055    <td>2016 10 25</td>
   1056   </tr>
   1057 </table>
   1058 
   1059 <h2 id="2017-01-05-details">2017-01-05   
   1060 </h2>
   1061 <p>
   1062   
   1063 <a href="#2017-01-05-summary">2017-01-05
   1064     </a>    
   1065    .   ,   
   1066 CVE,  , ,  Google ,
   1067  AOSP ( ),      .  
   1068 AOSP         ID
   1069 .        
   1070   ID     .</p>
   1071 
   1072 
   1073 <h3 id="eop-in-kernel-memory-subsystem">   
   1074   </h3>
   1075 <p>
   1076          
   1077        
   1078 .   
   1079         ,
   1080       .
   1081 </p>
   1082 
   1083 <table>
   1084   <col width="19%">
   1085   <col width="20%">
   1086   <col width="10%">
   1087   <col width="23%">
   1088   <col width="17%">
   1089   <tr>
   1090     <th>CVE</th>
   1091     <th></th>
   1092     <th></th>
   1093     <th> Google </th>
   1094     <th> </th>
   1095   </tr>
   1096   <tr>
   1097     <td>CVE-2015-3288</td>
   1098     <td>A-32460277<br>
   1099         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d">
   1100  </a></td>
   1101     <td></td>
   1102     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player, Pixel,
   1103 Pixel XL</td>
   1104     <td>2016 7 9</td>
   1105   </tr>
   1106 </table>
   1107 
   1108 
   1109 <h3 id="eop-in-qualcomm-bootloader">Qualcomm 
   1110   </h3>
   1111 <p>
   1112 Qualcomm     
   1113        
   1114   .   
   1115         ,
   1116       .
   1117 </p>
   1118 
   1119 <table>
   1120   <col width="19%">
   1121   <col width="20%">
   1122   <col width="10%">
   1123   <col width="23%">
   1124   <col width="17%">
   1125   <tr>
   1126     <th>CVE</th>
   1127     <th></th>
   1128     <th></th>
   1129     <th> Google </th>
   1130     <th> </th>
   1131   </tr>
   1132   <tr>
   1133     <td>CVE-2016-8422</td>
   1134     <td>A-31471220<br>
   1135         <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213">
   1136 QC-CR#979426</a></td>
   1137     <td></td>
   1138     <td>Nexus 6, Nexus 6P, Pixel, Pixel XL</td>
   1139     <td>2016 7 22</td>
   1140   </tr>
   1141   <tr>
   1142     <td>CVE-2016-8423</td>
   1143     <td>A-31399736<br>
   1144         <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867">
   1145 QC-CR#1000546</a></td>
   1146     <td></td>
   1147     <td>Nexus 6P, Pixel, Pixel XL</td>
   1148     <td>2016 8 24</td>
   1149   </tr>
   1150 </table>
   1151 
   1152 
   1153 <h3 id="eop-in-kernel-file-system">  
   1154   </h3>
   1155 <p>
   1156          
   1157       
   1158 .   
   1159         ,
   1160       .
   1161 </p>
   1162 
   1163 <table>
   1164   <col width="19%">
   1165   <col width="20%">
   1166   <col width="10%">
   1167   <col width="23%">
   1168   <col width="17%">
   1169   <tr>
   1170     <th>CVE</th>
   1171     <th></th>
   1172     <th></th>
   1173     <th> Google </th>
   1174     <th> </th>
   1175   </tr>
   1176   <tr>
   1177     <td>CVE-2015-5706</td>
   1178     <td>A-32289301<br>
   1179         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0">
   1180  </a></td>
   1181     <td></td>
   1182     <td>*</td>
   1183     <td>2016 8 1</td>
   1184   </tr>
   1185 </table>
   1186 <p>
   1187 *  Android 7.0  Google      
   1188    .
   1189 </p>
   1190 
   1191 
   1192 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 
   1193   </h3>
   1194 <p>
   1195 NVIDIA GPU     
   1196        
   1197   .   
   1198         ,
   1199       .
   1200 </p>
   1201 
   1202 <table>
   1203   <col width="19%">
   1204   <col width="20%">
   1205   <col width="10%">
   1206   <col width="23%">
   1207   <col width="17%">
   1208   <tr>
   1209     <th>CVE</th>
   1210     <th></th>
   1211     <th></th>
   1212     <th> Google </th>
   1213     <th> </th>
   1214   </tr>
   1215   <tr>
   1216     <td>CVE-2016-8424</td>
   1217     <td>A-31606947*<br>
   1218         N-CVE-2016-8424</td>
   1219     <td></td>
   1220     <td>Nexus 9</td>
   1221     <td>2016 9 17</td>
   1222   </tr>
   1223   <tr>
   1224     <td>CVE-2016-8425</td>
   1225     <td>A-31797770*<br>
   1226         N-CVE-2016-8425</td>
   1227     <td></td>
   1228     <td>Nexus 9</td>
   1229     <td>2016 9 28</td>
   1230   </tr>
   1231   <tr>
   1232     <td>CVE-2016-8426</td>
   1233     <td>A-31799206*<br>
   1234         N-CVE-2016-8426</td>
   1235     <td></td>
   1236     <td>Nexus 9</td>
   1237     <td>2016 9 28</td>
   1238   </tr>
   1239   <tr>
   1240     <td>CVE-2016-8482</td>
   1241     <td>A-31799863*<br>
   1242         N-CVE-2016-8482</td>
   1243     <td></td>
   1244     <td>Nexus 9</td>
   1245     <td>2016 9 28</td>
   1246   </tr>
   1247   <tr>
   1248     <td>CVE-2016-8427</td>
   1249     <td>A-31799885*<br>
   1250         N-CVE-2016-8427</td>
   1251     <td></td>
   1252     <td>Nexus 9</td>
   1253     <td>2016 9 28</td>
   1254   </tr>
   1255   <tr>
   1256     <td>CVE-2016-8428</td>
   1257     <td>A-31993456*<br>
   1258         N-CVE-2016-8428</td>
   1259     <td></td>
   1260     <td>Nexus 9</td>
   1261     <td>2016 10 6</td>
   1262   </tr>
   1263   <tr>
   1264     <td>CVE-2016-8429</td>
   1265     <td>A-32160775*<br>
   1266         N-CVE-2016-8429</td>
   1267     <td></td>
   1268     <td>Nexus 9</td>
   1269     <td>2016 10 13</td>
   1270   </tr>
   1271   <tr>
   1272     <td>CVE-2016-8430</td>
   1273     <td>A-32225180*<br>
   1274         N-CVE-2016-8430</td>
   1275     <td></td>
   1276     <td>Nexus 9</td>
   1277     <td>2016 10 17</td>
   1278   </tr>
   1279   <tr>
   1280     <td>CVE-2016-8431</td>
   1281     <td>A-32402179*<br>
   1282         N-CVE-2016-8431</td>
   1283     <td></td>
   1284     <td>Pixel C</td>
   1285     <td>2016 10 25</td>
   1286   </tr>
   1287   <tr>
   1288     <td>CVE-2016-8432</td>
   1289     <td>A-32447738*<br>
   1290         N-CVE-2016-8432</td>
   1291     <td></td>
   1292     <td>Pixel C</td>
   1293     <td>2016 10 26</td>
   1294   </tr>
   1295 </table>
   1296 <p>
   1297 *       . 
   1298 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus   
   1299   .
   1300 </p>
   1301 
   1302 
   1303 <h3 id="eop-in-mediatek-driver">MediaTek 
   1304   </h3>
   1305 <p>
   1306 MediaTek     
   1307        
   1308   .   
   1309         ,
   1310       .
   1311 </p>
   1312 
   1313 <table>
   1314   <col width="19%">
   1315   <col width="20%">
   1316   <col width="10%">
   1317   <col width="23%">
   1318   <col width="17%">
   1319   <tr>
   1320     <th>CVE</th>
   1321     <th></th>
   1322     <th></th>
   1323     <th> Google </th>
   1324     <th> </th>
   1325   </tr>
   1326   <tr>
   1327     <td>CVE-2016-8433</td>
   1328     <td>A-31750190*<br>
   1329         MT-ALPS02974192</td>
   1330     <td></td>
   1331     <td>**</td>
   1332     <td>2016 9 24</td>
   1333   </tr>
   1334 </table>
   1335 <p>
   1336 *       . 
   1337 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus   
   1338   .
   1339 </p>
   1340 <p>
   1341 **  Android 7.0  Google      
   1342    .
   1343 </p>
   1344 
   1345 
   1346 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU 
   1347   </h3>
   1348 <p>
   1349 Qualcomm GPU     
   1350        
   1351   .   
   1352         ,
   1353       .
   1354 </p>
   1355 
   1356 <table>
   1357   <col width="19%">
   1358   <col width="20%">
   1359   <col width="10%">
   1360   <col width="23%">
   1361   <col width="17%">
   1362   <tr>
   1363     <th>CVE</th>
   1364     <th></th>
   1365     <th></th>
   1366     <th> Google </th>
   1367     <th> </th>
   1368   </tr>
   1369   <tr>
   1370     <td>CVE-2016-8434</td>
   1371     <td>A-32125137<br>
   1372         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9">
   1373 QC-CR#1081855</a></td>
   1374     <td></td>
   1375     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td>
   1376     <td>2016 10 12</td>
   1377   </tr>
   1378 </table>
   1379 
   1380 
   1381 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU 
   1382   </h3>
   1383 <p>
   1384 NVIDIA GPU     
   1385        
   1386   .   
   1387         ,
   1388       .
   1389 </p>
   1390 
   1391 <table>
   1392   <col width="19%">
   1393   <col width="20%">
   1394   <col width="10%">
   1395   <col width="23%">
   1396   <col width="17%">
   1397   <tr>
   1398     <th>CVE</th>
   1399     <th></th>
   1400     <th></th>
   1401     <th> Google </th>
   1402     <th> </th>
   1403   </tr>
   1404   <tr>
   1405     <td>CVE-2016-8435</td>
   1406     <td>A-32700935*<br>
   1407         N-CVE-2016-8435</td>
   1408     <td></td>
   1409     <td>Pixel C</td>
   1410     <td>2015 11 7</td>
   1411   </tr>
   1412 </table>
   1413 <p>
   1414 *       . 
   1415 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1416   
   1417  .
   1418 </p>
   1419 
   1420 
   1421 <h3 id="eop-in-qualcomm-video-driver">Qualcomm  
   1422   </h3>
   1423 <p>
   1424 Qualcomm      
   1425        
   1426   .   
   1427         ,
   1428       .
   1429 </p>
   1430 
   1431 <table>
   1432   <col width="19%">
   1433   <col width="20%">
   1434   <col width="10%">
   1435   <col width="23%">
   1436   <col width="17%">
   1437   <tr>
   1438     <th>CVE</th>
   1439     <th></th>
   1440     <th></th>
   1441     <th> Google </th>
   1442     <th> </th>
   1443   </tr>
   1444   <tr>
   1445     <td>CVE-2016-8436</td>
   1446     <td>A-32450261<br>
   1447         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced">
   1448 QC-CR#1007860</a></td>
   1449     <td></td>
   1450     <td>*</td>
   1451     <td>2016 10 13</td>
   1452   </tr>
   1453 </table>
   1454 <p>
   1455 *  Android 7.0  Google      
   1456    .
   1457 </p>
   1458 
   1459 
   1460 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 
   1461 </h3>
   1462 <p>
   1463   Qualcomm    Qualcomm AMSS 2015 11, 2016 8, 2016 9, 2016 10     .
   1464 </p>
   1465 
   1466 <table>
   1467   <col width="19%">
   1468   <col width="20%">
   1469   <col width="10%">
   1470   <col width="23%">
   1471   <col width="17%">
   1472   <tr>
   1473     <th>CVE</th>
   1474     <th></th>
   1475     <th>*</th>
   1476     <th> Google </th>
   1477     <th> </th>
   1478   </tr>
   1479   <tr>
   1480     <td>CVE-2016-8438</td>
   1481     <td>A-31624565**</td>
   1482     <td></td>
   1483     <td>***</td>
   1484     <td>Qualcomm </td>
   1485   </tr>
   1486   <tr>
   1487     <td>CVE-2016-8442</td>
   1488     <td>A-31625910**</td>
   1489     <td></td>
   1490     <td>***</td>
   1491     <td>Qualcomm </td>
   1492   </tr>
   1493   <tr>
   1494     <td>CVE-2016-8443</td>
   1495     <td>A-32576499**</td>
   1496     <td></td>
   1497     <td>***</td>
   1498     <td>Qualcomm </td>
   1499   </tr>
   1500   <tr>
   1501     <td>CVE-2016-8437</td>
   1502     <td>A-31623057**</td>
   1503     <td></td>
   1504     <td>***</td>
   1505     <td>Qualcomm </td>
   1506   </tr>
   1507   <tr>
   1508     <td>CVE-2016-8439</td>
   1509     <td>A-31625204**</td>
   1510     <td></td>
   1511     <td>***</td>
   1512     <td>Qualcomm </td>
   1513   </tr>
   1514   <tr>
   1515     <td>CVE-2016-8440</td>
   1516     <td>A-31625306**</td>
   1517     <td></td>
   1518     <td>***</td>
   1519     <td>Qualcomm </td>
   1520   </tr>
   1521   <tr>
   1522     <td>CVE-2016-8441</td>
   1523     <td>A-31625904**</td>
   1524     <td></td>
   1525     <td>***</td>
   1526     <td>Qualcomm </td>
   1527   </tr>
   1528   <tr>
   1529     <td>CVE-2016-8398</td>
   1530     <td>A-31548486**</td>
   1531     <td></td>
   1532     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td>
   1533     <td>Qualcomm </td>
   1534   </tr>
   1535   <tr>
   1536     <td>CVE-2016-8459</td>
   1537     <td>A-32577972**</td>
   1538     <td></td>
   1539     <td>***</td>
   1540     <td>Qualcomm </td>
   1541   </tr>
   1542   <tr>
   1543     <td>CVE-2016-5080</td>
   1544     <td>A-31115235**</td>
   1545     <td></td>
   1546     <td>Nexus 5X</td>
   1547     <td>Qualcomm </td>
   1548   </tr>
   1549 </table>
   1550 <p>
   1551 *       .
   1552 </p>
   1553 <p>
   1554 **       . 
   1555 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1556   
   1557  .
   1558 </p>
   1559 <p>
   1560 ***  Android 7.0  Google      
   1561    .
   1562 </p>
   1563 
   1564 
   1565 <h3 id="eop-in-qualcomm-camera">Qualcomm 
   1566   </h3>
   1567 <p>
   1568 Qualcomm     
   1569        
   1570   .        
   1571    .
   1572 </p>
   1573 
   1574 <table>
   1575   <col width="19%">
   1576   <col width="20%">
   1577   <col width="10%">
   1578   <col width="23%">
   1579   <col width="17%">
   1580   <tr>
   1581     <th>CVE</th>
   1582     <th></th>
   1583     <th></th>
   1584     <th> Google </th>
   1585     <th> </th>
   1586   </tr>
   1587   <tr>
   1588     <td>CVE-2016-8412</td>
   1589     <td>A-31225246<br>
   1590         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786">
   1591 QC-CR#1071891</a></td>
   1592     <td></td>
   1593     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
   1594     <td>2016 8 26</td>
   1595   </tr>
   1596   <tr>
   1597     <td>CVE-2016-8444</td>
   1598     <td>A-31243641*<br>
   1599         QC-CR#1074310</td>
   1600     <td></td>
   1601     <td>Nexus 5X, Nexus 6, Nexus 6P</td>
   1602     <td>2016 8 26</td>
   1603   </tr>
   1604 </table>
   1605 <p>
   1606 *       . 
   1607 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1608   
   1609  .
   1610 </p>
   1611 
   1612 
   1613 <h3 id="eop-in-mediatek-components">MediaTek 
   1614   </h3>
   1615 <p>
   1616      MediaTek     
   1617        
   1618   .     
   1619    
   1620   .
   1621 </p>
   1622 
   1623 <table>
   1624   <col width="19%">
   1625   <col width="20%">
   1626   <col width="10%">
   1627   <col width="23%">
   1628   <col width="17%">
   1629   <tr>
   1630     <th>CVE</th>
   1631     <th></th>
   1632     <th></th>
   1633     <th> Google </th>
   1634     <th> </th>
   1635   </tr>
   1636   <tr>
   1637     <td>CVE-2016-8445</td>
   1638     <td>A-31747590*<br>
   1639         MT-ALPS02968983</td>
   1640     <td></td>
   1641     <td>**</td>
   1642     <td>2016 9 25</td>
   1643   </tr>
   1644   <tr>
   1645     <td>CVE-2016-8446</td>
   1646     <td>A-31747749*<br>
   1647         MT-ALPS02968909</td>
   1648     <td></td>
   1649     <td>**</td>
   1650     <td>2016 9 25</td>
   1651   </tr>
   1652   <tr>
   1653     <td>CVE-2016-8447</td>
   1654     <td>A-31749463*<br>
   1655         MT-ALPS02968886</td>
   1656     <td></td>
   1657     <td>**</td>
   1658     <td>2016 9 25</td>
   1659   </tr>
   1660   <tr>
   1661     <td>CVE-2016-8448</td>
   1662     <td>A-31791148*<br>
   1663         MT-ALPS02982181</td>
   1664     <td></td>
   1665     <td>**</td>
   1666     <td>2016 9 28</td>
   1667   </tr>
   1668 </table>
   1669 <p>
   1670 *       . 
   1671 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1672   
   1673  .
   1674 </p>
   1675 <p>
   1676 **  Android 7.0  Google      
   1677    .
   1678 </p>
   1679 
   1680 
   1681 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 
   1682   </h3>
   1683 <p>
   1684 Qualcomm Wi-Fi     
   1685          
   1686 .        
   1687    .
   1688 </p>
   1689 
   1690 <table>
   1691   <col width="19%">
   1692   <col width="20%">
   1693   <col width="10%">
   1694   <col width="23%">
   1695   <col width="17%">
   1696   <tr>
   1697     <th>CVE</th>
   1698     <th></th>
   1699     <th></th>
   1700     <th> Google </th>
   1701     <th> </th>
   1702   </tr>
   1703   <tr>
   1704     <td>CVE-2016-8415</td>
   1705     <td>A-31750554<br>
   1706         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394">
   1707 QC-CR#1079596</a></td>
   1708     <td></td>
   1709     <td>Nexus 5X, Pixel, Pixel XL</td>
   1710     <td>2016 9 26</td>
   1711   </tr>
   1712 </table>
   1713 
   1714 
   1715 <h3 id="eop-in-nvidia-gpu-driver-3">NVIDIA GPU 
   1716   </h3>
   1717 <p>
   1718 NVIDIA GPU     
   1719        
   1720   .        
   1721    .
   1722 </p>
   1723 
   1724 <table>
   1725   <col width="19%">
   1726   <col width="20%">
   1727   <col width="10%">
   1728   <col width="23%">
   1729   <col width="17%">
   1730   <tr>
   1731     <th>CVE</th>
   1732     <th></th>
   1733     <th></th>
   1734     <th> Google </th>
   1735     <th> </th>
   1736   </tr>
   1737   <tr>
   1738     <td>CVE-2016-8449</td>
   1739     <td>A-31798848*<br>
   1740         N-CVE-2016-8449</td>
   1741     <td></td>
   1742     <td>Nexus 9</td>
   1743     <td>2016 9 28</td>
   1744   </tr>
   1745 </table>
   1746 <p>
   1747 *       . 
   1748 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1749   
   1750  .
   1751 </p>
   1752 
   1753 
   1754 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm  
   1755   </h3>
   1756 <p>
   1757 Qualcomm      
   1758        
   1759   .        
   1760    .
   1761 </p>
   1762 
   1763 <table>
   1764   <col width="19%">
   1765   <col width="20%">
   1766   <col width="10%">
   1767   <col width="23%">
   1768   <col width="17%">
   1769   <tr>
   1770     <th>CVE</th>
   1771     <th></th>
   1772     <th></th>
   1773     <th> Google </th>
   1774     <th> </th>
   1775   </tr>
   1776   <tr>
   1777     <td>CVE-2016-8450</td>
   1778     <td>A-32450563<br>
   1779         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb">
   1780 QC-CR#880388</a></td>
   1781     <td></td>
   1782     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td>
   1783     <td>2016 10 13</td>
   1784   </tr>
   1785 </table>
   1786 
   1787 
   1788 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics  
   1789   </h3>
   1790 <p>
   1791 Synaptics      
   1792        
   1793   .        
   1794    .
   1795 </p>
   1796 
   1797 <table>
   1798   <col width="19%">
   1799   <col width="20%">
   1800   <col width="10%">
   1801   <col width="23%">
   1802   <col width="17%">
   1803   <tr>
   1804     <th>CVE</th>
   1805     <th></th>
   1806     <th></th>
   1807     <th> Google </th>
   1808     <th> </th>
   1809   </tr>
   1810   <tr>
   1811     <td>CVE-2016-8451</td>
   1812     <td>A-32178033*</td>
   1813     <td></td>
   1814     <td>**</td>
   1815     <td>2016 10 13</td>
   1816   </tr>
   1817 </table>
   1818 <p>
   1819 *       . 
   1820 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1821   
   1822  .
   1823 </p>
   1824 <p>
   1825 **  Android 7.0  Google      
   1826    .
   1827 </p>
   1828 
   1829 
   1830 <h3 id="eop-in-kernel-security-subsystem">   
   1831   </h3>
   1832 <p>
   1833        
   1834        
   1835   .        
   1836    .
   1837 </p>
   1838 
   1839 <table>
   1840   <col width="19%">
   1841   <col width="20%">
   1842   <col width="10%">
   1843   <col width="23%">
   1844   <col width="17%">
   1845   <tr>
   1846     <th>CVE</th>
   1847     <th></th>
   1848     <th></th>
   1849     <th> Google </th>
   1850     <th> </th>
   1851   </tr>
   1852   <tr>
   1853     <td>CVE-2016-7042</td>
   1854     <td>A-32178986<br>
   1855         <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc">
   1856  </a></td>
   1857     <td></td>
   1858     <td>Pixel C</td>
   1859     <td>2016 10 14</td>
   1860   </tr>
   1861 </table>
   1862 
   1863 
   1864 <h3 id="eop-in-kernel-performance-subsystem">   
   1865   </h3>
   1866 <p>
   1867           
   1868        .        
   1869    .
   1870 </p>
   1871 
   1872 <table>
   1873   <col width="19%">
   1874   <col width="20%">
   1875   <col width="10%">
   1876   <col width="23%">
   1877   <col width="17%">
   1878   <tr>
   1879     <th>CVE</th>
   1880     <th></th>
   1881     <th></th>
   1882     <th> Google </th>
   1883     <th> </th>
   1884   </tr>
   1885   <tr>
   1886     <td>CVE-2017-0403</td>
   1887     <td>A-32402548*</td>
   1888     <td></td>
   1889     <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
   1890 Player, Pixel, Pixel XL</td>
   1891     <td>2016 10 25</td>
   1892   </tr>
   1893 </table>
   1894 <p>
   1895 *       . 
   1896 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1897   
   1898  .
   1899 </p>
   1900 
   1901 
   1902 <h3 id="eop-in-kernel-sound-subsystem">   
   1903   </h3>
   1904 <p>
   1905        
   1906        
   1907   .        
   1908    .
   1909 </p>
   1910 
   1911 <table>
   1912   <col width="19%">
   1913   <col width="20%">
   1914   <col width="10%">
   1915   <col width="23%">
   1916   <col width="17%">
   1917   <tr>
   1918     <th>CVE</th>
   1919     <th></th>
   1920     <th></th>
   1921     <th> Google </th>
   1922     <th> </th>
   1923   </tr>
   1924   <tr>
   1925     <td>CVE-2017-0404</td>
   1926     <td>A-32510733*</td>
   1927     <td></td>
   1928     <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player, Pixel, Pixel
   1929 XL</td>
   1930     <td>2016 10 27</td>
   1931   </tr>
   1932 </table>
   1933 <p>
   1934 *       . 
   1935 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1936   
   1937  .
   1938 </p>
   1939 
   1940 
   1941 <h3 id="eop-in-qualcomm-wi-fi-driver-2">Qualcomm Wi-Fi 
   1942   </h3>
   1943 <p>
   1944 Qualcomm Wi-Fi     
   1945          
   1946 .        
   1947    .
   1948 </p>
   1949 
   1950 <table>
   1951   <col width="19%">
   1952   <col width="20%">
   1953   <col width="10%">
   1954   <col width="23%">
   1955   <col width="17%">
   1956   <tr>
   1957     <th>CVE</th>
   1958     <th></th>
   1959     <th></th>
   1960     <th> Google </th>
   1961     <th> </th>
   1962   </tr>
   1963   <tr>
   1964     <td>CVE-2016-8452</td>
   1965     <td>A-32506396<br>
   1966         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526">
   1967 QC-CR#1050323</a></td>
   1968     <td></td>
   1969     <td>Nexus 5X, Android One, Pixel, Pixel XL</td>
   1970     <td>2016 10 28</td>
   1971   </tr>
   1972 </table>
   1973 
   1974 
   1975 <h3 id="eop-in-qualcomm-radio-driver">Qualcomm  
   1976   </h3>
   1977 <p>
   1978 Qualcomm      
   1979        
   1980   .        
   1981    .
   1982 </p>
   1983 
   1984 <table>
   1985   <col width="19%">
   1986   <col width="20%">
   1987   <col width="10%">
   1988   <col width="23%">
   1989   <col width="17%">
   1990   <tr>
   1991     <th>CVE</th>
   1992     <th></th>
   1993     <th></th>
   1994     <th> Google </th>
   1995     <th> </th>
   1996   </tr>
   1997   <tr>
   1998     <td>CVE-2016-5345</td>
   1999     <td>A-32639452<br>
   2000         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6">
   2001 QC-CR#1079713</a></td>
   2002     <td></td>
   2003     <td>Android One</td>
   2004     <td>2016 11 3</td>
   2005   </tr>
   2006 </table>
   2007 
   2008 
   2009 <h3 id="eop-in-kernel-profiling-subsystem">   
   2010   </h3>
   2011 <p>
   2012        
   2013        
   2014   .        
   2015    .
   2016 </p>
   2017 
   2018 <table>
   2019   <col width="19%">
   2020   <col width="20%">
   2021   <col width="10%">
   2022   <col width="23%">
   2023   <col width="17%">
   2024   <tr>
   2025     <th>CVE</th>
   2026     <th></th>
   2027     <th></th>
   2028     <th> Google </th>
   2029     <th> </th>
   2030   </tr>
   2031   <tr>
   2032     <td>CVE-2016-9754</td>
   2033     <td>A-32659848<br>
   2034         <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6">
   2035  </a></td>
   2036     <td></td>
   2037     <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
   2038 Player</td>
   2039     <td>2016 11 4</td>
   2040   </tr>
   2041 </table>
   2042 
   2043 
   2044 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 
   2045   </h3>
   2046 <p>
   2047 Broadcom Wi-Fi     
   2048          
   2049 .        
   2050    .
   2051 </p>
   2052 
   2053 <table>
   2054   <col width="19%">
   2055   <col width="20%">
   2056   <col width="10%">
   2057   <col width="23%">
   2058   <col width="17%">
   2059   <tr>
   2060     <th>CVE</th>
   2061     <th></th>
   2062     <th></th>
   2063     <th> Google </th>
   2064     <th> </th>
   2065   </tr>
   2066   <tr>
   2067     <td>CVE-2016-8453
   2068 </td>
   2069     <td>A-24739315*<br>
   2070         B-RB#73392</td>
   2071     <td></td>
   2072     <td>Nexus 6</td>
   2073     <td>Google </td>
   2074   </tr>
   2075   <tr>
   2076     <td>CVE-2016-8454</td>
   2077     <td>A-32174590*<br>
   2078         B-RB#107142</td>
   2079     <td></td>
   2080     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2081     <td>2016 10 14</td>
   2082   </tr>
   2083   <tr>
   2084     <td>CVE-2016-8455</td>
   2085     <td>A-32219121*<br>
   2086         B-RB#106311</td>
   2087     <td></td>
   2088     <td>Nexus 6P</td>
   2089     <td>2016 10 15</td>
   2090   </tr>
   2091   <tr>
   2092     <td>CVE-2016-8456</td>
   2093     <td>A-32219255*<br>
   2094         B-RB#105580</td>
   2095     <td></td>
   2096     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2097     <td>2016 10 15</td>
   2098   </tr>
   2099   <tr>
   2100     <td>CVE-2016-8457</td>
   2101     <td>A-32219453*<br>
   2102         B-RB#106116</td>
   2103     <td></td>
   2104     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C</td>
   2105     <td>2016 10 15</td>
   2106   </tr>
   2107 </table>
   2108 <p>
   2109 *       . 
   2110 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2111   
   2112  .
   2113 </p>
   2114 
   2115 
   2116 <h3 id="eop-in-synaptics-touchscreen-driver-2">Synaptics  
   2117   </h3>
   2118 <p>
   2119 Synaptics      
   2120        
   2121   .        
   2122    .
   2123 </p>
   2124 
   2125 <table>
   2126   <col width="19%">
   2127   <col width="20%">
   2128   <col width="10%">
   2129   <col width="23%">
   2130   <col width="17%">
   2131   <tr>
   2132     <th>CVE</th>
   2133     <th></th>
   2134     <th></th>
   2135     <th> Google </th>
   2136     <th> </th>
   2137   </tr>
   2138   <tr>
   2139     <td>CVE-2016-8458</td>
   2140     <td>A-31968442*</td>
   2141     <td></td>
   2142     <td>Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td>
   2143     <td>Google </td>
   2144   </tr>
   2145 </table>
   2146 <p>
   2147 *       . 
   2148 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2149   
   2150  .
   2151 </p>
   2152 
   2153 
   2154 <h3 id="id-in-nvidia-video-driver">NVIDIA  
   2155   </h3>
   2156 <p>
   2157 NVIDIA         
   2158       .
   2159             
   2160   .
   2161 </p>
   2162 
   2163 <table>
   2164   <col width="19%">
   2165   <col width="20%">
   2166   <col width="10%">
   2167   <col width="23%">
   2168   <col width="17%">
   2169   <tr>
   2170     <th>CVE</th>
   2171     <th></th>
   2172     <th></th>
   2173     <th> Google </th>
   2174     <th> </th>
   2175   </tr>
   2176   <tr>
   2177     <td>CVE-2016-8460</td>
   2178     <td>A-31668540*<br>
   2179         N-CVE-2016-8460</td>
   2180     <td></td>
   2181     <td>Nexus 9</td>
   2182     <td>2016 9 21</td>
   2183   </tr>
   2184 </table>
   2185 <p>
   2186 *       . 
   2187 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2188   
   2189  .
   2190 </p>
   2191 
   2192 
   2193 <h3 id="id-in-bootloader">
   2194   </h3>
   2195 <p>
   2196       
   2197       .  
   2198          .
   2199 </p>
   2200 
   2201 <table>
   2202   <col width="19%">
   2203   <col width="20%">
   2204   <col width="10%">
   2205   <col width="23%">
   2206   <col width="17%">
   2207   <tr>
   2208     <th>CVE</th>
   2209     <th></th>
   2210     <th></th>
   2211     <th> Google </th>
   2212     <th> </th>
   2213   </tr>
   2214   <tr>
   2215     <td>CVE-2016-8461</td>
   2216     <td>A-32369621*</td>
   2217     <td></td>
   2218     <td>Nexus 9, Pixel, Pixel XL</td>
   2219     <td>2016 10 21</td>
   2220   </tr>
   2221   <tr>
   2222     <td>CVE-2016-8462</td>
   2223     <td>A-32510383*</td>
   2224     <td></td>
   2225     <td>Pixel, Pixel XL</td>
   2226     <td>2016 10 27</td>
   2227   </tr>
   2228 </table>
   2229 <p>
   2230 *       . 
   2231 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2232   
   2233  .
   2234 </p>
   2235 
   2236 
   2237 <h3 id="dos-in-qualcomm-fuse-file-system">Qualcomm FUSE  
   2238  (DoS) </h3>
   2239 <p>
   2240 Qualcomm FUSE      
   2241        
   2242    .  
   2243         .
   2244 </p>
   2245 
   2246 <table>
   2247   <col width="19%">
   2248   <col width="20%">
   2249   <col width="10%">
   2250   <col width="23%">
   2251   <col width="17%">
   2252   <tr>
   2253     <th>CVE</th>
   2254     <th></th>
   2255     <th></th>
   2256     <th> Google </th>
   2257     <th> </th>
   2258   </tr>
   2259   <tr>
   2260     <td>CVE-2016-8463</td>
   2261     <td>A-30786860<br>
   2262         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10">
   2263 QC-CR#586855</a></td>
   2264     <td></td>
   2265     <td>*</td>
   2266     <td>2014 1 3</td>
   2267   </tr>
   2268 </table>
   2269 <p>
   2270 *  Android 7.0  Google      
   2271    .
   2272 </p>
   2273 
   2274 
   2275 <h3 id="dos-in-bootloader">
   2276  (DoS) </h3>
   2277 <p>
   2278   (DoS)   
   2279       ,  
   2280     .   
   2281         .
   2282 </p>
   2283 
   2284 <table>
   2285   <col width="19%">
   2286   <col width="20%">
   2287   <col width="10%">
   2288   <col width="23%">
   2289   <col width="17%">
   2290   <tr>
   2291     <th>CVE</th>
   2292     <th></th>
   2293     <th></th>
   2294     <th> Google </th>
   2295     <th> </th>
   2296   </tr>
   2297   <tr>
   2298     <td>CVE-2016-8467</td>
   2299     <td>A-30308784*</td>
   2300     <td></td>
   2301     <td>Nexus 6, Nexus 6P</td>
   2302     <td>2016 6 29</td>
   2303   </tr>
   2304 </table>
   2305 <p>
   2306 *       . 
   2307 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2308   
   2309  .
   2310 </p>
   2311 
   2312 
   2313 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi 
   2314   </h3>
   2315 <p>
   2316 Broadcom Wi-Fi     
   2317          
   2318 .       
   2319      
   2320   .
   2321 </p>
   2322 
   2323 <table>
   2324   <col width="19%">
   2325   <col width="20%">
   2326   <col width="10%">
   2327   <col width="23%">
   2328   <col width="17%">
   2329   <tr>
   2330     <th>CVE</th>
   2331     <th></th>
   2332     <th></th>
   2333     <th> Google </th>
   2334     <th> </th>
   2335   </tr>
   2336   <tr>
   2337     <td>CVE-2016-8464</td>
   2338     <td>A-29000183*<br>
   2339         B-RB#106314</td>
   2340     <td></td>
   2341     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2342     <td>2016 5 26</td>
   2343   </tr>
   2344   <tr>
   2345     <td>CVE-2016-8466</td>
   2346     <td>A-31822524*<br>
   2347         B-RB#105268</td>
   2348     <td></td>
   2349     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2350     <td>2016 9 28</td>
   2351   </tr>
   2352   <tr>
   2353     <td>CVE-2016-8465</td>
   2354     <td>A-32474971*<br>
   2355         B-RB#106053</td>
   2356     <td></td>
   2357     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2358     <td>2016 10 27</td>
   2359   </tr>
   2360 </table>
   2361 <p>
   2362 *       . 
   2363 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2364   
   2365  .
   2366 </p>
   2367 
   2368 
   2369 <h3 id="eop-in-bootloader">
   2370   </h3>
   2371 <p>
   2372       
   2373       .  
   2374   (      
   2375   )        .
   2376 </p>
   2377 
   2378 <table>
   2379   <col width="19%">
   2380   <col width="20%">
   2381   <col width="10%">
   2382   <col width="23%">
   2383   <col width="17%">
   2384   <tr>
   2385     <th>CVE</th>
   2386     <th></th>
   2387     <th></th>
   2388     <th> Google </th>
   2389     <th> </th>
   2390   </tr>
   2391   <tr>
   2392     <td>CVE-2016-8467</td>
   2393     <td>A-30308784*</td>
   2394     <td></td>
   2395     <td>Nexus 6, Nexus 6P</td>
   2396     <td>2016 6 29</td>
   2397   </tr>
   2398 </table>
   2399 <p>
   2400 *       . 
   2401 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2402   
   2403  .
   2404 </p>
   2405 
   2406 
   2407 <h3 id="eop-in-binder">Binder
   2408   </h3>
   2409 <p>
   2410 Binder       
   2411         
   2412 .       
   2413      
   2414   .
   2415 </p>
   2416 
   2417 <table>
   2418   <col width="19%">
   2419   <col width="20%">
   2420   <col width="10%">
   2421   <col width="23%">
   2422   <col width="17%">
   2423   <tr>
   2424     <th>CVE</th>
   2425     <th></th>
   2426     <th></th>
   2427     <th> Google </th>
   2428     <th> </th>
   2429   </tr>
   2430   <tr>
   2431     <td>CVE-2016-8468</td>
   2432     <td>A-32394425*</td>
   2433     <td></td>
   2434     <td>Pixel C, Pixel, Pixel XL</td>
   2435     <td>Google </td>
   2436   </tr>
   2437 </table>
   2438 <p>
   2439 *       . 
   2440 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2441   
   2442  .
   2443 </p>
   2444 
   2445 
   2446 <h3 id="id-in-nvidia-camera-driver">NVIDIA  
   2447   </h3>
   2448 <p>
   2449         
   2450       .
   2451            .
   2452 </p>
   2453 
   2454 <table>
   2455   <col width="19%">
   2456   <col width="20%">
   2457   <col width="10%">
   2458   <col width="23%">
   2459   <col width="17%">
   2460   <tr>
   2461     <th>CVE</th>
   2462     <th></th>
   2463     <th></th>
   2464     <th> Google </th>
   2465     <th> </th>
   2466   </tr>
   2467   <tr>
   2468     <td>CVE-2016-8469</td>
   2469     <td>A-31351206*<br>
   2470         N-CVE-2016-8469</td>
   2471     <td></td>
   2472     <td>Nexus 9</td>
   2473     <td>2016 9 7</td>
   2474   </tr>
   2475 </table>
   2476 <p>
   2477 *       . 
   2478 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2479   
   2480  .
   2481 </p>
   2482 
   2483 
   2484 <h3 id="id-in-mediatek-driver">MediaTek 
   2485   </h3>
   2486 <p>
   2487 MediaTek        
   2488       .
   2489   
   2490      
   2491   .
   2492 </p>
   2493 
   2494 <table>
   2495   <col width="19%">
   2496   <col width="20%">
   2497   <col width="10%">
   2498   <col width="23%">
   2499   <col width="17%">
   2500   <tr>
   2501     <th>CVE</th>
   2502     <th></th>
   2503     <th></th>
   2504     <th> Google </th>
   2505     <th> </th>
   2506   </tr>
   2507   <tr>
   2508     <td>CVE-2016-8470</td>
   2509     <td>A-31528889*<br>
   2510         MT-ALPS02961395</td>
   2511     <td></td>
   2512     <td>**</td>
   2513     <td>2016 9 15</td>
   2514   </tr>
   2515   <tr>
   2516     <td>CVE-2016-8471</td>
   2517     <td>A-31528890*<br>
   2518         MT-ALPS02961380</td>
   2519     <td></td>
   2520     <td>**</td>
   2521     <td>2016 9 15</td>
   2522   </tr>
   2523   <tr>
   2524     <td>CVE-2016-8472</td>
   2525     <td>A-31531758*<br>
   2526         MT-ALPS02961384</td>
   2527     <td></td>
   2528     <td>**</td>
   2529     <td>2016 9 15</td>
   2530   </tr>
   2531 </table>
   2532 <p>
   2533 *       . 
   2534 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2535   
   2536  .
   2537 </p>
   2538 <p>
   2539 **  Android 7.0  Google      
   2540    .
   2541 </p>
   2542 
   2543 
   2544 <h3 id="id-in-stmicroelectronics-driver">STMicroelectronics 
   2545   </h3>
   2546 <p>
   2547 STMicroelectronics        
   2548       .   
   2549         .
   2550 </p>
   2551 
   2552 <table>
   2553   <col width="19%">
   2554   <col width="20%">
   2555   <col width="10%">
   2556   <col width="23%">
   2557   <col width="17%">
   2558   <tr>
   2559     <th>CVE</th>
   2560     <th></th>
   2561     <th></th>
   2562     <th> Google </th>
   2563     <th> </th>
   2564   </tr>
   2565   <tr>
   2566     <td>CVE-2016-8473</td>
   2567     <td>A-31795790*</td>
   2568     <td></td>
   2569     <td>Nexus 5X, Nexus 6P</td>
   2570     <td>2016 9 28</td>
   2571   </tr>
   2572   <tr>
   2573     <td>CVE-2016-8474</td>
   2574     <td>A-31799972*</td>
   2575     <td></td>
   2576     <td>Nexus 5X, Nexus 6P</td>
   2577     <td>2016 9 28</td>
   2578   </tr>
   2579 </table>
   2580 <p>
   2581 *       . 
   2582 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2583   
   2584  .
   2585 </p>
   2586 
   2587 
   2588 <h3 id="id-in-qualcomm-audio-post-processor-">Qualcomm   
   2589    </h3>
   2590 <p>
   2591 Qualcomm          
   2592       .      
   2593        .
   2594 </p>
   2595 
   2596 <table>
   2597   <col width="18%">
   2598   <col width="17%">
   2599   <col width="10%">
   2600   <col width="19%">
   2601   <col width="18%">
   2602   <col width="17%">
   2603   <tr>
   2604     <th>CVE</th>
   2605     <th></th>
   2606     <th></th>
   2607     <th> Google </th>
   2608     <th> AOSP </th>
   2609     <th> </th>
   2610   </tr>
   2611   <tr>
   2612    <td>CVE-2017-0399
   2613    </td>
   2614    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   2615        A-32588756</a>
   2616 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   2617    <td></td>
   2618    <td></td>
   2619    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2620    <td>2016 10 18</td>
   2621   </tr>
   2622   <tr>
   2623    <td>CVE-2017-0400</td>
   2624    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   2625        A-32438598</a>
   2626 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]
   2627    </td>
   2628    <td></td>
   2629    <td></td>
   2630    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2631    <td>2016 10 25</td>
   2632   </tr>
   2633   <tr>
   2634    <td>CVE-2017-0401</td>
   2635    <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358">
   2636        A-32588016</a>
   2637    </td>
   2638    <td></td>
   2639    <td></td>
   2640    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2641    <td>2016 10 26</td>
   2642   </tr>
   2643   <tr>
   2644    <td>CVE-2017-0402</td>
   2645    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   2646        A-32588352</a>
   2647 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]
   2648    </td>
   2649    <td></td>
   2650    <td></td>
   2651    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2652    <td>2016 10 25</td>
   2653   </tr>
   2654 </table>
   2655 
   2656 
   2657 <h3 id="id-in-htc-input-driver">HTC  
   2658   </h3>
   2659 <p>
   2660 HTC         
   2661       .
   2662            .
   2663 </p>
   2664 
   2665 <table>
   2666   <col width="19%">
   2667   <col width="20%">
   2668   <col width="10%">
   2669   <col width="23%">
   2670   <col width="17%">
   2671   <tr>
   2672     <th>CVE</th>
   2673     <th></th>
   2674     <th></th>
   2675     <th> Google </th>
   2676     <th> </th>
   2677   </tr>
   2678   <tr>
   2679     <td>CVE-2016-8475</td>
   2680     <td>A-32591129*</td>
   2681     <td></td>
   2682     <td>Pixel, Pixel XL</td>
   2683     <td>2016 10 30</td>
   2684   </tr>
   2685 </table>
   2686 <p>
   2687 *       . 
   2688 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2689   
   2690  .
   2691 </p>
   2692 
   2693 
   2694 <h3 id="dos-in-kernel-file-system">  
   2695  (DoS) </h3>
   2696 <p>
   2697          
   2698     .    
   2699       
   2700   .
   2701 </p>
   2702 
   2703 <table>
   2704   <col width="19%">
   2705   <col width="20%">
   2706   <col width="10%">
   2707   <col width="23%">
   2708   <col width="17%">
   2709   <tr>
   2710     <th>CVE</th>
   2711     <th></th>
   2712     <th></th>
   2713     <th> Google </th>
   2714     <th> </th>
   2715   </tr>
   2716   <tr>
   2717     <td>CVE-2014-9420</td>
   2718     <td>A-32477499<br>
   2719         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d">
   2720  </a></td>
   2721     <td></td>
   2722     <td>Pixel C</td>
   2723     <td>2014 12 25</td>
   2724   </tr>
   2725 </table>
   2726 
   2727 <h2 id="common-questions-and-answers">   </h2>
   2728 <p>           .</p>
   2729 
   2730 <p><strong>1.          ?
   2731 </strong></p>
   2732 
   2733 <p>      
   2734 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus  </a>
   2735   .</p>
   2736 <ul>
   2737   <li>2017-01-01       2017-01-01
   2738       .</li>
   2739   <li>2017-01-05          
   2740     2017-01-05     .</li>
   2741 </ul>
   2742 <p>       
   2743    .</p>
   2744 <ul>
   2745   <li>[ro.build.version.security_patch]:[2017-01-01]</li>
   2746   <li>[ro.build.version.security_patch]:[2017-01-05]</li>
   2747 </ul>
   2748 <p><strong>2.          ?</strong></p>
   2749 
   2750 <p>  Android   Android   
   2751             
   2752  . Android       
   2753       .</p>
   2754 <ul>
   2755   <li>2017 1 1         
   2756            
   2757    .</li>
   2758   <li>2017 1 5      
   2759           
   2760    .</li>
   2761 </ul>
   2762 <p>            .</p>
   2763 
   2764 <p><strong>3.    Google     ?</strong></p>
   2765 
   2766 <p><a href="#2017-01-01-details">2017 1 1</a>  <a href="#2017-01-05-details">2017 1 5</a>        <em> Google </em>   .     Google     .      .</p>
   2767 <ul>
   2768   <li><strong> Google </strong>:   Google   Pixel 
   2769       <em> Google </em> 
   2770   '' . ''   <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices"> </a>
   2771   . Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9,
   2772   Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li>
   2773   <li><strong> Google </strong>:   Google    
   2774    ,   Google  <em> Google </em> 
   2775   .</li>
   2776   <li><strong>Google  </strong>:   Android  
   2777   Google      
   2778   <em> Google </em>  '' .</li>
   2779 </ul>
   2780 <p><strong>4.      ?</strong></p>
   2781 
   2782 <p>   <em></em>      
   2783      .  
   2784   .</p>
   2785 
   2786 <table>
   2787   <tr>
   2788    <th></th>
   2789    <th> </th>
   2790   </tr>
   2791   <tr>
   2792    <td>A-</td>
   2793    <td>Android  ID</td>
   2794   </tr>
   2795   <tr>
   2796    <td>QC-</td>
   2797    <td>Qualcomm  </td>
   2798   </tr>
   2799   <tr>
   2800    <td>M-</td>
   2801    <td>MediaTek  </td>
   2802   </tr>
   2803   <tr>
   2804    <td>N-</td>
   2805    <td>NVIDIA  </td>
   2806   </tr>
   2807   <tr>
   2808    <td>B-</td>
   2809    <td>Broadcom  </td>
   2810   </tr>
   2811 </table>
   2812 <h2 id="revisions"> </h2>
   2813 <ul>
   2814  <li>2017 1 3:  </li>
   2815  <li>2017 1 4:   AOSP  </li>
   2816  <li>2017 1 5: AOSP   7.1 7.1.1 </li>
   2817 </ul>
   2818