Home | History | Annotate | Download | only in bulletin 
      1 page.title=   Nexus  2016.
      2 @jd:body
      3 
      4 <!--
      5     Copyright 2016 The Android Open Source Project
      6 
      7     Licensed under the Apache License, Version 2.0 (the "License");
      8     you may not use this file except in compliance with the License.
      9     You may obtain a copy of the License at
     10 
     11         http://www.apache.org/licenses/LICENSE-2.0
     12 
     13     Unless required by applicable law or agreed to in writing, software
     14     distributed under the License is distributed on an "AS IS" BASIS,
     15     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     16     See the License for the specific language governing permissions and
     17     limitations under the License.
     18 -->
     19 
     20 <div id="qv-wrapper">
     21   <div id="qv">
     22     <h2>  </h2>
     23     <ol id="auto-toc">
     24    </ol>
     25   </div>
     26 </div>
     27 
     28 <p><em> 1 2016. |  7 2016.</em></p>
     29 
     30 <p>      Android  
     31       Nexus
     32 
     33     Nexus  <a href="https://developers.google.com/android/nexus/images">  </a>.
     34 
     35     LMY49G    ,   
     36 AndroidM    1 2016   .  , 
     37      ,
     38   <a href="https://support.google.com/nexus/answer/4457705"> Nexus</a>.</p>
     39 
     40 <p>     4 2016  .     
     41 Android Open Source Project (AOSP).</p>
     42 
     43 <p>        
     44       (,  
     45   ,      
     46  MMS).  ,    
     47 Wi-Fi- Broadcom,      
     48   ,     
     49   .</p>
     50 
     51 <p>   .   <a href="#mitigations"> </a>
     52 ,  <a href="{@docRoot}security/enhancements/index.html"> </a>    , 
     53 SafetyNet,      Android.   
     54      .</p>
     55 
     56 <h2 id="security_vulnerability_summary"> </h2>
     57 
     58 
     59 <p>    ,   (CVE)  
     60 .  <a href="{@docRoot}security/overview/updates-resources.html#severity"></a>  ,     
     61     ,     
     62   .</p>
     63 <table>
     64  <tr>
     65     <th></th>
     66     <th>CVE</th>
     67     <th> </th>
     68  </tr>
     69  <tr>
     70     <td>    Wi-Fi- Broadcom</td>
     71     <td>CVE-2016-0801<br>
     72         CVE-2016-0802</td>
     73     <td></td>
     74  </tr>
     75  <tr>
     76     <td>    mediaserver</td>
     77     <td>CVE-2016-0803<br>
     78         CVE-2016-0804</td>
     79     <td></td>
     80  </tr>
     81  <tr>
     82     <td>      Qualcomm</td>
     83     <td>CVE-2016-0805</td>
     84     <td></td>
     85  </tr>
     86  <tr>
     87     <td>   Wi-Fi- Qualcomm</td>
     88     <td>CVE-2016-0806</td>
     89     <td></td>
     90  </tr>
     91  <tr>
     92     <td>   Debuggerd</td>
     93     <td>CVE-2016-0807</td>
     94     <td></td>
     95  </tr>
     96  <tr>
     97     <td>    Minikin</td>
     98     <td>CVE-2016-0808</td>
     99     <td></td>
    100  </tr>
    101  <tr>
    102     <td>   Wi-Fi</td>
    103     <td>CVE-2016-0809</td>
    104     <td></td>
    105  </tr>
    106  <tr>
    107     <td>   mediaserver</td>
    108     <td>CVE-2016-0810</td>
    109     <td></td>
    110  </tr>
    111  <tr>
    112     <td>   libmediaplayerservice</td>
    113     <td>CVE-2016-0811</td>
    114     <td></td>
    115  </tr>
    116  <tr>
    117     <td>    </td>
    118     <td>CVE-2016-0812<br>
    119         CVE-2016-0813</td>
    120     <td></td>
    121  </tr>
    122 </table>
    123 
    124 
    125 <h3 id="mitigations"> </h3>
    126 
    127 
    128 <p> ,  <a href="https://source.android.com/security/enhancements/index.html"> </a>    ,
    129  SafetyNet,      Android.</p>
    130 
    131 <ul>
    132   <li>        Android,
    133         .
    134   <li> ,    Android,  
    135       SafetyNet.
    136         .     Google Play .
    137    ,     
    138 ,  " "   .
    139        -
    140 .  ,    
    141  ,     ,
    142    .     , 
    143        .
    144   <li>  Google Hangouts  Messenger    
    145 ,  mediaserver, .
    146 </li></li></li></ul>
    147 
    148 <h3 id="acknowledgements"></h3>
    149 
    150 
    151 <p> ,    :</p>
    152 
    153 <ul>
    154   <li>   Android  Chrome: CVE-2016-0809, CVE-2016-0810
    155   <li>  Broadgate: CVE-2016-0801, CVE-2015-0802
    156   <li>   (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>),   (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)   
    157         <a href="http://c0reteam.org"> C0RE</a>, <a href="http://www.360safe.com/">Qihoo 360</a>: CVE-2016-0804
    158   <li>     Google Pixel C: CVE-2016-0812
    159   <li>   (<a href="https://twitter.com/@chengjia4574">@chengjia4574</a>)
    160         Lab IceSword, Qihoo 360: CVE-2016-0805
    161   <li>   (<a href="https://twitter.com/@Flanker_hqd">@Flanker_hqd</a>) 
    162        KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-0811
    163   <li>   (<a href="https://twitter.com/@lingtongshen">@lingtongshen</a>)
    164         Trend Micro (<a href="http://www.trendmicro.com">www.trendmicro.com</a>): CVE-2016-0803
    165   <li>   (<a href="https://twitter.com/sunblate">@sunblate</a>)  Alibaba Inc: CVE-2016-0808
    166   <li>   (<a href="https://twitter.com/@ebeip90">@ebeip90</a>)    Android: CVE-2016-0807
    167 </li></li></li></li></li></li></li></li></li></li></li></ul>
    168 
    169 <h2 id="security_vulnerability_details"> </h2>
    170 
    171 
    172 <p>         <a href="#security_vulnerability_summary"> </a>
    173 : ,  ,     CVE, 
    174  ,  ,     
    175  .
    176  ,        AOSP,
    177    ,    
    178  .</p>
    179 
    180 <h3 id="remote_code_execution_vulnerability_in_broadcom_wi-fi_driver">    Wi-Fi- Broadcom</h3>
    181 
    182 
    183 <p> Wi-Fi- Broadcom   .  
    184         
    185          . 
    186     ,     
    187    .     -
    188         
    189 .</p>
    190 <table>
    191  <tr>
    192     <th>CVE</th>
    193     <th></th>
    194     <th> </th>
    195     <th>,    </th>
    196     <th>   </th>
    197  </tr>
    198  <tr>
    199     <td>CVE-2016-0801</td>
    200     <td><a href="https://android.googlesource.com/kernel/msm/+/68cdc8df1cb6622980b791ce03e99c255c9888af^!">ANDROID-25662029</a><br>
    201    <a href="https://android.googlesource.com/kernel/msm/+/68cdc8df1cb6622980b791ce03e99c255c9888af^!">ANDROID-25662233</a></td>
    202     <td></td>
    203     <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td>
    204     <td>25 2015.</td>
    205  </tr>
    206  <tr>
    207     <td>CVE-2016-0802</td>
    208     <td><a href="https://android.googlesource.com/kernel/msm/+/3fffc78f70dc101add8b82af878d53457713d005^%21/">ANDROID-25306181</a></td>
    209     <td></td>
    210     <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td>
    211     <td>26 2015.</td>
    212  </tr>
    213 </table>
    214 
    215 <h3 id="remote_code_execution_vulnerability_in_mediaserver">    mediaserver</h3>
    216 
    217 <p>        
    218     mediaserver, 
    219          
    220 mediaserver.</p>
    221 
    222 <p>     .  
    223  ,  MMS-  
    224   ,    .</p>
    225 
    226 <p>    -  
    227      mediaserver.      -
    228  ,    ,    .</p>
    229 <table>
    230  <tr>
    231     <th>CVE</th>
    232     <th>    AOSP</th>
    233     <th> </th>
    234     <th>,    </th>
    235     <th>   </th>
    236  </tr>
    237  <tr>
    238     <td>CVE-2016-0803</td>
    239     <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/50270d98e26fa18b20ca88216c3526667b724ba7">ANDROID-25812794</a></td>
    240     <td></td>
    241     <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td>
    242     <td>19 2015.</td>
    243  </tr>
    244  <tr>
    245     <td>CVE-2016-0804</td>
    246     <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/224858e719d045c8554856b12c4ab73d2375cf33">ANDROID-25070434</a></td>
    247     <td></td>
    248     <td>5.0, 5.1.1, 6.0, 6.0.1</td>
    249     <td>12 2015.</td>
    250  </tr>
    251 </table>
    252 
    253 
    254 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module">      Qualcomm</h3>
    255 
    256 
    257 <p>      
    258 ARM- Qualcomm.     
    259      .   
    260 ,  -     .
    261      .</p>
    262 <table>
    263  <tr>
    264     <th>CVE</th>
    265     <th></th>
    266     <th> </th>
    267     <th>,    </th>
    268     <th>   </th>
    269  </tr>
    270  <tr>
    271     <td>CVE-2016-0805</td>
    272     <td>ANDROID-25773204*</td>
    273     <td></td>
    274     <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td>
    275     <td>15 2015.</td>
    276  </tr>
    277 </table>
    278 
    279 <p>*    AOSP.  
    280       Nexus, 
    281    <a href="https://developers.google.com/android/nexus/drivers">  </a>.</p>
    282 
    283 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wifi_driver">   Wi-Fi- Qualcomm</h3>
    284 
    285 
    286 <p> Wi-Fi- Qualcomm   
    287       .  
    288  ,  -     .
    289      .</p>
    290 <table>
    291  <tr>
    292     <th>CVE</th>
    293     <th></th>
    294     <th> </th>
    295     <th>,    </th>
    296     <th>   </th>
    297  </tr>
    298  <tr>
    299     <td>CVE-2016-0806</td>
    300     <td>ANDROID-25344453*</td>
    301     <td></td>
    302     <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td>
    303     <td>15 2015.</td>
    304  </tr>
    305 </table>
    306 
    307 <p>*    AOSP.  
    308       Nexus, 
    309    <a href="https://developers.google.com/android/nexus/drivers">  </a>.</p>
    310 
    311 <h3 id="elevation_of_privilege_vulnerability_in_the_debuggerd">   Debuggerd </h3>
    312 
    313 
    314 <p>  Debuggerd    
    315     ,  root-.    ,  -   
    316  .      .</p>
    317 <table>
    318  <tr>
    319     <th>CVE</th>
    320     <th>    AOSP</th>
    321     <th> </th>
    322     <th>,    </th>
    323     <th>   </th>
    324  </tr>
    325  <tr>
    326     <td>CVE-2016-0807</td>
    327     <td><a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/d917514bd6b270df431ea4e781a865764d406120">ANDROID-25187394</a></td>
    328     <td></td>
    329     <td>6.0, 6.0.1</td>
    330     <td>   Google</td>
    331  </tr>
    332 </table>
    333 
    334 
    335 <h3 id="denial_of_service_vulnerability_in_minikin">    Minikin</h3>
    336 
    337 
    338 <p>   Minikin    
    339     .  
    340    ,    Minikin 
    341    .     ,
    342  -       
    343 .</p>
    344 <table>
    345  <tr>
    346     <th>CVE</th>
    347     <th>    AOSP</th>
    348     <th> </th>
    349     <th>,    </th>
    350     <th>   </th>
    351  </tr>
    352  <tr>
    353     <td>CVE-2016-0808</td>
    354     <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ed4c8d79153baab7f26562afb8930652dfbf853b">ANDROID-25645298</a></td>
    355     <td></td>
    356     <td>5.0, 5.1.1, 6.0, 6.0.1</td>
    357     <td>3 2015.</td>
    358  </tr>
    359 </table>
    360 
    361 
    362 <h3 id="elevation_of_privilege_vulnerability_in_wi-fi">   Wi-Fi</h3>
    363 
    364 
    365 <p>  Wi-Fi  ,  
    366  ,        
    367  .     , 
    368        <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> normal</a> ().
    369   ,     , 
    370  .</p>
    371 <table>
    372  <tr>
    373     <th>CVE</th>
    374     <th>    AOSP</th>
    375     <th> </th>
    376     <th>,    </th>
    377     <th>   </th>
    378  </tr>
    379  <tr>
    380     <td>CVE-2016-0809</td>
    381     <td><a href="https://android.googlesource.com/platform/hardware/broadcom/wlan/+/2c5a4fac8bc8198f6a2635ede776f8de40a0c3e1^%21/#F0">ANDROID-25753768</a></td>
    382     <td></td>
    383     <td>6.0, 6.0.1</td>
    384     <td>   Google</td>
    385  </tr>
    386 </table>
    387 
    388 
    389 <h3 id="elevation_of_privilege_vulnerability_in_mediaserver">   mediaserver </h3>
    390 
    391 
    392 <p> mediaserver     
    393         .
    394      , 
    395      ,  
    396  (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a>  <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p>
    397 <table>
    398  <tr>
    399     <th>CVE</th>
    400     <th>    AOSP</th>
    401     <th> </th>
    402     <th>,    </th>
    403     <th>   </th>
    404  </tr>
    405  <tr>
    406     <td>CVE-2016-0810</td>
    407     <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/19c47afbc402542720ddd280e1bbde3b2277b586">ANDROID-25781119</a></td>
    408     <td></td>
    409     <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td>
    410     <td>   Google</td>
    411  </tr>
    412 </table>
    413 
    414 
    415 <h3 id="information_disclosure_vulnerability_in_libmediaplayerservice">   libmediaplayerservice </h3>
    416 
    417 
    418 <p> libmediaplayerservice   ,    ,    .  
    419   ,       ,
    420    (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a>  <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p>
    421 <table>
    422  <tr>
    423     <th>CVE</th>
    424     <th>    AOSP</th>
    425     <th> </th>
    426     <th>,    </th>
    427     <th>   </th>
    428  </tr>
    429  <tr>
    430     <td>CVE-2016-0811</td>
    431     <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/22f824feac43d5758f9a70b77f2aca840ba62c3b">ANDROID-25800375</a></td>
    432     <td></td>
    433     <td>6.0, 6.0.1</td>
    434     <td>16 2015.</td>
    435  </tr>
    436 </table>
    437 
    438 
    439 <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard">    </h3>
    440 
    441 
    442 <p>     ,   
    443  ,       
    444 .     , 
    445        .</p>
    446 <table>
    447  <tr>
    448     <th>CVE</th>
    449     <th>    AOSP</th>
    450     <th> </th>
    451     <th>,    </th>
    452     <th>   </th>
    453  </tr>
    454  <tr>
    455     <td>CVE-2016-0812</td>
    456     <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/84669ca8de55d38073a0dcb01074233b0a417541">ANDROID-25229538</a></td>
    457     <td></td>
    458     <td>5.1.1, 6.0</td>
    459     <td>   Google</td>
    460  </tr>
    461  <tr>
    462     <td>CVE-2016-0813</td>
    463     <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/16a76dadcc23a13223e9c2216dad1fe5cad7d6e1">ANDROID-25476219</a></td>
    464     <td></td>
    465     <td>5.1.1, 6.0, 6.0.1</td>
    466     <td>   Google</td>
    467  </tr>
    468 </table>
    469 
    470 <h3 id="common_questions_and_answers">  </h3>
    471 
    472 <p>      ,   
    473   .</p>
    474 
    475 <p><strong>1.  ,     ,     ?</strong></p>
    476 
    477 <p>    LMY49G    ,    Android6.0    1 2016   .  ,
    478       ,
    479   <a href="https://support.google.com/nexus/answer/4457705">  Nexus</a>.  ,
    480    ,   
    481  [ro.build.version.security_patch]:[2016-02-01].</p>
    482 
    483 <h2 id="revisions"></h2>
    484 
    485 
    486 <ul>
    487   <li> 1 2016.  .
    488   <li> 2 2016.    AOSP.
    489   <li> 7 2016.     AOSP.
    490 
    491 </li></li></li></ul>
    492