1 page.title= Android 2016. 2 @jd:body 3 <!-- 4 Copyright 2016 The Android Open Source Project 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 http://www.apache.org/licenses/LICENSE-2.0 9 Unless required by applicable law or agreed to in writing, software 10 distributed under the License is distributed on an "AS IS" BASIS, 11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 See the License for the specific language governing permissions and 13 limitations under the License. 14 --> 15 16 <p><em> 6 2016. | 8 2016.</em></p> 17 18 <p> 19 Android. 20 Nexus 21 Nexus <a href="https://developers.google.com/android/nexus/images"> </a>. 22 23 1 2016 . , 24 , 25 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> Nexus</a>.</p> 26 27 <p> 2 2016 . Android Open Source Project (AOSP).</p> 28 29 <p> 30 (, 31 , 32 MMS).</p> 33 34 <p> . <a href="#mitigations"> </a> 35 , <a href="{@docRoot}security/enhancements/index.html"> </a> , 36 SafetyNet, Android.</p> 37 38 <p> .</p> 39 40 <h2 id="security_vulnerability_summary"> </h2> 41 42 43 <p> , (CVE) 44 , , Nexus. <a href="{@docRoot}security/overview/updates-resources.html#severity"> </a> , 45 , 46 .</p> 47 <table> 48 <col width="55%"> 49 <col width="20%"> 50 <col width="13%"> 51 <col width="12%"> 52 <tr> 53 <th></th> 54 <th>CVE</th> 55 <th> </th> 56 <th> Nexus?</th> 57 </tr> 58 <tr> 59 <td> mediaserver</td> 60 <td>CVE-2016-2463</td> 61 <td></td> 62 <td></td> 63 </tr> 64 <tr> 65 <td> libwebm</td> 66 <td>CVE-2016-2464</td> 67 <td></td> 68 <td></td> 69 </tr> 70 <tr> 71 <td> Qualcomm</td> 72 <td>CVE-2016-2465</td> 73 <td></td> 74 <td></td> 75 </tr> 76 <tr> 77 <td> Qualcomm</td> 78 <td>CVE-2016-2466<br> 79 CVE-2016-2467</td> 80 <td></td> 81 <td></td> 82 </tr> 83 <tr> 84 <td> Qualcomm </td> 85 <td>CVE-2016-2468<br> 86 CVE-2016-2062</td> 87 <td></td> 88 <td></td> 89 </tr> 90 <tr> 91 <td> Wi-Fi- Qualcomm</td> 92 <td>CVE-2016-2474</td> 93 <td></td> 94 <td></td> 95 </tr> 96 <tr> 97 <td> Wi-Fi- Broadcom</td> 98 <td>CVE-2016-2475</td> 99 <td></td> 100 <td></td> 101 </tr> 102 <tr> 103 <td> Qualcomm</td> 104 <td>CVE-2016-2066<br> 105 CVE-2016-2469</td> 106 <td></td> 107 <td></td> 108 </tr> 109 <tr> 110 <td> mediaserver</td> 111 <td>CVE-2016-2476<br> 112 CVE-2016-2477<br> 113 CVE-2016-2478<br> 114 CVE-2016-2479<br> 115 CVE-2016-2480<br> 116 CVE-2016-2481<br> 117 CVE-2016-2482<br> 118 CVE-2016-2483<br> 119 CVE-2016-2484<br> 120 CVE-2016-2485<br> 121 CVE-2016-2486<br> 122 CVE-2016-2487</td> 123 <td></td> 124 <td></td> 125 </tr> 126 <tr> 127 <td> Qualcomm </td> 128 <td>CVE-2016-2061<br> 129 CVE-2016-2488</td> 130 <td></td> 131 <td></td> 132 </tr> 133 <tr> 134 <td> Qualcomm</td> 135 <td>CVE-2016-2489</td> 136 <td></td> 137 <td></td> 138 </tr> 139 <tr> 140 <td> NVIDIA </td> 141 <td>CVE-2016-2490<br> 142 CVE-2016-2491</td> 143 <td></td> 144 <td></td> 145 </tr> 146 <tr> 147 <td> Wi-Fi- Qualcomm</td> 148 <td>CVE-2016-2470<br> 149 CVE-2016-2471<br> 150 CVE-2016-2472<br> 151 CVE-2016-2473</td> 152 <td></td> 153 <td></td> 154 </tr> 155 <tr> 156 <td> MediaTek</td> 157 <td>CVE-2016-2492</td> 158 <td></td> 159 <td></td> 160 </tr> 161 <tr> 162 <td> SD-</td> 163 <td>CVE-2016-2494</td> 164 <td></td> 165 <td></td> 166 </tr> 167 <tr> 168 <td> Wi-Fi- Broadcom</td> 169 <td>CVE-2016-2493</td> 170 <td></td> 171 <td></td> 172 </tr> 173 <tr> 174 <td> mediaserver</td> 175 <td>CVE-2016-2495</td> 176 <td></td> 177 <td></td> 178 </tr> 179 <tr> 180 <td> Framework</td> 181 <td>CVE-2016-2496</td> 182 <td></td> 183 <td></td> 184 </tr> 185 <tr> 186 <td> Wi-Fi- Qualcomm</td> 187 <td>CVE-2016-2498</td> 188 <td></td> 189 <td></td> 190 </tr> 191 <tr> 192 <td> mediaserver</td> 193 <td>CVE-2016-2499</td> 194 <td></td> 195 <td></td> 196 </tr> 197 <tr> 198 <td> </td> 199 <td>CVE-2016-2500</td> 200 <td></td> 201 <td></td> 202 </tr> 203 </table> 204 205 206 <h2 id="mitigations"> </h2> 207 208 209 <p> , <a href="{@docRoot}security/enhancements/index.html"> </a> , 210 SafetyNet, Android.</p> 211 212 <ul> 213 <li> Android, 214 215 . 216 <li> , Android, 217 <a href="{@docRoot}security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a>. 218 219 <a href="{@docRoot}security/reports/Google_Android_Security_PHA_classifications.pdf"> </a>. 220 221 <a href="http://www.android.com/gms"> Google</a>. , 222 . 223 Google Play , 224 . 225 , . 226 , , 227 , 228 . , 229 . 230 <li> Google Hangouts Messenger 231 , mediaserver, . 232 </li></li></li></ul> 233 234 <h2 id="acknowledgements"></h2> 235 236 237 <p> , :</p> 238 239 <ul> 240 <li> (<a href="https://twitter.com/returnsme">@returnsme</a>) KeenLab 241 (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-2468 242 <li> <a href="http://bits-please.blogspot.com"> </a> 243 (<a href="https://twitter.com/laginimaineb">@laginimaineb</a>): CVE-2016-2476 244 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) pjf 245 (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) IceSword Lab, Qihoo 360 246 Technology Co. Ltd.: CVE-2016-2492 247 <li> , Mobile Safe Team, Qihoo 360 Technology 248 Co. Ltd.: CVE-2016-2470, CVE-2016-2471, CVE-2016-2472, CVE-2016-2473, 249 CVE-2016-2498 250 <li> <a href="http://www.iwobanas.com"> </a>: CVE-2016-2496 251 <li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) 252 pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) IceSword Lab, 253 Qihoo360 Technology Co. Ltd.: CVE-2016-2490, CVE-2016-2491 254 <li> Google: CVE-2016-2500 255 <li> Google: CVE-2016-2474 256 <li> Google: CVE-2016-2487 257 <li> Google Project Zero: CVE-2016-2494 258 <li> (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), 259 (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 260 <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-2477, CVE-2016-2478, 261 CVE-2016-2479, CVE-2016-2480, CVE-2016-2481, CVE-2016-2482, CVE-2016-2483, CVE-2016-2484, 262 CVE-2016-2485, CVE-2016-2486 263 <li> <a href="mailto:sbauer (a] plzdonthack.me"> </a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): 264 CVE-2016-2066, CVE-2016-2061, CVE-2016-2465, CVE-2016-2469, CVE-2016-2489 265 <li> : CVE-2016-2463 266 <li> (<a href="https://twitter.com/sunblate">@sunblate</a>) Alibaba Inc.: CVE-2016-2495 267 <li> Tencent: CVE-2016-2499 268 <li> (<a href="https://twitter.com/ebeip90">@ebeip90</a>) Android: CVE-2016-2493 269 </li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 270 271 <h2 id="security_vulnerability_details"> </h2> 272 273 274 <p> 275 <a href="#security_vulnerability_summary"> </a> : , , 276 CVE, Android, , 277 Nexus AOSP ( ) 278 . 279 , AOSP, 280 , 281 .</p> 282 283 <h3 id="remote_code_execution_vulnerability_in_mediaserver"> 284 mediaserver</h3> 285 286 287 <p> 288 . 289 - 290 mediaserver. 291 - , , 292 .</p> 293 294 <p> . 295 , MMS- 296 , .</p> 297 <table> 298 <col width="19%"> 299 <col width="16%"> 300 <col width="10%"> 301 <col width="19%"> 302 <col width="18%"> 303 <col width="16%"> 304 <tr> 305 <th>CVE</th> 306 <th> Android</th> 307 <th> </th> 308 <th> Nexus</th> 309 <th> AOSP</th> 310 <th> </th> 311 </tr> 312 <tr> 313 <td>CVE-2016-2463</td> 314 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/2b6f22dc64d456471a1dc6df09d515771d1427c8">27855419</a></td> 315 <td></td> 316 <td><a href="#nexus_devices"> </a></td> 317 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 318 <td>25 2016.</td> 319 </tr> 320 </table> 321 322 323 <h3 id="remote_code_execution_vulnerabilities_in_libwebm"> 324 libwebm</h3> 325 326 327 <p> 328 . 329 - 330 mediaserver. 331 - , , 332 .</p> 333 334 <p> . 335 , MMS- 336 , .</p> 337 <table> 338 <col width="19%"> 339 <col width="16%"> 340 <col width="10%"> 341 <col width="19%"> 342 <col width="18%"> 343 <col width="16%"> 344 <tr> 345 <th>CVE</th> 346 <th> Android</th> 347 <th> </th> 348 <th> Nexus</th> 349 <th> AOSP</th> 350 <th> </th> 351 </tr> 352 <tr> 353 <td>CVE-2016-2464</td> 354 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d">23167726</a> 355 [<a href="https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148">2</a>] 356 </td> 357 <td></td> 358 <td><a href="#nexus_devices"> </a></td> 359 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 360 <td> Google</td> 361 </tr> 362 </table> 363 364 365 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_driver"> 366 Qualcomm</h3> 367 368 369 <p> 370 . , 371 - . , 372 .</p> 373 <table> 374 <col width="19%"> 375 <col width="16%"> 376 <col width="10%"> 377 <col width="27%"> 378 <col width="16%"> 379 <tr> 380 <th>CVE</th> 381 <th> Android</th> 382 <th> </th> 383 <th> Nexus</th> 384 <th> </th> 385 </tr> 386 <tr> 387 <td>CVE-2016-2465</td> 388 <td>27407865*</td> 389 <td></td> 390 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 391 <td>21 2016.</td> 392 </tr> 393 </table> 394 <p> 395 * AOSP. 396 Nexus, 397 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 398 </p> 399 400 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_sound_driver"> 401 Qualcomm</h3> 402 403 <p> 404 . , 405 - . , 406 .</p> 407 408 <table> 409 <col width="19%"> 410 <col width="16%"> 411 <col width="10%"> 412 <col width="27%"> 413 <col width="16%"> 414 <tr> 415 <th>CVE</th> 416 <th> Android</th> 417 <th> </th> 418 <th> Nexus</th> 419 <th> </th> 420 </tr> 421 <tr> 422 <td>CVE-2016-2466</td> 423 <td>27947307*</td> 424 <td></td> 425 <td>Nexus6</td> 426 <td>27 2016.</td> 427 </tr> 428 <tr> 429 <td>CVE-2016-2467</td> 430 <td>28029010*</td> 431 <td></td> 432 <td>Nexus5</td> 433 <td>13 2014.</td> 434 </tr> 435 </table> 436 <p> 437 * AOSP. 438 Nexus, 439 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 440 </p> 441 442 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_gpu_driver"> 443 Qualcomm </h3> 444 445 446 <p> 447 . , 448 - . , 449 .</p> 450 451 <table> 452 <col width="19%"> 453 <col width="16%"> 454 <col width="10%"> 455 <col width="27%"> 456 <col width="16%"> 457 <tr> 458 <th>CVE</th> 459 <th> Android</th> 460 <th> </th> 461 <th> Nexus</th> 462 <th> </th> 463 </tr> 464 <tr> 465 <td>CVE-2016-2468</td> 466 <td>27475454*</td> 467 <td></td> 468 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus7</td> 469 <td>2 2016.</td> 470 </tr> 471 <tr> 472 <td>CVE-2016-2062</td> 473 <td>27364029*</td> 474 <td></td> 475 <td>Nexus5X, Nexus6P</td> 476 <td>6 2016.</td> 477 </tr> 478 </table> 479 <p> 480 * AOSP. 481 Nexus, 482 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 483 </p> 484 485 486 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wi-fi_driver"> 487 Wi-Fi- Qualcomm</h3> 488 489 490 <p> 491 . , 492 - . , 493 .</p> 494 <table> 495 <col width="19%"> 496 <col width="16%"> 497 <col width="10%"> 498 <col width="27%"> 499 <col width="16%"> 500 <tr> 501 <th>CVE</th> 502 <th> Android</th> 503 <th> </th> 504 <th> Nexus</th> 505 <th> </th> 506 </tr> 507 <tr> 508 <td>CVE-2016-2474</td> 509 <td>27424603*</td> 510 <td></td> 511 <td>Nexus5X</td> 512 <td> Google</td> 513 </tr> 514 </table> 515 <p> 516 * AOSP. 517 Nexus, 518 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 519 </p> 520 521 522 <h3 id="elevation_of_privilege_vulnerability_in_broadcom_wi-fi_driver"> 523 Wi-Fi- Broadcom</h3> 524 525 526 <p> 527 528 . , 529 .</p> 530 <table> 531 <col width="19%"> 532 <col width="16%"> 533 <col width="10%"> 534 <col width="27%"> 535 <col width="16%"> 536 <tr> 537 <th>CVE</th> 538 <th> Android</th> 539 <th> </th> 540 <th> Nexus</th> 541 <th> </th> 542 </tr> 543 <tr> 544 <td>CVE-2016-2475</td> 545 <td>26425765*</td> 546 <td></td> 547 <td>Nexus5, Nexus6, Nexus6P, Nexus7 (2013), Nexus9, Nexus Player, PixelC</td> 548 <td>6 2016.</td> 549 </tr> 550 </table> 551 <p> 552 * AOSP. 553 Nexus, 554 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 555 </p> 556 557 558 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_sound_driver"> 559 Qualcomm</h3> 560 561 562 <p> 563 . , 564 , 565 .</p> 566 567 <table> 568 <col width="19%"> 569 <col width="16%"> 570 <col width="10%"> 571 <col width="27%"> 572 <col width="16%"> 573 <tr> 574 <th>CVE</th> 575 <th> Android</th> 576 <th> </th> 577 <th> Nexus</th> 578 <th> </th> 579 </tr> 580 <tr> 581 <td>CVE-2016-2066</td> 582 <td>26876409*</td> 583 <td></td> 584 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 585 <td>29 2016.</td> 586 </tr> 587 <tr> 588 <td>CVE-2016-2469</td> 589 <td>27531992*</td> 590 <td></td> 591 <td>Nexus5, Nexus6, Nexus6P</td> 592 <td>4 2016.</td> 593 </tr> 594 </table> 595 <p> 596 * AOSP. 597 Nexus, 598 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 599 </p> 600 601 602 <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> 603 mediaserver</h3> 604 605 606 <p> 607 608 . , 609 , 610 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 611 612 <table> 613 <col width="19%"> 614 <col width="16%"> 615 <col width="10%"> 616 <col width="19%"> 617 <col width="18%"> 618 <col width="16%"> 619 <tr> 620 <th>CVE</th> 621 <th> Android</th> 622 <th> </th> 623 <th> Nexus</th> 624 <th> AOSP</th> 625 <th> </th> 626 </tr> 627 <tr> 628 <td>CVE-2016-2476</td> 629 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/295c883fe3105b19bcd0f9e07d54c6b589fc5bff">27207275</a> 630 [<a href="https://android.googlesource.com/platform/frameworks/av/+/94d9e646454f6246bf823b6897bd6aea5f08eda3">2</a>] 631 [<a href="https://android.googlesource.com/platform/frameworks/av/+/0bb5ced60304da7f61478ffd359e7ba65d72f181">3</a>] 632 [<a href="https://android.googlesource.com/platform/frameworks/av/+/db829699d3293f254a7387894303451a91278986">4</a>] 633 </td> 634 <td></td> 635 <td><a href="#nexus_devices"> </a></td> 636 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 637 <td>11 2016.</td> 638 </tr> 639 <tr> 640 <td>CVE-2016-2477</td> 641 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0">27251096</a> 642 </td> 643 <td></td> 644 <td><a href="#nexus_devices"> </a></td> 645 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 646 <td>17 2016.</td> 647 </tr> 648 <tr> 649 <td>CVE-2016-2478</td> 650 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0">27475409</a> 651 </td> 652 <td></td> 653 <td><a href="#nexus_devices"> </a></td> 654 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 655 <td>3 2016.</td> 656 </tr> 657 <tr> 658 <td>CVE-2016-2479</td> 659 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/46e305be6e670a5a0041b0b4861122a0f1aabefa">27532282</a> 660 </td> 661 <td></td> 662 <td><a href="#nexus_devices"> </a></td> 663 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 664 <td>6 2016.</td> 665 </tr> 666 <tr> 667 <td>CVE-2016-2480</td> 668 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/560ccdb509a7b86186fac0fce1b25bd9a3e6a6e8">27532721</a> 669 </td> 670 <td></td> 671 <td><a href="#nexus_devices"> </a></td> 672 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 673 <td>6 2016.</td> 674 </tr> 675 <tr> 676 <td>CVE-2016-2481</td> 677 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/89913d7df36dbeb458ce165856bd6505a2ec647d">27532497</a> 678 </td> 679 <td></td> 680 <td><a href="#nexus_devices"> </a></td> 681 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 682 <td>6 2016.</td> 683 </tr> 684 <tr> 685 <td>CVE-2016-2482</td> 686 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/46e305be6e670a5a0041b0b4861122a0f1aabefa">27661749</a> 687 </td> 688 <td></td> 689 <td><a href="#nexus_devices"> </a></td> 690 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 691 <td>14 2016.</td> 692 </tr> 693 <tr> 694 <td>CVE-2016-2483</td> 695 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/89913d7df36dbeb458ce165856bd6505a2ec647d">27662502</a> 696 </td> 697 <td></td> 698 <td><a href="#nexus_devices"> </a></td> 699 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 700 <td>14 2016.</td> 701 </tr> 702 <tr> 703 <td>CVE-2016-2484</td> 704 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7cea5cb64b83d690fe02bc210bbdf08f5a87636f">27793163</a> 705 </td> 706 <td></td> 707 <td><a href="#nexus_devices"> </a></td> 708 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 709 <td>22 2016.</td> 710 </tr> 711 <tr> 712 <td>CVE-2016-2485</td> 713 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7cea5cb64b83d690fe02bc210bbdf08f5a87636f">27793367</a> 714 </td> 715 <td></td> 716 <td><a href="#nexus_devices"> </a></td> 717 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 718 <td>22 2016.</td> 719 </tr> 720 <tr> 721 <td>CVE-2016-2486</td> 722 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/ad40e57890f81a3cf436c5f06da66396010bd9e5">27793371</a> 723 </td> 724 <td></td> 725 <td><a href="#nexus_devices"> </a></td> 726 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 727 <td>22 2016.</td> 728 </tr> 729 <tr> 730 <td>CVE-2016-2487</td> 731 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/918eeaa29d99d257282fafec931b4bda0e3bae12">27833616</a> 732 [<a href="https://android.googlesource.com/platform/frameworks/av/+/d2f47191538837e796e2b10c1ff7e1ee35f6e0ab">2</a>] 733 [<a href="https://android.googlesource.com/platform/frameworks/av/+/4e32001e4196f39ddd0b86686ae0231c8f5ed944">3</a>] 734 </td> 735 <td></td> 736 <td><a href="#nexus_devices"> </a></td> 737 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 738 <td> Google</td> 739 </tr> 740 </table> 741 742 743 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_camera_driver"> 744 Qualcomm </h3> 745 746 747 <p> 748 . , 749 , 750 .</p> 751 <table> 752 <col width="19%"> 753 <col width="16%"> 754 <col width="10%"> 755 <col width="27%"> 756 <col width="16%"> 757 <tr> 758 <th>CVE</th> 759 <th> Android</th> 760 <th> </th> 761 <th> Nexus</th> 762 <th> </th> 763 </tr> 764 <tr> 765 <td>CVE-2016-2061</td> 766 <td>27207747*</td> 767 <td></td> 768 <td>Nexus5X, Nexus6P</td> 769 <td>15 2016.</td> 770 </tr> 771 <tr> 772 <td>CVE-2016-2488</td> 773 <td>27600832*</td> 774 <td></td> 775 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus7 (2013)</td> 776 <td> Google</td> 777 </tr> 778 </table> 779 <p> 780 * AOSP. 781 Nexus, 782 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 783 </p> 784 785 786 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_driver_2"> 787 Qualcomm</h3> 788 789 790 <p> 791 . , 792 , 793 .</p> 794 <table> 795 <col width="19%"> 796 <col width="16%"> 797 <col width="10%"> 798 <col width="27%"> 799 <col width="16%"> 800 <tr> 801 <th>CVE</th> 802 <th> Android</th> 803 <th> </th> 804 <th> Nexus</th> 805 <th> </th> 806 </tr> 807 <tr> 808 <td>CVE-2016-2489</td> 809 <td>27407629*</td> 810 <td></td> 811 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 812 <td>21 2016.</td> 813 </tr> 814 </table> 815 <p> 816 * AOSP. 817 Nexus, 818 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 819 </p> 820 821 822 <h3 id="elevation_of_privilege_vulnerability_in_nvidia_camera_driver"> 823 NVIDIA </h3> 824 825 826 <p> 827 . , 828 , 829 .</p> 830 <table> 831 <col width="19%"> 832 <col width="16%"> 833 <col width="10%"> 834 <col width="27%"> 835 <col width="16%"> 836 <tr> 837 <th>CVE</th> 838 <th> Android</th> 839 <th> </th> 840 <th> Nexus</th> 841 <th> </th> 842 </tr> 843 <tr> 844 <td>CVE-2016-2490</td> 845 <td>27533373*</td> 846 <td></td> 847 <td>Nexus9</td> 848 <td>6 2016.</td> 849 </tr> 850 <tr> 851 <td>CVE-2016-2491</td> 852 <td>27556408*</td> 853 <td></td> 854 <td>Nexus9</td> 855 <td>8 2016.</td> 856 </tr> 857 </table> 858 <p> 859 * AOSP. 860 Nexus, 861 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 862 </p> 863 864 865 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wi-fi_driver_2"> 866 Wi-Fi- Qualcomm</h3> 867 868 869 <p> 870 . , 871 , 872 .</p> 873 874 <table> 875 <col width="19%"> 876 <col width="16%"> 877 <col width="10%"> 878 <col width="27%"> 879 <col width="16%"> 880 <tr> 881 <th>CVE</th> 882 <th> Android</th> 883 <th> </th> 884 <th> Nexus</th> 885 <th> </th> 886 </tr> 887 <tr> 888 <td>CVE-2016-2470</td> 889 <td>27662174*</td> 890 <td></td> 891 <td>Nexus7 (2013)</td> 892 <td>13 2016.</td> 893 </tr> 894 <tr> 895 <td>CVE-2016-2471</td> 896 <td>27773913*</td> 897 <td></td> 898 <td>Nexus7 (2013)</td> 899 <td>19 2016.</td> 900 </tr> 901 <tr> 902 <td>CVE-2016-2472</td> 903 <td>27776888*</td> 904 <td></td> 905 <td>Nexus7 (2013)</td> 906 <td>20 2016.</td> 907 </tr> 908 <tr> 909 <td>CVE-2016-2473</td> 910 <td>27777501*</td> 911 <td></td> 912 <td>Nexus7 (2013)</td> 913 <td>20 2016.</td> 914 </tr> 915 </table> 916 <p> 917 * AOSP. 918 Nexus, 919 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 920 </p> 921 922 923 <h3 id="elevation_of_privilege_vulnerability_in_mediatek_power_management_driver"> 924 MediaTek</h3> 925 926 927 <p> 928 . , 929 930 root- .</p> 931 932 <table> 933 <col width="19%"> 934 <col width="16%"> 935 <col width="10%"> 936 <col width="27%"> 937 <col width="16%"> 938 <tr> 939 <th>CVE</th> 940 <th> Android</th> 941 <th> </th> 942 <th> Nexus</th> 943 <th> </th> 944 </tr> 945 <tr> 946 <td>CVE-2016-2492</td> 947 <td>28085410*</td> 948 <td></td> 949 <td>AndroidOne</td> 950 <td>7 2016.</td> 951 </tr> 952 </table> 953 <p> 954 * AOSP. 955 Nexus, 956 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 957 </p> 958 959 960 <h3 id="elevation_of_privilege_vulnerability_in_sd_card_emulation_layer"> 961 SD-</h3> 962 963 964 <p> 965 . 966 , 967 , 968 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 969 970 <table> 971 <col width="19%"> 972 <col width="16%"> 973 <col width="10%"> 974 <col width="19%"> 975 <col width="18%"> 976 <col width="16%"> 977 <tr> 978 <th>CVE</th> 979 <th> Android</th> 980 <th> </th> 981 <th> Nexus</th> 982 <th> AOSP</th> 983 <th> </th> 984 </tr> 985 <tr> 986 <td>CVE-2016-2494</td> 987 <td><a href="https://android.googlesource.com/platform/system/core/+/864e2e22fcd0cba3f5e67680ccabd0302dfda45d">28085658</a> 988 </td> 989 <td></td> 990 <td><a href="#nexus_devices"> </a></td> 991 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 992 <td>7 2016.</td> 993 </tr> 994 </table> 995 996 997 <h3 id="elevation_of_privilege_vulnerability_in_broadcom_wi-fi_driver_2"> 998 Wi-Fi- Broadcom</h3> 999 1000 1001 <p> 1002 . , 1003 , 1004 .</p> 1005 <table> 1006 <col width="19%"> 1007 <col width="16%"> 1008 <col width="10%"> 1009 <col width="27%"> 1010 <col width="16%"> 1011 <tr> 1012 <th>CVE</th> 1013 <th> Android</th> 1014 <th> </th> 1015 <th> Nexus</th> 1016 <th> </th> 1017 </tr> 1018 <tr> 1019 <td>CVE-2016-2493</td> 1020 <td>26571522*</td> 1021 <td></td> 1022 <td>Nexus5, Nexus6, Nexus6P, Nexus7 (2013), Nexus Player, PixelC</td> 1023 <td> Google</td> 1024 </tr> 1025 </table> 1026 <p> 1027 * AOSP. 1028 Nexus, 1029 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1030 </p> 1031 1032 <h3 id="remote_denial_of_service_vulnerability_in_mediaserver"> 1033 mediaserver</h3> 1034 1035 1036 <p> 1037 . 1038 , 1039 .</p> 1040 <table> 1041 <col width="19%"> 1042 <col width="16%"> 1043 <col width="10%"> 1044 <col width="19%"> 1045 <col width="18%"> 1046 <col width="16%"> 1047 <tr> 1048 <th>CVE</th> 1049 <th> Android</th> 1050 <th> </th> 1051 <th> Nexus</th> 1052 <th> AOSP</th> 1053 <th> </th> 1054 </tr> 1055 <tr> 1056 <td>CVE-2016-2495</td> 1057 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/45737cb776625f17384540523674761e6313e6d4">28076789</a> 1058 [<a href="https://android.googlesource.com/platform/frameworks/av/+/b57b3967b1a42dd505dbe4fcf1e1d810e3ae3777">2</a>] 1059 </td> 1060 <td></td> 1061 <td><a href="#nexus_devices"> </a></td> 1062 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1063 <td>6 2016.</td> 1064 </tr> 1065 </table> 1066 1067 <h3 id="elevation_of_privilege_vulnerability_in_framework_ui"> 1068 Framework</h3> 1069 1070 1071 <p> Framework. 1072 . 1073 , 1074 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">dangerous</a> ().</p> 1075 <table> 1076 <col width="19%"> 1077 <col width="16%"> 1078 <col width="10%"> 1079 <col width="19%"> 1080 <col width="18%"> 1081 <col width="16%"> 1082 <tr> 1083 <th>CVE</th> 1084 <th> Android</th> 1085 <th> </th> 1086 <th> Nexus</th> 1087 <th> AOSP</th> 1088 <th> </th> 1089 </tr> 1090 <tr> 1091 <td>CVE-2016-2496</td> 1092 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/03a53d1c7765eeb3af0bc34c3dff02ada1953fbf">26677796</a> 1093 [<a href="https://android.googlesource.com/platform/frameworks/base/+/613f63b938145bb86cd64fe0752eaf5e99b5f628">2</a>] 1094 [<a href="https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/2068c7997265011ddc5e4dfa3418407881f7f81e">3</a>] 1095 </td> 1096 <td></td> 1097 <td><a href="#nexus_devices"> </a></td> 1098 <td>6.0, 6.1</td> 1099 <td>26 2015.</td> 1100 </tr> 1101 </table> 1102 1103 <h3 id="information_disclosure_vulnerability_in_qualcomm_wi-fi_driver"> 1104 Wi-Fi- Qualcomm</h3> 1105 1106 1107 <p> 1108 . , 1109 , 1110 .</p> 1111 <table> 1112 <col width="19%"> 1113 <col width="16%"> 1114 <col width="10%"> 1115 <col width="27%"> 1116 <col width="16%"> 1117 <tr> 1118 <th>CVE</th> 1119 <th> Android</th> 1120 <th> </th> 1121 <th> Nexus</th> 1122 <th> </th> 1123 </tr> 1124 <tr> 1125 <td>CVE-2016-2498</td> 1126 <td>27777162*</td> 1127 <td></td> 1128 <td>Nexus7 (2013)</td> 1129 <td>20 2016.</td> 1130 </tr> 1131 </table> 1132 <p> 1133 * AOSP. 1134 Nexus, 1135 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1136 </p> 1137 1138 1139 <h3 id="information_disclosure_vulnerability_in_mediaserver"> 1140 mediaserver</h3> 1141 1142 1143 <p> 1144 . - 1145 .</p> 1146 <table> 1147 <col width="19%"> 1148 <col width="16%"> 1149 <col width="10%"> 1150 <col width="19%"> 1151 <col width="18%"> 1152 <col width="16%"> 1153 <tr> 1154 <th>CVE</th> 1155 <th> Android</th> 1156 <th> </th> 1157 <th> Nexus</th> 1158 <th> AOSP</th> 1159 <th> </th> 1160 </tr> 1161 <tr> 1162 <td>CVE-2016-2499</td> 1163 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/dd3546765710ce8dd49eb23901d90345dec8282f">27855172</a> 1164 </td> 1165 <td></td> 1166 <td><a href="#nexus_devices"> </a></td> 1167 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1168 <td>24 2016.</td> 1169 </tr> 1170 </table> 1171 1172 1173 <h3 id="information_disclosure_vulnerability_in_activity_manager"> 1174 </h3> 1175 1176 1177 <p> 1178 . - 1179 .</p> 1180 <table> 1181 <col width="19%"> 1182 <col width="16%"> 1183 <col width="10%"> 1184 <col width="19%"> 1185 <col width="18%"> 1186 <col width="16%"> 1187 <tr> 1188 <th>CVE</th> 1189 <th> Android</th> 1190 <th> </th> 1191 <th> Nexus</th> 1192 <th> AOSP</th> 1193 <th> </th> 1194 </tr> 1195 <tr> 1196 <td>CVE-2016-2500</td> 1197 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/9878bb99b77c3681f0fda116e2964bac26f349c3">19285814</a> 1198 </td> 1199 <td></td> 1200 <td><a href="#nexus_devices"> </a></td> 1201 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 1202 <td> Google</td> 1203 </tr> 1204 </table> 1205 1206 1207 <h2 id="common_questions_and_answers"> </h2> 1208 1209 1210 <p> , 1211 .</p> 1212 1213 <p><strong>1. , , ?</strong></p> 1214 1215 <p> 1 2016 1216 . , 1217 , <a href="https://support.google.com/nexus/answer/4457705"> Nexus</a>. 1218 , , 1219 [ro.build.version.security_patch]:[2016-06-01].</p> 1220 1221 <p id="nexus_devices"><strong>2. , Nexus ?</strong></p> 1222 1223 <p> <a href="#security_vulnerability_summary"> </a> " 1224 Nexus". , .</p> 1225 1226 <ul> 1227 <li> <strong> .</strong> <em></em> 1228 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> Nexus</a>: Nexus5, Nexus5X, Nexus6, 1229 Nexus6P, Nexus7 (2013), Nexus9, AndroidOne, Nexus Player 1230 PixelC.</li> 1231 <li> <strong> .</strong> <em></em> , 1232 .</li> 1233 <li> <strong>.</strong> Nexus.<em></em></li> 1234 </ul> 1235 1236 <h2 id="revisions"></h2> 1237 1238 1239 <ul> 1240 <li> 6 2016. .</li> 1241 <li>7 2016. 1242 <ul> 1243 <li> AOSP. 1244 <li> CVE-2016-2496 . 1245 </li></li></ul> 1246 </li> 1247 <li>8 2016. CVE-2016-2496 .</li> 1248 </ul> 1249
