1 page.title= Android 2016. 2 @jd:body 3 <!-- 4 Copyright 2016 The Android Open Source Project 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 http://www.apache.org/licenses/LICENSE-2.0 9 Unless required by applicable law or agreed to in writing, software 10 distributed under the License is distributed on an "AS IS" BASIS, 11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 See the License for the specific language governing permissions and 13 limitations under the License. 14 --> 15 16 <p><em> 6 2016. | 14 2016.</em></p> 17 <p> 18 Android. 19 Nexus 20 Nexus <a href="https://developers.google.com/android/nexus/images"> </a>. , 21 , 5 2016 22 . , , 23 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> </a>.</p> 24 <p> 25 6 2016 . 26 Android Open Source Project (AOSP). 27 28 AOSP.</p> 29 30 <p> 31 32 (, , 33 MMS).</p> 34 <p> . <a href="mitigations"> </a> 35 , <a href="{@docRoot}security/enhancements/index.html"> </a> , 36 SafetyNet, Android.</p> 37 <p> .</p> 38 <h2 id="announcements"></h2> 39 <ul> 40 <li> , 41 42 , Android. 43 44 <a href="#common-questions-and-answers"> </a>. 45 <ul> 46 <li><strong>2016-07-01</strong>: , 2016-07-01. 47 <li><strong>2016-07-05</strong>: , 2016-07-01 2016-07-05.</li> 48 </li></ul> 49 </li> 50 <li> Nexus 51 5 2016.</li> 52 </ul> 53 <h2 id="security_vulnerability_summary"> </h2> 54 <p> , (CVE) 55 , , Nexus. <a href="{@docRoot}security/overview/updates-resources.html#severity"> </a> , 56 , 57 .</p> 58 59 <h3 id="2016-07-01_summary"> ( 2016-07-01)</h3> 60 <p> 61 1 2016 .</p> 62 63 <table> 64 <col width="55%"> 65 <col width="20%"> 66 <col width="13%"> 67 <col width="12%"> 68 <tr> 69 <th></th> 70 <th>CVE</th> 71 <th> </th> 72 <th> Nexus?</th> 73 </tr> 74 <tr> 75 <td> mediaserver</td> 76 <td>CVE-2016-2506, CVE-2016-2505, CVE-2016-2507, CVE-2016-2508, 77 CVE-2016-3741, CVE-2016-3742, CVE-2016-3743</td> 78 <td></td> 79 <td></td> 80 </tr> 81 <tr> 82 <td> OpenSSL BoringSSL</td> 83 <td>CVE-2016-2108</td> 84 <td></td> 85 <td></td> 86 </tr> 87 <tr> 88 <td> Bluetooth</td> 89 <td>CVE-2016-3744</td> 90 <td></td> 91 <td></td> 92 </tr> 93 <tr> 94 <td> libpng</td> 95 <td>CVE-2016-3751</td> 96 <td></td> 97 <td></td> 98 </tr> 99 <tr> 100 <td> mediaserver</td> 101 <td>CVE-2016-3745, CVE-2016-3746, CVE-2016-3747</td> 102 <td></td> 103 <td></td> 104 </tr> 105 <tr> 106 <td> </td> 107 <td>CVE-2016-3748</td> 108 <td></td> 109 <td></td> 110 </tr> 111 <tr> 112 <td> LockSettingsService</td> 113 <td>CVE-2016-3749</td> 114 <td></td> 115 <td></td> 116 </tr> 117 <tr> 118 <td> Framework API</td> 119 <td>CVE-2016-3750</td> 120 <td></td> 121 <td></td> 122 </tr> 123 <tr> 124 <td> ChooserTarget</td> 125 <td>CVE-2016-3752</td> 126 <td></td> 127 <td></td> 128 </tr> 129 <tr> 130 <td> mediaserver</td> 131 <td>CVE-2016-3753</td> 132 <td></td> 133 <td>*</td> 134 </tr> 135 <tr> 136 <td> OpenSSL</td> 137 <td>CVE-2016-2107</td> 138 <td></td> 139 <td>*</td> 140 </tr> 141 <tr> 142 <td> mediaserver</td> 143 <td>CVE-2016-3754, CVE-2016-3755, CVE-2016-3756</td> 144 <td></td> 145 <td></td> 146 </tr> 147 <tr> 148 <td> libc</td> 149 <td>CVE-2016-3818</td> 150 <td></td> 151 <td>*</td> 152 </tr> 153 <tr> 154 <td> lsof</td> 155 <td>CVE-2016-3757</td> 156 <td></td> 157 <td></td> 158 </tr> 159 <tr> 160 <td> DexClassLoader</td> 161 <td>CVE-2016-3758</td> 162 <td></td> 163 <td></td> 164 </tr> 165 <tr> 166 <td> Framework API</td> 167 <td>CVE-2016-3759</td> 168 <td></td> 169 <td></td> 170 </tr> 171 <tr> 172 <td> Bluetooth</td> 173 <td>CVE-2016-3760</td> 174 <td></td> 175 <td></td> 176 </tr> 177 <tr> 178 <td> NFC</td> 179 <td>CVE-2016-3761</td> 180 <td></td> 181 <td></td> 182 </tr> 183 <tr> 184 <td> </td> 185 <td>CVE-2016-3762</td> 186 <td></td> 187 <td></td> 188 </tr> 189 <tr> 190 <td> Proxy Auto-Config</td> 191 <td>CVE-2016-3763</td> 192 <td></td> 193 <td></td> 194 </tr> 195 <tr> 196 <td> mediaserver</td> 197 <td>CVE-2016-3764, CVE-2016-3765</td> 198 <td></td> 199 <td></td> 200 </tr> 201 <tr> 202 <td> mediaserver</td> 203 <td>CVE-2016-3766</td> 204 <td></td> 205 <td></td> 206 </tr> 207 </table> 208 <p>* Nexus, 209 .</p> 210 211 212 <h3 id="2016-07-05_summary"> ( 2016-07-05)</h3> 213 <p> 214 5 2016 , 215 2016-07-01, , .</p> 216 217 <table> 218 <col width="55%"> 219 <col width="20%"> 220 <col width="13%"> 221 <col width="12%"> 222 <tr> 223 <th></th> 224 <th>CVE</th> 225 <th> </th> 226 <th> Nexus?</th> 227 </tr> 228 <tr> 229 <td> Qualcomm 230 ( )</td> 231 <td>CVE-2016-2503, CVE-2016-2067</td> 232 <td></td> 233 <td></td> 234 </tr> 235 <tr> 236 <td> Wi-Fi- MediaTek 237 ( )</td> 238 <td>CVE-2016-3767</td> 239 <td></td> 240 <td></td> 241 </tr> 242 <tr> 243 <td> Qualcomm 244 ( )</td> 245 <td>CVE-2016-3768</td> 246 <td></td> 247 <td></td> 248 </tr> 249 <tr> 250 <td> NVIDIA 251 ( )</td> 252 <td>CVE-2016-3769</td> 253 <td></td> 254 <td></td> 255 </tr> 256 <tr> 257 <td> MediaTek 258 ( )</td> 259 <td>CVE-2016-3770, CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, 260 CVE-2016-3774</td> 261 <td></td> 262 <td></td> 263 </tr> 264 <tr> 265 <td> 266 ( )</td> 267 <td>CVE-2016-3775</td> 268 <td></td> 269 <td></td> 270 </tr> 271 <tr> 272 <td> USB- ( )</td> 273 <td>CVE-2015-8816</td> 274 <td></td> 275 <td></td> 276 </tr> 277 <tr> 278 <td> Qualcomm 279 ( )</td> 280 <td>CVE-2014-9794, CVE-2014-9795, CVE-2015-8892, CVE-2013-7457, CVE-2014-9781, 281 CVE-2014-9786, CVE-2014-9788, CVE-2014-9779, CVE-2014-9780, CVE-2014-9789, 282 CVE-2014-9793, CVE-2014-9782, CVE-2014-9783, CVE-2014-9785, CVE-2014-9787, 283 CVE-2014-9784, CVE-2014-9777, CVE-2014-9778, CVE-2014-9790, CVE-2014-9792, 284 CVE-2014-9797, CVE-2014-9791, CVE-2014-9796, CVE-2014-9800, CVE-2014-9799, 285 CVE-2014-9801, CVE-2014-9802, CVE-2015-8891, CVE-2015-8888, CVE-2015-8889, 286 CVE-2015-8890</td> 287 <td></td> 288 <td></td> 289 </tr> 290 <tr> 291 <td> USB- Qualcomm 292 ( )</td> 293 <td>CVE-2016-2502</td> 294 <td></td> 295 <td></td> 296 </tr> 297 <tr> 298 <td> Wi-Fi- Qualcomm 299 ( )</td> 300 <td>CVE-2016-3792</td> 301 <td></td> 302 <td></td> 303 </tr> 304 <tr> 305 <td> Qualcomm 306 ( )</td> 307 <td>CVE-2016-2501</td> 308 <td></td> 309 <td></td> 310 </tr> 311 <tr> 312 <td> NVIDIA 313 ( )</td> 314 <td>CVE-2016-3793</td> 315 <td></td> 316 <td></td> 317 </tr> 318 <tr> 319 <td> MediaTek 320 ( )</td> 321 <td>CVE-2016-3795, CVE-2016-3796</td> 322 <td></td> 323 <td></td> 324 </tr> 325 <tr> 326 <td> Wi-Fi- Qualcomm 327 ( )</td> 328 <td>CVE-2016-3797</td> 329 <td></td> 330 <td></td> 331 </tr> 332 <tr> 333 <td> MediaTek 334 ( )</td> 335 <td>CVE-2016-3798</td> 336 <td></td> 337 <td></td> 338 </tr> 339 <tr> 340 <td> MediaTek 341 ( )</td> 342 <td>CVE-2016-3799, CVE-2016-3800</td> 343 <td></td> 344 <td></td> 345 </tr> 346 <tr> 347 <td> GPS- MediaTek 348 ( )</td> 349 <td>CVE-2016-3801</td> 350 <td></td> 351 <td></td> 352 </tr> 353 <tr> 354 <td> 355 ( )</td> 356 <td>CVE-2016-3802, CVE-2016-3803</td> 357 <td></td> 358 <td></td> 359 </tr> 360 <tr> 361 <td> MediaTek 362 ( )</td> 363 <td>CVE-2016-3804, CVE-2016-3805</td> 364 <td></td> 365 <td></td> 366 </tr> 367 <tr> 368 <td> MediaTek 369 ( )</td> 370 <td>CVE-2016-3806</td> 371 <td></td> 372 <td></td> 373 </tr> 374 <tr> 375 <td> SPI 376 ( )</td> 377 <td>CVE-2016-3807, CVE-2016-3808</td> 378 <td></td> 379 <td></td> 380 </tr> 381 <tr> 382 <td> Qualcomm 383 ( )</td> 384 <td>CVE-2016-2068</td> 385 <td></td> 386 <td></td> 387 </tr> 388 <tr> 389 <td> ( )</td> 390 <td>CVE-2014-9803</td> 391 <td></td> 392 <td></td> 393 </tr> 394 <tr> 395 <td> ( )</td> 396 <td>CVE-2016-3809</td> 397 <td></td> 398 <td></td> 399 </tr> 400 <tr> 401 <td> Wi-Fi- MediaTek 402 ( )</td> 403 <td>CVE-2016-3810</td> 404 <td></td> 405 <td></td> 406 </tr> 407 <tr> 408 <td> 409 ( )</td> 410 <td>CVE-2016-3811</td> 411 <td></td> 412 <td></td> 413 </tr> 414 <tr> 415 <td> MediaTek 416 ( )</td> 417 <td>CVE-2016-3812</td> 418 <td></td> 419 <td></td> 420 </tr> 421 <tr> 422 <td> USB- Qualcomm 423 ( )</td> 424 <td>CVE-2016-3813</td> 425 <td></td> 426 <td></td> 427 </tr> 428 <tr> 429 <td> NVIDIA 430 ( )</td> 431 <td>CVE-2016-3814, CVE-2016-3815</td> 432 <td></td> 433 <td></td> 434 </tr> 435 <tr> 436 <td> MediaTek 437 ( )</td> 438 <td>CVE-2016-3816</td> 439 <td></td> 440 <td></td> 441 </tr> 442 <tr> 443 <td> 444 ( )</td> 445 <td>CVE-2016-0723</td> 446 <td></td> 447 <td></td> 448 </tr> 449 <tr> 450 <td> Qualcomm 451 ( )</td> 452 <td>CVE-2014-9798, CVE-2015-8893</td> 453 <td></td> 454 <td></td> 455 </tr> 456 </table> 457 458 <h2 id="mitigations"> </h2> 459 <p> , <a href="{@docRoot}security/enhancements/index.html"> </a> 460 , SafetyNet, 461 Android.</p> 462 <ul> 463 <li> 464 Android, 465 .</li> 466 <li>, Android, 467 <a href="{@docRoot}security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a>. 468 <a href="{@docRoot}security/reports/Google_Android_Security_PHA_classifications.pdf"> </a>. 469 <a href="http://www.android.com/gms"> Google</a>. , 470 . 471 Google Play , 472 . 473 , . 474 , , 475 , 476 . , 477 .</li> 478 <li> Google Hangouts Messenger 479 , mediaserver, .</li> 480 </ul> 481 482 <h2 id="acknowledgements"></h2> 483 <p> , :</p> 484 <ul> 485 <li> , 486 Google Chrome: CVE-2016-3756, CVE-2016-3741, CVE-2016-3743, CVE-2016-3742 487 <li> Check Point Software Technologies Ltd.: CVE-2016-2503 488 <li> Google: CVE-2016-3752 489 <li> Context Information Security: CVE-2016-3763 490 <li> (<a href="https://twitter.com/ticarpi">@ticarpi</a>) 491 <a href="https://www.e2e-assure.com/">e2e-assure</a>: CVE-2016-2457 492 <li> Google Project Zero: CVE-2016-3775 493 <li> (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), 494 - (<a href="mailto:computernik (a] gmail.com">computernik (a] gmail.com</a>) 495 <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3770, 496 CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, CVE-2016-3774 497 <li> Google: CVE-2016-3759 498 <li> (<a href="https://twitter.com/returnsme">@returnsme</a>) KeenLab 499 (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-3762 500 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 501 pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) IceSword Lab, 502 <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a>: CVE-2016-3806, 503 CVE-2016-3816, CVE-2016-3805, CVE-2016-3804, CVE-2016-3767, CVE-2016-3810, 504 CVE-2016-3795, CVE-2016-3796 505 <li> Google Android: CVE-2016-3758 506 <li> () (<a href="https://twitter.com/oldfresher">@oldfresher</a>) 507 Mobile Safe Team, <a href="http://www.360.com">Qihoo 360 Technology Co. 508 Ltd</a>.: CVE-2016-3764 509 <li> Mobile Safe Team, <a href="http://www.360.com"> 510 Qihoo 360 Technology Co. Ltd</a>.: CVE-2016-3792, CVE-2016-3768 511 <li> Security Research Lab, <a href="http://www.cmcm.com">Cheetah 512 Mobile</a>: CVE-2016-3754, CVE-2016-3766 513 <li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) 514 pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) IceSword Lab, 515 <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>: CVE-2016-3814, 516 CVE-2016-3802, CVE-2016-3769, CVE-2016-3807, CVE-2016-3808 517 <li> Google: CVE-2016-3818 518 <li> Google Project Zero: CVE-2016-3757 519 <li><a href="https://github.com/michalbednarski"> </a>: CVE-2016-3750 520 <li> (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), 521 (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 522 <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3747, 523 CVE-2016-3746, CVE-2016-3765 524 <li> , , , Alibaba 525 Mobile Security Group: CVE-2016-3800, CVE-2016-3799, CVE-2016-3801, 526 CVE-2016-3812, CVE-2016-3798 527 <li> (<a href="https://twitter.com/heisecode">@heisecode</a>) Trend 528 Micro: CVE-2016-3793 529 <li> Google: CVE-2016-3749 530 <li> : CVE-2016-3753 531 <li> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): 532 CVE-2016-3797, CVE-2016-3813, CVE-2016-3815, CVE-2016-2501, CVE-2016-2502 533 <li> : CVE-2016-2507 534 <li> (<a href="https://twitter.com/sunblate">@sunblate</a>) 535 Alibaba Inc.: CVE-2016-2508, CVE-2016-3755 536 <li> (<a href="https://twitter.com/NWMonster">@NWMonster</a>) KeenLab 537 (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-3809 538 <li> Tencent: CVE-2016-3745 539 <li> TCA : 540 CVE-2016-3761 541 <li> (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) 542 Xuanwu LAB, Tencent: CVE-2016-2505 543 <li> (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) 544 (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>) Xuanwu 545 LAB, Tencent: CVE-2016-2506 546 <li> () Baidu X-Lab: CVE-2016-3744</li> 547 </li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 548 549 <h2 id="2016-07-01_details"> ( 2016-07-01)</h2> 550 <p> 551 <a href="#2016-07-01_summary"> </a> : , 552 CVE, , , 553 Nexus AOSP ( ), 554 . , 555 , (, AOSP), 556 .</p> 557 558 <h3 id="remote-code-execution-vulnerability-in-mediaserver"> 559 mediaserver</h3> 560 <p> 561 . 562 - 563 mediaserver. 564 - , , 565 .</p> 566 <p> . 567 , MMS- 568 , .</p> 569 570 <table> 571 <col width="19%"> 572 <col width="19%"> 573 <col width="10%"> 574 <col width="16%"> 575 <col width="17%"> 576 <col width="17%"> 577 <tr> 578 <th>CVE</th> 579 <th></th> 580 <th> </th> 581 <th> Nexus</th> 582 <th> AOSP</th> 583 <th> </th> 584 </tr> 585 <tr> 586 <td>CVE-2016-2506</td> 587 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/e248db02fbab2ee9162940bc19f087fd7d96cb9d"> 588 A-28175045</a></td> 589 <td></td> 590 <td><a href="#all_nexus"> </a></td> 591 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 592 <td>11 2016.</td> 593 </tr> 594 <tr> 595 <td>CVE-2016-2505</td> 596 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/4f236c532039a61f0cf681d2e3c6e022911bbb5c"> 597 A-28333006</a></td> 598 <td></td> 599 <td><a href="#all_nexus"> </a></td> 600 <td>6.0, 6.0.1</td> 601 <td>21 2016.</td> 602 </tr> 603 <tr> 604 <td>CVE-2016-2507</td> 605 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/60547808ca4e9cfac50028c00c58a6ceb2319301"> 606 A-28532266</a></td> 607 <td></td> 608 <td><a href="#all_nexus"> </a></td> 609 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 610 <td>2 2016.</td> 611 </tr> 612 <tr> 613 <td>CVE-2016-2508</td> 614 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f"> 615 A-28799341</a> 616 [<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>] 617 </td> 618 <td></td> 619 <td><a href="#all_nexus"> </a></td> 620 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 621 <td>16 2016.</td> 622 </tr> 623 <tr> 624 <td>CVE-2016-3741</td> 625 <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795"> 626 A-28165661</a> 627 [<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>] 628 </td> 629 <td></td> 630 <td><a href="#all_nexus"> </a></td> 631 <td>6.0, 6.0.1</td> 632 <td> Google</td> 633 </tr> 634 <tr> 635 <td>CVE-2016-3742</td> 636 <td><a href="https://android.googlesource.com/platform/external/libavc/+/a583270e1c96d307469c83dc42bd3c5f1b9ef63f"> 637 A-28165659</a> 638 </td> 639 <td></td> 640 <td><a href="#all_nexus"> </a></td> 641 <td>6.0, 6.0.1</td> 642 <td> Google</td> 643 </tr> 644 <tr> 645 <td>CVE-2016-3743</td> 646 <td><a href="https://android.googlesource.com/platform/external/libavc/+/ecf6c7ce6d5a22d52160698aab44fc234c63291a"> 647 A-27907656</a> 648 </td> 649 <td></td> 650 <td><a href="#all_nexus"> </a></td> 651 <td>6.0, 6.0.1</td> 652 <td> Google</td> 653 </tr> 654 </table> 655 656 657 <h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> 658 OpenSSL BoringSSL</h3> 659 <p> 660 . 661 - 662 .</p> 663 664 <table> 665 <col width="19%"> 666 <col width="16%"> 667 <col width="10%"> 668 <col width="19%"> 669 <col width="18%"> 670 <col width="16%"> 671 <tr> 672 <th>CVE</th> 673 <th></th> 674 <th> </th> 675 <th> Nexus</th> 676 <th> AOSP</th> 677 <th> </th> 678 </tr> 679 <tr> 680 <td>CVE-2016-2108</td> 681 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/74750e1fb24149043a533497f79c577b704d6e30"> 682 A-28175332</a> 683 </td> 684 <td></td> 685 <td><a href="#all_nexus"> </a></td> 686 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 687 <td>3 2016.</td> 688 </tr> 689 </table> 690 691 <h3 id="remote-code-execution-vulnerability-in-bluetooth"> 692 Bluetooth</h3> 693 <p> 694 Bluetooth. - 695 .</p> 696 697 <table> 698 <col width="19%"> 699 <col width="16%"> 700 <col width="10%"> 701 <col width="19%"> 702 <col width="18%"> 703 <col width="16%"> 704 <tr> 705 <th>CVE</th> 706 <th></th> 707 <th> </th> 708 <th> Nexus</th> 709 <th> AOSP</th> 710 <th> </th> 711 </tr> 712 <tr> 713 <td>CVE-2016-3744</td> 714 <td><a href="https://android.googlesource.com/platform/system/bt/+/514139f4b40cbb035bb92f3e24d5a389d75db9e6"> 715 A-27930580</a></td> 716 <td></td> 717 <td><a href="#all_nexus"> </a></td> 718 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 719 <td>30 2016.</td> 720 </tr> 721 </table> 722 723 <h3 id="elevation-of-privilege-vulnerability-in-libpng"> 724 libpng</h3> 725 <p> 726 727 . , 728 , 729 (, 730 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 731 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 732 733 <table> 734 <col width="19%"> 735 <col width="16%"> 736 <col width="10%"> 737 <col width="19%"> 738 <col width="18%"> 739 <col width="16%"> 740 <tr> 741 <th>CVE</th> 742 <th></th> 743 <th> </th> 744 <th> Nexus</th> 745 <th> AOSP</th> 746 <th> </th> 747 </tr> 748 <tr> 749 <td>CVE-2016-3751</td> 750 <td><a href="https://android.googlesource.com/platform/external/libpng/+/9d4853418ab2f754c2b63e091c29c5529b8b86ca"> 751 A-23265085</a> 752 </td> 753 <td></td> 754 <td><a href="#all_nexus"> </a></td> 755 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 756 <td>3 2015.</td> 757 </tr> 758 </table> 759 760 <h3 id="elevation-of-privilege-vulnerability-in-mediaserver"> 761 mediaserver</h3> 762 <p> 763 764 . , 765 , 766 (, 767 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 768 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 769 770 <table> 771 <col width="19%"> 772 <col width="16%"> 773 <col width="10%"> 774 <col width="19%"> 775 <col width="18%"> 776 <col width="16%"> 777 <tr> 778 <th>CVE</th> 779 <th></th> 780 <th> </th> 781 <th> Nexus</th> 782 <th> AOSP</th> 783 <th> </th> 784 </tr> 785 <tr> 786 <td>CVE-2016-3745</td> 787 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/073a80800f341325932c66818ce4302b312909a4"> 788 A-28173666</a> 789 </td> 790 <td></td> 791 <td><a href="#all_nexus"> </a></td> 792 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 793 <td>10 2016.</td> 794 </tr> 795 <tr> 796 <td>CVE-2016-3746</td> 797 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/5b82f4f90c3d531313714df4b936f92fb0ff15cf"> 798 A-27890802</a> 799 </td> 800 <td></td> 801 <td><a href="#all_nexus"> </a></td> 802 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 803 <td>27 2016.</td> 804 </tr> 805 <tr> 806 <td>CVE-2016-3747</td> 807 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/4ed06d14080d8667d5be14eed200e378cba78345"> 808 A-27903498</a> 809 </td> 810 <td></td> 811 <td><a href="#all_nexus"> </a></td> 812 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 813 <td>28 2016.</td> 814 </tr> 815 </table> 816 817 <h3 id="elevation-of-privilege-vulnerability-in-sockets"> 818 </h3> 819 <p> 820 . 821 822 , , 823 .</p> 824 825 <table> 826 <col width="19%"> 827 <col width="16%"> 828 <col width="10%"> 829 <col width="19%"> 830 <col width="18%"> 831 <col width="16%"> 832 <tr> 833 <th>CVE</th> 834 <th></th> 835 <th> </th> 836 <th> Nexus</th> 837 <th> AOSP</th> 838 <th> </th> 839 </tr> 840 <tr> 841 <td>CVE-2016-3748</td> 842 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/556bb0f55324e8839d7b735a0de9bc31028e839e"> 843 A-28171804</a> 844 </td> 845 <td></td> 846 <td><a href="#all_nexus"> </a></td> 847 <td>6.0, 6.0.1</td> 848 <td>13 2016.</td> 849 </tr> 850 </table> 851 852 <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice"> 853 LockSettingsService</h3> 854 <p> . , .</p> 855 856 <table> 857 <col width="19%"> 858 <col width="16%"> 859 <col width="10%"> 860 <col width="19%"> 861 <col width="17%"> 862 <col width="17%"> 863 <tr> 864 <th>CVE</th> 865 <th></th> 866 <th> </th> 867 <th> Nexus</th> 868 <th> AOSP</th> 869 <th> </th> 870 </tr> 871 <tr> 872 <td>CVE-2016-3749</td> 873 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e83f0f6a5a6f35323f5367f99c8e287c440f33f5"> 874 A-28163930</a> 875 </td> 876 <td></td> 877 <td><a href="#all_nexus"> </a></td> 878 <td>6.0, 6.0.1</td> 879 <td> Google</td> 880 </tr> 881 </table> 882 883 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis"> 884 Framework API</h3> 885 <p> Parcels Framework API 886 , 887 . 888 , 889 .</p> 890 891 <table> 892 <col width="19%"> 893 <col width="16%"> 894 <col width="10%"> 895 <col width="19%"> 896 <col width="17%"> 897 <col width="17%"> 898 <tr> 899 <th>CVE</th> 900 <th></th> 901 <th> </th> 902 <th> Nexus</th> 903 <th> AOSP</th> 904 <th> </th> 905 </tr> 906 <tr> 907 <td>CVE-2016-3750</td> 908 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/54cb02ad733fb71b1bdf78590428817fb780aff8"> 909 A-28395952</a> 910 </td> 911 <td></td> 912 <td><a href="#all_nexus"> </a></td> 913 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 914 <td>16 2015.</td> 915 </tr> 916 </table> 917 918 <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service"> 919 ChooserTarget</h3> 920 <p> 921 . 922 , 923 .</p> 924 925 <table> 926 <col width="19%"> 927 <col width="16%"> 928 <col width="10%"> 929 <col width="19%"> 930 <col width="17%"> 931 <col width="17%"> 932 <tr> 933 <th>CVE</th> 934 <th></th> 935 <th> </th> 936 <th> Nexus</th> 937 <th> AOSP</th> 938 <th> </th> 939 </tr> 940 <tr> 941 <td>CVE-2016-3752</td> 942 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ddbf2db5b946be8fdc45c7b0327bf560b2a06988"> 943 A-28384423</a> 944 </td> 945 <td></td> 946 <td><a href="#all_nexus"> </a></td> 947 <td>6.0, 6.0.1</td> 948 <td> Google</td> 949 </tr> 950 </table> 951 952 <h3 id="information-disclosure-vulnerability-in-mediaserver"> 953 mediaserver</h3> 954 <p> 955 , 956 , . - 957 .</p> 958 959 <table> 960 <col width="19%"> 961 <col width="16%"> 962 <col width="10%"> 963 <col width="19%"> 964 <col width="18%"> 965 <col width="16%"> 966 <tr> 967 <th>CVE</th> 968 <th></th> 969 <th> </th> 970 <th> Nexus</th> 971 <th> AOSP</th> 972 <th> </th> 973 </tr> 974 <tr> 975 <td>CVE-2016-3753</td> 976 <td>A-27210135</td> 977 <td></td> 978 <td>*</td> 979 <td>4.4.4</td> 980 <td>15 2016.</td> 981 </tr> 982 </table> 983 <p>* Nexus, 984 .</p> 985 986 <h3 id="information-disclosure-vulnerability-in-openssl"> 987 OpenSSL</h3> 988 <p> 989 , 990 , . - 991 .</p> 992 993 <table> 994 <col width="19%"> 995 <col width="16%"> 996 <col width="10%"> 997 <col width="19%"> 998 <col width="18%"> 999 <col width="16%"> 1000 <tr> 1001 <th>CVE</th> 1002 <th></th> 1003 <th> </th> 1004 <th> Nexus</th> 1005 <th> AOSP</th> 1006 <th> </th> 1007 </tr> 1008 <tr> 1009 <td>CVE-2016-2107</td> 1010 <td>A-28550804</td> 1011 <td></td> 1012 <td>*</td> 1013 <td>4.4.4, 5.0.2, 5.1.1</td> 1014 <td>13 2016.</td> 1015 </tr> 1016 </table> 1017 <p>* Nexus, 1018 .</p> 1019 1020 <h3 id="denial-of-service-vulnerability-in-mediaserver"> 1021 mediaserver</h3> 1022 <p> 1023 . 1024 , 1025 .</p> 1026 1027 <table> 1028 <col width="19%"> 1029 <col width="19%"> 1030 <col width="10%"> 1031 <col width="16%"> 1032 <col width="17%"> 1033 <col width="17%"> 1034 <tr> 1035 <th>CVE</th> 1036 <th></th> 1037 <th> </th> 1038 <th> Nexus</th> 1039 <th> AOSP</th> 1040 <th> </th> 1041 </tr> 1042 <tr> 1043 <td>CVE-2016-3754</td> 1044 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> 1045 A-28615448</a> 1046 [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] 1047 </td> 1048 <td></td> 1049 <td><a href="#all_nexus"> </a></td> 1050 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1051 <td>5 2016.</td> 1052 </tr> 1053 <tr> 1054 <td>CVE-2016-3755</td> 1055 <td><a href="https://android.googlesource.com/platform/external/libavc/+/d4841f1161bdb5e13cb19e81af42437a634dd6ef"> 1056 A-28470138</a> 1057 </td> 1058 <td></td> 1059 <td><a href="#all_nexus"> </a></td> 1060 <td>6.0, 6.0.1</td> 1061 <td>29 2016.</td> 1062 </tr> 1063 <tr> 1064 <td>CVE-2016-3756</td> 1065 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/659030a2e80c38fb8da0a4eb68695349eec6778b"> 1066 A-28556125</a> 1067 </td> 1068 <td></td> 1069 <td><a href="#all_nexus"> </a></td> 1070 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1071 <td> Google</td> 1072 </tr> 1073 </table> 1074 1075 <h3 id="denial-of-service-vulnerability-in-libc"> 1076 libc</h3> 1077 <p> 1078 . 1079 , 1080 .</p> 1081 1082 <table> 1083 <col width="19%"> 1084 <col width="16%"> 1085 <col width="10%"> 1086 <col width="19%"> 1087 <col width="17%"> 1088 <col width="17%"> 1089 <tr> 1090 <th>CVE</th> 1091 <th></th> 1092 <th> </th> 1093 <th> Nexus</th> 1094 <th> AOSP</th> 1095 <th> </th> 1096 </tr> 1097 <tr> 1098 <td>CVE-2016-3818</td> 1099 <td>A-28740702</td> 1100 <td></td> 1101 <td>*</td> 1102 <td>4.4.4</td> 1103 <td> Google</td> 1104 </tr> 1105 </table> 1106 <p>* Nexus, 1107 .</p> 1108 1109 <h3 id="elevation-of-privilege-vulnerability-in-lsof"> 1110 lsof</h3> 1111 <p> 1112 . - 1113 . 1114 , 1115 .</p> 1116 1117 <table> 1118 <col width="19%"> 1119 <col width="16%"> 1120 <col width="10%"> 1121 <col width="19%"> 1122 <col width="18%"> 1123 <col width="16%"> 1124 <tr> 1125 <th>CVE</th> 1126 <th></th> 1127 <th> </th> 1128 <th> Nexus</th> 1129 <th> AOSP</th> 1130 <th> </th> 1131 </tr> 1132 <tr> 1133 <td>CVE-2016-3757</td> 1134 <td><a href="https://android.googlesource.com/platform/system/core/+/ae18eb014609948a40e22192b87b10efc680daa7"> 1135 A-28175237</a> 1136 </td> 1137 <td></td> 1138 <td><a href="#all_nexus"> </a></td> 1139 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1140 <td>11 2016.</td> 1141 </tr> 1142 </table> 1143 1144 <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader"> 1145 DexClassLoader</h3> 1146 <p> 1147 . , 1148 1149 .</p> 1150 1151 <table> 1152 <col width="19%"> 1153 <col width="16%"> 1154 <col width="10%"> 1155 <col width="19%"> 1156 <col width="17%"> 1157 <col width="17%"> 1158 <tr> 1159 <th>CVE</th> 1160 <th></th> 1161 <th> </th> 1162 <th> Nexus</th> 1163 <th> AOSP</th> 1164 <th> </th> 1165 </tr> 1166 <tr> 1167 <td>CVE-2016-3758</td> 1168 <td><a href="https://android.googlesource.com/platform/dalvik/+/338aeaf28e9981c15d0673b18487dba61eb5447c"> 1169 A-27840771</a> 1170 </td> 1171 <td></td> 1172 <td><a href="#all_nexus"> </a></td> 1173 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1174 <td> Google</td> 1175 </tr> 1176 </table> 1177 1178 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2"> 1179 Framework API</h3> 1180 <p> 1181 . 1182 , 1183 , 1184 .</p> 1185 1186 <table> 1187 <col width="19%"> 1188 <col width="16%"> 1189 <col width="10%"> 1190 <col width="19%"> 1191 <col width="17%"> 1192 <col width="17%"> 1193 <tr> 1194 <th>CVE</th> 1195 <th></th> 1196 <th> </th> 1197 <th> Nexus</th> 1198 <th> AOSP</th> 1199 <th> </th> 1200 </tr> 1201 <tr> 1202 <td>CVE-2016-3759</td> 1203 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/9b8c6d2df35455ce9e67907edded1e4a2ecb9e28"> 1204 A-28406080</a> 1205 </td> 1206 <td></td> 1207 <td><a href="#all_nexus"> </a></td> 1208 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 1209 <td> Google</td> 1210 </tr> 1211 </table> 1212 1213 <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"> 1214 Bluetooth</h3> 1215 <p> , , 1216 Bluetooth 1217 . , 1218 1219 .</p> 1220 1221 <table> 1222 <col width="19%"> 1223 <col width="16%"> 1224 <col width="10%"> 1225 <col width="19%"> 1226 <col width="18%"> 1227 <col width="16%"> 1228 <tr> 1229 <th>CVE</th> 1230 <th></th> 1231 <th> </th> 1232 <th> Nexus</th> 1233 <th> AOSP</th> 1234 <th> </th> 1235 </tr> 1236 <tr> 1237 <td>CVE-2016-3760</td> 1238 <td><a href="https://android.googlesource.com/platform/hardware/libhardware/+/8b3d5a64c3c8d010ad4517f652731f09107ae9c5">A-27410683</a> 1239 [<a href="https://android.googlesource.com/platform/system/bt/+/37c88107679d36c419572732b4af6e18bb2f7dce">2</a>] 1240 [<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>] 1241 </td> 1242 <td></td> 1243 <td><a href="#all_nexus"> </a></td> 1244 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 1245 <td>29 2016.</td> 1246 </tr> 1247 </table> 1248 1249 <h3 id="elevation-of-privilege-vulnerability-in-nfc"> 1250 NFC</h3> 1251 <p> , 1252 , 1253 . , 1254 1255 .</p> 1256 1257 <table> 1258 <col width="19%"> 1259 <col width="16%"> 1260 <col width="10%"> 1261 <col width="19%"> 1262 <col width="18%"> 1263 <col width="16%"> 1264 <tr> 1265 <th>CVE</th> 1266 <th></th> 1267 <th> </th> 1268 <th> Nexus</th> 1269 <th> AOSP</th> 1270 <th> </th> 1271 </tr> 1272 <tr> 1273 <td>CVE-2016-3761</td> 1274 <td><a href="https://android.googlesource.com/platform/packages/apps/Nfc/+/9ea802b5456a36f1115549b645b65c791eff3c2c"> 1275 A-28300969</a> 1276 </td> 1277 <td></td> 1278 <td><a href="#all_nexus"> </a></td> 1279 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1280 <td>20 2016.</td> 1281 </tr> 1282 </table> 1283 1284 <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"> 1285 </h3> 1286 <p> 1287 , , 1288 . 1289 , , .</p> 1290 1291 <table> 1292 <col width="19%"> 1293 <col width="16%"> 1294 <col width="10%"> 1295 <col width="19%"> 1296 <col width="18%"> 1297 <col width="16%"> 1298 <tr> 1299 <th>CVE</th> 1300 <th></th> 1301 <th> </th> 1302 <th> Nexus</th> 1303 <th> AOSP</th> 1304 <th> </th> 1305 </tr> 1306 <tr> 1307 <td>CVE-2016-3762</td> 1308 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39"> 1309 A-28612709</a> 1310 </td> 1311 <td></td> 1312 <td><a href="#all_nexus"> </a></td> 1313 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 1314 <td>21 2016.</td> 1315 </tr> 1316 </table> 1317 1318 <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> 1319 Proxy Auto-Config</h3> 1320 <p> 1321 . - 1322 .</p> 1323 1324 <table> 1325 <col width="19%"> 1326 <col width="16%"> 1327 <col width="10%"> 1328 <col width="19%"> 1329 <col width="18%"> 1330 <col width="16%"> 1331 <tr> 1332 <th>CVE</th> 1333 <th></th> 1334 <th> </th> 1335 <th> Nexus</th> 1336 <th> AOSP</th> 1337 <th> </th> 1338 </tr> 1339 <tr> 1340 <td>CVE-2016-3763</td> 1341 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ec2fc50d202d975447211012997fe425496c849c"> 1342 A-27593919</a> 1343 </td> 1344 <td></td> 1345 <td><a href="#all_nexus"> </a></td> 1346 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1347 <td>10 2016.</td> 1348 </tr> 1349 </table> 1350 1351 <h3 id="information-disclosure-vulnerability-in-mediaserver-2"> 1352 mediaserver</h3> 1353 <p> 1354 . - 1355 .</p> 1356 1357 <table> 1358 <col width="19%"> 1359 <col width="16%"> 1360 <col width="10%"> 1361 <col width="19%"> 1362 <col width="18%"> 1363 <col width="16%"> 1364 <tr> 1365 <th>CVE</th> 1366 <th></th> 1367 <th> </th> 1368 <th> Nexus</th> 1369 <th> AOSP</th> 1370 <th> </th> 1371 </tr> 1372 <tr> 1373 <td>CVE-2016-3764</td> 1374 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/daef4327fe0c75b0a90bb8627458feec7a301e1f"> 1375 A-28377502</a> 1376 </td> 1377 <td></td> 1378 <td><a href="#all_nexus"> </a></td> 1379 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1380 <td>25 2016.</td> 1381 </tr> 1382 <tr> 1383 <td>CVE-2016-3765</td> 1384 <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/d1c775d1d8d2ed117d1e026719b7f9f089716597"> 1385 A-28168413</a> 1386 </td> 1387 <td></td> 1388 <td><a href="#all_nexus"> </a></td> 1389 <td>6.0, 6.0.1</td> 1390 <td>8 2016.</td> 1391 </tr> 1392 </table> 1393 1394 <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> 1395 mediaserver</h3> 1396 <p> 1397 . 1398 , 1399 .</p> 1400 1401 <table> 1402 <col width="19%"> 1403 <col width="16%"> 1404 <col width="10%"> 1405 <col width="19%"> 1406 <col width="18%"> 1407 <col width="16%"> 1408 <tr> 1409 <th>CVE</th> 1410 <th></th> 1411 <th> </th> 1412 <th> Nexus</th> 1413 <th> AOSP</th> 1414 <th> </th> 1415 </tr> 1416 <tr> 1417 <td>CVE-2016-3766</td> 1418 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> 1419 A-28471206</a> 1420 [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] 1421 </td> 1422 <td></td> 1423 <td><a href="#all_nexus"> </a></td> 1424 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1425 <td>29 2016.</td> 1426 </tr> 1427 </table> 1428 1429 <h2 id="2016-07-05_details"> ( 2016-07-05)</h2> 1430 <p> 1431 <a href="2016-07-05_summary"> </a> : , 1432 CVE, , , 1433 Nexus AOSP ( ), 1434 . , 1435 , (, AOSP), 1436 .</p> 1437 1438 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> 1439 Qualcomm </h3> 1440 <p> 1441 . , 1442 - . , 1443 .</p> 1444 1445 <table> 1446 <col width="19%"> 1447 <col width="16%"> 1448 <col width="10%"> 1449 <col width="27%"> 1450 <col width="16%"> 1451 <tr> 1452 <th>CVE</th> 1453 <th></th> 1454 <th> </th> 1455 <th> Nexus</th> 1456 <th> </th> 1457 </tr> 1458 <tr> 1459 <td>CVE-2016-2503</td> 1460 <td>A-28084795* 1461 QC-CR1006067</td> 1462 <td></td> 1463 <td>Nexus5X, Nexus6P</td> 1464 <td>5 2016.</td> 1465 </tr> 1466 <tr> 1467 <td>CVE-2016-2067</td> 1468 <td>A-28305757 1469 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/?id=410cfa95f0a1cf58819cbfbd896f9aa45b004ac0"> 1470 QC-CR988993</a></td> 1471 <td></td> 1472 <td>Nexus5X, Nexus6, Nexus6P</td> 1473 <td>20 2016.</td> 1474 </tr> 1475 </table> 1476 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1477 1478 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> 1479 Wi-Fi- MediaTek</h3> 1480 <p> 1481 . , 1482 - . , 1483 .</p> 1484 1485 <table> 1486 <col width="19%"> 1487 <col width="20%"> 1488 <col width="10%"> 1489 <col width="23%"> 1490 <col width="16%"> 1491 <tr> 1492 <th>CVE</th> 1493 <th></th> 1494 <th> </th> 1495 <th> Nexus</th> 1496 <th> </th> 1497 </tr> 1498 <tr> 1499 <td>CVE-2016-3767</td> 1500 <td>A-28169363* 1501 <br>M-ALPS02689526</td> 1502 <td></td> 1503 <td>AndroidOne</td> 1504 <td>6 2016.</td> 1505 </tr> 1506 </table> 1507 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1508 1509 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> 1510 Qualcomm</h3> 1511 <p> 1512 . , 1513 - . , 1514 .</p> 1515 1516 <table> 1517 <col width="19%"> 1518 <col width="16%"> 1519 <col width="10%"> 1520 <col width="27%"> 1521 <col width="16%"> 1522 <tr> 1523 <th>CVE</th> 1524 <th></th> 1525 <th> </th> 1526 <th> Nexus</th> 1527 <th> </th> 1528 </tr> 1529 <tr> 1530 <td>CVE-2016-3768</td> 1531 <td>A-28172137* 1532 QC-CR1010644</td> 1533 <td></td> 1534 <td>Nexus5, Nexus6, Nexus5X, Nexus6P, Nexus7 (2013)</td> 1535 <td>9 2016.</td> 1536 </tr> 1537 </table> 1538 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1539 1540 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> 1541 NVIDIA</h3> 1542 <p> 1543 . , 1544 - . , 1545 .</p> 1546 1547 <table> 1548 <col width="19%"> 1549 <col width="20%"> 1550 <col width="10%"> 1551 <col width="23%"> 1552 <col width="16%"> 1553 <tr> 1554 <th>CVE</th> 1555 <th></th> 1556 <th> </th> 1557 <th> Nexus</th> 1558 <th> </th> 1559 </tr> 1560 <tr> 1561 <td>CVE-2016-3769</td> 1562 <td>A-28376656*<br> 1563 N-CVE20163769</td> 1564 <td></td> 1565 <td>Nexus9</td> 1566 <td>18 2016.</td> 1567 </tr> 1568 </table> 1569 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1570 1571 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific"> 1572 MediaTek ( )</h3> 1573 <p> 1574 . , 1575 - . , 1576 .</p> 1577 1578 <table> 1579 <col width="19%"> 1580 <col width="20%"> 1581 <col width="10%"> 1582 <col width="23%"> 1583 <col width="16%"> 1584 <tr> 1585 <th>CVE</th> 1586 <th></th> 1587 <th> </th> 1588 <th> Nexus</th> 1589 <th> </th> 1590 </tr> 1591 <tr> 1592 <td>CVE-2016-3770</td> 1593 <td>A-28346752*<br> 1594 M-ALPS02703102</td> 1595 <td></td> 1596 <td>AndroidOne</td> 1597 <td>22 2016.</td> 1598 </tr> 1599 <tr> 1600 <td>CVE-2016-3771</td> 1601 <td>A-29007611*<br> 1602 M-ALPS02703102</td> 1603 <td></td> 1604 <td>AndroidOne</td> 1605 <td>22 2016.</td> 1606 </tr> 1607 <tr> 1608 <td>CVE-2016-3772</td> 1609 <td>A-29008188*<br> 1610 M-ALPS02703102</td> 1611 <td></td> 1612 <td>AndroidOne</td> 1613 <td>22 2016.</td> 1614 </tr> 1615 <tr> 1616 <td>CVE-2016-3773</td> 1617 <td>A-29008363*<br> 1618 M-ALPS02703102</td> 1619 <td></td> 1620 <td>AndroidOne</td> 1621 <td>22 2016.</td> 1622 </tr> 1623 <tr> 1624 <td>CVE-2016-3774</td> 1625 <td>A-29008609*<br> 1626 M-ALPS02703102</td> 1627 <td></td> 1628 <td>AndroidOne</td> 1629 <td>22 2016.</td> 1630 </tr> 1631 </table> 1632 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1633 1634 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> 1635 </h3> 1636 <p> 1637 . , 1638 - . , 1639 .</p> 1640 1641 <table> 1642 <col width="19%"> 1643 <col width="16%"> 1644 <col width="10%"> 1645 <col width="27%"> 1646 <col width="16%"> 1647 <tr> 1648 <th>CVE</th> 1649 <th></th> 1650 <th> </th> 1651 <th> Nexus</th> 1652 <th> </th> 1653 </tr> 1654 <tr> 1655 <td>CVE-2016-3775</td> 1656 <td>A-28588279*</td> 1657 <td></td> 1658 <td>Nexus5X, Nexus6, Nexus6P Nexus Player, PixelC</td> 1659 <td>4 2016.</td> 1660 </tr> 1661 </table> 1662 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1663 1664 <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> 1665 USB-</h3> 1666 <p> 1667 . , 1668 - . , 1669 .</p> 1670 1671 <table> 1672 <col width="19%"> 1673 <col width="16%"> 1674 <col width="10%"> 1675 <col width="27%"> 1676 <col width="16%"> 1677 <tr> 1678 <th>CVE</th> 1679 <th></th> 1680 <th> </th> 1681 <th> Nexus</th> 1682 <th> </th> 1683 </tr> 1684 <tr> 1685 <td>CVE-2015-8816</td> 1686 <td>A-28712303*</td> 1687 <td></td> 1688 <td>Nexus5X, Nexus6, Nexus6P, Nexus7 (2013), Nexus9, Nexus Player, PixelC</td> 1689 <td>4 2016.</td> 1690 </tr> 1691 </table> 1692 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1693 1694 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> 1695 Qualcomm</h3> 1696 <p> , 1697 Qualcomm, , , 1698 , , .</p> 1699 <p> , 1700 - . , 1701 .</p> 1702 1703 <table> 1704 <col width="19%"> 1705 <col width="20%"> 1706 <col width="10%"> 1707 <col width="23%"> 1708 <col width="16%"> 1709 <tr> 1710 <th>CVE</th> 1711 <th></th> 1712 <th> *</th> 1713 <th> Nexus</th> 1714 <th> </th> 1715 </tr> 1716 <tr> 1717 <td>CVE-2014-9795</td> 1718 <td>A-28820720<br> 1719 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> 1720 [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] 1721 </td> 1722 <td></td> 1723 <td>Nexus5</td> 1724 <td>8 2014.</td> 1725 </tr> 1726 <tr> 1727 <td>CVE-2014-9794</td> 1728 <td>A-28821172<br> 1729 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> 1730 </td> 1731 <td></td> 1732 <td>Nexus7 (2013)</td> 1733 <td>8 2014.</td> 1734 </tr> 1735 <tr> 1736 <td>CVE-2015-8892</td> 1737 <td>A-28822807<br> 1738 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> 1739 </td> 1740 <td></td> 1741 <td>Nexus5X, Nexus6P</td> 1742 <td>30 2015.</td> 1743 </tr> 1744 <tr> 1745 <td>CVE-2014-9781</td> 1746 <td>A-28410333<br> 1747 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> 1748 </td> 1749 <td></td> 1750 <td>Nexus7 (2013)</td> 1751 <td>6 2014.</td> 1752 </tr> 1753 <tr> 1754 <td>CVE-2014-9786</td> 1755 <td>A-28557260<br> 1756 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> 1757 <td></td> 1758 <td>Nexus5, Nexus7 (2013)</td> 1759 <td>13 2014.</td> 1760 </tr> 1761 <tr> 1762 <td>CVE-2014-9788</td> 1763 <td>A-28573112<br> 1764 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> 1765 <td></td> 1766 <td>Nexus5</td> 1767 <td>13 2014.</td> 1768 </tr> 1769 <tr> 1770 <td>CVE-2014-9779</td> 1771 <td>A-28598347<br> 1772 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> 1773 <td></td> 1774 <td>Nexus5</td> 1775 <td>13 2014.</td> 1776 </tr> 1777 <tr> 1778 <td>CVE-2014-9780</td> 1779 <td>A-28602014<br> 1780 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> 1781 <td></td> 1782 <td>Nexus5, Nexus5X, Nexus6P</td> 1783 <td>13 2014.</td> 1784 </tr> 1785 <tr> 1786 <td>CVE-2014-9789</td> 1787 <td>A-28749392<br> 1788 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> 1789 <td></td> 1790 <td>Nexus5</td> 1791 <td>13 2014.</td> 1792 </tr> 1793 <tr> 1794 <td>CVE-2014-9793</td> 1795 <td>A-28821253<br> 1796 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> 1797 <td></td> 1798 <td>Nexus7 (2013)</td> 1799 <td>13 2014.</td> 1800 </tr> 1801 <tr> 1802 <td>CVE-2014-9782</td> 1803 <td>A-28431531<br> 1804 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> 1805 <td></td> 1806 <td>Nexus5, Nexus7 (2013)</td> 1807 <td>31 2014.</td> 1808 </tr> 1809 <tr> 1810 <td>CVE-2014-9783</td> 1811 <td>A-28441831<br> 1812 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> 1813 [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> 1814 <td></td> 1815 <td>Nexus7 (2013)</td> 1816 <td>31 2014.</td> 1817 </tr> 1818 <tr> 1819 <td>CVE-2014-9785</td> 1820 <td>A-28469042<br> 1821 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> 1822 <td></td> 1823 <td>Nexus7 (2013)</td> 1824 <td>31 2014.</td> 1825 </tr> 1826 <tr> 1827 <td>CVE-2014-9787</td> 1828 <td>A-28571496<br> 1829 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> 1830 <td></td> 1831 <td>Nexus7 (2013)</td> 1832 <td>31 2014.</td> 1833 </tr> 1834 <tr> 1835 <td>CVE-2014-9784</td> 1836 <td>A-28442449<br> 1837 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> 1838 <td></td> 1839 <td>Nexus5, Nexus7 (2013)</td> 1840 <td>30 2014.</td> 1841 </tr> 1842 <tr> 1843 <td>CVE-2014-9777</td> 1844 <td>A-28598501<br> 1845 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> 1846 <td></td> 1847 <td>Nexus5, Nexus7 (2013)</td> 1848 <td>30 2014.</td> 1849 </tr> 1850 <tr> 1851 <td>CVE-2014-9778</td> 1852 <td>A-28598515<br> 1853 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> 1854 <td></td> 1855 <td>Nexus5, Nexus7 (2013)</td> 1856 <td>30 2014.</td> 1857 </tr> 1858 <tr> 1859 <td>CVE-2014-9790</td> 1860 <td>A-28769136<br> 1861 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> 1862 [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> 1863 <td></td> 1864 <td>Nexus5, Nexus7 (2013)</td> 1865 <td>30 2014.</td> 1866 </tr> 1867 <tr> 1868 <td>CVE-2014-9792</td> 1869 <td>A-28769399<br> 1870 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> 1871 <td></td> 1872 <td>Nexus5</td> 1873 <td>30 2014.</td> 1874 </tr> 1875 <tr> 1876 <td>CVE-2014-9797</td> 1877 <td>A-28821090<br> 1878 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> 1879 <td></td> 1880 <td>Nexus5</td> 1881 <td>3 2014.</td> 1882 </tr> 1883 <tr> 1884 <td>CVE-2014-9791</td> 1885 <td>A-28803396<br> 1886 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> 1887 <td></td> 1888 <td>Nexus7 (2013)</td> 1889 <td>29 2014.</td> 1890 </tr> 1891 <tr> 1892 <td>CVE-2014-9796</td> 1893 <td>A-28820722<br> 1894 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> 1895 <td></td> 1896 <td>Nexus5, Nexus7 (2013)</td> 1897 <td>30 2014.</td> 1898 </tr> 1899 <tr> 1900 <td>CVE-2014-9800</td> 1901 <td>A-28822150<br> 1902 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> 1903 <td></td> 1904 <td>Nexus5, Nexus7 (2013)</td> 1905 <td>31 2014.</td> 1906 </tr> 1907 <tr> 1908 <td>CVE-2014-9799</td> 1909 <td>A-28821731<br> 1910 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> 1911 <td></td> 1912 <td>Nexus5, Nexus7 (2013)</td> 1913 <td>31 2014.</td> 1914 </tr> 1915 <tr> 1916 <td>CVE-2014-9801</td> 1917 <td>A-28822060<br> 1918 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> 1919 <td></td> 1920 <td>Nexus5</td> 1921 <td>28 2014.</td> 1922 </tr> 1923 <tr> 1924 <td>CVE-2014-9802</td> 1925 <td>A-28821965<br> 1926 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> 1927 <td></td> 1928 <td>Nexus5, Nexus7 (2013)</td> 1929 <td>31 2014.</td> 1930 </tr> 1931 <tr> 1932 <td>CVE-2015-8891</td> 1933 <td>A-28842418<br> 1934 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> 1935 <td></td> 1936 <td>Nexus5, Nexus7 (2013)</td> 1937 <td>29 2015.</td> 1938 </tr> 1939 <tr> 1940 <td>CVE-2015-8888</td> 1941 <td>A-28822465<br> 1942 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> 1943 <td></td> 1944 <td>Nexus5</td> 1945 <td>30 2015.</td> 1946 </tr> 1947 <tr> 1948 <td>CVE-2015-8889</td> 1949 <td>A-28822677<br> 1950 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> 1951 <td></td> 1952 <td>Nexus6P</td> 1953 <td>30 2015.</td> 1954 </tr> 1955 <tr> 1956 <td>CVE-2015-8890</td> 1957 <td>A-28822878<br> 1958 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> 1959 <td></td> 1960 <td>Nexus5, Nexus7 (2013)</td> 1961 <td>19 2015</td> 1962 </tr> 1963 </table> 1964 <p>* Qualcomm.</p> 1965 1966 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> 1967 USB- Qualcomm</h3> 1968 <p> 1969 . , 1970 .</p> 1971 1972 <table> 1973 <col width="19%"> 1974 <col width="16%"> 1975 <col width="10%"> 1976 <col width="27%"> 1977 <col width="16%"> 1978 <tr> 1979 <th>CVE</th> 1980 <th></th> 1981 <th> </th> 1982 <th> Nexus</th> 1983 <th> </th> 1984 </tr> 1985 <tr> 1986 <td>CVE-2016-2502</td> 1987 <td>A-27657963 1988 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=0bc45d7712eabe315ce8299a49d16433c3801156">QC-CR997044</a></td> 1989 <td></td> 1990 <td>Nexus5X, Nexus6P</td> 1991 <td>11 2016.</td> 1992 </tr> 1993 </table> 1994 1995 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> 1996 Wi-Fi- Qualcomm</h3> 1997 <p> 1998 . , 1999 .</p> 2000 2001 <table> 2002 <col width="19%"> 2003 <col width="16%"> 2004 <col width="10%"> 2005 <col width="27%"> 2006 <col width="16%"> 2007 <tr> 2008 <th>CVE</th> 2009 <th></th> 2010 <th> </th> 2011 <th> Nexus</th> 2012 <th> </th> 2013 </tr> 2014 <tr> 2015 <td>CVE-2016-3792</td> 2016 <td>A-27725204 2017 <a href="https://us.codeaurora.org/cgit/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=28d4f0c1f712bffb4aa5b47f06e97d5a9fa06d29">QC-CR561022</a></td> 2018 <td></td> 2019 <td>Nexus7 (2013)</td> 2020 <td>17 2016.</td> 2021 </tr> 2022 </table> 2023 2024 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> 2025 Qualcomm </h3> 2026 <p> 2027 . , 2028 .</p> 2029 2030 <table> 2031 <col width="19%"> 2032 <col width="16%"> 2033 <col width="10%"> 2034 <col width="27%"> 2035 <col width="16%"> 2036 <tr> 2037 <th>CVE</th> 2038 <th></th> 2039 <th> </th> 2040 <th> Nexus</th> 2041 <th> </th> 2042 </tr> 2043 <tr> 2044 <td>CVE-2016-2501</td> 2045 <td>A-27890772* 2046 QC-CR1001092</td> 2047 <td></td> 2048 <td>Nexus5X, Nexus6, Nexus6P, Nexus7 (2013)</td> 2049 <td>27 2016.</td> 2050 </tr> 2051 </table> 2052 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2053 2054 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> 2055 NVIDIA </h3> 2056 <p> 2057 . , 2058 .</p> 2059 2060 <table> 2061 <col width="19%"> 2062 <col width="20%"> 2063 <col width="10%"> 2064 <col width="23%"> 2065 <col width="16%"> 2066 <tr> 2067 <th>CVE</th> 2068 <th></th> 2069 <th> </th> 2070 <th> Nexus</th> 2071 <th> </th> 2072 </tr> 2073 <tr> 2074 <td>CVE-2016-3793</td> 2075 <td>A-28026625*<br> 2076 N-CVE20163793</td> 2077 <td></td> 2078 <td>Nexus9</td> 2079 <td>5 2016.</td> 2080 </tr> 2081 </table> 2082 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2083 2084 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> 2085 MediaTek</h3> 2086 <p> 2087 . , 2088 .</p> 2089 2090 <table> 2091 <col width="19%"> 2092 <col width="20%"> 2093 <col width="10%"> 2094 <col width="23%"> 2095 <col width="16%"> 2096 <tr> 2097 <th>CVE</th> 2098 <th></th> 2099 <th> </th> 2100 <th> Nexus</th> 2101 <th> </th> 2102 </tr> 2103 <tr> 2104 <td>CVE-2016-3795</td> 2105 <td>A-28085222*<br> 2106 M-ALPS02677244</td> 2107 <td></td> 2108 <td>AndroidOne</td> 2109 <td>7 2016.</td> 2110 </tr> 2111 <tr> 2112 <td>CVE-2016-3796</td> 2113 <td>A-29008443*<br> 2114 M-ALPS02677244</td> 2115 <td></td> 2116 <td>AndroidOne</td> 2117 <td>7 2016.</td> 2118 </tr> 2119 </table> 2120 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2121 2122 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> 2123 Wi-Fi- Qualcomm</h3> 2124 <p> 2125 . , 2126 .</p> 2127 2128 <table> 2129 <col width="19%"> 2130 <col width="16%"> 2131 <col width="10%"> 2132 <col width="27%"> 2133 <col width="16%"> 2134 <tr> 2135 <th>CVE</th> 2136 <th></th> 2137 <th> </th> 2138 <th> Nexus</th> 2139 <th> </th> 2140 </tr> 2141 <tr> 2142 <td>CVE-2016-3797</td> 2143 <td>A-28085680* 2144 QC-CR1001450</td> 2145 <td></td> 2146 <td>Nexus5X</td> 2147 <td>7 2016.</td> 2148 </tr> 2149 </table> 2150 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2151 2152 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> 2153 MediaTek </h3> 2154 <p> 2155 . , 2156 .</p> 2157 2158 <table> 2159 <col width="19%"> 2160 <col width="20%"> 2161 <col width="10%"> 2162 <col width="23%"> 2163 <col width="16%"> 2164 <tr> 2165 <th>CVE</th> 2166 <th></th> 2167 <th> </th> 2168 <th> Nexus</th> 2169 <th> </th> 2170 </tr> 2171 <tr> 2172 <td>CVE-2016-3798</td> 2173 <td>A-28174490*<br> 2174 M-ALPS02703105</td> 2175 <td></td> 2176 <td>AndroidOne</td> 2177 <td>11 2016.</td> 2178 </tr> 2179 </table> 2180 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2181 2182 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> 2183 MediaTek</h3> 2184 <p> 2185 . , 2186 .</p> 2187 2188 <table> 2189 <col width="19%"> 2190 <col width="20%"> 2191 <col width="10%"> 2192 <col width="23%"> 2193 <col width="16%"> 2194 <tr> 2195 <th>CVE</th> 2196 <th></th> 2197 <th> </th> 2198 <th> Nexus</th> 2199 <th> </th> 2200 </tr> 2201 <tr> 2202 <td>CVE-2016-3799</td> 2203 <td>A-28175025*<br> 2204 M-ALPS02693738</td> 2205 <td></td> 2206 <td>AndroidOne</td> 2207 <td>11 2016.</td> 2208 </tr> 2209 <tr> 2210 <td>CVE-2016-3800</td> 2211 <td>A-28175027*<br> 2212 M-ALPS02693739</td> 2213 <td></td> 2214 <td>AndroidOne</td> 2215 <td>11 2016.</td> 2216 </tr> 2217 </table> 2218 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2219 2220 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> 2221 GPS- MediaTek</h3> 2222 <p> 2223 . , 2224 .</p> 2225 2226 <table> 2227 <col width="19%"> 2228 <col width="20%"> 2229 <col width="10%"> 2230 <col width="23%"> 2231 <col width="16%"> 2232 <tr> 2233 <th>CVE</th> 2234 <th></th> 2235 <th> </th> 2236 <th> Nexus</th> 2237 <th> </th> 2238 </tr> 2239 <tr> 2240 <td>CVE-2016-3801</td> 2241 <td>A-28174914*<br> 2242 M-ALPS02688853</td> 2243 <td></td> 2244 <td>AndroidOne</td> 2245 <td>11 2016.</td> 2246 </tr> 2247 </table> 2248 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2249 2250 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> 2251 </h3> 2252 <p> 2253 . , 2254 .</p> 2255 2256 <table> 2257 <col width="19%"> 2258 <col width="16%"> 2259 <col width="10%"> 2260 <col width="27%"> 2261 <col width="16%"> 2262 <tr> 2263 <th>CVE</th> 2264 <th></th> 2265 <th> </th> 2266 <th> Nexus</th> 2267 <th> </th> 2268 </tr> 2269 <tr> 2270 <td>CVE-2016-3802</td> 2271 <td>A-28271368*</td> 2272 <td></td> 2273 <td>Nexus9</td> 2274 <td>19 2016.</td> 2275 </tr> 2276 <tr> 2277 <td>CVE-2016-3803</td> 2278 <td>A-28588434*</td> 2279 <td></td> 2280 <td>Nexus5X, Nexus6P</td> 2281 <td>4 2016.</td> 2282 </tr> 2283 </table> 2284 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2285 2286 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> 2287 MediaTek</h3> 2288 <p> 2289 . , 2290 .</p> 2291 2292 <table> 2293 <col width="19%"> 2294 <col width="20%"> 2295 <col width="10%"> 2296 <col width="23%"> 2297 <col width="16%"> 2298 <tr> 2299 <th>CVE</th> 2300 <th></th> 2301 <th> </th> 2302 <th> Nexus</th> 2303 <th> </th> 2304 </tr> 2305 <tr> 2306 <td>CVE-2016-3804</td> 2307 <td>A-28332766*<br> 2308 M-ALPS02694410</td> 2309 <td></td> 2310 <td>AndroidOne</td> 2311 <td>20 2016.</td> 2312 </tr> 2313 <tr> 2314 <td>CVE-2016-3805</td> 2315 <td>A-28333002*<br> 2316 M-ALPS02694412</td> 2317 <td></td> 2318 <td>AndroidOne</td> 2319 <td>21 2016.</td> 2320 </tr> 2321 </table> 2322 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2323 2324 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> 2325 MediaTek</h3> 2326 <p> 2327 . , 2328 .</p> 2329 2330 <table> 2331 <col width="19%"> 2332 <col width="20%"> 2333 <col width="10%"> 2334 <col width="23%"> 2335 <col width="16%"> 2336 <tr> 2337 <th>CVE</th> 2338 <th></th> 2339 <th> </th> 2340 <th> Nexus</th> 2341 <th> </th> 2342 </tr> 2343 <tr> 2344 <td>CVE-2016-3806</td> 2345 <td>A-28402341*<br> 2346 M-ALPS02715341</td> 2347 <td></td> 2348 <td>AndroidOne</td> 2349 <td>26 2016.</td> 2350 </tr> 2351 </table> 2352 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2353 2354 <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> 2355 SPI</h3> 2356 <p> 2357 . , 2358 .</p> 2359 2360 <table> 2361 <col width="19%"> 2362 <col width="16%"> 2363 <col width="10%"> 2364 <col width="27%"> 2365 <col width="16%"> 2366 <tr> 2367 <th>CVE</th> 2368 <th></th> 2369 <th> </th> 2370 <th> Nexus</th> 2371 <th> </th> 2372 </tr> 2373 <tr> 2374 <td>CVE-2016-3807</td> 2375 <td>A-28402196*</td> 2376 <td></td> 2377 <td>Nexus5X, Nexus6P</td> 2378 <td>26 2016.</td> 2379 </tr> 2380 <tr> 2381 <td>CVE-2016-3808</td> 2382 <td>A-28430009*</td> 2383 <td></td> 2384 <td>Pixel</td> 2385 <td>26 2016.</td> 2386 </tr> 2387 </table> 2388 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2389 2390 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> 2391 Qualcomm</h3> 2392 <p> 2393 . , 2394 .</p> 2395 2396 <table> 2397 <col width="19%"> 2398 <col width="16%"> 2399 <col width="10%"> 2400 <col width="27%"> 2401 <col width="16%"> 2402 <tr> 2403 <th>CVE</th> 2404 <th></th> 2405 <th> </th> 2406 <th> Nexus</th> 2407 <th> </th> 2408 </tr> 2409 <tr> 2410 <td>CVE-2016-2068</td> 2411 <td>A-28470967 2412 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> 2413 <td></td> 2414 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 2415 <td>28 2016.</td> 2416 </tr> 2417 </table> 2418 2419 <h3 id="elevation-of-privilege-vulnerability-in-kernel"> 2420 </h3> 2421 <p> 2422 . , 2423 .</p> 2424 2425 <table> 2426 <col width="19%"> 2427 <col width="20%"> 2428 <col width="10%"> 2429 <col width="23%"> 2430 <col width="16%"> 2431 <tr> 2432 <th>CVE</th> 2433 <th></th> 2434 <th> </th> 2435 <th> Nexus</th> 2436 <th> </th> 2437 </tr> 2438 <tr> 2439 <td>CVE-2014-9803</td> 2440 <td>A-28557020<br> 2441 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> 2442 Upstream kernel</a></td> 2443 <td></td> 2444 <td>Nexus5X, Nexus6P</td> 2445 <td> Google</td> 2446 </tr> 2447 </table> 2448 2449 <h3 id="information-disclosure-vulnerability-in-networking-component"> 2450 </h3> 2451 <p> 2452 . 2453 - 2454 .</p> 2455 2456 <table> 2457 <col width="19%"> 2458 <col width="16%"> 2459 <col width="10%"> 2460 <col width="27%"> 2461 <col width="16%"> 2462 <tr> 2463 <th>CVE</th> 2464 <th></th> 2465 <th> </th> 2466 <th> Nexus</th> 2467 <th> </th> 2468 </tr> 2469 <tr> 2470 <td>CVE-2016-3809</td> 2471 <td>A-27532522*</td> 2472 <td></td> 2473 <td><a href="#all_nexus"> </a></td> 2474 <td>5 2016.</td> 2475 </tr> 2476 </table> 2477 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2478 2479 <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver"> 2480 Wi-Fi- MediaTek</h3> 2481 <p> 2482 . - 2483 .</p> 2484 2485 <table> 2486 <col width="19%"> 2487 <col width="20%"> 2488 <col width="10%"> 2489 <col width="23%"> 2490 <col width="16%"> 2491 <tr> 2492 <th>CVE</th> 2493 <th></th> 2494 <th> </th> 2495 <th> Nexus</th> 2496 <th> </th> 2497 </tr> 2498 <tr> 2499 <td>CVE-2016-3810</td> 2500 <td>A-28175522*<br> 2501 M-ALPS02694389</td> 2502 <td></td> 2503 <td>AndroidOne</td> 2504 <td>12 2016.</td> 2505 </tr> 2506 </table> 2507 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2508 2509 <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> 2510 </h3> 2511 <p> 2512 . , 2513 .</p> 2514 2515 <table> 2516 <col width="19%"> 2517 <col width="16%"> 2518 <col width="10%"> 2519 <col width="27%"> 2520 <col width="16%"> 2521 <tr> 2522 <th>CVE</th> 2523 <th></th> 2524 <th> </th> 2525 <th> Nexus</th> 2526 <th> </th> 2527 </tr> 2528 <tr> 2529 <td>CVE-2016-3811</td> 2530 <td>A-28447556*</td> 2531 <td></td> 2532 <td>Nexus9</td> 2533 <td> Google</td> 2534 </tr> 2535 </table> 2536 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2537 2538 <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> 2539 MediaTek</h3> 2540 <p> 2541 . 2542 , 2543 .</p> 2544 2545 <table> 2546 <col width="19%"> 2547 <col width="20%"> 2548 <col width="10%"> 2549 <col width="23%"> 2550 <col width="16%"> 2551 <tr> 2552 <th>CVE</th> 2553 <th></th> 2554 <th> </th> 2555 <th> Nexus</th> 2556 <th> </th> 2557 </tr> 2558 <tr> 2559 <td>CVE-2016-3812</td> 2560 <td>A-28174833*<br> 2561 M-ALPS02688832</td> 2562 <td></td> 2563 <td>AndroidOne</td> 2564 <td>11 2016.</td> 2565 </tr> 2566 </table> 2567 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2568 2569 <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> 2570 USB- Qualcomm</h3> 2571 <p> 2572 . 2573 2574 , 2575 .</p> 2576 2577 <table> 2578 <col width="19%"> 2579 <col width="16%"> 2580 <col width="10%"> 2581 <col width="27%"> 2582 <col width="16%"> 2583 <tr> 2584 <th>CVE</th> 2585 <th></th> 2586 <th> </th> 2587 <th> Nexus</th> 2588 <th> </th> 2589 </tr> 2590 <tr> 2591 <td>CVE-2016-3813</td> 2592 <td>A-28172322* 2593 QC-CR1010222</td> 2594 <td></td> 2595 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 2596 <td>11 2016.</td> 2597 </tr> 2598 </table> 2599 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2600 2601 <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> 2602 NVIDIA </h3> 2603 <p> 2604 . 2605 2606 , 2607 .</p> 2608 2609 <table> 2610 <col width="19%"> 2611 <col width="20%"> 2612 <col width="10%"> 2613 <col width="23%"> 2614 <col width="16%"> 2615 <tr> 2616 <th>CVE</th> 2617 <th></th> 2618 <th> </th> 2619 <th> Nexus</th> 2620 <th> </th> 2621 </tr> 2622 <tr> 2623 <td>CVE-2016-3814</td> 2624 <td>A-28193342*<br> 2625 N-CVE20163814</td> 2626 <td></td> 2627 <td>Nexus9</td> 2628 <td>14 2016.</td> 2629 </tr> 2630 <tr> 2631 <td>CVE-2016-3815</td> 2632 <td>A-28522274*<br> 2633 N-CVE20163815</td> 2634 <td></td> 2635 <td>Nexus9</td> 2636 <td>1 2016.</td> 2637 </tr> 2638 </table> 2639 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2640 2641 <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> 2642 MediaTek</h3> 2643 <p> 2644 . 2645 , 2646 .</p> 2647 2648 <table> 2649 <col width="19%"> 2650 <col width="16%"> 2651 <col width="10%"> 2652 <col width="27%"> 2653 <col width="16%"> 2654 <tr> 2655 <th>CVE</th> 2656 <th></th> 2657 <th> </th> 2658 <th> Nexus</th> 2659 <th> </th> 2660 </tr> 2661 <tr> 2662 <td>CVE-2016-3816</td> 2663 <td>A-28402240*</td> 2664 <td></td> 2665 <td>AndroidOne</td> 2666 <td>26 2016.</td> 2667 </tr> 2668 </table> 2669 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2670 2671 <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> 2672 </h3> 2673 <p> 2674 . 2675 2676 , 2677 .</p> 2678 2679 <table> 2680 <col width="19%"> 2681 <col width="20%"> 2682 <col width="10%"> 2683 <col width="23%"> 2684 <col width="16%"> 2685 <tr> 2686 <th>CVE</th> 2687 <th></th> 2688 <th> </th> 2689 <th> Nexus</th> 2690 <th> </th> 2691 </tr> 2692 <tr> 2693 <td>CVE-2016-0723</td> 2694 <td>A-28409131<br> 2695 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439">Upstream 2696 kernel</a></td> 2697 <td></td> 2698 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus7 (2013), Nexus9, Nexus 2699 Player, PixelC</td> 2700 <td>26 2016.</td> 2701 </tr> 2702 </table> 2703 2704 <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> 2705 Qualcomm</h3> 2706 <p> 2707 . , . 2708 , 2709 .</p> 2710 2711 <table> 2712 <col width="19%"> 2713 <col width="16%"> 2714 <col width="10%"> 2715 <col width="27%"> 2716 <col width="16%"> 2717 <tr> 2718 <th>CVE</th> 2719 <th></th> 2720 <th> </th> 2721 <th> Nexus</th> 2722 <th> </th> 2723 </tr> 2724 <tr> 2725 <td>CVE-2014-9798</td> 2726 <td>A-28821448 2727 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484">QC-CR681965</a></td> 2728 <td></td> 2729 <td>Nexus5</td> 2730 <td>31 2014.</td> 2731 </tr> 2732 <tr> 2733 <td>CVE-2015-8893</td> 2734 <td>A-28822690 2735 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=800255e8bfcc31a02e89460460e3811f225e7a69">QC-CR822275</a></td> 2736 <td></td> 2737 <td>Nexus5, Nexus7 (2013)</td> 2738 <td>19 2015</td> 2739 </tr> 2740 </table> 2741 <h2 id="common-questions-and-answers"> </h2> 2742 <p> , 2743 .</p> 2744 2745 <p><strong>1. , , ?</strong></p> 2746 <p> 1 2016 , 2747 2016-07-01. 5 2016 2748 , 2016-07-05. , 2749 , <a href="https://support.google.com/nexus/answer/4457705"> </a>. 2750 , , 2751 2752 [ro.build.version.security_patch]:[2016-07-01] 2753 [ro.build.version.security_patch]:[2016-07-05].</p> 2754 2755 <p><strong>2. ?</strong></p> 2756 <p> , 2757 , 2758 Android. Android 2759 2760 .</p> 2761 <p> 5 2016 2762 , 2763 .</p> 2764 <p> 1 2016 2765 , 2766 , . , 2767 , 5 2016.</p> 2768 2769 <p id="all_nexus"><strong>3. , Nexus ?</strong></p> 2770 <p> <a href="#2016-07-01_details">2016-07-01</a> 2771 <a href="#2016-07-05_details">2016-07-05</a> " Nexus". , 2772 .</p> 2773 <ul> 2774 <li><strong> .</strong> <em></em> 2775 2776 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> Nexus</a>: Nexus5, Nexus5X, Nexus6, 2777 Nexus6P, Nexus7 (2013), Nexus9, AndroidOne, Nexus Player 2778 PixelC.</li> 2779 <li><strong> .</strong> <em></em> , 2780 .</li> 2781 <li><strong>.</strong> Nexus.<em></em></li> 2782 </ul> 2783 2784 <p><strong>4. ""?</strong></p> 2785 <p> <em></em>. 2786 , 2787 , :</p> 2788 2789 <table> 2790 <tr> 2791 <th></th> 2792 <th></th> 2793 </tr> 2794 <tr> 2795 <td>A-</td> 2796 <td> Android</td> 2797 </tr> 2798 <tr> 2799 <td>QC-</td> 2800 <td> Qualcomm</td> 2801 </tr> 2802 <tr> 2803 <td>M-</td> 2804 <td> MediaTek</td> 2805 </tr> 2806 <tr> 2807 <td>N-</td> 2808 <td> NVIDIA</td> 2809 </tr> 2810 </table> 2811 2812 <h2 id="revisions"></h2> 2813 <ul> 2814 <li>6 2016. .</li> 2815 <li>7 2016. 2816 <ul> 2817 <li> AOSP. 2818 <li> CVE-2016-3794, CVE-2016-3814. 2819 <li> CVE-2016-2501 CVE-2016-2502. 2820 </li></li></li></ul> 2821 </li> 2822 <li>11 2016. CVE-2016-3750.</li> 2823 <li>14 2016. CVE-2016-2503.</li> 2824 </ul> 2825
