1 page.title= Android 2017. 2 @jd:body 3 4 <!-- 5 Copyright 2016 The Android Open Source Project 6 7 Licensed under the Apache License, Version 2.0 (the "License"); 8 you may not use this file except in compliance with the License. 9 You may obtain a copy of the License at 10 11 http://www.apache.org/licenses/LICENSE-2.0 12 13 Unless required by applicable law or agreed to in writing, software 14 distributed under the License is distributed on an "AS IS" BASIS, 15 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 See the License for the specific language governing permissions and 17 limitations under the License. 18 --> 19 <p><em> 3 2017. | 5 2017.</em></p> 20 21 <p> Android. Google <a href="https://developers.google.com/android/nexus/images"> </a>. , , 5 2017 . , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>.</p> 22 23 <p> 5 2016 . Android Open Source Project (AOSP). 24 AOSP.</p> 25 26 <p> (, , MMS).</p> 27 28 <p> . <a href="#mitigations"> </a> , <a href="{@docRoot}security/enhancements/index.html"> </a> , <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, Android.</p> 29 30 <p> .</p> 31 32 <h2 id="announcements"></h2> 33 <ul> 34 <li> , , Android. <a href="#common-questions-and-answers"> </a>. 35 <ul> 36 <li><strong>2017-01-01</strong>: , 2017-01-01 .</li> 37 <li><strong>2017-01-05</strong>: , 2017-01-01 2017-01-05, .</li> 38 </ul> 39 </li> 40 <li> Google 5 2017.</li> 41 </ul> 42 <h2 id="security-vulnerability-summary"> </h2> 43 <p> , (CVE) , , Google. <a href="{@docRoot}security/overview/updates-resources.html#severity"> </a> , , .</p> 44 45 <h3 id="2017-01-01-summary"> ( 2017-01-01)</h3> 46 <p> 1 2017 .</p> 47 48 <table> 49 <col width="55%"> 50 <col width="20%"> 51 <col width="13%"> 52 <col width="12%"> 53 <tr> 54 <th></th> 55 <th>CVE</th> 56 <th> </th> 57 <th> Google?</th> 58 </tr> 59 <tr> 60 <td> c-ares</td> 61 <td>CVE-2016-5180</td> 62 <td></td> 63 <td></td> 64 </tr> 65 <tr> 66 <td> Framesequence</td> 67 <td>CVE-2017-0382</td> 68 <td></td> 69 <td></td> 70 </tr> 71 <tr> 72 <td> Framework API</td> 73 <td>CVE-2017-0383</td> 74 <td></td> 75 <td></td> 76 </tr> 77 <tr> 78 <td> audioserver</td> 79 <td>CVE-2017-0384, CVE-2017-0385</td> 80 <td></td> 81 <td></td> 82 </tr> 83 <tr> 84 <td> libnl</td> 85 <td>CVE-2017-0386</td> 86 <td></td> 87 <td></td> 88 </tr> 89 <tr> 90 <td> mediaserver</td> 91 <td>CVE-2017-0387</td> 92 <td></td> 93 <td></td> 94 </tr> 95 <tr> 96 <td> External Storage Provider</td> 97 <td>CVE-2017-0388</td> 98 <td></td> 99 <td></td> 100 </tr> 101 <tr> 102 <td> </td> 103 <td>CVE-2017-0389</td> 104 <td></td> 105 <td></td> 106 </tr> 107 <tr> 108 <td> mediaserver</td> 109 <td>CVE-2017-0390, CVE-2017-0391, CVE-2017-0392, CVE-2017-0393</td> 110 <td></td> 111 <td></td> 112 </tr> 113 <tr> 114 <td> </td> 115 <td>CVE-2017-0394</td> 116 <td></td> 117 <td></td> 118 </tr> 119 <tr> 120 <td> </td> 121 <td>CVE-2017-0395</td> 122 <td></td> 123 <td></td> 124 </tr> 125 <tr> 126 <td> mediaserver</td> 127 <td>CVE-2017-0381, CVE-2017-0396, CVE-2017-0397</td> 128 <td></td> 129 <td></td> 130 </tr> 131 <tr> 132 <td> audioserver</td> 133 <td>CVE-2017-0398, CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td> 134 <td></td> 135 <td></td> 136 </tr> 137 </table> 138 139 <h3 id="2017-01-05-summary"> ( 2017-01-05)</h3> 140 <p> 5 2017 , 2017-01-01, , .</p> 141 142 <table> 143 <col width="55%"> 144 <col width="20%"> 145 <col width="13%"> 146 <col width="12%"> 147 <tr> 148 <th></th> 149 <th>CVE</th> 150 <th> </th> 151 <th> Google?</th> 152 </tr> 153 <tr> 154 <td> </td> 155 <td>CVE-2015-3288</td> 156 <td></td> 157 <td></td> 158 </tr> 159 <tr> 160 <td> Qualcomm</td> 161 <td>CVE-2016-8422, CVE-2016-8423</td> 162 <td></td> 163 <td></td> 164 </tr> 165 <tr> 166 <td> </td> 167 <td>CVE-2015-5706</td> 168 <td></td> 169 <td>*</td> 170 </tr> 171 <tr> 172 <td> NVIDIA </td> 173 <td>CVE-2016-8424, CVE-2016-8425, CVE-2016-8426, CVE-2016-8482, CVE-2016-8427, CVE-2016-8428, CVE-2016-8429, CVE-2016-8430, CVE-2016-8431, CVE-2016-8432</td> 174 <td></td> 175 <td></td> 176 </tr> 177 <tr> 178 <td> MediaTek</td> 179 <td>CVE-2016-8433</td> 180 <td></td> 181 <td>*</td> 182 </tr> 183 <tr> 184 <td> Qualcomm </td> 185 <td>CVE-2016-8434</td> 186 <td></td> 187 <td></td> 188 </tr> 189 <tr> 190 <td> NVIDIA </td> 191 <td>CVE-2016-8435</td> 192 <td></td> 193 <td></td> 194 </tr> 195 <tr> 196 <td> Qualcomm</td> 197 <td>CVE-2016-8436</td> 198 <td></td> 199 <td>*</td> 200 </tr> 201 <tr> 202 <td> Qualcomm</td> 203 <td>CVE-2016-5080, CVE-2016-8398, CVE-2016-8437, CVE-2016-8438, CVE-2016-8439, CVE-2016-8440, CVE-2016-8441, CVE-2016-8442, CVE-2016-8443, CVE-2016-8459</td> 204 <td></td> 205 <td>*</td> 206 </tr> 207 <tr> 208 <td> Qualcomm</td> 209 <td>CVE-2016-8412, CVE-2016-8444</td> 210 <td></td> 211 <td></td> 212 </tr> 213 <tr> 214 <td> MediaTek</td> 215 <td>CVE-2016-8445, CVE-2016-8446, CVE-2016-8447, CVE-2016-8448</td> 216 <td></td> 217 <td>*</td> 218 </tr> 219 <tr> 220 <td> Wi-Fi- Qualcomm</td> 221 <td>CVE-2016-8415</td> 222 <td></td> 223 <td></td> 224 </tr> 225 <tr> 226 <td> NVIDIA </td> 227 <td>CVE-2016-8449</td> 228 <td></td> 229 <td></td> 230 </tr> 231 <tr> 232 <td> Qualcomm</td> 233 <td>CVE-2016-8450</td> 234 <td></td> 235 <td></td> 236 </tr> 237 <tr> 238 <td> Synaptics</td> 239 <td>CVE-2016-8451</td> 240 <td></td> 241 <td>*</td> 242 </tr> 243 <tr> 244 <td> </td> 245 <td>CVE-2016-7042</td> 246 <td></td> 247 <td></td> 248 </tr> 249 <tr> 250 <td> </td> 251 <td>CVE-2017-0403</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td> </td> 257 <td>CVE-2017-0404</td> 258 <td></td> 259 <td></td> 260 </tr> 261 <tr> 262 <td> Wi-Fi- Qualcomm</td> 263 <td>CVE-2016-8452</td> 264 <td></td> 265 <td></td> 266 </tr> 267 <tr> 268 <td> Qualcomm</td> 269 <td>CVE-2016-5345</td> 270 <td></td> 271 <td></td> 272 </tr> 273 <tr> 274 <td> </td> 275 <td>CVE-2016-9754</td> 276 <td></td> 277 <td></td> 278 </tr> 279 <tr> 280 <td> Wi-Fi- Broadcom</td> 281 <td>CVE-2016-8453, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457</td> 282 <td></td> 283 <td></td> 284 </tr> 285 <tr> 286 <td> Synaptics</td> 287 <td>CVE-2016-8458</td> 288 <td></td> 289 <td></td> 290 </tr> 291 <tr> 292 <td> NVIDIA</td> 293 <td>CVE-2016-8460</td> 294 <td></td> 295 <td></td> 296 </tr> 297 <tr> 298 <td> </td> 299 <td>CVE-2016-8461, CVE-2016-8462</td> 300 <td></td> 301 <td></td> 302 </tr> 303 <tr> 304 <td> FUSE Qualcomm</td> 305 <td>CVE-2016-8463</td> 306 <td></td> 307 <td>*</td> 308 </tr> 309 <tr> 310 <td> </td> 311 <td>CVE-2016-8467</td> 312 <td></td> 313 <td></td> 314 </tr> 315 <tr> 316 <td> Wi-Fi- Broadcom</td> 317 <td>CVE-2016-8464, CVE-2016-8465, CVE-2016-8466</td> 318 <td></td> 319 <td></td> 320 </tr> 321 <tr> 322 <td> </td> 323 <td>CVE-2016-8467</td> 324 <td></td> 325 <td></td> 326 </tr> 327 <tr> 328 <td> Binder</td> 329 <td>CVE-2016-8468</td> 330 <td></td> 331 <td></td> 332 </tr> 333 <tr> 334 <td> NVIDIA </td> 335 <td>CVE-2016-8469</td> 336 <td></td> 337 <td></td> 338 </tr> 339 <tr> 340 <td> MediaTek</td> 341 <td>CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</td> 342 <td></td> 343 <td>*</td> 344 </tr> 345 <tr> 346 <td> STMicroelectronics</td> 347 <td>CVE-2016-8473, CVE-2016-8474</td> 348 <td></td> 349 <td></td> 350 </tr> 351 <tr> 352 <td> Qualcomm</td> 353 <td>CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td> 354 <td></td> 355 <td></td> 356 </tr> 357 <tr> 358 <td> HTC</td> 359 <td>CVE-2016-8475</td> 360 <td></td> 361 <td></td> 362 </tr> 363 <tr> 364 <td> </td> 365 <td>CVE-2014-9420</td> 366 <td></td> 367 <td></td> 368 </tr> 369 </table> 370 <p>* Google Android7.0, .</p> 371 372 <h2 id="mitigations"> </h2> 373 <p> , <a href="{@docRoot}security/enhancements/index.html"> </a> , SafetyNet, Android.</p> 374 <ul> 375 <li> Android, .</li> 376 <li>, Android, <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a>. <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_PHA_classifications.pdf"> </a>. <a href="http://www.android.com/gms"> Google</a>. , . Google Play , . , . , , , . , .</li> 377 <li> Google Hangouts Messenger , mediaserver, .</li> 378 </ul> 379 <h2 id="acknowledgements"></h2> 380 <p> , :</p> 381 <ul> 382 <li> : CVE-2017-0390</li> 383 <li> Copperhead Security: CVE-2017-0397</li> 384 <li> (<a href="https://twitter.com/freener0">@freener0</a>) Xuanwu Lab, Tencent: CVE-2017-0386</li> 385 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2017-0392</li> 386 <li> (<a href="https://twitter.com/returnsme">@returnsme</a>) KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-8412, CVE-2016-8444, CVE-2016-8427, CVE-2017-0403</li> 387 <li>donfos ( ) Shellphish Grill, -: CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</li> 388 <li> (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>) <a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0394</li> 389 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2016-8464</li> 390 <li> Google WebM: CVE-2017-0393</li> 391 <li> () (<a href="http://twitter.com/oldfresher">@oldfresher</a>) Alpha Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>.: CVE-2017-0387</li> 392 <li> Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2016-8415, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465</li> 393 <li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360: CVE-2016-8475</li> 394 <li> (<a href="http://twitter.com/jcase">@jcase</a>) (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>): CVE-2016-8462</li> 395 <li> (<a href="http://twitter.com/jcase">@jcase</a>), (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>) (<a href="https://twitter.com/ben_ra">@Ben_RA</a>): CVE-2016-8461</li> 396 <li> (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), (<a href="https://twitter.com/nikos233__">@nikos233</a>), (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0383</li> 397 <li> : CVE-2017-0396, CVE-2017-0399</li> 398 <li> (<a href="https://twitter.com/heisecode">@heisecode</a>) Trend Micro: CVE-2016-8469, CVE-2016-8424, CVE-2016-8428, CVE-2016-8429, CVE-2016-8460, CVE-2016-8473, CVE-2016-8474</li> 399 <li> () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) KeenLab, Tencent (): CVE-2017-0382</li> 400 <li> IBM Security X-Force: CVE-2016-8467</li> 401 <li> (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) , Trend Micro: CVE-2016-8466</li> 402 <li> : CVE-2017-0389</li> 403 <li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) , <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0381</li> 404 <li> (<a href="https://twitter.com/sunblate">@sunblate</a>) Alibaba Inc.: CVE-2017-0391</li> 405 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0402, CVE-2017-0398</li> 406 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, <a href="mailto:arnow117 (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0400</li> 407 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, <a href="mailto:hlhan (a] bupt.edu.cn"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0384, CVE-2017-0385</li> 408 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, (<a href="https://twitter.com/nikos233__">@nikos233</a>), (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0401</li> 409 <li><a href="mailto:yaojun8558363 (a] gmail.com"> </a>, <a href="mailto:computernik (a] gmail.com">- </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8431, CVE-2016-8432, CVE-2016-8435</li> 410 <li> () (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Alibaba Inc.: CVE-2017-0404</li> 411 <li><a href="mailto:computernik (a] gmail.com">- </a>, <a href="mailto:segfault5514 (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8425, CVE-2016-8426, CVE-2016-8449</li> 412 <li><a href="mailto:computernik (a] gmail.com">- </a>, <a href="mailto:bigwyfone (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8430, CVE-2016-8482</li> 413 <li> (<a href="https://twitter.com/xbalien29">@Xbalien29</a>) Tencent: CVE-2017-0395</li> 414 <li> () (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>) Security Research Lab, <a href="http://www.cmcm.com/">Cheetah Mobile</a>: CVE-2016-8451</li> 415 </ul> 416 <p> , :</p> 417 <ul> 418 <li> , , , , , , Alibaba Mobile Security Group</li> 419 <li> (<a href="https://twitter.com/heisecode">@heisecode</a>) Trend Micro</li> 420 <li> Google</li> 421 </ul> 422 423 <h2 id="2017-01-01-details"> ( 2017-01-01)</h2> 424 <p> 425 , <a href="#2017-01-01-summary"> ( 2017-01-01)</a>: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 426 427 428 <h3 id="rce-in-c-ares"> c-ares</h3> 429 <p> 430 . - , . 431 </p> 432 433 <table> 434 <col width="18%"> 435 <col width="17%"> 436 <col width="10%"> 437 <col width="19%"> 438 <col width="18%"> 439 <col width="17%"> 440 <tr> 441 <th>CVE</th> 442 <th></th> 443 <th> </th> 444 <th> Google</th> 445 <th> AOSP</th> 446 <th> </th> 447 </tr> 448 <tr> 449 <td>CVE-2016-5180</td> 450 <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677"> 451 A-32205736</a></td> 452 <td></td> 453 <td></td> 454 <td>7.0</td> 455 <td>29 2016.</td> 456 </tr> 457 </table> 458 459 460 <h3 id="rce-vulnerability-in-framesequence"> Framesequence</h3> 461 <p> 462 . - , . 463 </p> 464 <table> 465 <col width="18%"> 466 <col width="17%"> 467 <col width="10%"> 468 <col width="19%"> 469 <col width="18%"> 470 <col width="17%"> 471 <tr> 472 <th>CVE</th> 473 <th></th> 474 <th> </th> 475 <th> Google</th> 476 <th> AOSP</th> 477 <th> </th> 478 </tr> 479 <tr> 480 <td>CVE-2017-0382</td> 481 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7"> 482 A-32338390</a></td> 483 <td></td> 484 <td></td> 485 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 486 <td>21 2016.</td> 487 </tr> 488 </table> 489 <h3 id="eop-in-framework-apis"> Framework API</h3> 490 <p> 491 . , , . 492 </p> 493 <table> 494 <col width="18%"> 495 <col width="17%"> 496 <col width="10%"> 497 <col width="19%"> 498 <col width="18%"> 499 <col width="17%"> 500 <tr> 501 <th>CVE</th> 502 <th></th> 503 <th> </th> 504 <th> Google</th> 505 <th> AOSP</th> 506 <th> </th> 507 </tr> 508 <tr> 509 <td>CVE-2017-0383</td> 510 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266"> 511 A-31677614</a></td> 512 <td></td> 513 <td></td> 514 <td>7.0, 7.1.1</td> 515 <td>21 2016.</td> 516 </tr> 517 </table> 518 <h3 id="eop-in-audioserver"> audioserver</h3> 519 <p> 520 . , , . 521 </p> 522 <table> 523 <col width="18%"> 524 <col width="17%"> 525 <col width="10%"> 526 <col width="19%"> 527 <col width="18%"> 528 <col width="17%"> 529 <tr> 530 <th>CVE</th> 531 <th></th> 532 <th> </th> 533 <th> Google</th> 534 <th> AOSP</th> 535 <th> </th> 536 </tr> 537 <tr> 538 <td>CVE-2017-0384</td> 539 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 540 A-32095626</a></td> 541 <td></td> 542 <td></td> 543 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 544 <td>11 2016.</td> 545 </tr> 546 <tr> 547 <td>CVE-2017-0385</td> 548 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 549 A-32585400</a></td> 550 <td></td> 551 <td></td> 552 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 553 <td>11 2016.</td> 554 </tr> 555 </table> 556 <h3 id="eop-in-libnl"> libnl</h3> 557 <p> 558 . , , . 559 </p> 560 <table> 561 <col width="18%"> 562 <col width="17%"> 563 <col width="10%"> 564 <col width="19%"> 565 <col width="18%"> 566 <col width="17%"> 567 <tr> 568 <th>CVE</th> 569 <th></th> 570 <th> </th> 571 <th> Google</th> 572 <th> AOSP</th> 573 <th> </th> 574 </tr> 575 <tr> 576 <td>CVE-2017-0386</td> 577 <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a"> 578 A-32255299</a></td> 579 <td></td> 580 <td></td> 581 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 582 <td>18 2016.</td> 583 </tr> 584 </table> 585 <h3 id="eop-in-mediaserver"> mediaserver</h3> 586 <p> 587 . , , . 588 </p> 589 <table> 590 <col width="18%"> 591 <col width="17%"> 592 <col width="10%"> 593 <col width="19%"> 594 <col width="18%"> 595 <col width="17%"> 596 <tr> 597 <th>CVE</th> 598 <th></th> 599 <th> </th> 600 <th> Google</th> 601 <th> AOSP</th> 602 <th> </th> 603 </tr> 604 <tr> 605 <td>CVE-2017-0387</td> 606 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f"> 607 A-32660278</a></td> 608 <td></td> 609 <td></td> 610 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 611 <td>4 2016.</td> 612 </tr> 613 </table> 614 <h3 id="id-in-external-storage-provider"> External Storage Provider</h3> 615 <p> 616 SD-, . - . 617 </p> 618 <table> 619 <col width="18%"> 620 <col width="17%"> 621 <col width="10%"> 622 <col width="19%"> 623 <col width="18%"> 624 <col width="17%"> 625 <tr> 626 <th>CVE</th> 627 <th></th> 628 <th> </th> 629 <th> Google</th> 630 <th> AOSP</th> 631 <th> </th> 632 </tr> 633 <tr> 634 <td>CVE-2017-0388</td> 635 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9"> 636 A-32523490</a></td> 637 <td></td> 638 <td></td> 639 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 640 <td> Google</td> 641 </tr> 642 </table> 643 <h3 id="dos-in-core-networking"> </h3> 644 <p> 645 . , . 646 </p> 647 <table> 648 <col width="18%"> 649 <col width="17%"> 650 <col width="10%"> 651 <col width="19%"> 652 <col width="18%"> 653 <col width="17%"> 654 <tr> 655 <th>CVE</th> 656 <th></th> 657 <th> </th> 658 <th> Google</th> 659 <th> AOSP</th> 660 <th> </th> 661 </tr> 662 <tr> 663 <td>CVE-2017-0389</td> 664 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7">A-31850211</a> 665 [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 666 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td> 667 <td></td> 668 <td></td> 669 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 670 <td>20 2016.</td> 671 </tr> 672 </table> 673 <h3 id="dos-in-mediaserver"> mediaserver</h3> 674 <p> 675 . , . 676 </p> 677 <table> 678 <col width="18%"> 679 <col width="17%"> 680 <col width="10%"> 681 <col width="19%"> 682 <col width="18%"> 683 <col width="17%"> 684 <tr> 685 <th>CVE</th> 686 <th></th> 687 <th> </th> 688 <th> Google</th> 689 <th> AOSP</th> 690 <th> </th> 691 </tr> 692 <tr> 693 <td>CVE-2017-0390</td> 694 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0"> 695 A-31647370</a></td> 696 <td></td> 697 <td></td> 698 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 699 <td>19 2016.</td> 700 </tr> 701 <tr> 702 <td>CVE-2017-0391</td> 703 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f"> 704 A-32322258</a></td> 705 <td></td> 706 <td></td> 707 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 708 <td>20 2016.</td> 709 </tr> 710 <tr> 711 <td>CVE-2017-0392</td> 712 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c"> 713 A-32577290</a></td> 714 <td></td> 715 <td></td> 716 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 717 <td>29 2016.</td> 718 </tr> 719 <tr> 720 <td>CVE-2017-0393</td> 721 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc"> 722 A-30436808</a></td> 723 <td></td> 724 <td></td> 725 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 726 <td> Google</td> 727 </tr> 728 </table> 729 <h3 id="dos-in-telephony"> </h3> 730 <p> 731 . , . 732 </p> 733 <table> 734 <col width="18%"> 735 <col width="17%"> 736 <col width="10%"> 737 <col width="19%"> 738 <col width="18%"> 739 <col width="17%"> 740 <tr> 741 <th>CVE</th> 742 <th></th> 743 <th> </th> 744 <th> Google</th> 745 <th> AOSP</th> 746 <th> </th> 747 </tr> 748 <tr> 749 <td>CVE-2017-0394</td> 750 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d"> 751 A-31752213</a></td> 752 <td></td> 753 <td></td> 754 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 755 <td>23 2016.</td> 756 </tr> 757 </table> 758 <h3 id="eop-in-contacts"> </h3> 759 <p> 760 . , (, , ). 761 </p> 762 <table> 763 <col width="18%"> 764 <col width="17%"> 765 <col width="10%"> 766 <col width="19%"> 767 <col width="18%"> 768 <col width="17%"> 769 <tr> 770 <th>CVE</th> 771 <th></th> 772 <th> </th> 773 <th> Google</th> 774 <th> AOSP</th> 775 <th> </th> 776 </tr> 777 <tr> 778 <td>CVE-2017-0395</td> 779 <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b"> 780 A-32219099</a></td> 781 <td></td> 782 <td></td> 783 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 784 <td>15 2016.</td> 785 </tr> 786 </table> 787 <h3 id="id-in-mediaserver"> mediaserver</h3> 788 <p> 789 . - . 790 </p> 791 <table> 792 <col width="18%"> 793 <col width="17%"> 794 <col width="10%"> 795 <col width="19%"> 796 <col width="18%"> 797 <col width="17%"> 798 <tr> 799 <th>CVE</th> 800 <th></th> 801 <th> </th> 802 <th> Google</th> 803 <th> AOSP</th> 804 <th> </th> 805 </tr> 806 <tr> 807 <td>CVE-2017-0381</td> 808 <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7"> 809 A-31607432</a></td> 810 <td></td> 811 <td></td> 812 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 813 <td>18 2016.</td> 814 </tr> 815 <tr> 816 <td>CVE-2017-0396</td> 817 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7"> 818 A-31781965</a></td> 819 <td></td> 820 <td></td> 821 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 822 <td>27 2016.</td> 823 </tr> 824 <tr> 825 <td>CVE-2017-0397</td> 826 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c"> 827 A-32377688</a></td> 828 <td></td> 829 <td></td> 830 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 831 <td>21 2016.</td> 832 </tr> 833 </table> 834 <h3 id="id-in-audioserver"> audioserver</h3> 835 <p> 836 . - . 837 </p> 838 <table> 839 <col width="18%"> 840 <col width="17%"> 841 <col width="10%"> 842 <col width="19%"> 843 <col width="18%"> 844 <col width="17%"> 845 <tr> 846 <th>CVE</th> 847 <th></th> 848 <th> </th> 849 <th> Google</th> 850 <th> AOSP</th> 851 <th> </th> 852 </tr> 853 <tr> 854 <td>CVE-2017-0398</td> 855 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 856 A-32438594</a></td> 857 <td></td> 858 <td></td> 859 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 860 <td>25 2016.</td> 861 </tr> 862 <tr> 863 <td>CVE-2017-0398</td> 864 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 865 A-32635664</a></td> 866 <td></td> 867 <td></td> 868 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 869 <td>25 2016.</td> 870 </tr> 871 <tr> 872 <td>CVE-2017-0398</td> 873 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 874 A-32624850</a></td> 875 <td></td> 876 <td></td> 877 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 878 <td>25 2016.</td> 879 </tr> 880 <tr> 881 <td>CVE-2017-0399</td> 882 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32247948</a> 883 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 884 <td></td> 885 <td></td> 886 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 887 <td>18 2016.</td> 888 </tr> 889 <tr> 890 <td>CVE-2017-0400</td> 891 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32584034</a> 892 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 893 <td></td> 894 <td></td> 895 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 896 <td>25 2016.</td> 897 </tr> 898 <tr> 899 <td>CVE-2017-0401</td> 900 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 901 A-32448258</a></td> 902 <td></td> 903 <td></td> 904 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 905 <td>26 2016.</td> 906 </tr> 907 <tr> 908 <td>CVE-2017-0402</td> 909 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32436341</a> 910 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 911 <td></td> 912 <td></td> 913 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 914 <td>25 2016.</td> 915 </tr> 916 </table> 917 918 <h2 id="2017-01-05-details"> ( 2017-01-05)</h2> 919 <p> 920 , <a href="#2017-01-05-summary"> ( 2017-01-05)</a>: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 921 922 923 <h3 id="eop-in-kernel-memory-subsystem"> </h3> 924 <p> 925 . , - . , . 926 </p> 927 928 <table> 929 <col width="19%"> 930 <col width="20%"> 931 <col width="10%"> 932 <col width="23%"> 933 <col width="17%"> 934 <tr> 935 <th>CVE</th> 936 <th></th> 937 <th> </th> 938 <th> Google</th> 939 <th> </th> 940 </tr> 941 <tr> 942 <td>CVE-2015-3288</td> 943 <td>A-32460277<br> 944 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d"> 945 Upstream kernel</a></td> 946 <td></td> 947 <td>Nexus5X, Nexus6, Nexus6P, AndroidOne, PixelC, Nexus Player, Pixel, PixelXL</td> 948 <td>9 2015.</td> 949 </tr> 950 </table> 951 952 953 <h3 id="eop-in-qualcomm-bootloader"> Qualcomm</h3> 954 <p> 955 . , - . , . 956 </p> 957 958 <table> 959 <col width="19%"> 960 <col width="20%"> 961 <col width="10%"> 962 <col width="23%"> 963 <col width="17%"> 964 <tr> 965 <th>CVE</th> 966 <th></th> 967 <th> </th> 968 <th> Google</th> 969 <th> </th> 970 </tr> 971 <tr> 972 <td>CVE-2016-8422</td> 973 <td>A-31471220<br> 974 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213"> 975 QC-CR#979426</a></td> 976 <td></td> 977 <td>Nexus6, Nexus6P, Pixel, PixelXL</td> 978 <td>22 2016.</td> 979 </tr> 980 <tr> 981 <td>CVE-2016-8423</td> 982 <td>A-31399736<br> 983 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867"> 984 QC-CR#1000546</a></td> 985 <td></td> 986 <td>Nexus6P, Pixel, PixelXL</td> 987 <td>24 2016.</td> 988 </tr> 989 </table> 990 991 992 <h3 id="eop-in-kernel-file-system"> </h3> 993 <p> 994 . , - . , . 995 </p> 996 997 <table> 998 <col width="19%"> 999 <col width="20%"> 1000 <col width="10%"> 1001 <col width="23%"> 1002 <col width="17%"> 1003 <tr> 1004 <th>CVE</th> 1005 <th></th> 1006 <th> </th> 1007 <th> Google</th> 1008 <th> </th> 1009 </tr> 1010 <tr> 1011 <td>CVE-2015-5706</td> 1012 <td>A-32289301<br> 1013 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0"> 1014 Upstream kernel</a></td> 1015 <td></td> 1016 <td>*</td> 1017 <td>1 2016.</td> 1018 </tr> 1019 </table> 1020 <p> 1021 * Google Android7.0, . 1022 </p> 1023 1024 1025 <h3 id="eop-in-nvidia-gpu-driver"> NVIDIA </h3> 1026 <p> 1027 . , - . , . 1028 </p> 1029 1030 <table> 1031 <col width="19%"> 1032 <col width="20%"> 1033 <col width="10%"> 1034 <col width="23%"> 1035 <col width="17%"> 1036 <tr> 1037 <th>CVE</th> 1038 <th></th> 1039 <th> </th> 1040 <th> Google</th> 1041 <th> </th> 1042 </tr> 1043 <tr> 1044 <td>CVE-2016-8424</td> 1045 <td>A-31606947*<br> 1046 N-CVE-2016-8424</td> 1047 <td></td> 1048 <td>Nexus9</td> 1049 <td>17 2016.</td> 1050 </tr> 1051 <tr> 1052 <td>CVE-2016-8425</td> 1053 <td>A-31797770*<br> 1054 N-CVE-2016-8425</td> 1055 <td></td> 1056 <td>Nexus9</td> 1057 <td>28 2016.</td> 1058 </tr> 1059 <tr> 1060 <td>CVE-2016-8426</td> 1061 <td>A-31799206*<br> 1062 N-CVE-2016-8426</td> 1063 <td></td> 1064 <td>Nexus9</td> 1065 <td>28 2016.</td> 1066 </tr> 1067 <tr> 1068 <td>CVE-2016-8482</td> 1069 <td>A-31799863*<br> 1070 N-CVE-2016-8482</td> 1071 <td></td> 1072 <td>Nexus9</td> 1073 <td>28 2016.</td> 1074 </tr> 1075 <tr> 1076 <td>CVE-2016-8427</td> 1077 <td>A-31799885*<br> 1078 N-CVE-2016-8427</td> 1079 <td></td> 1080 <td>Nexus9</td> 1081 <td>28 2016.</td> 1082 </tr> 1083 <tr> 1084 <td>CVE-2016-8428</td> 1085 <td>A-31993456*<br> 1086 N-CVE-2016-8428</td> 1087 <td></td> 1088 <td>Nexus9</td> 1089 <td>6 2016.</td> 1090 </tr> 1091 <tr> 1092 <td>CVE-2016-8429</td> 1093 <td>A-32160775*<br> 1094 N-CVE-2016-8429</td> 1095 <td></td> 1096 <td>Nexus9</td> 1097 <td>13 2016.</td> 1098 </tr> 1099 <tr> 1100 <td>CVE-2016-8430</td> 1101 <td>A-32225180*<br> 1102 N-CVE-2016-8430</td> 1103 <td></td> 1104 <td>Nexus9</td> 1105 <td>17 2016.</td> 1106 </tr> 1107 <tr> 1108 <td>CVE-2016-8431</td> 1109 <td>A-32402179*<br> 1110 N-CVE-2016-8431</td> 1111 <td></td> 1112 <td>Pixel</td> 1113 <td>25 2016.</td> 1114 </tr> 1115 <tr> 1116 <td>CVE-2016-8432</td> 1117 <td>A-32447738*<br> 1118 N-CVE-2016-8432</td> 1119 <td></td> 1120 <td>Pixel</td> 1121 <td>26 2016.</td> 1122 </tr> 1123 </table> 1124 <p> 1125 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1126 </p> 1127 1128 1129 <h3 id="eop-in-mediatek-driver"> MediaTek</h3> 1130 <p> 1131 . , - . , . 1132 </p> 1133 1134 <table> 1135 <col width="19%"> 1136 <col width="20%"> 1137 <col width="10%"> 1138 <col width="23%"> 1139 <col width="17%"> 1140 <tr> 1141 <th>CVE</th> 1142 <th></th> 1143 <th> </th> 1144 <th> Google</th> 1145 <th> </th> 1146 </tr> 1147 <tr> 1148 <td>CVE-2016-8433</td> 1149 <td>A-31750190*<br> 1150 MT-ALPS02974192</td> 1151 <td></td> 1152 <td>**</td> 1153 <td>24 2016.</td> 1154 </tr> 1155 </table> 1156 <p> 1157 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1158 </p> 1159 <p> 1160 ** Google Android7.0, . 1161 </p> 1162 1163 1164 <h3 id="eop-in-qualcomm-gpu-driver"> Qualcomm </h3> 1165 <p> 1166 . , - . , . 1167 </p> 1168 1169 <table> 1170 <col width="19%"> 1171 <col width="20%"> 1172 <col width="10%"> 1173 <col width="23%"> 1174 <col width="17%"> 1175 <tr> 1176 <th>CVE</th> 1177 <th></th> 1178 <th> </th> 1179 <th> Google</th> 1180 <th> </th> 1181 </tr> 1182 <tr> 1183 <td>CVE-2016-8434</td> 1184 <td>A-32125137<br> 1185 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9"> 1186 QC-CR#1081855</a></td> 1187 <td></td> 1188 <td>Nexus5X, Nexus6, Nexus6P, Android One</td> 1189 <td>12 2016.</td> 1190 </tr> 1191 </table> 1192 1193 1194 <h3 id="eop-in-nvidia-gpu-driver-2"> NVIDIA </h3> 1195 <p> 1196 . , - . , . 1197 </p> 1198 1199 <table> 1200 <col width="19%"> 1201 <col width="20%"> 1202 <col width="10%"> 1203 <col width="23%"> 1204 <col width="17%"> 1205 <tr> 1206 <th>CVE</th> 1207 <th></th> 1208 <th> </th> 1209 <th> Google</th> 1210 <th> </th> 1211 </tr> 1212 <tr> 1213 <td>CVE-2016-8435</td> 1214 <td>A-32700935*<br> 1215 N-CVE-2016-8435</td> 1216 <td></td> 1217 <td>Pixel</td> 1218 <td>7 2016.</td> 1219 </tr> 1220 </table> 1221 <p> 1222 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1223 </p> 1224 1225 1226 <h3 id="eop-in-qualcomm-video-driver"> Qualcomm</h3> 1227 <p> 1228 . , - . , . 1229 </p> 1230 1231 <table> 1232 <col width="19%"> 1233 <col width="20%"> 1234 <col width="10%"> 1235 <col width="23%"> 1236 <col width="17%"> 1237 <tr> 1238 <th>CVE</th> 1239 <th></th> 1240 <th> </th> 1241 <th> Google</th> 1242 <th> </th> 1243 </tr> 1244 <tr> 1245 <td>CVE-2016-8436</td> 1246 <td>A-32450261<br> 1247 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced"> 1248 QC-CR#1007860</a></td> 1249 <td></td> 1250 <td>*</td> 1251 <td>13 2016.</td> 1252 </tr> 1253 </table> 1254 <p> 1255 * Google Android7.0, . 1256 </p> 1257 1258 1259 <h3 id="vulnerabilities-in-qualcomm-components"> Qualcomm</h3> 1260 <p> 1261 Qualcomm Qualcomm AMSS 2015, 2016, 2016 2016. 1262 </p> 1263 1264 <table> 1265 <col width="19%"> 1266 <col width="20%"> 1267 <col width="10%"> 1268 <col width="23%"> 1269 <col width="17%"> 1270 <tr> 1271 <th>CVE</th> 1272 <th></th> 1273 <th> *</th> 1274 <th> Google</th> 1275 <th> </th> 1276 </tr> 1277 <tr> 1278 <td>CVE-2016-8438</td> 1279 <td>A-31624565**</td> 1280 <td></td> 1281 <td>***</td> 1282 <td> Qualcomm</td> 1283 </tr> 1284 <tr> 1285 <td>CVE-2016-8442</td> 1286 <td>A-31625910**</td> 1287 <td></td> 1288 <td>***</td> 1289 <td> Qualcomm</td> 1290 </tr> 1291 <tr> 1292 <td>CVE-2016-8443</td> 1293 <td>A-32576499**</td> 1294 <td></td> 1295 <td>***</td> 1296 <td> Qualcomm</td> 1297 </tr> 1298 <tr> 1299 <td>CVE-2016-8437</td> 1300 <td>A-31623057**</td> 1301 <td></td> 1302 <td>***</td> 1303 <td> Qualcomm</td> 1304 </tr> 1305 <tr> 1306 <td>CVE-2016-8439</td> 1307 <td>A-31625204**</td> 1308 <td></td> 1309 <td>***</td> 1310 <td> Qualcomm</td> 1311 </tr> 1312 <tr> 1313 <td>CVE-2016-8440</td> 1314 <td>A-31625306**</td> 1315 <td></td> 1316 <td>***</td> 1317 <td> Qualcomm</td> 1318 </tr> 1319 <tr> 1320 <td>CVE-2016-8441</td> 1321 <td>A-31625904**</td> 1322 <td></td> 1323 <td>***</td> 1324 <td> Qualcomm</td> 1325 </tr> 1326 <tr> 1327 <td>CVE-2016-8398</td> 1328 <td>A-31548486**</td> 1329 <td></td> 1330 <td>Nexus5X, Nexus6, Nexus6P, Android One</td> 1331 <td> Qualcomm</td> 1332 </tr> 1333 <tr> 1334 <td>CVE-2016-8459</td> 1335 <td>A-32577972**</td> 1336 <td></td> 1337 <td>***</td> 1338 <td> Qualcomm</td> 1339 </tr> 1340 <tr> 1341 <td>CVE-2016-5080</td> 1342 <td>A-31115235**</td> 1343 <td></td> 1344 <td>Nexus5X</td> 1345 <td> Qualcomm</td> 1346 </tr> 1347 </table> 1348 <p> 1349 * Qualcomm. 1350 </p> 1351 <p> 1352 ** . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1353 </p> 1354 <p> 1355 *** Google Android7.0, . 1356 </p> 1357 1358 1359 <h3 id="eop-in-qualcomm-camera"> Qualcomm</h3> 1360 <p> 1361 . , . 1362 </p> 1363 1364 <table> 1365 <col width="19%"> 1366 <col width="20%"> 1367 <col width="10%"> 1368 <col width="23%"> 1369 <col width="17%"> 1370 <tr> 1371 <th>CVE</th> 1372 <th></th> 1373 <th> </th> 1374 <th> Google</th> 1375 <th> </th> 1376 </tr> 1377 <tr> 1378 <td>CVE-2016-8412</td> 1379 <td>A-31225246<br> 1380 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786"> 1381 QC-CR#1071891</a></td> 1382 <td></td> 1383 <td>Nexus5X, Nexus6, Nexus6P, AndroidOne, Pixel, PixelXL</td> 1384 <td>26 2016.</td> 1385 </tr> 1386 <tr> 1387 <td>CVE-2016-8444</td> 1388 <td>A-31243641*<br> 1389 QC-CR#1074310</td> 1390 <td></td> 1391 <td>Nexus5X, Nexus6, Nexus6P</td> 1392 <td>26 2016.</td> 1393 </tr> 1394 </table> 1395 <p> 1396 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1397 </p> 1398 1399 1400 <h3 id="eop-in-mediatek-components"> MediaTek</h3> 1401 <p> 1402 . , . 1403 </p> 1404 1405 <table> 1406 <col width="19%"> 1407 <col width="20%"> 1408 <col width="10%"> 1409 <col width="23%"> 1410 <col width="17%"> 1411 <tr> 1412 <th>CVE</th> 1413 <th></th> 1414 <th> </th> 1415 <th> Google</th> 1416 <th> </th> 1417 </tr> 1418 <tr> 1419 <td>CVE-2016-8445</td> 1420 <td>A-31747590*<br> 1421 MT-ALPS02968983</td> 1422 <td></td> 1423 <td>**</td> 1424 <td>25 2016.</td> 1425 </tr> 1426 <tr> 1427 <td>CVE-2016-8446</td> 1428 <td>A-31747749*<br> 1429 MT-ALPS02968909</td> 1430 <td></td> 1431 <td>**</td> 1432 <td>25 2016.</td> 1433 </tr> 1434 <tr> 1435 <td>CVE-2016-8447</td> 1436 <td>A-31749463*<br> 1437 MT-ALPS02968886</td> 1438 <td></td> 1439 <td>**</td> 1440 <td>25 2016.</td> 1441 </tr> 1442 <tr> 1443 <td>CVE-2016-8448</td> 1444 <td>A-31791148*<br> 1445 MT-ALPS02982181</td> 1446 <td></td> 1447 <td>**</td> 1448 <td>28 2016.</td> 1449 </tr> 1450 </table> 1451 <p> 1452 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1453 </p> 1454 <p> 1455 ** Google Android7.0, . 1456 </p> 1457 1458 1459 <h3 id="eop-in-qualcomm-wi-fi-driver"> Wi-Fi- Qualcomm</h3> 1460 <p> 1461 . , . 1462 </p> 1463 1464 <table> 1465 <col width="19%"> 1466 <col width="20%"> 1467 <col width="10%"> 1468 <col width="23%"> 1469 <col width="17%"> 1470 <tr> 1471 <th>CVE</th> 1472 <th></th> 1473 <th> </th> 1474 <th> Google</th> 1475 <th> </th> 1476 </tr> 1477 <tr> 1478 <td>CVE-2016-8415</td> 1479 <td>A-31750554<br> 1480 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394"> 1481 QC-CR#1079596</a></td> 1482 <td></td> 1483 <td>Nexus5X, Pixel, PixelXL</td> 1484 <td>26 2016.</td> 1485 </tr> 1486 </table> 1487 1488 1489 <h3 id="eop-in-nvidia-gpu-driver-3"> NVIDIA </h3> 1490 <p> 1491 . , . 1492 </p> 1493 1494 <table> 1495 <col width="19%"> 1496 <col width="20%"> 1497 <col width="10%"> 1498 <col width="23%"> 1499 <col width="17%"> 1500 <tr> 1501 <th>CVE</th> 1502 <th></th> 1503 <th> </th> 1504 <th> Google</th> 1505 <th> </th> 1506 </tr> 1507 <tr> 1508 <td>CVE-2016-8449</td> 1509 <td>A-31798848*<br> 1510 N-CVE-2016-8449</td> 1511 <td></td> 1512 <td>Nexus9</td> 1513 <td>28 2016.</td> 1514 </tr> 1515 </table> 1516 <p> 1517 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1518 </p> 1519 1520 1521 <h3 id="eop-in-qualcomm-sound-driver"> Qualcomm</h3> 1522 <p> 1523 . , . 1524 </p> 1525 1526 <table> 1527 <col width="19%"> 1528 <col width="20%"> 1529 <col width="10%"> 1530 <col width="23%"> 1531 <col width="17%"> 1532 <tr> 1533 <th>CVE</th> 1534 <th></th> 1535 <th> </th> 1536 <th> Google</th> 1537 <th> </th> 1538 </tr> 1539 <tr> 1540 <td>CVE-2016-8450</td> 1541 <td>A-32450563<br> 1542 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb"> 1543 QC-CR#880388</a></td> 1544 <td></td> 1545 <td>Nexus5X, Nexus6, Nexus6P, Android One</td> 1546 <td>13 2016.</td> 1547 </tr> 1548 </table> 1549 1550 1551 <h3 id="eop-in-synaptics-touchscreen-driver"> Synaptics</h3> 1552 <p> 1553 . , . 1554 </p> 1555 1556 <table> 1557 <col width="19%"> 1558 <col width="20%"> 1559 <col width="10%"> 1560 <col width="23%"> 1561 <col width="17%"> 1562 <tr> 1563 <th>CVE</th> 1564 <th></th> 1565 <th> </th> 1566 <th> Google</th> 1567 <th> </th> 1568 </tr> 1569 <tr> 1570 <td>CVE-2016-8451</td> 1571 <td>A-32178033*</td> 1572 <td></td> 1573 <td>**</td> 1574 <td>13 2016.</td> 1575 </tr> 1576 </table> 1577 <p> 1578 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1579 </p> 1580 <p> 1581 ** Google Android7.0, . 1582 </p> 1583 1584 1585 <h3 id="eop-in-kernel-security-subsystem"> </h3> 1586 <p> 1587 . , . 1588 </p> 1589 1590 <table> 1591 <col width="19%"> 1592 <col width="20%"> 1593 <col width="10%"> 1594 <col width="23%"> 1595 <col width="17%"> 1596 <tr> 1597 <th>CVE</th> 1598 <th></th> 1599 <th> </th> 1600 <th> Google</th> 1601 <th> </th> 1602 </tr> 1603 <tr> 1604 <td>CVE-2016-7042</td> 1605 <td>A-32178986<br> 1606 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc"> 1607 Upstream kernel</a></td> 1608 <td></td> 1609 <td>Pixel</td> 1610 <td>14 2016.</td> 1611 </tr> 1612 </table> 1613 1614 1615 <h3 id="eop-in-kernel-performance-subsystem"> </h3> 1616 <p> 1617 . , . 1618 </p> 1619 1620 <table> 1621 <col width="19%"> 1622 <col width="20%"> 1623 <col width="10%"> 1624 <col width="23%"> 1625 <col width="17%"> 1626 <tr> 1627 <th>CVE</th> 1628 <th></th> 1629 <th> </th> 1630 <th> Google</th> 1631 <th> </th> 1632 </tr> 1633 <tr> 1634 <td>CVE-2017-0403</td> 1635 <td>A-32402548*</td> 1636 <td></td> 1637 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, AndroidOne, PixelC, Nexus Player, Pixel, PixelXL</td> 1638 <td>25 2016.</td> 1639 </tr> 1640 </table> 1641 <p> 1642 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1643 </p> 1644 1645 1646 <h3 id="eop-in-kernel-sound-subsystem"> </h3> 1647 <p> 1648 . , . 1649 </p> 1650 1651 <table> 1652 <col width="19%"> 1653 <col width="20%"> 1654 <col width="10%"> 1655 <col width="23%"> 1656 <col width="17%"> 1657 <tr> 1658 <th>CVE</th> 1659 <th></th> 1660 <th> </th> 1661 <th> Google</th> 1662 <th> </th> 1663 </tr> 1664 <tr> 1665 <td>CVE-2017-0404</td> 1666 <td>A-32510733*</td> 1667 <td></td> 1668 <td>Nexus5X, Nexus6P, Nexus9, PixelC, Nexus Player, Pixel, PixelXL</td> 1669 <td>27 2016.</td> 1670 </tr> 1671 </table> 1672 <p> 1673 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1674 </p> 1675 1676 1677 <h3 id="eop-in-qualcomm-wi-fi-driver-2"> Wi-Fi- Qualcomm</h3> 1678 <p> 1679 . , . 1680 </p> 1681 1682 <table> 1683 <col width="19%"> 1684 <col width="20%"> 1685 <col width="10%"> 1686 <col width="23%"> 1687 <col width="17%"> 1688 <tr> 1689 <th>CVE</th> 1690 <th></th> 1691 <th> </th> 1692 <th> Google</th> 1693 <th> </th> 1694 </tr> 1695 <tr> 1696 <td>CVE-2016-8452</td> 1697 <td>A-32506396<br> 1698 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526"> 1699 QC-CR#1050323</a></td> 1700 <td></td> 1701 <td>Nexus5X, Android One, Pixel, PixelXL</td> 1702 <td>28 2016.</td> 1703 </tr> 1704 </table> 1705 1706 1707 <h3 id="eop-in-qualcomm-radio-driver"> Qualcomm</h3> 1708 <p> 1709 . , . 1710 </p> 1711 1712 <table> 1713 <col width="19%"> 1714 <col width="20%"> 1715 <col width="10%"> 1716 <col width="23%"> 1717 <col width="17%"> 1718 <tr> 1719 <th>CVE</th> 1720 <th></th> 1721 <th> </th> 1722 <th> Google</th> 1723 <th> </th> 1724 </tr> 1725 <tr> 1726 <td>CVE-2016-5345</td> 1727 <td>A-32639452<br> 1728 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6"> 1729 QC-CR#1079713</a></td> 1730 <td></td> 1731 <td>AndroidOne</td> 1732 <td>3 2016.</td> 1733 </tr> 1734 </table> 1735 1736 1737 <h3 id="eop-in-kernel-profiling-subsystem"> </h3> 1738 <p> 1739 . , . 1740 </p> 1741 1742 <table> 1743 <col width="19%"> 1744 <col width="20%"> 1745 <col width="10%"> 1746 <col width="23%"> 1747 <col width="17%"> 1748 <tr> 1749 <th>CVE</th> 1750 <th></th> 1751 <th> </th> 1752 <th> Google</th> 1753 <th> </th> 1754 </tr> 1755 <tr> 1756 <td>CVE-2016-9754</td> 1757 <td>A-32659848<br> 1758 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6"> 1759 Upstream kernel</a></td> 1760 <td></td> 1761 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Android One, PixelC, Nexus Player</td> 1762 <td>4 2016.</td> 1763 </tr> 1764 </table> 1765 1766 1767 <h3 id="eop-in-broadcom-wi-fi-driver"> Wi-Fi- Broadcom</h3> 1768 <p> 1769 . , . 1770 </p> 1771 1772 <table> 1773 <col width="19%"> 1774 <col width="20%"> 1775 <col width="10%"> 1776 <col width="23%"> 1777 <col width="17%"> 1778 <tr> 1779 <th>CVE</th> 1780 <th></th> 1781 <th> </th> 1782 <th> Google</th> 1783 <th> </th> 1784 </tr> 1785 <tr> 1786 <td>CVE-2016-8453 1787 </td> 1788 <td>A-24739315*<br> 1789 B-RB#73392</td> 1790 <td></td> 1791 <td>Nexus6</td> 1792 <td> Google</td> 1793 </tr> 1794 <tr> 1795 <td>CVE-2016-8454</td> 1796 <td>A-32174590*<br> 1797 B-RB#107142</td> 1798 <td></td> 1799 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 1800 <td>14 2016.</td> 1801 </tr> 1802 <tr> 1803 <td>CVE-2016-8455</td> 1804 <td>A-32219121*<br> 1805 B-RB#106311</td> 1806 <td></td> 1807 <td>Nexus6P</td> 1808 <td>15 2016.</td> 1809 </tr> 1810 <tr> 1811 <td>CVE-2016-8456</td> 1812 <td>A-32219255*<br> 1813 B-RB#105580</td> 1814 <td></td> 1815 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 1816 <td>15 2016.</td> 1817 </tr> 1818 <tr> 1819 <td>CVE-2016-8457</td> 1820 <td>A-32219453*<br> 1821 B-RB#106116</td> 1822 <td></td> 1823 <td>Nexus6, Nexus6P, Nexus9, PixelC</td> 1824 <td>15 2016.</td> 1825 </tr> 1826 </table> 1827 <p> 1828 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1829 </p> 1830 1831 1832 <h3 id="eop-in-synaptics-touchscreen-driver-2"> Synaptics</h3> 1833 <p> 1834 . , . 1835 </p> 1836 1837 <table> 1838 <col width="19%"> 1839 <col width="20%"> 1840 <col width="10%"> 1841 <col width="23%"> 1842 <col width="17%"> 1843 <tr> 1844 <th>CVE</th> 1845 <th></th> 1846 <th> </th> 1847 <th> Google</th> 1848 <th> </th> 1849 </tr> 1850 <tr> 1851 <td>CVE-2016-8458</td> 1852 <td>A-31968442*</td> 1853 <td></td> 1854 <td>Nexus5X, Nexus6P, Nexus9, AndroidOne, Pixel, PixelXL</td> 1855 <td> Google</td> 1856 </tr> 1857 </table> 1858 <p> 1859 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1860 </p> 1861 1862 1863 <h3 id="id-in-nvidia-video-driver"> NVIDIA</h3> 1864 <p> 1865 . 1866 - . 1867 </p> 1868 1869 <table> 1870 <col width="19%"> 1871 <col width="20%"> 1872 <col width="10%"> 1873 <col width="23%"> 1874 <col width="17%"> 1875 <tr> 1876 <th>CVE</th> 1877 <th></th> 1878 <th> </th> 1879 <th> Google</th> 1880 <th> </th> 1881 </tr> 1882 <tr> 1883 <td>CVE-2016-8460</td> 1884 <td>A-31668540*<br> 1885 N-CVE-2016-8460</td> 1886 <td></td> 1887 <td>Nexus9</td> 1888 <td>21 2016.</td> 1889 </tr> 1890 </table> 1891 <p> 1892 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1893 </p> 1894 1895 1896 <h3 id="id-in-bootloader"> </h3> 1897 <p> 1898 , , . - . 1899 </p> 1900 1901 <table> 1902 <col width="19%"> 1903 <col width="20%"> 1904 <col width="10%"> 1905 <col width="23%"> 1906 <col width="17%"> 1907 <tr> 1908 <th>CVE</th> 1909 <th></th> 1910 <th> </th> 1911 <th> Google</th> 1912 <th> </th> 1913 </tr> 1914 <tr> 1915 <td>CVE-2016-8461</td> 1916 <td>A-32369621*</td> 1917 <td></td> 1918 <td>Nexus9, Pixel, PixelXL</td> 1919 <td>21 2016.</td> 1920 </tr> 1921 <tr> 1922 <td>CVE-2016-8462</td> 1923 <td>A-32510383*</td> 1924 <td></td> 1925 <td>Pixel, PixelXL</td> 1926 <td>27 2016.</td> 1927 </tr> 1928 </table> 1929 <p> 1930 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1931 </p> 1932 1933 1934 <h3 id="dos-in-qualcomm-fuse-file-system"> FUSE Qualcomm</h3> 1935 <p> 1936 . , . 1937 </p> 1938 1939 <table> 1940 <col width="19%"> 1941 <col width="20%"> 1942 <col width="10%"> 1943 <col width="23%"> 1944 <col width="17%"> 1945 <tr> 1946 <th>CVE</th> 1947 <th></th> 1948 <th> </th> 1949 <th> Google</th> 1950 <th> </th> 1951 </tr> 1952 <tr> 1953 <td>CVE-2016-8463</td> 1954 <td>A-30786860<br> 1955 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10"> 1956 QC-CR#586855</a></td> 1957 <td></td> 1958 <td>*</td> 1959 <td>3 2016.</td> 1960 </tr> 1961 </table> 1962 <p> 1963 * Google Android7.0, . 1964 </p> 1965 1966 1967 <h3 id="dos-in-bootloader"> </h3> 1968 <p> 1969 . , . , . 1970 </p> 1971 1972 <table> 1973 <col width="19%"> 1974 <col width="20%"> 1975 <col width="10%"> 1976 <col width="23%"> 1977 <col width="17%"> 1978 <tr> 1979 <th>CVE</th> 1980 <th></th> 1981 <th> </th> 1982 <th> Google</th> 1983 <th> </th> 1984 </tr> 1985 <tr> 1986 <td>CVE-2016-8467</td> 1987 <td>A-30308784*</td> 1988 <td></td> 1989 <td>Nexus6, Nexus6P</td> 1990 <td>29 2016.</td> 1991 </tr> 1992 </table> 1993 <p> 1994 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1995 </p> 1996 1997 1998 <h3 id="eop-in-broadcom-wi-fi-driver-2"> Wi-Fi- Broadcom</h3> 1999 <p> 2000 . , , . 2001 </p> 2002 2003 <table> 2004 <col width="19%"> 2005 <col width="20%"> 2006 <col width="10%"> 2007 <col width="23%"> 2008 <col width="17%"> 2009 <tr> 2010 <th>CVE</th> 2011 <th></th> 2012 <th> </th> 2013 <th> Google</th> 2014 <th> </th> 2015 </tr> 2016 <tr> 2017 <td>CVE-2016-8464</td> 2018 <td>A-29000183*<br> 2019 B-RB#106314</td> 2020 <td></td> 2021 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 2022 <td>26 2016.</td> 2023 </tr> 2024 <tr> 2025 <td>CVE-2016-8466</td> 2026 <td>A-31822524*<br> 2027 B-RB#105268</td> 2028 <td></td> 2029 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 2030 <td>28 2016.</td> 2031 </tr> 2032 <tr> 2033 <td>CVE-2016-8465</td> 2034 <td>A-32474971*<br> 2035 B-RB#106053</td> 2036 <td></td> 2037 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 2038 <td>27 2016.</td> 2039 </tr> 2040 </table> 2041 <p> 2042 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2043 </p> 2044 2045 2046 <h3 id="eop-in-bootloader"> </h3> 2047 <p> 2048 , , . , (, , ). 2049 </p> 2050 2051 <table> 2052 <col width="19%"> 2053 <col width="20%"> 2054 <col width="10%"> 2055 <col width="23%"> 2056 <col width="17%"> 2057 <tr> 2058 <th>CVE</th> 2059 <th></th> 2060 <th> </th> 2061 <th> Google</th> 2062 <th> </th> 2063 </tr> 2064 <tr> 2065 <td>CVE-2016-8467</td> 2066 <td>A-30308784*</td> 2067 <td></td> 2068 <td>Nexus6, Nexus6P</td> 2069 <td>29 2016.</td> 2070 </tr> 2071 </table> 2072 <p> 2073 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2074 </p> 2075 2076 2077 <h3 id="eop-in-binder"> Binder</h3> 2078 <p> 2079 . , , . 2080 </p> 2081 2082 <table> 2083 <col width="19%"> 2084 <col width="20%"> 2085 <col width="10%"> 2086 <col width="23%"> 2087 <col width="17%"> 2088 <tr> 2089 <th>CVE</th> 2090 <th></th> 2091 <th> </th> 2092 <th> Google</th> 2093 <th> </th> 2094 </tr> 2095 <tr> 2096 <td>CVE-2016-8468</td> 2097 <td>A-32394425*</td> 2098 <td></td> 2099 <td>PixelC, Pixel, PixelXL</td> 2100 <td> Google</td> 2101 </tr> 2102 </table> 2103 <p> 2104 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2105 </p> 2106 2107 2108 <h3 id="id-in-nvidia-camera-driver"> NVIDIA </h3> 2109 <p> 2110 . 2111 , . 2112 </p> 2113 2114 <table> 2115 <col width="19%"> 2116 <col width="20%"> 2117 <col width="10%"> 2118 <col width="23%"> 2119 <col width="17%"> 2120 <tr> 2121 <th>CVE</th> 2122 <th></th> 2123 <th> </th> 2124 <th> Google</th> 2125 <th> </th> 2126 </tr> 2127 <tr> 2128 <td>CVE-2016-8469</td> 2129 <td>A-31351206*<br> 2130 N-CVE-2016-8469</td> 2131 <td></td> 2132 <td>Nexus9</td> 2133 <td>7 2016.</td> 2134 </tr> 2135 </table> 2136 <p> 2137 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2138 </p> 2139 2140 2141 <h3 id="id-in-mediatek-driver"> MediaTek</h3> 2142 <p> 2143 . 2144 , . 2145 </p> 2146 2147 <table> 2148 <col width="19%"> 2149 <col width="20%"> 2150 <col width="10%"> 2151 <col width="23%"> 2152 <col width="17%"> 2153 <tr> 2154 <th>CVE</th> 2155 <th></th> 2156 <th> </th> 2157 <th> Google</th> 2158 <th> </th> 2159 </tr> 2160 <tr> 2161 <td>CVE-2016-8470</td> 2162 <td>A-31528889*<br> 2163 MT-ALPS02961395</td> 2164 <td></td> 2165 <td>**</td> 2166 <td>15 2016.</td> 2167 </tr> 2168 <tr> 2169 <td>CVE-2016-8471</td> 2170 <td>A-31528890*<br> 2171 MT-ALPS02961380</td> 2172 <td></td> 2173 <td>**</td> 2174 <td>15 2016.</td> 2175 </tr> 2176 <tr> 2177 <td>CVE-2016-8472</td> 2178 <td>A-31531758*<br> 2179 MT-ALPS02961384</td> 2180 <td></td> 2181 <td>**</td> 2182 <td>15 2016.</td> 2183 </tr> 2184 </table> 2185 <p> 2186 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2187 </p> 2188 <p> 2189 ** Google Android7.0, . 2190 </p> 2191 2192 2193 <h3 id="id-in-stmicroelectronics-driver"> STMicroelectronics</h3> 2194 <p> 2195 . , . 2196 </p> 2197 2198 <table> 2199 <col width="19%"> 2200 <col width="20%"> 2201 <col width="10%"> 2202 <col width="23%"> 2203 <col width="17%"> 2204 <tr> 2205 <th>CVE</th> 2206 <th></th> 2207 <th> </th> 2208 <th> Google</th> 2209 <th> </th> 2210 </tr> 2211 <tr> 2212 <td>CVE-2016-8473</td> 2213 <td>A-31795790*</td> 2214 <td></td> 2215 <td>Nexus5X, Nexus6P</td> 2216 <td>28 2016.</td> 2217 </tr> 2218 <tr> 2219 <td>CVE-2016-8474</td> 2220 <td>A-31799972*</td> 2221 <td></td> 2222 <td>Nexus5X, Nexus6P</td> 2223 <td>28 2016.</td> 2224 </tr> 2225 </table> 2226 <p> 2227 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2228 </p> 2229 2230 2231 <h3 id="id-in-qualcomm-audio-post-processor-"> Qualcomm </h3> 2232 <p> 2233 . - . 2234 </p> 2235 2236 <table> 2237 <col width="18%"> 2238 <col width="17%"> 2239 <col width="10%"> 2240 <col width="19%"> 2241 <col width="18%"> 2242 <col width="17%"> 2243 <tr> 2244 <th>CVE</th> 2245 <th></th> 2246 <th> </th> 2247 <th> Google</th> 2248 <th> AOSP</th> 2249 <th> </th> 2250 </tr> 2251 <tr> 2252 <td>CVE-2017-0399 2253 </td> 2254 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32588756</a> 2255 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2256 <td></td> 2257 <td></td> 2258 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2259 <td>18 2016.</td> 2260 </tr> 2261 <tr> 2262 <td>CVE-2017-0400</td> 2263 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32438598</a> 2264 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2265 </td> 2266 <td></td> 2267 <td></td> 2268 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2269 <td>25 2016.</td> 2270 </tr> 2271 <tr> 2272 <td>CVE-2017-0401</td> 2273 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 2274 A-32588016</a> 2275 </td> 2276 <td></td> 2277 <td></td> 2278 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2279 <td>26 2016.</td> 2280 </tr> 2281 <tr> 2282 <td>CVE-2017-0402</td> 2283 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32588352</a> 2284 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2285 </td> 2286 <td></td> 2287 <td></td> 2288 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2289 <td>25 2016.</td> 2290 </tr> 2291 </table> 2292 2293 2294 <h3 id="id-in-htc-input-driver"> HTC</h3> 2295 <p> 2296 . 2297 , . 2298 </p> 2299 2300 <table> 2301 <col width="19%"> 2302 <col width="20%"> 2303 <col width="10%"> 2304 <col width="23%"> 2305 <col width="17%"> 2306 <tr> 2307 <th>CVE</th> 2308 <th></th> 2309 <th> </th> 2310 <th> Google</th> 2311 <th> </th> 2312 </tr> 2313 <tr> 2314 <td>CVE-2016-8475</td> 2315 <td>A-32591129*</td> 2316 <td></td> 2317 <td>Pixel, PixelXL</td> 2318 <td>30 2016.</td> 2319 </tr> 2320 </table> 2321 <p> 2322 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2323 </p> 2324 2325 2326 <h3 id="dos-in-kernel-file-system"> </h3> 2327 <p> 2328 . , , . 2329 </p> 2330 2331 <table> 2332 <col width="19%"> 2333 <col width="20%"> 2334 <col width="10%"> 2335 <col width="23%"> 2336 <col width="17%"> 2337 <tr> 2338 <th>CVE</th> 2339 <th></th> 2340 <th> </th> 2341 <th> Google</th> 2342 <th> </th> 2343 </tr> 2344 <tr> 2345 <td>CVE-2014-9420</td> 2346 <td>A-32477499<br> 2347 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d"> 2348 Upstream kernel</a></td> 2349 <td></td> 2350 <td>Pixel</td> 2351 <td>25 2014.</td> 2352 </tr> 2353 </table> 2354 2355 <h2 id="common-questions-and-answers"> </h2> 2356 <p> , 2357 .</p> 2358 2359 <p><strong>1. , , ? 2360 </strong></p> 2361 2362 <p> , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>.</p> 2363 <ul> 2364 <li> 1 2017 , 2017-01-01.</li> 2365 <li> 5 2017 , 2017-01-05.</li> 2366 </ul> 2367 <p> , , :</p> 2368 <ul> 2369 <li>[ro.build.version.security_patch]:[2017-01-01];</li> 2370 <li>[ro.build.version.security_patch]:[2017-01-05].</li> 2371 </ul> 2372 <p><strong>2. ?</strong></p> 2373 2374 <p> , , Android. Android .</p> 2375 <ul> 2376 <li> 1 2017 , , .</li> 2377 <li> 5 2017 , .</li> 2378 </ul> 2379 <p> .</p> 2380 2381 <p><strong>3. , Google ?</strong></p> 2382 2383 <p> <a href="#2017-01-01-details">2017-01-01</a> <a href="#2017-01-05-details">2017-01-05</a> <em> Google</em>. , .</p> 2384 <ul> 2385 <li><strong> .</strong> <em></em> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> Google</a>: Nexus5X, Nexus6, Nexus6P, Nexus7 (2013), Nexus9, Android One, Nexus Player, PixelC, Pixel PixelXL.</li> 2386 <li><strong> .</strong> <em></em> , .</li> 2387 <li><strong>.</strong> Google.<em></em></li> 2388 </ul> 2389 <p><strong>4. ""?</strong></p> 2390 2391 <p> <em></em>. 2392 , 2393 , :</p> 2394 2395 <table> 2396 <tr> 2397 <th></th> 2398 <th></th> 2399 </tr> 2400 <tr> 2401 <td>A-</td> 2402 <td> Android</td> 2403 </tr> 2404 <tr> 2405 <td>QC-</td> 2406 <td> Qualcomm</td> 2407 </tr> 2408 <tr> 2409 <td>M-</td> 2410 <td> MediaTek</td> 2411 </tr> 2412 <tr> 2413 <td>N-</td> 2414 <td> NVIDIA</td> 2415 </tr> 2416 <tr> 2417 <td>B-</td> 2418 <td> Broadcom</td> 2419 </tr> 2420 </table> 2421 <h2 id="revisions"></h2> 2422 <ul> 2423 <li>3 2017. .</li> 2424 <li>4 2017. AOSP.</li> 2425 <li>5 2017. AOSP 7.1 7.1.1.</li> 2426 </ul> 2427
