1 page.title=Android 2016 7 2 @jd:body 3 <!-- 4 Copyright 2016 The Android Open Source Project 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 http://www.apache.org/licenses/LICENSE-2.0 9 Unless required by applicable law or agreed to in writing, software 10 distributed under the License is distributed on an "AS IS" BASIS, 11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 See the License for the specific language governing permissions and 13 limitations under the License. 14 --> 15 16 <p><em>2016 7 6 | 2016 7 14 </em></p> 17 <p>Android Android Google OTA Nexus Nexus <a href="https://developers.google.com/android/nexus/images">Google </a>2016 7 5 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a></p> 18 <p> 2016 6 6 () Android (AOSP) AOSP </p> 19 20 <p></p> 21 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> ( SafetyNet) Android <a href="">Android Google </a></p> 22 <p></p> 23 <h2 id="announcements"></h2> 24 <ul> 25 <li> Android Android <a href="#common-questions-and-answers"></a> 26 <ul> 27 <li><strong>2016-07-01</strong> 2016-07-01 28 <li><strong>2016-07-05</strong> 2016-07-01 2016-07-05 </li> 29 </li></ul> 30 </li> 31 <li> Nexus 2016 7 5 OTA </li> 32 </ul> 33 <h2 id="security_vulnerability_summary"></h2> 34 <p> ID (CVE) Nexus <a href="{@docRoot}security/overview/updates-resources.html#severity"></a></p> 35 36 <h3 id="2016-07-01_summary">2016-07-01 </h3> 37 <p>2016-07-01 </p> 38 39 <table> 40 <col width="55%"> 41 <col width="20%"> 42 <col width="13%"> 43 <col width="12%"> 44 <tr> 45 <th></th> 46 <th>CVE</th> 47 <th></th> 48 <th> Nexus </th> 49 </tr> 50 <tr> 51 <td></td> 52 <td>CVE-2016-2506CVE-2016-2505CVE-2016-2507CVE-2016-2508CVE-2016-3741CVE-2016-3742CVE-2016-3743</td> 53 <td></td> 54 <td></td> 55 </tr> 56 <tr> 57 <td>OpenSSL BoringSSL </td> 58 <td>CVE-2016-2108</td> 59 <td></td> 60 <td></td> 61 </tr> 62 <tr> 63 <td></td> 64 <td>CVE-2016-3744</td> 65 <td></td> 66 <td></td> 67 </tr> 68 <tr> 69 <td>libpng </td> 70 <td>CVE-2016-3751</td> 71 <td></td> 72 <td></td> 73 </tr> 74 <tr> 75 <td></td> 76 <td>CVE-2016-3745CVE-2016-3746CVE-2016-3747</td> 77 <td></td> 78 <td></td> 79 </tr> 80 <tr> 81 <td></td> 82 <td>CVE-2016-3748</td> 83 <td></td> 84 <td></td> 85 </tr> 86 <tr> 87 <td></td> 88 <td>CVE-2016-3749</td> 89 <td></td> 90 <td></td> 91 </tr> 92 <tr> 93 <td>Framework API </td> 94 <td>CVE-2016-3750</td> 95 <td></td> 96 <td></td> 97 </tr> 98 <tr> 99 <td>ChooserTarget </td> 100 <td>CVE-2016-3752</td> 101 <td></td> 102 <td></td> 103 </tr> 104 <tr> 105 <td></td> 106 <td>CVE-2016-3753</td> 107 <td></td> 108 <td>*</td> 109 </tr> 110 <tr> 111 <td>OpenSSL </td> 112 <td>CVE-2016-2107</td> 113 <td></td> 114 <td>*</td> 115 </tr> 116 <tr> 117 <td></td> 118 <td>CVE-2016-3754CVE-2016-3755, CVE-2016-3756</td> 119 <td></td> 120 <td></td> 121 </tr> 122 <tr> 123 <td>libc </td> 124 <td>CVE-2016-3818</td> 125 <td></td> 126 <td>*</td> 127 </tr> 128 <tr> 129 <td>lsof </td> 130 <td>CVE-2016-3757</td> 131 <td></td> 132 <td></td> 133 </tr> 134 <tr> 135 <td>DexClassLoader </td> 136 <td>CVE-2016-3758</td> 137 <td></td> 138 <td></td> 139 </tr> 140 <tr> 141 <td>Framework API </td> 142 <td>CVE-2016-3759</td> 143 <td></td> 144 <td></td> 145 </tr> 146 <tr> 147 <td></td> 148 <td>CVE-2016-3760</td> 149 <td></td> 150 <td></td> 151 </tr> 152 <tr> 153 <td>NFC </td> 154 <td>CVE-2016-3761</td> 155 <td></td> 156 <td></td> 157 </tr> 158 <tr> 159 <td></td> 160 <td>CVE-2016-3762</td> 161 <td></td> 162 <td></td> 163 </tr> 164 <tr> 165 <td>Proxy </td> 166 <td>CVE-2016-3763</td> 167 <td></td> 168 <td></td> 169 </tr> 170 <tr> 171 <td></td> 172 <td>CVE-2016-3764CVE-2016-3765</td> 173 <td></td> 174 <td></td> 175 </tr> 176 <tr> 177 <td></td> 178 <td>CVE-2016-3766</td> 179 <td></td> 180 <td></td> 181 </tr> 182 </table> 183 <p>* Nexus </p> 184 185 186 <h3 id="2016-07-05_summary">2016-07-05 </h3> 187 <p>2016-07-05 2016-07-01 </p> 188 189 <table> 190 <col width="55%"> 191 <col width="20%"> 192 <col width="13%"> 193 <col width="12%"> 194 <tr> 195 <th></th> 196 <th>CVE</th> 197 <th></th> 198 <th> Nexus </th> 199 </tr> 200 <tr> 201 <td>Qualcomm GPU 202 ()</td> 203 <td>CVE-2016-2503CVE-2016-2067</td> 204 <td></td> 205 <td></td> 206 </tr> 207 <tr> 208 <td>MediaTek Wi-Fi 209 ()</td> 210 <td>CVE-2016-3767</td> 211 <td></td> 212 <td></td> 213 </tr> 214 <tr> 215 <td>Qualcomm 216 ()</td> 217 <td>CVE-2016-3768</td> 218 <td></td> 219 <td></td> 220 </tr> 221 <tr> 222 <td>NVIDIA 223 ()</td> 224 <td>CVE-2016-3769</td> 225 <td></td> 226 <td></td> 227 </tr> 228 <tr> 229 <td>MediaTek 230 ()</td> 231 <td>CVE-2016-3770CVE-2016-3771CVE-2016-3772CVE-2016-3773CVE-2016-3774</td> 232 <td></td> 233 <td></td> 234 </tr> 235 <tr> 236 <td> 237 ()</td> 238 <td>CVE-2016-3775</td> 239 <td></td> 240 <td></td> 241 </tr> 242 <tr> 243 <td>USB ()</td> 244 <td>CVE-2015-8816</td> 245 <td></td> 246 <td></td> 247 </tr> 248 <tr> 249 <td>Qualcomm 250 ()</td> 251 <td>CVE-2014-9794CVE-2014-9795CVE-2015-8892CVE-2013-7457CVE-2014-9781CVE-2014-9786CVE-2014-9788CVE-2014-9779CVE-2014-9780CVE-2014-9789CVE-2014-9793CVE-2014-9782CVE-2014-9783CVE-2014-9785CVE-2014-9787CVE-2014-9784CVE-2014-9777CVE-2014-9778CVE-2014-9790CVE-2014-9792CVE-2014-9797CVE-2014-9791CVE-2014-9796CVE-2014-9800CVE-2014-9799CVE-2014-9801CVE-2014-9802CVE-2015-8891CVE-2015-8888CVE-2015-8889CVE-2015-8890</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td>Qualcomm USB 257 ()</td> 258 <td>CVE-2016-2502</td> 259 <td></td> 260 <td></td> 261 </tr> 262 <tr> 263 <td>Qualcomm Wi-Fi 264 ()</td> 265 <td>CVE-2016-3792</td> 266 <td></td> 267 <td></td> 268 </tr> 269 <tr> 270 <td>Qualcomm 271 ()</td> 272 <td>CVE-2016-2501</td> 273 <td></td> 274 <td></td> 275 </tr> 276 <tr> 277 <td>NVIDIA 278 ()</td> 279 <td>CVE-2016-3793</td> 280 <td></td> 281 <td></td> 282 </tr> 283 <tr> 284 <td>MediaTek 285 ()</td> 286 <td>CVE-2016-3795CVE-2016-3796</td> 287 <td></td> 288 <td></td> 289 </tr> 290 <tr> 291 <td>Qualcomm Wi-Fi 292 ()</td> 293 <td>CVE-2016-3797</td> 294 <td></td> 295 <td></td> 296 </tr> 297 <tr> 298 <td>MediaTek 299 ()</td> 300 <td>CVE-2016-3798</td> 301 <td></td> 302 <td></td> 303 </tr> 304 <tr> 305 <td>MediaTek 306 ()</td> 307 <td>CVE-2016-3799CVE-2016-3800</td> 308 <td></td> 309 <td></td> 310 </tr> 311 <tr> 312 <td>MediaTek GPS 313 ()</td> 314 <td>CVE-2016-3801</td> 315 <td></td> 316 <td></td> 317 </tr> 318 <tr> 319 <td> 320 ()</td> 321 <td>CVE-2016-3802CVE-2016-3803</td> 322 <td></td> 323 <td></td> 324 </tr> 325 <tr> 326 <td>MediaTek 327 ()</td> 328 <td>CVE-2016-3804CVE-2016-3805</td> 329 <td></td> 330 <td></td> 331 </tr> 332 <tr> 333 <td>MediaTek 334 ()</td> 335 <td>CVE-2016-3806</td> 336 <td></td> 337 <td></td> 338 </tr> 339 <tr> 340 <td> 341 ()</td> 342 <td>CVE-2016-3807CVE-2016-3808</td> 343 <td></td> 344 <td></td> 345 </tr> 346 <tr> 347 <td>Qualcomm 348 ()</td> 349 <td>CVE-2016-2068</td> 350 <td></td> 351 <td></td> 352 </tr> 353 <tr> 354 <td> ()</td> 355 <td>CVE-2014-9803</td> 356 <td></td> 357 <td></td> 358 </tr> 359 <tr> 360 <td> 361 ()</td> 362 <td>CVE-2016-3809</td> 363 <td></td> 364 <td></td> 365 </tr> 366 <tr> 367 <td>MediaTek Wi-Fi 368 ()</td> 369 <td>CVE-2016-3810</td> 370 <td></td> 371 <td></td> 372 </tr> 373 <tr> 374 <td> 375 ()</td> 376 <td>CVE-2016-3811</td> 377 <td></td> 378 <td></td> 379 </tr> 380 <tr> 381 <td>MediaTek 382 ()</td> 383 <td>CVE-2016-3812</td> 384 <td></td> 385 <td></td> 386 </tr> 387 <tr> 388 <td>Qualcomm USB 389 ()</td> 390 <td>CVE-2016-3813</td> 391 <td></td> 392 <td></td> 393 </tr> 394 <tr> 395 <td>NVIDIA 396 ()</td> 397 <td>CVE-2016-3814CVE-2016-3815</td> 398 <td></td> 399 <td></td> 400 </tr> 401 <tr> 402 <td>MediaTek 403 ()</td> 404 <td>CVE-2016-3816</td> 405 <td></td> 406 <td></td> 407 </tr> 408 <tr> 409 <td> 410 ()</td> 411 <td>CVE-2016-0723</td> 412 <td></td> 413 <td></td> 414 </tr> 415 <tr> 416 <td>Qualcomm 417 ()</td> 418 <td>CVE-2014-9798CVE-2015-8893</td> 419 <td></td> 420 <td></td> 421 </tr> 422 </table> 423 424 <h2 id="mitigations">Android Google </h2> 425 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android </p> 426 <ul> 427 <li>Android Android Android</li> 428 <li>Android <a href="{@docRoot}security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="{@docRoot}security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 429 <li>Google Hangouts Messenger </li> 430 </ul> 431 432 <h2 id="acknowledgements"></h2> 433 <p></p> 434 <ul> 435 <li>Google Chrome Abhishek AryaOliver Chang Martin Barbella 436 CVE-2016-3756CVE-2016-3741CVE-2016-3743CVE-2016-3742 437 <li>Check Point Software Technologies Ltd. Adam Donenfeld et al.CVE-2016-2503 438 <li>Google Adam PowellCVE-2016-3752 439 <li>Context Information Security Alex Chapman Paul StoneCVE-2016-3763 440 <li><a href="https://www.e2e-assure.com/">e2e-assure</a> Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>)CVE-2016-2457 441 <li>Google Project Zero CVE-2016-3775 442 <li><a href="http://c0reteam.org">C0RE </a> Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)Yuan-Tsung Lo (<a href="mailto:computernik (a] gmail.com">computernik (a] gmail.com</a>) Xuxian JiangCVE-2016-3770CVE-2016-3771CVE-2016-3772CVE-2016-3773CVE-2016-3774 443 <li>Google Christopher TateCVE-2016-3759 444 <li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-3762 445 <li><a href="http://www.360.com"> 360</a> IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) pjf (<a href="http://weibo.com/jfpan ">weibo.com/jfpan</a>)CVE-2016-3806CVE-2016-3816CVE-2016-3805CVE-2016-3804CVE-2016-3767CVE-2016-3810CVE-2016-3795CVE-2016-3796 446 <li>Google Android Greg KaiserCVE-2016-3758 447 <li><a href="http://www.360.com"> 360 </a> Guang Gong () (<a href="https://twitter.com/oldfresher">@oldfresher</a>) 448 CVE-2016-3764 449 <li><a href="http://www.360.com"> 360 </a> Hao Chen Guang GongCVE-2016-3792CVE-2016-3768 450 <li><a href="http://www.cmcm.com"></a> Hao Qin 451 CVE-2016-3754CVE-2016-3766 452 <li><a href="http://www.360.com"> 360</a> IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) pjf (<a href="http://weibo.com/jfpan ">weibo.com/jfpan</a>)CVE-2016-3814CVE-2016-3802CVE-2016-3769CVE-2016-3807CVE-2016-3808 453 <li>Google Marco NelissenCVE-2016-3818 454 <li>Google Project Zero Mark BrandCVE-2016-3757 455 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2016-3750 456 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3747CVE-2016-3746CVE-2016-3765 457 <li> Peng XiaoChengming YangNing YouChao Yang Yang SsongCVE-2016-3800CVE-2016-3799CVE-2016-3801CVE-2016-3812CVE-2016-3798 458 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>) 459 CVE-2016-3793 460 <li>Google Ricky WaiCVE-2016-3749 461 <li>Roeland KrakCVE-2016-3753 462 <li>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>) 463 CVE-2016-3797CVE-2016-3813CVE-2016-3815CVE-2016-2501CVE-2016-2502 464 <li>Vasily VasilevCVE-2016-2507 465 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>) 466 CVE-2016-2508CVE-2016-3755 467 <li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>)CVE-2016-3809 468 <li> Xiling GongCVE-2016-3745 469 <li> TCA Yacong Gu 470 CVE-2016-3761 471 <li> Xuanwu Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>)CVE-2016-2505 472 <li> Xuanwu Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>)CVE-2016-2506 473 <li> X- Yulong Zhang Tao (Lenx) WeiCVE-2016-3744 474 </li> 475 </li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 476 477 <h2 id="2016-07-01_details">2016-07-01 </h2> 478 <p> <a href="#2016-07-01_summary">2016-07-01 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 479 480 <h3 id="remote-code-execution-vulnerability-in-mediaserver"> 481 </h3> 482 <p></p> 483 <p></p> 484 485 <table> 486 <col width="19%"> 487 <col width="19%"> 488 <col width="10%"> 489 <col width="16%"> 490 <col width="17%"> 491 <col width="17%"> 492 <tr> 493 <th>CVE</th> 494 <th></th> 495 <th></th> 496 <th> Nexus </th> 497 <th> AOSP </th> 498 <th></th> 499 </tr> 500 <tr> 501 <td>CVE-2016-2506</td> 502 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/e248db02fbab2ee9162940bc19f087fd7d96cb9d"> 503 A-28175045</a></td> 504 <td></td> 505 <td><a href="#all_nexus"> Nexus </a></td> 506 <td>4.4.45.0.25.1.16.06.0.1</td> 507 <td>2016 4 11 </td> 508 </tr> 509 <tr> 510 <td>CVE-2016-2505</td> 511 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/4f236c532039a61f0cf681d2e3c6e022911bbb5c"> 512 A-28333006</a></td> 513 <td></td> 514 <td><a href="#all_nexus"> Nexus </a></td> 515 <td>6.06.0.1</td> 516 <td>2016 4 21 </td> 517 </tr> 518 <tr> 519 <td>CVE-2016-2507</td> 520 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/60547808ca4e9cfac50028c00c58a6ceb2319301"> 521 A-28532266</a></td> 522 <td></td> 523 <td><a href="#all_nexus"> Nexus </a></td> 524 <td>4.4.45.0.25.1.16.06.0.1</td> 525 <td>2016 5 2 </td> 526 </tr> 527 <tr> 528 <td>CVE-2016-2508</td> 529 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f"> 530 A-28799341</a> 531 [<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>] 532 </td> 533 <td></td> 534 <td><a href="#all_nexus"> Nexus </a></td> 535 <td>4.4.45.0.25.1.16.06.0.1</td> 536 <td>2016 5 16 </td> 537 </tr> 538 <tr> 539 <td>CVE-2016-3741</td> 540 <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795"> 541 A-28165661</a> 542 [<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>] 543 </td> 544 <td></td> 545 <td><a href="#all_nexus"> Nexus </a></td> 546 <td>6.06.0.1</td> 547 <td>Google </td> 548 </tr> 549 <tr> 550 <td>CVE-2016-3742</td> 551 <td><a href="https://android.googlesource.com/platform/external/libavc/+/a583270e1c96d307469c83dc42bd3c5f1b9ef63f"> 552 A-28165659</a> 553 </td> 554 <td></td> 555 <td><a href="#all_nexus"> Nexus </a></td> 556 <td>6.06.0.1</td> 557 <td>Google </td> 558 </tr> 559 <tr> 560 <td>CVE-2016-3743</td> 561 <td><a href="https://android.googlesource.com/platform/external/libavc/+/ecf6c7ce6d5a22d52160698aab44fc234c63291a"> 562 A-27907656</a> 563 </td> 564 <td></td> 565 <td><a href="#all_nexus"> Nexus </a></td> 566 <td>6.06.0.1</td> 567 <td>Google </td> 568 </tr> 569 </table> 570 571 572 <h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> 573 OpenSSL BoringSSL </h3> 574 <p>OpenSSL BoringSSL </p> 575 576 <table> 577 <col width="19%"> 578 <col width="16%"> 579 <col width="10%"> 580 <col width="19%"> 581 <col width="18%"> 582 <col width="16%"> 583 <tr> 584 <th>CVE</th> 585 <th></th> 586 <th></th> 587 <th> Nexus </th> 588 <th> AOSP </th> 589 <th></th> 590 </tr> 591 <tr> 592 <td>CVE-2016-2108</td> 593 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/74750e1fb24149043a533497f79c577b704d6e30"> 594 A-28175332</a> 595 </td> 596 <td></td> 597 <td><a href="#all_nexus"> Nexus </a></td> 598 <td>4.4.45.0.25.1.16.06.0.1</td> 599 <td>2016 5 3 </td> 600 </tr> 601 </table> 602 603 <h3 id="remote-code-execution-vulnerability-in-bluetooth"> 604 </h3> 605 <p></p> 606 607 <table> 608 <col width="19%"> 609 <col width="16%"> 610 <col width="10%"> 611 <col width="19%"> 612 <col width="18%"> 613 <col width="16%"> 614 <tr> 615 <th>CVE</th> 616 <th></th> 617 <th></th> 618 <th> Nexus </th> 619 <th> AOSP </th> 620 <th></th> 621 </tr> 622 <tr> 623 <td>CVE-2016-3744</td> 624 <td><a href="https://android.googlesource.com/platform/system/bt/+/514139f4b40cbb035bb92f3e24d5a389d75db9e6"> 625 A-27930580</a></td> 626 <td></td> 627 <td><a href="#all_nexus"> Nexus </a></td> 628 <td>4.4.45.0.25.1.16.06.0.1</td> 629 <td>2016 3 30 </td> 630 </tr> 631 </table> 632 633 <h3 id="elevation-of-privilege-vulnerability-in-libpng"> 634 libpng </h3> 635 <p>libpng ( <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ) </p> 636 637 <table> 638 <col width="19%"> 639 <col width="16%"> 640 <col width="10%"> 641 <col width="19%"> 642 <col width="18%"> 643 <col width="16%"> 644 <tr> 645 <th>CVE</th> 646 <th></th> 647 <th></th> 648 <th> Nexus </th> 649 <th> AOSP </th> 650 <th></th> 651 </tr> 652 <tr> 653 <td>CVE-2016-3751</td> 654 <td><a href="https://android.googlesource.com/platform/external/libpng/+/9d4853418ab2f754c2b63e091c29c5529b8b86ca"> 655 A-23265085</a> 656 </td> 657 <td></td> 658 <td><a href="#all_nexus"> Nexus </a></td> 659 <td>4.4.45.0.25.1.16.06.0.1</td> 660 <td>2015 12 3 </td> 661 </tr> 662 </table> 663 664 <h3 id="elevation-of-privilege-vulnerability-in-mediaserver"> 665 </h3> 666 <p> ( <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ) </p> 667 668 <table> 669 <col width="19%"> 670 <col width="16%"> 671 <col width="10%"> 672 <col width="19%"> 673 <col width="18%"> 674 <col width="16%"> 675 <tr> 676 <th>CVE</th> 677 <th></th> 678 <th></th> 679 <th> Nexus </th> 680 <th> AOSP </th> 681 <th></th> 682 </tr> 683 <tr> 684 <td>CVE-2016-3745</td> 685 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/073a80800f341325932c66818ce4302b312909a4"> 686 A-28173666</a> 687 </td> 688 <td></td> 689 <td><a href="#all_nexus"> Nexus </a></td> 690 <td>4.4.45.0.25.1.16.06.0.1</td> 691 <td>2016 4 10 </td> 692 </tr> 693 <tr> 694 <td>CVE-2016-3746</td> 695 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/5b82f4f90c3d531313714df4b936f92fb0ff15cf"> 696 A-27890802</a> 697 </td> 698 <td></td> 699 <td><a href="#all_nexus"> Nexus </a></td> 700 <td>4.4.45.0.25.1.16.06.0.1</td> 701 <td>2016 3 27 </td> 702 </tr> 703 <tr> 704 <td>CVE-2016-3747</td> 705 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/4ed06d14080d8667d5be14eed200e378cba78345"> 706 A-27903498</a> 707 </td> 708 <td></td> 709 <td><a href="#all_nexus"> Nexus </a></td> 710 <td>4.4.45.0.25.1.16.06.0.1</td> 711 <td>2016 3 28 </td> 712 </tr> 713 </table> 714 715 <h3 id="elevation-of-privilege-vulnerability-in-sockets"> 716 </h3> 717 <p></p> 718 719 <table> 720 <col width="19%"> 721 <col width="16%"> 722 <col width="10%"> 723 <col width="19%"> 724 <col width="18%"> 725 <col width="16%"> 726 <tr> 727 <th>CVE</th> 728 <th></th> 729 <th></th> 730 <th> Nexus </th> 731 <th> AOSP </th> 732 <th></th> 733 </tr> 734 <tr> 735 <td>CVE-2016-3748</td> 736 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/556bb0f55324e8839d7b735a0de9bc31028e839e"> 737 A-28171804</a> 738 </td> 739 <td></td> 740 <td><a href="#all_nexus"> Nexus </a></td> 741 <td>6.06.0.1</td> 742 <td>2016 4 13 </td> 743 </tr> 744 </table> 745 746 <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice"> 747 </h3> 748 <p></p> 749 750 <table> 751 <col width="19%"> 752 <col width="16%"> 753 <col width="10%"> 754 <col width="19%"> 755 <col width="17%"> 756 <col width="17%"> 757 <tr> 758 <th>CVE</th> 759 <th></th> 760 <th></th> 761 <th> Nexus </th> 762 <th> AOSP </th> 763 <th></th> 764 </tr> 765 <tr> 766 <td>CVE-2016-3749</td> 767 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e83f0f6a5a6f35323f5367f99c8e287c440f33f5"> 768 A-28163930</a> 769 </td> 770 <td></td> 771 <td><a href="#all_nexus"> Nexus </a></td> 772 <td>6.06.0.1</td> 773 <td>Google </td> 774 </tr> 775 </table> 776 777 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis"> 778 Framework API </h3> 779 <p>Parcels Framework API </p> 780 781 <table> 782 <col width="19%"> 783 <col width="16%"> 784 <col width="10%"> 785 <col width="19%"> 786 <col width="17%"> 787 <col width="17%"> 788 <tr> 789 <th>CVE</th> 790 <th></th> 791 <th></th> 792 <th> Nexus </th> 793 <th> AOSP </th> 794 <th></th> 795 </tr> 796 <tr> 797 <td>CVE-2016-3750</td> 798 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/54cb02ad733fb71b1bdf78590428817fb780aff8"> 799 A-28395952</a> 800 </td> 801 <td></td> 802 <td><a href="#all_nexus"> Nexus </a></td> 803 <td>4.4.45.0.25.1.16.06.0.1</td> 804 <td>2015 12 16 </td> 805 </tr> 806 </table> 807 808 <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service"> 809 ChooserTarget </h3> 810 <p>ChooserTarget </p> 811 812 <table> 813 <col width="19%"> 814 <col width="16%"> 815 <col width="10%"> 816 <col width="19%"> 817 <col width="17%"> 818 <col width="17%"> 819 <tr> 820 <th>CVE</th> 821 <th></th> 822 <th></th> 823 <th> Nexus </th> 824 <th> AOSP </th> 825 <th></th> 826 </tr> 827 <tr> 828 <td>CVE-2016-3752</td> 829 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ddbf2db5b946be8fdc45c7b0327bf560b2a06988"> 830 A-28384423</a> 831 </td> 832 <td></td> 833 <td><a href="#all_nexus"> Nexus </a></td> 834 <td>6.06.0.1</td> 835 <td>Google </td> 836 </tr> 837 </table> 838 839 <h3 id="information-disclosure-vulnerability-in-mediaserver"> 840 </h3> 841 <p></p> 842 843 <table> 844 <col width="19%"> 845 <col width="16%"> 846 <col width="10%"> 847 <col width="19%"> 848 <col width="18%"> 849 <col width="16%"> 850 <tr> 851 <th>CVE</th> 852 <th></th> 853 <th></th> 854 <th> Nexus </th> 855 <th> AOSP </th> 856 <th></th> 857 </tr> 858 <tr> 859 <td>CVE-2016-3753</td> 860 <td>A-27210135</td> 861 <td></td> 862 <td>*</td> 863 <td>4.4.4</td> 864 <td>2016 2 15 </td> 865 </tr> 866 </table> 867 <p>* Nexus </p> 868 869 <h3 id="information-disclosure-vulnerability-in-openssl"> 870 OpenSSL </h3> 871 <p>OpenSSL </p> 872 873 <table> 874 <col width="19%"> 875 <col width="16%"> 876 <col width="10%"> 877 <col width="19%"> 878 <col width="18%"> 879 <col width="16%"> 880 <tr> 881 <th>CVE</th> 882 <th></th> 883 <th></th> 884 <th> Nexus </th> 885 <th> AOSP </th> 886 <th></th> 887 </tr> 888 <tr> 889 <td>CVE-2016-2107</td> 890 <td>A-28550804</td> 891 <td></td> 892 <td>*</td> 893 <td>4.4.45.0.25.1.1</td> 894 <td>2016 4 13 </td> 895 </tr> 896 </table> 897 <p>* Nexus </p> 898 899 <h3 id="denial-of-service-vulnerability-in-mediaserver"> 900 </h3> 901 <p></p> 902 903 <table> 904 <col width="19%"> 905 <col width="19%"> 906 <col width="10%"> 907 <col width="16%"> 908 <col width="17%"> 909 <col width="17%"> 910 <tr> 911 <th>CVE</th> 912 <th></th> 913 <th></th> 914 <th> Nexus </th> 915 <th> AOSP </th> 916 <th></th> 917 </tr> 918 <tr> 919 <td>CVE-2016-3754</td> 920 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> 921 A-28615448</a> 922 [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] 923 </td> 924 <td></td> 925 <td><a href="#all_nexus"> Nexus </a></td> 926 <td>4.4.45.0.25.1.16.06.0.1</td> 927 <td>2016 5 5 </td> 928 </tr> 929 <tr> 930 <td>CVE-2016-3755</td> 931 <td><a href="https://android.googlesource.com/platform/external/libavc/+/d4841f1161bdb5e13cb19e81af42437a634dd6ef"> 932 A-28470138</a> 933 </td> 934 <td></td> 935 <td><a href="#all_nexus"> Nexus </a></td> 936 <td>6.06.0.1</td> 937 <td>2016 4 29 </td> 938 </tr> 939 <tr> 940 <td>CVE-2016-3756</td> 941 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/659030a2e80c38fb8da0a4eb68695349eec6778b"> 942 A-28556125</a> 943 </td> 944 <td></td> 945 <td><a href="#all_nexus"> Nexus </a></td> 946 <td>4.4.45.0.25.1.16.06.0.1</td> 947 <td>Google </td> 948 </tr> 949 </table> 950 951 <h3 id="denial-of-service-vulnerability-in-libc"> 952 libc </h3> 953 <p>libc </p> 954 955 <table> 956 <col width="19%"> 957 <col width="16%"> 958 <col width="10%"> 959 <col width="19%"> 960 <col width="17%"> 961 <col width="17%"> 962 <tr> 963 <th>CVE</th> 964 <th></th> 965 <th></th> 966 <th> Nexus </th> 967 <th> AOSP </th> 968 <th></th> 969 </tr> 970 <tr> 971 <td>CVE-2016-3818</td> 972 <td>A-28740702</td> 973 <td></td> 974 <td>*</td> 975 <td>4.4.4</td> 976 <td>Google </td> 977 </tr> 978 </table> 979 <p>* Nexus </p> 980 981 <h3 id="elevation-of-privilege-vulnerability-in-lsof"> 982 lsof </h3> 983 <p>lsof </p> 984 985 <table> 986 <col width="19%"> 987 <col width="16%"> 988 <col width="10%"> 989 <col width="19%"> 990 <col width="18%"> 991 <col width="16%"> 992 <tr> 993 <th>CVE</th> 994 <th></th> 995 <th></th> 996 <th> Nexus </th> 997 <th> AOSP </th> 998 <th></th> 999 </tr> 1000 <tr> 1001 <td>CVE-2016-3757</td> 1002 <td><a href="https://android.googlesource.com/platform/system/core/+/ae18eb014609948a40e22192b87b10efc680daa7"> 1003 A-28175237</a> 1004 </td> 1005 <td></td> 1006 <td><a href="#all_nexus"> Nexus </a></td> 1007 <td>4.4.45.0.25.1.16.06.0.1</td> 1008 <td>2016 4 11 </td> 1009 </tr> 1010 </table> 1011 1012 <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader"> 1013 DexClassLoader </h3> 1014 <p>DexClassLoader </p> 1015 1016 <table> 1017 <col width="19%"> 1018 <col width="16%"> 1019 <col width="10%"> 1020 <col width="19%"> 1021 <col width="17%"> 1022 <col width="17%"> 1023 <tr> 1024 <th>CVE</th> 1025 <th></th> 1026 <th></th> 1027 <th> Nexus </th> 1028 <th> AOSP </th> 1029 <th></th> 1030 </tr> 1031 <tr> 1032 <td>CVE-2016-3758</td> 1033 <td><a href="https://android.googlesource.com/platform/dalvik/+/338aeaf28e9981c15d0673b18487dba61eb5447c"> 1034 A-27840771</a> 1035 </td> 1036 <td></td> 1037 <td><a href="#all_nexus"> Nexus </a></td> 1038 <td>4.4.45.0.25.1.16.06.0.1</td> 1039 <td>Google </td> 1040 </tr> 1041 </table> 1042 1043 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2"> 1044 Framework API </h3> 1045 <p>Framework API </p> 1046 1047 <table> 1048 <col width="19%"> 1049 <col width="16%"> 1050 <col width="10%"> 1051 <col width="19%"> 1052 <col width="17%"> 1053 <col width="17%"> 1054 <tr> 1055 <th>CVE</th> 1056 <th></th> 1057 <th></th> 1058 <th> Nexus </th> 1059 <th> AOSP </th> 1060 <th></th> 1061 </tr> 1062 <tr> 1063 <td>CVE-2016-3759</td> 1064 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/9b8c6d2df35455ce9e67907edded1e4a2ecb9e28"> 1065 A-28406080</a> 1066 </td> 1067 <td></td> 1068 <td><a href="#all_nexus"> Nexus </a></td> 1069 <td>5.0.25.1.16.06.0.1</td> 1070 <td>Google </td> 1071 </tr> 1072 </table> 1073 1074 <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"> 1075 </h3> 1076 <p></p> 1077 1078 <table> 1079 <col width="19%"> 1080 <col width="16%"> 1081 <col width="10%"> 1082 <col width="19%"> 1083 <col width="18%"> 1084 <col width="16%"> 1085 <tr> 1086 <th>CVE</th> 1087 <th></th> 1088 <th></th> 1089 <th> Nexus </th> 1090 <th> AOSP </th> 1091 <th></th> 1092 </tr> 1093 <tr> 1094 <td>CVE-2016-3760</td> 1095 <td><a href="https://android.googlesource.com/platform/hardware/libhardware/+/8b3d5a64c3c8d010ad4517f652731f09107ae9c5">A-27410683</a> 1096 [<a href="https://android.googlesource.com/platform/system/bt/+/37c88107679d36c419572732b4af6e18bb2f7dce">2</a>] 1097 [<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>] 1098 </td> 1099 <td></td> 1100 <td><a href="#all_nexus"> Nexus </a></td> 1101 <td>5.0.25.1.16.06.0.1</td> 1102 <td>2016 2 29 </td> 1103 </tr> 1104 </table> 1105 1106 <h3 id="elevation-of-privilege-vulnerability-in-nfc"> 1107 NFC </h3> 1108 <p>NFC </p> 1109 1110 <table> 1111 <col width="19%"> 1112 <col width="16%"> 1113 <col width="10%"> 1114 <col width="19%"> 1115 <col width="18%"> 1116 <col width="16%"> 1117 <tr> 1118 <th>CVE</th> 1119 <th></th> 1120 <th></th> 1121 <th> Nexus </th> 1122 <th> AOSP </th> 1123 <th></th> 1124 </tr> 1125 <tr> 1126 <td>CVE-2016-3761</td> 1127 <td><a href="https://android.googlesource.com/platform/packages/apps/Nfc/+/9ea802b5456a36f1115549b645b65c791eff3c2c"> 1128 A-28300969</a> 1129 </td> 1130 <td></td> 1131 <td><a href="#all_nexus"> Nexus </a></td> 1132 <td>4.4.45.0.25.1.16.06.0.1</td> 1133 <td>2016 4 20 </td> 1134 </tr> 1135 </table> 1136 1137 <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"> 1138 </h3> 1139 <p></p> 1140 1141 <table> 1142 <col width="19%"> 1143 <col width="16%"> 1144 <col width="10%"> 1145 <col width="19%"> 1146 <col width="18%"> 1147 <col width="16%"> 1148 <tr> 1149 <th>CVE</th> 1150 <th></th> 1151 <th></th> 1152 <th> Nexus </th> 1153 <th> AOSP </th> 1154 <th></th> 1155 </tr> 1156 <tr> 1157 <td>CVE-2016-3762</td> 1158 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39"> 1159 A-28612709</a> 1160 </td> 1161 <td></td> 1162 <td><a href="#all_nexus"> Nexus </a></td> 1163 <td>5.0.25.1.16.06.0.1</td> 1164 <td>2016 4 21 </td> 1165 </tr> 1166 </table> 1167 1168 <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> 1169 Proxy </h3> 1170 <p>Proxy </p> 1171 1172 <table> 1173 <col width="19%"> 1174 <col width="16%"> 1175 <col width="10%"> 1176 <col width="19%"> 1177 <col width="18%"> 1178 <col width="16%"> 1179 <tr> 1180 <th>CVE</th> 1181 <th></th> 1182 <th></th> 1183 <th> Nexus </th> 1184 <th> AOSP </th> 1185 <th></th> 1186 </tr> 1187 <tr> 1188 <td>CVE-2016-3763</td> 1189 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ec2fc50d202d975447211012997fe425496c849c"> 1190 A-27593919</a> 1191 </td> 1192 <td></td> 1193 <td><a href="#all_nexus"> Nexus </a></td> 1194 <td>4.4.45.0.25.1.16.06.0.1</td> 1195 <td>2016 3 10 </td> 1196 </tr> 1197 </table> 1198 1199 <h3 id="information-disclosure-vulnerability-in-mediaserver-2"> 1200 </h3> 1201 <p></p> 1202 1203 <table> 1204 <col width="19%"> 1205 <col width="16%"> 1206 <col width="10%"> 1207 <col width="19%"> 1208 <col width="18%"> 1209 <col width="16%"> 1210 <tr> 1211 <th>CVE</th> 1212 <th></th> 1213 <th></th> 1214 <th> Nexus </th> 1215 <th> AOSP </th> 1216 <th></th> 1217 </tr> 1218 <tr> 1219 <td>CVE-2016-3764</td> 1220 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/daef4327fe0c75b0a90bb8627458feec7a301e1f"> 1221 A-28377502</a> 1222 </td> 1223 <td></td> 1224 <td><a href="#all_nexus"> Nexus </a></td> 1225 <td>4.4.45.0.25.1.16.06.0.1</td> 1226 <td>2016 4 25 </td> 1227 </tr> 1228 <tr> 1229 <td>CVE-2016-3765</td> 1230 <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/d1c775d1d8d2ed117d1e026719b7f9f089716597"> 1231 A-28168413</a> 1232 </td> 1233 <td></td> 1234 <td><a href="#all_nexus"> Nexus </a></td> 1235 <td>6.06.0.1</td> 1236 <td>2016 4 8 </td> 1237 </tr> 1238 </table> 1239 1240 <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> 1241 </h3> 1242 <p></p> 1243 1244 <table> 1245 <col width="19%"> 1246 <col width="16%"> 1247 <col width="10%"> 1248 <col width="19%"> 1249 <col width="18%"> 1250 <col width="16%"> 1251 <tr> 1252 <th>CVE</th> 1253 <th></th> 1254 <th></th> 1255 <th> Nexus </th> 1256 <th> AOSP </th> 1257 <th></th> 1258 </tr> 1259 <tr> 1260 <td>CVE-2016-3766</td> 1261 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> 1262 A-28471206</a> 1263 [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] 1264 </td> 1265 <td></td> 1266 <td><a href="#all_nexus"> Nexus </a></td> 1267 <td>4.4.45.0.25.1.16.06.0.1</td> 1268 <td>2016 4 29 </td> 1269 </tr> 1270 </table> 1271 1272 <h2 id="2016-07-05_details">2016-07-05 </h2> 1273 <p> <a href="2016-07-05_summary">2016-07-05 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 1274 1275 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> 1276 Qualcomm GPU </h3> 1277 <p>Qualcomm GPU (Re-flash) </p> 1278 1279 <table> 1280 <col width="19%"> 1281 <col width="16%"> 1282 <col width="10%"> 1283 <col width="27%"> 1284 <col width="16%"> 1285 <tr> 1286 <th>CVE</th> 1287 <th></th> 1288 <th></th> 1289 <th> Nexus </th> 1290 <th></th> 1291 </tr> 1292 <tr> 1293 <td>CVE-2016-2503</td> 1294 <td>A-28084795* 1295 QC-CR1006067</td> 1296 <td></td> 1297 <td>Nexus 5XNexus 6P</td> 1298 <td>2016 4 5 </td> 1299 </tr> 1300 <tr> 1301 <td>CVE-2016-2067</td> 1302 <td>A-28305757 1303 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/?id=410cfa95f0a1cf58819cbfbd896f9aa45b004ac0"> 1304 QC-CR988993</a></td> 1305 <td></td> 1306 <td>Nexus 5XNexus 6Nexus 6P</td> 1307 <td>2016 4 20 </td> 1308 </tr> 1309 </table> 1310 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1311 1312 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> 1313 MediaTek Wi-Fi </h3> 1314 <p>MediaTek Wi-Fi (Re-flash) </p> 1315 1316 <table> 1317 <col width="19%"> 1318 <col width="20%"> 1319 <col width="10%"> 1320 <col width="23%"> 1321 <col width="16%"> 1322 <tr> 1323 <th>CVE</th> 1324 <th></th> 1325 <th></th> 1326 <th> Nexus </th> 1327 <th></th> 1328 </tr> 1329 <tr> 1330 <td>CVE-2016-3767</td> 1331 <td>A-28169363* 1332 <br>M-ALPS02689526</td> 1333 <td></td> 1334 <td>Android One</td> 1335 <td>2016 4 6 </td> 1336 </tr> 1337 </table> 1338 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1339 1340 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> 1341 Qualcomm </h3> 1342 <p>Qualcomm (Re-flash) </p> 1343 1344 <table> 1345 <col width="19%"> 1346 <col width="16%"> 1347 <col width="10%"> 1348 <col width="27%"> 1349 <col width="16%"> 1350 <tr> 1351 <th>CVE</th> 1352 <th></th> 1353 <th></th> 1354 <th> Nexus </th> 1355 <th></th> 1356 </tr> 1357 <tr> 1358 <td>CVE-2016-3768</td> 1359 <td>A-28172137* 1360 QC-CR1010644</td> 1361 <td></td> 1362 <td>Nexus 5Nexus 6Nexus 5XNexus 6PNexus 7 (2013)</td> 1363 <td>2016 4 9 </td> 1364 </tr> 1365 </table> 1366 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1367 1368 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> 1369 NVIDIA </h3> 1370 <p>NVIDIA (Re-flash) </p> 1371 1372 <table> 1373 <col width="19%"> 1374 <col width="20%"> 1375 <col width="10%"> 1376 <col width="23%"> 1377 <col width="16%"> 1378 <tr> 1379 <th>CVE</th> 1380 <th></th> 1381 <th></th> 1382 <th> Nexus </th> 1383 <th></th> 1384 </tr> 1385 <tr> 1386 <td>CVE-2016-3769</td> 1387 <td>A-28376656*<br> 1388 N-CVE20163769</td> 1389 <td></td> 1390 <td>Nexus 9</td> 1391 <td>2016 4 18 </td> 1392 </tr> 1393 </table> 1394 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1395 1396 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific">MediaTek ()</h3> 1397 <p> MediaTek (Re-flash) </p> 1398 1399 <table> 1400 <col width="19%"> 1401 <col width="20%"> 1402 <col width="10%"> 1403 <col width="23%"> 1404 <col width="16%"> 1405 <tr> 1406 <th>CVE</th> 1407 <th></th> 1408 <th></th> 1409 <th> Nexus </th> 1410 <th></th> 1411 </tr> 1412 <tr> 1413 <td>CVE-2016-3770</td> 1414 <td>A-28346752*<br> 1415 M-ALPS02703102</td> 1416 <td></td> 1417 <td>Android One</td> 1418 <td>2016 4 22 </td> 1419 </tr> 1420 <tr> 1421 <td>CVE-2016-3771</td> 1422 <td>A-29007611*<br> 1423 M-ALPS02703102</td> 1424 <td></td> 1425 <td>Android One</td> 1426 <td>2016 4 22 </td> 1427 </tr> 1428 <tr> 1429 <td>CVE-2016-3772</td> 1430 <td>A-29008188*<br> 1431 M-ALPS02703102</td> 1432 <td></td> 1433 <td>Android One</td> 1434 <td>2016 4 22 </td> 1435 </tr> 1436 <tr> 1437 <td>CVE-2016-3773</td> 1438 <td>A-29008363*<br> 1439 M-ALPS02703102</td> 1440 <td></td> 1441 <td>Android One</td> 1442 <td>2016 4 22 </td> 1443 </tr> 1444 <tr> 1445 <td>CVE-2016-3774</td> 1446 <td>A-29008609*<br> 1447 M-ALPS02703102</td> 1448 <td></td> 1449 <td>Android One</td> 1450 <td>2016 4 22 </td> 1451 </tr> 1452 </table> 1453 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1454 1455 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> 1456 </h3> 1457 <p> (Re-flash) </p> 1458 1459 <table> 1460 <col width="19%"> 1461 <col width="16%"> 1462 <col width="10%"> 1463 <col width="27%"> 1464 <col width="16%"> 1465 <tr> 1466 <th>CVE</th> 1467 <th></th> 1468 <th></th> 1469 <th> Nexus </th> 1470 <th></th> 1471 </tr> 1472 <tr> 1473 <td>CVE-2016-3775</td> 1474 <td>A-28588279*</td> 1475 <td></td> 1476 <td>Nexus 5XNexus 6Nexus 6P Nexus PlayerPixel C</td> 1477 <td>2015 5 4 </td> 1478 </tr> 1479 </table> 1480 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1481 1482 <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> 1483 USB </h3> 1484 <p>USB (Re-flash) </p> 1485 1486 <table> 1487 <col width="19%"> 1488 <col width="16%"> 1489 <col width="10%"> 1490 <col width="27%"> 1491 <col width="16%"> 1492 <tr> 1493 <th>CVE</th> 1494 <th></th> 1495 <th></th> 1496 <th> Nexus </th> 1497 <th></th> 1498 </tr> 1499 <tr> 1500 <td>CVE-2015-8816</td> 1501 <td>A-28712303*</td> 1502 <td></td> 1503 <td>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Nexus PlayerPixel C</td> 1504 <td>2016 5 4 </td> 1505 </tr> 1506 </table> 1507 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1508 1509 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> 1510 Qualcomm </h3> 1511 <p> Qualcomm </p> 1512 <p> (Re-flash) </p> 1513 1514 <table> 1515 <col width="19%"> 1516 <col width="20%"> 1517 <col width="10%"> 1518 <col width="23%"> 1519 <col width="16%"> 1520 <tr> 1521 <th>CVE</th> 1522 <th></th> 1523 <th>*</th> 1524 <th> Nexus </th> 1525 <th></th> 1526 </tr> 1527 <tr> 1528 <td>CVE-2014-9795</td> 1529 <td>A-28820720<br> 1530 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> 1531 [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] 1532 </td> 1533 <td></td> 1534 <td>Nexus 5</td> 1535 <td>2014 8 8 </td> 1536 </tr> 1537 <tr> 1538 <td>CVE-2014-9794</td> 1539 <td>A-28821172<br> 1540 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> 1541 </td> 1542 <td></td> 1543 <td>Nexus 7 (2013)</td> 1544 <td>2014 8 8 </td> 1545 </tr> 1546 <tr> 1547 <td>CVE-2015-8892</td> 1548 <td>A-28822807<br> 1549 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> 1550 </td> 1551 <td></td> 1552 <td>Nexus 5XNexus 6P</td> 1553 <td>2015 12 30 </td> 1554 </tr> 1555 <tr> 1556 <td>CVE-2014-9781</td> 1557 <td>A-28410333<br> 1558 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> 1559 </td> 1560 <td></td> 1561 <td>Nexus 7 (2013)</td> 1562 <td>2014 2 6 </td> 1563 </tr> 1564 <tr> 1565 <td>CVE-2014-9786</td> 1566 <td>A-28557260<br> 1567 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> 1568 <td></td> 1569 <td>Nexus 5Nexus 7 (2013)</td> 1570 <td>2014 3 13 </td> 1571 </tr> 1572 <tr> 1573 <td>CVE-2014-9788</td> 1574 <td>A-28573112<br> 1575 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> 1576 <td></td> 1577 <td>Nexus 5</td> 1578 <td>2014 3 13 </td> 1579 </tr> 1580 <tr> 1581 <td>CVE-2014-9779</td> 1582 <td>A-28598347<br> 1583 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> 1584 <td></td> 1585 <td>Nexus 5</td> 1586 <td>2014 3 13 </td> 1587 </tr> 1588 <tr> 1589 <td>CVE-2014-9780</td> 1590 <td>A-28602014<br> 1591 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> 1592 <td></td> 1593 <td>Nexus 5Nexus 5XNexus 6P</td> 1594 <td>2014 3 13 </td> 1595 </tr> 1596 <tr> 1597 <td>CVE-2014-9789</td> 1598 <td>A-28749392<br> 1599 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> 1600 <td></td> 1601 <td>Nexus 5</td> 1602 <td>2014 3 13 </td> 1603 </tr> 1604 <tr> 1605 <td>CVE-2014-9793</td> 1606 <td>A-28821253<br> 1607 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> 1608 <td></td> 1609 <td>Nexus 7 (2013)</td> 1610 <td>2014 3 13 </td> 1611 </tr> 1612 <tr> 1613 <td>CVE-2014-9782</td> 1614 <td>A-28431531<br> 1615 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> 1616 <td></td> 1617 <td>Nexus 5Nexus 7 (2013)</td> 1618 <td>2014 3 31 </td> 1619 </tr> 1620 <tr> 1621 <td>CVE-2014-9783</td> 1622 <td>A-28441831<br> 1623 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> 1624 [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> 1625 <td></td> 1626 <td>Nexus 7 (2013)</td> 1627 <td>2014 3 31 </td> 1628 </tr> 1629 <tr> 1630 <td>CVE-2014-9785</td> 1631 <td>A-28469042<br> 1632 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> 1633 <td></td> 1634 <td>Nexus 7 (2013)</td> 1635 <td>2014 3 31 </td> 1636 </tr> 1637 <tr> 1638 <td>CVE-2014-9787</td> 1639 <td>A-28571496<br> 1640 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> 1641 <td></td> 1642 <td>Nexus 7 (2013)</td> 1643 <td>2014 3 31 </td> 1644 </tr> 1645 <tr> 1646 <td>CVE-2014-9784</td> 1647 <td>A-28442449<br> 1648 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> 1649 <td></td> 1650 <td>Nexus 5Nexus 7 (2013)</td> 1651 <td>2014 4 30 </td> 1652 </tr> 1653 <tr> 1654 <td>CVE-2014-9777</td> 1655 <td>A-28598501<br> 1656 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> 1657 <td></td> 1658 <td>Nexus 5Nexus 7 (2013)</td> 1659 <td>2014 4 30 </td> 1660 </tr> 1661 <tr> 1662 <td>CVE-2014-9778</td> 1663 <td>A-28598515<br> 1664 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> 1665 <td></td> 1666 <td>Nexus 5Nexus 7 (2013)</td> 1667 <td>2014 4 30 </td> 1668 </tr> 1669 <tr> 1670 <td>CVE-2014-9790</td> 1671 <td>A-28769136<br> 1672 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> 1673 [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> 1674 <td></td> 1675 <td>Nexus 5Nexus 7 (2013)</td> 1676 <td>2014 4 30 </td> 1677 </tr> 1678 <tr> 1679 <td>CVE-2014-9792</td> 1680 <td>A-28769399<br> 1681 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> 1682 <td></td> 1683 <td>Nexus 5</td> 1684 <td>2014 4 30 </td> 1685 </tr> 1686 <tr> 1687 <td>CVE-2014-9797</td> 1688 <td>A-28821090<br> 1689 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> 1690 <td></td> 1691 <td>Nexus 5</td> 1692 <td>2014 7 3 </td> 1693 </tr> 1694 <tr> 1695 <td>CVE-2014-9791</td> 1696 <td>A-28803396<br> 1697 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> 1698 <td></td> 1699 <td>Nexus 7 (2013)</td> 1700 <td>2014 8 29 </td> 1701 </tr> 1702 <tr> 1703 <td>CVE-2014-9796</td> 1704 <td>A-28820722<br> 1705 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> 1706 <td></td> 1707 <td>Nexus 5Nexus 7 (2013)</td> 1708 <td>2014 9 30 </td> 1709 </tr> 1710 <tr> 1711 <td>CVE-2014-9800</td> 1712 <td>A-28822150<br> 1713 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> 1714 <td></td> 1715 <td>Nexus 5Nexus 7 (2013)</td> 1716 <td>2014 10 31 </td> 1717 </tr> 1718 <tr> 1719 <td>CVE-2014-9799</td> 1720 <td>A-28821731<br> 1721 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> 1722 <td></td> 1723 <td>Nexus 5Nexus 7 (2013)</td> 1724 <td>2014 10 31 </td> 1725 </tr> 1726 <tr> 1727 <td>CVE-2014-9801</td> 1728 <td>A-28822060<br> 1729 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> 1730 <td></td> 1731 <td>Nexus 5</td> 1732 <td>2014 11 28 </td> 1733 </tr> 1734 <tr> 1735 <td>CVE-2014-9802</td> 1736 <td>A-28821965<br> 1737 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> 1738 <td></td> 1739 <td>Nexus 5Nexus 7 (2013)</td> 1740 <td>2014 12 31 </td> 1741 </tr> 1742 <tr> 1743 <td>CVE-2015-8891</td> 1744 <td>A-28842418<br> 1745 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> 1746 <td></td> 1747 <td>Nexus 5Nexus 7 (2013)</td> 1748 <td>2015 5 29 </td> 1749 </tr> 1750 <tr> 1751 <td>CVE-2015-8888</td> 1752 <td>A-28822465<br> 1753 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> 1754 <td></td> 1755 <td>Nexus 5</td> 1756 <td>2015 6 30 </td> 1757 </tr> 1758 <tr> 1759 <td>CVE-2015-8889</td> 1760 <td>A-28822677<br> 1761 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> 1762 <td></td> 1763 <td>Nexus 6P</td> 1764 <td>2015 6 30 </td> 1765 </tr> 1766 <tr> 1767 <td>CVE-2015-8890</td> 1768 <td>A-28822878<br> 1769 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> 1770 <td></td> 1771 <td>Nexus 5Nexus 7 (2013)</td> 1772 <td>2015 8 19 </td> 1773 </tr> 1774 </table> 1775 <p>* Qualcomm </p> 1776 1777 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> 1778 Qualcomm USB </h3> 1779 <p>Qualcomm USB </p> 1780 1781 <table> 1782 <col width="19%"> 1783 <col width="16%"> 1784 <col width="10%"> 1785 <col width="27%"> 1786 <col width="16%"> 1787 <tr> 1788 <th>CVE</th> 1789 <th></th> 1790 <th></th> 1791 <th> Nexus </th> 1792 <th></th> 1793 </tr> 1794 <tr> 1795 <td>CVE-2016-2502</td> 1796 <td>A-27657963 1797 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=0bc45d7712eabe315ce8299a49d16433c3801156">QC-CR997044</a></td> 1798 <td></td> 1799 <td>Nexus 5XNexus 6P</td> 1800 <td>2016 3 11 </td> 1801 </tr> 1802 </table> 1803 1804 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> 1805 Qualcomm Wi-Fi </h3> 1806 <p>Qualcomm Wi-Fi </p> 1807 1808 <table> 1809 <col width="19%"> 1810 <col width="16%"> 1811 <col width="10%"> 1812 <col width="27%"> 1813 <col width="16%"> 1814 <tr> 1815 <th>CVE</th> 1816 <th></th> 1817 <th></th> 1818 <th> Nexus </th> 1819 <th></th> 1820 </tr> 1821 <tr> 1822 <td>CVE-2016-3792</td> 1823 <td>A-27725204 1824 <a href="https://us.codeaurora.org/cgit/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=28d4f0c1f712bffb4aa5b47f06e97d5a9fa06d29">QC-CR561022</a></td> 1825 <td></td> 1826 <td>Nexus 7 (2013)</td> 1827 <td>2016 3 17 </td> 1828 </tr> 1829 </table> 1830 1831 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> 1832 Qualcomm </h3> 1833 <p>Qualcomm </p> 1834 1835 <table> 1836 <col width="19%"> 1837 <col width="16%"> 1838 <col width="10%"> 1839 <col width="27%"> 1840 <col width="16%"> 1841 <tr> 1842 <th>CVE</th> 1843 <th></th> 1844 <th></th> 1845 <th> Nexus </th> 1846 <th></th> 1847 </tr> 1848 <tr> 1849 <td>CVE-2016-2501</td> 1850 <td>A-27890772* 1851 QC-CR1001092</td> 1852 <td></td> 1853 <td>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)</td> 1854 <td>2016 3 27 </td> 1855 </tr> 1856 </table> 1857 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1858 1859 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> 1860 NVIDIA </h3> 1861 <p>NVIDIA </p> 1862 1863 <table> 1864 <col width="19%"> 1865 <col width="20%"> 1866 <col width="10%"> 1867 <col width="23%"> 1868 <col width="16%"> 1869 <tr> 1870 <th>CVE</th> 1871 <th></th> 1872 <th></th> 1873 <th> Nexus </th> 1874 <th></th> 1875 </tr> 1876 <tr> 1877 <td>CVE-2016-3793</td> 1878 <td>A-28026625*<br> 1879 N-CVE20163793</td> 1880 <td></td> 1881 <td>Nexus 9</td> 1882 <td>2016 4 5 </td> 1883 </tr> 1884 </table> 1885 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1886 1887 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> 1888 MediaTek </h3> 1889 <p>MediaTek </p> 1890 1891 <table> 1892 <col width="19%"> 1893 <col width="20%"> 1894 <col width="10%"> 1895 <col width="23%"> 1896 <col width="16%"> 1897 <tr> 1898 <th>CVE</th> 1899 <th></th> 1900 <th></th> 1901 <th> Nexus </th> 1902 <th></th> 1903 </tr> 1904 <tr> 1905 <td>CVE-2016-3795</td> 1906 <td>A-28085222*<br> 1907 M-ALPS02677244</td> 1908 <td></td> 1909 <td>Android One</td> 1910 <td>2016 4 7 </td> 1911 </tr> 1912 <tr> 1913 <td>CVE-2016-3796</td> 1914 <td>A-29008443*<br> 1915 M-ALPS02677244</td> 1916 <td></td> 1917 <td>Android One</td> 1918 <td>2016 4 7 </td> 1919 </tr> 1920 </table> 1921 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1922 1923 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> 1924 Qualcomm Wi-Fi </h3> 1925 <p>Qualcomm Wi-Fi </p> 1926 1927 <table> 1928 <col width="19%"> 1929 <col width="16%"> 1930 <col width="10%"> 1931 <col width="27%"> 1932 <col width="16%"> 1933 <tr> 1934 <th>CVE</th> 1935 <th></th> 1936 <th></th> 1937 <th> Nexus </th> 1938 <th></th> 1939 </tr> 1940 <tr> 1941 <td>CVE-2016-3797</td> 1942 <td>A-28085680* 1943 QC-CR1001450</td> 1944 <td></td> 1945 <td>Nexus 5X</td> 1946 <td>2016 4 7 </td> 1947 </tr> 1948 </table> 1949 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1950 1951 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> 1952 MediaTek </h3> 1953 <p>MediaTek </p> 1954 1955 <table> 1956 <col width="19%"> 1957 <col width="20%"> 1958 <col width="10%"> 1959 <col width="23%"> 1960 <col width="16%"> 1961 <tr> 1962 <th>CVE</th> 1963 <th></th> 1964 <th></th> 1965 <th> Nexus </th> 1966 <th></th> 1967 </tr> 1968 <tr> 1969 <td>CVE-2016-3798</td> 1970 <td>A-28174490*<br> 1971 M-ALPS02703105</td> 1972 <td></td> 1973 <td>Android One</td> 1974 <td>2016 4 11 </td> 1975 </tr> 1976 </table> 1977 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1978 1979 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> 1980 MediaTek </h3> 1981 <p>MediaTek </p> 1982 1983 <table> 1984 <col width="19%"> 1985 <col width="20%"> 1986 <col width="10%"> 1987 <col width="23%"> 1988 <col width="16%"> 1989 <tr> 1990 <th>CVE</th> 1991 <th></th> 1992 <th></th> 1993 <th> Nexus </th> 1994 <th></th> 1995 </tr> 1996 <tr> 1997 <td>CVE-2016-3799</td> 1998 <td>A-28175025*<br> 1999 M-ALPS02693738</td> 2000 <td></td> 2001 <td>Android One</td> 2002 <td>2016 4 11 </td> 2003 </tr> 2004 <tr> 2005 <td>CVE-2016-3800</td> 2006 <td>A-28175027*<br> 2007 M-ALPS02693739</td> 2008 <td></td> 2009 <td>Android One</td> 2010 <td>2016 4 11 </td> 2011 </tr> 2012 </table> 2013 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2014 2015 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> 2016 MediaTek GPS </h3> 2017 <p>MediaTek GPS </p> 2018 2019 <table> 2020 <col width="19%"> 2021 <col width="20%"> 2022 <col width="10%"> 2023 <col width="23%"> 2024 <col width="16%"> 2025 <tr> 2026 <th>CVE</th> 2027 <th></th> 2028 <th></th> 2029 <th> Nexus </th> 2030 <th></th> 2031 </tr> 2032 <tr> 2033 <td>CVE-2016-3801</td> 2034 <td>A-28174914*<br> 2035 M-ALPS02688853</td> 2036 <td></td> 2037 <td>Android One</td> 2038 <td>2016 4 11 </td> 2039 </tr> 2040 </table> 2041 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2042 2043 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> 2044 </h3> 2045 <p></p> 2046 2047 <table> 2048 <col width="19%"> 2049 <col width="16%"> 2050 <col width="10%"> 2051 <col width="27%"> 2052 <col width="16%"> 2053 <tr> 2054 <th>CVE</th> 2055 <th></th> 2056 <th></th> 2057 <th> Nexus </th> 2058 <th></th> 2059 </tr> 2060 <tr> 2061 <td>CVE-2016-3802</td> 2062 <td>A-28271368*</td> 2063 <td></td> 2064 <td>Nexus 9</td> 2065 <td>2016 4 19 </td> 2066 </tr> 2067 <tr> 2068 <td>CVE-2016-3803</td> 2069 <td>A-28588434*</td> 2070 <td></td> 2071 <td>Nexus 5XNexus 6P</td> 2072 <td>2016 5 4 </td> 2073 </tr> 2074 </table> 2075 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2076 2077 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> 2078 MediaTek </h3> 2079 <p>MediaTek </p> 2080 2081 <table> 2082 <col width="19%"> 2083 <col width="20%"> 2084 <col width="10%"> 2085 <col width="23%"> 2086 <col width="16%"> 2087 <tr> 2088 <th>CVE</th> 2089 <th></th> 2090 <th></th> 2091 <th> Nexus </th> 2092 <th></th> 2093 </tr> 2094 <tr> 2095 <td>CVE-2016-3804</td> 2096 <td>A-28332766*<br> 2097 M-ALPS02694410</td> 2098 <td></td> 2099 <td>Android One</td> 2100 <td>2016 4 20 </td> 2101 </tr> 2102 <tr> 2103 <td>CVE-2016-3805</td> 2104 <td>A-28333002*<br> 2105 M-ALPS02694412</td> 2106 <td></td> 2107 <td>Android One</td> 2108 <td>2016 4 21 </td> 2109 </tr> 2110 </table> 2111 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2112 2113 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> 2114 MediaTek </h3> 2115 <p>MediaTek </p> 2116 2117 <table> 2118 <col width="19%"> 2119 <col width="20%"> 2120 <col width="10%"> 2121 <col width="23%"> 2122 <col width="16%"> 2123 <tr> 2124 <th>CVE</th> 2125 <th></th> 2126 <th></th> 2127 <th> Nexus </th> 2128 <th></th> 2129 </tr> 2130 <tr> 2131 <td>CVE-2016-3806</td> 2132 <td>A-28402341*<br> 2133 M-ALPS02715341</td> 2134 <td></td> 2135 <td>Android One</td> 2136 <td>2016 4 26 </td> 2137 </tr> 2138 </table> 2139 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2140 2141 <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> 2142 </h3> 2143 <p></p> 2144 2145 <table> 2146 <col width="19%"> 2147 <col width="16%"> 2148 <col width="10%"> 2149 <col width="27%"> 2150 <col width="16%"> 2151 <tr> 2152 <th>CVE</th> 2153 <th></th> 2154 <th></th> 2155 <th> Nexus </th> 2156 <th></th> 2157 </tr> 2158 <tr> 2159 <td>CVE-2016-3807</td> 2160 <td>A-28402196*</td> 2161 <td></td> 2162 <td>Nexus 5XNexus 6P</td> 2163 <td>2016 4 26 </td> 2164 </tr> 2165 <tr> 2166 <td>CVE-2016-3808</td> 2167 <td>A-28430009*</td> 2168 <td></td> 2169 <td>Pixel C</td> 2170 <td>2016 4 26 </td> 2171 </tr> 2172 </table> 2173 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2174 2175 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> 2176 Qualcomm </h3> 2177 <p>Qualcomm </p> 2178 2179 <table> 2180 <col width="19%"> 2181 <col width="16%"> 2182 <col width="10%"> 2183 <col width="27%"> 2184 <col width="16%"> 2185 <tr> 2186 <th>CVE</th> 2187 <th></th> 2188 <th></th> 2189 <th> Nexus </th> 2190 <th></th> 2191 </tr> 2192 <tr> 2193 <td>CVE-2016-2068</td> 2194 <td>A-28470967 2195 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> 2196 <td></td> 2197 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 2198 <td>2016 4 28 </td> 2199 </tr> 2200 </table> 2201 2202 <h3 id="elevation-of-privilege-vulnerability-in-kernel"> 2203 </h3> 2204 <p></p> 2205 2206 <table> 2207 <col width="19%"> 2208 <col width="20%"> 2209 <col width="10%"> 2210 <col width="23%"> 2211 <col width="16%"> 2212 <tr> 2213 <th>CVE</th> 2214 <th></th> 2215 <th></th> 2216 <th> Nexus </th> 2217 <th></th> 2218 </tr> 2219 <tr> 2220 <td>CVE-2014-9803</td> 2221 <td>A-28557020<br> 2222 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> 2223 </a></td> 2224 <td></td> 2225 <td>Nexus 5XNexus 6P</td> 2226 <td>Google </td> 2227 </tr> 2228 </table> 2229 2230 <h3 id="information-disclosure-vulnerability-in-networking-component"> 2231 </h3> 2232 <p></p> 2233 2234 <table> 2235 <col width="19%"> 2236 <col width="16%"> 2237 <col width="10%"> 2238 <col width="27%"> 2239 <col width="16%"> 2240 <tr> 2241 <th>CVE</th> 2242 <th></th> 2243 <th></th> 2244 <th> Nexus </th> 2245 <th></th> 2246 </tr> 2247 <tr> 2248 <td>CVE-2016-3809</td> 2249 <td>A-27532522*</td> 2250 <td></td> 2251 <td><a href="#all_nexus"> Nexus </a></td> 2252 <td>2016 3 5 </td> 2253 </tr> 2254 </table> 2255 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2256 2257 <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver"> 2258 MediaTek Wi-Fi </h3> 2259 <p>MediaTek Wi-Fi </p> 2260 2261 <table> 2262 <col width="19%"> 2263 <col width="20%"> 2264 <col width="10%"> 2265 <col width="23%"> 2266 <col width="16%"> 2267 <tr> 2268 <th>CVE</th> 2269 <th></th> 2270 <th></th> 2271 <th> Nexus </th> 2272 <th></th> 2273 </tr> 2274 <tr> 2275 <td>CVE-2016-3810</td> 2276 <td>A-28175522*<br> 2277 M-ALPS02694389</td> 2278 <td></td> 2279 <td>Android One</td> 2280 <td>2016 4 12 </td> 2281 </tr> 2282 </table> 2283 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2284 2285 <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> 2286 </h3> 2287 <p></p> 2288 2289 <table> 2290 <col width="19%"> 2291 <col width="16%"> 2292 <col width="10%"> 2293 <col width="27%"> 2294 <col width="16%"> 2295 <tr> 2296 <th>CVE</th> 2297 <th></th> 2298 <th></th> 2299 <th> Nexus </th> 2300 <th></th> 2301 </tr> 2302 <tr> 2303 <td>CVE-2016-3811</td> 2304 <td>A-28447556*</td> 2305 <td></td> 2306 <td>Nexus 9</td> 2307 <td>Google </td> 2308 </tr> 2309 </table> 2310 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2311 2312 <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> 2313 MediaTek </h3> 2314 <p>MediaTek </p> 2315 2316 <table> 2317 <col width="19%"> 2318 <col width="20%"> 2319 <col width="10%"> 2320 <col width="23%"> 2321 <col width="16%"> 2322 <tr> 2323 <th>CVE</th> 2324 <th></th> 2325 <th></th> 2326 <th> Nexus </th> 2327 <th></th> 2328 </tr> 2329 <tr> 2330 <td>CVE-2016-3812</td> 2331 <td>A-28174833*<br> 2332 M-ALPS02688832</td> 2333 <td></td> 2334 <td>Android One</td> 2335 <td>2016 4 11 </td> 2336 </tr> 2337 </table> 2338 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2339 2340 <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> 2341 Qualcomm USB </h3> 2342 <p>Qualcomm USB </p> 2343 2344 <table> 2345 <col width="19%"> 2346 <col width="16%"> 2347 <col width="10%"> 2348 <col width="27%"> 2349 <col width="16%"> 2350 <tr> 2351 <th>CVE</th> 2352 <th></th> 2353 <th></th> 2354 <th> Nexus </th> 2355 <th></th> 2356 </tr> 2357 <tr> 2358 <td>CVE-2016-3813</td> 2359 <td>A-28172322* 2360 QC-CR1010222</td> 2361 <td></td> 2362 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 2363 <td>2016 4 11 </td> 2364 </tr> 2365 </table> 2366 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2367 2368 <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> 2369 NVIDIA </h3> 2370 <p>NVIDIA </p> 2371 2372 <table> 2373 <col width="19%"> 2374 <col width="20%"> 2375 <col width="10%"> 2376 <col width="23%"> 2377 <col width="16%"> 2378 <tr> 2379 <th>CVE</th> 2380 <th></th> 2381 <th></th> 2382 <th> Nexus </th> 2383 <th></th> 2384 </tr> 2385 <tr> 2386 <td>CVE-2016-3814</td> 2387 <td>A-28193342*<br> 2388 N-CVE20163814</td> 2389 <td></td> 2390 <td>Nexus 9</td> 2391 <td>2016 4 14 </td> 2392 </tr> 2393 <tr> 2394 <td>CVE-2016-3815</td> 2395 <td>A-28522274*<br> 2396 N-CVE20163815</td> 2397 <td></td> 2398 <td>Nexus 9</td> 2399 <td>2016 5 1 </td> 2400 </tr> 2401 </table> 2402 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2403 2404 <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> 2405 MediaTek </h3> 2406 <p>MediaTek </p> 2407 2408 <table> 2409 <col width="19%"> 2410 <col width="16%"> 2411 <col width="10%"> 2412 <col width="27%"> 2413 <col width="16%"> 2414 <tr> 2415 <th>CVE</th> 2416 <th></th> 2417 <th></th> 2418 <th> Nexus </th> 2419 <th></th> 2420 </tr> 2421 <tr> 2422 <td>CVE-2016-3816</td> 2423 <td>A-28402240*</td> 2424 <td></td> 2425 <td>Android One</td> 2426 <td>2016 4 26 </td> 2427 </tr> 2428 </table> 2429 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2430 2431 <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> 2432 </h3> 2433 <p></p> 2434 2435 <table> 2436 <col width="19%"> 2437 <col width="20%"> 2438 <col width="10%"> 2439 <col width="23%"> 2440 <col width="16%"> 2441 <tr> 2442 <th>CVE</th> 2443 <th></th> 2444 <th></th> 2445 <th> Nexus </th> 2446 <th></th> 2447 </tr> 2448 <tr> 2449 <td>CVE-2016-0723</td> 2450 <td>A-28409131<br> 2451 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439"></a></td> 2452 <td></td> 2453 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Nexus PlayerPixel C</td> 2454 <td>2016 4 26 </td> 2455 </tr> 2456 </table> 2457 2458 <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> 2459 Qualcomm </h3> 2460 <p>Qualcomm (Re-flash) </p> 2461 2462 <table> 2463 <col width="19%"> 2464 <col width="16%"> 2465 <col width="10%"> 2466 <col width="27%"> 2467 <col width="16%"> 2468 <tr> 2469 <th>CVE</th> 2470 <th></th> 2471 <th></th> 2472 <th> Nexus </th> 2473 <th></th> 2474 </tr> 2475 <tr> 2476 <td>CVE-2014-9798</td> 2477 <td>A-28821448 2478 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484">QC-CR681965</a></td> 2479 <td></td> 2480 <td>Nexus 5</td> 2481 <td>2014 10 31 </td> 2482 </tr> 2483 <tr> 2484 <td>CVE-2015-8893</td> 2485 <td>A-28822690 2486 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=800255e8bfcc31a02e89460460e3811f225e7a69">QC-CR822275</a></td> 2487 <td></td> 2488 <td>Nexus 5Nexus 7 (2013)</td> 2489 <td>2015 8 19 </td> 2490 </tr> 2491 </table> 2492 <h2 id="common-questions-and-answers"></h2> 2493 <p></p> 2494 2495 <p><strong>1. </strong></p> 2496 <p>2016 7 1 2016-7-01 2016 7 5 2016-07-05 <a href="https://support.google.com/nexus/answer/4457705"></a>[ro.build.version.security_patch]:[2016-07-01] [ro.build.version.security_patch]:[2016-07-05].</p> 2497 2498 <p><strong>2. </strong></p> 2499 <p> Android Android Android </p> 2500 <p> 2016 7 5 () </p> 2501 <p> 2016 7 1 2016 7 1 2016 7 5 </p> 2502 2503 <p id="all_nexus"><strong>3. Nexus </strong></p> 2504 <p> <a href="#2016-07-01_details">2016-07-01</a> <a href="#2016-07-05_details">2016-07-05</a> Nexus Nexus </p> 2505 <ul> 2506 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus Nexus <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a> 2507 Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus Player Pixel C</li> 2508 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus </li> 2509 <li><strong> Nexus </strong> Nexus Nexus <em></em></li> 2510 </ul> 2511 2512 <p><strong>4. </strong></p> 2513 <p><em></em></p> 2514 2515 <table> 2516 <tr> 2517 <th></th> 2518 <th></th> 2519 </tr> 2520 <tr> 2521 <td>A-</td> 2522 <td>Android ID</td> 2523 </tr> 2524 <tr> 2525 <td>QC-</td> 2526 <td>Qualcomm </td> 2527 </tr> 2528 <tr> 2529 <td>M-</td> 2530 <td>MediaTek </td> 2531 </tr> 2532 <tr> 2533 <td>N-</td> 2534 <td>NVIDIA </td> 2535 </tr> 2536 </table> 2537 2538 <h2 id="revisions"></h2> 2539 <ul> 2540 <li>2016 7 6 </li> 2541 <li>2016 7 7 2542 <ul> 2543 <li> AOSP 2544 <li> CVE-2016-3794 ( CVE-2016-3814 ) 2545 <li> CVE-2016-2501 CVE-2016-2502 2546 </li></li></li></ul> 2547 </li> 2548 <li>2016 7 11 CVE-2016-3750 </li> 2549 <li>2016 7 14 CVE-2016-2503 </li> 2550 </ul> 2551
