1 page.title=Android 2016 9 2 @jd:body 3 <!-- 4 Copyright 2016 The Android Open Source Project 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 http://www.apache.org/licenses/LICENSE-2.0 9 Unless required by applicable law or agreed to in writing, software 10 distributed under the License is distributed on an "AS IS" BASIS, 11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 See the License for the specific language governing permissions and 13 limitations under the License. 14 --> 15 <p><em>2016 9 6 | 2016 9 12 </em> 16 </p> 17 18 <p>Android Android Google OTA Nexus Nexus <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2016 9 6 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a> Nexus 2016 9 6 OTA 19 </p> 20 21 <p> 22 2016 8 5 () Android (AOSP) AOSP 23 </p> 24 25 <p> 26 </p> 27 28 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> ( SafetyNet) Android <a href="#mitigations">Android Google </a> 29 </p> 30 31 <p> 32 </p> 33 34 <h2 id="announcements"></h2> 35 <ul> 36 <li> Android Android <a href="#common-questions-and-answers"></a> 37 <ul> 38 <li><strong>2016-09-01</strong> 2016-09-01 () 39 <li><strong>2016-09-05</strong> 2016-09-01 2016-09-05 () 40 <li><strong>2016-09-06</strong> 2016-09-012016-09-05 2016-09-06 () 41 <li> Nexus 2016 9 6 OTA </li> 42 </li></li></li></ul> 43 </li> 44 </ul> 45 <h2></h2> 46 <p> 47 ID (CVE) Nexus <a href="{@docRoot}security/overview/updates-resources.html#severity"></a> 48 </p> 49 50 <h3 id="2016-09-01-summary">2016-09-01 </h3> 51 <p> 52 2016-09-01 53 </p> 54 55 <table> 56 <col width="55%"> 57 <col width="20%"> 58 <col width="13%"> 59 <col width="12%"> 60 <tr> 61 <th></th> 62 <th>CVE</th> 63 <th></th> 64 <th> Nexus </th> 65 </tr> 66 <tr> 67 <td>LibUtils </td> 68 <td>CVE-2016-3861</td> 69 <td></td> 70 <td></td> 71 </tr> 72 <tr> 73 <td></td> 74 <td>CVE-2016-3862</td> 75 <td></td> 76 <td></td> 77 </tr> 78 <tr> 79 <td>MediaMuxer </td> 80 <td>CVE-2016-3863</td> 81 <td></td> 82 <td></td> 83 </tr> 84 <tr> 85 <td></td> 86 <td>CVE-2016-3870CVE-2016-3871CVE-2016-3872</td> 87 <td></td> 88 <td></td> 89 </tr> 90 <tr> 91 <td></td> 92 <td>CVE-2016-3875</td> 93 <td></td> 94 <td>*</td> 95 </tr> 96 <tr> 97 <td></td> 98 <td>CVE-2016-3876</td> 99 <td></td> 100 <td></td> 101 </tr> 102 <tr> 103 <td></td> 104 <td>CVE-2016-3899CVE-2016-3878CVE-2016-3879CVE-2016-3880CVE-2016-3881</td> 105 <td></td> 106 <td></td> 107 </tr> 108 <tr> 109 <td></td> 110 <td>CVE-2016-3883</td> 111 <td></td> 112 <td></td> 113 </tr> 114 <tr> 115 <td></td> 116 <td>CVE-2016-3884</td> 117 <td></td> 118 <td></td> 119 </tr> 120 <tr> 121 <td>Debuggerd </td> 122 <td>CVE-2016-3885</td> 123 <td></td> 124 <td></td> 125 </tr> 126 <tr> 127 <td></td> 128 <td>CVE-2016-3886</td> 129 <td></td> 130 <td></td> 131 </tr> 132 <tr> 133 <td></td> 134 <td>CVE-2016-3887</td> 135 <td></td> 136 <td></td> 137 </tr> 138 <tr> 139 <td></td> 140 <td>CVE-2016-3888</td> 141 <td></td> 142 <td></td> 143 </tr> 144 <tr> 145 <td></td> 146 <td>CVE-2016-3889</td> 147 <td></td> 148 <td></td> 149 </tr> 150 <tr> 151 <td>Java </td> 152 <td>CVE-2016-3890</td> 153 <td></td> 154 <td>*</td> 155 </tr> 156 <tr> 157 <td></td> 158 <td>CVE-2016-3895</td> 159 <td></td> 160 <td></td> 161 </tr> 162 <tr> 163 <td>AOSP Mail </td> 164 <td>CVE-2016-3896</td> 165 <td></td> 166 <td>*</td> 167 </tr> 168 <tr> 169 <td>Wi-Fi </td> 170 <td>CVE-2016-3897</td> 171 <td></td> 172 <td>*</td> 173 </tr> 174 <tr> 175 <td></td> 176 <td>CVE-2016-3898</td> 177 <td></td> 178 <td></td> 179 </tr> 180 </table> 181 <p>* Android 7.0 Nexus 182 </p> 183 184 <h3 id="2016-09-05-summary">2016-09-05 </h3> 185 <p> 186 2016-09-05 2016-09-01 187 </p> 188 189 <table> 190 <col width="55%"> 191 <col width="20%"> 192 <col width="13%"> 193 <col width="12%"> 194 <tr> 195 <th></th> 196 <th>CVE</th> 197 <th></th> 198 <th> Nexus </th> 199 </tr> 200 <tr> 201 <td></td> 202 <td>CVE-2014-9529CVE-2016-4470</td> 203 <td></td> 204 <td></td> 205 </tr> 206 <tr> 207 <td></td> 208 <td>CVE-2013-7446</td> 209 <td></td> 210 <td></td> 211 </tr> 212 <tr> 213 <td></td> 214 <td>CVE-2016-3134</td> 215 <td></td> 216 <td></td> 217 </tr> 218 <tr> 219 <td> USB </td> 220 <td>CVE-2016-3951</td> 221 <td></td> 222 <td></td> 223 </tr> 224 <tr> 225 <td></td> 226 <td>CVE-2014-4655</td> 227 <td></td> 228 <td></td> 229 </tr> 230 <tr> 231 <td> ASN.1 </td> 232 <td>CVE-2016-2053</td> 233 <td></td> 234 <td></td> 235 </tr> 236 <tr> 237 <td>Qualcomm </td> 238 <td>CVE-2016-3864</td> 239 <td></td> 240 <td></td> 241 </tr> 242 <tr> 243 <td>Qualcomm </td> 244 <td>CVE-2016-3858</td> 245 <td></td> 246 <td></td> 247 </tr> 248 <tr> 249 <td></td> 250 <td>CVE-2016-4805</td> 251 <td></td> 252 <td></td> 253 </tr> 254 <tr> 255 <td>Synaptics </td> 256 <td>CVE-2016-3865</td> 257 <td></td> 258 <td></td> 259 </tr> 260 <tr> 261 <td>Qualcomm </td> 262 <td>CVE-2016-3859</td> 263 <td></td> 264 <td></td> 265 </tr> 266 <tr> 267 <td>Qualcomm </td> 268 <td>CVE-2016-3866</td> 269 <td></td> 270 <td></td> 271 </tr> 272 <tr> 273 <td>Qualcomm IPA </td> 274 <td>CVE-2016-3867</td> 275 <td></td> 276 <td></td> 277 </tr> 278 <tr> 279 <td>Qualcomm </td> 280 <td>CVE-2016-3868</td> 281 <td></td> 282 <td></td> 283 </tr> 284 <tr> 285 <td>Broadcom Wi-Fi </td> 286 <td>CVE-2016-3869</td> 287 <td></td> 288 <td></td> 289 </tr> 290 <tr> 291 <td> eCryptfs </td> 292 <td>CVE-2016-1583</td> 293 <td></td> 294 <td></td> 295 </tr> 296 <tr> 297 <td>NVIDIA </td> 298 <td>CVE-2016-3873</td> 299 <td></td> 300 <td></td> 301 </tr> 302 <tr> 303 <td>Qualcomm Wi-Fi </td> 304 <td>CVE-2016-3874</td> 305 <td></td> 306 <td></td> 307 </tr> 308 <tr> 309 <td></td> 310 <td>CVE-2015-1465CVE-2015-5364</td> 311 <td></td> 312 <td></td> 313 </tr> 314 <tr> 315 <td> ext4 </td> 316 <td>CVE-2015-8839</td> 317 <td></td> 318 <td></td> 319 </tr> 320 <tr> 321 <td>Qualcomm SPMI </td> 322 <td>CVE-2016-3892</td> 323 <td></td> 324 <td></td> 325 </tr> 326 <tr> 327 <td>Qualcomm </td> 328 <td>CVE-2016-3893</td> 329 <td></td> 330 <td></td> 331 </tr> 332 <tr> 333 <td>Qualcomm DMA </td> 334 <td>CVE-2016-3894</td> 335 <td></td> 336 <td></td> 337 </tr> 338 <tr> 339 <td></td> 340 <td>CVE-2016-4998</td> 341 <td></td> 342 <td></td> 343 </tr> 344 <tr> 345 <td></td> 346 <td>CVE-2015-2922</td> 347 <td></td> 348 <td></td> 349 </tr> 350 <tr> 351 <td>Qualcomm </td> 352 <td>CVE-2016-2469</td> 353 <td></td> 354 <td></td> 355 </tr> 356 </table> 357 <h3 id="2016-09-06-summary">2016-09-06 </h3> 358 <p>2016-09-06 2016-09-05 2016-09-01 359 </p> 360 361 <table> 362 <col width="55%"> 363 <col width="20%"> 364 <col width="13%"> 365 <col width="12%"> 366 <tr> 367 <th></th> 368 <th>CVE</th> 369 <th></th> 370 <th> Nexus </th> 371 </tr> 372 <tr> 373 <td></td> 374 <td>CVE-2016-5340</td> 375 <td></td> 376 <td></td> 377 </tr> 378 <tr> 379 <td>Qualcomm </td> 380 <td>CVE-2016-2059</td> 381 <td></td> 382 <td></td> 383 </tr> 384 </table> 385 <h2 id="mitigations">Android Google </h2> 386 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android 387 </p> 388 <ul> 389 <li>Android Android Android</li> 390 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 391 <li>Google Hangouts Messenger </li> 392 </ul> 393 394 <h2 id="acknowledgements"></h2> 395 <p> 396 </p> 397 398 399 <ul> 400 <li> Cory PruceCVE-2016-3897</li> 401 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-3869CVE-2016-3865CVE-2016-3866CVE-2016-3867</li> 402 <li><a href="http://www.cmcm.com"></a> Hao QinCVE-2016-3863</li> 403 <li>Google Project Zero Jann HornCVE-2016-3885</li> 404 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-3858</li> 405 <li>Joshua Drake (<a href="https://twitter.com/jduck">@jduck</a>)CVE-2016-3861</li> 406 <li> CISPA Madhu Priya MuruganCVE-2016-3896</li> 407 <li>Google Makoto OnukiCVE-2016-3876</li> 408 <li>Google Project Zero Mark BrandCVE-2016-3861</li> 409 <li>Android Max SpectorCVE-2016-3888</li> 410 <li>Android Max Spector Quan ToCVE-2016-3889</li> 411 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3895</li> 412 <li>Tesla Motors Product Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) CVE-2016-2446 </li> 413 <li>Google Oleksiy VyalovCVE-2016-3890</li> 414 <li>Google Chrome Oliver ChangCVE-2016-3880</li> 415 <li> Peng XiaoChengming YangNing YouChao Yang Yang SongCVE-2016-3859</li> 416 <li>TEAM Lv51 Ronald L. Loor Vargas (<a href="https://twitter.com/loor_rlv">@loor_rlv</a>)CVE-2016-3886</li> 417 <li>IBM X-Force Sagi KedmiCVE-2016-3873</li> 418 <li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2016-3893CVE-2016-3868CVE-2016-3867</li> 419 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-3894</li> 420 <li>SentinelOne/RedNaga Tim Strazzere (<a href="https://twitter.com/timstrazz">@timstrazz</a>)CVE-2016-3862</li> 421 <li>trotmaster (<a href="https://twitter.com/trotmaster99">@trotmaster99</a>)CVE-2016-3883</li> 422 <li>Google Victor ChangCVE-2016-3887</li> 423 <li>Google Vignesh VenkatasubramanianCVE-2016-3881</li> 424 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2016-3878</li> 425 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3870CVE-2016-3871CVE-2016-3872</li> 426 <li><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/author/wishwu/"></a> Wish Wu (<a href="http://weibo.com/wishlinux"></a>) (<a href="https://twitter.com/wish_wu">@wish_wu</a>)CVE-2016-3892</li> 427 <li><a href="http://www.alibaba.com/"></a> Xingyu He () (<a href="https://twitter.com/Spid3r_">@Spid3r_</a>)CVE-2016-3879</li> 428 <li> TCA Yacong GuCVE-2016-3884</li> 429 <li> <a href="http://yurushao.info">Yuru Shao</a>CVE-2016-3898</li> 430 </ul> 431 432 <h2 id="2016-09-01-details">2016-09-01 </h2> 433 <p> 434 <a href="#2016-09-01-summary">2016-09-01 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 435 436 <h3>LibUtils </h3> 437 <p> 438 LibUtils 439 </p> 440 441 <table> 442 <col width="18%"> 443 <col width="16%"> 444 <col width="10%"> 445 <col width="19%"> 446 <col width="19%"> 447 <col width="17%"> 448 <tr> 449 <th>CVE</th> 450 <th></th> 451 <th></th> 452 <th> Nexus </th> 453 <th> AOSP </th> 454 <th></th> 455 </tr> 456 <tr> 457 <td>CVE-2016-3861</td> 458 <td><a href="https://android.googlesource.com/platform/system/core/+/ecf5fd58a8f50362ce9e8d4245a33d56f29f142b"> 459 A-29250543</a> 460 [<a href="https://android.googlesource.com/platform/frameworks/av/+/3944c65637dfed14a5a895685edfa4bacaf9f76e">2</a>] 461 [<a href="https://android.googlesource.com/platform/frameworks/base/+/866dc26ad4a98cc835d075b627326e7d7e52ffa1">3</a>] 462 [<a href="https://android.googlesource.com/platform/frameworks/native/+/1f4b49e64adf4623eefda503bca61e253597b9bf">4</a>] 463 </td> 464 <td></td> 465 <td> Nexus </td> 466 <td>4.4.45.0.25.1.16.06.0.17.0</td> 467 <td>2016 6 9 </td> 468 </tr> 469 </table> 470 <h3></h3> 471 <p> 472 </p> 473 474 <table> 475 <col width="18%"> 476 <col width="18%"> 477 <col width="10%"> 478 <col width="19%"> 479 <col width="17%"> 480 <col width="17%"> 481 <tr> 482 <th>CVE</th> 483 <th></th> 484 <th></th> 485 <th> Nexus </th> 486 <th> AOSP </th> 487 <th></th> 488 </tr> 489 <tr> 490 <td>CVE-2016-3862</td> 491 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e739d9ca5469ed30129d0fa228e3d0f2878671ac"> 492 A-29270469</a></td> 493 <td></td> 494 <td> Nexus </td> 495 <td>4.4.45.0.25.1.16.06.0.1</td> 496 <td>2016 6 10 </td> 497 </tr> 498 </table> 499 <h3>MediaMuxer </h3> 500 <p> 501 MediaMuxer MediaMuxer 502 </p> 503 504 <table> 505 <col width="18%"> 506 <col width="16%"> 507 <col width="10%"> 508 <col width="19%"> 509 <col width="19%"> 510 <col width="17%"> 511 <tr> 512 <th>CVE</th> 513 <th></th> 514 <th></th> 515 <th> Nexus </th> 516 <th> AOSP </th> 517 <th></th> 518 </tr> 519 <tr> 520 <td>CVE-2016-3863</td> 521 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/119a012b2a9a186655da4bef3ed4ed8dd9b94c26"> 522 A-29161888</a></td> 523 <td></td> 524 <td> Nexus </td> 525 <td>4.4.45.0.25.1.16.06.0.17.0</td> 526 <td>2016 6 6 </td> 527 </tr> 528 </table> 529 <h3></h3> 530 <p> 531 </p> 532 533 <table> 534 <col width="18%"> 535 <col width="16%"> 536 <col width="10%"> 537 <col width="19%"> 538 <col width="19%"> 539 <col width="17%"> 540 <tr> 541 <th>CVE</th> 542 <th></th> 543 <th></th> 544 <th> Nexus </th> 545 <th> AOSP </th> 546 <th></th> 547 </tr> 548 <tr> 549 <td>CVE-2016-3870</td> 550 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1e9801783770917728b7edbdeff3d0ec09c621ac"> 551 A-29421804</a> 552 <td></td> 553 <td> Nexus </td> 554 <td>4.4.45.0.25.1.16.06.0.17.0</td> 555 <td>2016 6 15 </td> 556 </td></tr> 557 <tr> 558 <td>CVE-2016-3871</td> 559 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c2639afac631f5c1ffddf70ee8a6fe943d0bedf9"> 560 A-29422022</a> 561 [<a href="https://android.googlesource.com/platform/frameworks/av/+/3c4edac2a5b00dec6c8579a0ee658cfb3bb16d94">2</a>] 562 [<a href="https://android.googlesource.com/platform/frameworks/av/+/c17ad2f0c7e00fd1bbf01d0dfed41f72d78267ad">3</a>] 563 </td> 564 <td></td> 565 <td> Nexus </td> 566 <td>4.4.45.0.25.1.16.06.0.17.0</td> 567 <td>2016 6 15 </td> 568 </tr> 569 <tr> 570 <td>CVE-2016-3872</td> 571 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/630ed150f7201ddadb00b8b8ce0c55c4cc6e8742"> 572 A-29421675</a> 573 [<a href="https://android.googlesource.com/platform/frameworks/av/+/9f9ba255a0c59544f3555c9c45512c3a2fac5fad">2</a>] 574 </td> 575 <td></td> 576 <td> Nexus </td> 577 <td>4.4.45.0.25.1.16.06.0.17.0</td> 578 <td>2016 6 15 </td> 579 </tr> 580 </table> 581 <h3></h3> 582 <p> 583 584 </p> 585 586 <table> 587 <col width="18%"> 588 <col width="18%"> 589 <col width="10%"> 590 <col width="19%"> 591 <col width="17%"> 592 <col width="17%"> 593 <tr> 594 <th>CVE</th> 595 <th></th> 596 <th></th> 597 <th> Nexus </th> 598 <th> AOSP </th> 599 <th></th> 600 </tr> 601 <tr> 602 <td>CVE-2016-3875</td> 603 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/69729fa8b13cadbf3173fe1f389fe4f3b7bd0f9c"> 604 A-26251884</a></td> 605 <td></td> 606 <td>*</td> 607 <td>6.06.0.1</td> 608 <td>Google </td> 609 </tr> 610 </table> 611 <p>* Android 7.0 Nexus 612 </p> 613 614 <h3></h3> 615 <p> 616 617 </p> 618 619 <table> 620 <col width="18%"> 621 <col width="18%"> 622 <col width="10%"> 623 <col width="19%"> 624 <col width="17%"> 625 <col width="17%"> 626 <tr> 627 <th>CVE</th> 628 <th></th> 629 <th></th> 630 <th> Nexus </th> 631 <th> AOSP </th> 632 <th></th> 633 </tr> 634 <tr> 635 <td>CVE-2016-3876</td> 636 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/91fc934bb2e5ea59929bb2f574de6db9b5100745"> 637 A-29900345</a></td> 638 <td></td> 639 <td> Nexus </td> 640 <td>6.06.0.17.0</td> 641 <td>Google </td> 642 </tr> 643 </table> 644 <h3></h3> 645 <p> 646 647 </p> 648 649 <table> 650 <col width="18%"> 651 <col width="16%"> 652 <col width="10%"> 653 <col width="19%"> 654 <col width="19%"> 655 <col width="17%"> 656 <tr> 657 <th>CVE</th> 658 <th></th> 659 <th></th> 660 <th> Nexus </th> 661 <th> AOSP </th> 662 <th></th> 663 </tr> 664 <tr> 665 <td>CVE-2016-3899</td> 666 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/97837bb6cbac21ea679843a0037779d3834bed64"> 667 A-29421811</a></td> 668 <td></td> 669 <td> Nexus </td> 670 <td>4.4.45.0.25.1.16.06.0.17.0</td> 671 <td>2016 6 16 </td> 672 </tr> 673 <tr> 674 <td>CVE-2016-3878</td> 675 <td><a href="https://android.googlesource.com/platform/external/libavc/+/7109ce3f8f90a28ca9f0ee6e14f6ac5e414c62cf"> 676 A-29493002</a></td> 677 <td></td> 678 <td> Nexus *</td> 679 <td>6.06.0.1</td> 680 <td>2016 6 17 </td> 681 </tr> 682 <tr> 683 <td>CVE-2016-3879</td> 684 <td><a href="https://android.googlesource.com/platform/external/sonivox/+/cadfb7a3c96d4fef06656cf37143e1b3e62cae86"> 685 A-29770686</a></td> 686 <td></td> 687 <td> Nexus *</td> 688 <td>4.4.45.0.25.1.16.06.0.1</td> 689 <td>2016 6 25 </td> 690 </tr> 691 <tr> 692 <td>CVE-2016-3880</td> 693 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/68f67ef6cf1f41e77337be3bc4bff91f3a3c6324"> 694 A-25747670</a></td> 695 <td></td> 696 <td> Nexus </td> 697 <td>4.4.45.0.25.1.16.06.0.17.0</td> 698 <td>Google </td> 699 </tr> 700 <tr> 701 <td>CVE-2016-3881</td> 702 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/4974dcbd0289a2530df2ee2a25b5f92775df80da"> 703 A-30013856</a></td> 704 <td></td> 705 <td> Nexus </td> 706 <td>4.4.45.0.25.1.16.06.0.17.0</td> 707 <td>Google </td> 708 </tr> 709 </table> 710 <p>* Android 7.0 Nexus 711 </p> 712 713 <h3></h3> 714 <p> 715 716 </p> 717 718 <table> 719 <col width="18%"> 720 <col width="16%"> 721 <col width="10%"> 722 <col width="19%"> 723 <col width="19%"> 724 <col width="17%"> 725 <tr> 726 <th>CVE</th> 727 <th></th> 728 <th></th> 729 <th> Nexus </th> 730 <th> AOSP </th> 731 <th></th> 732 </tr> 733 <tr> 734 <td>CVE-2016-3883</td> 735 <td><a href="https://android.googlesource.com/platform/frameworks/opt/telephony/+/b2c89e6f8962dc7aff88cb38aa3ee67d751edda9"> 736 A-28557603</a></td> 737 <td></td> 738 <td> Nexus </td> 739 <td>4.4.45.0.25.1.16.06.0.17.0</td> 740 <td>2016 5 3 </td> 741 </tr> 742 </table> 743 <h3></h3> 744 <p> 745 () 746 </p> 747 748 <table> 749 <col width="18%"> 750 <col width="18%"> 751 <col width="10%"> 752 <col width="19%"> 753 <col width="17%"> 754 <col width="17%"> 755 <tr> 756 <th>CVE</th> 757 <th></th> 758 <th></th> 759 <th> Nexus </th> 760 <th> AOSP </th> 761 <th></th> 762 </tr> 763 <tr> 764 <td>CVE-2016-3884</td> 765 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/61e9103b5725965568e46657f4781dd8f2e5b623"> 766 A-29421441</a></td> 767 <td></td> 768 <td> Nexus </td> 769 <td>6.06.0.17.0</td> 770 <td>2016 6 15 </td> 771 </tr> 772 </table> 773 <h3>Debuggerd </h3> 774 <p> 775 Android Android 776 </p> 777 778 <table> 779 <col width="18%"> 780 <col width="18%"> 781 <col width="10%"> 782 <col width="19%"> 783 <col width="17%"> 784 <col width="17%"> 785 <tr> 786 <th>CVE</th> 787 <th></th> 788 <th></th> 789 <th> Nexus </th> 790 <th> AOSP </th> 791 <th></th> 792 </tr> 793 <tr> 794 <td>CVE-2016-3885</td> 795 <td><a href="https://android.googlesource.com/platform/system/core/+/d7603583f90c2bc6074a4ee2886bd28082d7c65b"> 796 A-29555636</a></td> 797 <td></td> 798 <td> Nexus </td> 799 <td>5.0.25.1.16.06.0.17.0</td> 800 <td>2016 6 21 </td> 801 </tr> 802 </table> 803 <h3></h3> 804 <p> 805 806 </p> 807 808 <table> 809 <col width="18%"> 810 <col width="18%"> 811 <col width="10%"> 812 <col width="19%"> 813 <col width="17%"> 814 <col width="17%"> 815 <tr> 816 <th>CVE</th> 817 <th></th> 818 <th></th> 819 <th> Nexus </th> 820 <th> AOSP </th> 821 <th></th> 822 </tr> 823 <tr> 824 <td>CVE-2016-3886</td> 825 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/6ca6cd5a50311d58a1b7bf8fbef3f9aa29eadcd5"> 826 A-30107438</a></td> 827 <td></td> 828 <td> Nexus </td> 829 <td>7.0</td> 830 <td>2016 6 23 </td> 831 </tr> 832 </table> 833 <h3></h3> 834 <p> 835 VPN 836 </p> 837 838 <table> 839 <col width="18%"> 840 <col width="17%"> 841 <col width="10%"> 842 <col width="19%"> 843 <col width="17%"> 844 <col width="18%"> 845 <tr> 846 <th>CVE</th> 847 <th></th> 848 <th></th> 849 <th> Nexus </th> 850 <th> AOSP </th> 851 <th></th> 852 </tr> 853 <tr> 854 <td>CVE-2016-3887</td> 855 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/335702d106797bce8a88044783fa1fc1d5f751d0"> 856 A-29899712</a></td> 857 <td></td> 858 <td> Nexus </td> 859 <td>7.0</td> 860 <td>Google </td> 861 </tr> 862 </table> 863 <h3></h3> 864 <p> 865 () 866 </p> 867 868 <table> 869 <col width="18%"> 870 <col width="16%"> 871 <col width="10%"> 872 <col width="19%"> 873 <col width="19%"> 874 <col width="17%"> 875 <tr> 876 <th>CVE</th> 877 <th></th> 878 <th></th> 879 <th> Nexus </th> 880 <th> AOSP </th> 881 <th></th> 882 </tr> 883 <tr> 884 <td>CVE-2016-3888</td> 885 <td><a href="https://android.googlesource.com/platform/frameworks/opt/telephony/+/b8d1aee993dcc565e6576b2f2439a8f5a507cff6"> 886 A-29420123</a></td> 887 <td></td> 888 <td> Nexus </td> 889 <td>4.4.45.0.25.1.16.06.0.17.0</td> 890 <td>Google </td> 891 </tr> 892 </table> 893 <h3></h3> 894 <p> 895 896 </p> 897 898 <table> 899 <col width="18%"> 900 <col width="17%"> 901 <col width="10%"> 902 <col width="19%"> 903 <col width="17%"> 904 <col width="18%"> 905 <tr> 906 <th>CVE</th> 907 <th></th> 908 <th></th> 909 <th> Nexus </th> 910 <th> AOSP </th> 911 <th></th> 912 </tr> 913 <tr> 914 <td>CVE-2016-3889</td> 915 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e206f02d46ae5e38c74d138b51f6e1637e261abe"> 916 A-29194585</a> 917 [<a href="https://android.googlesource.com/platform/packages/apps/Settings/+/bd5d5176c74021e8cf4970f93f273ba3023c3d72">2</a>] 918 </td> 919 <td></td> 920 <td> Nexus </td> 921 <td>6.06.0.17.0</td> 922 <td>Google </td> 923 </tr> 924 </table> 925 <h3>Java </h3> 926 <p> 927 Java (Java Debug Wire Protocol) 928 </p> 929 930 <table> 931 <col width="18%"> 932 <col width="16%"> 933 <col width="10%"> 934 <col width="19%"> 935 <col width="18%"> 936 <col width="18%"> 937 <tr> 938 <th>CVE</th> 939 <th></th> 940 <th></th> 941 <th> Nexus </th> 942 <th> AOSP </th> 943 <th></th> 944 </tr> 945 <tr> 946 <td>CVE-2016-3890</td> 947 <td><a href="https://android.googlesource.com/platform/system/core/+/268068f25673242d1d5130d96202d3288c91b700"> 948 A-28347842</a> 949 [<a href="https://android.googlesource.com/platform/system/core/+/014b01706cc64dc9c2ad94a96f62e07c058d0b5d">2</a>] 950 </td> 951 <td></td> 952 <td>*</td> 953 <td>4.4.45.0.25.1.16.06.0.1</td> 954 <td>Google </td> 955 </tr> 956 </table> 957 <p>* Android 7.0 Nexus 958 </p> 959 960 <h3></h3> 961 <p> 962 963 </p> 964 965 <table> 966 <col width="18%"> 967 <col width="18%"> 968 <col width="10%"> 969 <col width="19%"> 970 <col width="17%"> 971 <col width="17%"> 972 <tr> 973 <th>CVE</th> 974 <th></th> 975 <th></th> 976 <th> Nexus </th> 977 <th> AOSP </th> 978 <th></th> 979 </tr> 980 <tr> 981 <td>CVE-2016-3895</td> 982 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/363247929c35104b3e5ee9e637e9dcf579080aee"> 983 A-29983260</a></td> 984 <td></td> 985 <td> Nexus </td> 986 <td>6.06.0.17.0</td> 987 <td>2016 7 4 </td> 988 </tr> 989 </table> 990 <h3>AOSP Mail </h3> 991 <p> 992 AOSP Mail 993 </p> 994 995 <table> 996 <col width="18%"> 997 <col width="16%"> 998 <col width="10%"> 999 <col width="19%"> 1000 <col width="19%"> 1001 <col width="17%"> 1002 <tr> 1003 <th>CVE</th> 1004 <th></th> 1005 <th></th> 1006 <th> Nexus </th> 1007 <th> AOSP </th> 1008 <th></th> 1009 </tr> 1010 <tr> 1011 <td>CVE-2016-3896</td> 1012 <td><a href="https://android.googlesource.com/platform/packages/apps/Email/+/cb2dfe43f25cb0c32cc73aa4569c0a5186a4ef43"> 1013 A-29767043</a></td> 1014 <td></td> 1015 <td>*</td> 1016 <td>4.4.45.0.25.1.16.06.0.1</td> 1017 <td>2016 7 24 </td> 1018 </tr> 1019 </table> 1020 <p>* Android 7.0 Nexus 1021 </p> 1022 1023 <h3>Wi-Fi </h3> 1024 <p> 1025 Wi-Fi 1026 </p> 1027 1028 <table> 1029 <col width="18%"> 1030 <col width="16%"> 1031 <col width="10%"> 1032 <col width="19%"> 1033 <col width="19%"> 1034 <col width="17%"> 1035 <tr> 1036 <th>CVE</th> 1037 <th></th> 1038 <th></th> 1039 <th> Nexus </th> 1040 <th> AOSP </th> 1041 <th></th> 1042 </tr> 1043 <tr> 1044 <td>CVE-2016-3897</td> 1045 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/55271d454881b67ff38485fdd97598c542cc2d55"> 1046 A-25624963</a> 1047 [<a href="https://android.googlesource.com/platform/frameworks/base/+/81be4e3aac55305cbb5c9d523cf5c96c66604b39">2</a>] 1048 </td> 1049 <td></td> 1050 <td>*</td> 1051 <td>4.4.45.0.25.1.16.06.0.1</td> 1052 <td>2015 11 5 </td> 1053 </tr> 1054 </table> 1055 <p>* Android 7.0 Nexus 1056 </p> 1057 1058 <h3></h3> 1059 <p> 1060 119 TTY 1061 </p> 1062 1063 <table> 1064 <col width="18%"> 1065 <col width="18%"> 1066 <col width="10%"> 1067 <col width="19%"> 1068 <col width="17%"> 1069 <col width="17%"> 1070 <tr> 1071 <th>CVE</th> 1072 <th></th> 1073 <th></th> 1074 <th> Nexus </th> 1075 <th> AOSP </th> 1076 <th></th> 1077 </tr> 1078 <tr> 1079 <td>CVE-2016-3898</td> 1080 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/d1d248d10cf03498efb7041f1a8c9c467482a19d"> 1081 A-29832693</a></td> 1082 <td></td> 1083 <td> Nexus </td> 1084 <td>5.0.25.1.16.06.0.17.0</td> 1085 <td>2016 6 28 </td> 1086 </tr> 1087 </table> 1088 <h2 id="2016-09-05-details">2016-09-05 </h2> 1089 <p> 1090 <a href="#2016-09-05-summary">2016-09-05 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 1091 1092 <h3></h3> 1093 <p> 1094 (Re-flash) 1095 </p> 1096 1097 <table> 1098 <col width="19%"> 1099 <col width="20%"> 1100 <col width="10%"> 1101 <col width="23%"> 1102 <col width="17%"> 1103 <tr> 1104 <th>CVE</th> 1105 <th></th> 1106 <th></th> 1107 <th> Nexus </th> 1108 <th></th> 1109 </tr> 1110 <tr> 1111 <td>CVE-2014-9529</td> 1112 <td>A-29510361 1113 <p> 1114 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a3a8784454692dd72e5d5d34dcdab17b4420e74c"></a></p></td> 1115 <td></td> 1116 <td>Nexus 5Nexus 6Nexus 9Nexus PlayerAndroid One</td> 1117 <td>2015 1 6 </td> 1118 </tr> 1119 <tr> 1120 <td>CVE-2016-4470</td> 1121 <td>A-29823941 1122 <p> 1123 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a"></a></p></td> 1124 <td></td> 1125 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus Player</td> 1126 <td>2016 6 15 </td> 1127 </tr> 1128 </table> 1129 <h3></h3> 1130 <p> 1131 (Re-flash) 1132 </p> 1133 1134 <table> 1135 <col width="19%"> 1136 <col width="20%"> 1137 <col width="10%"> 1138 <col width="23%"> 1139 <col width="17%"> 1140 <tr> 1141 <th>CVE</th> 1142 <th></th> 1143 <th></th> 1144 <th> Nexus </th> 1145 <th></th> 1146 </tr> 1147 <tr> 1148 <td>CVE-2013-7446</td> 1149 <td>A-29119002 1150 <p> 1151 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/unix/af_unix.c?id=7d267278a9ece963d77eefec61630223fce08c6c"></a></p></td> 1152 <td></td> 1153 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1154 <td>2015 11 18 </td> 1155 </tr> 1156 </table> 1157 <h3></h3> 1158 <p> 1159 (Re-flash) 1160 </p> 1161 1162 <table> 1163 <col width="19%"> 1164 <col width="20%"> 1165 <col width="10%"> 1166 <col width="23%"> 1167 <col width="17%"> 1168 <tr> 1169 <th>CVE</th> 1170 <th></th> 1171 <th></th> 1172 <th> Nexus </th> 1173 <th></th> 1174 </tr> 1175 <tr> 1176 <td>CVE-2016-3134</td> 1177 <td>A-28940694 1178 <p> 1179 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309"></a></p></td> 1180 <td></td> 1181 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1182 <td>2016 3 9 </td> 1183 </tr> 1184 </table> 1185 <h3> USB </h3> 1186 <p> 1187 USB (Re-flash) 1188 </p> 1189 1190 <table> 1191 <col width="19%"> 1192 <col width="20%"> 1193 <col width="10%"> 1194 <col width="23%"> 1195 <col width="17%"> 1196 <tr> 1197 <th>CVE</th> 1198 <th></th> 1199 <th></th> 1200 <th> Nexus </th> 1201 <th></th> 1202 </tr> 1203 <tr> 1204 <td>CVE-2016-3951</td> 1205 <td>A-28744625 1206 <p> 1207 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274"></a> 1208 [<a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b">2</a>]</p></td> 1209 <td></td> 1210 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1211 <td>2016 4 6 </td> 1212 </tr> 1213 </table> 1214 <h3></h3> 1215 <p> 1216 1217 </p> 1218 1219 <table> 1220 <col width="19%"> 1221 <col width="20%"> 1222 <col width="10%"> 1223 <col width="23%"> 1224 <col width="17%"> 1225 <tr> 1226 <th>CVE</th> 1227 <th></th> 1228 <th></th> 1229 <th> Nexus </th> 1230 <th></th> 1231 </tr> 1232 <tr> 1233 <td>CVE-2014-4655</td> 1234 <td>A-29916012 1235 <p> 1236 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82262a46627bebb0febcc26664746c25cef08563"></a></p></td> 1237 <td></td> 1238 <td>Nexus 5Nexus 6Nexus 9Nexus Player</td> 1239 <td>2014 6 26 </td> 1240 </tr> 1241 </table> 1242 <h3> ASN.1 </h3> 1243 <p> 1244 ASN.1 1245 </p> 1246 1247 <table> 1248 <col width="19%"> 1249 <col width="20%"> 1250 <col width="10%"> 1251 <col width="23%"> 1252 <col width="17%"> 1253 <tr> 1254 <th>CVE</th> 1255 <th></th> 1256 <th></th> 1257 <th> Nexus </th> 1258 <th></th> 1259 </tr> 1260 <tr> 1261 <td>CVE-2016-2053</td> 1262 <td>A-28751627 1263 <p> 1264 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f"></a></p></td> 1265 <td></td> 1266 <td>Nexus 5XNexus 6P</td> 1267 <td>2016 1 25 </td> 1268 </tr> 1269 </table> 1270 <h3>Qualcomm </h3> 1271 <p> 1272 Qualcomm 1273 </p> 1274 1275 <table> 1276 <col width="19%"> 1277 <col width="18%"> 1278 <col width="10%"> 1279 <col width="25%"> 1280 <col width="17%"> 1281 <tr> 1282 <th>CVE</th> 1283 <th></th> 1284 <th></th> 1285 <th> Nexus </th> 1286 <th></th> 1287 </tr> 1288 <tr> 1289 <td>CVE-2016-3864</td> 1290 <td>A-28823714*<br> 1291 QC-CR#913117</td> 1292 <td></td> 1293 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1294 <td>2016 4 29 </td> 1295 </tr> 1296 </table> 1297 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1298 </p> 1299 1300 <h3>Qualcomm </h3> 1301 <p> 1302 Qualcomm 1303 </p> 1304 1305 <table> 1306 <col width="19%"> 1307 <col width="20%"> 1308 <col width="10%"> 1309 <col width="23%"> 1310 <col width="17%"> 1311 <tr> 1312 <th>CVE</th> 1313 <th></th> 1314 <th></th> 1315 <th> Nexus </th> 1316 <th></th> 1317 </tr> 1318 <tr> 1319 <td>CVE-2016-3858</td> 1320 <td>A-28675151<br> 1321 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0c148b9a9028c566eac680f19e5d664b483cdee3">QC-CR#1022641</a></td> 1322 <td></td> 1323 <td>Nexus 5XNexus 6P</td> 1324 <td>2016 5 9 </td> 1325 </tr> 1326 </table> 1327 <h3></h3> 1328 <p> 1329 1330 </p> 1331 1332 <table> 1333 <col width="19%"> 1334 <col width="20%"> 1335 <col width="10%"> 1336 <col width="23%"> 1337 <col width="17%"> 1338 <tr> 1339 <th>CVE</th> 1340 <th></th> 1341 <th></th> 1342 <th> Nexus </th> 1343 <th></th> 1344 </tr> 1345 <tr> 1346 <td>CVE-2016-4805</td> 1347 <td>A-28979703 1348 <p> 1349 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89"></a></p></td> 1350 <td></td> 1351 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9</td> 1352 <td>2016 5 15 </td> 1353 </tr> 1354 </table> 1355 <h3>Synaptics </h3> 1356 <p> 1357 Synaptics 1358 </p> 1359 1360 <table> 1361 <col width="19%"> 1362 <col width="20%"> 1363 <col width="10%"> 1364 <col width="23%"> 1365 <col width="17%"> 1366 <tr> 1367 <th>CVE</th> 1368 <th></th> 1369 <th></th> 1370 <th> Nexus </th> 1371 <th></th> 1372 </tr> 1373 <tr> 1374 <td>CVE-2016-3865</td> 1375 <td>A-28799389*</td> 1376 <td></td> 1377 <td>Nexus 5XNexus 9</td> 1378 <td>2016 5 16 </td> 1379 </tr> 1380 </table> 1381 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1382 </p> 1383 1384 <h3>Qualcomm </h3> 1385 <p> 1386 Qualcomm 1387 </p> 1388 1389 <table> 1390 <col width="19%"> 1391 <col width="20%"> 1392 <col width="10%"> 1393 <col width="23%"> 1394 <col width="17%"> 1395 <tr> 1396 <th>CVE</th> 1397 <th></th> 1398 <th></th> 1399 <th> Nexus </th> 1400 <th></th> 1401 </tr> 1402 <tr> 1403 <td>CVE-2016-3859</td> 1404 <td>A-28815326*<br> 1405 QC-CR#1034641</td> 1406 <td></td> 1407 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 1408 <td>2016 5 17 </td> 1409 </tr> 1410 </table> 1411 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1412 </p> 1413 1414 <h3>Qualcomm </h3> 1415 <p> 1416 Qualcomm 1417 </p> 1418 1419 <table> 1420 <col width="19%"> 1421 <col width="20%"> 1422 <col width="10%"> 1423 <col width="23%"> 1424 <col width="17%"> 1425 <tr> 1426 <th>CVE</th> 1427 <th></th> 1428 <th></th> 1429 <th> Nexus </th> 1430 <th></th> 1431 </tr> 1432 <tr> 1433 <td>CVE-2016-3866</td> 1434 <td>A-28868303*<br> 1435 QC-CR#1032820</td> 1436 <td></td> 1437 <td>Nexus 5XNexus 6Nexus 6P</td> 1438 <td>2016 5 18 </td> 1439 </tr> 1440 </table> 1441 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1442 </p> 1443 1444 <h3>Qualcomm IPA </h3> 1445 <p> 1446 Qualcomm IPA 1447 </p> 1448 1449 <table> 1450 <col width="19%"> 1451 <col width="20%"> 1452 <col width="10%"> 1453 <col width="23%"> 1454 <col width="17%"> 1455 <tr> 1456 <th>CVE</th> 1457 <th></th> 1458 <th></th> 1459 <th> Nexus </th> 1460 <th></th> 1461 </tr> 1462 <tr> 1463 <td>CVE-2016-3867</td> 1464 <td>A-28919863*<br> 1465 QC-CR#1037897</td> 1466 <td></td> 1467 <td>Nexus 5XNexus 6P</td> 1468 <td>2016 5 21 </td> 1469 </tr> 1470 </table> 1471 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1472 </p> 1473 1474 <h3>Qualcomm </h3> 1475 <p> 1476 Qualcomm 1477 </p> 1478 1479 <table> 1480 <col width="19%"> 1481 <col width="20%"> 1482 <col width="10%"> 1483 <col width="23%"> 1484 <col width="17%"> 1485 <tr> 1486 <th>CVE</th> 1487 <th></th> 1488 <th></th> 1489 <th> Nexus </th> 1490 <th></th> 1491 </tr> 1492 <tr> 1493 <td>CVE-2016-3868</td> 1494 <td>A-28967028*<br> 1495 QC-CR#1032875</td> 1496 <td></td> 1497 <td>Nexus 5XNexus 6P</td> 1498 <td>2016 5 25 </td> 1499 </tr> 1500 </table> 1501 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1502 </p> 1503 1504 <h3>Broadcom Wi-Fi </h3> 1505 <p> 1506 Broadcom Wi-Fi 1507 </p> 1508 1509 <table> 1510 <col width="19%"> 1511 <col width="20%"> 1512 <col width="10%"> 1513 <col width="23%"> 1514 <col width="17%"> 1515 <tr> 1516 <th>CVE</th> 1517 <th></th> 1518 <th></th> 1519 <th> Nexus </th> 1520 <th></th> 1521 </tr> 1522 <tr> 1523 <td>CVE-2016-3869</td> 1524 <td>A-29009982*<br> 1525 B-RB#96070</td> 1526 <td></td> 1527 <td>Nexus 5Nexus 6Nexus 6PNexus 9Nexus PlayerPixel C</td> 1528 <td>2016 5 27 </td> 1529 </tr> 1530 </table> 1531 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1532 </p> 1533 1534 <h3> eCryptfs </h3> 1535 <p> 1536 eCryptfs 1537 </p> 1538 1539 <table> 1540 <col width="17%"> 1541 <col width="22%"> 1542 <col width="10%"> 1543 <col width="23%"> 1544 <col width="17%"> 1545 <tr> 1546 <th>CVE</th> 1547 <th></th> 1548 <th></th> 1549 <th> Nexus </th> 1550 <th></th> 1551 </tr> 1552 <tr> 1553 <td>CVE-2016-1583</td> 1554 <td>A-29444228<br> 1555 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e54ad7f1ee263ffa5a2de9c609d58dfa27b21cd9"></a> 1556 [<a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87">2</a>] 1557 [<a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=29d6455178a09e1dc340380c582b13356227e8df">3</a>]</td> 1558 <td></td> 1559 <td>Pixel C</td> 1560 <td>2016 6 1 </td> 1561 </tr> 1562 </table> 1563 <h3>NVIDIA </h3> 1564 <p> 1565 NVIDIA 1566 </p> 1567 1568 <table> 1569 <col width="19%"> 1570 <col width="20%"> 1571 <col width="10%"> 1572 <col width="23%"> 1573 <col width="17%"> 1574 <tr> 1575 <th>CVE</th> 1576 <th></th> 1577 <th></th> 1578 <th> Nexus </th> 1579 <th></th> 1580 </tr> 1581 <tr> 1582 <td>CVE-2016-3873</td> 1583 <td>A-29518457*<br> 1584 N-CVE-2016-3873</td> 1585 <td></td> 1586 <td>Nexus 9</td> 1587 <td>2016 6 20 </td> 1588 </tr> 1589 </table> 1590 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1591 </p> 1592 1593 <h3>Qualcomm Wi-Fi </h3> 1594 <p> 1595 Qualcomm Wi-Fi 1596 </p> 1597 1598 <table> 1599 <col width="19%"> 1600 <col width="20%"> 1601 <col width="10%"> 1602 <col width="23%"> 1603 <col width="17%"> 1604 <tr> 1605 <th>CVE</th> 1606 <th></th> 1607 <th></th> 1608 <th> Nexus </th> 1609 <th></th> 1610 </tr> 1611 <tr> 1612 <td>CVE-2016-3874</td> 1613 <td>A-29944562<br> 1614 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=50e8f265b3f7926aeb4e49c33f7301ace89faa77">QC-CR#997797</a> 1615 [<a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a3974e61c960aadcc147c3c5704a67309171642d">2</a>]</td> 1616 <td></td> 1617 <td>Nexus 5X</td> 1618 <td>2016 7 1 </td> 1619 </tr> 1620 </table> 1621 <h3></h3> 1622 <p> 1623 1624 </p> 1625 1626 <table> 1627 <col width="19%"> 1628 <col width="18%"> 1629 <col width="10%"> 1630 <col width="25%"> 1631 <col width="17%"> 1632 <tr> 1633 <th>CVE</th> 1634 <th></th> 1635 <th></th> 1636 <th> Nexus </th> 1637 <th></th> 1638 </tr> 1639 <tr> 1640 <td>CVE-2015-1465</td> 1641 <td>A-29506807 1642 <p> 1643 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0"></a></p></td> 1644 <td></td> 1645 <td>Nexus 5Nexus 6Nexus 9Nexus PlayerPixel CAndroid One</td> 1646 <td>2015 2 3 </td> 1647 </tr> 1648 <tr> 1649 <td>CVE-2015-5364</td> 1650 <td>A-29507402 1651 <p> 1652 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0"></a></p></td> 1653 <td></td> 1654 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1655 <td>2015 6 30 </td> 1656 </tr> 1657 </table> 1658 <h3> ext4 </h3> 1659 <p> 1660 ext4 (Re-flash) 1661 </p> 1662 1663 <table> 1664 <col width="19%"> 1665 <col width="16%"> 1666 <col width="10%"> 1667 <col width="27%"> 1668 <col width="17%"> 1669 <tr> 1670 <th>CVE</th> 1671 <th></th> 1672 <th></th> 1673 <th> Nexus </th> 1674 <th></th> 1675 </tr> 1676 <tr> 1677 <td>CVE-2015-8839</td> 1678 <td>A-28760453*</td> 1679 <td></td> 1680 <td>Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1681 <td>2016 4 4 </td> 1682 </tr> 1683 </table> 1684 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1685 </p> 1686 1687 <h3>Qualcomm SPMI </h3> 1688 <p> 1689 Qualcomm SPMI 1690 </p> 1691 1692 <table> 1693 <col width="19%"> 1694 <col width="20%"> 1695 <col width="10%"> 1696 <col width="23%"> 1697 <col width="17%"> 1698 <tr> 1699 <th>CVE</th> 1700 <th></th> 1701 <th></th> 1702 <th> Nexus </th> 1703 <th></th> 1704 </tr> 1705 <tr> 1706 <td>CVE-2016-3892</td> 1707 <td>A-28760543*<br> 1708 QC-CR#1024197</td> 1709 <td></td> 1710 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 1711 <td>2016 5 13 </td> 1712 </tr> 1713 </table> 1714 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1715 </p> 1716 1717 <h3>Qualcomm </h3> 1718 <p> 1719 Qualcomm 1720 </p> 1721 1722 <table> 1723 <col width="19%"> 1724 <col width="20%"> 1725 <col width="10%"> 1726 <col width="23%"> 1727 <col width="17%"> 1728 <tr> 1729 <th>CVE</th> 1730 <th></th> 1731 <th></th> 1732 <th> Nexus </th> 1733 <th></th> 1734 </tr> 1735 <tr> 1736 <td>CVE-2016-3893</td> 1737 <td>A-29512527<br> 1738 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=a7a6ddc91cce7ad5ad55c9709b24bfc80f5ac873">QC-CR#856400</a></td> 1739 <td></td> 1740 <td>Nexus 6P</td> 1741 <td>2016 6 20 </td> 1742 </tr> 1743 </table> 1744 <h3>Qualcomm DMA </h3> 1745 <p> 1746 Qualcomm DMA 1747 </p> 1748 1749 <table> 1750 <col width="19%"> 1751 <col width="20%"> 1752 <col width="10%"> 1753 <col width="23%"> 1754 <col width="17%"> 1755 <tr> 1756 <th>CVE</th> 1757 <th></th> 1758 <th></th> 1759 <th> Nexus </th> 1760 <th></th> 1761 </tr> 1762 <tr> 1763 <td>CVE-2016-3894</td> 1764 <td>A-29618014*<br> 1765 QC-CR#1042033</td> 1766 <td></td> 1767 <td>Nexus 6</td> 1768 <td>2016 6 23 </td> 1769 </tr> 1770 </table> 1771 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1772 </p> 1773 1774 <h3></h3> 1775 <p> 1776 1777 </p> 1778 1779 <table> 1780 <col width="19%"> 1781 <col width="20%"> 1782 <col width="10%"> 1783 <col width="23%"> 1784 <col width="17%"> 1785 <tr> 1786 <th>CVE</th> 1787 <th></th> 1788 <th></th> 1789 <th> Nexus </th> 1790 <th></th> 1791 </tr> 1792 <tr> 1793 <td>CVE-2016-4998</td> 1794 <td>A-29637687<br> 1795 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968e9686df777dc178486f600c6e617"></a> 1796 [<a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91">2</a>]</td> 1797 <td></td> 1798 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1799 <td>2016 6 24 </td> 1800 </tr> 1801 </table> 1802 <h3></h3> 1803 <p> 1804 Wi-Fi Wi-Fi 1805 </p> 1806 1807 <table> 1808 <col width="19%"> 1809 <col width="20%"> 1810 <col width="10%"> 1811 <col width="23%"> 1812 <col width="17%"> 1813 <tr> 1814 <th>CVE</th> 1815 <th></th> 1816 <th></th> 1817 <th> Nexus </th> 1818 <th></th> 1819 </tr> 1820 <tr> 1821 <td>CVE-2015-2922</td> 1822 <td>A-29409847 1823 <p> 1824 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a"></a></p></td> 1825 <td></td> 1826 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1827 <td>2015 4 4 </td> 1828 </tr> 1829 </table> 1830 <h3>Qualcomm </h3> 1831 <p> Qualcomm 1832 </p> 1833 1834 <table> 1835 <col width="19%"> 1836 <col width="20%"> 1837 <col width="10%"> 1838 <col width="23%"> 1839 <col width="17%"> 1840 <tr> 1841 <th>CVE</th> 1842 <th></th> 1843 <th></th> 1844 <th> Nexus </th> 1845 <th></th> 1846 </tr> 1847 <tr> 1848 <td>CVE-2016-2469</td> 1849 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7eb824e8e1ebbdbfad896b090a9f048ca6e63c9e">QC-CR#997025</a></td> 1850 <td></td> 1851 <td></td> 1852 <td>2016 6 </td> 1853 </tr> 1854 <tr> 1855 <td>CVE-2016-2469</td> 1856 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=e7369163162e7773bc887f7a264d6aa46cfcc665">QC-CR#997015</a></td> 1857 <td></td> 1858 <td></td> 1859 <td>2016 6 </td> 1860 </tr> 1861 </table> 1862 <h2 id="2016-09-06-details">2016-09-06 </h2> 1863 <p> 1864 <a href="#2016-09-06-summary">2016-09-06 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 1865 1866 <h3></h3> 1867 <p> 1868 (Re-flash) 1869 </p> 1870 1871 <table> 1872 <col width="19%"> 1873 <col width="20%"> 1874 <col width="10%"> 1875 <col width="23%"> 1876 <col width="17%"> 1877 <tr> 1878 <th>CVE</th> 1879 <th></th> 1880 <th></th> 1881 <th> Nexus </th> 1882 <th></th> 1883 </tr> 1884 <tr> 1885 <td>CVE-2016-5340</td> 1886 <td>A-30652312<br> 1887 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6">QC-CR#1008948</a></td> 1888 <td></td> 1889 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1890 <td>2016 7 26 </td> 1891 </tr> 1892 </table> 1893 <h3>Qualcomm </h3> 1894 <p> 1895 Qualcomm 1896 </p> 1897 1898 <table> 1899 <col width="19%"> 1900 <col width="20%"> 1901 <col width="10%"> 1902 <col width="23%"> 1903 <col width="17%"> 1904 <tr> 1905 <th>CVE</th> 1906 <th></th> 1907 <th></th> 1908 <th> Nexus </th> 1909 <th></th> 1910 </tr> 1911 <tr> 1912 <td>CVE-2016-2059</td> 1913 <td>A-27045580<br> 1914 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d">QC-CR#974577</a></td> 1915 <td></td> 1916 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1917 <td>2016 2 4 </td> 1918 </tr> 1919 </table> 1920 <h2 id="common-questions-and-answers"></h2> 1921 <p> 1922 </p> 1923 1924 <p> 1925 <strong>1. 1926 </strong> 1927 </p> 1928 1929 <p>2016 9 1 2016-09-01 2016 9 5 2016-09-05 2016 9 6 2016-09-06 <a href="https://support.google.com/nexus/answer/4457705"></a> 1930 [ro.build.version.security_patch][2016-09-01][ro.build.version.security_patch][2016-09-05] 1931 [ro.build.version.security_patch][2016-09-06] 1932 </p> 1933 1934 <p> 1935 <strong>2. </strong> 1936 </p> 1937 1938 <p> 1939 Android Android Android 1940 </p> 1941 1942 <p> 1943 2016 9 6 () 1944 </p> 1945 1946 <p> 1947 2016 9 5 2016 9 1 2016 9 5 2016 9 6 1948 </p> 1949 1950 <p> 1951 2016 9 1 2016 9 1 2016 9 5 2016 9 6 1952 </p> 1953 1954 <p> 1955 3<strong>. Nexus </strong> 1956 </p> 1957 1958 <p> <a href="#2016-09-01-details">2016-09-01</a><a href="#2016-09-05-details">2016-09-05</a> <a href="#2016-09-06-details">2016-09-06</a> Nexus <em></em> Nexus </p> 1959 1960 <ul> 1961 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus Nexus <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus Player Pixel C</li> 1962 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus </li> 1963 <li><strong> Nexus </strong> Android 7.0 Nexus Nexus <em></em></li> 1964 </ul> 1965 <p> 1966 <strong>4. </strong> 1967 </p> 1968 1969 <p><em></em> 1970 </p> 1971 1972 <table> 1973 <tr> 1974 <th></th> 1975 <th></th> 1976 </tr> 1977 <tr> 1978 <td>A-</td> 1979 <td>Android ID</td> 1980 </tr> 1981 <tr> 1982 <td>QC-</td> 1983 <td>Qualcomm </td> 1984 </tr> 1985 <tr> 1986 <td>M-</td> 1987 <td>MediaTek </td> 1988 </tr> 1989 <tr> 1990 <td>N-</td> 1991 <td>NVIDIA </td> 1992 </tr> 1993 <tr> 1994 <td>B-</td> 1995 <td>Broadcom </td> 1996 </tr> 1997 </table> 1998 1999 <h2 id="revisions"></h2> 2000 <ul> 2001 <li>2016 9 6 </li> 2002 <li>2016 9 7 AOSP </li> 2003 <li>2016 9 12 CVE-2016-3861 CVE-2016-3877</li> 2004 </ul> 2005
