1 page.title=Android 2016 12 2 @jd:body 3 <!-- 4 Copyright 2016 The Android Open Source Project 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 http://www.apache.org/licenses/LICENSE-2.0 9 Unless required by applicable law or agreed to in writing, software 10 distributed under the License is distributed on an "AS IS" BASIS, 11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 See the License for the specific language governing permissions and 13 limitations under the License. 14 --> 15 16 <p><em>2016 12 5 | 2016 12 7 </em></p> 17 <p>Android Android Google OTA Google Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2016 12 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 18 </p> 19 <p> 20 2016 11 7 Android (AOSP) AOSP 21 </p> 22 <p> 23 (Re-flash) 24 </p> 25 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) Android <a href="#mitigations">Android Google </a> 26 </p> 27 <p> 28 </p> 29 <h2 id="announcements"></h2> 30 <ul> 31 <li> Android Android <a href="#common-questions-and-answers"></a> 32 <ul> 33 <li><strong>2016-12-01</strong> 2016-12-01 () </li> 34 <li><strong>2016-12-05</strong> 2016-12-01 2016-12-05 () </li> 35 </ul> 36 </li> 37 <li> Google 2016 12 5 OTA </li> 38 </ul> 39 <h2 id="security-vulnerability-summary"></h2> 40 <p> 41 ID (CVE) Google <a href="{@docRoot}security/overview/updates-resources.html#severity"></a> 42 </p> 43 <h3 id="2016-12-01-summary">2016-12-01 </h3> 44 <p> 45 2016-12-01 46 </p> 47 <table> 48 <col width="55%"> 49 <col width="20%"> 50 <col width="13%"> 51 <col width="12%"> 52 <tr> 53 <th></th> 54 <th>CVE</th> 55 <th></th> 56 <th> Google </th> 57 </tr> 58 <tr> 59 <td>CURL/LIBCURL </td> 60 <td>CVE-2016-5419CVE-2016-5420CVE-2016-5421</td> 61 <td></td> 62 <td></td> 63 </tr> 64 <tr> 65 <td>libziparchive </td> 66 <td>CVE-2016-6762</td> 67 <td></td> 68 <td></td> 69 </tr> 70 <tr> 71 <td></td> 72 <td>CVE-2016-6763</td> 73 <td></td> 74 <td></td> 75 </tr> 76 <tr> 77 <td></td> 78 <td>CVE-2016-6766CVE-2016-6765CVE-2016-6764CVE-2016-6767</td> 79 <td></td> 80 <td></td> 81 </tr> 82 <tr> 83 <td>Framesequence </td> 84 <td>CVE-2016-6768</td> 85 <td></td> 86 <td></td> 87 </tr> 88 <tr> 89 <td>Smart Lock </td> 90 <td>CVE-2016-6769</td> 91 <td></td> 92 <td>*</td> 93 </tr> 94 <tr> 95 <td>Framework API </td> 96 <td>CVE-2016-6770</td> 97 <td></td> 98 <td></td> 99 </tr> 100 <tr> 101 <td></td> 102 <td>CVE-2016-6771</td> 103 <td></td> 104 <td></td> 105 </tr> 106 <tr> 107 <td>Wi-Fi </td> 108 <td>CVE-2016-6772</td> 109 <td></td> 110 <td></td> 111 </tr> 112 <tr> 113 <td></td> 114 <td>CVE-2016-6773</td> 115 <td></td> 116 <td></td> 117 </tr> 118 <tr> 119 <td></td> 120 <td>CVE-2016-6774</td> 121 <td></td> 122 <td></td> 123 </tr> 124 </table> 125 <p> 126 * Android 7.0 Google () 127 </p> 128 <h3 id="2016-12-05-summary">2016-12-05 </h3> 129 <p> 130 2016-12-05 2016-12-01 131 </p> 132 <table> 133 <col width="55%"> 134 <col width="20%"> 135 <col width="13%"> 136 <col width="12%"> 137 <tr> 138 <th></th> 139 <th>CVE</th> 140 <th></th> 141 <th> Google </th> 142 </tr> 143 <tr> 144 <td></td> 145 <td>CVE-2016-4794CVE-2016-5195</td> 146 <td></td> 147 <td></td> 148 </tr> 149 <tr> 150 <td>NVIDIA GPU </td> 151 <td>CVE-2016-6775CVE-2016-6776CVE-2016-6777</td> 152 <td></td> 153 <td></td> 154 </tr> 155 <tr> 156 <td></td> 157 <td>CVE-2015-8966</td> 158 <td></td> 159 <td>*</td> 160 </tr> 161 <tr> 162 <td>NVIDIA </td> 163 <td>CVE-2016-6915CVE-2016-6916CVE-2016-6917</td> 164 <td></td> 165 <td></td> 166 </tr> 167 <tr> 168 <td> ION </td> 169 <td>CVE-2016-9120</td> 170 <td></td> 171 <td></td> 172 </tr> 173 <tr> 174 <td>Qualcomm </td> 175 <td>CVE-2016-8411</td> 176 <td></td> 177 <td></td> 178 </tr> 179 <tr> 180 <td></td> 181 <td>CVE-2014-4014</td> 182 <td></td> 183 <td></td> 184 </tr> 185 <tr> 186 <td></td> 187 <td>CVE-2015-8967</td> 188 <td></td> 189 <td></td> 190 </tr> 191 <tr> 192 <td>HTC </td> 193 <td>CVE-2016-6778CVE-2016-6779CVE-2016-6780</td> 194 <td></td> 195 <td></td> 196 </tr> 197 <tr> 198 <td>MediaTek </td> 199 <td>CVE-2016-6492CVE-2016-6781CVE-2016-6782CVE-2016-6783CVE-2016-6784CVE-2016-6785</td> 200 <td></td> 201 <td>*</td> 202 </tr> 203 <tr> 204 <td>Qualcomm </td> 205 <td>CVE-2016-6761CVE-2016-6760CVE-2016-6759CVE-2016-6758</td> 206 <td></td> 207 <td></td> 208 </tr> 209 <tr> 210 <td>Qualcomm </td> 211 <td>CVE-2016-6755</td> 212 <td></td> 213 <td></td> 214 </tr> 215 <tr> 216 <td></td> 217 <td>CVE-2016-6786CVE-2016-6787</td> 218 <td></td> 219 <td></td> 220 </tr> 221 <tr> 222 <td>MediaTek I2C </td> 223 <td>CVE-2016-6788</td> 224 <td></td> 225 <td>*</td> 226 </tr> 227 <tr> 228 <td>NVIDIA libomx </td> 229 <td>CVE-2016-6789CVE-2016-6790</td> 230 <td></td> 231 <td></td> 232 </tr> 233 <tr> 234 <td>Qualcomm </td> 235 <td>CVE-2016-6791CVE-2016-8391CVE-2016-8392</td> 236 <td></td> 237 <td></td> 238 </tr> 239 <tr> 240 <td></td> 241 <td>CVE-2015-7872</td> 242 <td></td> 243 <td></td> 244 </tr> 245 <tr> 246 <td>Synaptics </td> 247 <td>CVE-2016-8393CVE-2016-8394</td> 248 <td></td> 249 <td></td> 250 </tr> 251 <tr> 252 <td>Broadcom Wi-Fi </td> 253 <td>CVE-2014-9909CVE-2014-9910</td> 254 <td></td> 255 <td>*</td> 256 </tr> 257 <tr> 258 <td>MediaTek </td> 259 <td>CVE-2016-8396</td> 260 <td></td> 261 <td>*</td> 262 </tr> 263 <tr> 264 <td>NVIDIA </td> 265 <td>CVE-2016-8397</td> 266 <td></td> 267 <td></td> 268 </tr> 269 <tr> 270 <td>GPS </td> 271 <td>CVE-2016-5341</td> 272 <td></td> 273 <td></td> 274 </tr> 275 <tr> 276 <td>NVIDIA </td> 277 <td>CVE-2016-8395</td> 278 <td></td> 279 <td></td> 280 </tr> 281 <tr> 282 <td></td> 283 <td>CVE-2016-8399</td> 284 <td></td> 285 <td></td> 286 </tr> 287 <tr> 288 <td>Qualcomm </td> 289 <td>CVE-2016-6756CVE-2016-6757</td> 290 <td></td> 291 <td></td> 292 </tr> 293 <tr> 294 <td>NVIDIA librm </td> 295 <td>CVE-2016-8400</td> 296 <td></td> 297 <td></td> 298 </tr> 299 <tr> 300 <td></td> 301 <td>CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8404CVE-2016-8405CVE-2016-8406CVE-2016-8407</td> 302 <td></td> 303 <td></td> 304 </tr> 305 <tr> 306 <td>NVIDIA </td> 307 <td>CVE-2016-8408CVE-2016-8409</td> 308 <td></td> 309 <td></td> 310 </tr> 311 <tr> 312 <td>Qualcomm </td> 313 <td>CVE-2016-8410</td> 314 <td></td> 315 <td></td> 316 </tr> 317 </table> 318 <p> 319 * Android 7.0 Google () 320 </p> 321 <h2 id="mitigations">Android Google </h2> 322 <p> 323 <a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android 324 </p> 325 <ul> 326 <li>Android Android Android</li> 327 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 328 <li>Google Hangouts Messenger </li> 329 </ul> 330 331 <h2 id="acknowledgements"></h2> 332 <p> 333 </p> 334 335 <ul> 336 <li> Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi Zhang Yang SongCVE-2016-6783CVE-2016-6784CVE-2016-6785</li> 337 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6789CVE-2016-6790</li> 338 <li>Christian SeelCVE-2016-6769</li> 339 <li>Google David Benjamin Kenny RootCVE-2016-6767</li> 340 <li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-6776CVE-2016-6787</li> 341 <li><a href="http://www.ms509.com">MS509Team</a> En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)CVE-2016-6763</li> 342 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-6779CVE-2016-6778CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8409CVE-2016-8408CVE-2016-8404</li> 343 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-6788CVE-2016-6781CVE-2016-6782CVE-2016-8396</li> 344 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6791CVE-2016-8391CVE-2016-8392</li> 345 <li>Google Project Zero Mark BrandCVE-2016-6772</li> 346 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2016-6770CVE-2016-6774</li> 347 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6761CVE-2016-6759CVE-2016-8400</li> 348 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6760</li> 349 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6759</li> 350 <li>Tesla Motors Product Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2016-6915CVE-2016-6916CVE-2016-6917</li> 351 <li>Nightwatch Cybersecurity Research (<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>)CVE-2016-5341</li> 352 <li> X- Pengfei Ding ()Chenfu Bao () Lenx Wei ()CVE-2016-6755CVE-2016-6756</li> 353 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-8397CVE-2016-8405CVE-2016-8406CVE-2016-8407</li> 354 <li> KeenLab () Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2016-8399CVE-2016-8395</li> 355 <li> KeenLab () Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) Marco Grassi (<a href="https://twitter.com/marcograss">@marcograss</a>)CVE-2016-6768</li> 356 <li>Richard ShupakCVE-2016-5341</li> 357 <li>IBM X-Force Research Sagi KedmiCVE-2016-8393CVE-2016-8394</li> 358 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-6757</li> 359 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2016-6773</li> 360 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6765</li> 361 <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/"></a> Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://weibo.com/wishlinux"></a>)CVE-2016-6704</li> 362 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6786CVE-2016-6780CVE-2016-6775</li> 363 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6777</li> 364 <li> Yuxiang LiCVE-2016-6771</li> 365 <li> 360 Zhe Jin ()CVE-2016-6764CVE-2016-6766</li> 366 <li> 360 <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>CVE-2016-6762</li> 367 </ul> 368 <p> 369 MengLuo Gou (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)Yong Wang () (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Google Zubin Mithra 370 </p> 371 372 <h2 id="2016-12-01-details">2016-12-01 </h2> 373 <p> 374 <a href="#2016-12-01-summary">2016-12-01 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 375 376 377 <h3 id="rce-in-curl-libcurl">CURL/LIBCURL </h3> 378 <p> 379 CURL LIBCURL 380 </p> 381 382 <table> 383 <col width="18%"> 384 <col width="18%"> 385 <col width="10%"> 386 <col width="19%"> 387 <col width="17%"> 388 <col width="17%"> 389 <tr> 390 <th>CVE</th> 391 <th></th> 392 <th></th> 393 <th> Google </th> 394 <th> AOSP </th> 395 <th></th> 396 </tr> 397 <tr> 398 <td>CVE-2016-5419</td> 399 <td>A-31271247</td> 400 <td></td> 401 <td></td> 402 <td>7.0</td> 403 <td>2016 8 3 </td> 404 </tr> 405 <tr> 406 <td>CVE-2016-5420</td> 407 <td>A-31271247</td> 408 <td></td> 409 <td></td> 410 <td>7.0</td> 411 <td>2016 8 3 </td> 412 </tr> 413 <tr> 414 <td>CVE-2016-5421</td> 415 <td>A-31271247</td> 416 <td></td> 417 <td></td> 418 <td>7.0</td> 419 <td>2016 8 3 </td> 420 </tr> 421 </table> 422 423 424 <h3 id="eop-in-libziparchive">libziparchive </h3> 425 <p> 426 libziparchive 427 </p> 428 429 <table> 430 <col width="18%"> 431 <col width="18%"> 432 <col width="10%"> 433 <col width="19%"> 434 <col width="17%"> 435 <col width="17%"> 436 <tr> 437 <th>CVE</th> 438 <th></th> 439 <th></th> 440 <th> Google </th> 441 <th> AOSP </th> 442 <th></th> 443 </tr> 444 <tr> 445 <td>CVE-2016-6762</td> 446 <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c"> 447 A-31251826</a> 448 [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>] 449 </td> 450 <td></td> 451 <td></td> 452 <td>5.0.25.1.16.06.0.17.0</td> 453 <td>2016 8 28 </td> 454 </tr> 455 </table> 456 457 458 <h3 id="dos-in-telephony"></h3> 459 <p> 460 461 </p> 462 463 <table> 464 <col width="18%"> 465 <col width="18%"> 466 <col width="10%"> 467 <col width="19%"> 468 <col width="17%"> 469 <col width="17%"> 470 <tr> 471 <th>CVE</th> 472 <th></th> 473 <th></th> 474 <th> Google </th> 475 <th> AOSP </th> 476 <th></th> 477 </tr> 478 <tr> 479 <td>CVE-2016-6763</td> 480 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1294620627b1e9afdf4bd0ad51c25ed3daf80d84"> 481 A-31530456</a></td> 482 <td></td> 483 <td></td> 484 <td>4.4.45.0.25.1.16.06.0.17.0</td> 485 <td>2016 9 12 </td> 486 </tr> 487 </table> 488 489 490 <h3 id="dos-in-mediaserver"></h3> 491 <p> 492 493 </p> 494 495 <table> 496 <col width="18%"> 497 <col width="18%"> 498 <col width="10%"> 499 <col width="19%"> 500 <col width="17%"> 501 <col width="17%"> 502 <tr> 503 <th>CVE</th> 504 <th></th> 505 <th></th> 506 <th> Google </th> 507 <th> AOSP </th> 508 <th></th> 509 </tr> 510 <tr> 511 <td>CVE-2016-6766</td> 512 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 513 A-31318219</a></td> 514 <td></td> 515 <td></td> 516 <td>4.4.45.0.25.1.16.06.0.17.0</td> 517 <td>2016 9 5 </td> 518 </tr> 519 <tr> 520 <td>CVE-2016-6765</td> 521 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/fd9cc97d4dfe2a2fbce2c0f1704d7a27ce7cbc44"> 522 A-31449945</a></td> 523 <td></td> 524 <td></td> 525 <td>4.4.45.0.25.1.17.0</td> 526 <td>2016 9 13 </td> 527 </tr> 528 <tr> 529 <td>CVE-2016-6764</td> 530 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 531 A-31681434</a></td> 532 <td></td> 533 <td></td> 534 <td>4.4.45.0.25.1.16.06.0.17.0</td> 535 <td>2016 9 22 </td> 536 </tr> 537 <tr> 538 <td>CVE-2016-6767</td> 539 <td>A-31833604</td> 540 <td></td> 541 <td>*</td> 542 <td>4.4.4</td> 543 <td>Google </td> 544 </tr> 545 </table> 546 547 <p> 548 * Android 7.0 Google () 549 </p> 550 551 552 <h3 id="rce-in-framesequence-library">Framesequence </h3> 553 <p> 554 Framesequence Framesequence 555 </p> 556 557 <table> 558 <col width="18%"> 559 <col width="18%"> 560 <col width="10%"> 561 <col width="19%"> 562 <col width="17%"> 563 <col width="17%"> 564 <tr> 565 <th>CVE</th> 566 <th></th> 567 <th></th> 568 <th> Google </th> 569 <th> AOSP </th> 570 <th></th> 571 </tr> 572 <tr> 573 <td>CVE-2016-6768</td> 574 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/0ada9456d0270cb0e357a43d9187a6418d770760"> 575 A-31631842</a></td> 576 <td></td> 577 <td></td> 578 <td>5.0.25.1.16.06.0.17.0</td> 579 <td>2016 9 19 </td> 580 </tr> 581 </table> 582 583 584 <h3 id="eop-in-smart-lock">Smart Lock </h3> 585 <p> 586 Smart Lock PIN Smart Lock ( Smart Lock) 587 </p> 588 589 <table> 590 <col width="18%"> 591 <col width="18%"> 592 <col width="10%"> 593 <col width="19%"> 594 <col width="17%"> 595 <col width="17%"> 596 <tr> 597 <th>CVE</th> 598 <th></th> 599 <th></th> 600 <th> Google </th> 601 <th> AOSP </th> 602 <th></th> 603 </tr> 604 <tr> 605 <td>CVE-2016-6769</td> 606 <td>A-29055171</td> 607 <td></td> 608 <td>*</td> 609 <td>5.0.25.1.16.06.0.1</td> 610 <td>2016 5 27 </td> 611 </tr> 612 </table> 613 <p> 614 * Android 7.0 Google () 615 </p> 616 617 618 <h3 id="eop-in-framework-apis">Framework API </h3> 619 <p> 620 Framework API 621 </p> 622 623 <table> 624 <col width="18%"> 625 <col width="18%"> 626 <col width="10%"> 627 <col width="19%"> 628 <col width="17%"> 629 <col width="17%"> 630 <tr> 631 <th>CVE</th> 632 <th></th> 633 <th></th> 634 <th> Google </th> 635 <th> AOSP </th> 636 <th></th> 637 </tr> 638 <tr> 639 <td>CVE-2016-6770</td> 640 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc"> 641 A-30202228</a></td> 642 <td></td> 643 <td></td> 644 <td>4.4.45.0.25.1.16.06.0.17.0</td> 645 <td>2016 7 16 </td> 646 </tr> 647 </table> 648 649 650 <h3 id="eop-in-telephony"></h3> 651 <p> 652 653 </p> 654 655 <table> 656 <col width="18%"> 657 <col width="18%"> 658 <col width="10%"> 659 <col width="19%"> 660 <col width="17%"> 661 <col width="17%"> 662 <tr> 663 <th>CVE</th> 664 <th></th> 665 <th></th> 666 <th> Google </th> 667 <th> AOSP </th> 668 <th></th> 669 </tr> 670 <tr> 671 <td>CVE-2016-6771</td> 672 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a39ff9526aee6f2ea4f6e02412db7b33d486fd7d"> 673 A-31566390</a></td> 674 <td></td> 675 <td></td> 676 <td>6.06.0.17.0</td> 677 <td>2016 9 17 </td> 678 </tr> 679 </table> 680 681 682 <h3 id="eop-in-wi-fi">Wi-Fi </h3> 683 <p> 684 Wi-Fi 685 </p> 686 687 <table> 688 <col width="18%"> 689 <col width="18%"> 690 <col width="10%"> 691 <col width="19%"> 692 <col width="17%"> 693 <col width="17%"> 694 <tr> 695 <th>CVE</th> 696 <th></th> 697 <th></th> 698 <th> Google </th> 699 <th> AOSP </th> 700 <th></th> 701 </tr> 702 <tr> 703 <td>CVE-2016-6772</td> 704 <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484"> 705 A-31856351</a> 706 [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> 707 <td></td> 708 <td></td> 709 <td>5.0.25.1.16.06.0.17.0</td> 710 <td>2016 9 30 </td> 711 </tr> 712 </table> 713 714 715 <h3 id="id-in-mediaserver"></h3> 716 <p> 717 718 </p> 719 720 <table> 721 <col width="18%"> 722 <col width="18%"> 723 <col width="10%"> 724 <col width="19%"> 725 <col width="17%"> 726 <col width="17%"> 727 <tr> 728 <th>CVE</th> 729 <th></th> 730 <th></th> 731 <th> Google </th> 732 <th> AOSP </th> 733 <th></th> 734 </tr> 735 <tr> 736 <td>CVE-2016-6773</td> 737 <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0"> 738 A-30481714</a> 739 [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> 740 <td></td> 741 <td></td> 742 <td>6.06.0.17.0</td> 743 <td>2016 7 27 </td> 744 </tr> 745 </table> 746 747 748 <h3 id="id-in-package-manager"></h3> 749 <p> 750 751 </p> 752 753 <table> 754 <col width="18%"> 755 <col width="18%"> 756 <col width="10%"> 757 <col width="19%"> 758 <col width="17%"> 759 <col width="17%"> 760 <tr> 761 <th>CVE</th> 762 <th></th> 763 <th></th> 764 <th> Google </th> 765 <th> AOSP </th> 766 <th></th> 767 </tr> 768 <tr> 769 <td>CVE-2016-6774</td> 770 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e2d4f5fc313ecb4ba587b20fff6d346f8cd51775"> 771 A-31251489</a></td> 772 <td></td> 773 <td></td> 774 <td>7.0</td> 775 <td>2016 8 29 </td> 776 </tr> 777 </table> 778 779 780 <h2 id="2016-12-05-details">2016-12-05 </h2> 781 <p> 782 <a href="#2016-12-05-summary">2016-12-05 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 783 784 <h3 id="eop-in-kernel-memory-subsystem"></h3> 785 <p> 786 (Re-flash) 787 </p> 788 789 <table> 790 <col width="19%"> 791 <col width="20%"> 792 <col width="10%"> 793 <col width="23%"> 794 <col width="17%"> 795 <tr> 796 <th>CVE</th> 797 <th></th> 798 <th></th> 799 <th> Google </th> 800 <th></th> 801 </tr> 802 <tr> 803 <td>CVE-2016-4794</td> 804 <td>A-31596597<br> 805 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"></a> 806 [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> 807 <td></td> 808 <td>Pixel CPixelPixel XL</td> 809 <td>2016 4 17 </td> 810 </tr> 811 <tr> 812 <td>CVE-2016-5195</td> 813 <td>A-32141528<br> 814 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"></a> 815 [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> 816 <td></td> 817 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 818 <td>2016 10 12 </td> 819 </tr> 820 </table> 821 822 823 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 824 <p> 825 NVIDIA GPU (Re-flash) 826 </p> 827 828 <table> 829 <col width="19%"> 830 <col width="20%"> 831 <col width="10%"> 832 <col width="23%"> 833 <col width="17%"> 834 <tr> 835 <th>CVE</th> 836 <th></th> 837 <th></th> 838 <th> Google </th> 839 <th></th> 840 </tr> 841 <tr> 842 <td>CVE-2016-6775</td> 843 <td>A-31222873*<br>N-CVE-2016-6775</td> 844 <td></td> 845 <td>Nexus 9</td> 846 <td>2016 8 25 </td> 847 </tr> 848 <tr> 849 <td>CVE-2016-6776</td> 850 <td>A-31680980*<br>N-CVE-2016-6776</td> 851 <td></td> 852 <td>Nexus 9</td> 853 <td>2016 9 22 </td> 854 </tr> 855 <tr> 856 <td>CVE-2016-6777</td> 857 <td>A-31910462*<br>N-CVE-2016-6777</td> 858 <td></td> 859 <td>Nexus 9</td> 860 <td>2016 10 3 </td> 861 </tr> 862 </table> 863 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 864 </p> 865 866 <h3 id="eop-in-kernel"></h3> 867 <p> (Re-flash) 868 </p> 869 870 <table> 871 <col width="19%"> 872 <col width="20%"> 873 <col width="10%"> 874 <col width="23%"> 875 <col width="17%"> 876 <tr> 877 <th>CVE</th> 878 <th></th> 879 <th></th> 880 <th> Google </th> 881 <th></th> 882 </tr> 883 <tr> 884 <td>CVE-2015-8966</td> 885 <td>A-31435731<br> 886 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> 887 </a></td> 888 <td></td> 889 <td>*</td> 890 <td>2016 9 10 </td> 891 </tr> 892 </table> 893 <p> 894 * Android 7.0 Google () 895 </p> 896 897 898 <h3 id="eop-in-nvidia-video-driver">NVIDIA </h3> 899 <p> 900 NVIDIA (Re-flash) 901 </p> 902 903 <table> 904 <col width="19%"> 905 <col width="20%"> 906 <col width="10%"> 907 <col width="23%"> 908 <col width="17%"> 909 <tr> 910 <th>CVE</th> 911 <th></th> 912 <th></th> 913 <th> Google </th> 914 <th></th> 915 </tr> 916 <tr> 917 <td>CVE-2016-6915</td> 918 <td>A-31471161* 919 <br>N-CVE-2016-6915</td> 920 <td></td> 921 <td>Nexus 9</td> 922 <td>2016 9 13 </td> 923 </tr> 924 <tr> 925 <td>CVE-2016-6916</td> 926 <td>A-32072350* 927 <br>N-CVE-2016-6916</td> 928 <td></td> 929 <td>Nexus 9Pixel C</td> 930 <td>2016 9 13 </td> 931 </tr> 932 <tr> 933 <td>CVE-2016-6917</td> 934 <td>A-32072253* 935 <br>N-CVE-2016-6917</td> 936 <td></td> 937 <td>Nexus 9</td> 938 <td>2016 9 13 </td> 939 </tr> 940 </table> 941 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 942 </p> 943 944 <h3 id="eop-in-kernel-ion-driver"> ION </h3> 945 <p> 946 ION (Re-flash) 947 </p> 948 949 <table> 950 <col width="19%"> 951 <col width="20%"> 952 <col width="10%"> 953 <col width="23%"> 954 <col width="17%"> 955 <tr> 956 <th>CVE</th> 957 <th></th> 958 <th></th> 959 <th> Google </th> 960 <th></th> 961 </tr> 962 <tr> 963 <td>CVE-2016-9120</td> 964 <td>A-31568617<br> 965 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> 966 </a></td> 967 <td></td> 968 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus Player</td> 969 <td>2016 9 16 </td> 970 </tr> 971 </table> 972 973 <h3>Qualcomm </h3> 974 <p> 975 Qualcomm 2015 11 Qualcomm AMSS 976 </p> 977 <table> 978 <col width="19%"> 979 <col width="20%"> 980 <col width="10%"> 981 <col width="23%"> 982 <col width="17%"> 983 <tr> 984 <th>CVE</th> 985 <th></th> 986 <th>*</th> 987 <th> Google </th> 988 <th></th> 989 </tr> 990 <tr> 991 <td>CVE-2016-8411</td> 992 <td>A-31805216**</td> 993 <td></td> 994 <td>Nexus 6Nexus 6PAndroid One</td> 995 <td>Qualcomm </td> 996 </tr> 997 </table> 998 <p>* </p> 999 <p>** Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1000 </p> 1001 1002 <h3 id="eop-in-kernel-file-system"></h3> 1003 <p> 1004 1005 </p> 1006 1007 <table> 1008 <col width="19%"> 1009 <col width="20%"> 1010 <col width="10%"> 1011 <col width="23%"> 1012 <col width="17%"> 1013 <tr> 1014 <th>CVE</th> 1015 <th></th> 1016 <th></th> 1017 <th> Google </th> 1018 <th></th> 1019 </tr> 1020 <tr> 1021 <td>CVE-2014-4014</td> 1022 <td>A-31252187<br> 1023 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> 1024 </a></td> 1025 <td></td> 1026 <td>Nexus 6Nexus Player</td> 1027 <td>2014 6 10 </td> 1028 </tr> 1029 </table> 1030 1031 1032 <h3 id="eop-in-kernel-2"></h3> 1033 <p> 1034 1035 </p> 1036 1037 <table> 1038 <col width="19%"> 1039 <col width="20%"> 1040 <col width="10%"> 1041 <col width="23%"> 1042 <col width="17%"> 1043 <tr> 1044 <th>CVE</th> 1045 <th></th> 1046 <th></th> 1047 <th> Google </th> 1048 <th></th> 1049 </tr> 1050 <tr> 1051 <td>CVE-2015-8967</td> 1052 <td>A-31703084<br> 1053 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> 1054 </a></td> 1055 <td></td> 1056 <td>Nexus 5XNexus 6PNexus 9Pixel CPixelPixel XL</td> 1057 <td>2015 1 8 </td> 1058 </tr> 1059 </table> 1060 1061 1062 <h3 id="eop-in-htc-sound-codec-driver">HTC </h3> 1063 <p> 1064 HTC 1065 </p> 1066 1067 <table> 1068 <col width="19%"> 1069 <col width="20%"> 1070 <col width="10%"> 1071 <col width="23%"> 1072 <col width="17%"> 1073 <tr> 1074 <th>CVE</th> 1075 <th></th> 1076 <th></th> 1077 <th> Google </th> 1078 <th></th> 1079 </tr> 1080 <tr> 1081 <td>CVE-2016-6778</td> 1082 <td>A-31384646*</td> 1083 <td></td> 1084 <td>Nexus 9</td> 1085 <td>2016 2 25 </td> 1086 </tr> 1087 <tr> 1088 <td>CVE-2016-6779</td> 1089 <td>A-31386004*</td> 1090 <td></td> 1091 <td>Nexus 9</td> 1092 <td>2016 2 25 </td> 1093 </tr> 1094 <tr> 1095 <td>CVE-2016-6780</td> 1096 <td>A-31251496*</td> 1097 <td></td> 1098 <td>Nexus 9</td> 1099 <td>2016 8 30 </td> 1100 </tr> 1101 </table> 1102 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1103 </p> 1104 1105 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1106 <p> 1107 MediaTek 1108 </p> 1109 1110 <table> 1111 <col width="19%"> 1112 <col width="20%"> 1113 <col width="10%"> 1114 <col width="23%"> 1115 <col width="17%"> 1116 <tr> 1117 <th>CVE</th> 1118 <th></th> 1119 <th></th> 1120 <th> Google </th> 1121 <th></th> 1122 </tr> 1123 <tr> 1124 <td>CVE-2016-6492</td> 1125 <td>A-28175122<br>MT-ALPS02696413</td> 1126 <td></td> 1127 <td>*</td> 1128 <td>2016 4 11 </td> 1129 </tr> 1130 <tr> 1131 <td>CVE-2016-6781</td> 1132 <td>A-31095175<br>MT-ALPS02943455</td> 1133 <td></td> 1134 <td>*</td> 1135 <td>2016 8 22 </td> 1136 </tr> 1137 <tr> 1138 <td>CVE-2016-6782</td> 1139 <td>A-31224389<br>MT-ALPS02943506</td> 1140 <td></td> 1141 <td>*</td> 1142 <td>2016 8 24 </td> 1143 </tr> 1144 <tr> 1145 <td>CVE-2016-6783</td> 1146 <td>A-31350044<br>MT-ALPS02943437</td> 1147 <td></td> 1148 <td>*</td> 1149 <td>2016 9 6 </td> 1150 </tr> 1151 <tr> 1152 <td>CVE-2016-6784</td> 1153 <td>A-31350755<br>MT-ALPS02961424</td> 1154 <td></td> 1155 <td>*</td> 1156 <td>2016 9 6 </td> 1157 </tr> 1158 <tr> 1159 <td>CVE-2016-6785</td> 1160 <td>A-31748056<br>MT-ALPS02961400</td> 1161 <td></td> 1162 <td>*</td> 1163 <td>2016 9 25 </td> 1164 </tr> 1165 </table> 1166 <p> 1167 * Android 7.0 Google () 1168 </p> 1169 1170 1171 <h3 id="eop-in-qualcomm-media-codecs">Qualcomm </h3> 1172 <p>Qualcomm 1173 </p> 1174 1175 <table> 1176 <col width="19%"> 1177 <col width="20%"> 1178 <col width="10%"> 1179 <col width="23%"> 1180 <col width="17%"> 1181 <tr> 1182 <th>CVE</th> 1183 <th></th> 1184 <th></th> 1185 <th> Google </th> 1186 <th></th> 1187 </tr> 1188 <tr> 1189 <td>CVE-2016-6761</td> 1190 <td>A-29421682* 1191 <br>QC-CR#1055792</td> 1192 <td></td> 1193 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1194 <td>2016 6 16 </td> 1195 </tr> 1196 <tr> 1197 <td>CVE-2016-6760</td> 1198 <td>A-29617572* 1199 <br>QC-CR#1055783</td> 1200 <td></td> 1201 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1202 <td>2016 6 23 </td> 1203 </tr> 1204 <tr> 1205 <td>CVE-2016-6759</td> 1206 <td>A-29982686* 1207 <br>QC-CR#1055766</td> 1208 <td></td> 1209 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1210 <td>2016 7 4 </td> 1211 </tr> 1212 <tr> 1213 <td>CVE-2016-6758</td> 1214 <td>A-30148882* 1215 <br>QC-CR#1071731</td> 1216 <td></td> 1217 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1218 <td>2016 7 13 </td> 1219 </tr> 1220 </table> 1221 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1222 </p> 1223 1224 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3> 1225 <p> 1226 Qualcomm 1227 </p> 1228 1229 <table> 1230 <col width="19%"> 1231 <col width="20%"> 1232 <col width="10%"> 1233 <col width="23%"> 1234 <col width="17%"> 1235 <tr> 1236 <th>CVE</th> 1237 <th></th> 1238 <th></th> 1239 <th> Google </th> 1240 <th></th> 1241 </tr> 1242 <tr> 1243 <td>CVE-2016-6755</td> 1244 <td>A-30740545<br> 1245 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> 1246 QC-CR#1065916</a></td> 1247 <td></td> 1248 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1249 <td>2016 8 3 </td> 1250 </tr> 1251 </table> 1252 1253 1254 <h3 id="eop-in-kernel-performance-subsystem"></h3> 1255 <p> 1256 1257 </p> 1258 1259 <table> 1260 <col width="19%"> 1261 <col width="20%"> 1262 <col width="10%"> 1263 <col width="23%"> 1264 <col width="17%"> 1265 <tr> 1266 <th>CVE</th> 1267 <th></th> 1268 <th></th> 1269 <th> Google </th> 1270 <th></th> 1271 </tr> 1272 <tr> 1273 <td>CVE-2016-6786</td> 1274 <td>A-30955111 1275 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"></a></td> 1276 <td></td> 1277 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1278 <td>2016 8 18 </td> 1279 </tr> 1280 <tr> 1281 <td>CVE-2016-6787</td> 1282 <td>A-31095224 1283 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"></a></td> 1284 <td></td> 1285 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1286 <td>2016 8 22 </td> 1287 </tr> 1288 </table> 1289 1290 1291 <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C </h3> 1292 <p> 1293 MediaTek I2C 1294 </p> 1295 1296 <table> 1297 <col width="19%"> 1298 <col width="20%"> 1299 <col width="10%"> 1300 <col width="23%"> 1301 <col width="17%"> 1302 <tr> 1303 <th>CVE</th> 1304 <th></th> 1305 <th></th> 1306 <th> Google </th> 1307 <th></th> 1308 </tr> 1309 <tr> 1310 <td>CVE-2016-6788</td> 1311 <td>A-31224428<br>MT-ALPS02943467</td> 1312 <td></td> 1313 <td>*</td> 1314 <td>2016 8 24 </td> 1315 </tr> 1316 </table> 1317 <p> 1318 * Android 7.0 Google () 1319 </p> 1320 1321 1322 <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx </h3> 1323 <p> 1324 NVIDIA libomx 1325 </p> 1326 1327 <table> 1328 <col width="19%"> 1329 <col width="20%"> 1330 <col width="10%"> 1331 <col width="23%"> 1332 <col width="17%"> 1333 <tr> 1334 <th>CVE</th> 1335 <th></th> 1336 <th></th> 1337 <th> Google </th> 1338 <th></th> 1339 </tr> 1340 <tr> 1341 <td>CVE-2016-6789</td> 1342 <td>A-31251973* 1343 <br>N-CVE-2016-6789</td> 1344 <td></td> 1345 <td>Pixel C</td> 1346 <td>2016 8 29 </td> 1347 </tr> 1348 <tr> 1349 <td>CVE-2016-6790</td> 1350 <td>A-31251628* 1351 <br>N-CVE-2016-6790</td> 1352 <td></td> 1353 <td>Pixel C</td> 1354 <td>2016 8 28 </td> 1355 </tr> 1356 </table> 1357 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1358 </p> 1359 1360 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1361 <p> 1362 Qualcomm 1363 </p> 1364 1365 <table> 1366 <col width="19%"> 1367 <col width="20%"> 1368 <col width="10%"> 1369 <col width="23%"> 1370 <col width="17%"> 1371 <tr> 1372 <th>CVE</th> 1373 <th></th> 1374 <th></th> 1375 <th> Google </th> 1376 <th></th> 1377 </tr> 1378 <tr> 1379 <td>CVE-2016-6791</td> 1380 <td>A-31252384<br> 1381 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1382 QC-CR#1071809</a></td> 1383 <td></td> 1384 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1385 <td>2016 8 31 </td> 1386 </tr> 1387 <tr> 1388 <td>CVE-2016-8391</td> 1389 <td>A-31253255<br> 1390 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1391 QC-CR#1072166</a></td> 1392 <td></td> 1393 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1394 <td>2016 8 31 </td> 1395 </tr> 1396 <tr> 1397 <td>CVE-2016-8392</td> 1398 <td>A-31385862<br> 1399 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1400 QC-CR#1073136</a></td> 1401 <td></td> 1402 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1403 <td>2016 9 8 </td> 1404 </tr> 1405 </table> 1406 1407 1408 <h3 id="eop-in-kernel-security-subsystem"></h3> 1409 <p> 1410 1411 </p> 1412 1413 <table> 1414 <col width="19%"> 1415 <col width="20%"> 1416 <col width="10%"> 1417 <col width="23%"> 1418 <col width="17%"> 1419 <tr> 1420 <th>CVE</th> 1421 <th></th> 1422 <th></th> 1423 <th> Google </th> 1424 <th></th> 1425 </tr> 1426 <tr> 1427 <td>CVE-2015-7872</td> 1428 <td>A-31253168<br> 1429 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> 1430 </a></td> 1431 <td></td> 1432 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1433 <td>2016 8 31 </td> 1434 </tr> 1435 </table> 1436 1437 1438 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1439 <p>Synaptics 1440 </p> 1441 1442 <table> 1443 <col width="19%"> 1444 <col width="20%"> 1445 <col width="10%"> 1446 <col width="23%"> 1447 <col width="17%"> 1448 <tr> 1449 <th>CVE</th> 1450 <th></th> 1451 <th></th> 1452 <th> Google </th> 1453 <th></th> 1454 </tr> 1455 <tr> 1456 <td>CVE-2016-8393</td> 1457 <td>A-31911920*</td> 1458 <td></td> 1459 <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1460 <td>2016 9 8 </td> 1461 </tr> 1462 <tr> 1463 <td>CVE-2016-8394</td> 1464 <td>A-31913197*</td> 1465 <td></td> 1466 <td>Nexus 9Android One</td> 1467 <td>2016 9 8 </td> 1468 </tr> 1469 </table> 1470 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1471 </p> 1472 1473 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1474 <p> 1475 Broadcom Wi-Fi 1476 </p> 1477 1478 <table> 1479 <col width="19%"> 1480 <col width="20%"> 1481 <col width="10%"> 1482 <col width="23%"> 1483 <col width="17%"> 1484 <tr> 1485 <th>CVE</th> 1486 <th></th> 1487 <th></th> 1488 <th> Google </th> 1489 <th></th> 1490 </tr> 1491 <tr> 1492 <td>CVE-2014-9909</td> 1493 <td>A-31676542<br>B-RB#26684</td> 1494 <td></td> 1495 <td>*</td> 1496 <td>2016 9 21 </td> 1497 </tr> 1498 <tr> 1499 <td>CVE-2014-9910</td> 1500 <td>A-31746399<br>B-RB#26710</td> 1501 <td></td> 1502 <td>*</td> 1503 <td>2016 9 26 </td> 1504 </tr> 1505 </table> 1506 <p> 1507 * Android 7.0 Google () 1508 </p> 1509 1510 1511 <h3 id="id-in-mediatek-video-driver">MediaTek </h3> 1512 <p> 1513 MediaTek 1514 </p> 1515 1516 <table> 1517 <col width="19%"> 1518 <col width="20%"> 1519 <col width="10%"> 1520 <col width="23%"> 1521 <col width="17%"> 1522 <tr> 1523 <th>CVE</th> 1524 <th></th> 1525 <th></th> 1526 <th> Google </th> 1527 <th></th> 1528 </tr> 1529 <tr> 1530 <td>CVE-2016-8396</td> 1531 <td>A-31249105</td> 1532 <td></td> 1533 <td>*</td> 1534 <td>2016 8 26 </td> 1535 </tr> 1536 </table> 1537 <p> 1538 * Android 7.0 Google () 1539 </p> 1540 1541 1542 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1543 <p> 1544 NVIDIA 1545 </p> 1546 1547 <table> 1548 <col width="19%"> 1549 <col width="20%"> 1550 <col width="10%"> 1551 <col width="23%"> 1552 <col width="17%"> 1553 <tr> 1554 <th>CVE</th> 1555 <th></th> 1556 <th></th> 1557 <th> Google </th> 1558 <th></th> 1559 </tr> 1560 <tr> 1561 <td>CVE-2016-8397</td> 1562 <td>A-31385953*<br> 1563 N-CVE-2016-8397</td> 1564 <td></td> 1565 <td>Nexus 9</td> 1566 <td>2016 9 8 </td> 1567 </tr> 1568 </table> 1569 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1570 </p> 1571 1572 <h3 id="dos-in-gps">GPS </h3> 1573 <p> 1574 Qualcomm GPS 1575 </p> 1576 1577 <table> 1578 <col width="19%"> 1579 <col width="20%"> 1580 <col width="10%"> 1581 <col width="23%"> 1582 <col width="17%"> 1583 <tr> 1584 <th>CVE</th> 1585 <th></th> 1586 <th></th> 1587 <th> Google </th> 1588 <th></th> 1589 </tr> 1590 <tr> 1591 <td>CVE-2016-5341</td> 1592 <td>A-31470303*</td> 1593 <td></td> 1594 <td>Nexus 6Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1595 <td>2016 6 21 </td> 1596 </tr> 1597 </table> 1598 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1599 </p> 1600 1601 <h3 id="dos-in-nvidia-camera-driver">NVIDIA </h3> 1602 <p> 1603 NVIDIA (Re-flash) 1604 </p> 1605 1606 <table> 1607 <col width="19%"> 1608 <col width="20%"> 1609 <col width="10%"> 1610 <col width="23%"> 1611 <col width="17%"> 1612 <tr> 1613 <th>CVE</th> 1614 <th></th> 1615 <th></th> 1616 <th> Google </th> 1617 <th></th> 1618 </tr> 1619 <tr> 1620 <td>CVE-2016-8395</td> 1621 <td>A-31403040* 1622 <br>N-CVE-2016-8395</td> 1623 <td></td> 1624 <td>Pixel C</td> 1625 <td>2016 9 9 </td> 1626 </tr> 1627 </table> 1628 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1629 </p> 1630 1631 <h3 id="eop-in-kernel-networking-subsystem"></h3> 1632 <p> 1633 1634 </p> 1635 1636 <table> 1637 <col width="19%"> 1638 <col width="20%"> 1639 <col width="10%"> 1640 <col width="23%"> 1641 <col width="17%"> 1642 <tr> 1643 <th>CVE</th> 1644 <th></th> 1645 <th></th> 1646 <th> Google </th> 1647 <th></th> 1648 </tr> 1649 <tr> 1650 <td>CVE-2016-8399</td> 1651 <td>A-31349935*</td> 1652 <td></td> 1653 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1654 <td>2016 9 5 </td> 1655 </tr> 1656 </table> 1657 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1658 </p> 1659 1660 <h3 id="id-in-qualcomm-components">Qualcomm </h3> 1661 <p> 1662 Qualcomm () 1663 </p> 1664 1665 <table> 1666 <col width="19%"> 1667 <col width="20%"> 1668 <col width="10%"> 1669 <col width="23%"> 1670 <col width="17%"> 1671 <tr> 1672 <th>CVE</th> 1673 <th></th> 1674 <th></th> 1675 <th> Google </th> 1676 <th></th> 1677 </tr> 1678 <tr> 1679 <td>CVE-2016-6756</td> 1680 <td>A-29464815<br> 1681 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> 1682 QC-CR#1042068</a> 1683 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> 1684 <td></td> 1685 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1686 <td>2016 6 17 </td> 1687 </tr> 1688 <tr> 1689 <td>CVE-2016-6757</td> 1690 <td>A-30148242<br> 1691 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> 1692 QC-CR#1052821</a></td> 1693 <td></td> 1694 <td>Nexus 5XNexus 6Nexus 6PPixelPixel XL</td> 1695 <td>2016 7 13 </td> 1696 </tr> 1697 </table> 1698 1699 1700 <h3 id="id-in-nvidia-librm-library">NVIDIA librm </h3> 1701 <p> 1702 NVIDIA librm (libnvrm) 1703 </p> 1704 1705 <table> 1706 <col width="19%"> 1707 <col width="20%"> 1708 <col width="10%"> 1709 <col width="23%"> 1710 <col width="17%"> 1711 <tr> 1712 <th>CVE</th> 1713 <th></th> 1714 <th></th> 1715 <th> Google </th> 1716 <th></th> 1717 </tr> 1718 <tr> 1719 <td>CVE-2016-8400</td> 1720 <td>A-31251599* 1721 <br>N-CVE-2016-8400</td> 1722 <td></td> 1723 <td>Pixel C</td> 1724 <td>2016 8 29 </td> 1725 </tr> 1726 </table> 1727 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1728 </p> 1729 1730 <h3 id="id-in-kernel-components"></h3> 1731 <p> 1732 ( ION USB ) 1733 </p> 1734 1735 <table> 1736 <col width="19%"> 1737 <col width="20%"> 1738 <col width="10%"> 1739 <col width="23%"> 1740 <col width="17%"> 1741 <tr> 1742 <th>CVE</th> 1743 <th></th> 1744 <th></th> 1745 <th> Google </th> 1746 <th></th> 1747 </tr> 1748 <tr> 1749 <td>CVE-2016-8401</td> 1750 <td>A-31494725*</td> 1751 <td></td> 1752 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1753 <td>2016 9 13 </td> 1754 </tr> 1755 <tr> 1756 <td>CVE-2016-8402</td> 1757 <td>A-31495231*</td> 1758 <td></td> 1759 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1760 <td>2016 9 13 </td> 1761 </tr> 1762 <tr> 1763 <td>CVE-2016-8403</td> 1764 <td>A-31495348*</td> 1765 <td></td> 1766 <td>Nexus 9</td> 1767 <td>2016 9 13 </td> 1768 </tr> 1769 <tr> 1770 <td>CVE-2016-8404</td> 1771 <td>A-31496950*</td> 1772 <td></td> 1773 <td>Nexus 9</td> 1774 <td>2016 9 13 </td> 1775 </tr> 1776 <tr> 1777 <td>CVE-2016-8405</td> 1778 <td>A-31651010*</td> 1779 <td></td> 1780 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1781 <td>2016 9 21 </td> 1782 </tr> 1783 <tr> 1784 <td>CVE-2016-8406</td> 1785 <td>A-31796940*</td> 1786 <td></td> 1787 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1788 <td>2016 9 27 </td> 1789 </tr> 1790 <tr> 1791 <td>CVE-2016-8407</td> 1792 <td>A-31802656*</td> 1793 <td></td> 1794 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1795 <td>2016 9 28 </td> 1796 </tr> 1797 </table> 1798 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1799 </p> 1800 1801 <h3 id="id-in-nvidia-video-driver-2">NVIDIA </h3> 1802 <p> 1803 NVIDIA 1804 </p> 1805 1806 <table> 1807 <col width="19%"> 1808 <col width="20%"> 1809 <col width="10%"> 1810 <col width="23%"> 1811 <col width="17%"> 1812 <tr> 1813 <th>CVE</th> 1814 <th></th> 1815 <th></th> 1816 <th> Google </th> 1817 <th></th> 1818 </tr> 1819 <tr> 1820 <td>CVE-2016-8408</td> 1821 <td>A-31496571* 1822 <br>N-CVE-2016-8408</td> 1823 <td></td> 1824 <td>Nexus 9</td> 1825 <td>2016 9 13 </td> 1826 </tr> 1827 <tr> 1828 <td>CVE-2016-8409</td> 1829 <td>A-31495687* 1830 <br>N-CVE-2016-8409</td> 1831 <td></td> 1832 <td>Nexus 9</td> 1833 <td>2016 9 13 </td> 1834 </tr> 1835 </table> 1836 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1837 </p> 1838 1839 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3> 1840 <p> 1841 Qualcomm 1842 </p> 1843 1844 <table> 1845 <col width="19%"> 1846 <col width="20%"> 1847 <col width="10%"> 1848 <col width="23%"> 1849 <col width="17%"> 1850 <tr> 1851 <th>CVE</th> 1852 <th></th> 1853 <th></th> 1854 <th> Google </th> 1855 <th></th> 1856 </tr> 1857 <tr> 1858 <td>CVE-2016-8410</td> 1859 <td>A-31498403<br> 1860 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> 1861 QC-CR#987010</a></td> 1862 <td></td> 1863 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1864 <td>Google </td> 1865 </tr> 1866 </table> 1867 1868 <h2 id="common-questions-and-answers"></h2> 1869 <p> 1870 </p> 1871 <p> 1872 <strong>1. 1873 </strong> 1874 </p> 1875 <p> 1876 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 1877 </p> 1878 <ul> 1879 <li>2016 12 1 2016-12-01 </li> 1880 <li>2016 12 5 2016-12-05 </li> 1881 </ul> 1882 <p> 1883 1884 </p> 1885 <ul> 1886 <li>[ro.build.version.security_patch]:[2016-12-01]</li> 1887 <li>[ro.build.version.security_patch]:[2016-12-05]</li> 1888 </ul> 1889 <p> 1890 <strong>2. </strong> 1891 </p> 1892 <p> 1893 Android Android Android 1894 </p> 1895 <ul> 1896 <li> 2016 12 1 </li> 1897 <li> 2016 12 5 () </li> 1898 </ul> 1899 <p> 1900 1901 </p> 1902 <p> 1903 <strong>3. Google </strong> 1904 </p> 1905 <p> <a href="#2016-12-01-details">2016-12-01</a> <a href="#2016-12-05-details">2016-12-05</a> Google <em></em> Google </p> 1906 <ul> 1907 <li><strong> Google </strong> Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 1908 <li><strong> Google </strong> Google Google <em></em> Google </li> 1909 <li><strong> Google </strong> Android 7.0 Google Google <em></em></li> 1910 </ul> 1911 <p> 1912 <strong>4. </strong> 1913 </p> 1914 <p><em></em> 1915 </p> 1916 <table> 1917 <tr> 1918 <th></th> 1919 <th></th> 1920 </tr> 1921 <tr> 1922 <td>A-</td> 1923 <td>Android ID</td> 1924 </tr> 1925 <tr> 1926 <td>QC-</td> 1927 <td>Qualcomm </td> 1928 </tr> 1929 <tr> 1930 <td>M-</td> 1931 <td>MediaTek </td> 1932 </tr> 1933 <tr> 1934 <td>N-</td> 1935 <td>NVIDIA </td> 1936 </tr> 1937 <tr> 1938 <td>B-</td> 1939 <td>Broadcom </td> 1940 </tr> 1941 </table> 1942 <h2 id="revisions"></h2> 1943 <ul> 1944 <li>2016 12 5 </li> 1945 <li>2016 12 7 AOSP CVE-2016-6915CVE-2016-6916 CVE-2016-6917 </li> 1946 </ul> 1947
