1 page.title=Android 2017 1 2 @jd:body 3 4 <!-- 5 Copyright 2016 The Android Open Source Project 6 7 Licensed under the Apache License, Version 2.0 (the "License"); 8 you may not use this file except in compliance with the License. 9 You may obtain a copy of the License at 10 11 http://www.apache.org/licenses/LICENSE-2.0 12 13 Unless required by applicable law or agreed to in writing, software 14 distributed under the License is distributed on an "AS IS" BASIS, 15 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 See the License for the specific language governing permissions and 17 limitations under the License. 18 --> 19 <p><em>2017 1 3 | 2017 1 5 </em></p> 20 21 <p>Android Android Google OTA Google Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2017 1 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 22 23 <p> 2016 12 5 Android (AOSP) AOSP </p> 24 25 <p></p> 26 27 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) Android <a href="#mitigations">Android Google </a></p> 28 29 <p></p> 30 31 <h2 id="announcements"></h2> 32 <ul> 33 <li> Android Android <a href="#common-questions-and-answers"></a> 34 <ul> 35 <li><strong>2017-01-01</strong> 2017-01-01 () </li> 36 <li><strong>2017-01-05</strong> 2017-01-01 2017-01-05 () </li> 37 </ul> 38 </li> 39 <li> Google OTA 2017 1 5 </li> 40 </ul> 41 <h2 id="security-vulnerability-summary"></h2> 42 <p> ID (CVE) Google <a href="{@docRoot}security/overview/updates-resources.html#severity"></a></p> 43 44 <h3 id="2017-01-01-summary">2017-01-01 </h3> 45 <p>2017-01-01 </p> 46 47 <table> 48 <col width="55%"> 49 <col width="20%"> 50 <col width="13%"> 51 <col width="12%"> 52 <tr> 53 <th></th> 54 <th>CVE</th> 55 <th></th> 56 <th> Google </th> 57 </tr> 58 <tr> 59 <td>c-ares </td> 60 <td>CVE-2016-5180</td> 61 <td></td> 62 <td></td> 63 </tr> 64 <tr> 65 <td>Framesequence </td> 66 <td>CVE-2017-0382</td> 67 <td></td> 68 <td></td> 69 </tr> 70 <tr> 71 <td>Framework API </td> 72 <td>CVE-2017-0383</td> 73 <td></td> 74 <td></td> 75 </tr> 76 <tr> 77 <td></td> 78 <td>CVE-2017-0384CVE-2017-0385</td> 79 <td></td> 80 <td></td> 81 </tr> 82 <tr> 83 <td>libnl </td> 84 <td>CVE-2017-0386</td> 85 <td></td> 86 <td></td> 87 </tr> 88 <tr> 89 <td></td> 90 <td>CVE-2017-0387</td> 91 <td></td> 92 <td></td> 93 </tr> 94 <tr> 95 <td></td> 96 <td>CVE-2017-0388</td> 97 <td></td> 98 <td></td> 99 </tr> 100 <tr> 101 <td></td> 102 <td>CVE-2017-0389</td> 103 <td></td> 104 <td></td> 105 </tr> 106 <tr> 107 <td></td> 108 <td>CVE-2017-0390CVE-2017-0391CVE-2017-0392CVE-2017-0393</td> 109 <td></td> 110 <td></td> 111 </tr> 112 <tr> 113 <td></td> 114 <td>CVE-2017-0394</td> 115 <td></td> 116 <td></td> 117 </tr> 118 <tr> 119 <td></td> 120 <td>CVE-2017-0395</td> 121 <td></td> 122 <td></td> 123 </tr> 124 <tr> 125 <td></td> 126 <td>CVE-2017-0396CVE-2017-0397CVE-2017-0381</td> 127 <td></td> 128 <td></td> 129 </tr> 130 <tr> 131 <td></td> 132 <td>CVE-2017-0398CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 133 <td></td> 134 <td></td> 135 </tr> 136 </table> 137 138 <h3 id="2017-01-05-summary">2017-01-05 </h3> 139 <p>2017-01-05 2017-01-01 </p> 140 141 <table> 142 <col width="55%"> 143 <col width="20%"> 144 <col width="13%"> 145 <col width="12%"> 146 <tr> 147 <th></th> 148 <th>CVE</th> 149 <th></th> 150 <th> Google </th> 151 </tr> 152 <tr> 153 <td></td> 154 <td>CVE-2015-3288</td> 155 <td></td> 156 <td></td> 157 </tr> 158 <tr> 159 <td>Qualcomm </td> 160 <td>CVE-2016-8422CVE-2016-8423</td> 161 <td></td> 162 <td></td> 163 </tr> 164 <tr> 165 <td></td> 166 <td>CVE-2015-5706</td> 167 <td></td> 168 <td>*</td> 169 </tr> 170 <tr> 171 <td>NVIDIA GPU </td> 172 <td>CVE-2016-8424CVE-2016-8425CVE-2016-8426CVE-2016-8482CVE-2016-8427CVE-2016-8428CVE-2016-8429CVE-2016-8430CVE-2016-8431CVE-2016-8432</td> 173 <td></td> 174 <td></td> 175 </tr> 176 <tr> 177 <td>MediaTek </td> 178 <td>CVE-2016-8433</td> 179 <td></td> 180 <td>*</td> 181 </tr> 182 <tr> 183 <td>Qualcomm GPU </td> 184 <td>CVE-2016-8434</td> 185 <td></td> 186 <td></td> 187 </tr> 188 <tr> 189 <td>NVIDIA GPU </td> 190 <td>CVE-2016-8435</td> 191 <td></td> 192 <td></td> 193 </tr> 194 <tr> 195 <td>Qualcomm </td> 196 <td>CVE-2016-8436</td> 197 <td></td> 198 <td>*</td> 199 </tr> 200 <tr> 201 <td>Qualcomm </td> 202 <td>CVE-2016-5080CVE-2016-8398CVE-2016-8437CVE-2016-8438CVE-2016-8439CVE-2016-8440CVE-2016-8441CVE-2016-8442CVE-2016-8443CVE-2016-8459</td> 203 <td></td> 204 <td>*</td> 205 </tr> 206 <tr> 207 <td>Qualcomm </td> 208 <td>CVE-2016-8412CVE-2016-8444</td> 209 <td></td> 210 <td></td> 211 </tr> 212 <tr> 213 <td>MediaTek </td> 214 <td>CVE-2016-8445CVE-2016-8446CVE-2016-8447CVE-2016-8448</td> 215 <td></td> 216 <td>*</td> 217 </tr> 218 <tr> 219 <td>Qualcomm Wi-Fi </td> 220 <td>CVE-2016-8415</td> 221 <td></td> 222 <td></td> 223 </tr> 224 <tr> 225 <td>NVIDIA GPU </td> 226 <td>CVE-2016-8449</td> 227 <td></td> 228 <td></td> 229 </tr> 230 <tr> 231 <td>Qualcomm </td> 232 <td>CVE-2016-8450</td> 233 <td></td> 234 <td></td> 235 </tr> 236 <tr> 237 <td>Synaptics </td> 238 <td>CVE-2016-8451</td> 239 <td></td> 240 <td>*</td> 241 </tr> 242 <tr> 243 <td></td> 244 <td>CVE-2016-7042</td> 245 <td></td> 246 <td></td> 247 </tr> 248 <tr> 249 <td></td> 250 <td>CVE-2017-0403</td> 251 <td></td> 252 <td></td> 253 </tr> 254 <tr> 255 <td></td> 256 <td>CVE-2017-0404</td> 257 <td></td> 258 <td></td> 259 </tr> 260 <tr> 261 <td>Qualcomm Wi-Fi </td> 262 <td>CVE-2016-8452</td> 263 <td></td> 264 <td></td> 265 </tr> 266 <tr> 267 <td>Qualcomm </td> 268 <td>CVE-2016-5345</td> 269 <td></td> 270 <td></td> 271 </tr> 272 <tr> 273 <td></td> 274 <td>CVE-2016-9754</td> 275 <td></td> 276 <td></td> 277 </tr> 278 <tr> 279 <td>Broadcom Wi-Fi </td> 280 <td>CVE-2016-8453CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457</td> 281 <td></td> 282 <td></td> 283 </tr> 284 <tr> 285 <td>Synaptics </td> 286 <td>CVE-2016-8458</td> 287 <td></td> 288 <td></td> 289 </tr> 290 <tr> 291 <td>NVIDIA </td> 292 <td>CVE-2016-8460</td> 293 <td></td> 294 <td></td> 295 </tr> 296 <tr> 297 <td></td> 298 <td>CVE-2016-8461CVE-2016-8462</td> 299 <td></td> 300 <td></td> 301 </tr> 302 <tr> 303 <td>Qualcomm FUSE </td> 304 <td>CVE-2016-8463</td> 305 <td></td> 306 <td>*</td> 307 </tr> 308 <tr> 309 <td></td> 310 <td>CVE-2016-8467</td> 311 <td></td> 312 <td></td> 313 </tr> 314 <tr> 315 <td>Broadcom Wi-Fi </td> 316 <td>CVE-2016-8464CVE-2016-8465CVE-2016-8466</td> 317 <td></td> 318 <td></td> 319 </tr> 320 <tr> 321 <td></td> 322 <td>CVE-2016-8467</td> 323 <td></td> 324 <td></td> 325 </tr> 326 <tr> 327 <td></td> 328 <td>CVE-2016-8468</td> 329 <td></td> 330 <td></td> 331 </tr> 332 <tr> 333 <td>NVIDIA </td> 334 <td>CVE-2016-8469</td> 335 <td></td> 336 <td></td> 337 </tr> 338 <tr> 339 <td>MediaTek </td> 340 <td>CVE-2016-8470CVE-2016-8471CVE-2016-8472</td> 341 <td></td> 342 <td>*</td> 343 </tr> 344 <tr> 345 <td>STMicroelectronics </td> 346 <td>CVE-2016-8473CVE-2016-8474</td> 347 <td></td> 348 <td></td> 349 </tr> 350 <tr> 351 <td>Qualcomm </td> 352 <td>CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 353 <td></td> 354 <td></td> 355 </tr> 356 <tr> 357 <td>HTC </td> 358 <td>CVE-2016-8475</td> 359 <td></td> 360 <td></td> 361 </tr> 362 <tr> 363 <td></td> 364 <td>CVE-2014-9420</td> 365 <td></td> 366 <td></td> 367 </tr> 368 </table> 369 <p>* Android 7.0 Google ()</p> 370 371 <h2 id="mitigations">Android Google </h2> 372 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android </p> 373 <ul> 374 <li> Android Android Android</li> 375 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 376 <li>Google Hangouts Messenger </li> 377 </ul> 378 <h2 id="acknowledgements"></h2> 379 <p></p> 380 <ul> 381 <li>Alexandru BlandaCVE-2017-0390</li> 382 <li>Copperhead Security Daniel MicayCVE-2017-0397</li> 383 <li> Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>)CVE-2017-0386</li> 384 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>)CVE-2017-0392</li> 385 <li> (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-8412CVE-2016-8444CVE-2016-8427CVE-2017-0403</li> 386 <li> Shellphish Grill donfos (Aravind Machiry)CVE-2016-8448CVE-2016-8470CVE-2016-8471CVE-2016-8472</li> 387 <li><a href="http://www.ms509.com">MS509Team</a> En He (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>)CVE-2017-0394</li> 388 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-8464</li> 389 <li>Google WebM CVE-2017-0393</li> 390 <li><a href="http://www.360.com"> 360 </a> Alpha Guang Gong () (<a href="http://twitter.com/oldfresher">@oldfresher</a>)CVE-2017-0387</li> 391 <li> 360 Alpha Hao Chen Guang GongCVE-2016-8415CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457CVE-2016-8465</li> 392 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-8475</li> 393 <li>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>) Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>)CVE-2016-8462</li> 394 <li>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>)Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>) Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)CVE-2016-8461</li> 395 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0383</li> 396 <li>Monk AvelCVE-2017-0396CVE-2017-0399</li> 397 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-8469CVE-2016-8424CVE-2016-8428CVE-2016-8429CVE-2016-8460CVE-2016-8473CVE-2016-8474</li> 398 <li> Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2017-0382</li> 399 <li>IBM X-Force Roee Hay Michael GobermanCVE-2016-8467</li> 400 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-8466</li> 401 <li>Stephen MorrowCVE-2017-0389</li> 402 <li><a href="http://www.trendmicro.com"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0381</li> 403 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2017-0391</li> 404 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0402CVE-2017-0398</li> 405 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0400</li> 406 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0384CVE-2017-0385</li> 407 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0401</li> 408 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8431CVE-2016-8432CVE-2016-8435</li> 409 <li> Yong Wang () (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Jun ChengCVE-2017-0404</li> 410 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8425CVE-2016-8426CVE-2016-8449</li> 411 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:bigwyfone (a] gmail.com">Yanfeng Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8430CVE-2016-8482</li> 412 <li> Yuxiang Li (<a href="https://twitter.com/xbalien29">@Xbalien29</a>)CVE-2017-0395</li> 413 <li><a href="http://www.cmcm.com/"></a> Zhanpeng Zhao () (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>)CVE-2016-8451</li> 414 </ul> 415 <p></p> 416 <ul> 417 <li> Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi Zhang Yang Song</li> 418 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)</li> 419 <li>Google Zubin Mithra</li> 420 </ul> 421 422 <h2 id="2017-01-01-details">2017-01-01 </h2> 423 <p> 424 <a href="#2017-01-01-summary">2017-01-01 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 425 426 427 <h3 id="rce-in-c-ares">c-ares </h3> 428 <p> 429 c-ares 430 </p> 431 432 <table> 433 <col width="18%"> 434 <col width="17%"> 435 <col width="10%"> 436 <col width="19%"> 437 <col width="18%"> 438 <col width="17%"> 439 <tr> 440 <th>CVE</th> 441 <th></th> 442 <th></th> 443 <th> Google </th> 444 <th> AOSP </th> 445 <th></th> 446 </tr> 447 <tr> 448 <td>CVE-2016-5180</td> 449 <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677"> 450 A-32205736</a></td> 451 <td></td> 452 <td></td> 453 <td>7.0</td> 454 <td>2016 9 29 </td> 455 </tr> 456 </table> 457 458 459 <h3 id="rce-vulnerability-in-framesequence">Framesequence </h3> 460 <p> 461 Framesequence Framesequence 462 </p> 463 <table> 464 <col width="18%"> 465 <col width="17%"> 466 <col width="10%"> 467 <col width="19%"> 468 <col width="18%"> 469 <col width="17%"> 470 <tr> 471 <th>CVE</th> 472 <th></th> 473 <th></th> 474 <th> Google </th> 475 <th> AOSP </th> 476 <th></th> 477 </tr> 478 <tr> 479 <td>CVE-2017-0382</td> 480 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7"> 481 A-32338390</a></td> 482 <td></td> 483 <td></td> 484 <td>5.0.25.1.16.06.0.17.07.1.1</td> 485 <td>2016 10 21 </td> 486 </tr> 487 </table> 488 <h3 id="eop-in-framework-apis">Framework API </h3> 489 <p> 490 Framework API 491 </p> 492 <table> 493 <col width="18%"> 494 <col width="17%"> 495 <col width="10%"> 496 <col width="19%"> 497 <col width="18%"> 498 <col width="17%"> 499 <tr> 500 <th>CVE</th> 501 <th></th> 502 <th></th> 503 <th> Google </th> 504 <th> AOSP </th> 505 <th></th> 506 </tr> 507 <tr> 508 <td>CVE-2017-0383</td> 509 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266"> 510 A-31677614</a></td> 511 <td></td> 512 <td></td> 513 <td>7.07.1.1</td> 514 <td>2016 9 21 </td> 515 </tr> 516 </table> 517 <h3 id="eop-in-audioserver"></h3> 518 <p> 519 </p> 520 <table> 521 <col width="18%"> 522 <col width="17%"> 523 <col width="10%"> 524 <col width="19%"> 525 <col width="18%"> 526 <col width="17%"> 527 <tr> 528 <th>CVE</th> 529 <th></th> 530 <th></th> 531 <th> Google </th> 532 <th> AOSP </th> 533 <th></th> 534 </tr> 535 <tr> 536 <td>CVE-2017-0384</td> 537 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 538 A-32095626</a></td> 539 <td></td> 540 <td></td> 541 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 542 <td>2016 10 11 </td> 543 </tr> 544 <tr> 545 <td>CVE-2017-0385</td> 546 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 547 A-32585400</a></td> 548 <td></td> 549 <td></td> 550 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 551 <td>2016 10 11 </td> 552 </tr> 553 </table> 554 <h3 id="eop-in-libnl">libnl </h3> 555 <p> 556 libnl 557 </p> 558 <table> 559 <col width="18%"> 560 <col width="17%"> 561 <col width="10%"> 562 <col width="19%"> 563 <col width="18%"> 564 <col width="17%"> 565 <tr> 566 <th>CVE</th> 567 <th></th> 568 <th></th> 569 <th> Google </th> 570 <th> AOSP </th> 571 <th></th> 572 </tr> 573 <tr> 574 <td>CVE-2017-0386</td> 575 <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a"> 576 A-32255299</a></td> 577 <td></td> 578 <td></td> 579 <td>5.0.25.1.16.06.0.17.07.1.1</td> 580 <td>2016 10 18 </td> 581 </tr> 582 </table> 583 <h3 id="eop-in-mediaserver"></h3> 584 <p> 585 586 </p> 587 <table> 588 <col width="18%"> 589 <col width="17%"> 590 <col width="10%"> 591 <col width="19%"> 592 <col width="18%"> 593 <col width="17%"> 594 <tr> 595 <th>CVE</th> 596 <th></th> 597 <th></th> 598 <th> Google </th> 599 <th> AOSP </th> 600 <th></th> 601 </tr> 602 <tr> 603 <td>CVE-2017-0387</td> 604 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f"> 605 A-32660278</a></td> 606 <td></td> 607 <td></td> 608 <td>5.0.25.1.16.06.0.17.07.1.1</td> 609 <td>2016 11 4 </td> 610 </tr> 611 </table> 612 <h3 id="id-in-external-storage-provider"></h3> 613 <p> 614 SD 615 </p> 616 <table> 617 <col width="18%"> 618 <col width="17%"> 619 <col width="10%"> 620 <col width="19%"> 621 <col width="18%"> 622 <col width="17%"> 623 <tr> 624 <th>CVE</th> 625 <th></th> 626 <th></th> 627 <th> Google </th> 628 <th> AOSP </th> 629 <th></th> 630 </tr> 631 <tr> 632 <td>CVE-2017-0388</td> 633 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9"> 634 A-32523490</a></td> 635 <td></td> 636 <td></td> 637 <td>6.06.0.17.07.1.1</td> 638 <td>Google </td> 639 </tr> 640 </table> 641 <h3 id="dos-in-core-networking"></h3> 642 <p> 643 644 </p> 645 <table> 646 <col width="18%"> 647 <col width="17%"> 648 <col width="10%"> 649 <col width="19%"> 650 <col width="18%"> 651 <col width="17%"> 652 <tr> 653 <th>CVE</th> 654 <th></th> 655 <th></th> 656 <th> Google </th> 657 <th> AOSP </th> 658 <th></th> 659 </tr> 660 <tr> 661 <td>CVE-2017-0389</td> 662 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7"> 663 A-31850211</a> 664 [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 665 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td> 666 <td></td> 667 <td></td> 668 <td>6.06.0.17.07.1.1</td> 669 <td>2016 7 20 </td> 670 </tr> 671 </table> 672 <h3 id="dos-in-mediaserver"></h3> 673 <p> 674 675 </p> 676 <table> 677 <col width="18%"> 678 <col width="17%"> 679 <col width="10%"> 680 <col width="19%"> 681 <col width="18%"> 682 <col width="17%"> 683 <tr> 684 <th>CVE</th> 685 <th></th> 686 <th></th> 687 <th> Google </th> 688 <th> AOSP </th> 689 <th></th> 690 </tr> 691 <tr> 692 <td>CVE-2017-0390</td> 693 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0"> 694 A-31647370</a></td> 695 <td></td> 696 <td></td> 697 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 698 <td>2016 9 19 </td> 699 </tr> 700 <tr> 701 <td>CVE-2017-0391</td> 702 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f"> 703 A-32322258</a></td> 704 <td></td> 705 <td></td> 706 <td>6.06.0.17.07.1.1</td> 707 <td>2016 10 20 </td> 708 </tr> 709 <tr> 710 <td>CVE-2017-0392</td> 711 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c"> 712 A-32577290</a></td> 713 <td></td> 714 <td></td> 715 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 716 <td>2016 10 29 </td> 717 </tr> 718 <tr> 719 <td>CVE-2017-0393</td> 720 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc"> 721 A-30436808</a></td> 722 <td></td> 723 <td></td> 724 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 725 <td>Google </td> 726 </tr> 727 </table> 728 <h3 id="dos-in-telephony"></h3> 729 <p> 730 731 </p> 732 <table> 733 <col width="18%"> 734 <col width="17%"> 735 <col width="10%"> 736 <col width="19%"> 737 <col width="18%"> 738 <col width="17%"> 739 <tr> 740 <th>CVE</th> 741 <th></th> 742 <th></th> 743 <th> Google </th> 744 <th> AOSP </th> 745 <th></th> 746 </tr> 747 <tr> 748 <td>CVE-2017-0394</td> 749 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d"> 750 A-31752213</a></td> 751 <td></td> 752 <td></td> 753 <td>5.0.25.1.16.06.0.17.07.1.1</td> 754 <td>2016 9 23 </td> 755 </tr> 756 </table> 757 <h3 id="eop-in-contacts"></h3> 758 <p> 759 () 760 </p> 761 <table> 762 <col width="18%"> 763 <col width="17%"> 764 <col width="10%"> 765 <col width="19%"> 766 <col width="18%"> 767 <col width="17%"> 768 <tr> 769 <th>CVE</th> 770 <th></th> 771 <th></th> 772 <th> Google </th> 773 <th> AOSP </th> 774 <th></th> 775 </tr> 776 <tr> 777 <td>CVE-2017-0395</td> 778 <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b"> 779 A-32219099</a></td> 780 <td></td> 781 <td></td> 782 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 783 <td>2016 10 15 </td> 784 </tr> 785 </table> 786 <h3 id="id-in-mediaserver"></h3> 787 <p> 788 789 </p> 790 <table> 791 <col width="18%"> 792 <col width="17%"> 793 <col width="10%"> 794 <col width="19%"> 795 <col width="18%"> 796 <col width="17%"> 797 <tr> 798 <th>CVE</th> 799 <th></th> 800 <th></th> 801 <th> Google </th> 802 <th> AOSP </th> 803 <th></th> 804 </tr> 805 <tr> 806 <td>CVE-2017-0381</td> 807 <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7"> 808 A-31607432</a></td> 809 <td></td> 810 <td></td> 811 <td>5.0.25.1.16.06.0.17.07.1.1</td> 812 <td>2016 9 18 </td> 813 </tr> 814 <tr> 815 <td>CVE-2017-0396</td> 816 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7"> 817 A-31781965</a></td> 818 <td></td> 819 <td></td> 820 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 821 <td>2016 9 27 </td> 822 </tr> 823 <tr> 824 <td>CVE-2017-0397</td> 825 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c"> 826 A-32377688</a></td> 827 <td></td> 828 <td></td> 829 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 830 <td>2016 10 21 </td> 831 </tr> 832 </table> 833 <h3 id="id-in-audioserver"></h3> 834 <p> 835 836 </p> 837 <table> 838 <col width="18%"> 839 <col width="17%"> 840 <col width="10%"> 841 <col width="19%"> 842 <col width="18%"> 843 <col width="17%"> 844 <tr> 845 <th>CVE</th> 846 <th></th> 847 <th></th> 848 <th> Google </th> 849 <th> AOSP </th> 850 <th></th> 851 </tr> 852 <tr> 853 <td>CVE-2017-0398</td> 854 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 855 A-32438594</a></td> 856 <td></td> 857 <td></td> 858 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 859 <td>2016 10 25 </td> 860 </tr> 861 <tr> 862 <td>CVE-2017-0398</td> 863 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 864 A-32635664</a></td> 865 <td></td> 866 <td></td> 867 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 868 <td>2016 10 25 </td> 869 </tr> 870 <tr> 871 <td>CVE-2017-0398</td> 872 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 873 A-32624850</a></td> 874 <td></td> 875 <td></td> 876 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 877 <td>2016 10 25 </td> 878 </tr> 879 <tr> 880 <td>CVE-2017-0399</td> 881 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 882 A-32247948</a> 883 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 884 <td></td> 885 <td></td> 886 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 887 <td>2016 10 18 </td> 888 </tr> 889 <tr> 890 <td>CVE-2017-0400</td> 891 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 892 A-32584034</a> 893 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 894 <td></td> 895 <td></td> 896 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 897 <td>2016 10 25 </td> 898 </tr> 899 <tr> 900 <td>CVE-2017-0401</td> 901 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 902 A-32448258</a></td> 903 <td></td> 904 <td></td> 905 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 906 <td>2016 10 26 </td> 907 </tr> 908 <tr> 909 <td>CVE-2017-0402</td> 910 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 911 A-32436341</a> 912 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 913 <td></td> 914 <td></td> 915 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 916 <td>2016 10 25 </td> 917 </tr> 918 </table> 919 920 <h2 id="2017-01-05-details">2017-01-05 </h2> 921 <p> 922 <a href="#2017-01-05-summary">2017-01-05 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 923 924 925 <h3 id="eop-in-kernel-memory-subsystem"></h3> 926 <p> 927 (Re-flash) 928 </p> 929 930 <table> 931 <col width="19%"> 932 <col width="20%"> 933 <col width="10%"> 934 <col width="23%"> 935 <col width="17%"> 936 <tr> 937 <th>CVE</th> 938 <th></th> 939 <th></th> 940 <th> Google </th> 941 <th></th> 942 </tr> 943 <tr> 944 <td>CVE-2015-3288</td> 945 <td>A-32460277<br> 946 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d"> 947 </a></td> 948 <td></td> 949 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus PlayerPixelPixel XL</td> 950 <td>2015 7 9 </td> 951 </tr> 952 </table> 953 954 955 <h3 id="eop-in-qualcomm-bootloader">Qualcomm </h3> 956 <p>Qualcomm (Re-flash) 957 </p> 958 959 <table> 960 <col width="19%"> 961 <col width="20%"> 962 <col width="10%"> 963 <col width="23%"> 964 <col width="17%"> 965 <tr> 966 <th>CVE</th> 967 <th></th> 968 <th></th> 969 <th> Google </th> 970 <th></th> 971 </tr> 972 <tr> 973 <td>CVE-2016-8422</td> 974 <td>A-31471220<br> 975 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213"> 976 QC-CR#979426</a></td> 977 <td></td> 978 <td>Nexus 6Nexus 6PPixelPixel XL</td> 979 <td>2016 7 22 </td> 980 </tr> 981 <tr> 982 <td>CVE-2016-8423</td> 983 <td>A-31399736<br> 984 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867"> 985 QC-CR#1000546</a></td> 986 <td></td> 987 <td>Nexus 6PPixelPixel XL</td> 988 <td>2016 8 24 </td> 989 </tr> 990 </table> 991 992 993 <h3 id="eop-in-kernel-file-system"></h3> 994 <p> 995 (Re-flash) 996 </p> 997 998 <table> 999 <col width="19%"> 1000 <col width="20%"> 1001 <col width="10%"> 1002 <col width="23%"> 1003 <col width="17%"> 1004 <tr> 1005 <th>CVE</th> 1006 <th></th> 1007 <th></th> 1008 <th> Google </th> 1009 <th></th> 1010 </tr> 1011 <tr> 1012 <td>CVE-2015-5706</td> 1013 <td>A-32289301<br> 1014 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0"> 1015 </a></td> 1016 <td></td> 1017 <td>*</td> 1018 <td>2016 8 1 </td> 1019 </tr> 1020 </table> 1021 <p> 1022 * Android 7.0 Google () 1023 </p> 1024 1025 1026 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1027 <p> 1028 NVIDIA GPU (Re-flash) 1029 </p> 1030 1031 <table> 1032 <col width="19%"> 1033 <col width="20%"> 1034 <col width="10%"> 1035 <col width="23%"> 1036 <col width="17%"> 1037 <tr> 1038 <th>CVE</th> 1039 <th></th> 1040 <th></th> 1041 <th> Google </th> 1042 <th></th> 1043 </tr> 1044 <tr> 1045 <td>CVE-2016-8424</td> 1046 <td>A-31606947*<br> 1047 N-CVE-2016-8424</td> 1048 <td></td> 1049 <td>Nexus 9</td> 1050 <td>2016 9 17 </td> 1051 </tr> 1052 <tr> 1053 <td>CVE-2016-8425</td> 1054 <td>A-31797770*<br> 1055 N-CVE-2016-8425</td> 1056 <td></td> 1057 <td>Nexus 9</td> 1058 <td>2016 9 28 </td> 1059 </tr> 1060 <tr> 1061 <td>CVE-2016-8426</td> 1062 <td>A-31799206*<br> 1063 N-CVE-2016-8426</td> 1064 <td></td> 1065 <td>Nexus 9</td> 1066 <td>2016 9 28 </td> 1067 </tr> 1068 <tr> 1069 <td>CVE-2016-8482</td> 1070 <td>A-31799863*<br> 1071 N-CVE-2016-8482</td> 1072 <td></td> 1073 <td>Nexus 9</td> 1074 <td>2016 9 28 </td> 1075 </tr> 1076 <tr> 1077 <td>CVE-2016-8427</td> 1078 <td>A-31799885*<br> 1079 N-CVE-2016-8427</td> 1080 <td></td> 1081 <td>Nexus 9</td> 1082 <td>2016 9 28 </td> 1083 </tr> 1084 <tr> 1085 <td>CVE-2016-8428</td> 1086 <td>A-31993456*<br> 1087 N-CVE-2016-8428</td> 1088 <td></td> 1089 <td>Nexus 9</td> 1090 <td>2016 10 6 </td> 1091 </tr> 1092 <tr> 1093 <td>CVE-2016-8429</td> 1094 <td>A-32160775*<br> 1095 N-CVE-2016-8429</td> 1096 <td></td> 1097 <td>Nexus 9</td> 1098 <td>2016 10 13 </td> 1099 </tr> 1100 <tr> 1101 <td>CVE-2016-8430</td> 1102 <td>A-32225180*<br> 1103 N-CVE-2016-8430</td> 1104 <td></td> 1105 <td>Nexus 9</td> 1106 <td>2016 10 17 </td> 1107 </tr> 1108 <tr> 1109 <td>CVE-2016-8431</td> 1110 <td>A-32402179*<br> 1111 N-CVE-2016-8431</td> 1112 <td></td> 1113 <td>Pixel C</td> 1114 <td>2016 10 25 </td> 1115 </tr> 1116 <tr> 1117 <td>CVE-2016-8432</td> 1118 <td>A-32447738*<br> 1119 N-CVE-2016-8432</td> 1120 <td></td> 1121 <td>Pixel C</td> 1122 <td>2016 10 26 </td> 1123 </tr> 1124 </table> 1125 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1126 </p> 1127 1128 1129 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1130 <p> 1131 MediaTek (Re-flash) 1132 </p> 1133 1134 <table> 1135 <col width="19%"> 1136 <col width="20%"> 1137 <col width="10%"> 1138 <col width="23%"> 1139 <col width="17%"> 1140 <tr> 1141 <th>CVE</th> 1142 <th></th> 1143 <th></th> 1144 <th> Google </th> 1145 <th></th> 1146 </tr> 1147 <tr> 1148 <td>CVE-2016-8433</td> 1149 <td>A-31750190*<br> 1150 MT-ALPS02974192</td> 1151 <td></td> 1152 <td>**</td> 1153 <td>2016 9 24 </td> 1154 </tr> 1155 </table> 1156 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1157 </p> 1158 <p> 1159 ** Android 7.0 Google () 1160 </p> 1161 1162 1163 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU </h3> 1164 <p>Qualcomm GPU (Re-flash) 1165 </p> 1166 1167 <table> 1168 <col width="19%"> 1169 <col width="20%"> 1170 <col width="10%"> 1171 <col width="23%"> 1172 <col width="17%"> 1173 <tr> 1174 <th>CVE</th> 1175 <th></th> 1176 <th></th> 1177 <th> Google </th> 1178 <th></th> 1179 </tr> 1180 <tr> 1181 <td>CVE-2016-8434</td> 1182 <td>A-32125137<br> 1183 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9"> 1184 QC-CR#1081855</a></td> 1185 <td></td> 1186 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1187 <td>2016 10 12 </td> 1188 </tr> 1189 </table> 1190 1191 1192 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU </h3> 1193 <p> 1194 NVIDIA GPU (Re-flash) 1195 </p> 1196 1197 <table> 1198 <col width="19%"> 1199 <col width="20%"> 1200 <col width="10%"> 1201 <col width="23%"> 1202 <col width="17%"> 1203 <tr> 1204 <th>CVE</th> 1205 <th></th> 1206 <th></th> 1207 <th> Google </th> 1208 <th></th> 1209 </tr> 1210 <tr> 1211 <td>CVE-2016-8435</td> 1212 <td>A-32700935*<br> 1213 N-CVE-2016-8435</td> 1214 <td></td> 1215 <td>Pixel C</td> 1216 <td>2016 11 7 </td> 1217 </tr> 1218 </table> 1219 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1220 </p> 1221 1222 1223 <h3 id="eop-in-qualcomm-video-driver">Qualcomm </h3> 1224 <p> 1225 Qualcomm (Re-flash) 1226 </p> 1227 1228 <table> 1229 <col width="19%"> 1230 <col width="20%"> 1231 <col width="10%"> 1232 <col width="23%"> 1233 <col width="17%"> 1234 <tr> 1235 <th>CVE</th> 1236 <th></th> 1237 <th></th> 1238 <th> Google </th> 1239 <th></th> 1240 </tr> 1241 <tr> 1242 <td>CVE-2016-8436</td> 1243 <td>A-32450261<br> 1244 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced"> 1245 QC-CR#1007860</a></td> 1246 <td></td> 1247 <td>*</td> 1248 <td>2016 10 13 </td> 1249 </tr> 1250 </table> 1251 <p> 1252 * Android 7.0 Google () 1253 </p> 1254 1255 1256 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1257 <p> 1258 Qualcomm 2015 11 2016 8 2016 9 2016 10 Qualcomm AMSS 1259 </p> 1260 1261 <table> 1262 <col width="19%"> 1263 <col width="20%"> 1264 <col width="10%"> 1265 <col width="23%"> 1266 <col width="17%"> 1267 <tr> 1268 <th>CVE</th> 1269 <th></th> 1270 <th>*</th> 1271 <th> Google </th> 1272 <th></th> 1273 </tr> 1274 <tr> 1275 <td>CVE-2016-8438</td> 1276 <td>A-31624565**</td> 1277 <td></td> 1278 <td>***</td> 1279 <td>Qualcomm </td> 1280 </tr> 1281 <tr> 1282 <td>CVE-2016-8442</td> 1283 <td>A-31625910**</td> 1284 <td></td> 1285 <td>***</td> 1286 <td>Qualcomm </td> 1287 </tr> 1288 <tr> 1289 <td>CVE-2016-8443</td> 1290 <td>A-32576499**</td> 1291 <td></td> 1292 <td>***</td> 1293 <td>Qualcomm </td> 1294 </tr> 1295 <tr> 1296 <td>CVE-2016-8437</td> 1297 <td>A-31623057**</td> 1298 <td></td> 1299 <td>***</td> 1300 <td>Qualcomm </td> 1301 </tr> 1302 <tr> 1303 <td>CVE-2016-8439</td> 1304 <td>A-31625204**</td> 1305 <td></td> 1306 <td>***</td> 1307 <td>Qualcomm </td> 1308 </tr> 1309 <tr> 1310 <td>CVE-2016-8440</td> 1311 <td>A-31625306**</td> 1312 <td></td> 1313 <td>***</td> 1314 <td>Qualcomm </td> 1315 </tr> 1316 <tr> 1317 <td>CVE-2016-8441</td> 1318 <td>A-31625904**</td> 1319 <td></td> 1320 <td>***</td> 1321 <td>Qualcomm </td> 1322 </tr> 1323 <tr> 1324 <td>CVE-2016-8398</td> 1325 <td>A-31548486**</td> 1326 <td></td> 1327 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1328 <td>Qualcomm </td> 1329 </tr> 1330 <tr> 1331 <td>CVE-2016-8459</td> 1332 <td>A-32577972**</td> 1333 <td></td> 1334 <td>***</td> 1335 <td>Qualcomm </td> 1336 </tr> 1337 <tr> 1338 <td>CVE-2016-5080</td> 1339 <td>A-31115235**</td> 1340 <td></td> 1341 <td>Nexus 5X</td> 1342 <td>Qualcomm </td> 1343 </tr> 1344 </table> 1345 <p> 1346 * 1347 </p> 1348 <p>** Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1349 </p> 1350 <p> 1351 *** Android 7.0 Google () 1352 </p> 1353 1354 1355 <h3 id="eop-in-qualcomm-camera">Qualcomm </h3> 1356 <p> 1357 Qualcomm 1358 </p> 1359 1360 <table> 1361 <col width="19%"> 1362 <col width="20%"> 1363 <col width="10%"> 1364 <col width="23%"> 1365 <col width="17%"> 1366 <tr> 1367 <th>CVE</th> 1368 <th></th> 1369 <th></th> 1370 <th> Google </th> 1371 <th></th> 1372 </tr> 1373 <tr> 1374 <td>CVE-2016-8412</td> 1375 <td>A-31225246<br> 1376 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786"> 1377 QC-CR#1071891</a></td> 1378 <td></td> 1379 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1380 <td>2016 8 26 </td> 1381 </tr> 1382 <tr> 1383 <td>CVE-2016-8444</td> 1384 <td>A-31243641*<br> 1385 QC-CR#1074310</td> 1386 <td></td> 1387 <td>Nexus 5XNexus 6Nexus 6P</td> 1388 <td>2016 8 26 </td> 1389 </tr> 1390 </table> 1391 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1392 </p> 1393 1394 1395 <h3 id="eop-in-mediatek-components">MediaTek </h3> 1396 <p> 1397 MediaTek () 1398 </p> 1399 1400 <table> 1401 <col width="19%"> 1402 <col width="20%"> 1403 <col width="10%"> 1404 <col width="23%"> 1405 <col width="17%"> 1406 <tr> 1407 <th>CVE</th> 1408 <th></th> 1409 <th></th> 1410 <th> Google </th> 1411 <th></th> 1412 </tr> 1413 <tr> 1414 <td>CVE-2016-8445</td> 1415 <td>A-31747590*<br> 1416 MT-ALPS02968983</td> 1417 <td></td> 1418 <td>**</td> 1419 <td>2016 9 25 </td> 1420 </tr> 1421 <tr> 1422 <td>CVE-2016-8446</td> 1423 <td>A-31747749*<br> 1424 MT-ALPS02968909</td> 1425 <td></td> 1426 <td>**</td> 1427 <td>2016 9 25 </td> 1428 </tr> 1429 <tr> 1430 <td>CVE-2016-8447</td> 1431 <td>A-31749463*<br> 1432 MT-ALPS02968886</td> 1433 <td></td> 1434 <td>**</td> 1435 <td>2016 9 25 </td> 1436 </tr> 1437 <tr> 1438 <td>CVE-2016-8448</td> 1439 <td>A-31791148*<br> 1440 MT-ALPS02982181</td> 1441 <td></td> 1442 <td>**</td> 1443 <td>2016 9 28 </td> 1444 </tr> 1445 </table> 1446 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1447 </p> 1448 <p> 1449 ** Android 7.0 Google () 1450 </p> 1451 1452 1453 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1454 <p> 1455 Qualcomm Wi-Fi 1456 </p> 1457 1458 <table> 1459 <col width="19%"> 1460 <col width="20%"> 1461 <col width="10%"> 1462 <col width="23%"> 1463 <col width="17%"> 1464 <tr> 1465 <th>CVE</th> 1466 <th></th> 1467 <th></th> 1468 <th> Google </th> 1469 <th></th> 1470 </tr> 1471 <tr> 1472 <td>CVE-2016-8415</td> 1473 <td>A-31750554<br> 1474 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394"> 1475 QC-CR#1079596</a></td> 1476 <td></td> 1477 <td>Nexus 5XPixelPixel XL</td> 1478 <td>2016 9 26 </td> 1479 </tr> 1480 </table> 1481 1482 1483 <h3 id="eop-in-nvidia-gpu-driver-3">NVIDIA GPU </h3> 1484 <p> 1485 NVIDIA GPU 1486 </p> 1487 1488 <table> 1489 <col width="19%"> 1490 <col width="20%"> 1491 <col width="10%"> 1492 <col width="23%"> 1493 <col width="17%"> 1494 <tr> 1495 <th>CVE</th> 1496 <th></th> 1497 <th></th> 1498 <th> Google </th> 1499 <th></th> 1500 </tr> 1501 <tr> 1502 <td>CVE-2016-8449</td> 1503 <td>A-31798848*<br> 1504 N-CVE-2016-8449</td> 1505 <td></td> 1506 <td>Nexus 9</td> 1507 <td>2016 9 28 </td> 1508 </tr> 1509 </table> 1510 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1511 </p> 1512 1513 1514 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1515 <p> 1516 Qualcomm 1517 </p> 1518 1519 <table> 1520 <col width="19%"> 1521 <col width="20%"> 1522 <col width="10%"> 1523 <col width="23%"> 1524 <col width="17%"> 1525 <tr> 1526 <th>CVE</th> 1527 <th></th> 1528 <th></th> 1529 <th> Google </th> 1530 <th></th> 1531 </tr> 1532 <tr> 1533 <td>CVE-2016-8450</td> 1534 <td>A-32450563<br> 1535 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb"> 1536 QC-CR#880388</a></td> 1537 <td></td> 1538 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1539 <td>2016 10 13 </td> 1540 </tr> 1541 </table> 1542 1543 1544 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1545 <p>Synaptics 1546 </p> 1547 1548 <table> 1549 <col width="19%"> 1550 <col width="20%"> 1551 <col width="10%"> 1552 <col width="23%"> 1553 <col width="17%"> 1554 <tr> 1555 <th>CVE</th> 1556 <th></th> 1557 <th></th> 1558 <th> Google </th> 1559 <th></th> 1560 </tr> 1561 <tr> 1562 <td>CVE-2016-8451</td> 1563 <td>A-32178033*</td> 1564 <td></td> 1565 <td>**</td> 1566 <td>2016 10 13 </td> 1567 </tr> 1568 </table> 1569 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1570 </p> 1571 <p> 1572 ** Android 7.0 Google () 1573 </p> 1574 1575 1576 <h3 id="eop-in-kernel-security-subsystem"></h3> 1577 <p> 1578 1579 </p> 1580 1581 <table> 1582 <col width="19%"> 1583 <col width="20%"> 1584 <col width="10%"> 1585 <col width="23%"> 1586 <col width="17%"> 1587 <tr> 1588 <th>CVE</th> 1589 <th></th> 1590 <th></th> 1591 <th> Google </th> 1592 <th></th> 1593 </tr> 1594 <tr> 1595 <td>CVE-2016-7042</td> 1596 <td>A-32178986<br> 1597 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc"> 1598 </a></td> 1599 <td></td> 1600 <td>Pixel C</td> 1601 <td>2016 10 14 </td> 1602 </tr> 1603 </table> 1604 1605 1606 <h3 id="eop-in-kernel-performance-subsystem"></h3> 1607 <p> 1608 1609 </p> 1610 1611 <table> 1612 <col width="19%"> 1613 <col width="20%"> 1614 <col width="10%"> 1615 <col width="23%"> 1616 <col width="17%"> 1617 <tr> 1618 <th>CVE</th> 1619 <th></th> 1620 <th></th> 1621 <th> Google </th> 1622 <th></th> 1623 </tr> 1624 <tr> 1625 <td>CVE-2017-0403</td> 1626 <td>A-32402548*</td> 1627 <td></td> 1628 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1629 <td>2016 10 25 </td> 1630 </tr> 1631 </table> 1632 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1633 </p> 1634 1635 1636 <h3 id="eop-in-kernel-sound-subsystem"></h3> 1637 <p> 1638 1639 </p> 1640 1641 <table> 1642 <col width="19%"> 1643 <col width="20%"> 1644 <col width="10%"> 1645 <col width="23%"> 1646 <col width="17%"> 1647 <tr> 1648 <th>CVE</th> 1649 <th></th> 1650 <th></th> 1651 <th> Google </th> 1652 <th></th> 1653 </tr> 1654 <tr> 1655 <td>CVE-2017-0404</td> 1656 <td>A-32510733*</td> 1657 <td></td> 1658 <td>Nexus 5XNexus 6PNexus 9Pixel CNexus PlayerPixelPixel XL</td> 1659 <td>2016 10 27 </td> 1660 </tr> 1661 </table> 1662 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1663 </p> 1664 1665 1666 <h3 id="eop-in-qualcomm-wi-fi-driver-2">Qualcomm Wi-Fi </h3> 1667 <p> 1668 Qualcomm Wi-Fi 1669 </p> 1670 1671 <table> 1672 <col width="19%"> 1673 <col width="20%"> 1674 <col width="10%"> 1675 <col width="23%"> 1676 <col width="17%"> 1677 <tr> 1678 <th>CVE</th> 1679 <th></th> 1680 <th></th> 1681 <th> Google </th> 1682 <th></th> 1683 </tr> 1684 <tr> 1685 <td>CVE-2016-8452</td> 1686 <td>A-32506396<br> 1687 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526"> 1688 QC-CR#1050323</a></td> 1689 <td></td> 1690 <td>Nexus 5XAndroid OnePixelPixel XL</td> 1691 <td>2016 10 28 </td> 1692 </tr> 1693 </table> 1694 1695 1696 <h3 id="eop-in-qualcomm-radio-driver">Qualcomm </h3> 1697 <p> 1698 Qualcomm 1699 </p> 1700 1701 <table> 1702 <col width="19%"> 1703 <col width="20%"> 1704 <col width="10%"> 1705 <col width="23%"> 1706 <col width="17%"> 1707 <tr> 1708 <th>CVE</th> 1709 <th></th> 1710 <th></th> 1711 <th> Google </th> 1712 <th></th> 1713 </tr> 1714 <tr> 1715 <td>CVE-2016-5345</td> 1716 <td>A-32639452<br> 1717 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6"> 1718 QC-CR#1079713</a></td> 1719 <td></td> 1720 <td>Android One</td> 1721 <td>2016 11 3 </td> 1722 </tr> 1723 </table> 1724 1725 1726 <h3 id="eop-in-kernel-profiling-subsystem"></h3> 1727 <p> 1728 1729 </p> 1730 1731 <table> 1732 <col width="19%"> 1733 <col width="20%"> 1734 <col width="10%"> 1735 <col width="23%"> 1736 <col width="17%"> 1737 <tr> 1738 <th>CVE</th> 1739 <th></th> 1740 <th></th> 1741 <th> Google </th> 1742 <th></th> 1743 </tr> 1744 <tr> 1745 <td>CVE-2016-9754</td> 1746 <td>A-32659848<br> 1747 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6"> 1748 </a></td> 1749 <td></td> 1750 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus Player</td> 1751 <td>2016 11 4 </td> 1752 </tr> 1753 </table> 1754 1755 1756 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1757 <p> 1758 Broadcom Wi-Fi 1759 </p> 1760 1761 <table> 1762 <col width="19%"> 1763 <col width="20%"> 1764 <col width="10%"> 1765 <col width="23%"> 1766 <col width="17%"> 1767 <tr> 1768 <th>CVE</th> 1769 <th></th> 1770 <th></th> 1771 <th> Google </th> 1772 <th></th> 1773 </tr> 1774 <tr> 1775 <td>CVE-2016-8453 1776 </td> 1777 <td>A-24739315*<br> 1778 B-RB#73392</td> 1779 <td></td> 1780 <td>Nexus 6</td> 1781 <td>Google </td> 1782 </tr> 1783 <tr> 1784 <td>CVE-2016-8454</td> 1785 <td>A-32174590*<br> 1786 B-RB#107142</td> 1787 <td></td> 1788 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1789 <td>2016 10 14 </td> 1790 </tr> 1791 <tr> 1792 <td>CVE-2016-8455</td> 1793 <td>A-32219121*<br> 1794 B-RB#106311</td> 1795 <td></td> 1796 <td>Nexus 6P</td> 1797 <td>2016 10 15 </td> 1798 </tr> 1799 <tr> 1800 <td>CVE-2016-8456</td> 1801 <td>A-32219255*<br> 1802 B-RB#105580</td> 1803 <td></td> 1804 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1805 <td>2016 10 15 </td> 1806 </tr> 1807 <tr> 1808 <td>CVE-2016-8457</td> 1809 <td>A-32219453*<br> 1810 B-RB#106116</td> 1811 <td></td> 1812 <td>Nexus 6Nexus 6PNexus 9Pixel C</td> 1813 <td>2016 10 15 </td> 1814 </tr> 1815 </table> 1816 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1817 </p> 1818 1819 1820 <h3 id="eop-in-synaptics-touchscreen-driver-2">Synaptics </h3> 1821 <p>Synaptics 1822 </p> 1823 1824 <table> 1825 <col width="19%"> 1826 <col width="20%"> 1827 <col width="10%"> 1828 <col width="23%"> 1829 <col width="17%"> 1830 <tr> 1831 <th>CVE</th> 1832 <th></th> 1833 <th></th> 1834 <th> Google </th> 1835 <th></th> 1836 </tr> 1837 <tr> 1838 <td>CVE-2016-8458</td> 1839 <td>A-31968442*</td> 1840 <td></td> 1841 <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1842 <td>Google </td> 1843 </tr> 1844 </table> 1845 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1846 </p> 1847 1848 1849 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1850 <p> 1851 NVIDIA 1852 </p> 1853 1854 <table> 1855 <col width="19%"> 1856 <col width="20%"> 1857 <col width="10%"> 1858 <col width="23%"> 1859 <col width="17%"> 1860 <tr> 1861 <th>CVE</th> 1862 <th></th> 1863 <th></th> 1864 <th> Google </th> 1865 <th></th> 1866 </tr> 1867 <tr> 1868 <td>CVE-2016-8460</td> 1869 <td>A-31668540*<br> 1870 N-CVE-2016-8460</td> 1871 <td></td> 1872 <td>Nexus 9</td> 1873 <td>2016 9 21 </td> 1874 </tr> 1875 </table> 1876 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1877 </p> 1878 1879 1880 <h3 id="id-in-bootloader"></h3> 1881 <p> 1882 1883 </p> 1884 1885 <table> 1886 <col width="19%"> 1887 <col width="20%"> 1888 <col width="10%"> 1889 <col width="23%"> 1890 <col width="17%"> 1891 <tr> 1892 <th>CVE</th> 1893 <th></th> 1894 <th></th> 1895 <th> Google </th> 1896 <th></th> 1897 </tr> 1898 <tr> 1899 <td>CVE-2016-8461</td> 1900 <td>A-32369621*</td> 1901 <td></td> 1902 <td>Nexus 9PixelPixel XL</td> 1903 <td>2016 10 21 </td> 1904 </tr> 1905 <tr> 1906 <td>CVE-2016-8462</td> 1907 <td>A-32510383*</td> 1908 <td></td> 1909 <td>PixelPixel XL</td> 1910 <td>2016 10 27 </td> 1911 </tr> 1912 </table> 1913 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1914 </p> 1915 1916 1917 <h3 id="dos-in-qualcomm-fuse-file-system">Qualcomm FUSE </h3> 1918 <p> 1919 Qualcomm FUSE 1920 </p> 1921 1922 <table> 1923 <col width="19%"> 1924 <col width="20%"> 1925 <col width="10%"> 1926 <col width="23%"> 1927 <col width="17%"> 1928 <tr> 1929 <th>CVE</th> 1930 <th></th> 1931 <th></th> 1932 <th> Google </th> 1933 <th></th> 1934 </tr> 1935 <tr> 1936 <td>CVE-2016-8463</td> 1937 <td>A-30786860<br> 1938 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10"> 1939 QC-CR#586855</a></td> 1940 <td></td> 1941 <td>*</td> 1942 <td>2014 1 3 </td> 1943 </tr> 1944 </table> 1945 <p> 1946 * Android 7.0 Google () 1947 </p> 1948 1949 1950 <h3 id="dos-in-bootloader"></h3> 1951 <p> 1952 (Re-flash) 1953 </p> 1954 1955 <table> 1956 <col width="19%"> 1957 <col width="20%"> 1958 <col width="10%"> 1959 <col width="23%"> 1960 <col width="17%"> 1961 <tr> 1962 <th>CVE</th> 1963 <th></th> 1964 <th></th> 1965 <th> Google </th> 1966 <th></th> 1967 </tr> 1968 <tr> 1969 <td>CVE-2016-8467</td> 1970 <td>A-30308784*</td> 1971 <td></td> 1972 <td>Nexus 6Nexus 6P</td> 1973 <td>2016 6 29 </td> 1974 </tr> 1975 </table> 1976 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1977 </p> 1978 1979 1980 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi </h3> 1981 <p> 1982 Broadcom Wi-Fi 1983 </p> 1984 1985 <table> 1986 <col width="19%"> 1987 <col width="20%"> 1988 <col width="10%"> 1989 <col width="23%"> 1990 <col width="17%"> 1991 <tr> 1992 <th>CVE</th> 1993 <th></th> 1994 <th></th> 1995 <th> Google </th> 1996 <th></th> 1997 </tr> 1998 <tr> 1999 <td>CVE-2016-8464</td> 2000 <td>A-29000183*<br> 2001 B-RB#106314</td> 2002 <td></td> 2003 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2004 <td>2016 5 26 </td> 2005 </tr> 2006 <tr> 2007 <td>CVE-2016-8466</td> 2008 <td>A-31822524*<br> 2009 B-RB#105268</td> 2010 <td></td> 2011 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2012 <td>2016 9 28 </td> 2013 </tr> 2014 <tr> 2015 <td>CVE-2016-8465</td> 2016 <td>A-32474971*<br> 2017 B-RB#106053</td> 2018 <td></td> 2019 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2020 <td>2016 10 27 </td> 2021 </tr> 2022 </table> 2023 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2024 </p> 2025 2026 2027 <h3 id="eop-in-bootloader"></h3> 2028 <p> 2029 () 2030 </p> 2031 2032 <table> 2033 <col width="19%"> 2034 <col width="20%"> 2035 <col width="10%"> 2036 <col width="23%"> 2037 <col width="17%"> 2038 <tr> 2039 <th>CVE</th> 2040 <th></th> 2041 <th></th> 2042 <th> Google </th> 2043 <th></th> 2044 </tr> 2045 <tr> 2046 <td>CVE-2016-8467</td> 2047 <td>A-30308784*</td> 2048 <td></td> 2049 <td>Nexus 6Nexus 6P</td> 2050 <td>2016 6 29 </td> 2051 </tr> 2052 </table> 2053 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2054 </p> 2055 2056 2057 <h3 id="eop-in-binder"></h3> 2058 <p> 2059 </p> 2060 2061 <table> 2062 <col width="19%"> 2063 <col width="20%"> 2064 <col width="10%"> 2065 <col width="23%"> 2066 <col width="17%"> 2067 <tr> 2068 <th>CVE</th> 2069 <th></th> 2070 <th></th> 2071 <th> Google </th> 2072 <th></th> 2073 </tr> 2074 <tr> 2075 <td>CVE-2016-8468</td> 2076 <td>A-32394425*</td> 2077 <td></td> 2078 <td>Pixel CPixelPixel XL</td> 2079 <td>Google </td> 2080 </tr> 2081 </table> 2082 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2083 </p> 2084 2085 2086 <h3 id="id-in-nvidia-camera-driver">NVIDIA </h3> 2087 <p> 2088 2089 </p> 2090 2091 <table> 2092 <col width="19%"> 2093 <col width="20%"> 2094 <col width="10%"> 2095 <col width="23%"> 2096 <col width="17%"> 2097 <tr> 2098 <th>CVE</th> 2099 <th></th> 2100 <th></th> 2101 <th> Google </th> 2102 <th></th> 2103 </tr> 2104 <tr> 2105 <td>CVE-2016-8469</td> 2106 <td>A-31351206*<br> 2107 N-CVE-2016-8469</td> 2108 <td></td> 2109 <td>Nexus 9</td> 2110 <td>2016 9 7 </td> 2111 </tr> 2112 </table> 2113 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2114 </p> 2115 2116 2117 <h3 id="id-in-mediatek-driver">MediaTek </h3> 2118 <p> 2119 MediaTek 2120 </p> 2121 2122 <table> 2123 <col width="19%"> 2124 <col width="20%"> 2125 <col width="10%"> 2126 <col width="23%"> 2127 <col width="17%"> 2128 <tr> 2129 <th>CVE</th> 2130 <th></th> 2131 <th></th> 2132 <th> Google </th> 2133 <th></th> 2134 </tr> 2135 <tr> 2136 <td>CVE-2016-8470</td> 2137 <td>A-31528889*<br> 2138 MT-ALPS02961395</td> 2139 <td></td> 2140 <td>**</td> 2141 <td>2016 9 15 </td> 2142 </tr> 2143 <tr> 2144 <td>CVE-2016-8471</td> 2145 <td>A-31528890*<br> 2146 MT-ALPS02961380</td> 2147 <td></td> 2148 <td>**</td> 2149 <td>2016 9 15 </td> 2150 </tr> 2151 <tr> 2152 <td>CVE-2016-8472</td> 2153 <td>A-31531758*<br> 2154 MT-ALPS02961384</td> 2155 <td></td> 2156 <td>**</td> 2157 <td>2016 9 15 </td> 2158 </tr> 2159 </table> 2160 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2161 </p> 2162 <p> 2163 ** Android 7.0 Google () 2164 </p> 2165 2166 2167 <h3 id="id-in-stmicroelectronics-driver">STMicroelectronics </h3> 2168 <p>STMicroelectronics 2169 </p> 2170 2171 <table> 2172 <col width="19%"> 2173 <col width="20%"> 2174 <col width="10%"> 2175 <col width="23%"> 2176 <col width="17%"> 2177 <tr> 2178 <th>CVE</th> 2179 <th></th> 2180 <th></th> 2181 <th> Google </th> 2182 <th></th> 2183 </tr> 2184 <tr> 2185 <td>CVE-2016-8473</td> 2186 <td>A-31795790*</td> 2187 <td></td> 2188 <td>Nexus 5XNexus 6P</td> 2189 <td>2016 9 28 </td> 2190 </tr> 2191 <tr> 2192 <td>CVE-2016-8474</td> 2193 <td>A-31799972*</td> 2194 <td></td> 2195 <td>Nexus 5XNexus 6P</td> 2196 <td>2016 9 28 </td> 2197 </tr> 2198 </table> 2199 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2200 </p> 2201 2202 2203 <h3 id="id-in-qualcomm-audio-post-processor-">Qualcomm </h3> 2204 <p> 2205 Qualcomm 2206 </p> 2207 2208 <table> 2209 <col width="18%"> 2210 <col width="17%"> 2211 <col width="10%"> 2212 <col width="19%"> 2213 <col width="18%"> 2214 <col width="17%"> 2215 <tr> 2216 <th>CVE</th> 2217 <th></th> 2218 <th></th> 2219 <th> Google </th> 2220 <th> AOSP </th> 2221 <th></th> 2222 </tr> 2223 <tr> 2224 <td>CVE-2017-0399 2225 </td> 2226 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2227 A-32588756</a> 2228 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2229 <td></td> 2230 <td></td> 2231 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2232 <td>2016 10 18 </td> 2233 </tr> 2234 <tr> 2235 <td>CVE-2017-0400</td> 2236 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2237 A-32438598</a> 2238 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2239 </td> 2240 <td></td> 2241 <td></td> 2242 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2243 <td>2016 10 25 </td> 2244 </tr> 2245 <tr> 2246 <td>CVE-2017-0401</td> 2247 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 2248 A-32588016</a> 2249 </td> 2250 <td></td> 2251 <td></td> 2252 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2253 <td>2016 10 26 </td> 2254 </tr> 2255 <tr> 2256 <td>CVE-2017-0402</td> 2257 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2258 A-32588352</a> 2259 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2260 </td> 2261 <td></td> 2262 <td></td> 2263 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2264 <td>2016 10 25 </td> 2265 </tr> 2266 </table> 2267 2268 2269 <h3 id="id-in-htc-input-driver">HTC </h3> 2270 <p> 2271 HTC 2272 </p> 2273 2274 <table> 2275 <col width="19%"> 2276 <col width="20%"> 2277 <col width="10%"> 2278 <col width="23%"> 2279 <col width="17%"> 2280 <tr> 2281 <th>CVE</th> 2282 <th></th> 2283 <th></th> 2284 <th> Google </th> 2285 <th></th> 2286 </tr> 2287 <tr> 2288 <td>CVE-2016-8475</td> 2289 <td>A-32591129*</td> 2290 <td></td> 2291 <td>PixelPixel XL</td> 2292 <td>2016 10 30 </td> 2293 </tr> 2294 </table> 2295 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2296 </p> 2297 2298 2299 <h3 id="dos-in-kernel-file-system"></h3> 2300 <p> 2301 2302 </p> 2303 2304 <table> 2305 <col width="19%"> 2306 <col width="20%"> 2307 <col width="10%"> 2308 <col width="23%"> 2309 <col width="17%"> 2310 <tr> 2311 <th>CVE</th> 2312 <th></th> 2313 <th></th> 2314 <th> Google </th> 2315 <th></th> 2316 </tr> 2317 <tr> 2318 <td>CVE-2014-9420</td> 2319 <td>A-32477499<br> 2320 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d"> 2321 </a></td> 2322 <td></td> 2323 <td>Pixel C</td> 2324 <td>2014 12 25 </td> 2325 </tr> 2326 </table> 2327 2328 <h2 id="common-questions-and-answers"></h2> 2329 <p></p> 2330 2331 <p><strong>1. 2332 </strong></p> 2333 2334 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 2335 <ul> 2336 <li>2017 1 1 2017-01-01 </li> 2337 <li>2017 1 5 2017-01-05 </li> 2338 </ul> 2339 <p></p> 2340 <ul> 2341 <li>[ro.build.version.security_patch]:[2017-01-01]</li> 2342 <li>[ro.build.version.security_patch]:[2017-01-05]</li> 2343 </ul> 2344 <p><strong>2. </strong></p> 2345 2346 <p> Android Android Android </p> 2347 <ul> 2348 <li> 2017 1 1 </li> 2349 <li> 2017 1 5 () </li> 2350 </ul> 2351 <p></p> 2352 2353 <p><strong>3. Google </strong></p> 2354 2355 <p> <a href="#2017-01-01-details">2017-01-01</a> <a href="#2017-01-05-details">2017-01-05</a> Google <em></em> Google </p> 2356 <ul> 2357 <li><strong> Google </strong> Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 2358 <li><strong> Google </strong> Google Google <em></em> Google </li> 2359 <li><strong> Google </strong> Android Google Google <em></em></li> 2360 </ul> 2361 <p><strong>4. </strong></p> 2362 2363 <p><em></em></p> 2364 2365 <table> 2366 <tr> 2367 <th></th> 2368 <th></th> 2369 </tr> 2370 <tr> 2371 <td>A-</td> 2372 <td>Android ID</td> 2373 </tr> 2374 <tr> 2375 <td>QC-</td> 2376 <td>Qualcomm </td> 2377 </tr> 2378 <tr> 2379 <td>M-</td> 2380 <td>MediaTek </td> 2381 </tr> 2382 <tr> 2383 <td>N-</td> 2384 <td>NVIDIA </td> 2385 </tr> 2386 <tr> 2387 <td>B-</td> 2388 <td>Broadcom </td> 2389 </tr> 2390 </table> 2391 <h2 id="revisions"></h2> 2392 <ul> 2393 <li>2017 1 3 </li> 2394 <li>2017 1 4 AOSP </li> 2395 <li>2017 1 5 AOSP 7.1 7.1.1</li> 2396 </ul> 2397
