1 page.title=Android 2017 2 2 @jd:body 3 <!-- 4 Copyright 2017 The Android Open Source Project 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 http://www.apache.org/licenses/LICENSE-2.0 9 Unless required by applicable law or agreed to in writing, software 10 distributed under the License is distributed on an "AS IS" BASIS, 11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 See the License for the specific language governing permissions and 13 limitations under the License. 14 --> 15 16 <p><em>2017 2 6 | 2017 2 8 </em></p> 17 <p>Android Android Google OTA Google Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2017 2 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 18 </p> 19 <p> 20 2017 1 3 Android (AOSP) AOSP 21 </p> 22 <p> 23 </p> 24 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) Android <a href="#mitigations">Android Google </a> 25 </p> 26 <p> 27 </p> 28 <h2 id="announcements"></h2> 29 <ul> 30 <li> Android Android <a href="#common-questions-and-answers"></a> 31 <ul> 32 <li><strong>2017-02-01</strong> 2017-02-01 () </li> 33 <li><strong>2017-02-05</strong> 2017-02-01 2017-02-05 () </li> 34 </ul> 35 </li> 36 <li> Google OTA 2017 2 5 </li> 37 </ul> 38 <h2 id="security-vulnerability-summary"></h2> 39 <p> 40 ID (CVE) Google <a href="{@docRoot}security/overview/updates-resources.html#severity"></a> 41 </p> 42 <h3 id="2017-02-01-summary">2017-02-01 </h3> 43 <p> 44 2017-02-01 45 </p> 46 <table> 47 <col width="55%"> 48 <col width="20%"> 49 <col width="13%"> 50 <col width="12%"> 51 <tr> 52 <th></th> 53 <th>CVE</th> 54 <th></th> 55 <th> Google </th> 56 </tr> 57 <tr> 58 <td>Surfaceflinger </td> 59 <td>CVE-2017-0405</td> 60 <td></td> 61 <td></td> 62 </tr> 63 <tr> 64 <td></td> 65 <td>CVE-2017-0406CVE-2017-0407</td> 66 <td></td> 67 <td></td> 68 </tr> 69 <tr> 70 <td>libgdx </td> 71 <td>CVE-2017-0408</td> 72 <td></td> 73 <td></td> 74 </tr> 75 <tr> 76 <td>libstagefright </td> 77 <td>CVE-2017-0409</td> 78 <td></td> 79 <td></td> 80 </tr> 81 <tr> 82 <td>Java.Net </td> 83 <td>CVE-2016-5552</td> 84 <td></td> 85 <td></td> 86 </tr> 87 <tr> 88 <td>Framework API </td> 89 <td>CVE-2017-0410CVE-2017-0411CVE-2017-0412</td> 90 <td></td> 91 <td></td> 92 </tr> 93 <tr> 94 <td></td> 95 <td>CVE-2017-0415</td> 96 <td></td> 97 <td></td> 98 </tr> 99 <tr> 100 <td></td> 101 <td>CVE-2017-0416CVE-2017-0417CVE-2017-0418CVE-2017-0419</td> 102 <td></td> 103 <td></td> 104 </tr> 105 <tr> 106 <td>AOSP Mail </td> 107 <td>CVE-2017-0420</td> 108 <td></td> 109 <td></td> 110 </tr> 111 <tr> 112 <td>AOSP Messaging </td> 113 <td>CVE-2017-0413CVE-2017-0414</td> 114 <td></td> 115 <td></td> 116 </tr> 117 <tr> 118 <td>Framework API </td> 119 <td>CVE-2017-0421</td> 120 <td></td> 121 <td></td> 122 </tr> 123 <tr> 124 <td>Bionic DNS </td> 125 <td>CVE-2017-0422</td> 126 <td></td> 127 <td></td> 128 </tr> 129 <tr> 130 <td></td> 131 <td>CVE-2017-0423</td> 132 <td></td> 133 <td></td> 134 </tr> 135 <tr> 136 <td>AOSP Messaging </td> 137 <td>CVE-2017-0424</td> 138 <td></td> 139 <td></td> 140 </tr> 141 <tr> 142 <td></td> 143 <td>CVE-2017-0425</td> 144 <td></td> 145 <td></td> 146 </tr> 147 <tr> 148 <td></td> 149 <td>CVE-2017-0426</td> 150 <td></td> 151 <td></td> 152 </tr> 153 </table> 154 <h3 id="2017-02-05-summary">2017-02-05 </h3> 155 <p>2017-02-05 2017-02-01 </p> 156 <table> 157 <col width="55%"> 158 <col width="20%"> 159 <col width="13%"> 160 <col width="12%"> 161 <tr> 162 <th></th> 163 <th>CVE</th> 164 <th></th> 165 <th> Google </th> 166 </tr> 167 <tr> 168 <td>Qualcomm </td> 169 <td>CVE-2016-8418</td> 170 <td></td> 171 <td>*</td> 172 </tr> 173 <tr> 174 <td></td> 175 <td>CVE-2017-0427</td> 176 <td></td> 177 <td></td> 178 </tr> 179 <tr> 180 <td>NVIDIA GPU </td> 181 <td>CVE-2017-0428CVE-2017-0429</td> 182 <td></td> 183 <td></td> 184 </tr> 185 <tr> 186 <td></td> 187 <td>CVE-2014-9914</td> 188 <td></td> 189 <td></td> 190 </tr> 191 <tr> 192 <td>Broadcom Wi-Fi </td> 193 <td>CVE-2017-0430</td> 194 <td></td> 195 <td></td> 196 </tr> 197 <tr> 198 <td>Qualcomm </td> 199 <td>CVE-2017-0431</td> 200 <td></td> 201 <td>*</td> 202 </tr> 203 <tr> 204 <td>MediaTek </td> 205 <td>CVE-2017-0432</td> 206 <td></td> 207 <td>*</td> 208 </tr> 209 <tr> 210 <td>Synaptics </td> 211 <td>CVE-2017-0433CVE-2017-0434</td> 212 <td></td> 213 <td></td> 214 </tr> 215 <tr> 216 <td>Qualcomm </td> 217 <td>CVE-2016-8480</td> 218 <td></td> 219 <td></td> 220 </tr> 221 <tr> 222 <td>Qualcomm </td> 223 <td>CVE-2016-8481CVE-2017-0435CVE-2017-0436</td> 224 <td></td> 225 <td></td> 226 </tr> 227 <tr> 228 <td>Qualcomm Wi-Fi </td> 229 <td>CVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0440CVE-2017-0441CVE-2017-0442CVE-2017-0443CVE-2016-8476</td> 230 <td></td> 231 <td></td> 232 </tr> 233 <tr> 234 <td>Realtek </td> 235 <td>CVE-2017-0444</td> 236 <td></td> 237 <td></td> 238 </tr> 239 <tr> 240 <td>HTC </td> 241 <td>CVE-2017-0445CVE-2017-0446CVE-2017-0447</td> 242 <td></td> 243 <td></td> 244 </tr> 245 <tr> 246 <td>NVIDIA </td> 247 <td>CVE-2017-0448</td> 248 <td></td> 249 <td></td> 250 </tr> 251 <tr> 252 <td>Broadcom Wi-Fi </td> 253 <td>CVE-2017-0449</td> 254 <td></td> 255 <td></td> 256 </tr> 257 <tr> 258 <td></td> 259 <td>CVE-2017-0450</td> 260 <td></td> 261 <td></td> 262 </tr> 263 <tr> 264 <td></td> 265 <td>CVE-2016-10044</td> 266 <td></td> 267 <td></td> 268 </tr> 269 <tr> 270 <td>Qualcomm </td> 271 <td>CVE-2016-8414</td> 272 <td></td> 273 <td></td> 274 </tr> 275 <tr> 276 <td>Qualcomm </td> 277 <td>CVE-2017-0451</td> 278 <td></td> 279 <td></td> 280 </tr> 281 </table> 282 283 <p>* Android 7.0 Google ()</p> 284 285 <h2 id="mitigations">Android Google </h2> 286 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android </p> 287 <ul> 288 <li> Android Android Android</li> 289 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 290 <li>Google Hangouts Messenger </li> 291 </ul> 292 <h2 id="acknowledgements"></h2> 293 <p> 294 </p> 295 <ul> 296 <li>Daniel DakhnoCVE-2017-0420</li> 297 <li>Copperhead Security Daniel MicayCVE-2017-0410</li> 298 <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>CVE-2017-0414</li> 299 <li>Google Chrome Frank LiberatoCVE-2017-0409</li> 300 <li>Google Project Zero Gal BeniaminiCVE-2017-0411CVE-2017-0412</li> 301 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2017-0434CVE-2017-0446CVE-2017-0447CVE-2017-0432</li> 302 <li><a href="http://www.360.com"> 360 </a> Alpha Guang Gong () (<a href="https://twitter.com/oldfresher">@oldfresher</a>)CVE-2017-0415</li> 303 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a><a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0418</li> 304 <li> 360 Alpha Hao Chen Guang GongCVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0441CVE-2017-0442CVE-2016-8476CVE-2017-0443</li> 305 <li>Google Jeff SharkeyCVE-2017-0421CVE-2017-0423</li> 306 <li>Jeff TrimCVE-2017-0422</li> 307 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2017-0445</li> 308 <li>LINE Corporation ma.la Nikolay ElenkovCVE-2016-5552</li> 309 <li>Google Max SpectorCVE-2017-0416</li> 310 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>) Xuxian JiangCVE-2017-0425</li> 311 <li> Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) Di Shen () (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2017-0427</li> 312 <li>IBM X-Force Research Sagi KedmiCVE-2017-0433</li> 313 <li>Copperhead Security Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>) Daniel MicayCVE-2017-0405</li> 314 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2017-0449CVE-2016-8418</li> 315 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0436CVE-2016-8481CVE-2017-0435</li> 316 <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0424</li> 317 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2017-0407</li> 318 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0450</li> 319 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0417</li> 320 <li> Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://www.weibo.com/wishlinux"></a> )CVE-2017-0408</li> 321 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8480</li> 322 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0444</li> 323 <li><a href="http://c0reteam.org">C0RE </a><a href="mailto:computernik (a] gmail.com"> Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0428</li> 324 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0448CVE-2017-0429</li> 325 <li><a href="http://www.nsfocus.com"></a> <a href="mailto:zhouzhenster (a] gmail.com">Zhen Zhou</a> (<a href="https://twitter.com/henices">@henices</a>) <a href="mailto:sundaywind2004 (a] gmail.com">Zhixin Li</a>CVE-2017-0406</li> 326 </ul> 327 <p> 328 </p><ul> 329 <li> Pengfei Ding ()Chenfu Bao () Lenx Wei ()</li> 330 </ul> 331 332 <h2 id="2017-02-01-details">2017-02-01 </h2> 333 <p> 334 <a href="#2017-02-01-summary">2017-02-01 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 335 336 337 <h3 id="rce-in-surfaceflinger">Surfaceflinger </h3> 338 <p>Surfaceflinger Surfaceflinger 339 </p> 340 341 <table> 342 <col width="18%"> 343 <col width="17%"> 344 <col width="10%"> 345 <col width="19%"> 346 <col width="18%"> 347 <col width="17%"> 348 <tr> 349 <th>CVE</th> 350 <th></th> 351 <th></th> 352 <th> Google </th> 353 <th> AOSP </th> 354 <th></th> 355 </tr> 356 <tr> 357 <td>CVE-2017-0405</td> 358 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979"> 359 A-31960359</a></td> 360 <td></td> 361 <td></td> 362 <td>7.07.1.1</td> 363 <td>2016 10 4 </td> 364 </tr> 365 </table> 366 367 368 <h3 id="rce-in-mediaserver"></h3> 369 <p> 370 </p> 371 372 <table> 373 <col width="18%"> 374 <col width="17%"> 375 <col width="10%"> 376 <col width="19%"> 377 <col width="18%"> 378 <col width="17%"> 379 <tr> 380 <th>CVE</th> 381 <th></th> 382 <th></th> 383 <th> Google </th> 384 <th> AOSP </th> 385 <th></th> 386 </tr> 387 <tr> 388 <td>CVE-2017-0406</td> 389 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575"> 390 A-32915871</a> 391 [<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td> 392 <td></td> 393 <td></td> 394 <td>6.06.0.17.07.1.1</td> 395 <td>2016 11 14 </td> 396 </tr> 397 <tr> 398 <td>CVE-2017-0407</td> 399 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7"> 400 A-32873375</a></td> 401 <td></td> 402 <td></td> 403 <td>6.06.0.17.07.1.1</td> 404 <td>2016 11 12 </td> 405 </tr> 406 </table> 407 408 409 <h3 id="rce-in-libgdx">libgdx </h3> 410 <p> 411 libgdx 412 </p> 413 414 <table> 415 <col width="18%"> 416 <col width="17%"> 417 <col width="10%"> 418 <col width="19%"> 419 <col width="18%"> 420 <col width="17%"> 421 <tr> 422 <th>CVE</th> 423 <th></th> 424 <th></th> 425 <th> Google </th> 426 <th> AOSP </th> 427 <th></th> 428 </tr> 429 <tr> 430 <td>CVE-2017-0408</td> 431 <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b"> 432 A-32769670</a></td> 433 <td></td> 434 <td></td> 435 <td>7.1.1</td> 436 <td>2016 11 9 </td> 437 </tr> 438 </table> 439 440 441 <h3 id="rce-in-libstagefright">libstagefright </h3> 442 <p> 443 libstagefright 444 </p> 445 446 <table> 447 <col width="18%"> 448 <col width="17%"> 449 <col width="10%"> 450 <col width="19%"> 451 <col width="18%"> 452 <col width="17%"> 453 <tr> 454 <th>CVE</th> 455 <th></th> 456 <th></th> 457 <th> Google </th> 458 <th> AOSP </th> 459 <th></th> 460 </tr> 461 <tr> 462 <td>CVE-2017-0409</td> 463 <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b"> 464 A-31999646</a></td> 465 <td></td> 466 <td></td> 467 <td>6.06.0.17.07.1.1</td> 468 <td>Google </td> 469 </tr> 470 </table> 471 472 473 <h3 id="eop-in-java.net">Java.Net </h3> 474 <p> 475 Java.Net 476 </p> 477 478 <table> 479 <col width="18%"> 480 <col width="17%"> 481 <col width="10%"> 482 <col width="19%"> 483 <col width="18%"> 484 <col width="17%"> 485 <tr> 486 <th>CVE</th> 487 <th></th> 488 <th></th> 489 <th> Google </th> 490 <th> AOSP </th> 491 <th></th> 492 </tr> 493 <tr> 494 <td>CVE-2016-5552</td> 495 <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea"> 496 A-31858037</a></td> 497 <td></td> 498 <td></td> 499 <td>7.07.1.1</td> 500 <td>2016 9 30 </td> 501 </tr> 502 </table> 503 504 505 <h3 id="eop-in-framework-apis">Framework API </h3> 506 <p> 507 Framework API 508 </p> 509 510 <table> 511 <col width="18%"> 512 <col width="17%"> 513 <col width="10%"> 514 <col width="19%"> 515 <col width="18%"> 516 <col width="17%"> 517 <tr> 518 <th>CVE</th> 519 <th></th> 520 <th></th> 521 <th> Google </th> 522 <th> AOSP </th> 523 <th></th> 524 </tr> 525 <tr> 526 <td>CVE-2017-0410</td> 527 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa"> 528 A-31929765</a></td> 529 <td></td> 530 <td></td> 531 <td>5.0.25.1.16.06.0.17.07.1.1</td> 532 <td>2016 10 2 </td> 533 </tr> 534 <tr> 535 <td>CVE-2017-0411</td> 536 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f"> 537 A-33042690</a> 538 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 539 <td></td> 540 <td></td> 541 <td>7.07.1.1</td> 542 <td>2016 11 21 </td> 543 </tr> 544 <tr> 545 <td>CVE-2017-0412</td> 546 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f"> 547 A-33039926</a> 548 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 549 <td></td> 550 <td></td> 551 <td>7.07.1.1</td> 552 <td>2016 11 21 </td> 553 </tr> 554 </table> 555 556 <h3 id="eop-in-mediaserver"></h3> 557 <p> 558 559 </p> 560 561 <table> 562 <col width="18%"> 563 <col width="17%"> 564 <col width="10%"> 565 <col width="19%"> 566 <col width="18%"> 567 <col width="17%"> 568 <tr> 569 <th>CVE</th> 570 <th></th> 571 <th></th> 572 <th> Google </th> 573 <th> AOSP </th> 574 <th></th> 575 </tr> 576 <tr> 577 <td>CVE-2017-0415</td> 578 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34"> 579 A-32706020</a></td> 580 <td></td> 581 <td></td> 582 <td>6.06.0.17.07.1.1</td> 583 <td>2016 11 4 </td> 584 </tr> 585 </table> 586 587 588 <h3 id="eop-in-audioserver"></h3> 589 <p> 590 </p> 591 592 <table> 593 <col width="18%"> 594 <col width="17%"> 595 <col width="10%"> 596 <col width="19%"> 597 <col width="18%"> 598 <col width="17%"> 599 <tr> 600 <th>CVE</th> 601 <th></th> 602 <th></th> 603 <th> Google </th> 604 <th> AOSP </th> 605 <th></th> 606 </tr> 607 <tr> 608 <td>CVE-2017-0416</td> 609 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 610 A-32886609</a> 611 [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td> 612 <td></td> 613 <td></td> 614 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 615 <td>Google </td> 616 </tr> 617 <tr> 618 <td>CVE-2017-0417</td> 619 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 620 A-32705438</a></td> 621 <td></td> 622 <td></td> 623 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 624 <td>2016 11 7 </td> 625 </tr> 626 <tr> 627 <td>CVE-2017-0418</td> 628 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 629 A-32703959</a> 630 [<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td> 631 <td></td> 632 <td></td> 633 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 634 <td>2016 11 7 </td> 635 </tr> 636 <tr> 637 <td>CVE-2017-0419</td> 638 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff"> 639 A-32220769</a></td> 640 <td></td> 641 <td></td> 642 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 643 <td>2016 10 15 </td> 644 </tr> 645 </table> 646 647 <h3 id="id-in-aosp-mail">AOSP Mail </h3> 648 <p> 649 AOSP Mail 650 </p> 651 652 <table> 653 <col width="18%"> 654 <col width="17%"> 655 <col width="10%"> 656 <col width="19%"> 657 <col width="18%"> 658 <col width="17%"> 659 <tr> 660 <th>CVE</th> 661 <th></th> 662 <th></th> 663 <th> Google </th> 664 <th> AOSP </th> 665 <th></th> 666 </tr> 667 <tr> 668 <td>CVE-2017-0420</td> 669 <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909"> 670 A-32615212</a></td> 671 <td></td> 672 <td></td> 673 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 674 <td>2016 9 12 </td> 675 </tr> 676 </table> 677 678 679 <h3 id="id-in-aosp-messaging">AOSP Messaging </h3> 680 <p> 681 AOSP Messaging 682 </p> 683 684 <table> 685 <col width="18%"> 686 <col width="17%"> 687 <col width="10%"> 688 <col width="19%"> 689 <col width="18%"> 690 <col width="17%"> 691 <tr> 692 <th>CVE</th> 693 <th></th> 694 <th></th> 695 <th> Google </th> 696 <th> AOSP </th> 697 <th></th> 698 </tr> 699 <tr> 700 <td>CVE-2017-0413</td> 701 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e"> 702 A-32161610</a></td> 703 <td></td> 704 <td></td> 705 <td>6.06.0.17.07.1.1</td> 706 <td>2016 10 13 </td> 707 </tr> 708 <tr> 709 <td>CVE-2017-0414</td> 710 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd"> 711 A-32807795</a></td> 712 <td></td> 713 <td></td> 714 <td>6.06.0.17.07.1.1</td> 715 <td>2016 11 10 </td> 716 </tr> 717 </table> 718 719 720 <h3 id="id-in-framework-apis">Framework API </h3> 721 <p> 722 Framework API 723 </p> 724 725 <table> 726 <col width="18%"> 727 <col width="17%"> 728 <col width="10%"> 729 <col width="19%"> 730 <col width="18%"> 731 <col width="17%"> 732 <tr> 733 <th>CVE</th> 734 <th></th> 735 <th></th> 736 <th> Google </th> 737 <th> AOSP </th> 738 <th></th> 739 </tr> 740 <tr> 741 <td>CVE-2017-0421</td> 742 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336"> 743 A-32555637</a></td> 744 <td></td> 745 <td></td> 746 <td>5.0.25.1.16.06.0.17.07.1.1</td> 747 <td>Google </td> 748 </tr> 749 </table> 750 751 752 <h3 id="dos-in-bionic-dns">Bionic DNS </h3> 753 <p> 754 Bionic DNS 755 756 </p> 757 758 <table> 759 <col width="18%"> 760 <col width="17%"> 761 <col width="10%"> 762 <col width="19%"> 763 <col width="18%"> 764 <col width="17%"> 765 <tr> 766 <th>CVE</th> 767 <th></th> 768 <th></th> 769 <th> Google </th> 770 <th> AOSP </th> 771 <th></th> 772 </tr> 773 <tr> 774 <td>CVE-2017-0422</td> 775 <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d"> 776 A-32322088</a></td> 777 <td></td> 778 <td></td> 779 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 780 <td>2016 10 20 </td> 781 </tr> 782 </table> 783 784 785 <h3 id="eop-in-bluetooth"></h3> 786 <p> 787 788 </p> 789 790 <table> 791 <col width="18%"> 792 <col width="17%"> 793 <col width="10%"> 794 <col width="19%"> 795 <col width="18%"> 796 <col width="17%"> 797 <tr> 798 <th>CVE</th> 799 <th></th> 800 <th></th> 801 <th> Google </th> 802 <th> AOSP </th> 803 <th></th> 804 </tr> 805 <tr> 806 <td>CVE-2017-0423</td> 807 <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083"> 808 A-32612586</a></td> 809 <td></td> 810 <td></td> 811 <td>5.0.25.1.16.06.0.17.07.1.1</td> 812 <td>2016 11 2 </td> 813 </tr> 814 </table> 815 816 817 <h3 id="id-in-aosp-messaging-2">AOSP Messaging </h3> 818 <p> 819 AOSP Messaging 820 </p> 821 822 <table> 823 <col width="18%"> 824 <col width="17%"> 825 <col width="10%"> 826 <col width="19%"> 827 <col width="18%"> 828 <col width="17%"> 829 <tr> 830 <th>CVE</th> 831 <th></th> 832 <th></th> 833 <th> Google </th> 834 <th> AOSP </th> 835 <th></th> 836 </tr> 837 <tr> 838 <td>CVE-2017-0424</td> 839 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc"> 840 A-32322450</a></td> 841 <td></td> 842 <td></td> 843 <td>6.06.0.17.07.1.1</td> 844 <td>2016 10 20 </td> 845 </tr> 846 </table> 847 848 849 <h3 id="id-in-audioserver"></h3> 850 <p> 851 852 </p> 853 854 <table> 855 <col width="18%"> 856 <col width="17%"> 857 <col width="10%"> 858 <col width="19%"> 859 <col width="18%"> 860 <col width="17%"> 861 <tr> 862 <th>CVE</th> 863 <th></th> 864 <th></th> 865 <th> Google </th> 866 <th> AOSP </th> 867 <th></th> 868 </tr> 869 <tr> 870 <td>CVE-2017-0425</td> 871 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff"> 872 A-32720785</a></td> 873 <td></td> 874 <td></td> 875 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 876 <td>2016 11 7 </td> 877 </tr> 878 </table> 879 880 881 <h3 id="id-in-filesystem"></h3> 882 <p> 883 884 </p> 885 886 <table> 887 <col width="18%"> 888 <col width="17%"> 889 <col width="10%"> 890 <col width="19%"> 891 <col width="18%"> 892 <col width="17%"> 893 <tr> 894 <th>CVE</th> 895 <th></th> 896 <th></th> 897 <th> Google </th> 898 <th> AOSP </th> 899 <th></th> 900 </tr> 901 <tr> 902 <td>CVE-2017-0426</td> 903 <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a"> 904 A-32799236</a> 905 [<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td> 906 <td></td> 907 <td></td> 908 <td>7.07.1.1</td> 909 <td>Google </td> 910 </tr> 911 </table> 912 913 914 <h2 id="2017-02-05-details">2017-02-05 </h2> 915 <p> 916 <a href="#2017-02-05-summary">2017-02-05 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 917 918 919 <h3 id="rce-in-qualcomm-crypto-driver">Qualcomm </h3> 920 <p> 921 Qualcomm 922 </p> 923 924 <table> 925 <col width="19%"> 926 <col width="20%"> 927 <col width="10%"> 928 <col width="23%"> 929 <col width="17%"> 930 <tr> 931 <th>CVE</th> 932 <th></th> 933 <th></th> 934 <th> Google </th> 935 <th></th> 936 </tr> 937 <tr> 938 <td>CVE-2016-8418</td> 939 <td>A-32652894<br> 940 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f"> 941 QC-CR#1077457</a></td> 942 <td></td> 943 <td>*</td> 944 <td>2016 10 10 </td> 945 </tr> 946 </table> 947 <p> 948 * Android 7.0 Google () 949 </p> 950 951 952 <h3 id="eop-in-kernel-file-system"></h3> 953 <p> 954 (Re-flash) 955 </p> 956 957 <table> 958 <col width="19%"> 959 <col width="20%"> 960 <col width="10%"> 961 <col width="23%"> 962 <col width="17%"> 963 <tr> 964 <th>CVE</th> 965 <th></th> 966 <th></th> 967 <th> Google </th> 968 <th></th> 969 </tr> 970 <tr> 971 <td>CVE-2017-0427</td> 972 <td>A-31495866*</td> 973 <td></td> 974 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 975 <td>2016 9 13 </td> 976 </tr> 977 </table> 978 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 979 </p> 980 981 982 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 983 <p> 984 NVIDIA GPU (Re-flash) 985 </p> 986 987 <table> 988 <col width="19%"> 989 <col width="20%"> 990 <col width="10%"> 991 <col width="23%"> 992 <col width="17%"> 993 <tr> 994 <th>CVE</th> 995 <th></th> 996 <th></th> 997 <th> Google </th> 998 <th></th> 999 </tr> 1000 <tr> 1001 <td>CVE-2017-0428</td> 1002 <td>A-32401526*<br> 1003 N-CVE-2017-0428</td> 1004 <td></td> 1005 <td>Nexus 9</td> 1006 <td>2016 10 25 </td> 1007 </tr> 1008 <tr> 1009 <td>CVE-2017-0429</td> 1010 <td>A-32636619*<br> 1011 N-CVE-2017-0429</td> 1012 <td></td> 1013 <td>Nexus 9</td> 1014 <td>2016 11 3 </td> 1015 </tr> 1016 </table> 1017 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1018 </p> 1019 1020 1021 <h3 id="eop-in-kernel-networking-subsystem"></h3> 1022 <p> 1023 (Re-flash) 1024 </p> 1025 1026 <table> 1027 <col width="19%"> 1028 <col width="20%"> 1029 <col width="10%"> 1030 <col width="23%"> 1031 <col width="17%"> 1032 <tr> 1033 <th>CVE</th> 1034 <th></th> 1035 <th></th> 1036 <th> Google </th> 1037 <th></th> 1038 </tr> 1039 <tr> 1040 <td>CVE-2014-9914</td> 1041 <td>A-32882659<br> 1042 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a"> 1043 </a></td> 1044 <td></td> 1045 <td>Nexus 6Nexus Player</td> 1046 <td>2016 11 9 </td> 1047 </tr> 1048 </table> 1049 1050 1051 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1052 <p> 1053 Broadcom Wi-Fi (Re-flash) 1054 </p> 1055 1056 <table> 1057 <col width="19%"> 1058 <col width="20%"> 1059 <col width="10%"> 1060 <col width="23%"> 1061 <col width="17%"> 1062 <tr> 1063 <th>CVE</th> 1064 <th></th> 1065 <th></th> 1066 <th> Google </th> 1067 <th></th> 1068 </tr> 1069 <tr> 1070 <td>CVE-2017-0430</td> 1071 <td>A-32838767*<br> 1072 B-RB#107459</td> 1073 <td></td> 1074 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1075 <td>Google </td> 1076 </tr> 1077 </table> 1078 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1079 </p> 1080 1081 1082 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1083 <p> 1084 Qualcomm 2016 9 Qualcomm AMSS 1085 </p> 1086 1087 <table> 1088 <col width="19%"> 1089 <col width="20%"> 1090 <col width="10%"> 1091 <col width="23%"> 1092 <col width="17%"> 1093 <tr> 1094 <th>CVE</th> 1095 <th></th> 1096 <th>*</th> 1097 <th> Google </th> 1098 <th></th> 1099 </tr> 1100 <tr> 1101 <td>CVE-2017-0431</td> 1102 <td>A-32573899**</td> 1103 <td></td> 1104 <td>***</td> 1105 <td>Qualcomm </td> 1106 </tr> 1107 </table> 1108 <p> 1109 * 1110 </p> 1111 <p> 1112 ** Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1113 </p> 1114 <p> 1115 *** Android 7.0 Google () 1116 </p> 1117 1118 1119 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1120 <p> 1121 MediaTek 1122 </p> 1123 1124 <table> 1125 <col width="19%"> 1126 <col width="20%"> 1127 <col width="10%"> 1128 <col width="23%"> 1129 <col width="17%"> 1130 <tr> 1131 <th>CVE</th> 1132 <th></th> 1133 <th></th> 1134 <th> Google </th> 1135 <th></th> 1136 </tr> 1137 <tr> 1138 <td>CVE-2017-0432</td> 1139 <td>A-28332719*<br> 1140 M-ALPS02708925</td> 1141 <td></td> 1142 <td>**</td> 1143 <td>2016 4 21 </td> 1144 </tr> 1145 </table> 1146 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1147 </p> 1148 <p> 1149 ** Android 7.0 Google () 1150 </p> 1151 1152 1153 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1154 <p> 1155 Synaptics 1156 </p> 1157 1158 <table> 1159 <col width="19%"> 1160 <col width="20%"> 1161 <col width="10%"> 1162 <col width="23%"> 1163 <col width="17%"> 1164 <tr> 1165 <th>CVE</th> 1166 <th></th> 1167 <th></th> 1168 <th> Google </th> 1169 <th></th> 1170 </tr> 1171 <tr> 1172 <td>CVE-2017-0433</td> 1173 <td>A-31913571*</td> 1174 <td></td> 1175 <td>Nexus 6PNexus 9Android OnePixelPixel XL</td> 1176 <td>2016 9 8 </td> 1177 </tr> 1178 <tr> 1179 <td>CVE-2017-0434</td> 1180 <td>A-33001936*</td> 1181 <td></td> 1182 <td>PixelPixel XL</td> 1183 <td>2016 11 18 </td> 1184 </tr> 1185 </table> 1186 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1187 </p> 1188 1189 1190 <h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm </h3> 1191 <p> 1192 Qualcomm 1193 </p> 1194 1195 <table> 1196 <col width="19%"> 1197 <col width="20%"> 1198 <col width="10%"> 1199 <col width="23%"> 1200 <col width="17%"> 1201 <tr> 1202 <th>CVE</th> 1203 <th></th> 1204 <th></th> 1205 <th> Google </th> 1206 <th></th> 1207 </tr> 1208 <tr> 1209 <td>CVE-2016-8480</td> 1210 <td>A-31804432<br> 1211 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471"> 1212 QC-CR#1086186</a> 1213 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td> 1214 <td></td> 1215 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1216 <td>2016 9 28 </td> 1217 </tr> 1218 </table> 1219 1220 1221 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1222 <p> 1223 Qualcomm 1224 </p> 1225 1226 <table> 1227 <col width="19%"> 1228 <col width="20%"> 1229 <col width="10%"> 1230 <col width="23%"> 1231 <col width="17%"> 1232 <tr> 1233 <th>CVE</th> 1234 <th></th> 1235 <th></th> 1236 <th> Google </th> 1237 <th></th> 1238 </tr> 1239 <tr> 1240 <td>CVE-2016-8481</td> 1241 <td>A-31906415*<br> 1242 QC-CR#1078000</td> 1243 <td></td> 1244 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1245 <td>2016 10 1 </td> 1246 </tr> 1247 <tr> 1248 <td>CVE-2017-0435</td> 1249 <td>A-31906657*<br> 1250 QC-CR#1078000</td> 1251 <td></td> 1252 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1253 <td>2016 10 1 </td> 1254 </tr> 1255 <tr> 1256 <td>CVE-2017-0436</td> 1257 <td>A-32624661*<br> 1258 QC-CR#1078000</td> 1259 <td></td> 1260 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1261 <td>2016 11 2 </td> 1262 </tr> 1263 </table> 1264 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1265 </p> 1266 1267 1268 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1269 <p> 1270 Qualcomm Wi-Fi 1271 </p> 1272 1273 <table> 1274 <col width="19%"> 1275 <col width="20%"> 1276 <col width="10%"> 1277 <col width="23%"> 1278 <col width="17%"> 1279 <tr> 1280 <th>CVE</th> 1281 <th></th> 1282 <th></th> 1283 <th> Google </th> 1284 <th></th> 1285 </tr> 1286 <tr> 1287 <td>CVE-2017-0437</td> 1288 <td>A-32402310<br> 1289 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1290 QC-CR#1092497</a></td> 1291 <td></td> 1292 <td>Nexus 5XPixelPixel XL</td> 1293 <td>2016 10 25 </td> 1294 </tr> 1295 <tr> 1296 <td>CVE-2017-0438</td> 1297 <td>A-32402604<br> 1298 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1299 QC-CR#1092497</a></td> 1300 <td></td> 1301 <td>Nexus 5XPixelPixel XL</td> 1302 <td>2016 10 25 </td> 1303 </tr> 1304 <tr> 1305 <td>CVE-2017-0439</td> 1306 <td>A-32450647<br> 1307 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61"> 1308 QC-CR#1092059</a></td> 1309 <td></td> 1310 <td>Nexus 5XPixelPixel XL</td> 1311 <td>2016 10 25 </td> 1312 </tr> 1313 <tr> 1314 <td>CVE-2016-8419</td> 1315 <td>A-32454494<br> 1316 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488"> 1317 QC-CR#1087209</a></td> 1318 <td></td> 1319 <td>Nexus 5XPixelPixel XL</td> 1320 <td>2016 10 26 </td> 1321 </tr> 1322 <tr> 1323 <td>CVE-2016-8420</td> 1324 <td>A-32451171<br> 1325 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e"> 1326 QC-CR#1087807</a></td> 1327 <td></td> 1328 <td>Nexus 5XPixelPixel XL</td> 1329 <td>2016 10 26 </td> 1330 </tr> 1331 <tr> 1332 <td>CVE-2016-8421</td> 1333 <td>A-32451104<br> 1334 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb"> 1335 QC-CR#1087797</a></td> 1336 <td></td> 1337 <td>Nexus 5XPixelPixel XL</td> 1338 <td>2016 10 26 </td> 1339 </tr> 1340 <tr> 1341 <td>CVE-2017-0440</td> 1342 <td>A-33252788<br> 1343 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268"> 1344 QC-CR#1095770</a></td> 1345 <td></td> 1346 <td>Nexus 5XPixelPixel XL</td> 1347 <td>2016 11 11 </td> 1348 </tr> 1349 <tr> 1350 <td>CVE-2017-0441</td> 1351 <td>A-32872662<br> 1352 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684"> 1353 QC-CR#1095009</a></td> 1354 <td></td> 1355 <td>Nexus 5XPixelPixel XL</td> 1356 <td>2016 11 11 </td> 1357 </tr> 1358 <tr> 1359 <td>CVE-2017-0442</td> 1360 <td>A-32871330<br> 1361 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1362 QC-CR#1092497</a></td> 1363 <td></td> 1364 <td>Nexus 5XPixelPixel XL</td> 1365 <td>2016 11 13 </td> 1366 </tr> 1367 <tr> 1368 <td>CVE-2017-0443</td> 1369 <td>A-32877494<br> 1370 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1371 QC-CR#1092497</a></td> 1372 <td></td> 1373 <td>Nexus 5XPixelPixel XL</td> 1374 <td>2016 11 13 </td> 1375 </tr> 1376 <tr> 1377 <td>CVE-2016-8476</td> 1378 <td>A-32879283<br> 1379 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799"> 1380 QC-CR#1091940</a></td> 1381 <td></td> 1382 <td>Nexus 5XPixelPixel XL</td> 1383 <td>2016 11 14 </td> 1384 </tr> 1385 </table> 1386 1387 1388 <h3 id="eop-in-realtek-sound-driver">Realtek </h3> 1389 <p> 1390 Realtek 1391 </p> 1392 1393 <table> 1394 <col width="19%"> 1395 <col width="20%"> 1396 <col width="10%"> 1397 <col width="23%"> 1398 <col width="17%"> 1399 <tr> 1400 <th>CVE</th> 1401 <th></th> 1402 <th></th> 1403 <th> Google </th> 1404 <th></th> 1405 </tr> 1406 <tr> 1407 <td>CVE-2017-0444</td> 1408 <td>A-32705232*</td> 1409 <td></td> 1410 <td>Nexus 9</td> 1411 <td>2016 11 7 </td> 1412 </tr> 1413 </table> 1414 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1415 </p> 1416 1417 1418 <h3 id="eop-in-htc-touchscreen-driver">HTC </h3> 1419 <p> 1420 HTC 1421 </p> 1422 1423 <table> 1424 <col width="19%"> 1425 <col width="20%"> 1426 <col width="10%"> 1427 <col width="23%"> 1428 <col width="17%"> 1429 <tr> 1430 <th>CVE</th> 1431 <th></th> 1432 <th></th> 1433 <th> Google </th> 1434 <th></th> 1435 </tr> 1436 <tr> 1437 <td>CVE-2017-0445</td> 1438 <td>A-32769717*</td> 1439 <td></td> 1440 <td>PixelPixel XL</td> 1441 <td>2016 11 9 </td> 1442 </tr> 1443 <tr> 1444 <td>CVE-2017-0446</td> 1445 <td>A-32917445*</td> 1446 <td></td> 1447 <td>PixelPixel XL</td> 1448 <td>2016 11 15 </td> 1449 </tr> 1450 <tr> 1451 <td>CVE-2017-0447</td> 1452 <td>A-32919560*</td> 1453 <td></td> 1454 <td>PixelPixel XL</td> 1455 <td>2016 11 15 </td> 1456 </tr> 1457 </table> 1458 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1459 </p> 1460 1461 1462 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1463 <p> 1464 NVIDIA 1465 </p> 1466 1467 <table> 1468 <col width="19%"> 1469 <col width="20%"> 1470 <col width="10%"> 1471 <col width="23%"> 1472 <col width="17%"> 1473 <tr> 1474 <th>CVE</th> 1475 <th></th> 1476 <th></th> 1477 <th> Google </th> 1478 <th></th> 1479 </tr> 1480 <tr> 1481 <td>CVE-2017-0448</td> 1482 <td>A-32721029*<br> 1483 N-CVE-2017-0448</td> 1484 <td></td> 1485 <td>Nexus 9</td> 1486 <td>2016 11 7 </td> 1487 </tr> 1488 </table> 1489 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1490 </p> 1491 1492 1493 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi </h3> 1494 <p> 1495 Broadcom Wi-Fi 1496 </p> 1497 1498 <table> 1499 <col width="19%"> 1500 <col width="20%"> 1501 <col width="10%"> 1502 <col width="23%"> 1503 <col width="17%"> 1504 <tr> 1505 <th>CVE</th> 1506 <th></th> 1507 <th></th> 1508 <th> Google </th> 1509 <th></th> 1510 </tr> 1511 <tr> 1512 <td>CVE-2017-0449</td> 1513 <td>A-31707909*<br> 1514 B-RB#32094</td> 1515 <td></td> 1516 <td>Nexus 6Nexus 6P</td> 1517 <td>2016 9 23 </td> 1518 </tr> 1519 </table> 1520 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1521 </p> 1522 1523 1524 <h3 id="eop-in-audioserver-2"></h3> 1525 <p> 1526 </p> 1527 1528 <table> 1529 <col width="19%"> 1530 <col width="20%"> 1531 <col width="10%"> 1532 <col width="23%"> 1533 <col width="17%"> 1534 <tr> 1535 <th>CVE</th> 1536 <th></th> 1537 <th></th> 1538 <th> Google </th> 1539 <th></th> 1540 </tr> 1541 <tr> 1542 <td>CVE-2017-0450</td> 1543 <td>A-32917432*</td> 1544 <td></td> 1545 <td>Nexus 9</td> 1546 <td>2016 11 15 </td> 1547 </tr> 1548 </table> 1549 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1550 </p> 1551 1552 1553 <h3 id="eop-in-kernel-file-system-2"></h3> 1554 <p> 1555 1556 </p> 1557 1558 <table> 1559 <col width="19%"> 1560 <col width="20%"> 1561 <col width="10%"> 1562 <col width="23%"> 1563 <col width="17%"> 1564 <tr> 1565 <th>CVE</th> 1566 <th></th> 1567 <th></th> 1568 <th> Google </th> 1569 <th></th> 1570 </tr> 1571 <tr> 1572 <td>CVE-2016-10044</td> 1573 <td>A-31711619*</td> 1574 <td></td> 1575 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1576 <td>Google </td> 1577 </tr> 1578 </table> 1579 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1580 </p> 1581 1582 1583 <h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm </h3> 1584 <p> 1585 Qualcomm 1586 </p> 1587 1588 <table> 1589 <col width="19%"> 1590 <col width="20%"> 1591 <col width="10%"> 1592 <col width="23%"> 1593 <col width="17%"> 1594 <tr> 1595 <th>CVE</th> 1596 <th></th> 1597 <th></th> 1598 <th> Google </th> 1599 <th></th> 1600 </tr> 1601 <tr> 1602 <td>CVE-2016-8414</td> 1603 <td>A-31704078<br> 1604 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846"> 1605 QC-CR#1076407</a></td> 1606 <td></td> 1607 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1608 <td>2016 9 23 </td> 1609 </tr> 1610 </table> 1611 1612 1613 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3> 1614 <p> 1615 Qualcomm 1616 </p> 1617 1618 <table> 1619 <col width="19%"> 1620 <col width="20%"> 1621 <col width="10%"> 1622 <col width="23%"> 1623 <col width="17%"> 1624 <tr> 1625 <th>CVE</th> 1626 <th></th> 1627 <th></th> 1628 <th> Google </th> 1629 <th></th> 1630 </tr> 1631 <tr> 1632 <td>CVE-2017-0451</td> 1633 <td>A-31796345<br> 1634 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e"> 1635 QC-CR#1073129</a> 1636 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td> 1637 <td></td> 1638 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1639 <td>2016 9 27 </td> 1640 </tr> 1641 </table> 1642 1643 <h2 id="common-questions-and-answers"></h2> 1644 <p></p> 1645 <p><strong>1. </strong></p> 1646 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 1647 <ul> 1648 <li>2017 2 1 2017-02-01 </li> 1649 <li>2017 2 5 2017-02-05 1650 </li> 1651 </ul> 1652 <p></p> 1653 <ul> 1654 <li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li> 1655 <li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li> 1656 </ul> 1657 1658 <p><strong>2. </strong></p> 1659 1660 <p> Android Android Android </p> 1661 <ul> 1662 <li> 2017 1 1 </li> 1663 <li> 2017 1 5 () </li> 1664 </ul> 1665 <p></p> 1666 <p><strong>3. Google </strong></p> 1667 <p> <a href="#2017-02-01-details">2017-02-01</a> <a href="#2017-02-05-details">2017-02-05</a> Google <em></em> Google </p> 1668 <ul> 1669 <li><strong> Google </strong> Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 1670 <li><strong> Google </strong> Google Google <em></em> Google </li> 1671 <li><strong> Google </strong> Android 7.0 Google Google <em></em></li> 1672 </ul> 1673 <p><strong>4. </strong></p> 1674 <p><em></em></p> 1675 <table> 1676 <tr> 1677 <th></th> 1678 <th></th> 1679 </tr> 1680 <tr> 1681 <td>A-</td> 1682 <td>Android ID</td> 1683 </tr> 1684 <tr> 1685 <td>QC-</td> 1686 <td>Qualcomm </td> 1687 </tr> 1688 <tr> 1689 <td>M-</td> 1690 <td>MediaTek </td> 1691 </tr> 1692 <tr> 1693 <td>N-</td> 1694 <td>NVIDIA </td> 1695 </tr> 1696 <tr> 1697 <td>B-</td> 1698 <td>Broadcom </td> 1699 </tr> 1700 </table> 1701 1702 <h2 id="revisions"></h2> 1703 <ul> 1704 <li>2017 2 6 </li> 1705 <li>2017 2 8 AOSP </li> 1706 </ul> 1707
