1 <html devsite> 2 <head> 3 <title>Nexus - 2015 12 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p> 27 Android Nexus OTANexus 28 <a href="https://developers.google.com/android/nexus/images"> 29 Google 30 </a> 31 LMY48Z Android 6.0 2015 12 1 32 <a href="http://source.android.com/security/bulletin/2015-12-01.html#common_questions_and_answers"> 33 34 </a> 35 36 </p> 37 <p> 38 2015 11 2 Android AOSP 39 </p> 40 <p> 41 MMS 42 </p> 43 <p> 44 45 <a href="http://source.android.com/security/enhancements/index.html"> 46 Android 47 </a> 48 SafetyNet 49 <a href="http://source.android.com/security/bulletin/2015-12-01.html#mitigations"> 50 51 </a> 52 Android 53 </p> 54 <h2 id="security_vulnerability_summary" style="margin-bottom:0px"> 55 56 </h2> 57 <hr/> 58 <p> 59 CVE 60 <a href="http://source.android.com/security/overview/updates-resources.html#severity"> 61 62 </a> 63 64 </p> 65 <table> 66 <tbody> 67 <tr> 68 <th> 69 70 </th> 71 <th> 72 CVE 73 </th> 74 <th> 75 76 </th> 77 </tr> 78 <tr> 79 <td> 80 81 </td> 82 <td> 83 CVE-2015-6616 84 </td> 85 <td> 86 87 </td> 88 </tr> 89 <tr> 90 <td> 91 Skia 92 </td> 93 <td> 94 CVE-2015-6617 95 </td> 96 <td> 97 98 </td> 99 </tr> 100 <tr> 101 <td> 102 103 </td> 104 <td> 105 CVE-2015-6619 106 </td> 107 <td> 108 109 </td> 110 </tr> 111 <tr> 112 <td> 113 114 </td> 115 <td> 116 CVE-2015-6633 117 <br/> 118 CVE-2015-6634 119 </td> 120 <td> 121 122 </td> 123 </tr> 124 <tr> 125 <td> 126 Bluetooth 127 </td> 128 <td> 129 CVE-2015-6618 130 </td> 131 <td> 132 133 </td> 134 </tr> 135 <tr> 136 <td> 137 libstagefright 138 </td> 139 <td> 140 CVE-2015-6620 141 </td> 142 <td> 143 144 </td> 145 </tr> 146 <tr> 147 <td> 148 SystemUI 149 </td> 150 <td> 151 CVE-2015-6621 152 </td> 153 <td> 154 155 </td> 156 </tr> 157 <tr> 158 <td> 159 160 </td> 161 <td> 162 CVE-2015-6622 163 </td> 164 <td> 165 166 </td> 167 </tr> 168 <tr> 169 <td> 170 Wi-Fi 171 </td> 172 <td> 173 CVE-2015-6623 174 </td> 175 <td> 176 177 </td> 178 </tr> 179 <tr> 180 <td> 181 System Server 182 </td> 183 <td> 184 CVE-2015-6624 185 </td> 186 <td> 187 188 </td> 189 </tr> 190 <tr> 191 <td> 192 libstagefright 193 </td> 194 <td> 195 CVE-2015-6626 196 <br/> 197 CVE-2015-6631 198 <br/> 199 CVE-2015-6632 200 </td> 201 <td> 202 203 </td> 204 </tr> 205 <tr> 206 <td> 207 Audio 208 </td> 209 <td> 210 CVE-2015-6627 211 </td> 212 <td> 213 214 </td> 215 </tr> 216 <tr> 217 <td> 218 219 </td> 220 <td> 221 CVE-2015-6628 222 </td> 223 <td> 224 225 </td> 226 </tr> 227 <tr> 228 <td> 229 Wi-Fi 230 </td> 231 <td> 232 CVE-2015-6629 233 </td> 234 <td> 235 236 </td> 237 </tr> 238 <tr> 239 <td> 240 System Server 241 </td> 242 <td> 243 CVE-2015-6625 244 </td> 245 <td> 246 247 </td> 248 </tr> 249 <tr> 250 <td> 251 SystemUI 252 </td> 253 <td> 254 CVE-2015-6630 255 </td> 256 <td> 257 258 </td> 259 </tr> 260 </tbody> 261 </table> 262 <h2 id="mitigations" style="margin-bottom:0px"> 263 264 </h2> 265 <hr/> 266 <p> 267 268 <a href="http://source.android.com/security/enhancements/index.html"> 269 Android 270 </a> 271 SafetyNet Android 272 </p> 273 <ul> 274 <li> 275 Android Android Android 276 </li> 277 <li> 278 Android SafetyNet Google Play Google Play 279 </li> 280 <li> 281 Google 282 </li> 283 </ul> 284 <h2 id="acknowledgements" style="margin-bottom:0px"> 285 286 </h2> 287 <hr/> 288 <p> 289 290 </p> 291 <ul> 292 <li> 293 Google Chrome Abhishek AryaOliver ChangMartin Barbella: CVE-2015-6616CVE-2015-6617CVE-2015-6623CVE-2015-6626CVE-2015-6619CVE-2015-6633CVE-2015-6634 294 </li> 295 <li> 296 <a href="http://k33nteam.org/"> 297 KeenTeam 298 </a> 299 300 <a href="https://twitter.com/k33nteam"> @K33nTeam </a> 301 Flanker 302 <a href="https://twitter.com/flanker_hqd"> @flanker_hqd </a> 303 : CVE-2015-6620 304 </li> 305 <li> 306 <a href="http://www.360.cn/"> 307 Qihoo 360 Technology Co.Ltd 308 </a> 309 Guang Gong 310 <a href="https://twitter.com/oldfresher"> @oldfresher </a> 311 higongguang (a] gmail.com: CVE-2015-6626 312 </li> 313 <li> 314 EmberMitre Ltd Mark Carter 315 <a href="https://twitter.com/hanpingchinese"> @hanpingchinese </a> 316 : CVE-2015-6630 317 </li> 318 <li> 319 Micha Bednarski 320 <a href="https://github.com/michalbednarski"> 321 https://github.com/michalbednarski 322 </a> 323 : CVE-2015-6621 324 </li> 325 <li> 326 Google Project Zero Natalie Silvanovich: CVE-2015-6616 327 </li> 328 <li> 329 Trend Micro Peter Pi: CVE-2015-6616CVE-2015-6628 330 </li> 331 <li> 332 <a href="http://k33nteam.org/"> 333 KeenTeam 334 </a> 335 336 <a href="https://twitter.com/k33nteam"> @K33nTeam </a> 337 Qidan He 338 <a href="https://twitter.com/flanker_hqd"> @flanker_hqd </a> 339 Marco Grassi 340 <a href="https://twitter.com/marcograss"> @marcograss </a> 341 : CVE-2015-6622 342 </li> 343 <li> 344 Tzu-YinNinaTai: CVE-2015-6627 345 </li> 346 <li> 347 Fundacin Dr. Manuel SadoskyPrograma STIC Joaqun Rinaudo 348 <a href="https://twitter.com/xeroxnir"> @xeroxnir </a> 349 : CVE-2015-6631 350 </li> 351 </ul> 352 <h2 id="security_vulnerability_details" style="margin-bottom:0px"> 353 354 </h2> 355 <hr/> 356 <p> 357 358 <a href="http://source.android.com/security/bulletin/2015-12-01.html#security_vulnerability_summary"> 359 360 </a> 361 CVE ID AOSP ID AOSP 362 </p> 363 <h3 id="remote_code_execution_vulnerabilities_in_mediaserver"> 364 365 </h3> 366 <p> 367 368 </p> 369 <p> 370 MMS 371 </p> 372 <p> 373 374 </p> 375 <table> 376 <tbody> 377 <tr> 378 <th> 379 CVE 380 </th> 381 <th> 382 AOSP 383 </th> 384 <th> 385 386 </th> 387 <th> 388 389 </th> 390 <th> 391 392 </th> 393 </tr> 394 <tr> 395 <td rowspan="5"> 396 CVE-2015-6616 397 </td> 398 <td> 399 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/257b3bc581bbc65318a4cc2d3c22a07a4429dc1d"> 400 ANDROID-24630158 401 </a> 402 </td> 403 <td> 404 405 </td> 406 <td> 407 6.0 408 </td> 409 <td> 410 Google 411 </td> 412 </tr> 413 <tr> 414 <td> 415 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/0d35dd2068d6422c3c77fb68f248cbabf3d0b10c"> 416 ANDROID-23882800 417 </a> 418 </td> 419 <td> 420 421 </td> 422 <td> 423 6.0 424 </td> 425 <td> 426 Google 427 </td> 428 </tr> 429 <tr> 430 <td> 431 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/dedaca6f04ac9f95fabe3b64d44cd1a2050f079e"> 432 ANDROID-17769851 433 </a> 434 </td> 435 <td> 436 437 </td> 438 <td> 439 5.1 440 </td> 441 <td> 442 Google 443 </td> 444 </tr> 445 <tr> 446 <td> 447 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5d101298d8b0a78a1dc5bd26dbdada411f4ecd4d"> 448 ANDROID-24441553 449 </a> 450 </td> 451 <td> 452 453 </td> 454 <td> 455 6.0 456 </td> 457 <td> 458 2015 9 22 459 </td> 460 </tr> 461 <tr> 462 <td> 463 <a href="https://android.googlesource.com/platform%2Fexternal%2Flibavc/+/2ee0c1bced131ffb06d1b430b08a202cd3a52005"> 464 ANDROID-24157524 465 </a> 466 </td> 467 <td> 468 469 </td> 470 <td> 471 6.0 472 </td> 473 <td> 474 2015 9 8 475 </td> 476 </tr> 477 </tbody> 478 </table> 479 <h3 id="remote_code_execution_vulnerability_in_skia"> 480 Skia 481 </h3> 482 <p> 483 Skia MMS 484 </p> 485 <table> 486 <tbody> 487 <tr> 488 <th> 489 CVE 490 </th> 491 <th> 492 AOSP 493 </th> 494 <th> 495 496 </th> 497 <th> 498 499 </th> 500 <th> 501 502 </th> 503 </tr> 504 <tr> 505 <td> 506 CVE-2015-6617 507 </td> 508 <td> 509 <a href="https://android.googlesource.com/platform%2Fexternal%2Fskia/+/a1d8ac0ac0af44d74fc082838936ec265216ab60"> 510 ANDROID-23648740 511 </a> 512 </td> 513 <td> 514 515 </td> 516 <td> 517 6.0 518 </td> 519 <td> 520 Google 521 </td> 522 </tr> 523 </tbody> 524 </table> 525 <h3 id="elevation_of_privilege_in_kernel"> 526 527 </h3> 528 <p> 529 530 </p> 531 <table> 532 <tbody> 533 <tr> 534 <th> 535 CVE 536 </th> 537 <th> 538 AOSP 539 </th> 540 <th> 541 542 </th> 543 <th> 544 545 </th> 546 <th> 547 548 </th> 549 </tr> 550 <tr> 551 <td> 552 CVE-2015-6619 553 </td> 554 <td> 555 <a href="https://android.googlesource.com/device%2Fhtc%2Fflounder-kernel/+/25d3e5d71865a7c0324423fad87aaabb70e82ee4"> 556 ANDROID-23520714 557 </a> 558 </td> 559 <td> 560 561 </td> 562 <td> 563 6.0 564 </td> 565 <td> 566 2015 6 7 567 </td> 568 </tr> 569 </tbody> 570 </table> 571 <h3 id="remote_code_execution_vulnerabilities_in_display_driver"> 572 573 </h3> 574 <p> 575 MMS 576 </p> 577 <table> 578 <tbody> 579 <tr> 580 <th> 581 CVE 582 </th> 583 <th> 584 AOSP 585 </th> 586 <th> 587 588 </th> 589 <th> 590 591 </th> 592 <th> 593 594 </th> 595 </tr> 596 <tr> 597 <td> 598 CVE-2015-6633 599 </td> 600 <td> 601 ANDROID-23987307* 602 </td> 603 <td> 604 605 </td> 606 <td> 607 6.0 608 </td> 609 <td> 610 Google 611 </td> 612 </tr> 613 <tr> 614 <td> 615 CVE-2015-6634 616 </td> 617 <td> 618 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/25016fd2865943dec1a6b2b167ef85c772fb90f7"> 619 ANDROID-24163261 620 </a> 621 [ 622 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/0787bc222a016e944f01492c2dd04bd03c1da6af"> 623 2 624 </a> 625 ] [ 626 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/95c2601aab7f27505e8b086fdd1f1dce31091e5d"> 627 3 628 </a> 629 ] [ 630 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/45660529af1f4063a00e84aa2361649e6a9a878c"> 631 4 632 </a> 633 ] 634 </td> 635 <td> 636 637 </td> 638 <td> 639 5.1 640 </td> 641 <td> 642 Google 643 </td> 644 </tr> 645 </tbody> 646 </table> 647 <p> 648 * AOSP 649 <a href="https://developers.google.com/android/nexus/drivers"> 650 Google 651 </a> 652 Nexus 653 </p> 654 <h3 id="remote_code_execution_vulnerability_in_bluetooth"> 655 Bluetooth 656 </h3> 657 <p> 658 Android Bluetooth Personal Area NetworkPAN Bluetooth Bluetooth 659 </p> 660 <p> 661 662 </p> 663 <table> 664 <tbody> 665 <tr> 666 <th> 667 CVE 668 </th> 669 <th> 670 671 </th> 672 <th> 673 674 </th> 675 <th> 676 677 </th> 678 <th> 679 680 </th> 681 </tr> 682 <tr> 683 <td> 684 CVE-2015-6618 685 </td> 686 <td> 687 ANDROID-24595992* 688 </td> 689 <td> 690 691 </td> 692 <td> 693 4.45.05.1 694 </td> 695 <td> 696 2015 9 28 697 </td> 698 </tr> 699 </tbody> 700 </table> 701 <p> 702 * AOSP 703 <a href="https://developers.google.com/android/nexus/drivers"> 704 Google 705 </a> 706 Nexus 707 </p> 708 <h3 id="elevation_of_privilege_vulnerabilities_in_libstagefright"> 709 libstagefright 710 </h3> 711 <p> 712 libstagefright 713 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 714 signature 715 </a> 716 717 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 718 signatureOrSystem 719 </a> 720 721 </p> 722 <table> 723 <tbody> 724 <tr> 725 <th> 726 CVE 727 </th> 728 <th> 729 AOSP 730 </th> 731 <th> 732 733 </th> 734 <th> 735 736 </th> 737 <th> 738 739 </th> 740 </tr> 741 <tr> 742 <td rowspan="2"> 743 CVE-2015-6620 744 </td> 745 <td> 746 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/2b8cd9cbb3e72ffd048ffdd1609fac74f61a22ac"> 747 ANDROID-24123723 748 </a> 749 </td> 750 <td> 751 752 </td> 753 <td> 754 6.0 755 </td> 756 <td> 757 2015 9 10 758 </td> 759 </tr> 760 <tr> 761 <td> 762 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/77c185d5499d6174e7a97b3e1512994d3a803151"> 763 ANDROID-24445127 764 </a> 765 </td> 766 <td> 767 768 </td> 769 <td> 770 6.0 771 </td> 772 <td> 773 2015 9 2 774 </td> 775 </tr> 776 </tbody> 777 </table> 778 <h3 id="elevation_of_privilege_vulnerability_in_systemui"> 779 SystemUI 780 </h3> 781 <p> 782 SystemUI 783 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 784 signature 785 </a> 786 787 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 788 signatureOrSystem 789 </a> 790 791 </p> 792 <table> 793 <tbody> 794 <tr> 795 <th> 796 CVE 797 </th> 798 <th> 799 AOSP 800 </th> 801 <th> 802 803 </th> 804 <th> 805 806 </th> 807 <th> 808 809 </th> 810 </tr> 811 <tr> 812 <td> 813 CVE-2015-6621 814 </td> 815 <td> 816 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/e70e8ac93807c51240b2cd9afed35bf454ea00b3"> 817 ANDROID-23909438 818 </a> 819 </td> 820 <td> 821 822 </td> 823 <td> 824 5.05.16.0 825 </td> 826 <td> 827 2015 9 7 828 </td> 829 </tr> 830 </tbody> 831 </table> 832 <h3 id="information_disclosure_vulnerability_in_native_frameworks_library"> 833 834 </h3> 835 <p> 836 Android 837 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 838 signature 839 </a> 840 841 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 842 signatureOrSystem 843 </a> 844 845 </p> 846 <table> 847 <tbody> 848 <tr> 849 <th> 850 CVE 851 </th> 852 <th> 853 AOSP 854 </th> 855 <th> 856 857 </th> 858 <th> 859 860 </th> 861 <th> 862 863 </th> 864 </tr> 865 <tr> 866 <td> 867 CVE-2015-6622 868 </td> 869 <td> 870 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fnative/+/5d17838adef13062717322e79d4db0b9bb6b2395"> 871 ANDROID-23905002 872 </a> 873 </td> 874 <td> 875 876 </td> 877 <td> 878 6.0 879 </td> 880 <td> 881 2015 9 7 882 </td> 883 </tr> 884 </tbody> 885 </table> 886 <h3 id="elevation_of_privilege_vulnerability_in_wi-fi"> 887 Wi-Fi 888 </h3> 889 <p> 890 Wi-Fi 891 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 892 signature 893 </a> 894 895 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 896 signatureOrSystem 897 </a> 898 899 </p> 900 <table> 901 <tbody> 902 <tr> 903 <th> 904 CVE 905 </th> 906 <th> 907 AOSP 908 </th> 909 <th> 910 911 </th> 912 <th> 913 914 </th> 915 <th> 916 917 </th> 918 </tr> 919 <tr> 920 <td> 921 CVE-2015-6623 922 </td> 923 <td> 924 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/a15a2ee69156fa6fff09c0dd9b8182cb8fafde1c"> 925 ANDROID-24872703 926 </a> 927 </td> 928 <td> 929 930 </td> 931 <td> 932 6.0 933 </td> 934 <td> 935 Google 936 </td> 937 </tr> 938 </tbody> 939 </table> 940 <h3 id="elevation_of_privilege_vulnerability_in_system_server"> 941 System Server 942 </h3> 943 <p> 944 System Server 945 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 946 signature 947 </a> 948 949 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 950 signatureOrSystem 951 </a> 952 953 </p> 954 <table> 955 <tbody> 956 <tr> 957 <th> 958 CVE 959 </th> 960 <th> 961 AOSP 962 </th> 963 <th> 964 965 </th> 966 <th> 967 968 </th> 969 <th> 970 971 </th> 972 </tr> 973 <tr> 974 <td> 975 CVE-2015-6624 976 </td> 977 <td> 978 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f86a441cb5b0dccd3106019e578c3535498e5315"> 979 ANDROID-23999740 980 </a> 981 </td> 982 <td> 983 984 </td> 985 <td> 986 6.0 987 </td> 988 <td> 989 Google 990 </td> 991 </tr> 992 </tbody> 993 </table> 994 <h3 id="information_disclosure_vulnerabilities_in_libstagefright"> 995 libstagefright 996 </h3> 997 <p> 998 libstagefright 999 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1000 signature 1001 </a> 1002 1003 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1004 signatureOrSystem 1005 </a> 1006 1007 </p> 1008 <table> 1009 <tbody> 1010 <tr> 1011 <th> 1012 CVE 1013 </th> 1014 <th> 1015 AOSP 1016 </th> 1017 <th> 1018 1019 </th> 1020 <th> 1021 1022 </th> 1023 <th> 1024 1025 </th> 1026 </tr> 1027 <tr> 1028 <td> 1029 CVE-2015-6632 1030 </td> 1031 <td> 1032 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5cae16bdce77b0a3ba590b55637f7d55a2f35402"> 1033 ANDROID-24346430 1034 </a> 1035 </td> 1036 <td> 1037 1038 </td> 1039 <td> 1040 6.0 1041 </td> 1042 <td> 1043 Google 1044 </td> 1045 </tr> 1046 <tr> 1047 <td> 1048 CVE-2015-6626 1049 </td> 1050 <td> 1051 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/8dde7269a5356503d2b283234b6cb46d0c3f214e"> 1052 ANDROID-24310423 1053 </a> 1054 </td> 1055 <td> 1056 1057 </td> 1058 <td> 1059 6.0 1060 </td> 1061 <td> 1062 2015 9 2 1063 </td> 1064 </tr> 1065 <tr> 1066 <td> 1067 CVE-2015-6631 1068 </td> 1069 <td> 1070 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7ed8d1eff9b292b3c65a875b13a549e29654534b"> 1071 ANDROID-24623447 1072 </a> 1073 </td> 1074 <td> 1075 1076 </td> 1077 <td> 1078 6.0 1079 </td> 1080 <td> 1081 2015 8 21 1082 </td> 1083 </tr> 1084 </tbody> 1085 </table> 1086 <h3 id="information_disclosure_vulnerability_in_audio"> 1087 Audio 1088 </h3> 1089 <p> 1090 Audio 1091 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1092 signature 1093 </a> 1094 1095 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1096 signatureOrSystem 1097 </a> 1098 1099 </p> 1100 <table> 1101 <tbody> 1102 <tr> 1103 <th> 1104 CVE 1105 </th> 1106 <th> 1107 AOSP 1108 </th> 1109 <th> 1110 1111 </th> 1112 <th> 1113 1114 </th> 1115 <th> 1116 1117 </th> 1118 </tr> 1119 <tr> 1120 <td> 1121 CVE-2015-6627 1122 </td> 1123 <td> 1124 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/8c987fa71326eb0cc504959a5ebb440410d73180"> 1125 ANDROID-24211743 1126 </a> 1127 </td> 1128 <td> 1129 1130 </td> 1131 <td> 1132 6.0 1133 </td> 1134 <td> 1135 Google 1136 </td> 1137 </tr> 1138 </tbody> 1139 </table> 1140 <h3 id="information_disclosure_vulnerability_in_media_framework"> 1141 1142 </h3> 1143 <p> 1144 1145 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1146 signature 1147 </a> 1148 1149 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1150 signatureOrSystem 1151 </a> 1152 1153 </p> 1154 <table> 1155 <tbody> 1156 <tr> 1157 <th> 1158 CVE 1159 </th> 1160 <th> 1161 AOSP 1162 </th> 1163 <th> 1164 1165 </th> 1166 <th> 1167 1168 </th> 1169 <th> 1170 1171 </th> 1172 </tr> 1173 <tr> 1174 <td> 1175 CVE-2015-6628 1176 </td> 1177 <td> 1178 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5e7e87a383fdb1fece977097a7e3cc51b296f3a0"> 1179 ANDROID-24074485 1180 </a> 1181 </td> 1182 <td> 1183 1184 </td> 1185 <td> 1186 6.0 1187 </td> 1188 <td> 1189 2015 9 8 1190 </td> 1191 </tr> 1192 </tbody> 1193 </table> 1194 <h3 id="information_disclosure_vulnerability_in_wi-fi"> 1195 Wi-Fi 1196 </h3> 1197 <p> 1198 Wi-Fi Wi-Fi 1199 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1200 signature 1201 </a> 1202 1203 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1204 signatureOrSystem 1205 </a> 1206 1207 </p> 1208 <table> 1209 <tbody> 1210 <tr> 1211 <th> 1212 CVE 1213 </th> 1214 <th> 1215 AOSP 1216 </th> 1217 <th> 1218 1219 </th> 1220 <th> 1221 1222 </th> 1223 <th> 1224 1225 </th> 1226 </tr> 1227 <tr> 1228 <td> 1229 CVE-2015-6629 1230 </td> 1231 <td> 1232 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/8b41627f7411306a0c42867fb526fa214f2991cd"> 1233 ANDROID-22667667 1234 </a> 1235 </td> 1236 <td> 1237 1238 </td> 1239 <td> 1240 5.1 5.0 1241 </td> 1242 <td> 1243 Google 1244 </td> 1245 </tr> 1246 </tbody> 1247 </table> 1248 <h3 id="elevation_of_privilege_vulnerability_in_system_server19"> 1249 System Server 1250 </h3> 1251 <p> 1252 System Server Wi-Fi 1253 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1254 dangerous 1255 </a> 1256 1257 </p> 1258 <table> 1259 <tbody> 1260 <tr> 1261 <th> 1262 CVE 1263 </th> 1264 <th> 1265 AOSP 1266 </th> 1267 <th> 1268 1269 </th> 1270 <th> 1271 1272 </th> 1273 <th> 1274 1275 </th> 1276 </tr> 1277 <tr> 1278 <td> 1279 CVE-2015-6625 1280 </td> 1281 <td> 1282 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/29fa7d2ffc3bba55173969309e280328b43eeca1"> 1283 ANDROID-23936840 1284 </a> 1285 </td> 1286 <td> 1287 1288 </td> 1289 <td> 1290 6.0 1291 </td> 1292 <td> 1293 Google 1294 </td> 1295 </tr> 1296 </tbody> 1297 </table> 1298 <h3 id="information_disclosure_vulnerability_in_systemui"> 1299 SystemUI 1300 </h3> 1301 <p> 1302 SystemUI 1303 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1304 dangerous 1305 </a> 1306 1307 </p> 1308 <table> 1309 <tbody> 1310 <tr> 1311 <th> 1312 CVE 1313 </th> 1314 <th> 1315 AOSP 1316 </th> 1317 <th> 1318 1319 </th> 1320 <th> 1321 1322 </th> 1323 <th> 1324 1325 </th> 1326 </tr> 1327 <tr> 1328 <td> 1329 CVE-2015-6630 1330 </td> 1331 <td> 1332 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/51c2619c7706575a171cf29819db14e91b815a62"> 1333 ANDROID-19121797 1334 </a> 1335 </td> 1336 <td> 1337 1338 </td> 1339 <td> 1340 5.05.16.0 1341 </td> 1342 <td> 1343 2015 1 22 1344 </td> 1345 </tr> 1346 </tbody> 1347 </table> 1348 <h3 id="common_questions_and_answers"> 1349 1350 </h3> 1351 <p> 1352 1353 </p> 1354 <p> 1355 <strong> 1356 1. 1357 </strong> 1358 </p> 1359 <p> 1360 LMY48Z Android 6.0 2015 12 1 1361 <a href="https://support.google.com/nexus/answer/4457705"> 1362 Nexus 1363 </a> 1364 [ro.build.version.security_patch]:[2015-12-01] 1365 </p> 1366 <h2 id="revisions" style="margin-bottom:0px"> 1367 1368 </h2> 1369 <hr/> 1370 <ul> 1371 <li> 1372 2015 12 7 : 1373 </li> 1374 <li> 1375 2015 12 9 : AOSP 1376 </li> 1377 <li> 1378 2015 12 22 : 1379 </li> 1380 </ul> 1381 1382 </body> 1383 </html> 1384
