Home | History | Annotate | Download | only in bulletin
      1 <html devsite>
      2   <head>
      3     <title>Nexus  - 2016  1 </title>
      4     <meta name="project_path" value="/_project.yaml" />
      5     <meta name="book_path" value="/_book.yaml" />
      6   </head>
      7   <body>
      8   <!--
      9       Copyright 2017 The Android Open Source Project
     10 
     11       Licensed under the Apache License, Version 2.0 (the "License");
     12       you may not use this file except in compliance with the License.
     13       You may obtain a copy of the License at
     14 
     15           http://www.apache.org/licenses/LICENSE-2.0
     16 
     17       Unless required by applicable law or agreed to in writing, software
     18       distributed under the License is distributed on an "AS IS" BASIS,
     19       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     20       See the License for the specific language governing permissions and
     21       limitations under the License.
     22   -->
     23 
     24 
     25 
     26   <p>
     27    Android Nexus  OTANexus  
     28    <a href="https://developers.google.com/android/nexus/images">
     29     Google  
     30    </a>
     31    LMY49F  Android 6.0   2016  1  1 
     32    <a href="http://source.android.com/security/bulletin/2016-01-01.html#common_questions_and_answers">
     33     
     34    </a>
     35    
     36   </p>
     37   <p>
     38     2015  12  7 Android  AOSP
     39   </p>
     40   <p>
     41    MMS  
     42   </p>
     43   <p>
     44    
     45    <a href="https://source.android.com/security/enhancements/">
     46     Android  
     47    </a>
     48     SafetyNet 
     49    <a href="http://source.android.com/security/bulletin/2016-01-01.html#mitigations">
     50     
     51    </a>
     52    Android 
     53   </p>
     54   <h2 id="security_vulnerability_summary" style="margin-bottom:0px">
     55    
     56   </h2>
     57   <hr/>
     58   <p>
     59    CVE
     60    <a href="https://source.android.com/security/overview/updates-resources.html#severity">
     61     
     62    </a>
     63    
     64   </p>
     65   <table>
     66    <tbody>
     67     <tr>
     68      <th>
     69       
     70      </th>
     71      <th>
     72       CVE
     73      </th>
     74      <th>
     75       
     76      </th>
     77     </tr>
     78     <tr>
     79      <td>
     80       
     81      </td>
     82      <td>
     83       CVE-2015-6636
     84      </td>
     85      <td>
     86       
     87      </td>
     88     </tr>
     89     <tr>
     90      <td>
     91       misc-sd 
     92      </td>
     93      <td>
     94       CVE-2015-6637
     95      </td>
     96      <td>
     97       
     98      </td>
     99     </tr>
    100     <tr>
    101      <td>
    102       Imagination Technologies 
    103      </td>
    104      <td>
    105       CVE-2015-6638
    106      </td>
    107      <td>
    108       
    109      </td>
    110     </tr>
    111     <tr>
    112      <td>
    113       TrustZone 
    114      </td>
    115      <td>
    116       CVE-2015-6639<br />
    117       CVE-2015-6647
    118      </td>
    119      <td>
    120       
    121      </td>
    122     </tr>
    123     <tr>
    124      <td>
    125       
    126      </td>
    127      <td>
    128       CVE-2015-6640
    129      </td>
    130      <td>
    131       
    132      </td>
    133     </tr>
    134     <tr>
    135      <td>
    136       Bluetooth 
    137      </td>
    138      <td>
    139       CVE-2015-6641
    140      </td>
    141      <td>
    142       
    143      </td>
    144     </tr>
    145     <tr>
    146      <td>
    147       
    148      </td>
    149      <td>
    150       CVE-2015-6642
    151      </td>
    152      <td>
    153       
    154      </td>
    155     </tr>
    156     <tr>
    157      <td>
    158        
    159      </td>
    160      <td>
    161       CVE-2015-6643
    162      </td>
    163      <td>
    164       
    165      </td>
    166     </tr>
    167     <tr>
    168      <td>
    169       Wi-Fi 
    170      </td>
    171      <td>
    172       CVE-2015-5310
    173      </td>
    174      <td>
    175       
    176      </td>
    177     </tr>
    178     <tr>
    179      <td>
    180       Bouncy Castle 
    181      </td>
    182      <td>
    183       CVE-2015-6644
    184      </td>
    185      <td>
    186       
    187      </td>
    188     </tr>
    189     <tr>
    190      <td>
    191       SyncManager 
    192      </td>
    193      <td>
    194       CVE-2015-6645
    195      </td>
    196      <td>
    197       
    198      </td>
    199     </tr>
    200     <tr>
    201      <td>
    202       Nexus 
    203      </td>
    204      <td>
    205       CVE-2015-6646
    206      </td>
    207      <td>
    208       
    209      </td>
    210     </tr>
    211    </tbody>
    212   </table>
    213   <h2 id="mitigations" style="margin-bottom:0px">
    214    
    215   </h2>
    216   <hr/>
    217   <p>
    218    
    219    <a href="https://source.android.com/security/enhancements/index.html">
    220     Android  
    221    </a>
    222     SafetyNet Android 
    223   </p>
    224   <ul>
    225    <li>
    226     Android Android  Android 
    227    </li>
    228    <li>
    229     Android   SafetyNet  Google Play Google Play 
    230    </li>
    231    <li>
    232     Google  
    233    </li>
    234   </ul>
    235   <h2 id="acknowledgements" style="margin-bottom:0px">
    236    
    237   </h2>
    238   <hr/>
    239   <p>
    240    
    241   </p>
    242   <ul>
    243    <li>
    244     Google Chrome   Abhishek AryaOliver ChangMartin Barbella: CVE-2015-6636
    245    </li>
    246    <li>
    247     Tencent KEEN lab
    248     <a href="https://twitter.com/k33nteam"> @K33nTeam </a>
    249      Sen Nie
    250     <a href="https://twitter.com/@nforest_"> @nforest_ </a>
    251      jfang: CVE-2015-6637
    252    </li>
    253    <li>
    254     Android Bionic  Yabin Cui: CVE-2015-6640
    255    </li>
    256    <li>
    257     Google X  Tom Craig: CVE-2015-6641
    258    </li>
    259    <li>
    260     Jann Horn
    261     <a href="https://thejh.net/">
    262      https://thejh.net
    263     </a>
    264     : CVE-2015-6642
    265    </li>
    266    <li>
    267     Jouni Malinen PGP id EFC895FA: CVE-2015-5310
    268    </li>
    269    <li>
    270     Google    Quan Nguyen: CVE-2015-6644
    271    </li>
    272    <li>
    273     Gal Beniamini
    274     <a href="https://twitter.com/@laginimaineb"> @laginimaineb </a>
    275     
    276     <a href="http://bits-please.blogspot.com/">
    277      http://bits-please.blogspot.com
    278     </a>
    279     : CVE-2015-6639
    280    </li>
    281   </ul>
    282   <h2 id="security_vulnerability_details" style="margin-bottom:0px">
    283    
    284   </h2>
    285   <hr/>
    286   <p>
    287    
    288    <a href="http://source.android.com/security/bulletin/2016-01-01.html#security_vulnerability_summary">
    289     
    290    </a>
    291    CVE ID  AOSP  ID  AOSP 
    292   </p>
    293   <h3 id="remote_code_execution_vulnerability_in_mediaserver">
    294    
    295   </h3>
    296   <p>
    297     
    298   </p>
    299   <p>
    300       MMS 
    301   </p>
    302   <p>
    303    
    304   </p>
    305   <table>
    306    <tbody>
    307     <tr>
    308      <th>
    309       CVE
    310      </th>
    311      <th>
    312        AOSP 
    313      </th>
    314      <th>
    315       
    316      </th>
    317      <th>
    318       
    319      </th>
    320      <th>
    321       
    322      </th>
    323     </tr>
    324     <tr>
    325      <td rowspan="2">
    326       CVE-2015-6636
    327      </td>
    328      <td>
    329       <a href="https://android.googlesource.com/platform%2Fexternal%2Flibhevc/+/b9f7c2c45c6fe770b7daffb9a4e61522d1f12d51#">
    330        ANDROID-25070493
    331       </a>
    332      </td>
    333      <td>
    334       
    335      </td>
    336      <td>
    337       5.05.1.16.06.0.1
    338      </td>
    339      <td>
    340       Google 
    341      </td>
    342     </tr>
    343     <tr>
    344      <td>
    345       <a href="https://android.googlesource.com/platform%2Fexternal%2Flibhevc/+/e8bfec1fa41eafa1fd8e05d0fdc53ea0f2379518">
    346        ANDROID-24686670
    347       </a>
    348      </td>
    349      <td>
    350       
    351      </td>
    352      <td>
    353       5.05.1.16.06.0.1
    354      </td>
    355      <td>
    356       Google 
    357      </td>
    358     </tr>
    359    </tbody>
    360   </table>
    361   <h3 id="elevation_of_privilege_vulnerability_in_misc-sd_driver">
    362    misc-sd 
    363   </h3>
    364   <p>
    365    MediaTek  misc-sd  
    366   </p>
    367   <table>
    368    <tbody>
    369     <tr>
    370      <th>
    371       CVE
    372      </th>
    373      <th>
    374       
    375      </th>
    376      <th>
    377       
    378      </th>
    379      <th>
    380       
    381      </th>
    382      <th>
    383       
    384      </th>
    385     </tr>
    386     <tr>
    387      <td>
    388       CVE-2015-6637
    389      </td>
    390      <td>
    391       ANDROID-25307013*
    392      </td>
    393      <td>
    394       
    395      </td>
    396      <td>
    397       4.4.45.05.1.16.06.0.1
    398      </td>
    399      <td>
    400       2015  10  26 
    401      </td>
    402     </tr>
    403    </tbody>
    404   </table>
    405   <p>
    406    *  AOSP 
    407    <a href="https://developers.google.com/android/nexus/drivers">
    408     Google  
    409    </a>
    410     Nexus  
    411   </p>
    412   <h3 id="elevation_of_privilege_vulnerability_in_the_imagination_technologies_driver">
    413    Imagination Technologies 
    414   </h3>
    415   <p>
    416    Imagination Technologies   
    417   </p>
    418   <table>
    419    <tbody>
    420     <tr>
    421      <th>
    422       CVE
    423      </th>
    424      <th>
    425       
    426      </th>
    427      <th>
    428       
    429      </th>
    430      <th>
    431       
    432      </th>
    433      <th>
    434       
    435      </th>
    436     </tr>
    437     <tr>
    438      <td>
    439       CVE-2015-6638
    440      </td>
    441      <td>
    442       ANDROID-24673908*
    443      </td>
    444      <td>
    445       
    446      </td>
    447      <td>
    448       5.05.1.16.06.0.1
    449      </td>
    450      <td>
    451       Google 
    452      </td>
    453     </tr>
    454    </tbody>
    455   </table>
    456   <p>
    457    *  AOSP 
    458    <a href="https://developers.google.com/android/nexus/drivers">
    459     Google  
    460    </a>
    461     Nexus  
    462   </p>
    463   <h3 id="elevation_of_privilege_vulnerabilities_in_trustzone">
    464    TrustZone 
    465   </h3>
    466   <p>
    467    Widevine QSEE TrustZone  QSEECOM  TrustZone  
    468   </p>
    469   <table>
    470    <tbody>
    471     <tr>
    472      <th>
    473       CVE
    474      </th>
    475      <th>
    476       
    477      </th>
    478      <th>
    479       
    480      </th>
    481      <th>
    482       
    483      </th>
    484      <th>
    485       
    486      </th>
    487     </tr>
    488     <tr>
    489      <td>
    490       CVE-2015-6639
    491      </td>
    492      <td>
    493       ANDROID-24446875*
    494      </td>
    495      <td>
    496       
    497      </td>
    498      <td>
    499       5.05.1.16.06.0.1
    500      </td>
    501      <td>
    502       2015  9  23 
    503      </td>
    504     </tr>
    505     <tr>
    506      <td>
    507       CVE-2015-6647
    508      </td>
    509      <td>
    510       ANDROID-24441554*
    511      </td>
    512      <td>
    513       
    514      </td>
    515      <td>
    516       5.05.1.16.06.0.1
    517      </td>
    518      <td>
    519       2015  9  27 
    520      </td>
    521     </tr>
    522    </tbody>
    523   </table>
    524   <p>
    525    *  AOSP 
    526    <a href="https://developers.google.com/android/nexus/drivers">
    527     Google  
    528    </a>
    529     Nexus  
    530   </p>
    531   <h3 id="elevation_of_privilege_vulnerability_in_kernel">
    532    
    533   </h3>
    534   <p>
    535     
    536   </p>
    537   <table>
    538    <tbody>
    539     <tr>
    540      <th>
    541       CVE
    542      </th>
    543      <th>
    544        AOSP 
    545      </th>
    546      <th>
    547       
    548      </th>
    549      <th>
    550       
    551      </th>
    552      <th>
    553       
    554      </th>
    555     </tr>
    556     <tr>
    557      <td>
    558       CVE-2015-6640
    559      </td>
    560      <td>
    561       <a href="https://android.googlesource.com/kernel%2Fcommon/+/69bfe2d957d903521d32324190c2754cb073be15">
    562        ANDROID-20017123
    563       </a>
    564      </td>
    565      <td>
    566       
    567      </td>
    568      <td>
    569       4.4.45.05.1.16.0
    570      </td>
    571      <td>
    572       Google 
    573      </td>
    574     </tr>
    575    </tbody>
    576   </table>
    577   <h3 id="elevation_of_privilege_vulnerability_in_bluetooth">
    578    Bluetooth 
    579   </h3>
    580   <p>
    581    Bluetooth Bluetooth 
    582    <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">
    583     dangerous
    584    </a>
    585    
    586   </p>
    587   <table>
    588    <tbody>
    589     <tr>
    590      <th>
    591       CVE
    592      </th>
    593      <th>
    594        AOSP 
    595      </th>
    596      <th>
    597       
    598      </th>
    599      <th>
    600       
    601      </th>
    602      <th>
    603       
    604      </th>
    605     </tr>
    606     <tr>
    607      <td>
    608       CVE-2015-6641
    609      </td>
    610      <td>
    611       <a href="https://android.googlesource.com/platform%2Fpackages%2Fapps%2FSettings/+/98f11fd1a4752beed56b5fe7a4097ec0ae0c74b3">
    612        ANDROID-23607427
    613       </a>
    614       [
    615       <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/ccbe7383e63d7d23bac6bccc8e4094fe474645ec">
    616        2
    617       </a>
    618       ]
    619      </td>
    620      <td>
    621       
    622      </td>
    623      <td>
    624       6.06.0.1
    625      </td>
    626      <td>
    627       Google 
    628      </td>
    629     </tr>
    630    </tbody>
    631   </table>
    632   <h3 id="information_disclosure_vulnerability_in_kernel">
    633    
    634   </h3>
    635   <p>
    636    
    637    <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">
    638     signature
    639    </a>
    640    
    641    <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">
    642     signatureOrSystem
    643    </a>
    644    
    645   </p>
    646   <table>
    647    <tbody>
    648     <tr>
    649      <th>
    650       CVE
    651      </th>
    652      <th>
    653       
    654      </th>
    655      <th>
    656       
    657      </th>
    658      <th>
    659       
    660      </th>
    661      <th>
    662       
    663      </th>
    664     </tr>
    665     <tr>
    666      <td>
    667       CVE-2015-6642
    668      </td>
    669      <td>
    670       ANDROID-24157888*
    671      </td>
    672      <td>
    673       
    674      </td>
    675      <td>
    676       4.4.45.05.1.16.0
    677      </td>
    678      <td>
    679       2015  9  12 
    680      </td>
    681     </tr>
    682    </tbody>
    683   </table>
    684   <p>
    685    *  AOSP 
    686    <a href="https://developers.google.com/android/nexus/drivers">
    687     Google  
    688    </a>
    689     Nexus  
    690   </p>
    691   <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard">
    692     
    693   </h3>
    694   <p>
    695     
    696   </p>
    697   <table>
    698    <tbody>
    699     <tr>
    700      <th>
    701       CVE
    702      </th>
    703      <th>
    704        AOSP 
    705      </th>
    706      <th>
    707       
    708      </th>
    709      <th>
    710       
    711      </th>
    712      <th>
    713       
    714      </th>
    715     </tr>
    716     <tr>
    717      <td>
    718       CVE-2015-6643
    719      </td>
    720      <td>
    721       <a href="https://android.googlesource.com/platform/packages/apps/Settings/+/665ac7bc29396fd5af2ecfdfda2b9de7a507daa0">
    722        ANDROID-25290269
    723       </a>
    724       [
    725       <a href="https://android.googlesource.com/platform/packages/apps/Settings/+/a7ff2e955d2509ed28deeef984347e093794f92b">
    726        2
    727       </a>
    728       ]
    729      </td>
    730      <td>
    731       
    732      </td>
    733      <td>
    734       5.1.16.06.0.1
    735      </td>
    736      <td>
    737       Google 
    738      </td>
    739     </tr>
    740    </tbody>
    741   </table>
    742   <h3 id="elevation_of_privilege_vulnerability_in_wi-fi">
    743    Wi-Fi 
    744   </h3>
    745   <p>
    746    Wi-Fi  Wi-Fi 
    747    <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">
    748     normal
    749    </a>
    750    
    751   </p>
    752   <table>
    753    <tbody>
    754     <tr>
    755      <th>
    756       CVE
    757      </th>
    758      <th>
    759        AOSP 
    760      </th>
    761      <th>
    762       
    763      </th>
    764      <th>
    765       
    766      </th>
    767      <th>
    768       
    769      </th>
    770     </tr>
    771     <tr>
    772      <td>
    773       CVE-2015-5310
    774      </td>
    775      <td>
    776       <a href="https://android.googlesource.com/platform%2Fexternal%2Fwpa_supplicant_8/+/1e9857b5f1dd84ac5a0ada0150b1b9c87d44d99d">
    777        ANDROID-25266660
    778       </a>
    779      </td>
    780      <td>
    781       
    782      </td>
    783      <td>
    784       4.4.45.05.1.16.06.0.1
    785      </td>
    786      <td>
    787       2015  10  25 
    788      </td>
    789     </tr>
    790    </tbody>
    791   </table>
    792   <h3 id="information_disclosure_vulnerability_in_bouncy_castle">
    793    Bouncy Castle 
    794   </h3>
    795   <p>
    796    Bouncy Castle 
    797    <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">
    798     dangerous
    799    </a>
    800    
    801   </p>
    802   <table>
    803    <tbody>
    804     <tr>
    805      <th>
    806       CVE
    807      </th>
    808      <th>
    809        AOSP 
    810      </th>
    811      <th>
    812       
    813      </th>
    814      <th>
    815       
    816      </th>
    817      <th>
    818       
    819      </th>
    820     </tr>
    821     <tr>
    822      <td>
    823       CVE-2015-6644
    824      </td>
    825      <td>
    826       <a href="https://android.googlesource.com/platform/external/bouncycastle/+/3e128c5fea3a0ca2d372aa09c4fd4bb0eadfbd3f">
    827        ANDROID-24106146
    828       </a>
    829      </td>
    830      <td>
    831       
    832      </td>
    833      <td>
    834       4.4.45.05.1.16.06.0.1
    835      </td>
    836      <td>
    837       Google 
    838      </td>
    839     </tr>
    840    </tbody>
    841   </table>
    842   <h3 id="denial_of_service_vulnerability_in_syncmanager">
    843    SyncManager 
    844   </h3>
    845   <p>
    846    SyncManager 
    847   </p>
    848   <table>
    849    <tbody>
    850     <tr>
    851      <th>
    852       CVE
    853      </th>
    854      <th>
    855        AOSP 
    856      </th>
    857      <th>
    858       
    859      </th>
    860      <th>
    861       
    862      </th>
    863      <th>
    864       
    865      </th>
    866     </tr>
    867     <tr>
    868      <td>
    869       CVE-2015-6645
    870      </td>
    871      <td>
    872       <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/c0f39c1ece72a05c796f7ba30b7a2b5b580d5025">
    873        ANDROID-23591205
    874       </a>
    875      </td>
    876      <td>
    877       
    878      </td>
    879      <td>
    880       4.4.45.05.1.16.0
    881      </td>
    882      <td>
    883       Google 
    884      </td>
    885     </tr>
    886    </tbody>
    887   </table>
    888   <h3 id="attack_surface_reduction_for_nexus_kernels">
    889    Nexus 
    890   </h3>
    891   <p>
    892    System V IPC  Android System V IPC  OS  System V IPC  Android  CVE-2015-7613 
    893   </p>
    894   <table>
    895    <tbody>
    896     <tr>
    897      <th>
    898       CVE
    899      </th>
    900      <th>
    901       
    902      </th>
    903      <th>
    904       
    905      </th>
    906      <th>
    907       
    908      </th>
    909      <th>
    910       
    911      </th>
    912     </tr>
    913     <tr>
    914      <td>
    915       CVE-2015-6646
    916      </td>
    917      <td>
    918       ANDROID-22300191*
    919      </td>
    920      <td>
    921       
    922      </td>
    923      <td>
    924       6.0
    925      </td>
    926      <td>
    927       Google 
    928      </td>
    929     </tr>
    930    </tbody>
    931   </table>
    932   <p>
    933    *  AOSP 
    934    <a href="https://developers.google.com/android/nexus/drivers">
    935     Google  
    936    </a>
    937     Nexus  
    938   </p>
    939   <h3 id="common_questions_and_answers">
    940    
    941   </h3>
    942   <p>
    943    
    944   </p>
    945   <p>
    946    <strong>
    947     1. 
    948    </strong>
    949   </p>
    950   <p>
    951    LMY49F  Android 6.0   2016  1  1   
    952    <a href="https://support.google.com/nexus/answer/4457705">
    953     Nexus 
    954    </a>
    955      [ro.build.version.security_patch]:[2016-01-01] 
    956   </p>
    957   <h2 id="revisions" style="margin-bottom:0px">
    958    
    959   </h2>
    960   <hr/>
    961   <ul>
    962    <li>
    963     2016  1  4 : 
    964    </li>
    965    <li>
    966     2016  1  6 :  AOSP 
    967    </li>
    968   </ul>
    969 
    970   </body>
    971 </html>
    972