1 <html devsite> 2 <head> 3 <title>Android - 2016 12 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2016 12 5 | 2016 12 7 </em></p> 27 <p> 28 Android Android Google OTAGoogle <a href="https://developers.google.com/android/nexus/images">Google </a>2016 12 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 29 </p> 30 <p> 31 2016 11 7 Android AOSP AOSP 32 </p> 33 <p> 34 35 </p> 36 <p> 37 <a href="/security/enhancements/index.html">Android </a> <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> <a href="#mitigations">Android Google </a>Android 38 </p> 39 <p> 40 41 </p> 42 <h2 id="announcements"></h2> 43 <ul> 44 <li>2 Android Android <a href="#common-questions-and-answers"></a> 45 <ul> 46 <li><strong>2016-12-01</strong>: 2016-12-01 </li> 47 <li><strong>2016-12-05</strong>: 2016-12-01 2016-12-05 </li> 48 </ul> 49 </li> 50 <li> Google 2016 12 5 1 OTA </li> 51 </ul> 52 <h2 id="security-vulnerability-summary"></h2> 53 <p> 54 CVEGoogle <a href="/security/overview/updates-resources.html#severity"></a> 55 </p> 56 <h3 id="2016-12-01-summary"> 2016-12-01 </h3> 57 <p> 58 2016-12-01 59 </p> 60 <table> 61 <col width="55%"> 62 <col width="20%"> 63 <col width="13%"> 64 <col width="12%"> 65 <tr> 66 <th></th> 67 <th>CVE</th> 68 <th></th> 69 <th>Google </th> 70 </tr> 71 <tr> 72 <td>CURL / LIBCURL </td> 73 <td>CVE-2016-5419CVE-2016-5420CVE-2016-5421</td> 74 <td></td> 75 <td></td> 76 </tr> 77 <tr> 78 <td>libziparchive </td> 79 <td>CVE-2016-6762</td> 80 <td></td> 81 <td></td> 82 </tr> 83 <tr> 84 <td>Telephony </td> 85 <td>CVE-2016-6763</td> 86 <td></td> 87 <td></td> 88 </tr> 89 <tr> 90 <td></td> 91 <td>CVE-2016-6766CVE-2016-6765CVE-2016-6764CVE-2016-6767</td> 92 <td></td> 93 <td></td> 94 </tr> 95 <tr> 96 <td>Framesequence </td> 97 <td>CVE-2016-6768</td> 98 <td></td> 99 <td></td> 100 </tr> 101 <tr> 102 <td>Smart Lock </td> 103 <td>CVE-2016-6769</td> 104 <td></td> 105 <td>*</td> 106 </tr> 107 <tr> 108 <td> API </td> 109 <td>CVE-2016-6770</td> 110 <td></td> 111 <td></td> 112 </tr> 113 <tr> 114 <td>Telephony </td> 115 <td>CVE-2016-6771</td> 116 <td></td> 117 <td></td> 118 </tr> 119 <tr> 120 <td>Wi-Fi </td> 121 <td>CVE-2016-6772</td> 122 <td></td> 123 <td></td> 124 </tr> 125 <tr> 126 <td></td> 127 <td>CVE-2016-6773</td> 128 <td></td> 129 <td></td> 130 </tr> 131 <tr> 132 <td>Package Manager </td> 133 <td>CVE-2016-6774</td> 134 <td></td> 135 <td></td> 136 </tr> 137 </table> 138 <p> 139 * Android 7.0 Google 140 </p> 141 <h3 id="2016-12-05-summary"> 2016-12-05 </h3> 142 <p> 143 2016-12-05 2016-12-01 144 </p> 145 <table> 146 <col width="55%"> 147 <col width="20%"> 148 <col width="13%"> 149 <col width="12%"> 150 <tr> 151 <th></th> 152 <th>CVE</th> 153 <th></th> 154 <th>Google </th> 155 </tr> 156 <tr> 157 <td> </td> 158 <td>CVE-2016-4794CVE-2016-5195</td> 159 <td></td> 160 <td></td> 161 </tr> 162 <tr> 163 <td>NVIDIA GPU </td> 164 <td>CVE-2016-6775CVE-2016-6776CVE-2016-6777</td> 165 <td></td> 166 <td></td> 167 </tr> 168 <tr> 169 <td></td> 170 <td>CVE-2015-8966</td> 171 <td></td> 172 <td>*</td> 173 </tr> 174 <tr> 175 <td>NVIDIA </td> 176 <td>CVE-2016-6915CVE-2016-6916CVE-2016-6917</td> 177 <td></td> 178 <td></td> 179 </tr> 180 <tr> 181 <td> ION </td> 182 <td>CVE-2016-9120</td> 183 <td></td> 184 <td></td> 185 </tr> 186 <tr> 187 <td>Qualcomm </td> 188 <td>CVE-2016-8411</td> 189 <td></td> 190 <td></td> 191 </tr> 192 <tr> 193 <td> </td> 194 <td>CVE-2014-4014</td> 195 <td></td> 196 <td></td> 197 </tr> 198 <tr> 199 <td></td> 200 <td>CVE-2015-8967</td> 201 <td></td> 202 <td></td> 203 </tr> 204 <tr> 205 <td>HTC </td> 206 <td>CVE-2016-6778CVE-2016-6779CVE-2016-6780</td> 207 <td></td> 208 <td></td> 209 </tr> 210 <tr> 211 <td>MediaTek </td> 212 <td>CVE-2016-6492CVE-2016-6781CVE-2016-6782CVE-2016-6783CVE-2016-6784CVE-2016-6785</td> 213 <td></td> 214 <td>*</td> 215 </tr> 216 <tr> 217 <td>Qualcomm </td> 218 <td>CVE-2016-6761CVE-2016-6760CVE-2016-6759CVE-2016-6758</td> 219 <td></td> 220 <td></td> 221 </tr> 222 <tr> 223 <td>Qualcomm </td> 224 <td>CVE-2016-6755</td> 225 <td></td> 226 <td></td> 227 </tr> 228 <tr> 229 <td> </td> 230 <td>CVE-2016-6786CVE-2016-6787</td> 231 <td></td> 232 <td></td> 233 </tr> 234 <tr> 235 <td>MediaTek I2C </td> 236 <td>CVE-2016-6788</td> 237 <td></td> 238 <td>*</td> 239 </tr> 240 <tr> 241 <td>NVIDIA libomx </td> 242 <td>CVE-2016-6789CVE-2016-6790</td> 243 <td></td> 244 <td></td> 245 </tr> 246 <tr> 247 <td>Qualcomm </td> 248 <td>CVE-2016-6791CVE-2016-8391CVE-2016-8392</td> 249 <td></td> 250 <td></td> 251 </tr> 252 <tr> 253 <td> </td> 254 <td>CVE-2015-7872</td> 255 <td></td> 256 <td></td> 257 </tr> 258 <tr> 259 <td>Synaptics </td> 260 <td>CVE-2016-8393CVE-2016-8394</td> 261 <td></td> 262 <td></td> 263 </tr> 264 <tr> 265 <td>Broadcom Wi-Fi </td> 266 <td>CVE-2014-9909CVE-2014-9910</td> 267 <td></td> 268 <td>*</td> 269 </tr> 270 <tr> 271 <td>MediaTek </td> 272 <td>CVE-2016-8396</td> 273 <td></td> 274 <td>*</td> 275 </tr> 276 <tr> 277 <td>NVIDIA </td> 278 <td>CVE-2016-8397</td> 279 <td></td> 280 <td></td> 281 </tr> 282 <tr> 283 <td>GPS </td> 284 <td>CVE-2016-5341</td> 285 <td></td> 286 <td></td> 287 </tr> 288 <tr> 289 <td>NVIDIA </td> 290 <td>CVE-2016-8395</td> 291 <td></td> 292 <td></td> 293 </tr> 294 <tr> 295 <td> </td> 296 <td>CVE-2016-8399</td> 297 <td></td> 298 <td></td> 299 </tr> 300 <tr> 301 <td>Qualcomm </td> 302 <td>CVE-2016-6756CVE-2016-6757</td> 303 <td></td> 304 <td></td> 305 </tr> 306 <tr> 307 <td>NVIDIA librm </td> 308 <td>CVE-2016-8400</td> 309 <td></td> 310 <td></td> 311 </tr> 312 <tr> 313 <td> </td> 314 <td>CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8404CVE-2016-8405CVE-2016-8406CVE-2016-8407</td> 315 <td></td> 316 <td></td> 317 </tr> 318 <tr> 319 <td>NVIDIA </td> 320 <td>CVE-2016-8408CVE-2016-8409</td> 321 <td></td> 322 <td></td> 323 </tr> 324 <tr> 325 <td>Qualcomm </td> 326 <td>CVE-2016-8410</td> 327 <td></td> 328 <td></td> 329 </tr> 330 </table> 331 <p> 332 * Android 7.0 Google 333 </p> 334 <h2 id="mitigations">Android Google </h2> 335 <p> 336 <a href="/security/enhancements/index.html">Android </a> SafetyNet Android 337 </p> 338 <ul> 339 <li>Android Android Google Android </li> 340 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a><a href="http://www.android.com/gms">Google </a>Google Play Google Play </li> 341 <li>Google </li> 342 </ul> 343 344 <h2 id="acknowledgements"></h2> 345 <p> 346 347 </p> 348 349 <ul> 350 <li>Alibaba Mobile Security Group Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi ZhangYang Song: CVE-2016-6783CVE-2016-6784CVE-2016-6785</li> 351 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Mingjian Zhou<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6789CVE-2016-6790</li> 352 <li>Christian Seel: CVE-2016-6769</li> 353 <li>Google David BenjaminKenny Root: CVE-2016-6767</li> 354 <li>TencentKeenLab<a href="https://twitter.com/keen_lab">@keen_lab</a> Di Shen<a href="https://twitter.com/returnsme">@returnsme</a>: CVE-2016-6776CVE-2016-6787</li> 355 <li><a href="http://www.ms509.com">MS509Team</a> En He<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>: CVE-2016-6763</li> 356 <li>Qihoo 360 Technology Co. Ltd.IceSword Lab Gengjia Chen<a href="https://twitter.com/chengjia4574">@chengjia4574</a>Qihoo 360 Technology Co. Ltd.IceSword Lab <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6779CVE-2016-6778CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8409CVE-2016-8408CVE-2016-8404</li> 357 <li>Qihoo 360 Technology Co. Ltd.IceSword Lab Jianqiang Zhao<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>Qihoo 360 Technology Co. Ltd.IceSword Lab <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6788CVE-2016-6781CVE-2016-6782CVE-2016-8396</li> 358 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6791CVE-2016-8391CVE-2016-8392</li> 359 <li>Project Zero Mark Brand: CVE-2016-6772</li> 360 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>: CVE-2016-6770CVE-2016-6774</li> 361 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a><a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6761CVE-2016-6759CVE-2016-8400</li> 362 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6760</li> 363 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a><a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6759</li> 364 <li>Tesla Motors Product Security Team Nathan Crandall<a href="https://twitter.com/natecray">@natecray</a>: CVE-2016-6915CVE-2016-6916CVE-2016-6917</li> 365 <li>Nightwatch Cybersecurity Research<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>: CVE-2016-5341</li> 366 <li>Baidu X-Lab Pengfei DingChenfu BaoLenx Wei: CVE-2016-6755CVE-2016-6756</li> 367 <li>Trend Micro Peter Pi<a href="https://twitter.com/heisecode">@heisecode</a>: CVE-2016-8397CVE-2016-8405CVE-2016-8406CVE-2016-8407</li> 368 <li>TencentKeenLab Qidan He<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>: CVE-2016-8399CVE-2016-8395</li> 369 <li>TencentKeenLab Qidan He<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>Marco Grassi<a href="https://twitter.com/marcograss">@marcograss</a>: CVE-2016-6768</li> 370 <li>Richard Shupak: CVE-2016-5341</li> 371 <li>IBM X-Force Research Sagi Kedmi: CVE-2016-8393CVE-2016-8394</li> 372 <li>Trend Micro Inc.Mobile Threat Research Team Seven Shen<a href="https://twitter.com/lingtongshen">@lingtongshen</a>: CVE-2016-6757</li> 373 <li>Alibaba Inc Weichao Sun<a href="https://twitter.com/sunblate">@sunblate</a>: CVE-2016-6773</li> 374 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6765</li> 375 <li><a href="http://www.trendmicro.com">Trend Micro Inc.</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile Threat Response Team</a> Wish Wu<a href="https://twitter.com/wish_wu">@wish_wu</a><a href="http://weibo.com/wishlinux"></a>: CVE-2016-6704</li> 376 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6786CVE-2016-6780CVE-2016-6775</li> 377 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-6777</li> 378 <li>Tencent Security Platform Department Yuxiang Li: CVE-2016-6771</li> 379 <li>Qihoo 360 Technology Co. Ltd.Chengdu Security Response Center Zhe Jin: CVE-2016-6764CVE-2016-6766</li> 380 <li>Qihoo 360 Technology Co. Ltd.Chengdu Security Response Center <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: CVE-2016-6762</li> 381 </ul> 382 <p> 383 Bottle Tech MengLuo Gou<a href="https://twitter.com/idhyt3r">@idhyt3r</a>Google Yong Wang<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>Zubin Mithra 384 </p> 385 386 <h2 id="2016-12-01-details"> 2016-12-01 </h2> 387 <p> 388 <a href="#2016-12-01-summary"> 2016-12-01 </a>CVE Google AOSP AOSP ID ID </p> 389 390 391 <h3 id="rce-in-curl-libcurl">CURL / LIBCURL </h3> 392 <p> 393 CURL LIBCURL 394 </p> 395 396 <table> 397 <col width="18%"> 398 <col width="18%"> 399 <col width="10%"> 400 <col width="19%"> 401 <col width="17%"> 402 <col width="17%"> 403 <tr> 404 <th>CVE</th> 405 <th></th> 406 <th></th> 407 <th> Google </th> 408 <th> AOSP </th> 409 <th></th> 410 </tr> 411 <tr> 412 <td>CVE-2016-5419</td> 413 <td>A-31271247</td> 414 <td></td> 415 <td></td> 416 <td>7.0</td> 417 <td>2016 8 3 </td> 418 </tr> 419 <tr> 420 <td>CVE-2016-5420</td> 421 <td>A-31271247</td> 422 <td></td> 423 <td></td> 424 <td>7.0</td> 425 <td>2016 8 3 </td> 426 </tr> 427 <tr> 428 <td>CVE-2016-5421</td> 429 <td>A-31271247</td> 430 <td></td> 431 <td></td> 432 <td>7.0</td> 433 <td>2016 8 3 </td> 434 </tr> 435 </table> 436 437 438 <h3 id="eop-in-libziparchive">libziparchive </h3> 439 <p> 440 libziparchive 441 </p> 442 443 <table> 444 <col width="18%"> 445 <col width="18%"> 446 <col width="10%"> 447 <col width="19%"> 448 <col width="17%"> 449 <col width="17%"> 450 <tr> 451 <th>CVE</th> 452 <th></th> 453 <th></th> 454 <th> Google </th> 455 <th> AOSP </th> 456 <th></th> 457 </tr> 458 <tr> 459 <td>CVE-2016-6762</td> 460 <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c"> 461 A-31251826</a> 462 [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>] 463 </td> 464 <td></td> 465 <td></td> 466 <td>5.0.25.1.16.06.0.17.0</td> 467 <td>2016 8 28 </td> 468 </tr> 469 </table> 470 471 472 <h3 id="dos-in-telephony">Telephony </h3> 473 <p> 474 Telephony 475 </p> 476 477 <table> 478 <col width="18%"> 479 <col width="18%"> 480 <col width="10%"> 481 <col width="19%"> 482 <col width="17%"> 483 <col width="17%"> 484 <tr> 485 <th>CVE</th> 486 <th></th> 487 <th></th> 488 <th> Google </th> 489 <th> AOSP </th> 490 <th></th> 491 </tr> 492 <tr> 493 <td>CVE-2016-6763</td> 494 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1294620627b1e9afdf4bd0ad51c25ed3daf80d84"> 495 A-31530456</a></td> 496 <td></td> 497 <td></td> 498 <td>4.4.45.0.25.1.16.06.0.17.0</td> 499 <td>2016 9 12 </td> 500 </tr> 501 </table> 502 503 504 <h3 id="dos-in-mediaserver"></h3> 505 <p> 506 507 </p> 508 509 <table> 510 <col width="18%"> 511 <col width="18%"> 512 <col width="10%"> 513 <col width="19%"> 514 <col width="17%"> 515 <col width="17%"> 516 <tr> 517 <th>CVE</th> 518 <th></th> 519 <th></th> 520 <th> Google </th> 521 <th> AOSP </th> 522 <th></th> 523 </tr> 524 <tr> 525 <td>CVE-2016-6766 </td> 526 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 527 A-31318219</a></td> 528 <td></td> 529 <td></td> 530 <td>4.4.45.0.25.1.16.06.0.17.0</td> 531 <td>2016 9 5 </td> 532 </tr> 533 <tr> 534 <td>CVE-2016-6765</td> 535 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/fd9cc97d4dfe2a2fbce2c0f1704d7a27ce7cbc44"> 536 A-31449945</a></td> 537 <td></td> 538 <td></td> 539 <td>4.4.45.0.25.1.17.0</td> 540 <td>2016 9 13 </td> 541 </tr> 542 <tr> 543 <td>CVE-2016-6764</td> 544 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 545 A-31681434</a></td> 546 <td></td> 547 <td></td> 548 <td>4.4.45.0.25.1.16.06.0.17.0</td> 549 <td>2016 9 22 </td> 550 </tr> 551 <tr> 552 <td>CVE-2016-6767</td> 553 <td>A-31833604</td> 554 <td></td> 555 <td>*</td> 556 <td>4.4.4</td> 557 <td>Google </td> 558 </tr> 559 </table> 560 561 <p> 562 * Android 7.0 Google 563 </p> 564 565 566 <h3 id="rce-in-framesequence-library">Framesequence </h3> 567 <p> 568 Framesequence Framesequence 569 </p> 570 571 <table> 572 <col width="18%"> 573 <col width="18%"> 574 <col width="10%"> 575 <col width="19%"> 576 <col width="17%"> 577 <col width="17%"> 578 <tr> 579 <th>CVE</th> 580 <th></th> 581 <th></th> 582 <th> Google </th> 583 <th> AOSP </th> 584 <th></th> 585 </tr> 586 <tr> 587 <td>CVE-2016-6768</td> 588 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/0ada9456d0270cb0e357a43d9187a6418d770760"> 589 A-31631842</a></td> 590 <td></td> 591 <td></td> 592 <td>5.0.25.1.16.06.0.17.0</td> 593 <td>2016 9 19 </td> 594 </tr> 595 </table> 596 597 598 <h3 id="eop-in-smart-lock">Smart Lock </h3> 599 <p> 600 Smart Lock PIN Smart Lock Smart Lock 601 </p> 602 603 <table> 604 <col width="18%"> 605 <col width="18%"> 606 <col width="10%"> 607 <col width="19%"> 608 <col width="17%"> 609 <col width="17%"> 610 <tr> 611 <th>CVE</th> 612 <th></th> 613 <th></th> 614 <th> Google </th> 615 <th> AOSP </th> 616 <th></th> 617 </tr> 618 <tr> 619 <td>CVE-2016-6769</td> 620 <td>A-29055171</td> 621 <td></td> 622 <td>*</td> 623 <td>5.0.25.1.16.06.0.1</td> 624 <td>2016 5 27 </td> 625 </tr> 626 </table> 627 <p> 628 * Android 7.0 Google 629 </p> 630 631 632 <h3 id="eop-in-framework-apis"> API </h3> 633 <p> 634 API 635 </p> 636 637 <table> 638 <col width="18%"> 639 <col width="18%"> 640 <col width="10%"> 641 <col width="19%"> 642 <col width="17%"> 643 <col width="17%"> 644 <tr> 645 <th>CVE</th> 646 <th></th> 647 <th></th> 648 <th> Google </th> 649 <th> AOSP </th> 650 <th></th> 651 </tr> 652 <tr> 653 <td>CVE-2016-6770</td> 654 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc"> 655 A-30202228</a></td> 656 <td></td> 657 <td></td> 658 <td>4.4.45.0.25.1.16.06.0.17.0</td> 659 <td>2016 7 16 </td> 660 </tr> 661 </table> 662 663 664 <h3 id="eop-in-telephony">Telephony </h3> 665 <p> 666 Telephony 667 </p> 668 669 <table> 670 <col width="18%"> 671 <col width="18%"> 672 <col width="10%"> 673 <col width="19%"> 674 <col width="17%"> 675 <col width="17%"> 676 <tr> 677 <th>CVE</th> 678 <th></th> 679 <th></th> 680 <th> Google </th> 681 <th> AOSP </th> 682 <th></th> 683 </tr> 684 <tr> 685 <td>CVE-2016-6771</td> 686 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a39ff9526aee6f2ea4f6e02412db7b33d486fd7d"> 687 A-31566390</a></td> 688 <td></td> 689 <td></td> 690 <td>6.06.0.17.0</td> 691 <td>2016 9 17 </td> 692 </tr> 693 </table> 694 695 696 <h3 id="eop-in-wi-fi">Wi-Fi </h3> 697 <p> 698 Wi-Fi 699 </p> 700 701 <table> 702 <col width="18%"> 703 <col width="18%"> 704 <col width="10%"> 705 <col width="19%"> 706 <col width="17%"> 707 <col width="17%"> 708 <tr> 709 <th>CVE</th> 710 <th></th> 711 <th></th> 712 <th> Google </th> 713 <th> AOSP </th> 714 <th></th> 715 </tr> 716 <tr> 717 <td>CVE-2016-6772</td> 718 <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484"> 719 A-31856351</a> 720 [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> 721 <td></td> 722 <td></td> 723 <td>5.0.25.1.16.06.0.17.0</td> 724 <td>2016 9 30 </td> 725 </tr> 726 </table> 727 728 729 <h3 id="id-in-mediaserver"></h3> 730 <p> 731 732 </p> 733 734 <table> 735 <col width="18%"> 736 <col width="18%"> 737 <col width="10%"> 738 <col width="19%"> 739 <col width="17%"> 740 <col width="17%"> 741 <tr> 742 <th>CVE</th> 743 <th></th> 744 <th></th> 745 <th> Google </th> 746 <th> AOSP </th> 747 <th></th> 748 </tr> 749 <tr> 750 <td>CVE-2016-6773</td> 751 <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0"> 752 A-30481714</a> 753 [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> 754 <td></td> 755 <td></td> 756 <td>6.06.0.17.0</td> 757 <td>2016 7 27 </td> 758 </tr> 759 </table> 760 761 762 <h3 id="id-in-package-manager">Package Manager </h3> 763 <p> 764 Package Manager 765 </p> 766 767 <table> 768 <col width="18%"> 769 <col width="18%"> 770 <col width="10%"> 771 <col width="19%"> 772 <col width="17%"> 773 <col width="17%"> 774 <tr> 775 <th>CVE</th> 776 <th></th> 777 <th></th> 778 <th> Google </th> 779 <th> AOSP </th> 780 <th></th> 781 </tr> 782 <tr> 783 <td>CVE-2016-6774</td> 784 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e2d4f5fc313ecb4ba587b20fff6d346f8cd51775"> 785 A-31251489</a></td> 786 <td></td> 787 <td></td> 788 <td>7.0</td> 789 <td>2016 8 29 </td> 790 </tr> 791 </table> 792 793 794 <h2 id="2016-12-05-details"> 2016-12-05 </h2> 795 <p> 796 <a href="#2016-12-05-summary"> 2016-12-05 </a>CVE Google AOSP AOSP ID ID </p> 797 798 <h3 id="eop-in-kernel-memory-subsystem"> </h3> 799 <p> 800 801 </p> 802 803 <table> 804 <col width="19%"> 805 <col width="20%"> 806 <col width="10%"> 807 <col width="23%"> 808 <col width="17%"> 809 <tr> 810 <th>CVE</th> 811 <th></th> 812 <th></th> 813 <th> Google </th> 814 <th></th> 815 </tr> 816 <tr> 817 <td>CVE-2016-4794</td> 818 <td>A-31596597<br> 819 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"> 820 </a> 821 [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> 822 <td></td> 823 <td>Pixel CPixelPixel XL</td> 824 <td>2016 4 17 </td> 825 </tr> 826 <tr> 827 <td>CVE-2016-5195</td> 828 <td>A-32141528<br> 829 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> 830 </a> 831 [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> 832 <td></td> 833 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 834 <td>2016 10 12 </td> 835 </tr> 836 </table> 837 838 839 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 840 <p> 841 NVIDIA GPU 842 </p> 843 844 <table> 845 <col width="19%"> 846 <col width="20%"> 847 <col width="10%"> 848 <col width="23%"> 849 <col width="17%"> 850 <tr> 851 <th>CVE</th> 852 <th></th> 853 <th></th> 854 <th> Google </th> 855 <th></th> 856 </tr> 857 <tr> 858 <td>CVE-2016-6775</td> 859 <td>A-31222873*<br>N-CVE-2016-6775</td> 860 <td></td> 861 <td>Nexus 9</td> 862 <td>2016 8 25 </td> 863 </tr> 864 <tr> 865 <td>CVE-2016-6776</td> 866 <td>A-31680980*<br>N-CVE-2016-6776</td> 867 <td></td> 868 <td>Nexus 9</td> 869 <td>2016 9 22 </td> 870 </tr> 871 <tr> 872 <td>CVE-2016-6777</td> 873 <td>A-31910462*<br>N-CVE-2016-6777</td> 874 <td></td> 875 <td>Nexus 9</td> 876 <td>2016 10 3 </td> 877 </tr> 878 </table> 879 <p> 880 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 881 </p> 882 883 <h3 id="eop-in-kernel"></h3> 884 <p> 885 886 </p> 887 888 <table> 889 <col width="19%"> 890 <col width="20%"> 891 <col width="10%"> 892 <col width="23%"> 893 <col width="17%"> 894 <tr> 895 <th>CVE</th> 896 <th></th> 897 <th></th> 898 <th> Google </th> 899 <th></th> 900 </tr> 901 <tr> 902 <td>CVE-2015-8966</td> 903 <td>A-31435731<br> 904 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> 905 </a></td> 906 <td></td> 907 <td>*</td> 908 <td>2016 9 10 </td> 909 </tr> 910 </table> 911 <p> 912 * Android 7.0 Google 913 </p> 914 915 916 <h3 id="eop-in-nvidia-video-driver">NVIDIA </h3> 917 <p> 918 NVIDIA 919 </p> 920 921 <table> 922 <col width="19%"> 923 <col width="20%"> 924 <col width="10%"> 925 <col width="23%"> 926 <col width="17%"> 927 <tr> 928 <th>CVE</th> 929 <th></th> 930 <th></th> 931 <th> Google </th> 932 <th></th> 933 </tr> 934 <tr> 935 <td>CVE-2016-6915</td> 936 <td>A-31471161* 937 <br>N-CVE-2016-6915</td> 938 <td></td> 939 <td>Nexus 9</td> 940 <td>2016 9 13 </td> 941 </tr> 942 <tr> 943 <td>CVE-2016-6916</td> 944 <td>A-32072350* 945 <br>N-CVE-2016-6916</td> 946 <td></td> 947 <td>Nexus 9Pixel C</td> 948 <td>2016 9 13 </td> 949 </tr> 950 <tr> 951 <td>CVE-2016-6917</td> 952 <td>A-32072253* 953 <br></td> 954 <td></td> 955 <td>Nexus 9</td> 956 <td>2016 9 13 </td> 957 </tr> 958 </table> 959 <p> 960 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 961 </p> 962 963 <h3 id="eop-in-kernel-ion-driver"> ION </h3> 964 <p> 965 ION 966 </p> 967 968 <table> 969 <col width="19%"> 970 <col width="20%"> 971 <col width="10%"> 972 <col width="23%"> 973 <col width="17%"> 974 <tr> 975 <th>CVE</th> 976 <th></th> 977 <th></th> 978 <th> Google </th> 979 <th></th> 980 </tr> 981 <tr> 982 <td>CVE-2016-9120</td> 983 <td>A-31568617<br> 984 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> 985 </a></td> 986 <td></td> 987 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus Player</td> 988 <td>2016 9 16 </td> 989 </tr> 990 </table> 991 992 <h3>Qualcomm </h3> 993 <p> 994 Qualcomm Qualcomm AMSS November 2015 </p> 995 <table> 996 <col width="19%"> 997 <col width="20%"> 998 <col width="10%"> 999 <col width="23%"> 1000 <col width="17%"> 1001 <tr> 1002 <th>CVE</th> 1003 <th></th> 1004 <th>*</th> 1005 <th> Google </th> 1006 <th></th> 1007 </tr> 1008 <tr> 1009 <td>CVE-2016-8411</td> 1010 <td>A-31805216**</td> 1011 <td></td> 1012 <td>Nexus 6Nexus 6PAndroid One</td> 1013 <td>Qualcomm </td> 1014 </tr> 1015 </table> 1016 <p>* </p> 1017 <p>** <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1018 </p> 1019 1020 <h3 id="eop-in-kernel-file-system"> </h3> 1021 <p> 1022 1023 </p> 1024 1025 <table> 1026 <col width="19%"> 1027 <col width="20%"> 1028 <col width="10%"> 1029 <col width="23%"> 1030 <col width="17%"> 1031 <tr> 1032 <th>CVE</th> 1033 <th></th> 1034 <th></th> 1035 <th> Google </th> 1036 <th></th> 1037 </tr> 1038 <tr> 1039 <td>CVE-2014-4014</td> 1040 <td>A-31252187<br> 1041 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> 1042 </a></td> 1043 <td></td> 1044 <td>Nexus 6Nexus Player</td> 1045 <td>2014 6 10 </td> 1046 </tr> 1047 </table> 1048 1049 1050 <h3 id="eop-in-kernel-2"></h3> 1051 <p> 1052 1053 </p> 1054 1055 <table> 1056 <col width="19%"> 1057 <col width="20%"> 1058 <col width="10%"> 1059 <col width="23%"> 1060 <col width="17%"> 1061 <tr> 1062 <th>CVE</th> 1063 <th></th> 1064 <th></th> 1065 <th> Google </th> 1066 <th></th> 1067 </tr> 1068 <tr> 1069 <td>CVE-2015-8967</td> 1070 <td>A-31703084<br> 1071 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> 1072 </a></td> 1073 <td></td> 1074 <td>Nexus 5XNexus 6PNexus 9Pixel CPixelPixel XL</td> 1075 <td>2015 1 8 </td> 1076 </tr> 1077 </table> 1078 1079 1080 <h3 id="eop-in-htc-sound-codec-driver">HTC </h3> 1081 <p> 1082 HTC 1083 </p> 1084 1085 <table> 1086 <col width="19%"> 1087 <col width="20%"> 1088 <col width="10%"> 1089 <col width="23%"> 1090 <col width="17%"> 1091 <tr> 1092 <th>CVE</th> 1093 <th></th> 1094 <th></th> 1095 <th> Google </th> 1096 <th></th> 1097 </tr> 1098 <tr> 1099 <td>CVE-2016-6778</td> 1100 <td>A-31384646*</td> 1101 <td></td> 1102 <td>Nexus 9</td> 1103 <td>2016 2 25 </td> 1104 </tr> 1105 <tr> 1106 <td>CVE-2016-6779</td> 1107 <td>A-31386004*</td> 1108 <td></td> 1109 <td>Nexus 9</td> 1110 <td>2016 2 25 </td> 1111 </tr> 1112 <tr> 1113 <td>CVE-2016-6780</td> 1114 <td>A-31251496*</td> 1115 <td></td> 1116 <td>Nexus 9</td> 1117 <td>2016 8 30 </td> 1118 </tr> 1119 </table> 1120 <p> 1121 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1122 </p> 1123 1124 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1125 <p> 1126 MediaTek 1127 </p> 1128 1129 <table> 1130 <col width="19%"> 1131 <col width="20%"> 1132 <col width="10%"> 1133 <col width="23%"> 1134 <col width="17%"> 1135 <tr> 1136 <th>CVE</th> 1137 <th></th> 1138 <th></th> 1139 <th> Google </th> 1140 <th></th> 1141 </tr> 1142 <tr> 1143 <td>CVE-2016-6492</td> 1144 <td>A-28175122<br>MT-ALPS02696413</td> 1145 <td></td> 1146 <td>*</td> 1147 <td>2016 4 11 </td> 1148 </tr> 1149 <tr> 1150 <td>CVE-2016-6781</td> 1151 <td>A-31095175<br>MT-ALPS02943455</td> 1152 <td></td> 1153 <td>*</td> 1154 <td>2016 8 22 </td> 1155 </tr> 1156 <tr> 1157 <td>CVE-2016-6782</td> 1158 <td>A-31224389<br>MT-ALPS02943506</td> 1159 <td></td> 1160 <td>*</td> 1161 <td>2016 8 24 </td> 1162 </tr> 1163 <tr> 1164 <td>CVE-2016-6783</td> 1165 <td>A-31350044<br>MT-ALPS02943437</td> 1166 <td></td> 1167 <td>*</td> 1168 <td>2016 9 6 </td> 1169 </tr> 1170 <tr> 1171 <td>CVE-2016-6784</td> 1172 <td>A-31350755<br>MT-ALPS02961424</td> 1173 <td></td> 1174 <td>*</td> 1175 <td>2016 9 6 </td> 1176 </tr> 1177 <tr> 1178 <td>CVE-2016-6785</td> 1179 <td>A-31748056<br>MT-ALPS02961400</td> 1180 <td></td> 1181 <td>*</td> 1182 <td>2016 9 25 </td> 1183 </tr> 1184 </table> 1185 <p> 1186 * Android 7.0 Google 1187 </p> 1188 1189 1190 <h3 id="eop-in-qualcomm-media-codecs">Qualcomm </h3> 1191 <p> 1192 Qualcomm 1193 </p> 1194 1195 <table> 1196 <col width="19%"> 1197 <col width="20%"> 1198 <col width="10%"> 1199 <col width="23%"> 1200 <col width="17%"> 1201 <tr> 1202 <th>CVE</th> 1203 <th></th> 1204 <th></th> 1205 <th> Google </th> 1206 <th></th> 1207 </tr> 1208 <tr> 1209 <td>CVE-2016-6761</td> 1210 <td>A-29421682* 1211 <br>QC-CR#1055792</td> 1212 <td></td> 1213 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1214 <td>2016 6 16 </td> 1215 </tr> 1216 <tr> 1217 <td>CVE-2016-6760</td> 1218 <td>A-29617572* 1219 <br>QC-CR#1055783</td> 1220 <td></td> 1221 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1222 <td>2016 6 23 </td> 1223 </tr> 1224 <tr> 1225 <td>CVE-2016-6759</td> 1226 <td>A-29982686* 1227 <br>QC-CR#1055766</td> 1228 <td></td> 1229 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1230 <td>2016 7 4 </td> 1231 </tr> 1232 <tr> 1233 <td>CVE-2016-6758</td> 1234 <td>A-30148882* 1235 <br>QC-CR#1071731</td> 1236 <td></td> 1237 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1238 <td>2016 7 13 </td> 1239 </tr> 1240 </table> 1241 <p> 1242 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1243 </p> 1244 1245 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3> 1246 <p> 1247 Qualcomm 1248 </p> 1249 1250 <table> 1251 <col width="19%"> 1252 <col width="20%"> 1253 <col width="10%"> 1254 <col width="23%"> 1255 <col width="17%"> 1256 <tr> 1257 <th>CVE</th> 1258 <th></th> 1259 <th></th> 1260 <th> Google </th> 1261 <th></th> 1262 </tr> 1263 <tr> 1264 <td>CVE-2016-6755</td> 1265 <td>A-30740545<br> 1266 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> 1267 QC-CR#1065916</a></td> 1268 <td></td> 1269 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1270 <td>2016 8 3 </td> 1271 </tr> 1272 </table> 1273 1274 1275 <h3 id="eop-in-kernel-performance-subsystem"> </h3> 1276 <p> 1277 1278 </p> 1279 1280 <table> 1281 <col width="19%"> 1282 <col width="20%"> 1283 <col width="10%"> 1284 <col width="23%"> 1285 <col width="17%"> 1286 <tr> 1287 <th>CVE</th> 1288 <th></th> 1289 <th></th> 1290 <th> Google </th> 1291 <th></th> 1292 </tr> 1293 <tr> 1294 <td>CVE-2016-6786</td> 1295 <td>A-30955111 1296 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"> </a></td> 1297 <td></td> 1298 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1299 <td>2016 8 18 </td> 1300 </tr> 1301 <tr> 1302 <td>CVE-2016-6787</td> 1303 <td>A-31095224 1304 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"> </a></td> 1305 <td></td> 1306 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1307 <td>2016 8 22 </td> 1308 </tr> 1309 </table> 1310 1311 1312 <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C </h3> 1313 <p> 1314 MediaTek I2C 1315 </p> 1316 1317 <table> 1318 <col width="19%"> 1319 <col width="20%"> 1320 <col width="10%"> 1321 <col width="23%"> 1322 <col width="17%"> 1323 <tr> 1324 <th>CVE</th> 1325 <th></th> 1326 <th></th> 1327 <th> Google </th> 1328 <th></th> 1329 </tr> 1330 <tr> 1331 <td>CVE-2016-6788</td> 1332 <td>A-31224428<br>MT-ALPS02943467</td> 1333 <td></td> 1334 <td>*</td> 1335 <td>2016 8 24 </td> 1336 </tr> 1337 </table> 1338 <p> 1339 * Android 7.0 Google 1340 </p> 1341 1342 1343 <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx </h3> 1344 <p> 1345 NVIDIA libomx libnvomx 1346 </p> 1347 1348 <table> 1349 <col width="19%"> 1350 <col width="20%"> 1351 <col width="10%"> 1352 <col width="23%"> 1353 <col width="17%"> 1354 <tr> 1355 <th>CVE</th> 1356 <th></th> 1357 <th></th> 1358 <th> Google </th> 1359 <th></th> 1360 </tr> 1361 <tr> 1362 <td>CVE-2016-6789</td> 1363 <td>A-31251973* 1364 <br>N-CVE-2016-6789</td> 1365 <td></td> 1366 <td>Pixel C</td> 1367 <td>2016 8 29 </td> 1368 </tr> 1369 <tr> 1370 <td>CVE-2016-6790</td> 1371 <td>A-31251628* 1372 <br>N-CVE-2016-6790</td> 1373 <td></td> 1374 <td>Pixel C</td> 1375 <td>2016 8 28 </td> 1376 </tr> 1377 </table> 1378 <p> 1379 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1380 </p> 1381 1382 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1383 <p> 1384 Qualcomm 1385 </p> 1386 1387 <table> 1388 <col width="19%"> 1389 <col width="20%"> 1390 <col width="10%"> 1391 <col width="23%"> 1392 <col width="17%"> 1393 <tr> 1394 <th>CVE</th> 1395 <th></th> 1396 <th></th> 1397 <th> Google </th> 1398 <th></th> 1399 </tr> 1400 <tr> 1401 <td>CVE-2016-6791</td> 1402 <td>A-31252384<br> 1403 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1404 QC-CR#1071809</a></td> 1405 <td></td> 1406 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1407 <td>2016 8 31 </td> 1408 </tr> 1409 <tr> 1410 <td>CVE-2016-8391</td> 1411 <td>A-31253255<br> 1412 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1413 QC-CR#1072166</a></td> 1414 <td></td> 1415 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1416 <td>2016 8 31 </td> 1417 </tr> 1418 <tr> 1419 <td>CVE-2016-8392</td> 1420 <td>A-31385862<br> 1421 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1422 QC-CR#1073136</a></td> 1423 <td></td> 1424 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1425 <td>2016 9 8 </td> 1426 </tr> 1427 </table> 1428 1429 1430 <h3 id="eop-in-kernel-security-subsystem"> </h3> 1431 <p> 1432 1433 </p> 1434 1435 <table> 1436 <col width="19%"> 1437 <col width="20%"> 1438 <col width="10%"> 1439 <col width="23%"> 1440 <col width="17%"> 1441 <tr> 1442 <th>CVE</th> 1443 <th></th> 1444 <th></th> 1445 <th> Google </th> 1446 <th></th> 1447 </tr> 1448 <tr> 1449 <td>CVE-2015-7872</td> 1450 <td>A-31253168<br> 1451 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> 1452 </a></td> 1453 <td></td> 1454 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1455 <td>2016 8 31 </td> 1456 </tr> 1457 </table> 1458 1459 1460 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1461 <p> 1462 Synaptics 1463 </p> 1464 1465 <table> 1466 <col width="19%"> 1467 <col width="20%"> 1468 <col width="10%"> 1469 <col width="23%"> 1470 <col width="17%"> 1471 <tr> 1472 <th>CVE</th> 1473 <th></th> 1474 <th></th> 1475 <th> Google </th> 1476 <th></th> 1477 </tr> 1478 <tr> 1479 <td>CVE-2016-8393</td> 1480 <td>A-31911920*</td> 1481 <td></td> 1482 <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1483 <td>2016 9 8 </td> 1484 </tr> 1485 <tr> 1486 <td>CVE-2016-8394</td> 1487 <td>A-31913197*</td> 1488 <td></td> 1489 <td>Nexus 9Android One</td> 1490 <td>2016 9 8 </td> 1491 </tr> 1492 </table> 1493 <p> 1494 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1495 </p> 1496 1497 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1498 <p> 1499 Broadcom Wi-Fi 1500 </p> 1501 1502 <table> 1503 <col width="19%"> 1504 <col width="20%"> 1505 <col width="10%"> 1506 <col width="23%"> 1507 <col width="17%"> 1508 <tr> 1509 <th>CVE</th> 1510 <th></th> 1511 <th></th> 1512 <th> Google </th> 1513 <th></th> 1514 </tr> 1515 <tr> 1516 <td>CVE-2014-9909</td> 1517 <td>A-31676542<br>B-RB#26684</td> 1518 <td></td> 1519 <td>*</td> 1520 <td>2016 9 21 </td> 1521 </tr> 1522 <tr> 1523 <td>CVE-2014-9910</td> 1524 <td>A-31746399<br>B-RB#26710</td> 1525 <td></td> 1526 <td>*</td> 1527 <td>2016 9 26 </td> 1528 </tr> 1529 </table> 1530 <p> 1531 * Android 7.0 Google 1532 </p> 1533 1534 1535 <h3 id="id-in-mediatek-video-driver">MediaTek </h3> 1536 <p>MediaTek 1537 </p> 1538 1539 <table> 1540 <col width="19%"> 1541 <col width="20%"> 1542 <col width="10%"> 1543 <col width="23%"> 1544 <col width="17%"> 1545 <tr> 1546 <th>CVE</th> 1547 <th></th> 1548 <th></th> 1549 <th> Google </th> 1550 <th></th> 1551 </tr> 1552 <tr> 1553 <td>CVE-2016-8396</td> 1554 <td>A-31249105</td> 1555 <td></td> 1556 <td>*</td> 1557 <td>2016 8 26 </td> 1558 </tr> 1559 </table> 1560 <p> 1561 * Android 7.0 Google 1562 </p> 1563 1564 1565 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1566 <p> 1567 NVIDIA 1568 </p> 1569 1570 <table> 1571 <col width="19%"> 1572 <col width="20%"> 1573 <col width="10%"> 1574 <col width="23%"> 1575 <col width="17%"> 1576 <tr> 1577 <th>CVE</th> 1578 <th></th> 1579 <th></th> 1580 <th> Google </th> 1581 <th></th> 1582 </tr> 1583 <tr> 1584 <td>CVE-2016-8397</td> 1585 <td>A-31385953*<br> 1586 N-CVE-2016-8397</td> 1587 <td></td> 1588 <td>Nexus 9</td> 1589 <td>2016 9 8 </td> 1590 </tr> 1591 </table> 1592 <p> 1593 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1594 </p> 1595 1596 <h3 id="dos-in-gps">GPS </h3> 1597 <p> 1598 Qualcomm GPS 1599 </p> 1600 1601 <table> 1602 <col width="19%"> 1603 <col width="20%"> 1604 <col width="10%"> 1605 <col width="23%"> 1606 <col width="17%"> 1607 <tr> 1608 <th>CVE</th> 1609 <th></th> 1610 <th></th> 1611 <th> Google </th> 1612 <th></th> 1613 </tr> 1614 <tr> 1615 <td>CVE-2016-5341</td> 1616 <td>A-31470303*</td> 1617 <td></td> 1618 <td>Nexus 6Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1619 <td>2016 6 21 </td> 1620 </tr> 1621 </table> 1622 <p> 1623 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1624 </p> 1625 1626 <h3 id="dos-in-nvidia-camera-driver">NVIDIA </h3> 1627 <p> 1628 NVIDIA 1629 </p> 1630 1631 <table> 1632 <col width="19%"> 1633 <col width="20%"> 1634 <col width="10%"> 1635 <col width="23%"> 1636 <col width="17%"> 1637 <tr> 1638 <th>CVE</th> 1639 <th></th> 1640 <th></th> 1641 <th> Google </th> 1642 <th></th> 1643 </tr> 1644 <tr> 1645 <td>CVE-2016-8395</td> 1646 <td>A-31403040* 1647 <br>N-CVE-2016-8395</td> 1648 <td></td> 1649 <td>Pixel C</td> 1650 <td>2016 9 9 </td> 1651 </tr> 1652 </table> 1653 <p> 1654 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1655 </p> 1656 1657 <h3 id="eop-in-kernel-networking-subsystem"> </h3> 1658 <p> 1659 1660 </p> 1661 1662 <table> 1663 <col width="19%"> 1664 <col width="20%"> 1665 <col width="10%"> 1666 <col width="23%"> 1667 <col width="17%"> 1668 <tr> 1669 <th>CVE</th> 1670 <th></th> 1671 <th></th> 1672 <th> Google </th> 1673 <th></th> 1674 </tr> 1675 <tr> 1676 <td>CVE-2016-8399</td> 1677 <td>A-31349935*</td> 1678 <td></td> 1679 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1680 <td>2016 9 5 </td> 1681 </tr> 1682 </table> 1683 <p> 1684 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1685 </p> 1686 1687 <h3 id="id-in-qualcomm-components">Qualcomm </h3> 1688 <p> 1689 Qualcomm 1690 </p> 1691 1692 <table> 1693 <col width="19%"> 1694 <col width="20%"> 1695 <col width="10%"> 1696 <col width="23%"> 1697 <col width="17%"> 1698 <tr> 1699 <th>CVE</th> 1700 <th></th> 1701 <th></th> 1702 <th> Google </th> 1703 <th></th> 1704 </tr> 1705 <tr> 1706 <td>CVE-2016-6756</td> 1707 <td>A-29464815<br> 1708 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> 1709 QC-CR#1042068</a> 1710 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> 1711 <td></td> 1712 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1713 <td>2016 6 17 </td> 1714 </tr> 1715 <tr> 1716 <td>CVE-2016-6757</td> 1717 <td>A-30148242<br> 1718 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> 1719 QC-CR#1052821</a></td> 1720 <td></td> 1721 <td>Nexus 5XNexus 6Nexus 6PPixelPixel XL</td> 1722 <td>2016 7 13 </td> 1723 </tr> 1724 </table> 1725 1726 1727 <h3 id="id-in-nvidia-librm-library">NVIDIA librm </h3> 1728 <p> 1729 NVIDIA librm libnvrm 1730 </p> 1731 1732 <table> 1733 <col width="19%"> 1734 <col width="20%"> 1735 <col width="10%"> 1736 <col width="23%"> 1737 <col width="17%"> 1738 <tr> 1739 <th>CVE</th> 1740 <th></th> 1741 <th></th> 1742 <th> Google </th> 1743 <th></th> 1744 </tr> 1745 <tr> 1746 <td>CVE-2016-8400</td> 1747 <td>A-31251599* 1748 <br>N-CVE-2016-8400</td> 1749 <td></td> 1750 <td>Pixel C</td> 1751 <td>2016 8 29 </td> 1752 </tr> 1753 </table> 1754 <p> 1755 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1756 </p> 1757 1758 <h3 id="id-in-kernel-components"> </h3> 1759 <p> 1760 ION USB 1761 </p> 1762 1763 <table> 1764 <col width="19%"> 1765 <col width="20%"> 1766 <col width="10%"> 1767 <col width="23%"> 1768 <col width="17%"> 1769 <tr> 1770 <th>CVE</th> 1771 <th></th> 1772 <th></th> 1773 <th> Google </th> 1774 <th></th> 1775 </tr> 1776 <tr> 1777 <td>CVE-2016-8401</td> 1778 <td>A-31494725*</td> 1779 <td></td> 1780 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1781 <td>2016 9 13 </td> 1782 </tr> 1783 <tr> 1784 <td>CVE-2016-8402</td> 1785 <td>A-31495231*</td> 1786 <td></td> 1787 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1788 <td>2016 9 13 </td> 1789 </tr> 1790 <tr> 1791 <td>CVE-2016-8403</td> 1792 <td>A-31495348*</td> 1793 <td></td> 1794 <td>Nexus 9</td> 1795 <td>2016 9 13 </td> 1796 </tr> 1797 <tr> 1798 <td>CVE-2016-8404</td> 1799 <td>A-31496950*</td> 1800 <td></td> 1801 <td>Nexus 9</td> 1802 <td>2016 9 13 </td> 1803 </tr> 1804 <tr> 1805 <td>CVE-2016-8405</td> 1806 <td>A-31651010*</td> 1807 <td></td> 1808 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1809 <td>2016 9 21 </td> 1810 </tr> 1811 <tr> 1812 <td>CVE-2016-8406</td> 1813 <td>A-31796940*</td> 1814 <td></td> 1815 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1816 <td>2016 9 27 </td> 1817 </tr> 1818 <tr> 1819 <td>CVE-2016-8407</td> 1820 <td>A-31802656*</td> 1821 <td></td> 1822 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1823 <td>2016 9 28 </td> 1824 </tr> 1825 </table> 1826 <p> 1827 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1828 </p> 1829 1830 <h3 id="id-in-nvidia-video-driver-2">NVIDIA </h3> 1831 <p> 1832 NVIDIA 1833 </p> 1834 1835 <table> 1836 <col width="19%"> 1837 <col width="20%"> 1838 <col width="10%"> 1839 <col width="23%"> 1840 <col width="17%"> 1841 <tr> 1842 <th>CVE</th> 1843 <th></th> 1844 <th></th> 1845 <th> Google </th> 1846 <th></th> 1847 </tr> 1848 <tr> 1849 <td>CVE-2016-8408</td> 1850 <td>A-31496571* 1851 <br>N-CVE-2016-8408</td> 1852 <td></td> 1853 <td>Nexus 9</td> 1854 <td>2016 9 13 </td> 1855 </tr> 1856 <tr> 1857 <td>CVE-2016-8409</td> 1858 <td>A-31495687* 1859 <br>N-CVE-2016-8409</td> 1860 <td></td> 1861 <td>Nexus 9</td> 1862 <td>2016 9 13 </td> 1863 </tr> 1864 </table> 1865 <p> 1866 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1867 </p> 1868 1869 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3> 1870 <p> 1871 Qualcomm 1872 </p> 1873 1874 <table> 1875 <col width="19%"> 1876 <col width="20%"> 1877 <col width="10%"> 1878 <col width="23%"> 1879 <col width="17%"> 1880 <tr> 1881 <th>CVE</th> 1882 <th></th> 1883 <th></th> 1884 <th> Google </th> 1885 <th></th> 1886 </tr> 1887 <tr> 1888 <td>CVE-2016-8410</td> 1889 <td>A-31498403<br> 1890 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> 1891 QC-CR#987010</a></td> 1892 <td></td> 1893 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1894 <td>Google </td> 1895 </tr> 1896 </table> 1897 1898 <h2 id="common-questions-and-answers"></h2> 1899 <p> 1900 1901 </p> 1902 <p> 1903 <strong>1. 1904 </strong> 1905 </p> 1906 <p> 1907 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 1908 </p> 1909 <ul> 1910 <li> 2016-12-01 2016-12-01 </li> 1911 <li> 2016-12-05 2016-12-05</li> 1912 </ul> 1913 <p> 1914 </p> 1915 <ul> 1916 <li>[ro.build.version.security_patch]:[2016-12-01]</li> 1917 <li>[ro.build.version.security_patch]:[2016-12-05]</li> 1918 </ul> 1919 <p> 1920 <strong>2. 2 </strong> 1921 </p> 1922 <p> 1923 2 Android Android Android 1924 </p> 1925 <ul> 1926 <li>2016 12 1 </li> 1927 <li>2016 12 5 </li> 1928 </ul> 1929 <p> 1930 1 1931 </p> 1932 <p> 1933 <strong>3. Google </strong> 1934 </p> 1935 <p> 1936 <a href="#2016-12-01-details">2016-12-01</a> <a href="#2016-12-05-details">2016-12-05</a> <em> Google </em> Google 1937 </p> 1938 <ul> 1939 <li><strong> Google </strong>: Pixel <em> Google </em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixelPixel XL</li> 1940 <li><strong> Google </strong>: Google <em> Google </em> Google </li> 1941 <li><strong> Google </strong>: Android 7.0 Google <em> Google </em></li> 1942 </ul> 1943 <p> 1944 <strong>4. 1945 </strong> 1946 </p> 1947 <p> 1948 <em></em> 1949 </p> 1950 <table> 1951 <tr> 1952 <th></th> 1953 <th></th> 1954 </tr> 1955 <tr> 1956 <td>A-</td> 1957 <td>Android ID</td> 1958 </tr> 1959 <tr> 1960 <td>QC-</td> 1961 <td>Qualcomm </td> 1962 </tr> 1963 <tr> 1964 <td>M-</td> 1965 <td>MediaTek </td> 1966 </tr> 1967 <tr> 1968 <td>N-</td> 1969 <td>NVIDIA </td> 1970 </tr> 1971 <tr> 1972 <td>B-</td> 1973 <td>Broadcom </td> 1974 </tr> 1975 </table> 1976 <h2 id="revisions"></h2> 1977 <ul> 1978 <li>2016 12 5 : </li> 1979 <li>2016 12 7 : AOSP CVE-2016-6915CVE-2016-6916CVE-2016-6917 </li> 1980 </ul> 1981 1982 </body> 1983 </html> 1984
