1 <html devsite> 2 <head> 3 <title>Android - 2017 1 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 <p><em>2017 1 3 | 2017 1 5 </em></p> 26 27 <p>Android Android Google OTAGoogle <a href="https://developers.google.com/android/nexus/images">Google </a>2017 1 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 28 29 <p> 2016 12 5 Android AOSP AOSP </p> 30 31 <p>MMS </p> 32 33 <p><a href="#mitigations">Android </a> <a href="/security/enhancements/index.html">SafetyNet</a> <a href="https://developer.android.com/training/safetynet/index.html">Android Google </a>Android </p> 34 35 <p></p> 36 37 <h2 id="announcements"></h2> 38 <ul> 39 <li>2 Android Android <a href="#common-questions-and-answers"></a><ul> 40 <li><strong>2017-01-01</strong>: 2017-01-01 </li> 41 <li><strong>2017-01-05</strong>: 2017-01-01 2017-01-05 </li> 42 </ul> 43 </li> 44 <li> Google 2017 1 5 1 OTA </li> 45 </ul> 46 <h2 id="security-vulnerability-summary"></h2> 47 <p>CVEGoogle <a href="/security/overview/updates-resources.html#severity"></a></p> 48 49 <h3 id="2017-01-01-summary"> 2017-01-01 </h3> 50 <p> 2017-01-01 </p> 51 52 <table> 53 <col width="55%"> 54 <col width="20%"> 55 <col width="13%"> 56 <col width="12%"> 57 <tr> 58 <th></th> 59 <th>CVE</th> 60 <th></th> 61 <th>Google </th> 62 </tr> 63 <tr> 64 <td>c-ares </td> 65 <td>CVE-2016-5180</td> 66 <td></td> 67 <td></td> 68 </tr> 69 <tr> 70 <td>Framesequence </td> 71 <td>CVE-2017-0382</td> 72 <td></td> 73 <td></td> 74 </tr> 75 <tr> 76 <td> API </td> 77 <td>CVE-2017-0383</td> 78 <td></td> 79 <td></td> 80 </tr> 81 <tr> 82 <td></td> 83 <td>CVE-2017-0384CVE-2017-0385</td> 84 <td></td> 85 <td></td> 86 </tr> 87 <tr> 88 <td>libnl </td> 89 <td>CVE-2017-0386</td> 90 <td></td> 91 <td></td> 92 </tr> 93 <tr> 94 <td></td> 95 <td>CVE-2017-0387</td> 96 <td></td> 97 <td></td> 98 </tr> 99 <tr> 100 <td> </td> 101 <td>CVE-2017-0388</td> 102 <td></td> 103 <td></td> 104 </tr> 105 <tr> 106 <td> </td> 107 <td>CVE-2017-0389</td> 108 <td></td> 109 <td></td> 110 </tr> 111 <tr> 112 <td></td> 113 <td>CVE-2017-0390CVE-2017-0391CVE-2017-0392CVE-2017-0393</td> 114 <td></td> 115 <td></td> 116 </tr> 117 <tr> 118 <td>Telephony </td> 119 <td>CVE-2017-0394</td> 120 <td></td> 121 <td></td> 122 </tr> 123 <tr> 124 <td></td> 125 <td>CVE-2017-0395</td> 126 <td></td> 127 <td></td> 128 </tr> 129 <tr> 130 <td></td> 131 <td>CVE-2017-0396CVE-2017-0397CVE-2017-0381</td> 132 <td></td> 133 <td></td> 134 </tr> 135 <tr> 136 <td></td> 137 <td>CVE-2017-0398CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 138 <td></td> 139 <td></td> 140 </tr> 141 </table> 142 143 <h3 id="2017-01-05-summary"> 2017-01-05 </h3> 144 <p> 2017-01-05 2017-01-01 </p> 145 146 <table> 147 <col width="55%"> 148 <col width="20%"> 149 <col width="13%"> 150 <col width="12%"> 151 <tr> 152 <th></th> 153 <th>CVE</th> 154 <th></th> 155 <th>Google </th> 156 </tr> 157 <tr> 158 <td> </td> 159 <td>CVE-2015-3288</td> 160 <td></td> 161 <td></td> 162 </tr> 163 <tr> 164 <td>Qualcomm </td> 165 <td>CVE-2016-8422CVE-2016-8423</td> 166 <td></td> 167 <td></td> 168 </tr> 169 <tr> 170 <td> </td> 171 <td>CVE-2015-5706</td> 172 <td></td> 173 <td>*</td> 174 </tr> 175 <tr> 176 <td>NVIDIA GPU </td> 177 <td>CVE-2016-8424CVE-2016-8425CVE-2016-8426CVE-2016-8482CVE-2016-8427CVE-2016-8428CVE-2016-8429CVE-2016-8430CVE-2016-8431CVE-2016-8432</td> 178 <td></td> 179 <td></td> 180 </tr> 181 <tr> 182 <td>MediaTek </td> 183 <td>CVE-2016-8433</td> 184 <td></td> 185 <td>*</td> 186 </tr> 187 <tr> 188 <td>Qualcomm GPU </td> 189 <td>CVE-2016-8434</td> 190 <td></td> 191 <td></td> 192 </tr> 193 <tr> 194 <td>NVIDIA GPU </td> 195 <td>CVE-2016-8435</td> 196 <td></td> 197 <td></td> 198 </tr> 199 <tr> 200 <td>Qualcomm </td> 201 <td>CVE-2016-8436</td> 202 <td></td> 203 <td>*</td> 204 </tr> 205 <tr> 206 <td>Qualcomm </td> 207 <td>CVE-2016-5080CVE-2016-8398CVE-2016-8437CVE-2016-8438CVE-2016-8439CVE-2016-8440CVE-2016-8441CVE-2016-8442CVE-2016-8443CVE-2016-8459</td> 208 <td></td> 209 <td>*</td> 210 </tr> 211 <tr> 212 <td>Qualcomm </td> 213 <td>CVE-2016-8412CVE-2016-8444</td> 214 <td></td> 215 <td></td> 216 </tr> 217 <tr> 218 <td>MediaTek </td> 219 <td>CVE-2016-8445CVE-2016-8446CVE-2016-8447CVE-2016-8448</td> 220 <td></td> 221 <td>*</td> 222 </tr> 223 <tr> 224 <td>Qualcomm Wi-Fi </td> 225 <td>CVE-2016-8415</td> 226 <td></td> 227 <td></td> 228 </tr> 229 <tr> 230 <td>NVIDIA GPU </td> 231 <td>CVE-2016-8449</td> 232 <td></td> 233 <td></td> 234 </tr> 235 <tr> 236 <td>Qualcomm </td> 237 <td>CVE-2016-8450</td> 238 <td></td> 239 <td></td> 240 </tr> 241 <tr> 242 <td>Synaptics </td> 243 <td>CVE-2016-8451</td> 244 <td></td> 245 <td>*</td> 246 </tr> 247 <tr> 248 <td> </td> 249 <td>CVE-2016-7042</td> 250 <td></td> 251 <td></td> 252 </tr> 253 <tr> 254 <td> </td> 255 <td>CVE-2017-0403</td> 256 <td></td> 257 <td></td> 258 </tr> 259 <tr> 260 <td> </td> 261 <td>CVE-2017-0404</td> 262 <td></td> 263 <td></td> 264 </tr> 265 <tr> 266 <td>Qualcomm Wi-Fi </td> 267 <td></td> 268 <td></td> 269 <td></td> 270 </tr> 271 <tr> 272 <td>Qualcomm </td> 273 <td>CVE-2016-5345</td> 274 <td></td> 275 <td></td> 276 </tr> 277 <tr> 278 <td> </td> 279 <td>CVE-2016-9754</td> 280 <td></td> 281 <td></td> 282 </tr> 283 <tr> 284 <td>Broadcom Wi-Fi </td> 285 <td>CVE-2016-8453CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457</td> 286 <td></td> 287 <td></td> 288 </tr> 289 <tr> 290 <td>Synaptics </td> 291 <td>CVE-2016-8458</td> 292 <td></td> 293 <td></td> 294 </tr> 295 <tr> 296 <td>NVIDIA </td> 297 <td>CVE-2016-8460</td> 298 <td></td> 299 <td></td> 300 </tr> 301 <tr> 302 <td></td> 303 <td>CVE-2016-8461CVE-2016-8462</td> 304 <td></td> 305 <td></td> 306 </tr> 307 <tr> 308 <td>Qualcomm FUSE </td> 309 <td>CVE-2016-8463</td> 310 <td></td> 311 <td>*</td> 312 </tr> 313 <tr> 314 <td></td> 315 <td>CVE-2016-8467</td> 316 <td></td> 317 <td></td> 318 </tr> 319 <tr> 320 <td>Broadcom Wi-Fi </td> 321 <td>CVE-2016-8464CVE-2016-8465CVE-2016-8466</td> 322 <td></td> 323 <td></td> 324 </tr> 325 <tr> 326 <td></td> 327 <td>CVE-2016-8467</td> 328 <td></td> 329 <td></td> 330 </tr> 331 <tr> 332 <td>Binder </td> 333 <td>CVE-2016-8468</td> 334 <td></td> 335 <td></td> 336 </tr> 337 <tr> 338 <td>NVIDIA </td> 339 <td>CVE-2016-8469</td> 340 <td></td> 341 <td></td> 342 </tr> 343 <tr> 344 <td>MediaTek </td> 345 <td>CVE-2016-8470CVE-2016-8471CVE-2016-8472</td> 346 <td></td> 347 <td>*</td> 348 </tr> 349 <tr> 350 <td>STMicroelectronics </td> 351 <td>CVE-2016-8473CVE-2016-8474</td> 352 <td></td> 353 <td></td> 354 </tr> 355 <tr> 356 <td>Qualcomm </td> 357 <td>CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 358 <td></td> 359 <td></td> 360 </tr> 361 <tr> 362 <td>HTC </td> 363 <td>CVE-2016-8475</td> 364 <td></td> 365 <td></td> 366 </tr> 367 <tr> 368 <td> </td> 369 <td>CVE-2014-9420</td> 370 <td></td> 371 <td></td> 372 </tr> 373 </table> 374 <p>* Android 7.0 Google </p> 375 376 <h2 id="mitigations">Android Google </h2> 377 <p><a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 378 <ul> 379 <li>Android Android Google Android </li> 380 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet </a><a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a><a href="http://www.android.com/gms">Google </a>Google Play Google Play </li> 381 <li>Google </li> 382 </ul> 383 <h2 id="acknowledgements"></h2> 384 <p></p> 385 <ul> 386 <li>Alexandru Blanda: CVE-2017-0390</li> 387 <li>Copperhead Security Daniel Micay: CVE-2017-0397</li> 388 <li>Xuanwu LabTencent Daxing Guo<a href="https://twitter.com/freener0">@freener0</a>: CVE-2017-0386</li> 389 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a><a href="https://twitter.com/derrekr6">@derrekr6</a>: CVE-2017-0392</li> 390 <li>KeenLab<a href="https://twitter.com/keen_lab">@keen_lab</a>Tencent Di Shen<a href="https://twitter.com/returnsme">@returnsme</a>: CVE-2016-8412CVE-2016-8444CVE-2016-8427CVE-2017-0403</li> 391 <li>Shellphish Grill TeamUC Santa Barbara donfosAravind Machiry: CVE-2016-8448CVE-2016-8470CVE-2016-8471CVE-2016-8472</li> 392 <li><a href="http://www.ms509.com">MS509Team</a> En He<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>: CVE-2017-0394</li> 393 <li>IceSword LabQihoo 360 Technology Co. Ltd. Gengjia Chen<a href="https://twitter.com/chengjia4574">@chengjia4574</a><a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8464</li> 394 <li>Google WebM Team: CVE-2017-0393</li> 395 <li>Alpha Team<a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> Guang Gong<a href="http://twitter.com/oldfresher">@oldfresher</a>: CVE-2017-0387</li> 396 <li>Alpha TeamQihoo 360 Technology Co. Ltd. Hao Chen Guang Gong: CVE-2016-8415CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457CVE-2016-8465</li> 397 <li>IceSword LabQihoo 360 Jianqiang Zhao<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a> <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8475</li> 398 <li>Jon Sawyer<a href="http://twitter.com/jcase">@jcase</a> Sean Beaupre<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>: CVE-2016-8462</li> 399 <li>Jon Sawyer<a href="http://twitter.com/jcase">@jcase</a>Sean Beaupre<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>Ben Actis<a href="https://twitter.com/ben_ra">@Ben_RA</a>: CVE-2016-8461</li> 400 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>Yuqi Lu<a href="https://twitter.com/nikos233__">@nikos233</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2017-0383</li> 401 <li>Monk Avel: CVE-2017-0396CVE-2017-0399</li> 402 <li>Trend Micro Peter Pi<a href="https://twitter.com/heisecode">@heisecode</a>: CVE-2016-8469CVE-2016-8424CVE-2016-8428CVE-2016-8429CVE-2016-8460CVE-2016-8473CVE-2016-8474</li> 403 <li>KeenLabTencent Qidan He<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>: CVE-2017-0382</li> 404 <li>IBM Security X-Force Roee Hay Michael Goberman: CVE-2016-8467</li> 405 <li>Trend Micro Mobile Threat Research Team Seven Shen<a href="https://twitter.com/lingtongshen">@lingtongshen</a>: CVE-2016-8466</li> 406 <li>Stephen Morrow: CVE-2017-0389</li> 407 <li>Mobile Threat Research Team<a href="http://www.trendmicro.com">Trend Micro</a> V.E.O<a href="https://twitter.com/vysea">@VYSEa</a>: CVE-2017-0381</li> 408 <li>Alibaba Inc. Weichao Sun<a href="https://twitter.com/sunblate">@sunblate</a>: CVE-2017-0391</li> 409 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2017-0402CVE-2017-0398</li> 410 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2017-0400</li> 411 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2017-0384CVE-2017-0385</li> 412 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu<a href="https://twitter.com/nikos233__">@nikos233</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2017-0401</li> 413 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-8431CVE-2016-8432CVE-2016-8435</li> 414 <li>Alibaba Inc. Yong Wang<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a> Jun Cheng: CVE-2017-0404</li> 415 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-8425CVE-2016-8426CVE-2016-8449</li> 416 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:bigwyfone (a] gmail.com">Yanfeng Wang</a>Chiachih Wu<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>Xuxian Jiang: CVE-2016-8430CVE-2016-8482</li> 417 <li>Tencent Security Platform Department Yuxiang Li<a href="https://twitter.com/xbalien29">@Xbalien29</a>: CVE-2017-0395</li> 418 <li>Security Research Lab<a href="http://www.cmcm.com/">Cheetah Mobile</a> Zhanpeng Zhao<a href="https://twitter.com/0xr0ot">@0xr0ot</a>: CVE-2016-8451</li> 419 </ul> 420 <p></p> 421 <ul> 422 <li>Alibaba Mobile Security Group Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi ZhangYang Song</li> 423 <li>Trend Micro Peter Pi<a href="https://twitter.com/heisecode">@heisecode</a></li> 424 <li>Google Zubin Mithra</li> 425 </ul> 426 427 <h2 id="2017-01-01-details"> 2017-01-01 </h2> 428 <p><a href="#2017-01-01-summary"> 2017-01-01 </a>CVE Google AOSP AOSP ID ID </p> 429 430 431 <h3 id="rce-in-c-ares">c-ares </h3> 432 <p>c-ares 433 </p> 434 435 <table> 436 <col width="18%"> 437 <col width="17%"> 438 <col width="10%"> 439 <col width="19%"> 440 <col width="18%"> 441 <col width="17%"> 442 <tr> 443 <th>CVE</th> 444 <th></th> 445 <th></th> 446 <th> Google </th> 447 <th> AOSP </th> 448 <th></th> 449 </tr> 450 <tr> 451 <td>CVE-2016-5180</td> 452 <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677"> 453 A-32205736</a></td> 454 <td></td> 455 <td></td> 456 <td>7.0</td> 457 <td>2016 9 29 </td> 458 </tr> 459 </table> 460 461 462 <h3 id="rce-vulnerability-in-framesequence">Framesequence </h3> 463 <p> 464 Framesequence Framesequence 465 </p> 466 <table> 467 <col width="18%"> 468 <col width="17%"> 469 <col width="10%"> 470 <col width="19%"> 471 <col width="18%"> 472 <col width="17%"> 473 <tr> 474 <th>CVE</th> 475 <th></th> 476 <th></th> 477 <th> Google </th> 478 <th> AOSP </th> 479 <th></th> 480 </tr> 481 <tr> 482 <td>CVE-2017-0382</td> 483 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7"> 484 A-32338390</a></td> 485 <td></td> 486 <td></td> 487 <td>5.0.25.1.16.06.0.17.07.1.1</td> 488 <td>2016 10 21 </td> 489 </tr> 490 </table> 491 <h3 id="eop-in-framework-apis"> API </h3> 492 <p> API 493 </p> 494 <table> 495 <col width="18%"> 496 <col width="17%"> 497 <col width="10%"> 498 <col width="19%"> 499 <col width="18%"> 500 <col width="17%"> 501 <tr> 502 <th>CVE</th> 503 <th></th> 504 <th></th> 505 <th> Google </th> 506 <th> AOSP </th> 507 <th></th> 508 </tr> 509 <tr> 510 <td>CVE-2017-0383</td> 511 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266"> 512 A-31677614</a></td> 513 <td></td> 514 <td></td> 515 <td>7.07.1.1</td> 516 <td>2016 9 21 </td> 517 </tr> 518 </table> 519 <h3 id="eop-in-audioserver"></h3> 520 <p> 521 </p> 522 <table> 523 <col width="18%"> 524 <col width="17%"> 525 <col width="10%"> 526 <col width="19%"> 527 <col width="18%"> 528 <col width="17%"> 529 <tr> 530 <th>CVE</th> 531 <th></th> 532 <th></th> 533 <th> Google </th> 534 <th> AOSP </th> 535 <th></th> 536 </tr> 537 <tr> 538 <td>CVE-2017-0384</td> 539 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 540 A-32095626</a></td> 541 <td></td> 542 <td></td> 543 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 544 <td>2016 10 11 </td> 545 </tr> 546 <tr> 547 <td>CVE-2017-0385</td> 548 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 549 A-32585400</a></td> 550 <td></td> 551 <td></td> 552 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 553 <td>2016 10 11 </td> 554 </tr> 555 </table> 556 <h3 id="eop-in-libnl">libnl </h3> 557 <p>libnl 558 </p> 559 <table> 560 <col width="18%"> 561 <col width="17%"> 562 <col width="10%"> 563 <col width="19%"> 564 <col width="18%"> 565 <col width="17%"> 566 <tr> 567 <th>CVE</th> 568 <th></th> 569 <th></th> 570 <th> Google </th> 571 <th> AOSP </th> 572 <th></th> 573 </tr> 574 <tr> 575 <td>CVE-2017-0386</td> 576 <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a"> 577 A-32255299</a></td> 578 <td></td> 579 <td></td> 580 <td>5.0.25.1.16.06.0.17.07.1.1</td> 581 <td>2016 10 18 </td> 582 </tr> 583 </table> 584 <h3 id="eop-in-mediaserver"></h3> 585 <p> 586 587 </p> 588 <table> 589 <col width="18%"> 590 <col width="17%"> 591 <col width="10%"> 592 <col width="19%"> 593 <col width="18%"> 594 <col width="17%"> 595 <tr> 596 <th>CVE</th> 597 <th></th> 598 <th></th> 599 <th> Google </th> 600 <th> AOSP </th> 601 <th></th> 602 </tr> 603 <tr> 604 <td>CVE-2017-0387</td> 605 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f"> 606 A-32660278</a></td> 607 <td></td> 608 <td></td> 609 <td>5.0.25.1.16.06.0.17.07.1.1</td> 610 <td>2016 11 4 </td> 611 </tr> 612 </table> 613 <h3 id="id-in-external-storage-provider"> </h3> 614 <p> SD 615 </p> 616 <table> 617 <col width="18%"> 618 <col width="17%"> 619 <col width="10%"> 620 <col width="19%"> 621 <col width="18%"> 622 <col width="17%"> 623 <tr> 624 <th>CVE</th> 625 <th></th> 626 <th></th> 627 <th> Google </th> 628 <th> AOSP </th> 629 <th></th> 630 </tr> 631 <tr> 632 <td>CVE-2017-0388</td> 633 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9"> 634 A-32523490</a></td> 635 <td></td> 636 <td></td> 637 <td>6.06.0.17.07.1.1</td> 638 <td>Google </td> 639 </tr> 640 </table> 641 <h3 id="dos-in-core-networking"> </h3> 642 <p> 643 </p> 644 <table> 645 <col width="18%"> 646 <col width="17%"> 647 <col width="10%"> 648 <col width="19%"> 649 <col width="18%"> 650 <col width="17%"> 651 <tr> 652 <th>CVE</th> 653 <th></th> 654 <th></th> 655 <th> Google </th> 656 <th> AOSP </th> 657 <th></th> 658 </tr> 659 <tr> 660 <td>CVE-2017-0389</td> 661 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7"> 662 A-31850211</a> 663 [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 664 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td> 665 <td></td> 666 <td></td> 667 <td>6.06.0.17.07.1.1</td> 668 <td>2016 7 20 </td> 669 </tr> 670 </table> 671 <h3 id="dos-in-mediaserver"></h3> 672 <p> 673 </p> 674 <table> 675 <col width="18%"> 676 <col width="17%"> 677 <col width="10%"> 678 <col width="19%"> 679 <col width="18%"> 680 <col width="17%"> 681 <tr> 682 <th>CVE</th> 683 <th></th> 684 <th></th> 685 <th> Google </th> 686 <th> AOSP </th> 687 <th></th> 688 </tr> 689 <tr> 690 <td>CVE-2017-0390</td> 691 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0"> 692 A-31647370</a></td> 693 <td></td> 694 <td></td> 695 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 696 <td>2016 9 19 </td> 697 </tr> 698 <tr> 699 <td>CVE-2017-0391</td> 700 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f"> 701 A-32322258</a></td> 702 <td></td> 703 <td></td> 704 <td>6.06.0.17.07.1.1</td> 705 <td>2016 10 20 </td> 706 </tr> 707 <tr> 708 <td>CVE-2017-0392</td> 709 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c"> 710 A-32577290</a></td> 711 <td></td> 712 <td></td> 713 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 714 <td>2016 10 29 </td> 715 </tr> 716 <tr> 717 <td>CVE-2017-0393</td> 718 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc"> 719 A-30436808</a></td> 720 <td></td> 721 <td></td> 722 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 723 <td>Google </td> 724 </tr> 725 </table> 726 <h3 id="dos-in-telephony">Telephony </h3> 727 <p>Telephony 728 </p> 729 <table> 730 <col width="18%"> 731 <col width="17%"> 732 <col width="10%"> 733 <col width="19%"> 734 <col width="18%"> 735 <col width="17%"> 736 <tr> 737 <th>CVE</th> 738 <th></th> 739 <th></th> 740 <th> Google </th> 741 <th> AOSP </th> 742 <th></th> 743 </tr> 744 <tr> 745 <td>CVE-2017-0394</td> 746 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d"> 747 A-31752213</a></td> 748 <td></td> 749 <td></td> 750 <td>5.0.25.1.16.06.0.17.07.1.1</td> 751 <td>2016 9 23 </td> 752 </tr> 753 </table> 754 <h3 id="eop-in-contacts"></h3> 755 <p> 756 </p> 757 <table> 758 <col width="18%"> 759 <col width="17%"> 760 <col width="10%"> 761 <col width="19%"> 762 <col width="18%"> 763 <col width="17%"> 764 <tr> 765 <th>CVE</th> 766 <th></th> 767 <th></th> 768 <th> Google </th> 769 <th> AOSP </th> 770 <th></th> 771 </tr> 772 <tr> 773 <td>CVE-2017-0395</td> 774 <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b"> 775 A-32219099</a></td> 776 <td></td> 777 <td></td> 778 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 779 <td>2016 10 15 </td> 780 </tr> 781 </table> 782 <h3 id="id-in-mediaserver"></h3> 783 <p> 784 785 </p> 786 <table> 787 <col width="18%"> 788 <col width="17%"> 789 <col width="10%"> 790 <col width="19%"> 791 <col width="18%"> 792 <col width="17%"> 793 <tr> 794 <th>CVE</th> 795 <th></th> 796 <th></th> 797 <th> Google </th> 798 <th> AOSP </th> 799 <th></th> 800 </tr> 801 <tr> 802 <td>CVE-2017-0381</td> 803 <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7"> 804 A-31607432</a></td> 805 <td></td> 806 <td></td> 807 <td>5.0.25.1.16.06.0.17.07.1.1</td> 808 <td>2016 9 18 </td> 809 </tr> 810 <tr> 811 <td>CVE-2017-0396</td> 812 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7"> 813 A-31781965</a></td> 814 <td></td> 815 <td></td> 816 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 817 <td>2016 9 27 </td> 818 </tr> 819 <tr> 820 <td>CVE-2017-0397</td> 821 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c"> 822 A-32377688</a></td> 823 <td></td> 824 <td></td> 825 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 826 <td>2016 10 21 </td> 827 </tr> 828 </table> 829 <h3 id="id-in-audioserver"></h3> 830 <p> 831 </p> 832 <table> 833 <col width="18%"> 834 <col width="17%"> 835 <col width="10%"> 836 <col width="19%"> 837 <col width="18%"> 838 <col width="17%"> 839 <tr> 840 <th>CVE</th> 841 <th></th> 842 <th></th> 843 <th> Google </th> 844 <th> AOSP </th> 845 <th></th> 846 </tr> 847 <tr> 848 <td>CVE-2017-0398</td> 849 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 850 A-32438594</a></td> 851 <td></td> 852 <td></td> 853 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 854 <td>2016 10 25 </td> 855 </tr> 856 <tr> 857 <td>CVE-2017-0398</td> 858 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 859 A-32635664</a></td> 860 <td></td> 861 <td></td> 862 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 863 <td>2016 10 25 </td> 864 </tr> 865 <tr> 866 <td>CVE-2017-0398</td> 867 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 868 A-32624850</a></td> 869 <td></td> 870 <td></td> 871 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 872 <td>2016 10 25 </td> 873 </tr> 874 <tr> 875 <td>CVE-2017-0399</td> 876 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 877 A-32247948</a> 878 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 879 <td></td> 880 <td></td> 881 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 882 <td>2016 10 18 </td> 883 </tr> 884 <tr> 885 <td>CVE-2017-0400</td> 886 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 887 A-32584034</a> 888 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 889 <td></td> 890 <td></td> 891 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 892 <td>2016 10 25 </td> 893 </tr> 894 <tr> 895 <td>CVE-2017-0401</td> 896 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 897 A-32448258</a></td> 898 <td></td> 899 <td></td> 900 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 901 <td>2016 10 26 </td> 902 </tr> 903 <tr> 904 <td>CVE-2017-0402</td> 905 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 906 A-32436341</a> 907 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 908 <td></td> 909 <td></td> 910 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 911 <td>2016 10 25 </td> 912 </tr> 913 </table> 914 915 <h2 id="2017-01-05-details"> 2017-01-05 </h2> 916 <p><a href="#2017-01-05-summary"> 2017-01-05 </a>CVE Google AOSP AOSP ID ID </p> 917 918 919 <h3 id="eop-in-kernel-memory-subsystem"> </h3> 920 <p> 921 922 </p> 923 924 <table> 925 <col width="19%"> 926 <col width="20%"> 927 <col width="10%"> 928 <col width="23%"> 929 <col width="17%"> 930 <tr> 931 <th>CVE</th> 932 <th></th> 933 <th></th> 934 <th> Google </th> 935 <th></th> 936 </tr> 937 <tr> 938 <td>CVE-2015-3288</td> 939 <td>A-32460277<br> 940 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d"> 941 </a></td> 942 <td></td> 943 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus PlayerPixelPixel XL</td> 944 <td>2015 7 9 </td> 945 </tr> 946 </table> 947 948 949 <h3 id="eop-in-qualcomm-bootloader">Qualcomm </h3> 950 <p> 951 Qualcomm 952 </p> 953 954 <table> 955 <col width="19%"> 956 <col width="20%"> 957 <col width="10%"> 958 <col width="23%"> 959 <col width="17%"> 960 <tr> 961 <th>CVE</th> 962 <th></th> 963 <th></th> 964 <th> Google </th> 965 <th></th> 966 </tr> 967 <tr> 968 <td>CVE-2016-8422</td> 969 <td>A-31471220<br> 970 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213"> 971 QC-CR#979426</a></td> 972 <td></td> 973 <td>Nexus 6Nexus 6PPixelPixel XL</td> 974 <td>2016 7 22 </td> 975 </tr> 976 <tr> 977 <td>CVE-2016-8423</td> 978 <td>A-31399736<br> 979 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867"> 980 QC-CR#1000546</a></td> 981 <td></td> 982 <td>Nexus 6PPixelPixel XL</td> 983 <td>2016 8 24 </td> 984 </tr> 985 </table> 986 987 988 <h3 id="eop-in-kernel-file-system"> </h3> 989 <p> 990 </p> 991 992 <table> 993 <col width="19%"> 994 <col width="20%"> 995 <col width="10%"> 996 <col width="23%"> 997 <col width="17%"> 998 <tr> 999 <th>CVE</th> 1000 <th></th> 1001 <th></th> 1002 <th> Google </th> 1003 <th></th> 1004 </tr> 1005 <tr> 1006 <td>CVE-2015-5706</td> 1007 <td>A-32289301<br> 1008 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0"> 1009 </a></td> 1010 <td></td> 1011 <td>*</td> 1012 <td>2016 8 1 </td> 1013 </tr> 1014 </table> 1015 <p> 1016 * Android 7.0 Google 1017 </p> 1018 1019 1020 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1021 <p> 1022 NVIDIA GPU 1023 </p> 1024 1025 <table> 1026 <col width="19%"> 1027 <col width="20%"> 1028 <col width="10%"> 1029 <col width="23%"> 1030 <col width="17%"> 1031 <tr> 1032 <th>CVE</th> 1033 <th></th> 1034 <th></th> 1035 <th> Google </th> 1036 <th></th> 1037 </tr> 1038 <tr> 1039 <td>CVE-2016-8424</td> 1040 <td>A-31606947*<br> 1041 N-CVE-2016-8424</td> 1042 <td></td> 1043 <td>Nexus 9</td> 1044 <td>2016 9 17 </td> 1045 </tr> 1046 <tr> 1047 <td>CVE-2016-8425</td> 1048 <td>A-31797770*<br> 1049 N-CVE-2016-8425</td> 1050 <td></td> 1051 <td>Nexus 9</td> 1052 <td>2016 9 28 </td> 1053 </tr> 1054 <tr> 1055 <td>CVE-2016-8426</td> 1056 <td>A-31799206*<br> 1057 N-CVE-2016-8426</td> 1058 <td></td> 1059 <td>Nexus 9</td> 1060 <td>2016 9 28 </td> 1061 </tr> 1062 <tr> 1063 <td>CVE-2016-8482</td> 1064 <td>A-31799863*<br> 1065 N-CVE-2016-8482</td> 1066 <td></td> 1067 <td>Nexus 9</td> 1068 <td>2016 9 28 </td> 1069 </tr> 1070 <tr> 1071 <td>CVE-2016-8427</td> 1072 <td>A-31799885*<br> 1073 N-CVE-2016-8427</td> 1074 <td></td> 1075 <td>Nexus 9</td> 1076 <td>2016 9 28 </td> 1077 </tr> 1078 <tr> 1079 <td>CVE-2016-8428</td> 1080 <td>A-31993456*<br> 1081 N-CVE-2016-8428</td> 1082 <td></td> 1083 <td>Nexus 9</td> 1084 <td>2016 10 6 </td> 1085 </tr> 1086 <tr> 1087 <td>CVE-2016-8429</td> 1088 <td>A-32160775*<br> 1089 N-CVE-2016-8429</td> 1090 <td></td> 1091 <td>Nexus 9</td> 1092 <td>2016 10 13 </td> 1093 </tr> 1094 <tr> 1095 <td>CVE-2016-8430</td> 1096 <td>A-32225180*<br> 1097 N-CVE-2016-8430</td> 1098 <td></td> 1099 <td>Nexus 9</td> 1100 <td>2016 10 17 </td> 1101 </tr> 1102 <tr> 1103 <td>CVE-2016-8431</td> 1104 <td>A-32402179*<br> 1105 N-CVE-2016-8431</td> 1106 <td></td> 1107 <td>Pixel C</td> 1108 <td>2016 10 25 </td> 1109 </tr> 1110 <tr> 1111 <td></td> 1112 <td>A-32447738*<br> 1113 N-CVE-2016-8432</td> 1114 <td></td> 1115 <td>Pixel C</td> 1116 <td>2016 10 26 </td> 1117 </tr> 1118 </table> 1119 <p> 1120 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1121 </p> 1122 1123 1124 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1125 <p> 1126 MediaTek 1127 </p> 1128 1129 <table> 1130 <col width="19%"> 1131 <col width="20%"> 1132 <col width="10%"> 1133 <col width="23%"> 1134 <col width="17%"> 1135 <tr> 1136 <th>CVE</th> 1137 <th></th> 1138 <th></th> 1139 <th> Google </th> 1140 <th></th> 1141 </tr> 1142 <tr> 1143 <td>CVE-2016-8433</td> 1144 <td>A-31750190*<br> 1145 MT-ALPS02974192</td> 1146 <td></td> 1147 <td>**</td> 1148 <td>2016 9 24 </td> 1149 </tr> 1150 </table> 1151 <p> 1152 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1153 </p> 1154 <p>** Android 7.0 Google 1155 </p> 1156 1157 1158 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU </h3> 1159 <p> 1160 Qualcomm GPU 1161 </p> 1162 1163 <table> 1164 <col width="19%"> 1165 <col width="20%"> 1166 <col width="10%"> 1167 <col width="23%"> 1168 <col width="17%"> 1169 <tr> 1170 <th>CVE</th> 1171 <th></th> 1172 <th></th> 1173 <th> Google </th> 1174 <th></th> 1175 </tr> 1176 <tr> 1177 <td>CVE-2016-8434</td> 1178 <td>A-32125137<br> 1179 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9"> 1180 QC-CR#1081855</a></td> 1181 <td></td> 1182 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1183 <td>2016 10 12 </td> 1184 </tr> 1185 </table> 1186 1187 1188 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU </h3> 1189 <p> 1190 NVIDIA GPU 1191 </p> 1192 1193 <table> 1194 <col width="19%"> 1195 <col width="20%"> 1196 <col width="10%"> 1197 <col width="23%"> 1198 <col width="17%"> 1199 <tr> 1200 <th>CVE</th> 1201 <th></th> 1202 <th></th> 1203 <th> Google </th> 1204 <th></th> 1205 </tr> 1206 <tr> 1207 <td>CVE-2016-8435</td> 1208 <td>A-32700935*<br> 1209 N-CVE-2016-8435</td> 1210 <td></td> 1211 <td>Pixel C</td> 1212 <td>2015 11 7 </td> 1213 </tr> 1214 </table> 1215 <p> 1216 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1217 </p> 1218 1219 1220 <h3 id="eop-in-qualcomm-video-driver">Qualcomm </h3> 1221 <p> 1222 Qualcomm 1223 </p> 1224 1225 <table> 1226 <col width="19%"> 1227 <col width="20%"> 1228 <col width="10%"> 1229 <col width="23%"> 1230 <col width="17%"> 1231 <tr> 1232 <th>CVE</th> 1233 <th></th> 1234 <th></th> 1235 <th> Google </th> 1236 <th></th> 1237 </tr> 1238 <tr> 1239 <td>CVE-2016-8436</td> 1240 <td>A-32450261<br> 1241 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced"> 1242 QC-CR#1007860</a></td> 1243 <td></td> 1244 <td>*</td> 1245 <td>2016 10 13 </td> 1246 </tr> 1247 </table> 1248 <p> 1249 * Android 7.0 Google 1250 </p> 1251 1252 1253 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1254 <p>Qualcomm Qualcomm AMSS 2015 11 2016 8 2016 9 2016 10 1255 </p> 1256 1257 <table> 1258 <col width="19%"> 1259 <col width="20%"> 1260 <col width="10%"> 1261 <col width="23%"> 1262 <col width="17%"> 1263 <tr> 1264 <th>CVE</th> 1265 <th></th> 1266 <th>*</th> 1267 <th> Google </th> 1268 <th></th> 1269 </tr> 1270 <tr> 1271 <td>CVE-2016-8438</td> 1272 <td>A-31624565**</td> 1273 <td></td> 1274 <td>***</td> 1275 <td>Qualcomm </td> 1276 </tr> 1277 <tr> 1278 <td>CVE-2016-8442</td> 1279 <td>A-31625910**</td> 1280 <td></td> 1281 <td>***</td> 1282 <td>Qualcomm </td> 1283 </tr> 1284 <tr> 1285 <td>CVE-2016-8443</td> 1286 <td>A-32576499**</td> 1287 <td></td> 1288 <td>***</td> 1289 <td>Qualcomm </td> 1290 </tr> 1291 <tr> 1292 <td>CVE-2016-8437</td> 1293 <td>A-31623057**</td> 1294 <td></td> 1295 <td>***</td> 1296 <td>Qualcomm </td> 1297 </tr> 1298 <tr> 1299 <td>CVE-2016-8439</td> 1300 <td>A-31625204**</td> 1301 <td></td> 1302 <td>***</td> 1303 <td>Qualcomm </td> 1304 </tr> 1305 <tr> 1306 <td>CVE-2016-8440</td> 1307 <td>A-31625306**</td> 1308 <td></td> 1309 <td>***</td> 1310 <td>Qualcomm </td> 1311 </tr> 1312 <tr> 1313 <td>CVE-2016-8441</td> 1314 <td>A-31625904**</td> 1315 <td></td> 1316 <td>***</td> 1317 <td>Qualcomm </td> 1318 </tr> 1319 <tr> 1320 <td>CVE-2016-8398</td> 1321 <td>A-31548486**</td> 1322 <td></td> 1323 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1324 <td>Qualcomm </td> 1325 </tr> 1326 <tr> 1327 <td>CVE-2016-8459</td> 1328 <td>A-32577972**</td> 1329 <td></td> 1330 <td>***</td> 1331 <td>Qualcomm </td> 1332 </tr> 1333 <tr> 1334 <td>CVE-2016-5080</td> 1335 <td>A-31115235**</td> 1336 <td></td> 1337 <td>Nexus 5X</td> 1338 <td>Qualcomm </td> 1339 </tr> 1340 </table> 1341 <p>* 1342 </p> 1343 <p> 1344 ** <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1345 </p> 1346 <p>*** Android 7.0 Google 1347 </p> 1348 1349 1350 <h3 id="eop-in-qualcomm-camera">Qualcomm </h3> 1351 <p>Qualcomm 1352 </p> 1353 1354 <table> 1355 <col width="19%"> 1356 <col width="20%"> 1357 <col width="10%"> 1358 <col width="23%"> 1359 <col width="17%"> 1360 <tr> 1361 <th>CVE</th> 1362 <th></th> 1363 <th></th> 1364 <th> Google </th> 1365 <th></th> 1366 </tr> 1367 <tr> 1368 <td>CVE-2016-8412</td> 1369 <td>A-31225246<br> 1370 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786"> 1371 QC-CR#1071891</a></td> 1372 <td></td> 1373 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1374 <td>2016 8 26 </td> 1375 </tr> 1376 <tr> 1377 <td>CVE-2016-8444</td> 1378 <td>A-31243641*<br> 1379 QC-CR#1074310</td> 1380 <td></td> 1381 <td>Nexus 5XNexus 6Nexus 6P</td> 1382 <td>2016 8 26 </td> 1383 </tr> 1384 </table> 1385 <p> 1386 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1387 </p> 1388 1389 1390 <h3 id="eop-in-mediatek-components">MediaTek </h3> 1391 <p> MediaTek 1392 </p> 1393 1394 <table> 1395 <col width="19%"> 1396 <col width="20%"> 1397 <col width="10%"> 1398 <col width="23%"> 1399 <col width="17%"> 1400 <tr> 1401 <th>CVE</th> 1402 <th></th> 1403 <th></th> 1404 <th> Google </th> 1405 <th></th> 1406 </tr> 1407 <tr> 1408 <td>CVE-2016-8445</td> 1409 <td>A-31747590*<br> 1410 MT-ALPS02968983</td> 1411 <td></td> 1412 <td>**</td> 1413 <td>2016 9 25 </td> 1414 </tr> 1415 <tr> 1416 <td>CVE-2016-8446</td> 1417 <td>A-31747749*<br> 1418 MT-ALPS02968909</td> 1419 <td></td> 1420 <td>**</td> 1421 <td>2016 9 25 </td> 1422 </tr> 1423 <tr> 1424 <td>CVE-2016-8447</td> 1425 <td>A-31749463*<br> 1426 MT-ALPS02968886</td> 1427 <td></td> 1428 <td>**</td> 1429 <td>2016 9 25 </td> 1430 </tr> 1431 <tr> 1432 <td>CVE-2016-8448</td> 1433 <td>A-31791148*<br> 1434 MT-ALPS02982181</td> 1435 <td></td> 1436 <td>**</td> 1437 <td>2016 9 28 </td> 1438 </tr> 1439 </table> 1440 <p> 1441 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1442 </p> 1443 <p>** Android 7.0 Google 1444 </p> 1445 1446 1447 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1448 <p> 1449 Qualcomm Wi-Fi 1450 </p> 1451 1452 <table> 1453 <col width="19%"> 1454 <col width="20%"> 1455 <col width="10%"> 1456 <col width="23%"> 1457 <col width="17%"> 1458 <tr> 1459 <th>CVE</th> 1460 <th></th> 1461 <th></th> 1462 <th> Google </th> 1463 <th></th> 1464 </tr> 1465 <tr> 1466 <td>CVE-2016-8415</td> 1467 <td>A-31750554<br> 1468 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394"> 1469 QC-CR#1079596</a></td> 1470 <td></td> 1471 <td>Nexus 5XPixelPixel XL</td> 1472 <td>2016 9 26 </td> 1473 </tr> 1474 </table> 1475 1476 1477 <h3 id="eop-in-nvidia-gpu-driver-3">NVIDIA GPU </h3> 1478 <p> 1479 NVIDIA GPU 1480 </p> 1481 1482 <table> 1483 <col width="19%"> 1484 <col width="20%"> 1485 <col width="10%"> 1486 <col width="23%"> 1487 <col width="17%"> 1488 <tr> 1489 <th>CVE</th> 1490 <th></th> 1491 <th></th> 1492 <th> Google </th> 1493 <th></th> 1494 </tr> 1495 <tr> 1496 <td>CVE-2016-8449</td> 1497 <td>A-31798848*<br> 1498 N-CVE-2016-8449</td> 1499 <td></td> 1500 <td>Nexus 9</td> 1501 <td>2016 9 28 </td> 1502 </tr> 1503 </table> 1504 <p> 1505 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1506 </p> 1507 1508 1509 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1510 <p> 1511 Qualcomm 1512 </p> 1513 1514 <table> 1515 <col width="19%"> 1516 <col width="20%"> 1517 <col width="10%"> 1518 <col width="23%"> 1519 <col width="17%"> 1520 <tr> 1521 <th>CVE</th> 1522 <th></th> 1523 <th></th> 1524 <th> Google </th> 1525 <th></th> 1526 </tr> 1527 <tr> 1528 <td>CVE-2016-8450</td> 1529 <td>A-32450563<br> 1530 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb"> 1531 QC-CR#880388</a></td> 1532 <td></td> 1533 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1534 <td>2016 10 13 </td> 1535 </tr> 1536 </table> 1537 1538 1539 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1540 <p> 1541 Synaptics 1542 </p> 1543 1544 <table> 1545 <col width="19%"> 1546 <col width="20%"> 1547 <col width="10%"> 1548 <col width="23%"> 1549 <col width="17%"> 1550 <tr> 1551 <th>CVE</th> 1552 <th></th> 1553 <th></th> 1554 <th> Google </th> 1555 <th></th> 1556 </tr> 1557 <tr> 1558 <td>CVE-2016-8451</td> 1559 <td>A-32178033*</td> 1560 <td></td> 1561 <td>**</td> 1562 <td>2016 10 13 </td> 1563 </tr> 1564 </table> 1565 <p> 1566 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1567 </p> 1568 <p>** Android 7.0 Google 1569 </p> 1570 1571 1572 <h3 id="eop-in-kernel-security-subsystem"> </h3> 1573 <p> 1574 </p> 1575 1576 <table> 1577 <col width="19%"> 1578 <col width="20%"> 1579 <col width="10%"> 1580 <col width="23%"> 1581 <col width="17%"> 1582 <tr> 1583 <th>CVE</th> 1584 <th></th> 1585 <th></th> 1586 <th> Google </th> 1587 <th></th> 1588 </tr> 1589 <tr> 1590 <td>CVE-2016-7042</td> 1591 <td>A-32178986<br> 1592 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc"> 1593 </a></td> 1594 <td></td> 1595 <td>Pixel C</td> 1596 <td>2016 10 14 </td> 1597 </tr> 1598 </table> 1599 1600 1601 <h3 id="eop-in-kernel-performance-subsystem"> </h3> 1602 <p> 1603 1604 </p> 1605 1606 <table> 1607 <col width="19%"> 1608 <col width="20%"> 1609 <col width="10%"> 1610 <col width="23%"> 1611 <col width="17%"> 1612 <tr> 1613 <th>CVE</th> 1614 <th></th> 1615 <th></th> 1616 <th> Google </th> 1617 <th></th> 1618 </tr> 1619 <tr> 1620 <td>CVE-2017-0403</td> 1621 <td>A-32402548*</td> 1622 <td></td> 1623 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1624 <td>2016 10 25 </td> 1625 </tr> 1626 </table> 1627 <p> 1628 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1629 </p> 1630 1631 1632 <h3 id="eop-in-kernel-sound-subsystem"> </h3> 1633 <p> 1634 1635 </p> 1636 1637 <table> 1638 <col width="19%"> 1639 <col width="20%"> 1640 <col width="10%"> 1641 <col width="23%"> 1642 <col width="17%"> 1643 <tr> 1644 <th>CVE</th> 1645 <th></th> 1646 <th></th> 1647 <th> Google </th> 1648 <th></th> 1649 </tr> 1650 <tr> 1651 <td>CVE-2017-0404</td> 1652 <td>A-32510733*</td> 1653 <td></td> 1654 <td>Nexus 5XNexus 6PNexus 9Pixel CNexus PlayerPixelPixel XL</td> 1655 <td>2016 10 27 </td> 1656 </tr> 1657 </table> 1658 <p> 1659 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1660 </p> 1661 1662 1663 <h3 id="eop-in-qualcomm-wi-fi-driver-2">Qualcomm Wi-Fi </h3> 1664 <p> 1665 Qualcomm Wi-Fi 1666 </p> 1667 1668 <table> 1669 <col width="19%"> 1670 <col width="20%"> 1671 <col width="10%"> 1672 <col width="23%"> 1673 <col width="17%"> 1674 <tr> 1675 <th>CVE</th> 1676 <th></th> 1677 <th></th> 1678 <th> Google </th> 1679 <th></th> 1680 </tr> 1681 <tr> 1682 <td>CVE-2016-8452</td> 1683 <td>A-32506396<br> 1684 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526"> 1685 QC-CR#1050323</a></td> 1686 <td></td> 1687 <td>Nexus 5XAndroid OnePixelPixel XL</td> 1688 <td>2016 10 28 </td> 1689 </tr> 1690 </table> 1691 1692 1693 <h3 id="eop-in-qualcomm-radio-driver">Qualcomm </h3> 1694 <p>Qualcomm 1695 </p> 1696 1697 <table> 1698 <col width="19%"> 1699 <col width="20%"> 1700 <col width="10%"> 1701 <col width="23%"> 1702 <col width="17%"> 1703 <tr> 1704 <th>CVE</th> 1705 <th></th> 1706 <th></th> 1707 <th> Google </th> 1708 <th></th> 1709 </tr> 1710 <tr> 1711 <td>CVE-2016-5345</td> 1712 <td>A-32639452<br> 1713 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6"> 1714 QC-CR#1079713</a></td> 1715 <td></td> 1716 <td>Android One</td> 1717 <td>2015 11 3 </td> 1718 </tr> 1719 </table> 1720 1721 1722 <h3 id="eop-in-kernel-profiling-subsystem"> </h3> 1723 <p> 1724 </p> 1725 1726 <table> 1727 <col width="19%"> 1728 <col width="20%"> 1729 <col width="10%"> 1730 <col width="23%"> 1731 <col width="17%"> 1732 <tr> 1733 <th>CVE</th> 1734 <th></th> 1735 <th></th> 1736 <th> Google </th> 1737 <th></th> 1738 </tr> 1739 <tr> 1740 <td>CVE-2016-9754</td> 1741 <td>A-32659848<br> 1742 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6"> 1743 </a></td> 1744 <td></td> 1745 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus Player</td> 1746 <td>2016 11 4 </td> 1747 </tr> 1748 </table> 1749 1750 1751 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1752 <p> 1753 Broadcom Wi-Fi 1754 </p> 1755 1756 <table> 1757 <col width="19%"> 1758 <col width="20%"> 1759 <col width="10%"> 1760 <col width="23%"> 1761 <col width="17%"> 1762 <tr> 1763 <th>CVE</th> 1764 <th></th> 1765 <th></th> 1766 <th> Google </th> 1767 <th></th> 1768 </tr> 1769 <tr> 1770 <td>CVE-2016-8453 1771 </td> 1772 <td>A-24739315*<br> 1773 B-RB#73392</td> 1774 <td></td> 1775 <td>Nexus 6</td> 1776 <td>Google </td> 1777 </tr> 1778 <tr> 1779 <td>CVE-2016-8454</td> 1780 <td>A-32174590*<br> 1781 B-RB#107142</td> 1782 <td></td> 1783 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1784 <td>2016 10 14 </td> 1785 </tr> 1786 <tr> 1787 <td>CVE-2016-8455</td> 1788 <td>A-32219121*<br> 1789 B-RB#106311</td> 1790 <td></td> 1791 <td>Nexus 6P</td> 1792 <td>2016 10 15 </td> 1793 </tr> 1794 <tr> 1795 <td>CVE-2016-8456</td> 1796 <td>A-32219255*<br> 1797 B-RB#105580</td> 1798 <td></td> 1799 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1800 <td>2016 10 15 </td> 1801 </tr> 1802 <tr> 1803 <td>CVE-2016-8457</td> 1804 <td>A-32219453*<br> 1805 B-RB#106116</td> 1806 <td></td> 1807 <td>Nexus 6Nexus 6PNexus 9Pixel C</td> 1808 <td>2016 10 15 </td> 1809 </tr> 1810 </table> 1811 <p> 1812 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1813 </p> 1814 1815 1816 <h3 id="eop-in-synaptics-touchscreen-driver-2">Synaptics </h3> 1817 <p> 1818 Synaptics 1819 </p> 1820 1821 <table> 1822 <col width="19%"> 1823 <col width="20%"> 1824 <col width="10%"> 1825 <col width="23%"> 1826 <col width="17%"> 1827 <tr> 1828 <th>CVE</th> 1829 <th></th> 1830 <th></th> 1831 <th> Google </th> 1832 <th></th> 1833 </tr> 1834 <tr> 1835 <td>CVE-2016-8458</td> 1836 <td>A-31968442*</td> 1837 <td></td> 1838 <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1839 <td>Google </td> 1840 </tr> 1841 </table> 1842 <p> 1843 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1844 </p> 1845 1846 1847 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1848 <p> 1849 NVIDIA 1850 </p> 1851 1852 <table> 1853 <col width="19%"> 1854 <col width="20%"> 1855 <col width="10%"> 1856 <col width="23%"> 1857 <col width="17%"> 1858 <tr> 1859 <th>CVE</th> 1860 <th></th> 1861 <th></th> 1862 <th> Google </th> 1863 <th></th> 1864 </tr> 1865 <tr> 1866 <td>CVE-2016-8460</td> 1867 <td>A-31668540*<br> 1868 N-CVE-2016-8460</td> 1869 <td></td> 1870 <td>Nexus 9</td> 1871 <td>2016 9 21 </td> 1872 </tr> 1873 </table> 1874 <p> 1875 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1876 </p> 1877 1878 1879 <h3 id="id-in-bootloader"></h3> 1880 <p> 1881 </p> 1882 1883 <table> 1884 <col width="19%"> 1885 <col width="20%"> 1886 <col width="10%"> 1887 <col width="23%"> 1888 <col width="17%"> 1889 <tr> 1890 <th>CVE</th> 1891 <th></th> 1892 <th></th> 1893 <th> Google </th> 1894 <th></th> 1895 </tr> 1896 <tr> 1897 <td>CVE-2016-8461</td> 1898 <td>A-32369621*</td> 1899 <td></td> 1900 <td>Nexus 9PixelPixel XL</td> 1901 <td>2016 10 21 </td> 1902 </tr> 1903 <tr> 1904 <td>CVE-2016-8462</td> 1905 <td>A-32510383*</td> 1906 <td></td> 1907 <td>PixelPixel XL</td> 1908 <td>2016 10 27 </td> 1909 </tr> 1910 </table> 1911 <p> 1912 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1913 </p> 1914 1915 1916 <h3 id="dos-in-qualcomm-fuse-file-system">Qualcomm FUSE </h3> 1917 <p>Qualcomm FUSE 1918 </p> 1919 1920 <table> 1921 <col width="19%"> 1922 <col width="20%"> 1923 <col width="10%"> 1924 <col width="23%"> 1925 <col width="17%"> 1926 <tr> 1927 <th>CVE</th> 1928 <th></th> 1929 <th></th> 1930 <th> Google </th> 1931 <th></th> 1932 </tr> 1933 <tr> 1934 <td>CVE-2016-8463</td> 1935 <td>A-30786860<br> 1936 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10"> 1937 QC-CR#586855</a></td> 1938 <td></td> 1939 <td>*</td> 1940 <td>2016 1 3 </td> 1941 </tr> 1942 </table> 1943 <p> 1944 * Android 7.0 Google 1945 </p> 1946 1947 1948 <h3 id="dos-in-bootloader"></h3> 1949 <p> 1950 </p> 1951 1952 <table> 1953 <col width="19%"> 1954 <col width="20%"> 1955 <col width="10%"> 1956 <col width="23%"> 1957 <col width="17%"> 1958 <tr> 1959 <th>CVE</th> 1960 <th></th> 1961 <th></th> 1962 <th> Google </th> 1963 <th></th> 1964 </tr> 1965 <tr> 1966 <td>CVE-2016-8467</td> 1967 <td>A-30308784*</td> 1968 <td></td> 1969 <td>Nexus 6Nexus 6P</td> 1970 <td>2016 6 29 </td> 1971 </tr> 1972 </table> 1973 <p> 1974 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 1975 </p> 1976 1977 1978 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi </h3> 1979 <p> 1980 Broadcom Wi-Fi 1981 </p> 1982 1983 <table> 1984 <col width="19%"> 1985 <col width="20%"> 1986 <col width="10%"> 1987 <col width="23%"> 1988 <col width="17%"> 1989 <tr> 1990 <th>CVE</th> 1991 <th></th> 1992 <th></th> 1993 <th> Google </th> 1994 <th></th> 1995 </tr> 1996 <tr> 1997 <td>CVE-2016-8464</td> 1998 <td>A-29000183*<br> 1999 B-RB#106314</td> 2000 <td></td> 2001 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2002 <td>2016 5 26 </td> 2003 </tr> 2004 <tr> 2005 <td>CVE-2016-8466</td> 2006 <td>A-31822524*<br> 2007 B-RB#105268</td> 2008 <td></td> 2009 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2010 <td>2016 9 28 </td> 2011 </tr> 2012 <tr> 2013 <td>CVE-2016-8465</td> 2014 <td>A-32474971*<br> 2015 B-RB#106053</td> 2016 <td></td> 2017 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2018 <td>2016 10 27 </td> 2019 </tr> 2020 </table> 2021 <p> 2022 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 2023 </p> 2024 2025 2026 <h3 id="eop-in-bootloader"></h3> 2027 <p> 2028 </p> 2029 2030 <table> 2031 <col width="19%"> 2032 <col width="20%"> 2033 <col width="10%"> 2034 <col width="23%"> 2035 <col width="17%"> 2036 <tr> 2037 <th>CVE</th> 2038 <th></th> 2039 <th></th> 2040 <th> Google </th> 2041 <th></th> 2042 </tr> 2043 <tr> 2044 <td>CVE-2016-8467</td> 2045 <td>A-30308784*</td> 2046 <td></td> 2047 <td>Nexus 6Nexus 6P</td> 2048 <td>2016 6 29 </td> 2049 </tr> 2050 </table> 2051 <p> 2052 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 2053 </p> 2054 2055 2056 <h3 id="eop-in-binder">Binder </h3> 2057 <p>Binder 2058 </p> 2059 2060 <table> 2061 <col width="19%"> 2062 <col width="20%"> 2063 <col width="10%"> 2064 <col width="23%"> 2065 <col width="17%"> 2066 <tr> 2067 <th>CVE</th> 2068 <th></th> 2069 <th></th> 2070 <th> Google </th> 2071 <th></th> 2072 </tr> 2073 <tr> 2074 <td>CVE-2016-8468</td> 2075 <td>A-32394425*</td> 2076 <td></td> 2077 <td>Pixel CPixelPixel XL</td> 2078 <td>Google </td> 2079 </tr> 2080 </table> 2081 <p> 2082 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 2083 </p> 2084 2085 2086 <h3 id="id-in-nvidia-camera-driver">NVIDIA </h3> 2087 <p>NVIDIA 2088 </p> 2089 2090 <table> 2091 <col width="19%"> 2092 <col width="20%"> 2093 <col width="10%"> 2094 <col width="23%"> 2095 <col width="17%"> 2096 <tr> 2097 <th>CVE</th> 2098 <th></th> 2099 <th></th> 2100 <th> Google </th> 2101 <th></th> 2102 </tr> 2103 <tr> 2104 <td>CVE-2016-8469</td> 2105 <td>A-31351206*<br> 2106 N-CVE-2016-8469</td> 2107 <td></td> 2108 <td>Nexus 9</td> 2109 <td>2016 9 7 </td> 2110 </tr> 2111 </table> 2112 <p> 2113 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 2114 </p> 2115 2116 2117 <h3 id="id-in-mediatek-driver">MediaTek </h3> 2118 <p>MediaTek 2119 </p> 2120 2121 <table> 2122 <col width="19%"> 2123 <col width="20%"> 2124 <col width="10%"> 2125 <col width="23%"> 2126 <col width="17%"> 2127 <tr> 2128 <th>CVE</th> 2129 <th></th> 2130 <th></th> 2131 <th> Google </th> 2132 <th></th> 2133 </tr> 2134 <tr> 2135 <td>CVE-2016-8470</td> 2136 <td>A-31528889*<br> 2137 MT-ALPS02961395</td> 2138 <td></td> 2139 <td>**</td> 2140 <td>2016 9 15 </td> 2141 </tr> 2142 <tr> 2143 <td>CVE-2016-8471</td> 2144 <td>A-31528890*<br> 2145 MT-ALPS02961380</td> 2146 <td></td> 2147 <td>**</td> 2148 <td>2016 9 15 </td> 2149 </tr> 2150 <tr> 2151 <td>CVE-2016-8472</td> 2152 <td>A-31531758*<br> 2153 MT-ALPS02961384</td> 2154 <td></td> 2155 <td>**</td> 2156 <td>2016 9 15 </td> 2157 </tr> 2158 </table> 2159 <p> 2160 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 2161 </p> 2162 <p>** Android 7.0 Google 2163 </p> 2164 2165 2166 <h3 id="id-in-stmicroelectronics-driver">STMicroelectronics </h3> 2167 <p>STMicroelectronics 2168 </p> 2169 2170 <table> 2171 <col width="19%"> 2172 <col width="20%"> 2173 <col width="10%"> 2174 <col width="23%"> 2175 <col width="17%"> 2176 <tr> 2177 <th>CVE</th> 2178 <th></th> 2179 <th></th> 2180 <th> Google </th> 2181 <th></th> 2182 </tr> 2183 <tr> 2184 <td>CVE-2016-8473</td> 2185 <td>A-31795790*</td> 2186 <td></td> 2187 <td>Nexus 5XNexus 6P</td> 2188 <td>2016 9 28 </td> 2189 </tr> 2190 <tr> 2191 <td>CVE-2016-8474</td> 2192 <td>A-31799972*</td> 2193 <td></td> 2194 <td>Nexus 5XNexus 6P</td> 2195 <td>2016 9 28 </td> 2196 </tr> 2197 </table> 2198 <p> 2199 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 2200 </p> 2201 2202 2203 <h3 id="id-in-qualcomm-audio-post-processor-">Qualcomm </h3> 2204 <p>Qualcomm 2205 </p> 2206 2207 <table> 2208 <col width="18%"> 2209 <col width="17%"> 2210 <col width="10%"> 2211 <col width="19%"> 2212 <col width="18%"> 2213 <col width="17%"> 2214 <tr> 2215 <th>CVE</th> 2216 <th></th> 2217 <th></th> 2218 <th> Google </th> 2219 <th> AOSP </th> 2220 <th></th> 2221 </tr> 2222 <tr> 2223 <td>CVE-2017-0399 2224 </td> 2225 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2226 A-32588756</a> 2227 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2228 <td></td> 2229 <td></td> 2230 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2231 <td>2016 10 18 </td> 2232 </tr> 2233 <tr> 2234 <td>CVE-2017-0400</td> 2235 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2236 A-32438598</a> 2237 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2238 </td> 2239 <td></td> 2240 <td></td> 2241 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2242 <td>2016 10 25 </td> 2243 </tr> 2244 <tr> 2245 <td>CVE-2017-0401</td> 2246 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 2247 A-32588016</a> 2248 </td> 2249 <td></td> 2250 <td></td> 2251 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2252 <td>2016 10 26 </td> 2253 </tr> 2254 <tr> 2255 <td>CVE-2017-0402</td> 2256 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2257 A-32588352</a> 2258 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2259 </td> 2260 <td></td> 2261 <td></td> 2262 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2263 <td>2016 10 25 </td> 2264 </tr> 2265 </table> 2266 2267 2268 <h3 id="id-in-htc-input-driver">HTC </h3> 2269 <p>HTC 2270 </p> 2271 2272 <table> 2273 <col width="19%"> 2274 <col width="20%"> 2275 <col width="10%"> 2276 <col width="23%"> 2277 <col width="17%"> 2278 <tr> 2279 <th>CVE</th> 2280 <th></th> 2281 <th></th> 2282 <th> Google </th> 2283 <th></th> 2284 </tr> 2285 <tr> 2286 <td>CVE-2016-8475</td> 2287 <td>A-32591129*</td> 2288 <td></td> 2289 <td>PixelPixel XL</td> 2290 <td>2016 10 30 </td> 2291 </tr> 2292 </table> 2293 <p> 2294 * <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus 2295 </p> 2296 2297 2298 <h3 id="dos-in-kernel-file-system"> </h3> 2299 <p> 2300 </p> 2301 2302 <table> 2303 <col width="19%"> 2304 <col width="20%"> 2305 <col width="10%"> 2306 <col width="23%"> 2307 <col width="17%"> 2308 <tr> 2309 <th>CVE</th> 2310 <th></th> 2311 <th></th> 2312 <th> Google </th> 2313 <th></th> 2314 </tr> 2315 <tr> 2316 <td>CVE-2014-9420</td> 2317 <td>A-32477499<br> 2318 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d"> 2319 </a></td> 2320 <td></td> 2321 <td>Pixel C</td> 2322 <td>2014 12 15 </td> 2323 </tr> 2324 </table> 2325 2326 <h2 id="common-questions-and-answers"></h2> 2327 <p></p> 2328 2329 <p><strong>1. 2330 </strong></p> 2331 2332 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 2333 <ul> 2334 <li> 2017-01-01 2017-01-01 </li> 2335 <li> 2017-01-05 2017-01-05</li> 2336 </ul> 2337 <p></p> 2338 <ul> 2339 <li>[ro.build.version.security_patch]:[2017-01-01]</li> 2340 <li>[ro.build.version.security_patch]:[2017-01-05]</li> 2341 </ul> 2342 <p><strong>2. 2 </strong></p> 2343 2344 <p>2 Android Android Android </p> 2345 <ul> 2346 <li>2017 1 1 </li> 2347 <li>2017 1 5 </li> 2348 </ul> 2349 <p> 1 </p> 2350 2351 <p><strong>3. Google </strong></p> 2352 2353 <p><a href="#2017-01-01-details">2017-01-01</a> <a href="#2017-01-05-details">2017-01-05</a> Google <em></em> Google </p> 2354 <ul> 2355 <li><strong> Google </strong>: Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 72013Nexus 9Android OneNexus PlayerPixel CPixelPixel XL</li> 2356 <li><strong> Google </strong>: Google Google <em></em> Google </li> 2357 <li><strong>Google </strong>: Android Google Google <em></em></li> 2358 </ul> 2359 <p><strong>4. </strong></p> 2360 2361 <p><em></em></p> 2362 2363 <table> 2364 <tr> 2365 <th></th> 2366 <th></th> 2367 </tr> 2368 <tr> 2369 <td>A-</td> 2370 <td>Android ID</td> 2371 </tr> 2372 <tr> 2373 <td>QC-</td> 2374 <td>Qualcomm </td> 2375 </tr> 2376 <tr> 2377 <td>M-</td> 2378 <td>MediaTek </td> 2379 </tr> 2380 <tr> 2381 <td>N-</td> 2382 <td>NVIDIA </td> 2383 </tr> 2384 <tr> 2385 <td>B-</td> 2386 <td>Broadcom </td> 2387 </tr> 2388 </table> 2389 <h2 id="revisions"></h2> 2390 <ul> 2391 <li>2017 1 3 : </li> 2392 <li>2017 1 4 : AOSP </li> 2393 <li>2017 1 5 : AOSP 7.1 7.1.1 </li> 2394 </ul> 2395 2396 </body> 2397 </html> 2398
