1 <html devsite> 2 <head> 3 <title>Android - 2017 3 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 <p><em>2017 3 6 | 2017 3 7 </em></p> 24 <p>Android Android Google OTAGoogle <a href="https://developers.google.com/android/nexus/images">Google </a>2017 3 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 25 <p> 2017 2 6 Android AOSP AOSP </p> 26 <p>MMS </p> 27 <p><a href="{@docRoot}security/enhancements/index.html">Android </a> <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> <a href="#mitigations">Android Google </a>Android </p> 28 <p></p> 29 <h2 id="announcements"></h2> 30 <ul> 31 <li>2 Android Android <a href="#common-questions-and-answers"></a> 32 <ul> 33 <li><strong>2017-03-01</strong>: 2017-03-01 </li> 34 <li><strong>2017-03-05</strong>: 2017-03-01 2017-03-05 </li> 35 </ul> 36 </li> 37 <li> Google 2017 3 5 1 OTA </li> 38 </ul> 39 <h2 id="security-vulnerability-summary"></h2> 40 <p>CVEGoogle <a href="{@docRoot}security/overview/updates-resources.html#severity"></a></p> 41 <h3 id="2017-03-01-summary"> 2017-03-01 </h3> 42 <p> 2017-03-01 </p> 43 <table> 44 <col width="55%"> 45 <col width="20%"> 46 <col width="13%"> 47 <col width="12%"> 48 <tr> 49 <th></th> 50 <th>CVE</th> 51 <th></th> 52 <th>Google </th> 53 </tr> 54 <tr> 55 <td>OpenSSL BoringSSL </td> 56 <td>CVE-2016-2182</td> 57 <td></td> 58 <td></td> 59 </tr> 60 <tr> 61 <td></td> 62 <td>CVE-2017-0466CVE-2017-0467CVE-2017-0468CVE-2017-0469CVE-2017-0470CVE-2017-0471CVE-2017-0472CVE-2017-0473CVE-2017-0474</td> 63 <td></td> 64 <td></td> 65 </tr> 66 <tr> 67 <td> </td> 68 <td>CVE-2017-0475</td> 69 <td></td> 70 <td></td> 71 </tr> 72 <tr> 73 <td>AOSP </td> 74 <td>CVE-2017-0476</td> 75 <td></td> 76 <td></td> 77 </tr> 78 <tr> 79 <td>libgdx </td> 80 <td>CVE-2017-0477</td> 81 <td></td> 82 <td></td> 83 </tr> 84 <tr> 85 <td>Framesequence </td> 86 <td>CVE-2017-0478</td> 87 <td></td> 88 <td></td> 89 </tr> 90 <tr> 91 <td>NFC </td> 92 <td>CVE-2017-0481</td> 93 <td></td> 94 <td></td> 95 </tr> 96 <tr> 97 <td></td> 98 <td>CVE-2017-0479CVE-2017-0480</td> 99 <td></td> 100 <td></td> 101 </tr> 102 <tr> 103 <td></td> 104 <td>CVE-2017-0482CVE-2017-0483CVE-2017-0484CVE-2017-0485CVE-2017-0486CVE-2017-0487CVE-2017-0488</td> 105 <td></td> 106 <td></td> 107 </tr> 108 <tr> 109 <td> </td> 110 <td>CVE-2017-0489</td> 111 <td></td> 112 <td></td> 113 </tr> 114 <tr> 115 <td>Wi-Fi </td> 116 <td>CVE-2017-0490</td> 117 <td></td> 118 <td></td> 119 </tr> 120 <tr> 121 <td> </td> 122 <td>CVE-2017-0491</td> 123 <td></td> 124 <td></td> 125 </tr> 126 <tr> 127 <td> UI </td> 128 <td>CVE-2017-0492</td> 129 <td></td> 130 <td></td> 131 </tr> 132 <tr> 133 <td>AOSP </td> 134 <td>CVE-2017-0494</td> 135 <td></td> 136 <td></td> 137 </tr> 138 <tr> 139 <td></td> 140 <td>CVE-2017-0495</td> 141 <td></td> 142 <td></td> 143 </tr> 144 <tr> 145 <td> </td> 146 <td>CVE-2017-0496</td> 147 <td></td> 148 <td></td> 149 </tr> 150 <tr> 151 <td></td> 152 <td>CVE-2017-0497</td> 153 <td></td> 154 <td></td> 155 </tr> 156 <tr> 157 <td> </td> 158 <td>CVE-2017-0498</td> 159 <td></td> 160 <td>*</td> 161 </tr> 162 <tr> 163 <td></td> 164 <td>CVE-2017-0499</td> 165 <td></td> 166 <td></td> 167 </tr> 168 </table> 169 <p>* Android 7.0 Google </p> 170 <h3 id="2017-03-05-summary"> 2017-03-05 </h3> 171 <p> 2017-03-05 2017-03-01 </p> 172 <table> 173 <col width="55%"> 174 <col width="20%"> 175 <col width="13%"> 176 <col width="12%"> 177 <tr> 178 <th></th> 179 <th>CVE</th> 180 <th></th> 181 <th>Google </th> 182 </tr> 183 <tr> 184 <td>MediaTek </td> 185 <td>CVE-2017-0500CVE-2017-0501CVE-2017-0502CVE-2017-0503CVE-2017-0504CVE-2017-0505CVE-2017-0506</td> 186 <td></td> 187 <td>*</td> 188 </tr> 189 <tr> 190 <td>NVIDIA GPU </td> 191 <td>CVE-2017-0337CVE-2017-0338CVE-2017-0333CVE-2017-0306CVE-2017-0335</td> 192 <td></td> 193 <td></td> 194 </tr> 195 <tr> 196 <td> ION </td> 197 <td>CVE-2017-0507CVE-2017-0508</td> 198 <td></td> 199 <td></td> 200 </tr> 201 <tr> 202 <td>Broadcom Wi-Fi </td> 203 <td>CVE-2017-0509</td> 204 <td></td> 205 <td>*</td> 206 </tr> 207 <tr> 208 <td> FIQ </td> 209 <td>CVE-2017-0510</td> 210 <td></td> 211 <td></td> 212 </tr> 213 <tr> 214 <td>Qualcomm GPU </td> 215 <td>CVE-2016-8479</td> 216 <td></td> 217 <td></td> 218 </tr> 219 <tr> 220 <td> </td> 221 <td>CVE-2016-9806CVE-2016-10200</td> 222 <td></td> 223 <td></td> 224 </tr> 225 <tr> 226 <td>Qualcomm </td> 227 <td>CVE-2016-8484CVE-2016-8485CVE-2016-8486CVE-2016-8487CVE-2016-8488</td> 228 <td></td> 229 <td>*</td> 230 </tr> 231 <tr> 232 <td> </td> 233 <td>CVE-2016-8655CVE-2016-9793</td> 234 <td></td> 235 <td></td> 236 </tr> 237 <tr> 238 <td>Qualcomm </td> 239 <td>CVE-2017-0516</td> 240 <td></td> 241 <td></td> 242 </tr> 243 <tr> 244 <td>MediaTek </td> 245 <td>CVE-2017-0517</td> 246 <td></td> 247 <td>*</td> 248 </tr> 249 <tr> 250 <td>Qualcomm ADSPRPC </td> 251 <td>CVE-2017-0457</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td>Qualcomm </td> 257 <td>CVE-2017-0518CVE-2017-0519</td> 258 <td></td> 259 <td></td> 260 </tr> 261 <tr> 262 <td>Qualcomm crypto </td> 263 <td>CVE-2017-0520</td> 264 <td></td> 265 <td></td> 266 </tr> 267 <tr> 268 <td>Qualcomm </td> 269 <td>CVE-2017-0458CVE-2017-0521</td> 270 <td></td> 271 <td></td> 272 </tr> 273 <tr> 274 <td>MediaTek APK </td> 275 <td>CVE-2017-0522</td> 276 <td></td> 277 <td>*</td> 278 </tr> 279 <tr> 280 <td>Qualcomm Wi-Fi </td> 281 <td>CVE-2017-0464CVE-2017-0453CVE-2017-0523</td> 282 <td></td> 283 <td></td> 284 </tr> 285 <tr> 286 <td>Synaptics </td> 287 <td>CVE-2017-0524</td> 288 <td></td> 289 <td></td> 290 </tr> 291 <tr> 292 <td>Qualcomm IPA </td> 293 <td>CVE-2017-0456CVE-2017-0525</td> 294 <td></td> 295 <td></td> 296 </tr> 297 <tr> 298 <td>HTC </td> 299 <td>CVE-2017-0526CVE-2017-0527</td> 300 <td></td> 301 <td></td> 302 </tr> 303 <tr> 304 <td>NVIDIA GPU </td> 305 <td>CVE-2017-0307</td> 306 <td></td> 307 <td>*</td> 308 </tr> 309 <tr> 310 <td>Qualcomm </td> 311 <td>CVE-2017-0463CVE-2017-0460</td> 312 <td></td> 313 <td></td> 314 </tr> 315 <tr> 316 <td> </td> 317 <td>CVE-2017-0528</td> 318 <td></td> 319 <td></td> 320 </tr> 321 <tr> 322 <td>Qualcomm SPCom </td> 323 <td>CVE-2016-5856CVE-2016-5857</td> 324 <td></td> 325 <td>*</td> 326 </tr> 327 <tr> 328 <td> </td> 329 <td>CVE-2014-8709</td> 330 <td></td> 331 <td></td> 332 </tr> 333 <tr> 334 <td>MediaTek </td> 335 <td>CVE-2017-0529</td> 336 <td></td> 337 <td>*</td> 338 </tr> 339 <tr> 340 <td>Qualcomm </td> 341 <td>CVE-2017-0455</td> 342 <td></td> 343 <td></td> 344 </tr> 345 <tr> 346 <td>Qualcomm </td> 347 <td>CVE-2016-8483</td> 348 <td></td> 349 <td></td> 350 </tr> 351 <tr> 352 <td>NVIDIA GPU </td> 353 <td>CVE-2017-0334CVE-2017-0336</td> 354 <td></td> 355 <td></td> 356 </tr> 357 <tr> 358 <td></td> 359 <td>CVE-2016-8650</td> 360 <td></td> 361 <td></td> 362 </tr> 363 <tr> 364 <td>Qualcomm </td> 365 <td>CVE-2016-8417</td> 366 <td></td> 367 <td></td> 368 </tr> 369 <tr> 370 <td>Qualcomm Wi-Fi </td> 371 <td>CVE-2017-0461CVE-2017-0459CVE-2017-0531</td> 372 <td></td> 373 <td></td> 374 </tr> 375 <tr> 376 <td>MediaTek </td> 377 <td>CVE-2017-0532</td> 378 <td></td> 379 <td>*</td> 380 </tr> 381 <tr> 382 <td>Qualcomm </td> 383 <td>CVE-2017-0533CVE-2017-0534CVE-2016-8416CVE-2016-8478</td> 384 <td></td> 385 <td></td> 386 </tr> 387 <tr> 388 <td>Qualcomm </td> 389 <td>CVE-2016-8413CVE-2016-8477</td> 390 <td></td> 391 <td></td> 392 </tr> 393 <tr> 394 <td>HTC </td> 395 <td>CVE-2017-0535</td> 396 <td></td> 397 <td></td> 398 </tr> 399 <tr> 400 <td>Synaptics </td> 401 <td>CVE-2017-0536</td> 402 <td></td> 403 <td></td> 404 </tr> 405 <tr> 406 <td> USB </td> 407 <td>CVE-2017-0537</td> 408 <td></td> 409 <td></td> 410 </tr> 411 <tr> 412 <td>Qualcomm </td> 413 <td>CVE-2017-0452</td> 414 <td></td> 415 <td></td> 416 </tr> 417 </table> 418 <p>* Android 7.0 Google </p> 419 <h2 id="mitigations">Android Google </h2> 420 <p><a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android </p> 421 <ul> 422 <li>Android Android Google Android </li> 423 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a><a href="http://www.android.com/gms">Google </a>Google Play Google Play </li> 424 <li>Google </li> 425 </ul> 426 <h2 id="acknowledgements"></h2> 427 <p></p> 428 <ul> 429 <li>Google Dynamic Tools Alexander Potapenko: CVE-2017-0537<li>Alibaba Mobile Security Group Baozeng DingChengming YangPeng XiaoYang Song: CVE-2017-0506<li>Alibaba Mobile Security Group Baozeng DingNing YouChengming YangPeng XiaoYang Song: CVE-2017-0463<li>Android Security Billy Lau: CVE-2017-0335CVE-2017-0336CVE-2017-0338CVE-2017-0460<li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a><a href="https://twitter.com/derrekr6">@derrekr6</a>: CVE-2016-8413CVE-2016-8477CVE-2017-0531<li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a><a href="https://twitter.com/derrekr6">@derrekr6</a><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a><a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>: CVE-2017-0521<li>Tencent KeenLab<a href="https://twitter.com/keen_lab">@keen_lab</a> Di Shen<a href="https://twitter.com/returnsme">@returnsme</a>: CVE-2017-0334CVE-2017-0456CVE-2017-0457CVE-2017-0525<li><a href="http://www.ms509.com">MS509Team</a> En He<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>Bo Liu: CVE-2017-0490<li>Qihoo 360 Technology Co. Ltd. IceSword Lab Gengjia Chen<a href="https://twitter.com/chengjia4574">@chengjia4574</a><a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0500CVE-2017-0501CVE-2017-0502CVE-2017-0503CVE-2017-0509CVE-2017-0524CVE-2017-0529CVE-2017-0536<li>Qihoo 360 Technology Co. Ltd. Alpha Team Hao ChenGuang Gong: CVE-2017-0453CVE-2017-0461CVE-2017-0464<li>Sony Mobile Communications Inc. Hiroki YamamotoFang Chen: CVE-2017-0481<li>IBM Security X-Force Researcher Sagi KedmiRoee Hay: CVE-2017-0510<li><a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a> Jianjun Dai<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>: CVE-2017-0478<li>Qihoo 360 IceSword Lab Jianqiang Zhao<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a><a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8416CVE-2016-8478CVE-2017-0458CVE-2017-0459CVE-2017-0518CVE-2017-0519CVE-2017-0533CVE-2017-0534<li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Xuxian Jiang: CVE-2016-8479<li>Google : CVE-2017-0491<li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a><a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Xuxian Jiang: CVE-2017-0479CVE-2017-0480<li>Nathan Crandall<a href="https://twitter.com/natecray">@natecray</a>: CVE-2017-0535<li>Tesla Motors Product Security Team Nathan Crandall<a href="https://twitter.com/natecray">@natecray</a>: CVE-2017-0306<li>Baidu X-Lab Pengfei DingChenfu BaoLenx Wei: CVE-2016-8417<li>Tencent KeenLab Qidan He<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>: CVE-2017-0337CVE-2017-0476<li>Qihoo 360 Qing ZhangSingapore Institute of TechnologySIT Guangdong Bai: CVE-2017-0496<li>Ant-financial Light-Year Security Lab Quhewanchouchou: CVE-2017-0522<li>DarkMatter Secure Communications <a href="mailto:keun-o.park (a] darkmatter.ae">Sahara</a>: CVE-2017-0528<li>UC Santa Barbara Shellphish Grill Team salls<a href="https://twitter.com/chris_salls">@chris_salls</a>: CVE-2017-0505<li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a><a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>: CVE-2017-0504CVE-2017-0516<li>Sean Beauprebeaups: CVE-2017-0455<li>Trend Micro Seven Shen<a href="https://twitter.com/lingtongshen">@lingtongshen</a>: CVE-2017-0452<li>Fujitsu Shinichi Matsumoto: CVE-2017-0498<li><a href="http://www.byterev.com">ByteRev</a> <a href="mailto:smarques84 (a] gmail.com">Stphane Marques</a>: CVE-2017-0489<li>Google Svetoslav Ganov: CVE-2017-0492<li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Xuxian Jiang: CVE-2017-0333<li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a> V.E.O<a href="https://twitter.com/vysea">@VYSEa</a>: CVE-2017-0466CVE-2017-0467CVE-2017-0468CVE-2017-0469CVE-2017-0470CVE-2017-0471CVE-2017-0472CVE-2017-0473CVE-2017-0482CVE-2017-0485CVE-2017-0486CVE-2017-0487CVE-2017-0494CVE-2017-0495<li>Ant-financial Light-Year Security Lab Wish Wu <a href="https://twitter.com/wish_wu">@wish_wu</a>: CVE-2017-0477<li>Qihoo 360 Technology Co. Ltd Vulpecker Team Yu Pan: CVE-2017-0517CVE-2017-0532<li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Xuxian Jiang: CVE-2017-0526CVE-2017-0527<li><a href="http://c0reteam.org">C0RE Team</a> Yuqi Lu<a href="https://twitter.com/nikos233__">@nikos233</a><a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:shaodacheng2016 (a] gmail.com">Dacheng Shao</a>Mingjian Zhou<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>Xuxian Jiang: CVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 430 431 <h2 id="2017-03-01-details"> 2017-03-01 </h2> 432 <p><a href="#2017-03-01-summary"> 2017-03-01 </a>CVE Google AOSP AOSP ID ID </p> 433 434 435 <h3 id="rce-in-openssl-&-boringssl">OpenSSL BoringSSL </h3> 436 <p>OpenSSL BoringSSL </p> 437 438 <table> 439 <col width="18%"> 440 <col width="17%"> 441 <col width="10%"> 442 <col width="19%"> 443 <col width="18%"> 444 <col width="17%"> 445 <tr> 446 <th>CVE</th> 447 <th></th> 448 <th></th> 449 <th> Google </th> 450 <th> AOSP </th> 451 <th></th> 452 </tr> 453 <tr> 454 <td>CVE-2016-2182</td> 455 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/54bf62a81586d99d0a951ca3342d569b59e69b80"> 456 A-32096880</a></td> 457 <td></td> 458 <td></td> 459 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 460 <td>2016 8 5 </td> 461 </tr> 462 </table> 463 464 465 <h3 id="rce-in-mediaserver-"></h3> 466 <p> </p> 467 468 <table> 469 <col width="18%"> 470 <col width="17%"> 471 <col width="10%"> 472 <col width="19%"> 473 <col width="18%"> 474 <col width="17%"> 475 <tr> 476 <th>CVE</th> 477 <th></th> 478 <th></th> 479 <th> Google </th> 480 <th> AOSP </th> 481 <th></th> 482 </tr> 483 <tr> 484 <td>CVE-2017-0466</td> 485 <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a> 486 [<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>] 487 </td> 488 <td></td> 489 <td></td> 490 <td>6.06.0.17.07.1.1</td> 491 <td>2016 11 25 </td> 492 </tr> 493 <tr> 494 <td>CVE-2017-0467</td> 495 <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a> 496 [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] 497 </td> 498 <td></td> 499 <td></td> 500 <td>6.06.0.17.07.1.1</td> 501 <td>2016 11 30 </td> 502 </tr> 503 <tr> 504 <td>CVE-2017-0468</td> 505 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a> 506 [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] 507 </td> 508 <td></td> 509 <td></td> 510 <td>6.06.0.17.07.1.1</td> 511 <td>2016 12 5 </td> 512 </tr> 513 <tr> 514 <td>CVE-2017-0469</td> 515 <td><a href="https://android.googlesource.com/platform/external/libavc/+/21851eaecc814be709cb0c20f732cb858cfe1440"> 516 A-33450635</a></td> 517 <td></td> 518 <td></td> 519 <td>6.06.0.17.07.1.1</td> 520 <td>2016 12 8 </td> 521 </tr> 522 <tr> 523 <td>CVE-2017-0470</td> 524 <td><a href="https://android.googlesource.com/platform/external/libavc/+/6aac82003d665708b4e21e9b91693b642e2fa64f"> 525 A-33818500</a></td> 526 <td></td> 527 <td></td> 528 <td>6.06.0.17.07.1.1</td> 529 <td>2016 12 21 </td> 530 </tr> 531 <tr> 532 <td>CVE-2017-0471</td> 533 <td><a href="https://android.googlesource.com/platform/external/libavc/+/4a61d15e7b0ab979ba7e80db8ddbde025c1ce6cc"> 534 A-33816782</a></td> 535 <td></td> 536 <td></td> 537 <td>6.06.0.17.07.1.1</td> 538 <td>2016 12 21 </td> 539 </tr> 540 <tr> 541 <td>CVE-2017-0472</td> 542 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/dfa7251ff270ae7e12a019e6735542e36b2a47e0"> 543 A-33862021</a></td> 544 <td></td> 545 <td></td> 546 <td>6.06.0.17.07.1.1</td> 547 <td>2016 12 23 </td> 548 </tr> 549 <tr> 550 <td>CVE-2017-0473</td> 551 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0a4463e2beddb8290e05ad552e48b17686f854ce"> 552 A-33982658</a></td> 553 <td></td> 554 <td></td> 555 <td>6.06.0.17.07.1.1</td> 556 <td>2016 12 30 </td> 557 </tr> 558 <tr> 559 <td>CVE-2017-0474</td> 560 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6f5927de29337fa532c64d0ef8c7cb68f7c89889"> 561 A-32589224</a></td> 562 <td></td> 563 <td></td> 564 <td>7.07.1.1</td> 565 <td>Google </td> 566 </tr> 567 </table> 568 569 <h3 id="eop-in-recovery-verifier"> </h3> 570 <p> </p> 571 572 <table> 573 <col width="18%"> 574 <col width="17%"> 575 <col width="10%"> 576 <col width="19%"> 577 <col width="18%"> 578 <col width="17%"> 579 <tr> 580 <th>CVE</th> 581 <th></th> 582 <th></th> 583 <th> Google </th> 584 <th> AOSP </th> 585 <th></th> 586 </tr> 587 <tr> 588 <td>CVE-2017-0475</td> 589 <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/2c6c23f651abb3d215134dfba463eb72a5e9f8eb"> 590 A-31914369</a></td> 591 <td></td> 592 <td></td> 593 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 594 <td>2016 10 2 </td> 595 </tr> 596 </table> 597 598 599 <h3 id="rce-in-aosp-messaging">AOSP </h3> 600 <p>AOSP </p> 601 602 <table> 603 <col width="18%"> 604 <col width="17%"> 605 <col width="10%"> 606 <col width="19%"> 607 <col width="18%"> 608 <col width="17%"> 609 <tr> 610 <th>CVE</th> 611 <th></th> 612 <th></th> 613 <th> Google </th> 614 <th> AOSP </th> 615 <th></th> 616 </tr> 617 <tr> 618 <td>CVE-2017-0476</td> 619 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/8ba22b48ebff50311d7eaa8d512f9d507f0bdd0d"> 620 A-33388925</a></td> 621 <td></td> 622 <td></td> 623 <td>6.06.0.17.07.1.1</td> 624 <td>2016 12 6 </td> 625 </tr> 626 </table> 627 628 629 <h3 id="rce-in-libgdx">libgdx </h3> 630 <p>libgdx </p> 631 632 <table> 633 <col width="18%"> 634 <col width="17%"> 635 <col width="10%"> 636 <col width="19%"> 637 <col width="18%"> 638 <col width="17%"> 639 <tr> 640 <th>CVE</th> 641 <th></th> 642 <th></th> 643 <th> Google </th> 644 <th> AOSP </th> 645 <th></th> 646 </tr> 647 <tr> 648 <td>CVE-2017-0477</td> 649 <td><a href="https://android.googlesource.com/platform/external/libgdx/+/fba04a52f43315cdb7dd38766822af0324eab7c5"> 650 A-33621647</a></td> 651 <td></td> 652 <td></td> 653 <td>7.1.1</td> 654 <td>2016 12 14 </td> 655 </tr> 656 </table> 657 658 659 <h3 id="rce-in-framesequence-library">Framesequence </h3> 660 <p>Framesequence Framesequence </p> 661 662 <table> 663 <col width="18%"> 664 <col width="17%"> 665 <col width="10%"> 666 <col width="19%"> 667 <col width="18%"> 668 <col width="17%"> 669 <tr> 670 <th>CVE</th> 671 <th></th> 672 <th></th> 673 <th> Google </th> 674 <th> AOSP </th> 675 <th></th> 676 </tr> 677 <tr> 678 <td>CVE-2017-0478</td> 679 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7c824f17b3eea976ca58be7ea097cb807126f73b"> 680 A-33718716</a></td> 681 <td></td> 682 <td></td> 683 <td>5.0.25.1.16.06.0.17.07.1.1</td> 684 <td>2016 12 16 </td> 685 </tr> 686 </table> 687 688 <h3 id="eop-in-nfc">NFC </h3> 689 <p>NFC </p> 690 691 <table> 692 <col width="18%"> 693 <col width="17%"> 694 <col width="10%"> 695 <col width="19%"> 696 <col width="18%"> 697 <col width="17%"> 698 <tr> 699 <th>CVE</th> 700 <th></th> 701 <th></th> 702 <th> Google </th> 703 <th> AOSP </th> 704 <th></th> 705 </tr> 706 <tr> 707 <td>CVE-2017-0481</td> 708 <td><a href="https://android.googlesource.com/platform/external/libnfc-nci/+/c67cc6ad2addddcb7185a33b08d27290ce54e350"> 709 A-33434992</a></td> 710 <td></td> 711 <td></td> 712 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 713 <td>2016 11 6 </td> 714 </tr> 715 </table> 716 717 <h3 id="eop-in-audioserver"></h3> 718 <p></p> 719 720 <table> 721 <col width="18%"> 722 <col width="17%"> 723 <col width="10%"> 724 <col width="19%"> 725 <col width="18%"> 726 <col width="17%"> 727 <tr> 728 <th>CVE</th> 729 <th></th> 730 <th></th> 731 <th> Google </th> 732 <th> AOSP </th> 733 <th></th> 734 </tr> 735 <tr> 736 <td>CVE-2017-0479</td> 737 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> 738 A-32707507</a> 739 [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] 740 </td> 741 <td></td> 742 <td></td> 743 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 744 <td>2016 11 7 </td> 745 </tr> 746 <tr> 747 <td>CVE-2017-0480</td> 748 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> 749 A-32705429</a> 750 [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] 751 </td> 752 <td></td> 753 <td></td> 754 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 755 <td>2016 11 7 </td> 756 </tr> 757 </table> 758 759 760 <h3 id="dos-in-mediaserver"></h3> 761 <p></p> 762 763 <table> 764 <col width="18%"> 765 <col width="17%"> 766 <col width="10%"> 767 <col width="19%"> 768 <col width="18%"> 769 <col width="17%"> 770 <tr> 771 <th>CVE</th> 772 <th></th> 773 <th></th> 774 <th> Google </th> 775 <th> AOSP </th> 776 <th></th> 777 </tr> 778 <tr> 779 <td>CVE-2017-0482</td> 780 <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c"> 781 A-33090864</a> 782 [<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>] 783 [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>] 784 [<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>] 785 [<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>] 786 [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td> 787 <td></td> 788 <td></td> 789 <td>6.06.0.17.07.1.1</td> 790 <td>2016 11 22 </td> 791 </tr> 792 <tr> 793 <td>CVE-2017-0483</td> 794 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976"> 795 A-33137046</a> 796 [<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td> 797 <td></td> 798 <td></td> 799 <td>5.0.25.1.16.06.0.17.07.1.1</td> 800 <td>2016 11 24 </td> 801 </tr> 802 <tr> 803 <td>CVE-2017-0484</td> 804 <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7"> 805 A-33298089</a> 806 [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a>]</td> 807 <td></td> 808 <td></td> 809 <td>6.06.0.17.07.1.1</td> 810 <td>2016 12 1 </td> 811 </tr> 812 <tr> 813 <td>CVE-2017-0485</td> 814 <td><a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36"> 815 A-33387820</a></td> 816 <td></td> 817 <td></td> 818 <td>6.06.0.17.07.1.1</td> 819 <td>2016 12 6 </td> 820 </tr> 821 <tr> 822 <td>CVE-2017-0486</td> 823 <td><a href="https://android.googlesource.com/platform/external/libavc/+/19814b7ad4ea6f0cc4cab34e50ebab2e180fc269"> 824 A-33621215</a></td> 825 <td></td> 826 <td></td> 827 <td>6.06.0.17.07.1.1</td> 828 <td>2016 12 14 </td> 829 </tr> 830 <tr> 831 <td>CVE-2017-0487</td> 832 <td><a href="https://android.googlesource.com/platform/external/libavc/+/aa78b96e842fc1fb70a18acff22be35c7a715b23"> 833 A-33751193</a></td> 834 <td></td> 835 <td></td> 836 <td>6.06.0.17.07.1.1</td> 837 <td>2016 12 19 </td> 838 </tr> 839 <tr> 840 <td>CVE-2017-0488</td> 841 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0340381cd8c220311fd4fe2e8b23e1534657e399"> 842 A-34097213</a></td> 843 <td></td> 844 <td></td> 845 <td>6.06.0.17.07.1.1</td> 846 <td>Google </td> 847 </tr> 848 </table> 849 850 <h3 id="eop-in-location-manager"> </h3> 851 <p> </p> 852 853 <table> 854 <col width="18%"> 855 <col width="17%"> 856 <col width="10%"> 857 <col width="19%"> 858 <col width="18%"> 859 <col width="17%"> 860 <tr> 861 <th>CVE</th> 862 <th></th> 863 <th></th> 864 <th> Google </th> 865 <th> AOSP </th> 866 <th></th> 867 </tr> 868 <tr> 869 <td>CVE-2017-0489</td> 870 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d22261fef84481651e12995062105239d551cbc6"> 871 A-33091107</a></td> 872 <td></td> 873 <td></td> 874 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 875 <td>2016 11 20 </td> 876 </tr> 877 </table> 878 879 880 <h3 id="eop-in-wi-fi">Wi-Fi </h3> 881 <p>Wi-Fi </p> 882 883 <table> 884 <col width="18%"> 885 <col width="17%"> 886 <col width="10%"> 887 <col width="19%"> 888 <col width="18%"> 889 <col width="17%"> 890 <tr> 891 <th>CVE</th> 892 <th></th> 893 <th></th> 894 <th> Google </th> 895 <th> AOSP </th> 896 <th></th> 897 </tr> 898 <tr> 899 <td>CVE-2017-0490</td> 900 <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95"> 901 A-33178389</a> 902 [<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>] 903 [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>] 904 </td> 905 <td></td> 906 <td></td> 907 <td>6.06.0.17.07.1.1</td> 908 <td>2016 11 25 </td> 909 </tr> 910 </table> 911 912 913 <h3 id="eop-in-package-manager"> </h3> 914 <p> </p> 915 916 <table> 917 <col width="18%"> 918 <col width="17%"> 919 <col width="10%"> 920 <col width="19%"> 921 <col width="18%"> 922 <col width="17%"> 923 <tr> 924 <th>CVE</th> 925 <th></th> 926 <th></th> 927 <th> Google </th> 928 <th> AOSP </th> 929 <th></th> 930 </tr> 931 <tr> 932 <td>CVE-2017-0491</td> 933 <td><a href="https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/5c49b6bf732c88481466dea341917b8604ce53fa"> 934 A-32553261</a> 935 </td> 936 <td></td> 937 <td></td> 938 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 939 <td>Google </td> 940 </tr> 941 </table> 942 943 944 <h3 id="eop-in-system-ui"> UI </h3> 945 <p> UI UI </p> 946 947 <table> 948 <col width="18%"> 949 <col width="17%"> 950 <col width="10%"> 951 <col width="19%"> 952 <col width="18%"> 953 <col width="17%"> 954 <tr> 955 <th>CVE</th> 956 <th></th> 957 <th></th> 958 <th> Google </th> 959 <th> AOSP </th> 960 <th></th> 961 </tr> 962 <tr> 963 <td>CVE-2017-0492</td> 964 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/f4bed684c939b0f8809ef404b8609fe4ef849263"> 965 A-30150688</a> 966 </td> 967 <td></td> 968 <td></td> 969 <td>7.1.1</td> 970 <td>Google </td> 971 </tr> 972 </table> 973 974 975 <h3 id="id-in-aosp-messaging">AOSP </h3> 976 <p>AOSP </p> 977 978 <table> 979 <col width="18%"> 980 <col width="17%"> 981 <col width="10%"> 982 <col width="19%"> 983 <col width="18%"> 984 <col width="17%"> 985 <tr> 986 <th>CVE</th> 987 <th></th> 988 <th></th> 989 <th> Google </th> 990 <th> AOSP </th> 991 <th></th> 992 </tr> 993 <tr> 994 <td>CVE-2017-0494</td> 995 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/3f9821128abd66c4cd2f040d8243efb334bfad2d"> 996 A-32764144</a></td> 997 <td></td> 998 <td></td> 999 <td>6.06.0.17.07.1.1</td> 1000 <td>2016 11 9 </td> 1001 </tr> 1002 </table> 1003 1004 1005 <h3 id="id-in-mediaserver"></h3> 1006 <p></p> 1007 1008 <table> 1009 <col width="18%"> 1010 <col width="17%"> 1011 <col width="10%"> 1012 <col width="19%"> 1013 <col width="18%"> 1014 <col width="17%"> 1015 <tr> 1016 <th>CVE</th> 1017 <th></th> 1018 <th></th> 1019 <th> Google </th> 1020 <th> AOSP </th> 1021 <th></th> 1022 </tr> 1023 <tr> 1024 <td>CVE-2017-0495</td> 1025 <td><a href="https://android.googlesource.com/platform/external/libavc/+/85c0ec4106659a11c220cd1210f8d76c33d9e2ae"> 1026 A-33552073</a></td> 1027 <td></td> 1028 <td></td> 1029 <td>6.06.0.17.07.1.1</td> 1030 <td>2016 12 11 </td> 1031 </tr> 1032 </table> 1033 1034 1035 <h3 id="dos-in-setup-wizard"> </h3> 1036 <p> </p> 1037 1038 <table> 1039 <col width="18%"> 1040 <col width="17%"> 1041 <col width="10%"> 1042 <col width="19%"> 1043 <col width="18%"> 1044 <col width="17%"> 1045 <tr> 1046 <th>CVE</th> 1047 <th></th> 1048 <th></th> 1049 <th> Google </th> 1050 <th> AOSP </th> 1051 <th></th> 1052 </tr> 1053 <tr> 1054 <td>CVE-2017-0496</td> 1055 <td>A-31554152*</td> 1056 <td></td> 1057 <td>**</td> 1058 <td>5.0.25.1.16.06.0.1</td> 1059 <td>2016 9 14 </td> 1060 </tr> 1061 </table> 1062 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google </p> 1063 <p>** Android 7.0 Google </p> 1064 1065 <h3 id="dos-in-mediaserver-2"></h3> 1066 <p></p> 1067 1068 <table> 1069 <col width="18%"> 1070 <col width="17%"> 1071 <col width="10%"> 1072 <col width="19%"> 1073 <col width="18%"> 1074 <col width="17%"> 1075 <tr> 1076 <th>CVE</th> 1077 <th></th> 1078 <th></th> 1079 <th> Google </th> 1080 <th> AOSP </th> 1081 <th></th> 1082 </tr> 1083 <tr> 1084 <td>CVE-2017-0497</td> 1085 <td><a href="https://android.googlesource.com/platform/external/skia/+/8888cbf8e74671d44e9ff92ec3847cd647b8cdfb"> 1086 A-33300701</a></td> 1087 <td></td> 1088 <td></td> 1089 <td>7.07.1.1</td> 1090 <td>2016 12 2 </td> 1091 </tr> 1092 </table> 1093 1094 1095 <h3 id="dos-in-setup-wizard-2"> </h3> 1096 <p> Google </p> 1097 1098 <table> 1099 <col width="18%"> 1100 <col width="17%"> 1101 <col width="10%"> 1102 <col width="19%"> 1103 <col width="18%"> 1104 <col width="17%"> 1105 <tr> 1106 <th>CVE</th> 1107 <th></th> 1108 <th></th> 1109 <th> Google </th> 1110 <th> AOSP </th> 1111 <th></th> 1112 </tr> 1113 <tr> 1114 <td>CVE-2017-0498</td> 1115 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b"> 1116 A-30352311</a> 1117 [<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>] 1118 </td> 1119 <td></td> 1120 <td></td> 1121 <td>5.1.16.06.0.17.07.1.1</td> 1122 <td>Google </td> 1123 </tr> 1124 </table> 1125 1126 1127 <h3 id="dos-in-audioserver"></h3> 1128 <p></p> 1129 1130 <table> 1131 <col width="18%"> 1132 <col width="17%"> 1133 <col width="10%"> 1134 <col width="19%"> 1135 <col width="18%"> 1136 <col width="17%"> 1137 <tr> 1138 <th>CVE</th> 1139 <th></th> 1140 <th></th> 1141 <th> Google </th> 1142 <th> AOSP </th> 1143 <th></th> 1144 </tr> 1145 <tr> 1146 <td>CVE-2017-0499</td> 1147 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> 1148 A-32095713</a></td> 1149 <td></td> 1150 <td></td> 1151 <td>5.1.16.06.0.17.07.1.1</td> 1152 <td>2016 10 11 </td> 1153 </tr> 1154 </table> 1155 1156 1157 <h2 id="2017-03-05-details"> 2017-03-05 </h2> 1158 <p><a href="#2017-03-05-summary"> 2017-03-05 </a>CVE Google AOSP AOSP ID ID </p> 1159 1160 1161 <h3 id="eop-in-mediatek-components">MediaTek </h3> 1162 <p>M4U GPU MediaTek </p> 1163 1164 <table> 1165 <col width="19%"> 1166 <col width="20%"> 1167 <col width="10%"> 1168 <col width="23%"> 1169 <col width="17%"> 1170 <tr> 1171 <th>CVE</th> 1172 <th></th> 1173 <th></th> 1174 <th> Google </th> 1175 <th></th> 1176 </tr> 1177 <tr> 1178 <td>CVE-2017-0500</td> 1179 <td>A-28429685*<br> 1180 M-ALPS02710006</td> 1181 <td></td> 1182 <td>**</td> 1183 <td>2016 4 27 </td> 1184 </tr> 1185 <tr> 1186 <td>CVE-2017-0501</td> 1187 <td>A-28430015*<br> 1188 M-ALPS02708983</td> 1189 <td></td> 1190 <td>**</td> 1191 <td>2016 4 27 </td> 1192 </tr> 1193 <tr> 1194 <td>CVE-2017-0502</td> 1195 <td>A-28430164*<br> 1196 M-ALPS02710027</td> 1197 <td></td> 1198 <td>**</td> 1199 <td>2016 4 27 </td> 1200 </tr> 1201 <tr> 1202 <td>CVE-2017-0503</td> 1203 <td>A-28449045*<br> 1204 M-ALPS02710075</td> 1205 <td></td> 1206 <td>**</td> 1207 <td>2016 4 28 </td> 1208 </tr> 1209 <tr> 1210 <td>CVE-2017-0504</td> 1211 <td>A-30074628*<br> 1212 M-ALPS02829371</td> 1213 <td></td> 1214 <td>**</td> 1215 <td>2016 7 9 </td> 1216 </tr> 1217 <tr> 1218 <td>CVE-2017-0505</td> 1219 <td>A-31822282*<br> 1220 M-ALPS02992041</td> 1221 <td></td> 1222 <td>**</td> 1223 <td>2016 9 28 </td> 1224 </tr> 1225 <tr> 1226 <td>CVE-2017-0506</td> 1227 <td>A-32276718*<br> 1228 M-ALPS03006904</td> 1229 <td></td> 1230 <td>**</td> 1231 <td>2016 10 18 </td> 1232 </tr> 1233 </table> 1234 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1235 <p>** Android 7.0 Google </p> 1236 1237 1238 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1239 <p>NVIDIA GPU </p> 1240 1241 <table> 1242 <col width="19%"> 1243 <col width="20%"> 1244 <col width="10%"> 1245 <col width="23%"> 1246 <col width="17%"> 1247 <tr> 1248 <th>CVE</th> 1249 <th></th> 1250 <th></th> 1251 <th> Google </th> 1252 <th></th> 1253 </tr> 1254 <tr> 1255 <td>CVE-2017-0337</td> 1256 <td>A-31992762*<br> 1257 N-CVE-2017-0337</td> 1258 <td></td> 1259 <td>Pixel C</td> 1260 <td>2016 10 6 </td> 1261 </tr> 1262 <tr> 1263 <td>CVE-2017-0338</td> 1264 <td>A-33057977*<br> 1265 N-CVE-2017-0338</td> 1266 <td></td> 1267 <td>Pixel C</td> 1268 <td>2016 11 21 </td> 1269 </tr> 1270 <tr> 1271 <td>CVE-2017-0333</td> 1272 <td>A-33899363*<br> 1273 N-CVE-2017-0333</td> 1274 <td></td> 1275 <td>Pixel C</td> 1276 <td>2016 12 25 </td> 1277 </tr> 1278 <tr> 1279 <td>CVE-2017-0306</td> 1280 <td>A-34132950*<br> 1281 N-CVE-2017-0306</td> 1282 <td></td> 1283 <td>Nexus 9</td> 1284 <td>2017 1 6 </td> 1285 </tr> 1286 <tr> 1287 <td>CVE-2017-0335</td> 1288 <td>A-33043375*<br> 1289 N-CVE-2017-0335</td> 1290 <td></td> 1291 <td>Pixel C</td> 1292 <td>Google </td> 1293 </tr> 1294 </table> 1295 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1296 1297 1298 <h3 id="eop-in-kernel-ion-subsystem"> ION </h3> 1299 <p> ION </p> 1300 1301 <table> 1302 <col width="19%"> 1303 <col width="20%"> 1304 <col width="10%"> 1305 <col width="23%"> 1306 <col width="17%"> 1307 <tr> 1308 <th>CVE</th> 1309 <th></th> 1310 <th></th> 1311 <th> Google </th> 1312 <th></th> 1313 </tr> 1314 <tr> 1315 <td>CVE-2017-0507</td> 1316 <td>A-31992382*</td> 1317 <td></td> 1318 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1319 <td>2016 10 6 </td> 1320 </tr> 1321 <tr> 1322 <td>CVE-2017-0508</td> 1323 <td>A-33940449*</td> 1324 <td></td> 1325 <td>Pixel C</td> 1326 <td>2016 12 28 </td> 1327 </tr> 1328 </table> 1329 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1330 1331 1332 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1333 <p>Broadcom Wi-Fi </p> 1334 1335 <table> 1336 <col width="19%"> 1337 <col width="20%"> 1338 <col width="10%"> 1339 <col width="23%"> 1340 <col width="17%"> 1341 <tr> 1342 <th>CVE</th> 1343 <th></th> 1344 <th></th> 1345 <th> Google </th> 1346 <th></th> 1347 </tr> 1348 <tr> 1349 <td>CVE-2017-0509</td> 1350 <td>A-32124445*<br> 1351 B-RB#110688</td> 1352 <td></td> 1353 <td>**</td> 1354 <td>2016 10 12 </td> 1355 </tr> 1356 </table> 1357 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1358 <p>** Android 7.0 Google </p> 1359 1360 1361 <h3 id="eop-in-kernel-fiq-debugger"> FIQ </h3> 1362 <p> FIQ </p> 1363 1364 <table> 1365 <col width="19%"> 1366 <col width="20%"> 1367 <col width="10%"> 1368 <col width="23%"> 1369 <col width="17%"> 1370 <tr> 1371 <th>CVE</th> 1372 <th></th> 1373 <th></th> 1374 <th> Google </th> 1375 <th></th> 1376 </tr> 1377 <tr> 1378 <td>CVE-2017-0510</td> 1379 <td>A-32402555*</td> 1380 <td></td> 1381 <td>Nexus 9</td> 1382 <td>2016 10 25 </td> 1383 </tr> 1384 </table> 1385 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1386 1387 1388 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU </h3> 1389 <p>Qualcomm GPU </p> 1390 1391 <table> 1392 <col width="19%"> 1393 <col width="20%"> 1394 <col width="10%"> 1395 <col width="23%"> 1396 <col width="17%"> 1397 <tr> 1398 <th>CVE</th> 1399 <th></th> 1400 <th></th> 1401 <th> Google </th> 1402 <th></th> 1403 </tr> 1404 <tr> 1405 <td>CVE-2016-8479</td> 1406 <td>A-31824853*<br> 1407 QC-CR#1093687</td> 1408 <td></td> 1409 <td>Android OneNexus 5XNexus 6Nexus 6PPixelPixel XL</td> 1410 <td>2016 9 29 </td> 1411 </tr> 1412 </table> 1413 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1414 1415 1416 <h3 id="eop-in-kernel-networking-subsystem"> </h3> 1417 <p> </p> 1418 1419 <table> 1420 <col width="19%"> 1421 <col width="20%"> 1422 <col width="10%"> 1423 <col width="23%"> 1424 <col width="17%"> 1425 <tr> 1426 <th>CVE</th> 1427 <th></th> 1428 <th></th> 1429 <th> Google </th> 1430 <th></th> 1431 </tr> 1432 <tr> 1433 <td>CVE-2016-9806</td> 1434 <td>A-33393474<br> 1435 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520"> 1436 </a></td> 1437 <td></td> 1438 <td>Pixel CPixelPixel XL</td> 1439 <td>2016 12 4 </td> 1440 </tr> 1441 <tr> 1442 <td>CVE-2016-10200</td> 1443 <td>A-33753815<br> 1444 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"> 1445 </a></td> 1446 <td></td> 1447 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1448 <td>2016 12 19 </td> 1449 </tr> 1450 </table> 1451 1452 1453 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1454 <p> Qualcomm Qualcomm AMSS 2016 9 </p> 1455 1456 <table> 1457 <col width="19%"> 1458 <col width="20%"> 1459 <col width="10%"> 1460 <col width="23%"> 1461 <col width="17%"> 1462 <tr> 1463 <th>CVE</th> 1464 <th></th> 1465 <th></th> 1466 <th> Google </th> 1467 <th></th> 1468 </tr> 1469 <tr> 1470 <td>CVE-2016-8484</td> 1471 <td>A-28823575**</td> 1472 <td></td> 1473 <td>***</td> 1474 <td>Qualcomm </td> 1475 </tr> 1476 <tr> 1477 <td>CVE-2016-8485</td> 1478 <td>A-28823681**</td> 1479 <td></td> 1480 <td>***</td> 1481 <td>Qualcomm </td> 1482 </tr> 1483 <tr> 1484 <td>CVE-2016-8486</td> 1485 <td>A-28823691**</td> 1486 <td></td> 1487 <td>***</td> 1488 <td>Qualcomm </td> 1489 </tr> 1490 <tr> 1491 <td>CVE-2016-8487</td> 1492 <td>A-28823724**</td> 1493 <td></td> 1494 <td>***</td> 1495 <td>Qualcomm </td> 1496 </tr> 1497 <tr> 1498 <td>CVE-2016-8488</td> 1499 <td>A-31625756**</td> 1500 <td></td> 1501 <td>***</td> 1502 <td>Qualcomm </td> 1503 </tr> 1504 </table> 1505 <p>* </p> 1506 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1507 <p>*** Android 7.0 Google </p> 1508 1509 1510 <h3 id="eop-in-kernel-networking-subsystem-2"> </h3> 1511 <p> </p> 1512 1513 <table> 1514 <col width="19%"> 1515 <col width="20%"> 1516 <col width="10%"> 1517 <col width="23%"> 1518 <col width="17%"> 1519 <tr> 1520 <th>CVE</th> 1521 <th></th> 1522 <th></th> 1523 <th> Google </th> 1524 <th></th> 1525 </tr> 1526 <tr> 1527 <td>CVE-2016-8655</td> 1528 <td>A-33358926<br> 1529 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c"> 1530 </a></td> 1531 <td></td> 1532 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1533 <td>2016 10 12 </td> 1534 </tr> 1535 <tr> 1536 <td>CVE-2016-9793</td> 1537 <td>A-33363517<br> 1538 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"> 1539 </a></td> 1540 <td></td> 1541 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1542 <td>2016 12 2 </td> 1543 </tr> 1544 </table> 1545 1546 1547 <h3 id="eop-in-qualcomm-input-hardware-driver">Qualcomm </h3> 1548 <p>Qualcomm </p> 1549 1550 <table> 1551 <col width="19%"> 1552 <col width="20%"> 1553 <col width="10%"> 1554 <col width="23%"> 1555 <col width="17%"> 1556 <tr> 1557 <th>CVE</th> 1558 <th></th> 1559 <th></th> 1560 <th> Google </th> 1561 <th></th> 1562 </tr> 1563 <tr> 1564 <td>CVE-2017-0516</td> 1565 <td>A-32341680*<br> 1566 QC-CR#1096301</td> 1567 <td></td> 1568 <td>Android OnePixelPixel XL</td> 1569 <td>2016 10 21 </td> 1570 </tr> 1571 </table> 1572 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1573 1574 1575 <h3 id="eop-in-mediatek-hardware-sensor-driver">MediaTek </h3> 1576 <p>MediaTek </p> 1577 1578 <table> 1579 <col width="19%"> 1580 <col width="20%"> 1581 <col width="10%"> 1582 <col width="23%"> 1583 <col width="17%"> 1584 <tr> 1585 <th>CVE</th> 1586 <th></th> 1587 <th></th> 1588 <th> Google </th> 1589 <th></th> 1590 </tr> 1591 <tr> 1592 <td>CVE-2017-0517</td> 1593 <td>A-32372051*<br> 1594 M-ALPS02973195</td> 1595 <td></td> 1596 <td>**</td> 1597 <td>2016 10 22 </td> 1598 </tr> 1599 </table> 1600 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1601 <p>** Android 7.0 Google </p> 1602 1603 1604 <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC </h3> 1605 <p>Qualcomm ADSPRPC </p> 1606 1607 <table> 1608 <col width="19%"> 1609 <col width="20%"> 1610 <col width="10%"> 1611 <col width="23%"> 1612 <col width="17%"> 1613 <tr> 1614 <th>CVE</th> 1615 <th></th> 1616 <th></th> 1617 <th> Google </th> 1618 <th></th> 1619 </tr> 1620 <tr> 1621 <td>CVE-2017-0457</td> 1622 <td>A-31695439*<br> 1623 QC-CR#1086123<br> 1624 QC-CR#1100695</td> 1625 <td></td> 1626 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1627 <td>2016 9 22 </td> 1628 </tr> 1629 </table> 1630 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1631 1632 1633 <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Qualcomm </h3> 1634 <p>Qualcomm </p> 1635 1636 <table> 1637 <col width="19%"> 1638 <col width="20%"> 1639 <col width="10%"> 1640 <col width="23%"> 1641 <col width="17%"> 1642 <tr> 1643 <th>CVE</th> 1644 <th></th> 1645 <th></th> 1646 <th> Google </th> 1647 <th></th> 1648 </tr> 1649 <tr> 1650 <td>CVE-2017-0518</td> 1651 <td>A-32370896*<br> 1652 QC-CR#1086530</td> 1653 <td></td> 1654 <td>PixelPixel XL</td> 1655 <td>2016 10 24 </td> 1656 </tr> 1657 <tr> 1658 <td>CVE-2017-0519</td> 1659 <td>A-32372915*<br> 1660 QC-CR#1086530</td> 1661 <td></td> 1662 <td>PixelPixel XL</td> 1663 <td>2016 10 24 </td> 1664 </tr> 1665 </table> 1666 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1667 1668 1669 <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm crypto </h3> 1670 <p>Qualcomm crypto </p> 1671 1672 <table> 1673 <col width="19%"> 1674 <col width="20%"> 1675 <col width="10%"> 1676 <col width="23%"> 1677 <col width="17%"> 1678 <tr> 1679 <th>CVE</th> 1680 <th></th> 1681 <th></th> 1682 <th> Google </th> 1683 <th></th> 1684 </tr> 1685 <tr> 1686 <td>CVE-2017-0520</td> 1687 <td>A-31750232<br> 1688 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd"> 1689 QC-CR#1082636</a></td> 1690 <td></td> 1691 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1692 <td>2016 9 24 </td> 1693 </tr> 1694 </table> 1695 1696 1697 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3> 1698 <p>Qualcomm </p> 1699 1700 <table> 1701 <col width="19%"> 1702 <col width="20%"> 1703 <col width="10%"> 1704 <col width="23%"> 1705 <col width="17%"> 1706 <tr> 1707 <th>CVE</th> 1708 <th></th> 1709 <th></th> 1710 <th> Google </th> 1711 <th></th> 1712 </tr> 1713 <tr> 1714 <td>CVE-2017-0458</td> 1715 <td>A-32588962<br> 1716 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4"> 1717 QC-CR#1089433</a></td> 1718 <td></td> 1719 <td>PixelPixel XL</td> 1720 <td>2016 10 31 </td> 1721 </tr> 1722 <tr> 1723 <td>CVE-2017-0521</td> 1724 <td>A-32919951<br> 1725 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8"> 1726 QC-CR#1097709</a></td> 1727 <td></td> 1728 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1729 <td>2016 11 15 </td> 1730 </tr> 1731 </table> 1732 1733 1734 <h3 id="eop-in-mediatek-apk">MediaTek APK </h3> 1735 <p>MediaTek APK </p> 1736 1737 <table> 1738 <col width="19%"> 1739 <col width="20%"> 1740 <col width="10%"> 1741 <col width="23%"> 1742 <col width="17%"> 1743 <tr> 1744 <th>CVE</th> 1745 <th></th> 1746 <th></th> 1747 <th> Google </th> 1748 <th></th> 1749 </tr> 1750 <tr> 1751 <td>CVE-2017-0522</td> 1752 <td>A-32916158*<br> 1753 M-ALPS03032516</td> 1754 <td></td> 1755 <td>**</td> 1756 <td>2016 11 15 </td> 1757 </tr> 1758 </table> 1759 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1760 <p>** Android 7.0 Google </p> 1761 1762 1763 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1764 <p>Qualcomm Wi-Fi </p> 1765 1766 <table> 1767 <col width="19%"> 1768 <col width="20%"> 1769 <col width="10%"> 1770 <col width="23%"> 1771 <col width="17%"> 1772 <tr> 1773 <th>CVE</th> 1774 <th></th> 1775 <th></th> 1776 <th> Google </th> 1777 <th></th> 1778 </tr> 1779 <tr> 1780 <td>CVE-2017-0464</td> 1781 <td>A-32940193<br> 1782 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f"> 1783 QC-CR#1102593</a></td> 1784 <td></td> 1785 <td>Nexus 5XPixelPixel XL</td> 1786 <td>2016 11 15 </td> 1787 </tr> 1788 <tr> 1789 <td>CVE-2017-0453</td> 1790 <td>A-33979145<br> 1791 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513"> 1792 QC-CR#1105085</a></td> 1793 <td></td> 1794 <td>Nexus 5XAndroid One</td> 1795 <td>2016 12 30 </td> 1796 </tr> 1797 <tr> 1798 <td>CVE-2017-0523</td> 1799 <td>A-32835279<br> 1800 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582"> 1801 QC-CR#1096945</a></td> 1802 <td></td> 1803 <td>*</td> 1804 <td>Google </td> 1805 </tr> 1806 </table> 1807 <p>* Android 7.0 Google </p> 1808 1809 1810 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1811 <p>Synaptics </p> 1812 1813 <table> 1814 <col width="19%"> 1815 <col width="20%"> 1816 <col width="10%"> 1817 <col width="23%"> 1818 <col width="17%"> 1819 <tr> 1820 <th>CVE</th> 1821 <th></th> 1822 <th></th> 1823 <th> Google </th> 1824 <th></th> 1825 </tr> 1826 <tr> 1827 <td>CVE-2017-0524</td> 1828 <td>A-33002026</td> 1829 <td></td> 1830 <td>Android OneNexus 5XNexus 6PNexus 9PixelPixel XL</td> 1831 <td>2016 11 18 </td> 1832 </tr> 1833 </table> 1834 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1835 1836 1837 <h3 id="eop-in-qualcomm-ipa-driver">Qualcomm IPA </h3> 1838 <p>Qualcomm IPA </p> 1839 1840 <table> 1841 <col width="19%"> 1842 <col width="20%"> 1843 <col width="10%"> 1844 <col width="23%"> 1845 <col width="17%"> 1846 <tr> 1847 <th>CVE</th> 1848 <th></th> 1849 <th></th> 1850 <th> Google </th> 1851 <th></th> 1852 </tr> 1853 <tr> 1854 <td>CVE-2017-0456</td> 1855 <td>A-33106520*<br> 1856 QC-CR#1099598</td> 1857 <td></td> 1858 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1859 <td>2016 11 23 </td> 1860 </tr> 1861 <tr> 1862 <td>CVE-2017-0525</td> 1863 <td>A-33139056*<br> 1864 QC-CR#1097714</td> 1865 <td></td> 1866 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1867 <td>2016 11 25 </td> 1868 </tr> 1869 </table> 1870 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1871 1872 1873 <h3 id="eop-in-htc-sensor-hub-driver">HTC </h3> 1874 <p>HTC </p> 1875 1876 <table> 1877 <col width="19%"> 1878 <col width="20%"> 1879 <col width="10%"> 1880 <col width="23%"> 1881 <col width="17%"> 1882 <tr> 1883 <th>CVE</th> 1884 <th></th> 1885 <th></th> 1886 <th> Google </th> 1887 <th></th> 1888 </tr> 1889 <tr> 1890 <td>CVE-2017-0526</td> 1891 <td>A-33897738*</td> 1892 <td></td> 1893 <td>Nexus 9</td> 1894 <td>2016 12 25 </td> 1895 </tr> 1896 <tr> 1897 <td>CVE-2017-0527</td> 1898 <td>A-33899318*</td> 1899 <td></td> 1900 <td>Nexus 9PixelPixel XL</td> 1901 <td>2016 12 25 </td> 1902 </tr> 1903 </table> 1904 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1905 1906 1907 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU </h3> 1908 <p>NVIDIA GPU </p> 1909 1910 <table> 1911 <col width="19%"> 1912 <col width="20%"> 1913 <col width="10%"> 1914 <col width="23%"> 1915 <col width="17%"> 1916 <tr> 1917 <th>CVE</th> 1918 <th></th> 1919 <th></th> 1920 <th> Google </th> 1921 <th></th> 1922 </tr> 1923 <tr> 1924 <td>CVE-2017-0307</td> 1925 <td>A-33177895*<br> 1926 N-CVE-2017-0307</td> 1927 <td></td> 1928 <td>**</td> 1929 <td>2016 11 28 </td> 1930 </tr> 1931 </table> 1932 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1933 <p>** Android 7.0 Google </p> 1934 1935 1936 <h3 id="eop-in-qualcomm-networking-driver">Qualcomm </h3> 1937 <p>Qualcomm </p> 1938 1939 <table> 1940 <col width="19%"> 1941 <col width="20%"> 1942 <col width="10%"> 1943 <col width="23%"> 1944 <col width="17%"> 1945 <tr> 1946 <th>CVE</th> 1947 <th></th> 1948 <th></th> 1949 <th> Google </th> 1950 <th></th> 1951 </tr> 1952 <tr> 1953 <td>CVE-2017-0463</td> 1954 <td>A-33277611<br> 1955 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2"> 1956 QC-CR#1101792</a></td> 1957 <td></td> 1958 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1959 <td>2016 11 30 </td> 1960 </tr> 1961 <tr> 1962 <td>CVE-2017-0460 </td> 1963 <td>A-31252965*<br> 1964 QC-CR#1098801</td> 1965 <td></td> 1966 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixelPixel XL</td> 1967 <td>Google </td> 1968 </tr> 1969 </table> 1970 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1971 1972 1973 <h3 id="eop-in-kernel-security-subsystem"> </h3> 1974 <p> </p> 1975 1976 <table> 1977 <col width="19%"> 1978 <col width="20%"> 1979 <col width="10%"> 1980 <col width="23%"> 1981 <col width="17%"> 1982 <tr> 1983 <th>CVE</th> 1984 <th></th> 1985 <th></th> 1986 <th> Google </th> 1987 <th></th> 1988 </tr> 1989 <tr> 1990 <td>CVE-2017-0528</td> 1991 <td>A-33351919*</td> 1992 <td></td> 1993 <td>PixelPixel XL</td> 1994 <td>2016 12 4 </td> 1995 </tr> 1996 </table> 1997 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 1998 1999 2000 <h3 id="eop-in-qualcomm-spcom-driver">Qualcomm SPCom </h3> 2001 <p>Qualcomm SPCom </p> 2002 2003 <table> 2004 <col width="19%"> 2005 <col width="20%"> 2006 <col width="10%"> 2007 <col width="23%"> 2008 <col width="17%"> 2009 <tr> 2010 <th>CVE</th> 2011 <th></th> 2012 <th></th> 2013 <th> Google </th> 2014 <th></th> 2015 </tr> 2016 <tr> 2017 <td>CVE-2016-5856</td> 2018 <td>A-32610665<br> 2019 <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368"> 2020 QC-CR#1094078</a></td> 2021 <td></td> 2022 <td>*</td> 2023 <td>Google </td> 2024 </tr> 2025 <tr> 2026 <td>CVE-2016-5857</td> 2027 <td>A-34386529<br> 2028 <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5"> 2029 QC-CR#1094140</a></td> 2030 <td></td> 2031 <td>*</td> 2032 <td>Google </td> 2033 </tr> 2034 </table> 2035 <p>* Android 7.0 Google </p> 2036 2037 2038 <h3 id="id-in-kernel-networking-subsystem"> </h3> 2039 <p> </p> 2040 2041 <table> 2042 <col width="19%"> 2043 <col width="20%"> 2044 <col width="10%"> 2045 <col width="23%"> 2046 <col width="17%"> 2047 <tr> 2048 <th>CVE</th> 2049 <th></th> 2050 <th></th> 2051 <th> Google </th> 2052 <th></th> 2053 </tr> 2054 <tr> 2055 <td>CVE-2014-8709</td> 2056 <td>A-34077221<br> 2057 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f"> 2058 </a></td> 2059 <td></td> 2060 <td>Nexus Player</td> 2061 <td>2014 11 9 </td> 2062 </tr> 2063 </table> 2064 2065 2066 <h3 id="id-in-mediatek-driver">MediaTek </h3> 2067 <p>MediaTek </p> 2068 2069 <table> 2070 <col width="19%"> 2071 <col width="20%"> 2072 <col width="10%"> 2073 <col width="23%"> 2074 <col width="17%"> 2075 <tr> 2076 <th>CVE</th> 2077 <th></th> 2078 <th></th> 2079 <th> Google </th> 2080 <th></th> 2081 </tr> 2082 <tr> 2083 <td>CVE-2017-0529</td> 2084 <td>A-28449427*<br> 2085 M-ALPS02710042</td> 2086 <td></td> 2087 <td>**</td> 2088 <td>2016 4 27 </td> 2089 </tr> 2090 </table> 2091 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 2092 <p>** Android 7.0 Google </p> 2093 2094 2095 <h3 id="id-in-qualcomm-bootloader">Qualcomm </h3> 2096 <p>Qualcomm </p> 2097 2098 <table> 2099 <col width="19%"> 2100 <col width="20%"> 2101 <col width="10%"> 2102 <col width="23%"> 2103 <col width="17%"> 2104 <tr> 2105 <th>CVE</th> 2106 <th></th> 2107 <th></th> 2108 <th> Google </th> 2109 <th></th> 2110 </tr> 2111 <tr> 2112 <td>CVE-2017-0455</td> 2113 <td>A-32370952<br> 2114 <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"> 2115 QC-CR#1082755</a></td> 2116 <td></td> 2117 <td>PixelPixel XL</td> 2118 <td>2016 10 21 </td> 2119 </tr> 2120 </table> 2121 2122 2123 <h3 id="id-in-qualcomm-power-driver">Qualcomm </h3> 2124 <p>Qualcomm </p> 2125 2126 <table> 2127 <col width="19%"> 2128 <col width="20%"> 2129 <col width="10%"> 2130 <col width="23%"> 2131 <col width="17%"> 2132 <tr> 2133 <th>CVE</th> 2134 <th></th> 2135 <th></th> 2136 <th> Google </th> 2137 <th></th> 2138 </tr> 2139 <tr> 2140 <td>CVE-2016-8483</td> 2141 <td>A-33745862<br> 2142 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a"> 2143 QC-CR#1035099</a></td> 2144 <td></td> 2145 <td>Nexus 5XNexus 6P</td> 2146 <td>2016 12 19 </td> 2147 </tr> 2148 </table> 2149 2150 2151 <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU </h3> 2152 <p>NVIDIA GPU </p> 2153 2154 <table> 2155 <col width="19%"> 2156 <col width="20%"> 2157 <col width="10%"> 2158 <col width="23%"> 2159 <col width="17%"> 2160 <tr> 2161 <th>CVE</th> 2162 <th></th> 2163 <th></th> 2164 <th> Google </th> 2165 <th></th> 2166 </tr> 2167 <tr> 2168 <td>CVE-2017-0334</td> 2169 <td>A-33245849*<br> 2170 N-CVE-2017-0334</td> 2171 <td></td> 2172 <td>Pixel C</td> 2173 <td>2016 11 30 </td> 2174 </tr> 2175 <tr> 2176 <td>CVE-2017-0336</td> 2177 <td>A-33042679*<br> 2178 N-CVE-2017-0336</td> 2179 <td></td> 2180 <td>Pixel C</td> 2181 <td>Google </td> 2182 </tr> 2183 </table> 2184 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 2185 2186 2187 <h3 id="dos-in-kernel-cryptographic-subsystem"></h3> 2188 <p> </p> 2189 2190 <table> 2191 <col width="19%"> 2192 <col width="20%"> 2193 <col width="10%"> 2194 <col width="23%"> 2195 <col width="17%"> 2196 <tr> 2197 <th>CVE</th> 2198 <th></th> 2199 <th></th> 2200 <th> Google </th> 2201 <th></th> 2202 </tr> 2203 <tr> 2204 <td>CVE-2016-8650</td> 2205 <td>A-33401771<br> 2206 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"> 2207 </a></td> 2208 <td></td> 2209 <td>Nexus 5XNexus 6PPixelPixel XL</td> 2210 <td>2016 10 12 </td> 2211 </tr> 2212 </table> 2213 2214 2215 <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Qualcomm </h3> 2216 <p>Qualcomm </p> 2217 2218 <table> 2219 <col width="19%"> 2220 <col width="20%"> 2221 <col width="10%"> 2222 <col width="23%"> 2223 <col width="17%"> 2224 <tr> 2225 <th>CVE</th> 2226 <th></th> 2227 <th></th> 2228 <th> Google </th> 2229 <th></th> 2230 </tr> 2231 <tr> 2232 <td>CVE-2016-8417</td> 2233 <td>A-32342399<br> 2234 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0"> 2235 QC-CR#1088824</a></td> 2236 <td></td> 2237 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2238 <td>2016 10 21 </td> 2239 </tr> 2240 </table> 2241 2242 2243 <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 2244 <p>Qualcomm Wi-Fi </p> 2245 2246 <table> 2247 <col width="19%"> 2248 <col width="20%"> 2249 <col width="10%"> 2250 <col width="23%"> 2251 <col width="17%"> 2252 <tr> 2253 <th>CVE</th> 2254 <th></th> 2255 <th></th> 2256 <th> Google </th> 2257 <th></th> 2258 </tr> 2259 <tr> 2260 <td>CVE-2017-0461</td> 2261 <td>A-32073794<br> 2262 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65"> 2263 QC-CR#1100132</a></td> 2264 <td></td> 2265 <td>Android OneNexus 5XPixelPixel XL</td> 2266 <td>2016 10 9 </td> 2267 </tr> 2268 <tr> 2269 <td>CVE-2017-0459</td> 2270 <td>A-32644895<br> 2271 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> 2272 QC-CR#1091939</a></td> 2273 <td></td> 2274 <td>PixelPixel XL</td> 2275 <td>2016 11 3 </td> 2276 </tr> 2277 <tr> 2278 <td>CVE-2017-0531</td> 2279 <td>A-32877245<br> 2280 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302"> 2281 QC-CR#1087469</a></td> 2282 <td></td> 2283 <td>Android OneNexus 5XNexus 6PPixelPixel XL</td> 2284 <td>2016 11 13 </td> 2285 </tr> 2286 </table> 2287 2288 2289 <h3 id="id-in-mediatek-video-codec-driver">MediaTek </h3> 2290 <p>MediaTek </p> 2291 2292 <table> 2293 <col width="19%"> 2294 <col width="20%"> 2295 <col width="10%"> 2296 <col width="23%"> 2297 <col width="17%"> 2298 <tr> 2299 <th>CVE</th> 2300 <th></th> 2301 <th></th> 2302 <th> Google </th> 2303 <th></th> 2304 </tr> 2305 <tr> 2306 <td>CVE-2017-0532</td> 2307 <td>A-32370398*<br> 2308 M-ALPS03069985</td> 2309 <td></td> 2310 <td>**</td> 2311 <td>2016 10 22 </td> 2312 </tr> 2313 </table> 2314 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 2315 <p>** Android 7.0 Google </p> 2316 2317 2318 <h3 id="id-in-qualcomm-video-driver">Qualcomm </h3> 2319 <p> 2320 Qualcomm </p> 2321 2322 <table> 2323 <col width="19%"> 2324 <col width="20%"> 2325 <col width="10%"> 2326 <col width="23%"> 2327 <col width="17%"> 2328 <tr> 2329 <th>CVE</th> 2330 <th></th> 2331 <th></th> 2332 <th> Google </th> 2333 <th></th> 2334 </tr> 2335 <tr> 2336 <td>CVE-2017-0533</td> 2337 <td>A-32509422<br> 2338 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2339 QC-CR#1088206</a></td> 2340 <td></td> 2341 <td>PixelPixel XL</td> 2342 <td>2016 10 27 </td> 2343 </tr> 2344 <tr> 2345 <td>CVE-2017-0534</td> 2346 <td>A-32508732<br> 2347 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2348 QC-CR#1088206</a></td> 2349 <td></td> 2350 <td>PixelPixel XL</td> 2351 <td>2016 10 28 </td> 2352 </tr> 2353 <tr> 2354 <td>CVE-2016-8416</td> 2355 <td>A-32510746<br> 2356 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2357 QC-CR#1088206</a></td> 2358 <td></td> 2359 <td>PixelPixel XL</td> 2360 <td>2016 10 28 </td> 2361 </tr> 2362 <tr> 2363 <td>CVE-2016-8478</td> 2364 <td>A-32511270<br> 2365 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2366 QC-CR#1088206</a></td> 2367 <td></td> 2368 <td>PixelPixel XL</td> 2369 <td>2016 10 28 </td> 2370 </tr> 2371 </table> 2372 2373 2374 <h3 id="id-in-qualcomm-camera-driver">Qualcomm </h3> 2375 <p>Qualcomm </p> 2376 2377 <table> 2378 <col width="19%"> 2379 <col width="20%"> 2380 <col width="10%"> 2381 <col width="23%"> 2382 <col width="17%"> 2383 <tr> 2384 <th>CVE</th> 2385 <th></th> 2386 <th></th> 2387 <th> Google </th> 2388 <th></th> 2389 </tr> 2390 <tr> 2391 <td>CVE-2016-8413</td> 2392 <td>A-32709702<br> 2393 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d"> 2394 QC-CR#518731</a></td> 2395 <td></td> 2396 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2397 <td>2016 11 4 </td> 2398 </tr> 2399 <tr> 2400 <td>CVE-2016-8477</td> 2401 <td>A-32720522<br> 2402 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"> 2403 QC-CR#1090007</a> 2404 [<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> 2405 <td></td> 2406 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2407 <td>2016 11 7 </td> 2408 </tr> 2409 </table> 2410 2411 2412 <h3 id="id-in-htc-sound-codec-driver">HTC </h3> 2413 <p>HTC </p> 2414 2415 <table> 2416 <col width="19%"> 2417 <col width="20%"> 2418 <col width="10%"> 2419 <col width="23%"> 2420 <col width="17%"> 2421 <tr> 2422 <th>CVE</th> 2423 <th></th> 2424 <th></th> 2425 <th> Google </th> 2426 <th></th> 2427 </tr> 2428 <tr> 2429 <td>CVE-2017-0535</td> 2430 <td>A-33547247*</td> 2431 <td></td> 2432 <td>Nexus 9</td> 2433 <td>2016 12 11 </td> 2434 </tr> 2435 </table> 2436 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 2437 2438 2439 <h3 id="id-in-synaptics-touchscreen-driver">Synaptics </h3> 2440 <p>Synaptics </p> 2441 2442 <table> 2443 <col width="19%"> 2444 <col width="20%"> 2445 <col width="10%"> 2446 <col width="23%"> 2447 <col width="17%"> 2448 <tr> 2449 <th>CVE</th> 2450 <th></th> 2451 <th></th> 2452 <th> Google </th> 2453 <th></th> 2454 </tr> 2455 <tr> 2456 <td>CVE-2017-0536</td> 2457 <td>A-33555878*</td> 2458 <td></td> 2459 <td>Android OneNexus 5XNexus 6PNexus 9PixelPixel XL</td> 2460 <td>2016 12 12 </td> 2461 </tr> 2462 </table> 2463 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 2464 2465 2466 <h3 id="id-in-kernel-usb-gadget-driver"> USB </h3> 2467 <p> USB </p> 2468 2469 <table> 2470 <col width="19%"> 2471 <col width="20%"> 2472 <col width="10%"> 2473 <col width="23%"> 2474 <col width="17%"> 2475 <tr> 2476 <th>CVE</th> 2477 <th></th> 2478 <th></th> 2479 <th> Google </th> 2480 <th></th> 2481 </tr> 2482 <tr> 2483 <td>CVE-2017-0537</td> 2484 <td>A-31614969*</td> 2485 <td></td> 2486 <td>Pixel C</td> 2487 <td>Google </td> 2488 </tr> 2489 </table> 2490 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 2491 2492 2493 <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm </h3> 2494 <p>Qualcomm </p> 2495 2496 <table> 2497 <col width="19%"> 2498 <col width="20%"> 2499 <col width="10%"> 2500 <col width="23%"> 2501 <col width="17%"> 2502 <tr> 2503 <th>CVE</th> 2504 <th></th> 2505 <th></th> 2506 <th> Google </th> 2507 <th></th> 2508 </tr> 2509 <tr> 2510 <td>CVE-2017-0452</td> 2511 <td>A-32873615*<br> 2512 QC-CR#1093693</td> 2513 <td></td> 2514 <td>Nexus 5XNexus 6PAndroid One</td> 2515 <td>2016 11 10 </td> 2516 </tr> 2517 </table> 2518 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus </p> 2519 <h2 id="common-questions-and-answers"></h2> 2520 <p></p> 2521 <p><strong>1. 2522 </strong></p> 2523 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 2524 <ul> 2525 <li> 2017-03-01 2017-03-01 </li> 2526 <li> 2017-03-05 2017-03-05 2527 </li> 2528 </ul> 2529 <p></p> 2530 <ul> 2531 <li>[ro.build.version.security_patch]:[2017-03-01]</li> 2532 <li>[ro.build.version.security_patch]:[2017-03-05]</li> 2533 </ul> 2534 <p><strong>2. 2 </strong></p> 2535 <p>2 Android Android Android </p> 2536 <ul> 2537 <li>2017 3 1 </li> 2538 <li>2017 3 5 </li> 2539 </ul> 2540 <p> 1 </p> 2541 <p><strong>3. Google </strong></p> 2542 <p><a href="#2017-03-01-details">2017-03-01</a> <a href="#2017-03-05-details">2017-03-05</a> Google <em></em> Google </p> 2543 <ul> 2544 <li><strong> Google </strong>: Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 72013Nexus 9Android OneNexus PlayerPixel CPixelPixel XL</li> 2545 <li><strong> Google </strong>: Google Google <em></em> Google </li> 2546 <li><strong> Google </strong>: Android 7.0 Google Google <em></em></li> 2547 </ul> 2548 <p><strong>4. </strong></p> 2549 <p><em></em></p> 2550 <table> 2551 <tr> 2552 <th></th> 2553 <th></th> 2554 </tr> 2555 <tr> 2556 <td>A-</td> 2557 <td>Android ID</td> 2558 </tr> 2559 <tr> 2560 <td>QC-</td> 2561 <td>Qualcomm </td> 2562 </tr> 2563 <tr> 2564 <td>M-</td> 2565 <td>MediaTek </td> 2566 </tr> 2567 <tr> 2568 <td>N-</td> 2569 <td>NVIDIA </td> 2570 </tr> 2571 <tr> 2572 <td>B-</td> 2573 <td>Broadcom </td> 2574 </tr> 2575 </table> 2576 <h2 id="revisions"></h2> 2577 <ul> 2578 <li>2017 3 6 : </li> 2579 <li>2017 3 7 : AOSP </li> 2580 </ul> 2581 </body> 2582 </html> 2583
