1 <html devsite> 2 <head> 3 <title>Nexus - 2015 11</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p> 27 <em> 28 : 2015 11 2 29 </em> 30 </p> 31 <p> 32 Google Android 33 Nexus . 34 Nexus 35 <a href="https://developers.google.com/android/nexus/images"> 36 Google 37 </a> 38 . LMY48X 2015 11 1 39 Android Marshmallow . 40 <a href="http://source.android.com/security/bulletin/2015-11-01.html#common_questions_and_answers"> 41 42 </a> 43 . 44 </p> 45 <p> 46 2015 10 5 , 47 48 Android (AOSP) 48 . AOSP 49 . 50 </p> 51 <p> 52 53 , MMS 54 . 55 </p> 56 <p> 57 58 . SafetyNet Android 59 <a href="http://source.android.com/security/bulletin/2015-11-01.html#mitigations"> 60 Android 61 </a> 62 63 <a href="http://source.android.com/security/enhancements/index.html"> 64 65 </a> 66 . 67 . 68 </p> 69 <h2 id="security_vulnerability_summary" style="margin-bottom:0px"> 70 71 </h2> 72 <hr/> 73 <p> 74 , ID(CVE), 75 . 76 <a href="http://source.android.com/security/overview/updates-resources.html#severity"> 77 78 </a> 79 80 81 . 82 </p> 83 <table> 84 <tbody> 85 <tr> 86 <th> 87 88 </th> 89 <th> 90 CVE 91 </th> 92 <th> 93 94 </th> 95 </tr> 96 <tr> 97 <td> 98 99 </td> 100 <td> 101 CVE-2015-6608 102 </td> 103 <td> 104 105 </td> 106 </tr> 107 <tr> 108 <td> 109 libutils 110 </td> 111 <td> 112 CVE-2015-6609 113 </td> 114 <td> 115 116 </td> 117 </tr> 118 <tr> 119 <td> 120 121 </td> 122 <td> 123 CVE-2015-6611 124 </td> 125 <td> 126 127 </td> 128 </tr> 129 <tr> 130 <td> 131 libstagefright 132 </td> 133 <td> 134 CVE-2015-6610 135 </td> 136 <td> 137 138 </td> 139 </tr> 140 <tr> 141 <td> 142 libmedia 143 </td> 144 <td> 145 CVE-2015-6612 146 </td> 147 <td> 148 149 </td> 150 </tr> 151 <tr> 152 <td> 153 154 </td> 155 <td> 156 CVE-2015-6613 157 </td> 158 <td> 159 160 </td> 161 </tr> 162 <tr> 163 <td> 164 165 </td> 166 <td> 167 CVE-2015-6614 168 </td> 169 <td> 170 171 </td> 172 </tr> 173 </tbody> 174 </table> 175 <p> 176 <a href="http://source.android.com/security/overview/updates-resources.html#severity"> 177 178 </a> 179 180 181 . 182 </p> 183 <h2 id="mitigations" style="margin-bottom:0px"> 184 185 </h2> 186 <hr/> 187 <p> 188 SafetyNet 189 <a href="http://source.android.com/security/enhancements/index.html"> 190 Android 191 </a> 192 . Android 193 . 194 </p> 195 <ul> 196 <li> 197 Android Android 198 . 199 Android . 200 </li> 201 <li> 202 Android 203 SafetyNet 204 . Google Play . 205 Google Play 206 . 207 208 . 209 210 . 211 </li> 212 <li> 213 Google 214 . 215 </li> 216 </ul> 217 <h2 id="acknowledgements" style="margin-bottom:0px"> 218 219 </h2> 220 <hr/> 221 <p> 222 . 223 </p> 224 <ul> 225 <li> 226 Abhishek Arya, Oliver Chang, Martin Barbella, Chrome : 227 CVE-2015-6608 228 </li> 229 <li> 230 Copperhead Security Daniel Micay(daniel.micay (a] copperhead.co): CVE-2015-6609 231 </li> 232 <li> 233 KAIST (dkay (a] kaist.ac.kr): CVE-2015-6614 234 </li> 235 <li> 236 KAIST (hongilk (a] kaist.ac.kr): CVE-2015-6614 237 </li> 238 <li> 239 Trend Micro Jack Tang(@jacktang310): CVE-2015-6611 240 </li> 241 <li> 242 Trend Micro Peter Pi: CVE-2015-6611 243 </li> 244 <li> 245 Google Project Zero Natalie Silvanovich: CVE-2015-6608 246 </li> 247 <li> 248 KeenTeam(@K33nTeam, 249 http://k33nteam.org/) Qidan He(@flanker_hqd). Wen Xu(@antlr7): CVE-2015-6612 250 </li> 251 <li> 252 Trend Micro Seven Shen: CVE-2015-6610 253 </li> 254 </ul> 255 <h2 id="security_vulnerability_details" style="margin-bottom:0px"> 256 257 </h2> 258 <hr/> 259 <p> 260 261 <a href="http://source.android.com/security/bulletin/2015-11-01.html#security_vulnerability_summary"> 262 263 </a> 264 265 . , CVE, , , 266 . 267 AOSP 268 ID . AOSP 269 ID . 270 </p> 271 <h3 id="remote_code_execution_vulnerabilities_in_mediaserver"> 272 273 </h3> 274 <p> 275 276 277 . 278 </p> 279 <p> 280 , 281 , MMS 282 . 283 </p> 284 <p> 285 286 . 287 3 288 . 289 </p> 290 <table> 291 <tbody> 292 <tr> 293 <th> 294 CVE 295 </th> 296 <th> 297 AOSP 298 </th> 299 <th> 300 301 </th> 302 <th> 303 304 </th> 305 <th> 306 307 </th> 308 </tr> 309 <tr> 310 <td rowspan="6"> 311 CVE-2015-6608 312 </td> 313 <td> 314 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/8ec845c8fe0f03bc57c901bc484541bdd6a7cf80"> 315 ANDROID-19779574 316 </a> 317 </td> 318 <td rowspan="3"> 319 320 </td> 321 <td rowspan="3"> 322 5.0, 5.1, 6.0 323 </td> 324 <td rowspan="3"> 325 Google 326 </td> 327 </tr> 328 <tr> 329 <td> 330 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c6a2815eadfce62702d58b3fa3887f24c49e1864"> 331 ANDROID-23680780 332 </a> 333 </td> 334 </tr> 335 <tr> 336 <td> 337 <a href="https://android.googlesource.com/platform%2Fexternal%2Faac/+/b3c5a4bb8442ab3158fa1f52b790fadc64546f46"> 338 ANDROID-23876444 339 </a> 340 </td> 341 </tr> 342 <tr> 343 <td> 344 <a href="https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/3830d0b585ada64ee75dea6da267505b19c622fd"> 345 ANDROID-23881715 346 </a> 347 </td> 348 <td> 349 350 </td> 351 <td> 352 4.4, 5.0, 5.1, 6.0 353 </td> 354 <td> 355 Google 356 </td> 357 </tr> 358 <tr> 359 <td> 360 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3878b990f7d53eae7c2cf9246b6ef2db5a049872"> 361 ANDROID-14388161 362 </a> 363 </td> 364 <td> 365 366 </td> 367 <td> 368 4.4 5.1 369 </td> 370 <td> 371 Google 372 </td> 373 </tr> 374 <tr> 375 <td> 376 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f3eb82683a80341f5ac23057aab733a57963cab2"> 377 ANDROID-23658148 378 </a> 379 </td> 380 <td> 381 382 </td> 383 <td> 384 5.0, 5.1, 6.0 385 </td> 386 <td> 387 Google 388 </td> 389 </tr> 390 </tbody> 391 </table> 392 <h3 id="remote_code_execution_vulnerability_in_libutils"> 393 libutils 394 </h3> 395 <p> 396 libutils 397 . 398 399 . 400 </p> 401 <p> 402 API 403 MMS 404 . 405 . 406 3 407 . 408 </p> 409 <table> 410 <tbody> 411 <tr> 412 <th> 413 CVE 414 </th> 415 <th> 416 AOSP 417 </th> 418 <th> 419 420 </th> 421 <th> 422 423 </th> 424 <th> 425 426 </th> 427 </tr> 428 <tr> 429 <td> 430 CVE-2015-6609 431 </td> 432 <td> 433 <a href="https://android.googlesource.com/platform%2Fbootable%2Frecovery/+/ec63d564a86ad5b30f75aa307b4bd271f6a96a56"> 434 ANDROID-22953624 435 </a> 436 [ 437 <a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/419e6c3c68413bd6dbb6872340b2ae0d69a0fd60"> 438 2 439 </a> 440 ] 441 </td> 442 <td> 443 444 </td> 445 <td> 446 6.0 447 </td> 448 <td> 449 2015 8 3 450 </td> 451 </tr> 452 </tbody> 453 </table> 454 <h3 id="information_disclosure_vulnerabilities_in_mediaserver"> 455 456 </h3> 457 <p> 458 459 460 . 461 </p> 462 <table> 463 <tbody> 464 <tr> 465 <th> 466 CVE 467 </th> 468 <th> 469 AOSP 470 </th> 471 <th> 472 473 </th> 474 <th> 475 476 </th> 477 <th> 478 479 </th> 480 </tr> 481 <tr> 482 <td rowspan="12"> 483 CVE-2015-6611 484 </td> 485 <td> 486 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/1c7719820359f4190cd4bfd1a24d521face7b4f8"> 487 ANDROID-23905951 488 </a> 489 [ 490 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3b76870d146b1350db8a2f7797e06897c8c92dc2"> 491 2 492 </a> 493 ] 494 [ 495 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/40715a2ee896edd2df4023d9f6f586977887d34c"> 496 3 497 </a> 498 ] 499 </td> 500 <td rowspan="3"> 501 502 </td> 503 <td rowspan="3"> 504 6.0 505 </td> 506 <td rowspan="3"> 507 2015 9 7 508 </td> 509 </tr> 510 <tr> 511 <td> 512 ANDROID-23912202* 513 </td> 514 </tr> 515 <tr> 516 <td> 517 ANDROID-23953967* 518 </td> 519 </tr> 520 <tr> 521 <td> 522 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fnative/+/b414255f53b560a06e642251535b019327ba0d7b"> 523 ANDROID-23696300 524 </a> 525 </td> 526 <td> 527 528 </td> 529 <td> 530 6.0 531 </td> 532 <td> 533 2015 8 31 534 </td> 535 </tr> 536 <tr> 537 <td> 538 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/09ed70fab1f1424971ccc105dcdf5be5ce2e2643"> 539 ANDROID-23600291 540 </a> 541 </td> 542 <td> 543 544 </td> 545 <td> 546 6.0 547 </td> 548 <td> 549 2015 8 26 550 </td> 551 </tr> 552 <tr> 553 <td> 554 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/892354335d49f0b9fcd10e20e0c13e3cd0f1f1cb"> 555 ANDROID-23756261 556 </a> 557 [ 558 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/a946d844a77906072f5eb7093d41db465d6514bb"> 559 2 560 </a> 561 ] 562 </td> 563 <td> 564 565 </td> 566 <td> 567 6.0 568 </td> 569 <td> 570 2015 8 26 571 </td> 572 </tr> 573 <tr> 574 <td> 575 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/57bed83a539535bb64a33722fb67231119cb0618"> 576 ANDROID-23540907 577 </a> 578 [ 579 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/25a634427dec455b79d73562131985ae85b98c43"> 580 2 581 </a> 582 ] 583 </td> 584 <td> 585 586 </td> 587 <td> 588 5.1 589 </td> 590 <td> 591 2015 8 25 592 </td> 593 </tr> 594 <tr> 595 <td> 596 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/d53aced041b7214a92b1f2fd5970d895bb9934e5"> 597 ANDROID-23541506 598 </a> 599 </td> 600 <td rowspan="4"> 601 602 </td> 603 <td rowspan="4"> 604 6.0 605 </td> 606 <td rowspan="4"> 607 2015 8 25 608 </td> 609 </tr> 610 <tr> 611 <td> 612 ANDROID-23284974* 613 </td> 614 </tr> 615 <tr> 616 <td> 617 ANDROID-23542351* 618 </td> 619 </tr> 620 <tr> 621 <td> 622 ANDROID-23542352* 623 </td> 624 </tr> 625 <tr> 626 <td> 627 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/0981df6e3db106bfb7a56a2b668c012fcc34dd2c"> 628 ANDROID-23515142 629 </a> 630 </td> 631 <td> 632 633 </td> 634 <td> 635 5.1 636 </td> 637 <td> 638 2015 8 19 639 </td> 640 </tr> 641 </tbody> 642 </table> 643 <p> 644 * AOSP . 645 </p> 646 <h3 id="elevation_of_privilege_vulnerability_in_libstagefright"> 647 libstagefright 648 </h3> 649 <p> 650 libstagefright 651 652 . 653 654 . 655 </p> 656 <table> 657 <tbody> 658 <tr> 659 <th> 660 CVE 661 </th> 662 <th> 663 AOSP 664 </th> 665 <th> 666 667 </th> 668 <th> 669 670 </th> 671 <th> 672 673 </th> 674 </tr> 675 <tr> 676 <td> 677 CVE-2015-6610 678 </td> 679 <td> 680 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/d26052738f7b095b7e318c8dde7f32db0a48450c"> 681 ANDROID-23707088 682 </a> 683 [ 684 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/820c105f7a4dc0971ee563caea4c9b346854a2f7"> 685 2 686 </a> 687 ] 688 </td> 689 <td> 690 691 </td> 692 <td> 693 6.0 694 </td> 695 <td> 696 2015 8 19 697 </td> 698 </tr> 699 </tbody> 700 </table> 701 <h3 id="elevation_of_privilege_vulnerability_in_libmedia"> 702 libmedia 703 </h3> 704 <p> 705 libmedia 706 707 . 3 708 . 709 </p> 710 <table> 711 <tbody> 712 <tr> 713 <th> 714 CVE 715 </th> 716 <th> 717 AOSP 718 </th> 719 <th> 720 721 </th> 722 <th> 723 724 </th> 725 <th> 726 727 </th> 728 </tr> 729 <tr> 730 <td> 731 CVE-2015-6612 732 </td> 733 <td> 734 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/4b219e9e5ab237eec9931497cf10db4d78982d84"> 735 ANDROID-23540426 736 </a> 737 </td> 738 <td> 739 740 </td> 741 <td> 742 6.0 743 </td> 744 <td> 745 2015 8 23 746 </td> 747 </tr> 748 </tbody> 749 </table> 750 <h3 id="elevation_of_privilege_vulnerability_in_bluetooth"> 751 752 </h3> 753 <p> 754 755 . 756 3 757 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 758 759 </a> 760 761 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 762 SignatureOrSystem 763 </a> 764 . 765 </p> 766 <table> 767 <tbody> 768 <tr> 769 <th> 770 CVE 771 </th> 772 <th> 773 AOSP 774 </th> 775 <th> 776 777 </th> 778 <th> 779 780 </th> 781 <th> 782 783 </th> 784 </tr> 785 <tr> 786 <td> 787 CVE-2015-6613 788 </td> 789 <td> 790 <a href="https://android.googlesource.com/platform%2Fsystem%2Fbt/+/74dad51510f7d7b05c6617ef88168bf0bbdf3fcd"> 791 ANDROID-24371736 792 </a> 793 </td> 794 <td> 795 796 </td> 797 <td> 798 6.0 799 </td> 800 <td> 801 Google 802 </td> 803 </tr> 804 </tbody> 805 </table> 806 <h3 id="elevation_of_privilege_vulnerability_in_telephony"> 807 808 </h3> 809 <p> 810 811 812 . 813 814 . ' 815 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 816 817 </a> 818 ' 819 . 820 </p> 821 <table> 822 <tbody> 823 <tr> 824 <th> 825 CVE 826 </th> 827 <th> 828 AOSP 829 </th> 830 <th> 831 832 </th> 833 <th> 834 835 </th> 836 <th> 837 838 </th> 839 </tr> 840 <tr> 841 <td> 842 CVE-2015-6614 843 </td> 844 <td> 845 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Ftelephony/+/70dd1f77873913635288e513564a6c93ae4d0a26"> 846 ANDROID-21900139 847 </a> 848 [ 849 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/a12044215b1148826ea9a88d5d1102378b13922f"> 850 2 851 </a> 852 ] 853 [ 854 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/2b6af396ad14def9a967f62cccc87ee715823bb1"> 855 3 856 </a> 857 ] 858 </td> 859 <td> 860 861 </td> 862 <td> 863 5.0, 5.1 864 </td> 865 <td> 866 2015 6 8 867 </td> 868 </tr> 869 </tbody> 870 </table> 871 <h3 id="common_questions_and_answers"> 872 873 </h3> 874 <p> 875 876 . 877 </p> 878 <p> 879 <strong> 880 1. ? 881 </strong> 882 </p> 883 <p> 884 LMY48X 2015 11 1 885 Android Marshmallow . 886 <a href="https://support.google.com/nexus/answer/4457705"> 887 Nexus 888 </a> 889 . 890 . 891 [ro.build.version.security_patch]:[2015-11-01] 892 </p> 893 <h2 id="revisions" style="margin-bottom:0px"> 894 895 </h2> 896 <hr/> 897 <ul> 898 <li> 899 2015 11 2: 900 </li> 901 </ul> 902 </div> 903 <div class="content-footer-sac" itemscope="" itemtype="http://schema.org/SiteNavigationElement"> 904 <div class="layout-content-col col-9" style="padding-top:4px"> 905 </div> 906 <div class="paging-links layout-content-col col-4"> 907 </div> 908 </div> 909 </div> 910 911 </body> 912 </html> 913