1 <html devsite> 2 <head> 3 <title>Nexus - 2016 2</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2016 2 1 | 2016 3 7 </em></p> 27 28 <p>Google Android 29 Nexus . 30 Nexus <a href="https://developers.google.com/android/nexus/images">Google </a> . 31 32 LMY49G 2016 2 1 Android M . 33 <a href="https://support.google.com/nexus/answer/4457705">Nexus </a> .</p> 34 35 <p> 2016 1 4 . , 36 Android (AOSP) .</p> 37 38 <p> 39 , MMS 40 . 41 Broadcom Wi-Fi 42 .</p> 43 44 <p> 45 . SafetyNet Android <a href="/security/enhancements/index.html">Android </a> 46 <a href="#mitigations"></a> . 47 .</p> 48 49 <h2 id="security_vulnerability_summary"> </h2> 50 51 52 <p> , ID(CVE), 53 . <a href="/security/overview/updates-resources.html#severity"> </a> 54 55 .</p> 56 <table> 57 <tr> 58 <th></th> 59 <th>CVE</th> 60 <th></th> 61 </tr> 62 <tr> 63 <td>Broadcom Wi-Fi </td> 64 <td>CVE-2016-0801<br> 65 CVE-2016-0802</td> 66 <td></td> 67 </tr> 68 <tr> 69 <td> </td> 70 <td>CVE-2016-0803<br> 71 CVE-2016-0804</td> 72 <td></td> 73 </tr> 74 <tr> 75 <td>Qualcomm </td> 76 <td>CVE-2016-0805</td> 77 <td></td> 78 </tr> 79 <tr> 80 <td>Qualcomm Wi-Fi </td> 81 <td>CVE-2016-0806</td> 82 <td></td> 83 </tr> 84 <tr> 85 <td>Debugger Daemon </td> 86 <td>CVE-2016-0807</td> 87 <td></td> 88 </tr> 89 <tr> 90 <td>Minikin (DoS) </td> 91 <td>CVE-2016-0808</td> 92 <td></td> 93 </tr> 94 <tr> 95 <td>Wi-Fi </td> 96 <td>CVE-2016-0809</td> 97 <td></td> 98 </tr> 99 <tr> 100 <td> </td> 101 <td>CVE-2016-0810</td> 102 <td></td> 103 </tr> 104 <tr> 105 <td>libmediaplayerservice </td> 106 <td>CVE-2016-0811</td> 107 <td></td> 108 </tr> 109 <tr> 110 <td> </td> 111 <td>CVE-2016-0812<br> 112 CVE-2016-0813</td> 113 <td></td> 114 </tr> 115 </table> 116 117 118 <h3 id="mitigations"></h3> 119 120 121 <p> SafetyNet <a href="https://source.android.com/security/enhancements/index.html">Android </a> . 122 Android 123 .</p> 124 125 <ul> 126 <li> Android Android 127 . 128 Android . 129 <li> Android 130 SafetyNet 131 . Google Play . 132 Google Play 133 . 134 135 . 136 137 . 138 <li> Google 139 . 140 </li></li></li></ul> 141 142 <h3 id="acknowledgements"></h3> 143 144 145 <p> .</p> 146 147 <ul> 148 <li> Android Chrome : CVE-2016-0809, CVE-2016-0810 149 <li> Broadgate: CVE-2016-0801, CVE-2015-0802 150 <li> <a href="http://www.360safe.com/">Qihoo 360</a> <a href="http://c0reteam.org">C0RE</a> Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Xuxian Jiang 151 : CVE-2016-0804 152 <li> Google Pixel C David Riley: CVE-2016-0812 153 <li> Qihoo 360 Lab IceSword 154 Gengjia Chen(<a href="https://twitter.com/@chengjia4574">@chengjia4574</a>): CVE-2016-0805 155 <li> Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>) 156 Qidan He(<a href="https://twitter.com/@Flanker_hqd">@Flanker_hqd</a>): CVE-2016-0811 157 <li> Trend Micro(<a href="http://www.trendmicro.com">www.trendmicro.com</a>) 158 Seven Shen(<a href="https://twitter.com/@lingtongshen">@lingtongshen</a>): CVE-2016-0803 159 <li> Alibaba Inc Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2016-0808 160 <li> Android Zach Riggle(<a href="https://twitter.com/@ebeip90">@ebeip90</a>): CVE-2016-0807 161 </li></li></li></li></li></li></li></li></li></li></li></ul> 162 163 <h2 id="security_vulnerability_details"> </h2> 164 165 166 <p> <a href="#security_vulnerability_summary"> </a> 167 . , CVE, , , 168 . 169 AOSP ID . 170 AOSP ID . </p> 171 172 <h3 id="remote_code_execution_vulnerability_in_broadcom_wi-fi_driver">Broadcom Wi-Fi </h3> 173 174 175 <p>Broadcom Wi-Fi 176 177 . 178 . 179 180 .</p> 181 <table> 182 <tr> 183 <th>CVE</th> 184 <th></th> 185 <th></th> 186 <th> </th> 187 <th> </th> 188 </tr> 189 <tr> 190 <td>CVE-2016-0801</td> 191 <td><a href="https://android.googlesource.com/kernel/msm/+/68cdc8df1cb6622980b791ce03e99c255c9888af^!">ANDROID-25662029</a><br> 192 <a href="https://android.googlesource.com/kernel/msm/+/68cdc8df1cb6622980b791ce03e99c255c9888af^!">ANDROID-25662233</a></td> 193 <td></td> 194 <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td> 195 <td>2015 10 25</td> 196 </tr> 197 <tr> 198 <td>CVE-2016-0802</td> 199 <td><a href="https://android.googlesource.com/kernel/msm/+/3fffc78f70dc101add8b82af878d53457713d005^%21/">ANDROID-25306181</a></td> 200 <td></td> 201 <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td> 202 <td>2015 10 26</td> 203 </tr> 204 </table> 205 206 <h3 id="remote_code_execution_vulnerability_in_mediaserver"> </h3> 207 208 <p> 209 210 .</p> 211 212 <p> , 213 , MMS 214 .</p> 215 216 <p> 217 . 218 219 .</p> 220 <table> 221 <tr> 222 <th>CVE</th> 223 <th>AOSP </th> 224 <th></th> 225 <th> </th> 226 <th> </th> 227 </tr> 228 <tr> 229 <td>CVE-2016-0803</td> 230 <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/50270d98e26fa18b20ca88216c3526667b724ba7">ANDROID-25812794</a></td> 231 <td></td> 232 <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td> 233 <td>2015 11 19</td> 234 </tr> 235 <tr> 236 <td>CVE-2016-0804</td> 237 <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/224858e719d045c8554856b12c4ab73d2375cf33">ANDROID-25070434</a></td> 238 <td></td> 239 <td>5.0, 5.1.1, 6.0, 6.0.1</td> 240 <td>2015 10 12</td> 241 </tr> 242 </table> 243 244 245 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module">Qualcomm </h3> 246 247 248 <p>Qualcomm ARM 249 250 . 251 252 .</p> 253 <table> 254 <tr> 255 <th>CVE</th> 256 <th></th> 257 <th></th> 258 <th> </th> 259 <th> </th> 260 </tr> 261 <tr> 262 <td>CVE-2016-0805</td> 263 <td>ANDROID-25773204*</td> 264 <td></td> 265 <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td> 266 <td>2015 11 15</td> 267 </tr> 268 </table> 269 270 <p>* AOSP . 271 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus .</p> 272 273 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wifi_driver">Qualcomm Wi-Fi </h3> 274 275 276 <p>Qualcomm Wi-Fi 277 . 278 279 .</p> 280 <table> 281 <tr> 282 <th>CVE</th> 283 <th></th> 284 <th></th> 285 <th> </th> 286 <th> </th> 287 </tr> 288 <tr> 289 <td>CVE-2016-0806</td> 290 <td>ANDROID-25344453*</td> 291 <td></td> 292 <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td> 293 <td>2015 11 15</td> 294 </tr> 295 </table> 296 297 <p>* AOSP . 298 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Nexus .</p> 299 300 <h3 id="elevation_of_privilege_vulnerability_in_the_debuggerd">Debuggerd </h3> 301 302 303 <p>Debuggerd 304 . 305 306 .</p> 307 <table> 308 <tr> 309 <th>CVE</th> 310 <th>AOSP </th> 311 <th></th> 312 <th> </th> 313 <th> </th> 314 </tr> 315 <tr> 316 <td>CVE-2016-0807</td> 317 <td><a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/d917514bd6b270df431ea4e781a865764d406120">ANDROID-25187394</a></td> 318 <td></td> 319 <td>6.0 6.0.1</td> 320 <td>Google </td> 321 </tr> 322 </table> 323 324 325 <h3 id="denial_of_service_vulnerability_in_minikin">Minikin (DoS) </h3> 326 327 328 <p>Minikin 329 . 330 Minikin . 331 .</p> 332 <table> 333 <tr> 334 <th>CVE</th> 335 <th>AOSP </th> 336 <th></th> 337 <th> </th> 338 <th> </th> 339 </tr> 340 <tr> 341 <td>CVE-2016-0808</td> 342 <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ed4c8d79153baab7f26562afb8930652dfbf853b">ANDROID-25645298</a></td> 343 <td></td> 344 <td>5.0, 5.1.1, 6.0, 6.0.1</td> 345 <td>2015 11 3</td> 346 </tr> 347 </table> 348 349 350 <h3 id="elevation_of_privilege_vulnerability_in_wi-fi">Wi-Fi </h3> 351 352 353 <p>Wi-Fi 354 . . 355 356 '<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"></a>' . 357 .</p> 358 <table> 359 <tr> 360 <th>CVE</th> 361 <th>AOSP </th> 362 <th></th> 363 <th> </th> 364 <th> </th> 365 </tr> 366 <tr> 367 <td>CVE-2016-0809</td> 368 <td><a href="https://android.googlesource.com/platform/hardware/broadcom/wlan/+/2c5a4fac8bc8198f6a2635ede776f8de40a0c3e1^%21/#F0">ANDROID-25753768</a></td> 369 <td></td> 370 <td>6.0, 6.0.1</td> 371 <td>Google </td> 372 </tr> 373 </table> 374 375 376 <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> </h3> 377 378 379 <p> 380 . 381 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"></a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 382 .</p> 383 <table> 384 <tr> 385 <th>CVE</th> 386 <th>AOSP </th> 387 <th></th> 388 <th> </th> 389 <th> </th> 390 </tr> 391 <tr> 392 <td>CVE-2016-0810</td> 393 <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/19c47afbc402542720ddd280e1bbde3b2277b586">ANDROID-25781119</a></td> 394 <td></td> 395 <td>4.4.4, 5.0, 5.1.1, 6.0, 6.0.1</td> 396 <td>Google </td> 397 </tr> 398 </table> 399 400 401 <h3 id="information_disclosure_vulnerability_in_libmediaplayerservice">libmediaplayerservice </h3> 402 403 404 <p>libmediaplayerservice 405 . 406 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"></a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 407 .</p> 408 <table> 409 <tr> 410 <th>CVE</th> 411 <th>AOSP </th> 412 <th></th> 413 <th> </th> 414 <th> </th> 415 </tr> 416 <tr> 417 <td>CVE-2016-0811</td> 418 <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/22f824feac43d5758f9a70b77f2aca840ba62c3b">ANDROID-25800375</a></td> 419 <td></td> 420 <td>6.0, 6.0.1</td> 421 <td>2015 11 16</td> 422 </tr> 423 </table> 424 425 426 <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard"> </h3> 427 428 429 <p> 430 . 431 432 .</p> 433 <table> 434 <tr> 435 <th>CVE</th> 436 <th>AOSP </th> 437 <th></th> 438 <th> </th> 439 <th> </th> 440 </tr> 441 <tr> 442 <td>CVE-2016-0812</td> 443 <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/84669ca8de55d38073a0dcb01074233b0a417541">ANDROID-25229538</a></td> 444 <td></td> 445 <td>5.1.1, 6.0</td> 446 <td>Google </td> 447 </tr> 448 <tr> 449 <td>CVE-2016-0813</td> 450 <td><a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/16a76dadcc23a13223e9c2216dad1fe5cad7d6e1">ANDROID-25476219</a></td> 451 <td></td> 452 <td>5.1.1, 6.0, 6.0.1</td> 453 <td>Google </td> 454 </tr> 455 </table> 456 457 <h3 id="common_questions_and_answers"> </h3> 458 459 <p> 460 .</p> 461 462 <p><strong>1. ?</strong></p> 463 464 <p> LMY49G 2016 2 1 Android 6.0 . 465 <a href="https://support.google.com/nexus/answer/4457705">Nexus </a> . 466 . 467 [ro.build.version.security_patch]:[2016-02-01]</p> 468 469 <h2 id="revisions"></h2> 470 471 472 <ul> 473 <li> 2016 2 1 474 <li> 2016 2 2: AOSP 475 <li> 2016 3 7: AOSP 476 477 </li></li></li></ul> 478 479 </body> 480 </html> 481
