1 <html devsite> 2 <head> 3 <title>Android 2016 11</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2016 11 7 | 2016 11 8 </em></p> 27 <p> 28 Android Android 29 . (OTA) 30 Google . Google 31 <a href="https://developers.google.com/android/nexus/images">Google </a> 32 . 2016 11 6 33 . <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 34 Nexus 35 </a> .</p> 36 <p> 37 2016 10 20 38 . , Android 39 (AOSP) . 40 AOSP . 41 </p> 42 <p> 43 44 , MMS 45 .</p> 46 <p> 47 48 . <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android 49 <a href="/security/enhancements/index.html">Android </a> 50 51 <a href="#mitigations">Android Google </a> .</p> 52 <p> 53 .</p> 54 <h2 id="announcements"></h2> 55 <ul> 56 <li>Pixel Pixel XL 57 <a href="#google-devices">Google </a> 58 'Nexus ' 'Google ' . 59 </li> 60 <li> Android Android 61 62 . <a href="#common-questions-and-answers"> 63 </a> 64 . 65 <ul> 66 <li><strong>2016-11-01</strong>: . 67 2016-11-01 68 .</li> 69 <li><strong>2016-11-05</strong>: . 70 2016-11-01 2016-11-05 71 .</li> 72 <li><strong> </strong> 73 <p> 74 . 75 2016-12-01 . 76 </p> 77 <ul> 78 <li><strong>2016-11-06</strong>: 79 2016 10 19 CVE-2016-5195 2016-11-05 80 .</li> 81 </ul> 82 </li> 83 </ul> 84 </li> 85 <li> Google 2016 11 5 86 OTA .</li> 87 </ul> 88 89 <h2 id="security-vulnerability-summary"> </h2> 90 <p> 91 , ID(CVE), 92 Google 93 . <a href="/security/overview/updates-resources.html#severity"> </a> 94 95 96 .</p> 97 <h3 id="2016-11-01-summary">2016-11-01 98 </h3> 99 <p> 100 2016-11-01 .</p> 101 <table> 102 <col width="55%"> 103 <col width="20%"> 104 <col width="13%"> 105 <col width="12%"> 106 <tr> 107 <th></th> 108 <th>CVE</th> 109 <th></th> 110 <th>Google </th> 111 </tr> 112 <tr> 113 <td> </td> 114 <td>CVE-2016-6699</td> 115 <td></td> 116 <td></td> 117 </tr> 118 <tr> 119 <td>libzipfile </td> 120 <td>CVE-2016-6700</td> 121 <td></td> 122 <td>*</td> 123 </tr> 124 <tr> 125 <td>Skia </td> 126 <td>CVE-2016-6701</td> 127 <td></td> 128 <td></td> 129 </tr> 130 <tr> 131 <td>libjpeg </td> 132 <td>CVE-2016-6702</td> 133 <td></td> 134 <td>*</td> 135 </tr> 136 <tr> 137 <td>Android </td> 138 <td>CVE-2016-6703</td> 139 <td></td> 140 <td>*</td> 141 </tr> 142 <tr> 143 <td> </td> 144 <td>CVE-2016-6704, CVE-2016-6705, CVE-2016-6706</td> 145 <td></td> 146 <td></td> 147 </tr> 148 <tr> 149 <td> </td> 150 <td>CVE-2016-6707</td> 151 <td></td> 152 <td></td> 153 </tr> 154 <tr> 155 <td> UI </td> 156 <td>CVE-2016-6708</td> 157 <td></td> 158 <td></td> 159 </tr> 160 <tr> 161 <td>Conscrypt </td> 162 <td>CVE-2016-6709</td> 163 <td></td> 164 <td></td> 165 </tr> 166 <tr> 167 <td> </td> 168 <td>CVE-2016-6710</td> 169 <td></td> 170 <td></td> 171 </tr> 172 <tr> 173 <td> (DoS) </td> 174 <td>CVE-2014-9908</td> 175 <td></td> 176 <td>*</td> 177 </tr> 178 <tr> 179 <td>OpenJDK (DoS) </td> 180 <td>CVE-2015-0410</td> 181 <td></td> 182 <td></td> 183 </tr> 184 <tr> 185 <td> (DoS) </td> 186 <td>CVE-2016-6711, CVE-2016-6712, CVE-2016-6713, CVE-2016-6714</td> 187 <td></td> 188 <td></td> 189 </tr> 190 <tr> 191 <td> API </td> 192 <td>CVE-2016-6715</td> 193 <td></td> 194 <td></td> 195 </tr> 196 <tr> 197 <td>AOSP </td> 198 <td>CVE-2016-6716</td> 199 <td></td> 200 <td></td> 201 </tr> 202 <tr> 203 <td> </td> 204 <td>CVE-2016-6717</td> 205 <td></td> 206 <td></td> 207 </tr> 208 <tr> 209 <td> </td> 210 <td>CVE-2016-6718</td> 211 <td></td> 212 <td></td> 213 </tr> 214 <tr> 215 <td> </td> 216 <td>CVE-2016-6719</td> 217 <td></td> 218 <td></td> 219 </tr> 220 <tr> 221 <td> </td> 222 <td>CVE-2016-6720, CVE-2016-6721, CVE-2016-6722</td> 223 <td></td> 224 <td></td> 225 </tr> 226 <tr> 227 <td> (DoS) </td> 228 <td>CVE-2016-6723</td> 229 <td></td> 230 <td></td> 231 </tr> 232 <tr> 233 <td> (DoS) </td> 234 <td>CVE-2016-6724</td> 235 <td></td> 236 <td></td> 237 </tr> 238 </table> 239 <p> 240 * Android 7.0 Google 241 .</p> 242 <h3 id="2016-11-05-summary">2016-11-05 243 </h3> 244 <p> 245 2016-11-01 2016-11-05 246 .</p> 247 <table> 248 <col width="55%"> 249 <col width="20%"> 250 <col width="13%"> 251 <col width="12%"> 252 <tr> 253 <th></th> 254 <th>CVE</th> 255 <th></th> 256 <th>Google </th> 257 </tr> 258 <tr> 259 <td>Qualcomm </td> 260 <td>CVE-2016-6725</td> 261 <td></td> 262 <td></td> 263 </tr> 264 <tr> 265 <td> </td> 266 <td>CVE-2015-8961, CVE-2016-7910, CVE-2016-7911</td> 267 <td></td> 268 <td></td> 269 </tr> 270 <tr> 271 <td> SCSI </td> 272 <td>CVE-2015-8962</td> 273 <td></td> 274 <td></td> 275 </tr> 276 <tr> 277 <td> </td> 278 <td>CVE-2016-7913</td> 279 <td></td> 280 <td></td> 281 </tr> 282 <tr> 283 <td> USB </td> 284 <td>CVE-2016-7912</td> 285 <td></td> 286 <td></td> 287 </tr> 288 <tr> 289 <td> ION </td> 290 <td>CVE-2016-6728</td> 291 <td></td> 292 <td></td> 293 </tr> 294 <tr> 295 <td>Qualcomm </td> 296 <td>CVE-2016-6729</td> 297 <td></td> 298 <td></td> 299 </tr> 300 <tr> 301 <td>NVIDIA GPU </td> 302 <td>CVE-2016-6730, CVE-2016-6731, CVE-2016-6732, CVE-2016-6733, 303 CVE-2016-6734, CVE-2016-6735, CVE-2016-6736</td> 304 <td></td> 305 <td></td> 306 </tr> 307 <tr> 308 <td> </td> 309 <td>CVE-2016-6828</td> 310 <td></td> 311 <td></td> 312 </tr> 313 <tr> 314 <td> </td> 315 <td>CVE-2016-2184</td> 316 <td></td> 317 <td></td> 318 </tr> 319 <tr> 320 <td> ION </td> 321 <td>CVE-2016-6737</td> 322 <td></td> 323 <td></td> 324 </tr> 325 <tr> 326 <td>Qualcomm </td> 327 <td>CVE-2016-6726, CVE-2016-6727</td> 328 <td></td> 329 <td></td> 330 </tr> 331 <tr> 332 <td>Expat </td> 333 <td>CVE-2016-0718, CVE-2012-6702, CVE-2016-5300, CVE-2015-1283</td> 334 <td></td> 335 <td>*</td> 336 </tr> 337 <tr> 338 <td>Webview </td> 339 <td>CVE-2016-6754</td> 340 <td></td> 341 <td>*</td> 342 </tr> 343 <tr> 344 <td>Freetype </td> 345 <td>CVE-2014-9675</td> 346 <td></td> 347 <td>*</td> 348 </tr> 349 <tr> 350 <td> </td> 351 <td>CVE-2015-8963</td> 352 <td></td> 353 <td></td> 354 </tr> 355 <tr> 356 <td> 357 </td> 358 <td>CVE-2016-6136</td> 359 <td></td> 360 <td></td> 361 </tr> 362 <tr> 363 <td>Qualcomm </td> 364 <td>CVE-2016-6738</td> 365 <td></td> 366 <td></td> 367 </tr> 368 <tr> 369 <td>Qualcomm </td> 370 <td>CVE-2016-6739, CVE-2016-6740, CVE-2016-6741</td> 371 <td></td> 372 <td></td> 373 </tr> 374 <tr> 375 <td>Qualcomm </td> 376 <td>CVE-2016-3904</td> 377 <td></td> 378 <td></td> 379 </tr> 380 <tr> 381 <td>Synaptics </td> 382 <td>CVE-2016-6742, CVE-2016-6744, CVE-2016-6745, CVE-2016-6743</td> 383 <td></td> 384 <td></td> 385 </tr> 386 <tr> 387 <td> </td> 388 <td>CVE-2015-8964, CVE-2016-7914, CVE-2016-7915, CVE-2016-7916</td> 389 <td></td> 390 <td></td> 391 </tr> 392 <tr> 393 <td>NVIDIA GPU </td> 394 <td>CVE-2016-6746</td> 395 <td></td> 396 <td></td> 397 </tr> 398 <tr> 399 <td> (DoS) </td> 400 <td>CVE-2016-6747</td> 401 <td></td> 402 <td></td> 403 </tr> 404 <tr> 405 <td> </td> 406 <td>CVE-2016-6753, CVE-2016-7917</td> 407 <td></td> 408 <td></td> 409 </tr> 410 <tr> 411 <td>Qualcomm </td> 412 <td>CVE-2016-6748, CVE-2016-6749, CVE-2016-6750, CVE-2016-3906, 413 CVE-2016-3907, CVE-2016-6698, CVE-2016-6751, CVE-2016-6752</td> 414 <td></td> 415 <td></td> 416 </tr> 417 </table> 418 <p> 419 * Android 7.0 Google 420 .</p> 421 <h3 id="2016-11-06-summary">2016-11-06 422 </h3> 423 <p> 424 2016-11-05 2016-11-01 2016-11-06 425 .</p> 426 <table> 427 <col width="55%"> 428 <col width="20%"> 429 <col width="13%"> 430 <col width="12%"> 431 <tr> 432 <th></th> 433 <th>CVE</th> 434 <th></th> 435 <th>Google </th> 436 </tr> 437 <tr> 438 <td> </td> 439 <td>CVE-2016-5195</td> 440 <td></td> 441 <td></td> 442 </tr> 443 </table> 444 445 <h2 id="mitigations">Android Google 446 </h2> 447 <p> 448 SafetyNet <a href="/security/enhancements/index.html">Android </a> 449 . 450 Android 451 .</p> 452 <ul> 453 <li>Android Android 454 . Android 455 .</li> 456 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"> </a> 457 458 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> 459 . <a href="http://www.android.com/gms">Google </a> 460 461 Google Play . Google 462 Play 463 464 . 465 466 . 467 .</li> 468 <li> Google 469 .</li> 470 </ul> 471 <h2 id="acknowledgements"></h2> 472 <p> 473 .</p> 474 <ul> 475 <li>Chrome Abhishek Arya, Oliver Chang, Martin Barbella 476 : CVE-2016-6722</li> 477 <li>Google Andrei Kapishnikov, Miriam Gershenson: CVE-2016-6703</li> 478 <li>Silence Information Technology <a href="http://www.pkav.net">PKAV</a> 479 Ao Wang(<a href="http://twitter.com/@r4y2_wa">@r4y2_wa</a>), 480 <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: 481 CVE-2016-6700, CVE-2016-6702</li> 482 <li>Tencent Security Platform Department Askyshang: CVE-2016-6713</li> 483 <li>Android Billy Lau: CVE-2016-6737</li> 484 <li>University of Piraeus <a href="mailto:kpatsak (a] unipi.gr">Constantinos Patsakis</a>, 485 <a href="mailto:talepis (a] unipi.gr">Efthimios Alepis</a>: 486 CVE-2016-6715</li> 487 <li>Alibaba dragonltx: CVE-2016-6714</li> 488 <li>Project Zero Gal Beniamini: CVE-2016-6707, CVE-2016-6717</li> 489 <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a> 490 IceSword Lab 491 Gengjia Chen(<a href="http://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a> 492 : CVE-2016-6725, 493 CVE-2016-6738, CVE-2016-6740, CVE-2016-6741, CVE-2016-6742, CVE-2016-6744, 494 CVE-2016-6745, CVE-2016-3906</li> 495 <li><a href="http://twitter.com/oldfresher">Qihoo 360 Technology Co. Ltd</a>. Alpha 496 Guang Gong()(<a href="http://www.360.com">@oldfresher</a>) 497 : CVE-2016-6754</li> 498 <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a> 499 IceSword Lab 500 Jianqiang Zhao(<a href="http://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6739, 501 CVE-2016-3904, CVE-2016-3907, CVE-2016-6698</li> 502 <li>Project Zero Mark Brand: CVE-2016-6706</li> 503 <li>Google Mark Renouf: CVE-2016-6724</li> 504 <li>Micha Bednarski(<a href="https://github.com/michalbednarski">github.com/michalbednarski</a>): 505 CVE-2016-6710</li> 506 <li>Android Min Chong: CVE-2016-6743</li> 507 <li>Trend Micro Peter Pi(<a href="http://twitter.com/heisecode">@heisecode</a>) 508 : CVE-2016-6721</li> 509 <li>Tencent KeenLab 510 Qidan He()(<a href="http://twitter.com/flanker_hqd">@flanker_hqd</a>), 511 Gengming Liu()(<a href="http://twitter.com/dmxcsnsbh">@dmxcsnsbh</a>): CVE-2016-6705</li> 512 <li>Google Robin Lee: CVE-2016-6708</li> 513 <li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a>(<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-6751</li> 514 <li>Kaspersky Lab 515 Sergey Bobrov(<a href="http://twitter.com/Black2Fan">@Black2Fan</a>): CVE-2016-6716</li> 516 <li>Trend Micro Mobile Threat 517 Seven Shen(<a href="http://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-6748, CVE-2016-6749, 518 CVE-2016-6750, CVE-2016-6753</li> 519 <li>Vrije Universiteit Amsterdam Victor van der Veen, Herbert Bos, 520 Kaveh Razavi, Cristiano Giuffrida 521 Yanick Fratantonio, Martina Lindorfer, Giovanni Vigna: CVE-2016-6728</li> 522 <li>Alibaba Inc Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>) 523 : CVE-2016-6712, CVE-2016-6699, CVE-2016-6711</li> 524 <li><a href="http://c0reteam.org">C0RE</a> Wenke Dou(<a href="mailto:vancouverdou (a] gmail.com">vancouverdou (a] gmail.com</a>), 525 Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), 526 Xuxian Jiang: CVE-2016-6720</li> 527 <li>Trend Micro Inc. Wish Wu()(<a href="http://twitter.com/wish_wu">@wish_wu</a>) 528 : CVE-2016-6704</li> 529 <li><a href="https://wwws.nightwatchcybersecurity.com">Nightwatch Cybersecurity</a> 530 Yakov Shafranovich 531 : CVE-2016-6723</li> 532 <li><a href="http://c0reteam.org">C0RE</a> 533 <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a>, 534 <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang 535 : CVE-2016-6730, CVE-2016-6732, 536 CVE-2016-6734, CVE-2016-6736</li> 537 <li><a href="http://c0reteam.org">C0RE</a> 538 <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a>, 539 <a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang 540 : CVE-2016-6731, CVE-2016-6733, 541 CVE-2016-6735, CVE-2016-6746</li> 542 </ul> 543 <p> 544 Android Zach Riggle 545 .</p> 546 547 <h2 id="2016-11-01-details">2016-11-01 </h2> 548 <p> 549 <a href="#2016-11-01-summary">2016-11-01 550 </a> 551 . , 552 CVE, , , Google , 553 AOSP ( ), . 554 AOSP ID 555 . 556 ID .</p> 557 558 <h3 id="rce-in-mediaserver"> </h3> 559 <p> 560 561 562 . 563 . 564 </p> 565 <table> 566 <col width="18%"> 567 <col width="18%"> 568 <col width="10%"> 569 <col width="19%"> 570 <col width="17%"> 571 <col width="17%"> 572 <tr> 573 <th>CVE</th> 574 <th></th> 575 <th></th> 576 <th> Google </th> 577 <th> AOSP </th> 578 <th> </th> 579 </tr> 580 <tr> 581 <td>CVE-2016-6699</td> 582 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3b1c9f692c4d4b7a683c2b358fc89e831a641b88"> 583 A-31373622</a></td> 584 <td></td> 585 <td></td> 586 <td>7.0</td> 587 <td>2016 7 27</td> 588 </tr> 589 </table> 590 <h3 id="eop-in-libzipfile">libzipfile </h3> 591 <p> 592 libzipfile 593 594 . 595 , 596 . 597 </p> 598 <table> 599 <col width="18%"> 600 <col width="18%"> 601 <col width="10%"> 602 <col width="19%"> 603 <col width="17%"> 604 <col width="17%"> 605 <tr> 606 <th>CVE</th> 607 <th></th> 608 <th></th> 609 <th> Google </th> 610 <th> AOSP </th> 611 <th> </th> 612 </tr> 613 <tr> 614 <td>CVE-2016-6700</td> 615 <td>A-30916186</td> 616 <td></td> 617 <td>*</td> 618 <td>4.4.4, 5.0.2, 5.1.1</td> 619 <td>2016 8 17</td> 620 </tr> 621 </table> 622 <p> 623 * Android 7.0 Google 624 . 625 </p> 626 <h3 id="rce-in-skia">Skia </h3> 627 <p> 628 libskia 629 630 . 631 . 632 </p> 633 <table> 634 <col width="18%"> 635 <col width="18%"> 636 <col width="10%"> 637 <col width="19%"> 638 <col width="17%"> 639 <col width="17%"> 640 <tr> 641 <th>CVE</th> 642 <th></th> 643 <th></th> 644 <th> Google </th> 645 <th> AOSP </th> 646 <th> </th> 647 </tr> 648 <tr> 649 <td>CVE-2016-6701</td> 650 <td><a href="https://android.googlesource.com/platform/external/skia/+/aca73722873e908633ff27375f6f93a08cbb7dd3"> 651 A-30190637</a></td> 652 <td></td> 653 <td></td> 654 <td>7.0</td> 655 <td>Google </td> 656 </tr> 657 </table> 658 <h3 id="rce-in-libjpeg">libjpeg </h3> 659 <p> 660 libjpeg 661 662 . libjpeg 663 . 664 </p> 665 <table> 666 <col width="18%"> 667 <col width="18%"> 668 <col width="10%"> 669 <col width="19%"> 670 <col width="17%"> 671 <col width="17%"> 672 <tr> 673 <th>CVE</th> 674 <th></th> 675 <th></th> 676 <th> Google </th> 677 <th> AOSP </th> 678 <th> </th> 679 </tr> 680 <tr> 681 <td>CVE-2016-6702</td> 682 <td>A-30259087</td> 683 <td></td> 684 <td>*</td> 685 <td>4.4.4, 5.0.2, 5.1.1</td> 686 <td>2016 7 19</td> 687 </tr> 688 </table> 689 <p> 690 * Android 7.0 Google 691 . 692 </p> 693 <h3 id="rce-in-android-runtime">Android </h3> 694 <p> 695 Android 696 697 . Android 698 . 699 </p> 700 <table> 701 <col width="18%"> 702 <col width="18%"> 703 <col width="10%"> 704 <col width="19%"> 705 <col width="17%"> 706 <col width="17%"> 707 <tr> 708 <th>CVE</th> 709 <th></th> 710 <th></th> 711 <th> Google </th> 712 <th> AOSP </th> 713 <th> </th> 714 </tr> 715 <tr> 716 <td>CVE-2016-6703</td> 717 <td>A-30765246</td> 718 <td></td> 719 <td>*</td> 720 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 721 <td>Google </td> 722 </tr> 723 </table> 724 <p> 725 * Android 7.0 Google 726 . 727 </p> 728 <h3 id="eop-in-mediaserver"> </h3> 729 <p> 730 731 732 . 733 734 . 735 </p> 736 <table> 737 <col width="18%"> 738 <col width="18%"> 739 <col width="10%"> 740 <col width="19%"> 741 <col width="17%"> 742 <col width="17%"> 743 <tr> 744 <th>CVE</th> 745 <th></th> 746 <th></th> 747 <th> Google </th> 748 <th> AOSP </th> 749 <th> </th> 750 </tr> 751 <tr> 752 <td>CVE-2016-6704</td> 753 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c6c446f9e022adf20064e65a17574804f8af8e7d"> 754 A-30229821</a> 755 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/9cb9810ecb63c8ff55ecf4bc77431dc5b0688b5f">2</a>] 756 [<a href="https://android.googlesource.com/platform/system/media/+/a6274f03b4dfe1c3a22af51e3a17ea56a314e747">3</a>] 757 </td> 758 <td></td> 759 <td></td> 760 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 761 <td>2016 7 19</td> 762 </tr> 763 <tr> 764 <td>CVE-2016-6705</td> 765 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3a03fa24d21f97e84e796ac5ef14b3f434c0e8f1"> 766 A-30907212</a> 767 [<a href="https://android.googlesource.com/platform/frameworks/av/+/bd04b47d38a89f1dada1c6da2ef4a3d235c166b8">2</a>] 768 </td> 769 <td></td> 770 <td></td> 771 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 772 <td>2016 8 16</td> 773 </tr> 774 <tr> 775 <td>CVE-2016-6706</td> 776 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1d4feebdb85db46e138530f360d9ff2490e14353"> 777 A-31385713</a> 778 </td> 779 <td></td> 780 <td></td> 781 <td>7.0</td> 782 <td>2016 9 8</td> 783 </tr> 784 </table> 785 <h3 id="eop-in-system-server"> </h3> 786 <p> 787 788 789 . 790 791 . 792 </p> 793 <table> 794 <col width="18%"> 795 <col width="18%"> 796 <col width="10%"> 797 <col width="19%"> 798 <col width="17%"> 799 <col width="17%"> 800 <tr> 801 <th>CVE</th> 802 <th></th> 803 <th></th> 804 <th> Google </th> 805 <th> AOSP </th> 806 <th> </th> 807 </tr> 808 <tr> 809 <td>CVE-2016-6707</td> 810 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/16024ea7c4bae08c972cf6b3734029aad33e8870"> 811 A-31350622</a> 812 </td> 813 <td></td> 814 <td></td> 815 <td>6.0, 6.0.1, 7.0</td> 816 <td>2016 9 7</td> 817 </tr> 818 </table> 819 <h3 id="eop-in-system-ui"> UI </h3> 820 <p> 821 UI . 822 . 823 </p> 824 <table> 825 <col width="18%"> 826 <col width="18%"> 827 <col width="10%"> 828 <col width="19%"> 829 <col width="17%"> 830 <col width="17%"> 831 <tr> 832 <th>CVE</th> 833 <th></th> 834 <th></th> 835 <th> Google </th> 836 <th> AOSP </th> 837 <th> </th> 838 </tr> 839 <tr> 840 <td>CVE-2016-6708</td> 841 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/c9c73fde339b4db496f2c1ff8c18df1e9db5a7c1"> 842 A-30693465</a> 843 </td> 844 <td></td> 845 <td></td> 846 <td>7.0</td> 847 <td>Google </td> 848 </tr> 849 </table> 850 <h3 id="id-in-conscrypt">Conscrypt </h3> 851 <p> 852 Conscrypt 853 API 854 . 855 . 856 </p> 857 <table> 858 <col width="18%"> 859 <col width="18%"> 860 <col width="10%"> 861 <col width="19%"> 862 <col width="17%"> 863 <col width="17%"> 864 <tr> 865 <th>CVE</th> 866 <th></th> 867 <th></th> 868 <th> Google </th> 869 <th> AOSP </th> 870 <th> </th> 871 </tr> 872 <tr> 873 <td>CVE-2016-6709</td> 874 <td><a href="https://android.googlesource.com/platform/external/conscrypt/+/44ef9535b9afb123d150d8e0362e4bb50794dd41"> 875 A-31081987</a> 876 </td> 877 <td></td> 878 <td></td> 879 <td>6.0, 6.0.1, 7.0</td> 880 <td>2015 10 9</td> 881 </tr> 882 </table> 883 <h3 id="id-in-download-manager"> </h3> 884 <p> 885 886 887 . 888 889 . 890 </p> 891 <table> 892 <col width="18%"> 893 <col width="18%"> 894 <col width="10%"> 895 <col width="19%"> 896 <col width="17%"> 897 <col width="17%"> 898 <tr> 899 <th>CVE</th> 900 <th></th> 901 <th></th> 902 <th> Google </th> 903 <th> AOSP </th> 904 <th> </th> 905 </tr> 906 <tr> 907 <td>CVE-2016-6710</td> 908 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/9fab683c9598d234dd8461335c276ed3e37c91e8"> 909 A-30537115</a> 910 [<a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/243e62949f7208d3b82eda3ee4ec22d3dbc1fb19">2</a>] 911 </td> 912 <td></td> 913 <td></td> 914 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 915 <td>2016 7 30</td> 916 </tr> 917 </table> 918 <h3 id="dos-in-bluetooth"> (DoS) </h3> 919 <p> 920 . 921 . 922 </p> 923 <table> 924 <col width="18%"> 925 <col width="18%"> 926 <col width="10%"> 927 <col width="19%"> 928 <col width="17%"> 929 <col width="17%"> 930 <tr> 931 <th>CVE</th> 932 <th></th> 933 <th></th> 934 <th> Google </th> 935 <th> AOSP </th> 936 <th> </th> 937 </tr> 938 <tr> 939 <td>CVE-2014-9908</td> 940 <td>A-28672558</td> 941 <td></td> 942 <td>*</td> 943 <td>4.4.4, 5.0.2, 5.1.1</td> 944 <td>2014 5 6</td> 945 </tr> 946 </table> 947 <p> 948 * Android 7.0 Google 949 . 950 </p> 951 <h3 id="dos-in-openjdk">OpenJDK (DoS) </h3> 952 <p> 953 OpenJDK 954 . 955 . 956 </p> 957 <table> 958 <col width="18%"> 959 <col width="18%"> 960 <col width="10%"> 961 <col width="19%"> 962 <col width="17%"> 963 <col width="17%"> 964 <tr> 965 <th>CVE</th> 966 <th></th> 967 <th></th> 968 <th> Google </th> 969 <th> AOSP </th> 970 <th> </th> 971 </tr> 972 <tr> 973 <td>CVE-2015-0410</td> 974 <td><a href="https://android.googlesource.com/platform/libcore/+/21098574528bdf99dd50a74a60e161573e999108"> 975 A-30703445</a> 976 </td> 977 <td></td> 978 <td></td> 979 <td>7.0</td> 980 <td>2015 1 16</td> 981 </tr> 982 </table> 983 <h3 id="dos-in-mediaserver"> (DoS) </h3> 984 <p> 985 986 . 987 . 988 </p> 989 <table> 990 <col width="18%"> 991 <col width="18%"> 992 <col width="10%"> 993 <col width="19%"> 994 <col width="17%"> 995 <col width="17%"> 996 <tr> 997 <th>CVE</th> 998 <th></th> 999 <th></th> 1000 <th> Google </th> 1001 <th> AOSP </th> 1002 <th> </th> 1003 </tr> 1004 <tr> 1005 <td>CVE-2016-6711</td> 1006 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/063be1485e0099bc81ace3a08b0ec9186dcad693"> 1007 A-30593765</a> 1008 </td> 1009 <td></td> 1010 <td>*</td> 1011 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1012 <td>2016 8 1</td> 1013 </tr> 1014 <tr> 1015 <td>CVE-2016-6712</td> 1016 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/fdb1b40e7bb147c07bda988c9501ad223795d12d"> 1017 A-30593752</a> 1018 </td> 1019 <td></td> 1020 <td>*</td> 1021 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1022 <td>2016 8 1</td> 1023 </tr> 1024 <tr> 1025 <td>CVE-2016-6713</td> 1026 <td><a href="https://android.googlesource.com/platform/external/libavc/+/8cafca0e8b1ed8125918e203118c5a4e612fd56c"> 1027 A-30822755</a></td> 1028 <td></td> 1029 <td></td> 1030 <td>6.0, 6.0.1, 7.0</td> 1031 <td>2016 8 11</td> 1032 </tr> 1033 <tr> 1034 <td>CVE-2016-6714</td> 1035 <td><a href="https://android.googlesource.com/platform/external/libavc/+/5bdb0a6b72782e505671a387bb5f83222d891d6a"> 1036 A-31092462</a> 1037 </td> 1038 <td></td> 1039 <td></td> 1040 <td>6.0, 6.0.1, 7.0</td> 1041 <td>2016 8 22</td> 1042 </tr> 1043 </table> 1044 <p> 1045 * Android 7.0 Google 1046 . 1047 </p> 1048 <h3 id="eop-in-framework-apis"> API </h3> 1049 <p> 1050 API 1051 . 1052 ( 1053 ) . 1054 </p> 1055 <table> 1056 <col width="18%"> 1057 <col width="18%"> 1058 <col width="10%"> 1059 <col width="19%"> 1060 <col width="17%"> 1061 <col width="17%"> 1062 <tr> 1063 <th>CVE</th> 1064 <th></th> 1065 <th></th> 1066 <th> Google </th> 1067 <th> AOSP </th> 1068 <th> </th> 1069 </tr> 1070 <tr> 1071 <td>CVE-2016-6715</td> 1072 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/3de09838fb0996bb4b420630800ad34e828fd1b6"> 1073 A-29833954</a> 1074 </td> 1075 <td></td> 1076 <td></td> 1077 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1078 <td>2016 6 28</td> 1079 </tr> 1080 </table> 1081 <h3 id="eop-in-aosp-launcher">AOSP </h3> 1082 <p> 1083 AOSP 1084 1085 . ( 1086 ) 1087 . 1088 </p> 1089 <table> 1090 <col width="18%"> 1091 <col width="18%"> 1092 <col width="10%"> 1093 <col width="19%"> 1094 <col width="17%"> 1095 <col width="17%"> 1096 <tr> 1097 <th>CVE</th> 1098 <th></th> 1099 <th></th> 1100 <th> Google </th> 1101 <th> AOSP </th> 1102 <th> </th> 1103 </tr> 1104 <tr> 1105 <td>CVE-2016-6716</td> 1106 <td><a href="https://android.googlesource.com/platform/packages/apps/Launcher3/+/e83fc11c982e67dd0181966f5f3a239ea6b14924"> 1107 A-30778130</a> 1108 </td> 1109 <td></td> 1110 <td></td> 1111 <td>7.0</td> 1112 <td>2016 8 5</td> 1113 </tr> 1114 </table> 1115 <h3 id="eop-in-mediaserver-1"> </h3> 1116 <p> 1117 1118 1119 . 1120 . 1121 </p> 1122 <table> 1123 <col width="18%"> 1124 <col width="18%"> 1125 <col width="10%"> 1126 <col width="19%"> 1127 <col width="17%"> 1128 <col width="17%"> 1129 <tr> 1130 <th>CVE</th> 1131 <th></th> 1132 <th></th> 1133 <th> Google </th> 1134 <th> AOSP </th> 1135 <th> </th> 1136 </tr> 1137 <tr> 1138 <td>CVE-2016-6717</td> 1139 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/45d9bbabbe7920bf4e0a68074b97d8260aef2e07"> 1140 A-31350239</a> 1141 </td> 1142 <td></td> 1143 <td></td> 1144 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1145 <td>2016 9 7</td> 1146 </tr> 1147 </table> 1148 <h3 id="eop-in-account-manager-service"> </h3> 1149 <p> 1150 1151 . 1152 ( 1153 ) . 1154 </p> 1155 <table> 1156 <col width="18%"> 1157 <col width="18%"> 1158 <col width="10%"> 1159 <col width="19%"> 1160 <col width="17%"> 1161 <col width="17%"> 1162 <tr> 1163 <th>CVE</th> 1164 <th></th> 1165 <th></th> 1166 <th> Google </th> 1167 <th> AOSP </th> 1168 <th> </th> 1169 </tr> 1170 <tr> 1171 <td>CVE-2016-6718</td> 1172 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/fecfd550edeca422c0d9f32a9c0abe73398a1ff1"> 1173 A-30455516</a> 1174 </td> 1175 <td></td> 1176 <td></td> 1177 <td>7.0</td> 1178 <td>Google </td> 1179 </tr> 1180 </table> 1181 <h3 id="eop-in-bluetooth"> </h3> 1182 <p> 1183 1184 . 1185 ( 1186 ) . 1187 </p> 1188 <table> 1189 <col width="18%"> 1190 <col width="18%"> 1191 <col width="10%"> 1192 <col width="19%"> 1193 <col width="17%"> 1194 <col width="17%"> 1195 <tr> 1196 <th>CVE</th> 1197 <th></th> 1198 <th></th> 1199 <th> Google </th> 1200 <th> AOSP </th> 1201 <th> </th> 1202 </tr> 1203 <tr> 1204 <td>CVE-2016-6719</td> 1205 <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/e1b6db10e913c09d0b695368336137f6aabee462"> 1206 A-29043989</a> 1207 [<a href="https://android.googlesource.com/platform/frameworks/base/+/b1dc1757071ba46ee653d68f331486e86778b8e4">2</a>] 1208 </td> 1209 <td></td> 1210 <td></td> 1211 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1212 <td>Google </td> 1213 </tr> 1214 </table> 1215 <h3 id="id-in-mediaserver"> </h3> 1216 <p> 1217 1218 . 1219 1220 . 1221 </p> 1222 <table> 1223 <col width="18%"> 1224 <col width="18%"> 1225 <col width="10%"> 1226 <col width="19%"> 1227 <col width="17%"> 1228 <col width="17%"> 1229 <tr> 1230 <th>CVE</th> 1231 <th></th> 1232 <th></th> 1233 <th> Google </th> 1234 <th> AOSP </th> 1235 <th> </th> 1236 </tr> 1237 <tr> 1238 <td>CVE-2016-6720</td> 1239 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0f177948ae2640bfe4d70f8e4248e106406b3b0a"> 1240 A-29422020</a> 1241 [<a href="https://android.googlesource.com/platform/frameworks/av/+/2c75e1c3b98e4e94f50c63e2b7694be5f948477c">2</a>] 1242 [<a href="https://android.googlesource.com/platform/frameworks/av/+/7c88b498fda1c2b608a9dd73960a2fd4d7b7e3f7">3</a>] 1243 [<a href="https://android.googlesource.com/platform/frameworks/av/+/640b04121d7cd2cac90e2f7c82b97fce05f074a5">4</a>]</td> 1244 <td></td> 1245 <td></td> 1246 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1247 <td>2016 6 15</td> 1248 </tr> 1249 <tr> 1250 <td>CVE-2016-6721</td> 1251 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f6bf0102bdc1adff973e08d8ce9c869c4e2efade"> 1252 A-30875060</a></td> 1253 <td></td> 1254 <td></td> 1255 <td>6.0, 6.0.1, 7.0</td> 1256 <td>2016 8 13</td> 1257 </tr> 1258 <tr> 1259 <td>CVE-2016-6722</td> 1260 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/89c03b3b9ff74a507a8b8334c50b08b334483556"> 1261 A-31091777</a></td> 1262 <td></td> 1263 <td></td> 1264 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1265 <td>2016 8 23</td> 1266 </tr> 1267 </table> 1268 <h3 id="dos-in-proxy-auto-config"> (DoS) </h3> 1269 <p> 1270 1271 . 1272 . 1273 </p> 1274 <table> 1275 <col width="18%"> 1276 <col width="18%"> 1277 <col width="10%"> 1278 <col width="19%"> 1279 <col width="17%"> 1280 <col width="17%"> 1281 <tr> 1282 <th>CVE</th> 1283 <th></th> 1284 <th></th> 1285 <th> Google </th> 1286 <th> AOSP </th> 1287 <th> </th> 1288 </tr> 1289 <tr> 1290 <td>CVE-2016-6723</td> 1291 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d5b0d0b1df2e1a7943a4bb2034fd21487edd0264"> 1292 A-30100884</a> 1293 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31f351160cdfd9dbe9919682ebe41bde3bcf91c6">2</a>] 1294 </td> 1295 <td></td> 1296 <td></td> 1297 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1298 <td>2016 7 11</td> 1299 </tr> 1300 </table> 1301 <h3 id="dos-in-input-manager-service"> (DoS) </h3> 1302 <p> 1303 1304 . 1305 . 1306 </p> 1307 <table> 1308 <col width="18%"> 1309 <col width="18%"> 1310 <col width="10%"> 1311 <col width="19%"> 1312 <col width="17%"> 1313 <col width="17%"> 1314 <tr> 1315 <th>CVE</th> 1316 <th></th> 1317 <th></th> 1318 <th> Google </th> 1319 <th> AOSP </th> 1320 <th> </th> 1321 </tr> 1322 <tr> 1323 <td>CVE-2016-6724</td> 1324 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/7625010a2d22f8c3f1aeae2ef88dde37cbebd0bf"> 1325 A-30568284</a> 1326 </td> 1327 <td></td> 1328 <td></td> 1329 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1330 <td>Google </td> 1331 </tr> 1332 </table> 1333 <h2 id="2016-11-05-details">2016-11-05 </h2> 1334 <p> 1335 <a href="#2016-11-05-summary">2016-11-05 1336 </a> 1337 . , 1338 CVE, , , Google , 1339 AOSP ( ), . 1340 AOSP ID 1341 . 1342 ID . 1343 </p> 1344 <h3 id="rce-in-qualcomm-crypto-driver">Qualcomm </h3> 1345 <p> 1346 Qualcomm 1347 . 1348 1349 . 1350 </p> 1351 <table> 1352 <col width="19%"> 1353 <col width="20%"> 1354 <col width="10%"> 1355 <col width="23%"> 1356 <col width="17%"> 1357 <tr> 1358 <th>CVE</th> 1359 <th></th> 1360 <th></th> 1361 <th> Google </th> 1362 <th> </th> 1363 </tr> 1364 <tr> 1365 <td>CVE-2016-6725</td> 1366 <td>A-30515053<br> 1367 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=cc95d644ee8a043f2883d65dda20e16f95041de3">QC-CR#1050970</a></td> 1368 <td></td> 1369 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1370 <td>2016 7 25</td> 1371 </tr> 1372 </table> 1373 <h3 id="eop-in-kernel-file-system"> </h3> 1374 <p> 1375 1376 1377 . 1378 , 1379 . 1380 </p> 1381 <table> 1382 <col width="19%"> 1383 <col width="20%"> 1384 <col width="10%"> 1385 <col width="23%"> 1386 <col width="17%"> 1387 <tr> 1388 <th>CVE</th> 1389 <th></th> 1390 <th></th> 1391 <th> Google </th> 1392 <th> </th> 1393 </tr> 1394 <tr> 1395 <td>CVE-2015-8961</td> 1396 <td>A-30952474 1397 <br> 1398 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6934da9238da947628be83635e365df41064b09b"> 1399 </a></td> 1400 <td></td> 1401 <td>Pixel, Pixel XL</td> 1402 <td>2015 10 18</td> 1403 </tr> 1404 <tr> 1405 <td>CVE-2016-7911</td> 1406 <td>A-30946378 1407 <br> 1408 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4"> 1409 </a></td> 1410 <td></td> 1411 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 1412 Pixel, Pixel XL</td> 1413 <td>2016 7 1</td> 1414 </tr> 1415 <tr> 1416 <td>CVE-2016-7910</td> 1417 <td>A-30942273 1418 <br> 1419 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84"> 1420 </a></td> 1421 <td></td> 1422 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 1423 Pixel, Pixel XL</td> 1424 <td>2016 7 29</td> 1425 </tr> 1426 </table> 1427 <h3 id="eop-in-kernel-scsi-driver"> SCSI </h3> 1428 <p> 1429 SCSI 1430 1431 . 1432 , 1433 . 1434 </p> 1435 <table> 1436 <col width="19%"> 1437 <col width="20%"> 1438 <col width="10%"> 1439 <col width="23%"> 1440 <col width="17%"> 1441 <tr> 1442 <th>CVE</th> 1443 <th></th> 1444 <th></th> 1445 <th> Google </th> 1446 <th> </th> 1447 </tr> 1448 <tr> 1449 <td>CVE-2015-8962</td> 1450 <td>A-30951599 1451 <br> 1452 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432"> 1453 </a></td> 1454 <td></td> 1455 <td>Pixel, Pixel XL</td> 1456 <td>2015 10 30</td> 1457 </tr> 1458 </table> 1459 <h3 id="eop-in-kernel-media-driver"> </h3> 1460 <p> 1461 1462 1463 . 1464 , 1465 . 1466 </p> 1467 <table> 1468 <col width="19%"> 1469 <col width="20%"> 1470 <col width="10%"> 1471 <col width="23%"> 1472 <col width="17%"> 1473 <tr> 1474 <th>CVE</th> 1475 <th></th> 1476 <th></th> 1477 <th> Google </th> 1478 <th> </th> 1479 </tr> 1480 <tr> 1481 <td>CVE-2016-7913</td> 1482 <td>A-30946097 1483 <br> 1484 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18"> 1485 </a></td> 1486 <td></td> 1487 <td>Nexus 6P, Android One, Nexus Player, Pixel, Pixel XL</td> 1488 <td>2016 1 28</td> 1489 </tr> 1490 </table> 1491 <h3 id="eop-in-kernel-usb-driver"> USB </h3> 1492 <p> 1493 USB 1494 1495 . 1496 , 1497 . 1498 </p> 1499 <table> 1500 <col width="19%"> 1501 <col width="20%"> 1502 <col width="10%"> 1503 <col width="23%"> 1504 <col width="17%"> 1505 <tr> 1506 <th>CVE</th> 1507 <th></th> 1508 <th></th> 1509 <th> Google </th> 1510 <th> </th> 1511 </tr> 1512 <tr> 1513 <td>CVE-2016-7912</td> 1514 <td>A-30950866 1515 <br> 1516 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=38740a5b87d53ceb89eb2c970150f6e94e00373a"> 1517 </a></td> 1518 <td></td> 1519 <td>Pixel C, Pixel, Pixel XL</td> 1520 <td>2016 4 14</td> 1521 </tr> 1522 </table> 1523 <h3 id="eop-in-kernel-ion-subsystem"> ION </h3> 1524 <p> 1525 ION 1526 . 1527 , 1528 . 1529 </p> 1530 <table> 1531 <col width="19%"> 1532 <col width="20%"> 1533 <col width="10%"> 1534 <col width="23%"> 1535 <col width="17%"> 1536 <tr> 1537 <th>CVE</th> 1538 <th></th> 1539 <th></th> 1540 <th> Google </th> 1541 <th> </th> 1542 </tr> 1543 <tr> 1544 <td>CVE-2016-6728</td> 1545 <td>A-30400942*</td> 1546 <td></td> 1547 <td>Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, Pixel C, 1548 Android One</td> 1549 <td>2016 7 25</td> 1550 </tr> 1551 </table> 1552 <p> 1553 * . 1554 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1555 . 1556 </p> 1557 <h3 id="eop-in-qualcomm-bootloader">Qualcomm </h3> 1558 <p> 1559 Qualcomm 1560 1561 . 1562 , 1563 . 1564 </p> 1565 <table> 1566 <col width="19%"> 1567 <col width="20%"> 1568 <col width="10%"> 1569 <col width="23%"> 1570 <col width="17%"> 1571 <tr> 1572 <th>CVE</th> 1573 <th></th> 1574 <th></th> 1575 <th> Google </th> 1576 <th> </th> 1577 </tr> 1578 <tr> 1579 <td>CVE-2016-6729</td> 1580 <td>A-30977990* 1581 <br> 1582 QC-CR#977684</td> 1583 <td></td> 1584 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1585 <td>2016 7 25</td> 1586 </tr> 1587 </table> 1588 <p> 1589 * . 1590 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1591 . 1592 </p> 1593 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1594 <p> 1595 NVIDIA GPU 1596 1597 . 1598 , 1599 . 1600 </p> 1601 <table> 1602 <col width="19%"> 1603 <col width="20%"> 1604 <col width="10%"> 1605 <col width="23%"> 1606 <col width="17%"> 1607 <tr> 1608 <th>CVE</th> 1609 <th></th> 1610 <th></th> 1611 <th> Google </th> 1612 <th> </th> 1613 </tr> 1614 <tr> 1615 <td>CVE-2016-6730</td> 1616 <td>A-30904789*<br> 1617 N-CVE-2016-6730</td> 1618 <td></td> 1619 <td>Pixel C</td> 1620 <td>2016 8 16</td> 1621 </tr> 1622 <tr> 1623 <td>CVE-2016-6731</td> 1624 <td>A-30906023*<br> 1625 N-CVE-2016-6731</td> 1626 <td></td> 1627 <td>Pixel C</td> 1628 <td>2016 8 16</td> 1629 </tr> 1630 <tr> 1631 <td>CVE-2016-6732</td> 1632 <td>A-30906599*<br> 1633 N-CVE-2016-6732</td> 1634 <td></td> 1635 <td>Pixel C</td> 1636 <td>2016 8 16</td> 1637 </tr> 1638 <tr> 1639 <td>CVE-2016-6733</td> 1640 <td>A-30906694*<br> 1641 N-CVE-2016-6733</td> 1642 <td></td> 1643 <td>Pixel C</td> 1644 <td>2016 8 16</td> 1645 </tr> 1646 <tr> 1647 <td>CVE-2016-6734</td> 1648 <td>A-30907120*<br> 1649 N-CVE-2016-6734</td> 1650 <td></td> 1651 <td>Pixel C</td> 1652 <td>2016 8 16</td> 1653 </tr> 1654 <tr> 1655 <td>CVE-2016-6735</td> 1656 <td>A-30907701*<br> 1657 N-CVE-2016-6735</td> 1658 <td></td> 1659 <td>Pixel C</td> 1660 <td>2016 8 16</td> 1661 </tr> 1662 <tr> 1663 <td>CVE-2016-6736</td> 1664 <td>A-30953284*<br> 1665 N-CVE-2016-6736</td> 1666 <td></td> 1667 <td>Pixel C</td> 1668 <td>2016 8 18</td> 1669 </tr> 1670 </table> 1671 <p> 1672 * . 1673 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1674 . 1675 </p> 1676 <h3 id="eop-in-kernel-networking-subsystem"> </h3> 1677 <p> 1678 1679 1680 . 1681 , 1682 . 1683 </p> 1684 <table> 1685 <col width="19%"> 1686 <col width="20%"> 1687 <col width="10%"> 1688 <col width="23%"> 1689 <col width="17%"> 1690 <tr> 1691 <th>CVE</th> 1692 <th></th> 1693 <th></th> 1694 <th> Google </th> 1695 <th> </th> 1696 </tr> 1697 <tr> 1698 <td>CVE-2016-6828</td> 1699 <td>A-31183296 1700 <br> 1701 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/include/net/tcp.h?id=bb1fceca22492109be12640d49f5ea5a544c6bb4"> 1702 </a></td> 1703 <td></td> 1704 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 1705 Pixel, Pixel XL</td> 1706 <td>2016 8 18</td> 1707 </tr> 1708 </table> 1709 <h3 id="eop-in-kernel-sound-subsystem"> </h3> 1710 <p> 1711 1712 1713 . 1714 , 1715 . 1716 </p> 1717 <table> 1718 <col width="19%"> 1719 <col width="20%"> 1720 <col width="10%"> 1721 <col width="23%"> 1722 <col width="17%"> 1723 <tr> 1724 <th>CVE</th> 1725 <th></th> 1726 <th></th> 1727 <th> Google </th> 1728 <th> </th> 1729 </tr> 1730 <tr> 1731 <td>CVE-2016-2184</td> 1732 <td>A-30952477 1733 <br> 1734 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=836b34a935abc91e13e63053d0a83b24dfb5ea78"> 1735 </a></td> 1736 <td></td> 1737 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 1738 Pixel, Pixel XL</td> 1739 <td>2016 3 31</td> 1740 </tr> 1741 </table> 1742 <h3 id="eop-in-kernel-ion-subsystem-1"> ION </h3> 1743 <p> 1744 ION 1745 . 1746 , 1747 . 1748 </p> 1749 <table> 1750 <col width="19%"> 1751 <col width="20%"> 1752 <col width="10%"> 1753 <col width="23%"> 1754 <col width="17%"> 1755 <tr> 1756 <th>CVE</th> 1757 <th></th> 1758 <th></th> 1759 <th> Google </th> 1760 <th> </th> 1761 </tr> 1762 <tr> 1763 <td>CVE-2016-6737</td> 1764 <td>A-30928456*</td> 1765 <td></td> 1766 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player, Pixel, 1767 Pixel XL</td> 1768 <td>Google </td> 1769 </tr> 1770 </table> 1771 <p> 1772 * . 1773 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1774 . 1775 </p> 1776 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1777 <p> 1778 Qualcomm Qualcomm AMSS 2016 6 80-NV606-17 . 1779 </p> 1780 <table> 1781 <col width="19%"> 1782 <col width="20%"> 1783 <col width="10%"> 1784 <col width="23%"> 1785 <col width="17%"> 1786 <tr> 1787 <th>CVE</th> 1788 <th></th> 1789 <th>*</th> 1790 <th> Google </th> 1791 <th> </th> 1792 </tr> 1793 <tr> 1794 <td>CVE-2016-6727</td> 1795 <td>A-31092400**</td> 1796 <td></td> 1797 <td>Android One</td> 1798 <td>Qualcomm </td> 1799 </tr> 1800 <tr> 1801 <td>CVE-2016-6726</td> 1802 <td>A-30775830**</td> 1803 <td></td> 1804 <td>Nexus 6, Android One</td> 1805 <td>Qualcomm </td> 1806 </tr> 1807 </table> 1808 <p>* .</p> 1809 <p> 1810 ** . 1811 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1812 . 1813 </p> 1814 <h3 id="rce-in-expat">Expat </h3> 1815 <p> 1816 Expat . 1817 1818 Expat XML , 1819 1820 . Expat 1821 . 1822 </p> 1823 <table> 1824 <col width="18%"> 1825 <col width="18%"> 1826 <col width="10%"> 1827 <col width="19%"> 1828 <col width="17%"> 1829 <col width="17%"> 1830 <tr> 1831 <th>CVE</th> 1832 <th></th> 1833 <th></th> 1834 <th> Google </th> 1835 <th> AOSP </th> 1836 <th> </th> 1837 </tr> 1838 1839 <tr> 1840 <td>CVE-2016-0718</td> 1841 <td><a href="https://android.googlesource.com/platform/external/expat/+/52ac633b73856ded34b33bd4adb4ab793bbbe963"> 1842 A-28698301</a></td> 1843 <td></td> 1844 <td>*</td> 1845 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1846 <td>2016 5 10</td> 1847 </tr> 1848 <tr> 1849 <td>CVE-2012-6702</td> 1850 <td><a href="https://android.googlesource.com/platform/external/expat/+/a11ff32280a863bff93df13ad643912ad9bf1302"> 1851 A-29149404</a></td> 1852 <td></td> 1853 <td>*</td> 1854 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1855 <td>2016 3 6</td> 1856 </tr> 1857 <tr> 1858 <td>CVE-2016-5300</td> 1859 <td><a href="https://android.googlesource.com/platform/external/expat/+/a11ff32280a863bff93df13ad643912ad9bf1302"> 1860 A-29149404</a></td> 1861 <td></td> 1862 <td>*</td> 1863 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1864 <td>2016 6 4</td> 1865 </tr> 1866 <tr> 1867 <td>CVE-2015-1283</td> 1868 <td><a href="https://android.googlesource.com/platform/external/expat/+/13b40c2040a17038b63a61e2b112c634da203d3b"> 1869 A-27818751</a></td> 1870 <td></td> 1871 <td>*</td> 1872 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1873 <td>2015 7 24</td> 1874 </tr> 1875 </table> 1876 1877 <p> 1878 * Android 7.0 Google 1879 . 1880 </p> 1881 <h3 id="rce-in-webview">Webview </h3> 1882 <p> 1883 Webview 1884 . 1885 1886 . 1887 </p> 1888 <table> 1889 <col width="18%"> 1890 <col width="18%"> 1891 <col width="10%"> 1892 <col width="19%"> 1893 <col width="17%"> 1894 <col width="17%"> 1895 <tr> 1896 <th>CVE</th> 1897 <th></th> 1898 <th></th> 1899 <th> Google </th> 1900 <th> AOSP </th> 1901 <th> </th> 1902 </tr> 1903 <tr> 1904 <td>CVE-2016-6754</td> 1905 <td>A-31217937</td> 1906 <td></td> 1907 <td>*</td> 1908 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 1909 <td>2016 8 23</td> 1910 </tr> 1911 </table> 1912 <p> 1913 * Android 7.0 Google 1914 . 1915 </p> 1916 <h3 id="rce-in-freetype">Freetype </h3> 1917 <p> 1918 Freetype 1919 1920 . Freetype 1921 . 1922 </p> 1923 <table> 1924 <col width="18%"> 1925 <col width="18%"> 1926 <col width="10%"> 1927 <col width="19%"> 1928 <col width="17%"> 1929 <col width="17%"> 1930 <tr> 1931 <th>CVE</th> 1932 <th></th> 1933 <th></th> 1934 <th> Google </th> 1935 <th> AOSP </th> 1936 <th> </th> 1937 </tr> 1938 <tr> 1939 <td>CVE-2014-9675</td> 1940 <td><a href="https://android.googlesource.com/platform/external/freetype/+/f720f0dbcf012d6c984dbbefa0875ef9840458c6"> 1941 A-24296662</a> 1942 [<a href="https://android.googlesource.com/platform/external/pdfium/+/96f965ff7411f1edba72140fd70740e63cabec71">2</a>] 1943 </td> 1944 <td></td> 1945 <td>*</td> 1946 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1947 <td>Google </td> 1948 </tr> 1949 </table> 1950 <p> 1951 * Android 7.0 Google 1952 . 1953 </p> 1954 <h3 id="eop-in-kernel-performance-subsystem"> </h3> 1955 <p> 1956 1957 . 1958 . 1959 </p> 1960 <table> 1961 <col width="19%"> 1962 <col width="20%"> 1963 <col width="10%"> 1964 <col width="23%"> 1965 <col width="17%"> 1966 <tr> 1967 <th>CVE</th> 1968 <th></th> 1969 <th></th> 1970 <th> Google </th> 1971 <th> </th> 1972 </tr> 1973 <tr> 1974 <td>CVE-2015-8963</td> 1975 <td>A-30952077 1976 <br> 1977 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12ca6ad2e3a896256f086497a7c7406a547ee373"> 1978 </a></td> 1979 <td></td> 1980 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 1981 Pixel, Pixel XL</td> 1982 <td>2015 12 15</td> 1983 </tr> 1984 </table> 1985 <h3 id="eop-in-kernel-system-call-auditing-subsystem"> </h3> 1986 <p> 1987 1988 . 1989 . 1990 </p> 1991 <table> 1992 <col width="19%"> 1993 <col width="20%"> 1994 <col width="10%"> 1995 <col width="23%"> 1996 <col width="17%"> 1997 <tr> 1998 <th>CVE</th> 1999 <th></th> 2000 <th></th> 2001 <th> Google </th> 2002 <th> </th> 2003 </tr> 2004 <tr> 2005 <td>CVE-2016-6136</td> 2006 <td>A-30956807 2007 <br> 2008 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=43761473c254b45883a64441dd0bc85a42f3645c"> 2009 </a></td> 2010 <td></td> 2011 <td>Android One, Pixel C, Nexus Player</td> 2012 <td>2016 7 1</td> 2013 </tr> 2014 </table> 2015 <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm </h3> 2016 <p> 2017 Qualcomm 2018 2019 . 2020 . 2021 </p> 2022 <table> 2023 <col width="19%"> 2024 <col width="20%"> 2025 <col width="10%"> 2026 <col width="23%"> 2027 <col width="17%"> 2028 <tr> 2029 <th>CVE</th> 2030 <th></th> 2031 <th></th> 2032 <th> Google </th> 2033 <th> </th> 2034 </tr> 2035 <tr> 2036 <td>CVE-2016-6738</td> 2037 <td>A-30034511 2038 <br> 2039 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a829c54236b455885c3e9c7c77ac528b62045e79">QC-CR#1050538</a></td> 2040 <td></td> 2041 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2042 <td>2016 7 7</td> 2043 </tr> 2044 </table> 2045 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3> 2046 <p> 2047 Qualcomm 2048 2049 . 2050 . 2051 </p> 2052 <table> 2053 <col width="19%"> 2054 <col width="20%"> 2055 <col width="10%"> 2056 <col width="23%"> 2057 <col width="17%"> 2058 <tr> 2059 <th>CVE</th> 2060 <th></th> 2061 <th></th> 2062 <th> Google </th> 2063 <th> </th> 2064 </tr> 2065 <tr> 2066 <td>CVE-2016-6739</td> 2067 <td>A-30074605*<br> 2068 QC-CR#1049826</td> 2069 <td></td> 2070 <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> 2071 <td>2016 7 11</td> 2072 </tr> 2073 <tr> 2074 <td>CVE-2016-6740</td> 2075 <td>A-30143904 2076 <br> 2077 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=ef78bd62f0c064ae4c827e158d828b2c110ebcdc">QC-CR#1056307</a></td> 2078 <td></td> 2079 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2080 <td>2016 7 12</td> 2081 </tr> 2082 <tr> 2083 <td>CVE-2016-6741</td> 2084 <td>A-30559423 2085 <br> 2086 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=d291eebd8e43bba3229ae7ef9146a132894dc293">QC-CR#1060554</a></td> 2087 <td></td> 2088 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2089 <td>2016 7 28</td> 2090 </tr> 2091 </table> 2092 <p> 2093 * . 2094 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2095 . 2096 </p> 2097 <h3 id="eop-in-qualcomm-bus-driver">Qualcomm </h3> 2098 <p> 2099 Qualcomm 2100 2101 . 2102 . 2103 </p> 2104 <table> 2105 <col width="19%"> 2106 <col width="20%"> 2107 <col width="10%"> 2108 <col width="23%"> 2109 <col width="17%"> 2110 <tr> 2111 <th>CVE</th> 2112 <th></th> 2113 <th></th> 2114 <th> Google </th> 2115 <th> </th> 2116 </tr> 2117 <tr> 2118 <td>CVE-2016-3904</td> 2119 <td>A-30311977 2120 <br> 2121 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=069683407ca9a820d05c914b57c587bcd3f16a3a">QC-CR#1050455</a></td> 2122 <td></td> 2123 <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> 2124 <td>2016 7 22</td> 2125 </tr> 2126 </table> 2127 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 2128 <p> 2129 Synaptics 2130 2131 . 2132 . 2133 </p> 2134 <table> 2135 <col width="19%"> 2136 <col width="20%"> 2137 <col width="10%"> 2138 <col width="23%"> 2139 <col width="17%"> 2140 <tr> 2141 <th>CVE</th> 2142 <th></th> 2143 <th></th> 2144 <th> Google </th> 2145 <th> </th> 2146 </tr> 2147 <tr> 2148 <td>CVE-2016-6742</td> 2149 <td>A-30799828*</td> 2150 <td></td> 2151 <td>Nexus 5X, Android One</td> 2152 <td>2016 8 9</td> 2153 </tr> 2154 <tr> 2155 <td>CVE-2016-6744</td> 2156 <td>A-30970485*</td> 2157 <td></td> 2158 <td>Nexus 5X</td> 2159 <td>2016 8 19</td> 2160 </tr> 2161 <tr> 2162 <td>CVE-2016-6745</td> 2163 <td>A-31252388*</td> 2164 <td></td> 2165 <td>Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td> 2166 <td>2016 9 1</td> 2167 </tr> 2168 <tr> 2169 <td>CVE-2016-6743</td> 2170 <td>A-30937462*</td> 2171 <td></td> 2172 <td>Nexus 9, Android One</td> 2173 <td>Google </td> 2174 </tr> 2175 </table> 2176 <p> 2177 * . 2178 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2179 . 2180 </p> 2181 <h3 id="id-in-kernel-components"> </h3> 2182 <p> 2183 , , 2184 2185 . 2186 2187 . 2188 </p> 2189 <table> 2190 <col width="19%"> 2191 <col width="20%"> 2192 <col width="10%"> 2193 <col width="23%"> 2194 <col width="17%"> 2195 <tr> 2196 <th>CVE</th> 2197 <th></th> 2198 <th></th> 2199 <th> Google </th> 2200 <th> </th> 2201 </tr> 2202 <tr> 2203 <td>CVE-2015-8964</td> 2204 <td>A-30951112 2205 <br> 2206 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc"> 2207 </a></td> 2208 <td></td> 2209 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 2210 Pixel, Pixel XL</td> 2211 <td>2015 11 27</td> 2212 </tr> 2213 <tr> 2214 <td>CVE-2016-7915</td> 2215 <td>A-30951261 2216 <br> 2217 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=50220dead1650609206efe91f0cc116132d59b3f"> 2218 </a></td> 2219 <td></td> 2220 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 2221 Pixel, Pixel XL</td> 2222 <td>2016 1 19</td> 2223 </tr> 2224 <tr> 2225 <td>CVE-2016-7914</td> 2226 <td>A-30513364 2227 <br> 2228 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=8d4a2ec1e0b41b0cf9a0c5cd4511da7f8e4f3de2"> 2229 </a></td> 2230 <td></td> 2231 <td>Pixel C, Pixel, Pixel XL</td> 2232 <td>2016 4 6</td> 2233 </tr> 2234 <tr> 2235 <td>CVE-2016-7916</td> 2236 <td>A-30951939 2237 <br> 2238 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8148a73c9901a8794a50f950083c00ccf97d43b3"> 2239 </a></td> 2240 <td></td> 2241 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, 2242 Pixel, Pixel XL</td> 2243 <td>2016 5 5</td> 2244 </tr> 2245 </table> 2246 <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU </h3> 2247 <p> 2248 NVIDIA GPU 2249 . 2250 2251 . 2252 </p> 2253 <table> 2254 <col width="19%"> 2255 <col width="20%"> 2256 <col width="10%"> 2257 <col width="23%"> 2258 <col width="17%"> 2259 <tr> 2260 <th>CVE</th> 2261 <th></th> 2262 <th></th> 2263 <th> Google </th> 2264 <th> </th> 2265 </tr> 2266 <tr> 2267 <td>CVE-2016-6746</td> 2268 <td>A-30955105*<br> 2269 N-CVE-2016-6746</td> 2270 <td></td> 2271 <td>Pixel C</td> 2272 <td>2016 8 18</td> 2273 </tr> 2274 </table> 2275 <p> 2276 * . 2277 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2278 . 2279 </p> 2280 <h3 id="dos-in-mediaserver-1"> (DoS) </h3> 2281 <p> 2282 2283 . 2284 . 2285 </p> 2286 <table> 2287 <col width="19%"> 2288 <col width="20%"> 2289 <col width="10%"> 2290 <col width="23%"> 2291 <col width="17%"> 2292 <tr> 2293 <th>CVE</th> 2294 <th></th> 2295 <th></th> 2296 <th> Google </th> 2297 <th> </th> 2298 </tr> 2299 <tr> 2300 <td>CVE-2016-6747</td> 2301 <td>A-31244612*<br> 2302 N-CVE-2016-6747</td> 2303 <td></td> 2304 <td>Nexus 9</td> 2305 <td>Google </td> 2306 </tr> 2307 </table> 2308 <p> 2309 * . 2310 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2311 . 2312 </p> 2313 <h3 id="id-in-kernel-components-1"> </h3> 2314 <p> 2315 , 2316 2317 . 2318 2319 . 2320 </p> 2321 <table> 2322 <col width="19%"> 2323 <col width="20%"> 2324 <col width="10%"> 2325 <col width="23%"> 2326 <col width="17%"> 2327 <tr> 2328 <th>CVE</th> 2329 <th></th> 2330 <th></th> 2331 <th> Google </th> 2332 <th> </th> 2333 </tr> 2334 <tr> 2335 <td>CVE-2016-7917</td> 2336 <td>A-30947055 2337 <br> 2338 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241"> 2339 </a></td> 2340 <td></td> 2341 <td>Pixel C, Pixel, Pixel XL</td> 2342 <td>2016 2 2</td> 2343 </tr> 2344 <tr> 2345 <td>CVE-2016-6753</td> 2346 <td>A-30149174*</td> 2347 <td></td> 2348 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player, Pixel, Pixel 2349 XL</td> 2350 <td>2016 7 13</td> 2351 </tr> 2352 </table> 2353 <p> 2354 * . 2355 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2356 . 2357 </p> 2358 <h3 id="id-in-qualcomm-components">Qualcomm </h3> 2359 <p> 2360 GPU , , SMSM , 2361 Qualcomm 2362 . 2363 . 2364 </p> 2365 <table> 2366 <col width="19%"> 2367 <col width="20%"> 2368 <col width="10%"> 2369 <col width="23%"> 2370 <col width="17%"> 2371 <tr> 2372 <th>CVE</th> 2373 <th></th> 2374 <th></th> 2375 <th> Google </th> 2376 <th> </th> 2377 </tr> 2378 <tr> 2379 <td>CVE-2016-6748</td> 2380 <td>A-30076504 2381 <br> 2382 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=be651d020b122a1ba9410d23ca4ebbe9f5598df6">QC-CR#987018</a></td> 2383 <td></td> 2384 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2385 <td>2016 7 12</td> 2386 </tr> 2387 <tr> 2388 <td>CVE-2016-6749</td> 2389 <td>A-30228438 2390 <br> 2391 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f9185dc83b92e7d1ee341e32e8cf5ed00a7253a7">QC-CR#1052818</a></td> 2392 <td></td> 2393 <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> 2394 <td>2016 7 12</td> 2395 </tr> 2396 <tr> 2397 <td>CVE-2016-6750</td> 2398 <td>A-30312054 2399 <br> 2400 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=34bda711a1c7bc7f9fd7bea3a5be439ed00577e5">QC-CR#1052825</a></td> 2401 <td></td> 2402 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2403 <td>2016 7 21</td> 2404 </tr> 2405 <tr> 2406 <td>CVE-2016-3906</td> 2407 <td>A-30445973 2408 <br> 2409 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b333d32745fec4fb1098ee1a03d4425f3c1b4c2e">QC-CR#1054344</a></td> 2410 <td></td> 2411 <td>Nexus 5X, Nexus 6P</td> 2412 <td>2016 7 27</td> 2413 </tr> 2414 <tr> 2415 <td>CVE-2016-3907</td> 2416 <td>A-30593266 2417 <br> 2418 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=744330f4e5d70dce71c4c9e03c5b6a8b59bb0cda">QC-CR#1054352</a></td> 2419 <td></td> 2420 <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> 2421 <td>2016 8 2</td> 2422 </tr> 2423 <tr> 2424 <td>CVE-2016-6698</td> 2425 <td>A-30741851 2426 <br> 2427 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=de90beb76ad0b80da821c3b857dd30cd36319e61">QC-CR#1058826</a></td> 2428 <td></td> 2429 <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td> 2430 <td>2016 8 2</td> 2431 </tr> 2432 <tr> 2433 <td>CVE-2016-6751</td> 2434 <td>A-30902162*<br> 2435 QC-CR#1062271</td> 2436 <td></td> 2437 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2438 <td>2016 8 15</td> 2439 </tr> 2440 <tr> 2441 <td>CVE-2016-6752</td> 2442 <td>A-31498159 2443 <br> 2444 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?h=0de2c7600c8f1f0152a2f421c6593f931186400a">QC-CR#987051</a></td> 2445 <td></td> 2446 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2447 <td>Google </td> 2448 </tr> 2449 </table> 2450 <p> 2451 * . 2452 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2453 . 2454 </p> 2455 2456 <h2 id="2016-11-06-details">2016-11-06 </h2> 2457 <p> 2458 <a href="#2016-11-06-summary">2016-11-06 2459 </a> 2460 . , 2461 CVE, , , Google , 2462 AOSP ( ), . 2463 AOSP ID 2464 . 2465 ID . 2466 </p> 2467 <h3 id="eop-in-kernel-memory-subsystem"> </h3> 2468 <p> 2469 2470 2471 . 2472 , 2473 . 2474 </p> 2475 <p> 2476 <strong>:</strong> 2016-11-06 2477 2016-11-01 2016-11-05 2478 . 2479 </p> 2480 <table> 2481 <tr> 2482 <th>CVE</th> 2483 <th></th> 2484 <th></th> 2485 <th> </th> 2486 <th> </th> 2487 </tr> 2488 <tr> 2489 <td>CVE-2016-5195</td> 2490 <td>A-32141528<br> 2491 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> </a> 2492 [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> 2493 <td></td> 2494 <td>3.10, 3.18</td> 2495 <td>2016 10 12</td> 2496 </tr> 2497 </table> 2498 <h2 id="common-questions-and-answers"> </h2> 2499 <p> 2500 . 2501 </p> 2502 <p> 2503 <strong>1. ?</strong> 2504 </p> 2505 <p> 2506 2507 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> . 2508 </p> 2509 <ul> 2510 <li>2016-11-01 2016-11-01 2511 .</li> 2512 <li>2016-11-05 2513 2016-11-05 .</li> 2514 <li>2016-11-06 2515 2016-11-06 .</li> 2516 </ul> 2517 <p> 2518 2519 . 2520 </p> 2521 <ul> 2522 <li>[ro.build.version.security_patch]:[2016-11-01]</li> 2523 <li>[ro.build.version.security_patch]:[2016-11-05]</li> 2524 <li>[ro.build.version.security_patch]:[2016-11-06].</li> 2525 </ul> 2526 <p> 2527 <strong>2. ?</strong> 2528 </p> 2529 <p> 2530 Android Android 2531 2532 . Android 2533 2534 . 2535 </p> 2536 <ul> 2537 <li>2016 11 1 2538 2539 .</li> 2540 <li>2016 11 5 2541 .</li> 2542 <li>2016 11 6 2543 .</li> 2544 </ul> 2545 <p> 2546 . 2547 </p> 2548 <p id="google-devices"> 2549 <strong>3. Google ?</strong> 2550 </p> 2551 <p> 2552 <a href="#2016-11-01-details">2016-11-01</a>, 2553 <a href="#2016-11-05-details">2016-11-05</a>, 2554 <a href="#2016-11-06-details">2016-11-06</a> 2555 2556 Google <em> Google </em> 2557 . . 2558 </p> 2559 <ul> 2560 <li><strong> Google </strong>: Nexus Pixel 2561 <em> Google </em> '' . '' 2562 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a> 2563 . Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, 2564 Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> 2565 <li><strong> Google </strong>: Google 2566 , Google <em> Google </em> 2567 .</li> 2568 <li><strong>Google </strong>: Android 7.0 Google 2569 <em> Google </em> '' 2570 .</li> 2571 </ul> 2572 <p> 2573 <strong>4. ?</strong> 2574 </p> 2575 <p> 2576 <em></em> 2577 . 2578 . 2579 </p> 2580 <table> 2581 <tr> 2582 <th></th> 2583 <th> </th> 2584 </tr> 2585 <tr> 2586 <td>A-</td> 2587 <td>Android ID</td> 2588 </tr> 2589 <tr> 2590 <td>QC-</td> 2591 <td>Qualcomm </td> 2592 </tr> 2593 <tr> 2594 <td>M-</td> 2595 <td>MediaTek </td> 2596 </tr> 2597 <tr> 2598 <td>N-</td> 2599 <td>NVIDIA </td> 2600 </tr> 2601 <tr> 2602 <td>B-</td> 2603 <td>Broadcom </td> 2604 </tr> 2605 </table> 2606 2607 <h2 id="revisions"> </h2> 2608 <ul> 2609 <li>2016 11 7: </li> 2610 <li>11 8: AOSP 2611 CVE-2016-6709 </li> 2612 </ul> 2613 2614 </body> 2615 </html> 2616
