1 <html devsite> 2 <head> 3 <title>Android 2016 12</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2016 12 5 | 2016 12 7 </em></p> 27 <p> 28 Android Android 29 . (OTA) 30 Google . Google 31 <a href="https://developers.google.com/android/nexus/images">Google </a> . 2016 12 5 32 . <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 33 . 34 </p> 35 <p> 36 2016 11 7 . 37 Android (AOSP) 38 , . 39 40 AOSP . 41 </p> 42 <p> 43 , 44 45 . 46 </p> 47 <p> 48 49 . <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android 50 <a href="/security/enhancements/index.html">Android </a> 51 <a href="#mitigations">Android Google </a> . 52 </p> 53 <p> 54 . 55 </p> 56 <h2 id="announcements"></h2> 57 <ul> 58 <li> Android Android 59 60 . 61 <a href="#common-questions-and-answers"> </a> . 62 <ul> 63 <li><strong>2016-12-01</strong>: . 64 2016-12-01 65 .</li> 66 <li><strong>2016-12-05</strong>: . 67 2016-12-01 2016-12-05 68 .</li> 69 </ul> 70 </li> 71 <li> Google 2016 12 5 72 OTA .</li> 73 </ul> 74 <h2 id="security-vulnerability-summary"> </h2> 75 <p> 76 , ID(CVE), 77 Google 78 . <a href="/security/overview/updates-resources.html#severity"> </a> 79 80 81 . 82 </p> 83 <h3 id="2016-12-01-summary">2016-12-01 </h3> 84 <p> 85 2016-12-01 . 86 </p> 87 <table> 88 <col width="55%"> 89 <col width="20%"> 90 <col width="13%"> 91 <col width="12%"> 92 <tr> 93 <th></th> 94 <th>CVE</th> 95 <th></th> 96 <th>Google </th> 97 </tr> 98 <tr> 99 <td>CURL/LIBCURL </td> 100 <td>CVE-2016-5419, CVE-2016-5420, CVE-2016-5421</td> 101 <td></td> 102 <td></td> 103 </tr> 104 <tr> 105 <td>libziparchive </td> 106 <td>CVE-2016-6762</td> 107 <td></td> 108 <td></td> 109 </tr> 110 <tr> 111 <td> (DoS) </td> 112 <td>CVE-2016-6763</td> 113 <td></td> 114 <td></td> 115 </tr> 116 <tr> 117 <td> (DoS) </td> 118 <td>CVE-2016-6766, CVE-2016-6765, CVE-2016-6764, CVE-2016-6767</td> 119 <td></td> 120 <td></td> 121 </tr> 122 <tr> 123 <td>Framesequence </td> 124 <td>CVE-2016-6768</td> 125 <td></td> 126 <td></td> 127 </tr> 128 <tr> 129 <td>Smart Lock </td> 130 <td>CVE-2016-6769</td> 131 <td></td> 132 <td>*</td> 133 </tr> 134 <tr> 135 <td> API </td> 136 <td>CVE-2016-6770</td> 137 <td></td> 138 <td></td> 139 </tr> 140 <tr> 141 <td> </td> 142 <td>CVE-2016-6771</td> 143 <td></td> 144 <td></td> 145 </tr> 146 <tr> 147 <td>Wi-Fi </td> 148 <td>CVE-2016-6772</td> 149 <td></td> 150 <td></td> 151 </tr> 152 <tr> 153 <td> </td> 154 <td>CVE-2016-6773</td> 155 <td></td> 156 <td></td> 157 </tr> 158 <tr> 159 <td> </td> 160 <td>CVE-2016-6774</td> 161 <td></td> 162 <td></td> 163 </tr> 164 </table> 165 <p> 166 * Android 7.0 Google 167 . 168 </p> 169 <h3 id="2016-12-05-summary">2016-12-05 170 </h3> 171 <p> 172 2016-12-01 2016-12-05 173 . 174 </p> 175 <table> 176 <col width="55%"> 177 <col width="20%"> 178 <col width="13%"> 179 <col width="12%"> 180 <tr> 181 <th></th> 182 <th>CVE</th> 183 <th></th> 184 <th>Google </th> 185 </tr> 186 <tr> 187 <td> </td> 188 <td>CVE-2016-4794, CVE-2016-5195</td> 189 <td></td> 190 <td></td> 191 </tr> 192 <tr> 193 <td>NVIDIA GPU </td> 194 <td>CVE-2016-6775, CVE-2016-6776, CVE-2016-6777</td> 195 <td></td> 196 <td></td> 197 </tr> 198 <tr> 199 <td> </td> 200 <td>CVE-2015-8966</td> 201 <td></td> 202 <td>*</td> 203 </tr> 204 <tr> 205 <td>NVIDIA </td> 206 <td>CVE-2016-6915, CVE-2016-6916, CVE-2016-6917</td> 207 <td></td> 208 <td></td> 209 </tr> 210 <tr> 211 <td> ION </td> 212 <td>CVE-2016-9120</td> 213 <td></td> 214 <td></td> 215 </tr> 216 <tr> 217 <td>Qualcomm </td> 218 <td>CVE-2016-8411</td> 219 <td></td> 220 <td></td> 221 </tr> 222 <tr> 223 <td> </td> 224 <td>CVE-2014-4014</td> 225 <td></td> 226 <td></td> 227 </tr> 228 <tr> 229 <td> </td> 230 <td>CVE-2015-8967</td> 231 <td></td> 232 <td></td> 233 </tr> 234 <tr> 235 <td>HTC </td> 236 <td>CVE-2016-6778, CVE-2016-6779, CVE-2016-6780</td> 237 <td></td> 238 <td></td> 239 </tr> 240 <tr> 241 <td>MediaTek </td> 242 <td>CVE-2016-6492, CVE-2016-6781, CVE-2016-6782, CVE-2016-6783, 243 CVE-2016-6784, CVE-2016-6785</td> 244 <td></td> 245 <td>*</td> 246 </tr> 247 <tr> 248 <td>Qualcomm </td> 249 <td>CVE-2016-6761, CVE-2016-6760, CVE-2016-6759, CVE-2016-6758</td> 250 <td></td> 251 <td></td> 252 </tr> 253 <tr> 254 <td>Qualcomm </td> 255 <td>CVE-2016-6755</td> 256 <td></td> 257 <td></td> 258 </tr> 259 <tr> 260 <td> </td> 261 <td>CVE-2016-6786, CVE-2016-6787</td> 262 <td></td> 263 <td></td> 264 </tr> 265 <tr> 266 <td>MediaTek I2C </td> 267 <td>CVE-2016-6788</td> 268 <td></td> 269 <td>*</td> 270 </tr> 271 <tr> 272 <td>NVIDIA libomx </td> 273 <td>CVE-2016-6789, CVE-2016-6790</td> 274 <td></td> 275 <td></td> 276 </tr> 277 <tr> 278 <td>Qualcomm </td> 279 <td>CVE-2016-6791, CVE-2016-8391, CVE-2016-8392</td> 280 <td></td> 281 <td></td> 282 </tr> 283 <tr> 284 <td> </td> 285 <td>CVE-2015-7872</td> 286 <td></td> 287 <td></td> 288 </tr> 289 <tr> 290 <td>Synaptics </td> 291 <td>CVE-2016-8393, CVE-2016-8394</td> 292 <td></td> 293 <td></td> 294 </tr> 295 <tr> 296 <td>Broadcom Wi-Fi </td> 297 <td>CVE-2014-9909, CVE-2014-9910</td> 298 <td></td> 299 <td>*</td> 300 </tr> 301 <tr> 302 <td>MediaTek </td> 303 <td>CVE-2016-8396</td> 304 <td></td> 305 <td>*</td> 306 </tr> 307 <tr> 308 <td>NVIDIA </td> 309 <td>CVE-2016-8397</td> 310 <td></td> 311 <td></td> 312 </tr> 313 <tr> 314 <td>GPS (DoS) </td> 315 <td>CVE-2016-5341</td> 316 <td></td> 317 <td></td> 318 </tr> 319 <tr> 320 <td>NVIDIA (DoS) </td> 321 <td>CVE-2016-8395</td> 322 <td></td> 323 <td></td> 324 </tr> 325 <tr> 326 <td> </td> 327 <td>CVE-2016-8399</td> 328 <td></td> 329 <td></td> 330 </tr> 331 <tr> 332 <td>Qualcomm </td> 333 <td>CVE-2016-6756, CVE-2016-6757</td> 334 <td></td> 335 <td></td> 336 </tr> 337 <tr> 338 <td>NVIDIA librm </td> 339 <td>CVE-2016-8400</td> 340 <td></td> 341 <td></td> 342 </tr> 343 <tr> 344 <td> </td> 345 <td>CVE-2016-8401, CVE-2016-8402, CVE-2016-8403, CVE-2016-8404, 346 CVE-2016-8405, CVE-2016-8406, CVE-2016-8407</td> 347 <td></td> 348 <td></td> 349 </tr> 350 <tr> 351 <td>NVIDIA </td> 352 <td>CVE-2016-8408, CVE-2016-8409</td> 353 <td></td> 354 <td></td> 355 </tr> 356 <tr> 357 <td>Qualcomm </td> 358 <td>CVE-2016-8410</td> 359 <td></td> 360 <td></td> 361 </tr> 362 </table> 363 <p> 364 * Android 7.0 Google 365 . 366 </p> 367 <h2 id="mitigations">Android Google </h2> 368 <p> 369 SafetyNet <a href="/security/enhancements/index.html">Android </a> 370 . 371 Android 372 . 373 </p> 374 <ul> 375 <li>Android Android 376 . Android 377 .</li> 378 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"> </a> 379 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> 380 . <a href="http://www.android.com/gms">Google </a> 381 Google Play 382 . Google 383 Play 384 385 . 386 387 . 388 .</li> 389 <li> Google 390 .</li> 391 </ul> 392 393 <h2 id="acknowledgements"> </h2> 394 <p> 395 . 396 </p> 397 398 <ul> 399 <li>Alibaba Mobile Security Group Baozeng Ding, Chengming Yang, Peng Xiao, 400 Ning You, Yang Dong, Chao Yang, Yi Zhang, Yang Song: CVE-2016-6783, 401 CVE-2016-6784, CVE-2016-6785</li> 402 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>, Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6789, CVE-2016-6790</li> 403 <li>Christian Seel: CVE-2016-6769</li> 404 <li>Google David Benjamin, Kenny Root: CVE-2016-6767</li> 405 <li>Tencent, KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>) 406 Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-6776, 407 CVE-2016-6787</li> 408 <li><a href="http://www.ms509.com">MS509Team</a> En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>): CVE-2016-6763</li> 409 <li>Qihoo 360 Technology Co. Ltd., 410 IceSword Lab Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), 411 <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6779, CVE-2016-6778, CVE-2016-8401, CVE-2016-8402, 412 CVE-2016-8403, CVE-2016-8409, CVE-2016-8408, CVE-2016-8404</li> 413 <li>Qihoo 360 Technology Co. Ltd, IceSword Lab Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: 414 CVE-2016-6788, CVE-2016-6781, CVE-2016-6782, CVE-2016-8396</li> 415 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a>, <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>, <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6791, CVE-2016-8391, 416 CVE-2016-8392</li> 417 <li>Project Zero Mark Brand: CVE-2016-6772</li> 418 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>: 419 CVE-2016-6770, CVE-2016-6774</li> 420 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6761, CVE-2016-6759, 421 CVE-2016-8400</li> 422 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6760</li> 423 <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6759</li> 424 <li>Tesla Motors Product Security Team Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): 425 CVE-2016-6915, CVE-2016-6916, CVE-2016-6917</li> 426 <li>Nightwatch Cybersecurity Research(<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>): CVE-2016-5341</li> 427 <li>Baidu X-Lab Pengfei Ding(), Chenfu Bao(), Lenx Wei(): 428 CVE-2016-6755, CVE-2016-6756</li> 429 <li>Trend Micro Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): 430 CVE-2016-8397, CVE-2016-8405, CVE-2016-8406, CVE-2016-8407</li> 431 <li>Tencent, KeenLab() 432 Qidan He()(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2016-8399, CVE-2016-8395</li> 433 <li>Tencent, KeenLab() 434 Qidan He()(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>), 435 Marco Grassi(<a href="https://twitter.com/marcograss">@marcograss</a>): CVE-2016-6768</li> 436 <li>Richard Shupak: CVE-2016-5341</li> 437 <li>IBM X-Force Research Sagi Kedmi: CVE-2016-8393, CVE-2016-8394</li> 438 <li>Trend Micro Inc., Mobile Threat Research Team 439 Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-6757</li> 440 <li>Alibaba Inc. Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): 441 CVE-2016-6773</li> 442 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6765</li> 443 <li><a href="http://www.trendmicro.com">Trend Micro Inc.</a>, <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile Threat Response Team</a> 444 Wish Wu(<a href="https://twitter.com/wish_wu">@wish_wu</a>)(<a href="http://weibo.com/wishlinux"></a>): 445 CVE-2016-6704</li> 446 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6786, CVE-2016-6780, 447 CVE-2016-6775</li> 448 <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6777</li> 449 <li>Tencent Security Platform Department Yuxiang Li: CVE-2016-6771</li> 450 <li>Qihoo 360 Technology Co.Ltd., Chengdu Security Response Center 451 Zhe Jin(): CVE-2016-6764, CVE-2016-6766</li> 452 <li>Qihoo 360 Technology Co. Ltd., Chengdu Security 453 Response Center <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: CVE-2016-6762</li> 454 </ul> 455 <p> 456 Bottle Tech MengLuo Gou(<a href="https://twitter.com/idhyt3r">@idhyt3r</a>) 457 Google Yong Wang()(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>), Zubin Mithra 458 . 459 </p> 460 461 <h2 id="2016-12-01-details">2016-12-01 462 </h2> 463 <p> 464 <a href="#2016-12-01-summary">2016-12-01 465 </a> 466 . 467 , CVE, 468 , , Google , 469 AOSP ( ), 470 . 471 AOSP ID 472 . 473 ID .</p> 474 475 476 <h3 id="rce-in-curl-libcurl">CURL/LIBCURL 477 </h3> 478 <p> 479 CURL LIBCURL 480 . 481 482 . 483 . 484 </p> 485 486 <table> 487 <col width="18%"> 488 <col width="18%"> 489 <col width="10%"> 490 <col width="19%"> 491 <col width="17%"> 492 <col width="17%"> 493 <tr> 494 <th>CVE</th> 495 <th></th> 496 <th></th> 497 <th> Google </th> 498 <th> AOSP </th> 499 <th> </th> 500 </tr> 501 <tr> 502 <td>CVE-2016-5419</td> 503 <td>A-31271247</td> 504 <td></td> 505 <td></td> 506 <td>7.0</td> 507 <td>2016 8 3</td> 508 </tr> 509 <tr> 510 <td>CVE-2016-5420</td> 511 <td>A-31271247</td> 512 <td></td> 513 <td></td> 514 <td>7.0</td> 515 <td>2016 8 3</td> 516 </tr> 517 <tr> 518 <td>CVE-2016-5421</td> 519 <td>A-31271247</td> 520 <td></td> 521 <td></td> 522 <td>7.0</td> 523 <td>2016 8 3</td> 524 </tr> 525 </table> 526 527 528 <h3 id="eop-in-libziparchive">libziparchive 529 </h3> 530 <p> 531 libziparchive 532 533 . 534 535 . 536 </p> 537 538 <table> 539 <col width="18%"> 540 <col width="18%"> 541 <col width="10%"> 542 <col width="19%"> 543 <col width="17%"> 544 <col width="17%"> 545 <tr> 546 <th>CVE</th> 547 <th></th> 548 <th></th> 549 <th> Google </th> 550 <th> AOSP </th> 551 <th> </th> 552 </tr> 553 <tr> 554 <td>CVE-2016-6762</td> 555 <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c"> 556 A-31251826</a> 557 [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>] 558 </td> 559 <td></td> 560 <td></td> 561 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 562 <td>2016 8 28</td> 563 </tr> 564 </table> 565 566 567 <h3 id="dos-in-telephony"> (DoS) </h3> 568 <p> 569 (DoS) 570 . 571 572 . 573 </p> 574 575 <table> 576 <col width="18%"> 577 <col width="18%"> 578 <col width="10%"> 579 <col width="19%"> 580 <col width="17%"> 581 <col width="17%"> 582 <tr> 583 <th>CVE</th> 584 <th></th> 585 <th></th> 586 <th> Google </th> 587 <th> AOSP </th> 588 <th> </th> 589 </tr> 590 <tr> 591 <td>CVE-2016-6763</td> 592 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1294620627b1e9afdf4bd0ad51c25ed3daf80d84"> 593 A-31530456</a></td> 594 <td></td> 595 <td></td> 596 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 597 <td>2016 9 12</td> 598 </tr> 599 </table> 600 601 602 <h3 id="dos-in-mediaserver"> (DoS) </h3> 603 <p> 604 (DoS) 605 . 606 . 607 </p> 608 609 <table> 610 <col width="18%"> 611 <col width="18%"> 612 <col width="10%"> 613 <col width="19%"> 614 <col width="17%"> 615 <col width="17%"> 616 <tr> 617 <th>CVE</th> 618 <th></th> 619 <th></th> 620 <th> Google </th> 621 <th> AOSP </th> 622 <th> </th> 623 </tr> 624 <tr> 625 <td>CVE-2016-6766 </td> 626 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 627 A-31318219</a></td> 628 <td></td> 629 <td></td> 630 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 631 <td>2016 9 5</td> 632 </tr> 633 <tr> 634 <td>CVE-2016-6765</td> 635 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/fd9cc97d4dfe2a2fbce2c0f1704d7a27ce7cbc44"> 636 A-31449945</a></td> 637 <td></td> 638 <td></td> 639 <td>4.4.4, 5.0.2, 5.1.1, 7.0</td> 640 <td>2016 9 13</td> 641 </tr> 642 <tr> 643 <td>CVE-2016-6764</td> 644 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20"> 645 A-31681434</a></td> 646 <td></td> 647 <td></td> 648 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 649 <td>2016 9 22</td> 650 </tr> 651 <tr> 652 <td>CVE-2016-6767</td> 653 <td>A-31833604</td> 654 <td></td> 655 <td>*</td> 656 <td>4.4.4</td> 657 <td>Google </td> 658 </tr> 659 </table> 660 661 <p> 662 * Android 7.0 Google 663 . 664 </p> 665 666 667 <h3 id="rce-in-framesequence-library">Framesequence 668 </h3> 669 <p> 670 Framesequence 671 672 . Framesequence 673 674 . 675 </p> 676 677 <table> 678 <col width="18%"> 679 <col width="18%"> 680 <col width="10%"> 681 <col width="19%"> 682 <col width="17%"> 683 <col width="17%"> 684 <tr> 685 <th>CVE</th> 686 <th></th> 687 <th></th> 688 <th> Google </th> 689 <th> AOSP </th> 690 <th> </th> 691 </tr> 692 <tr> 693 <td>CVE-2016-6768</td> 694 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/0ada9456d0270cb0e357a43d9187a6418d770760"> 695 A-31631842</a></td> 696 <td></td> 697 <td></td> 698 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 699 <td>2016 9 19</td> 700 </tr> 701 </table> 702 703 704 <h3 id="eop-in-smart-lock">Smart Lock 705 </h3> 706 <p> 707 Smart Lock PIN 708 Smart Lock . 709 Smart Lock 710 . 711 </p> 712 713 <table> 714 <col width="18%"> 715 <col width="18%"> 716 <col width="10%"> 717 <col width="19%"> 718 <col width="17%"> 719 <col width="17%"> 720 <tr> 721 <th>CVE</th> 722 <th></th> 723 <th></th> 724 <th> Google </th> 725 <th> AOSP </th> 726 <th> </th> 727 </tr> 728 <tr> 729 <td>CVE-2016-6769</td> 730 <td>A-29055171</td> 731 <td></td> 732 <td>*</td> 733 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 734 <td>2016 5 27</td> 735 </tr> 736 </table> 737 <p> 738 * Android 7.0 Google 739 . 740 </p> 741 742 743 <h3 id="eop-in-framework-apis"> API 744 </h3> 745 <p> 746 API 747 . 748 749 . 750 </p> 751 752 <table> 753 <col width="18%"> 754 <col width="18%"> 755 <col width="10%"> 756 <col width="19%"> 757 <col width="17%"> 758 <col width="17%"> 759 <tr> 760 <th>CVE</th> 761 <th></th> 762 <th></th> 763 <th> Google </th> 764 <th> AOSP </th> 765 <th> </th> 766 </tr> 767 <tr> 768 <td>CVE-2016-6770</td> 769 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc"> 770 A-30202228</a></td> 771 <td></td> 772 <td></td> 773 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 774 <td>2016 7 16</td> 775 </tr> 776 </table> 777 778 779 <h3 id="eop-in-telephony"> 780 </h3> 781 <p> 782 783 . 784 . 785 </p> 786 787 <table> 788 <col width="18%"> 789 <col width="18%"> 790 <col width="10%"> 791 <col width="19%"> 792 <col width="17%"> 793 <col width="17%"> 794 <tr> 795 <th>CVE</th> 796 <th></th> 797 <th></th> 798 <th> Google </th> 799 <th> AOSP </th> 800 <th> </th> 801 </tr> 802 <tr> 803 <td>CVE-2016-6771</td> 804 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a39ff9526aee6f2ea4f6e02412db7b33d486fd7d"> 805 A-31566390</a></td> 806 <td></td> 807 <td></td> 808 <td>6.0, 6.0.1, 7.0</td> 809 <td>2016 9 17</td> 810 </tr> 811 </table> 812 813 814 <h3 id="eop-in-wi-fi">Wi-Fi </h3> 815 <p> 816 Wi-Fi 817 818 . 819 . 820 </p> 821 822 <table> 823 <col width="18%"> 824 <col width="18%"> 825 <col width="10%"> 826 <col width="19%"> 827 <col width="17%"> 828 <col width="17%"> 829 <tr> 830 <th>CVE</th> 831 <th></th> 832 <th></th> 833 <th> Google </th> 834 <th> AOSP </th> 835 <th> </th> 836 </tr> 837 <tr> 838 <td>CVE-2016-6772</td> 839 <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484"> 840 A-31856351</a> 841 [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> 842 <td></td> 843 <td></td> 844 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 845 <td>2016 9 30</td> 846 </tr> 847 </table> 848 849 850 <h3 id="id-in-mediaserver"> 851 </h3> 852 <p> 853 854 . 855 856 . 857 </p> 858 859 <table> 860 <col width="18%"> 861 <col width="18%"> 862 <col width="10%"> 863 <col width="19%"> 864 <col width="17%"> 865 <col width="17%"> 866 <tr> 867 <th>CVE</th> 868 <th></th> 869 <th></th> 870 <th> Google </th> 871 <th> AOSP </th> 872 <th> </th> 873 </tr> 874 <tr> 875 <td>CVE-2016-6773</td> 876 <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0"> 877 A-30481714</a> 878 [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> 879 <td></td> 880 <td></td> 881 <td>6.0, 6.0.1, 7.0</td> 882 <td>2016 7 27</td> 883 </tr> 884 </table> 885 886 887 <h3 id="id-in-package-manager"> 888 </h3> 889 <p> 890 891 892 . 893 . 894 </p> 895 896 <table> 897 <col width="18%"> 898 <col width="18%"> 899 <col width="10%"> 900 <col width="19%"> 901 <col width="17%"> 902 <col width="17%"> 903 <tr> 904 <th>CVE</th> 905 <th></th> 906 <th></th> 907 <th> Google </th> 908 <th> AOSP </th> 909 <th> </th> 910 </tr> 911 <tr> 912 <td>CVE-2016-6774</td> 913 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e2d4f5fc313ecb4ba587b20fff6d346f8cd51775"> 914 A-31251489</a></td> 915 <td></td> 916 <td></td> 917 <td>7.0</td> 918 <td>2016 8 29</td> 919 </tr> 920 </table> 921 922 923 <h2 id="2016-12-05-details">2016-12-05 924 </h2> 925 <p> 926 <a href="#2016-12-05-summary">2016-12-05 927 </a> 928 . , 929 CVE, , , Google , 930 AOSP ( ), . 931 AOSP ID 932 . 933 ID .</p> 934 935 <h3 id="eop-in-kernel-memory-subsystem"> 936 </h3> 937 <p> 938 939 940 . 941 , 942 . 943 </p> 944 945 <table> 946 <col width="19%"> 947 <col width="20%"> 948 <col width="10%"> 949 <col width="23%"> 950 <col width="17%"> 951 <tr> 952 <th>CVE</th> 953 <th></th> 954 <th></th> 955 <th> Google </th> 956 <th> </th> 957 </tr> 958 <tr> 959 <td>CVE-2016-4794</td> 960 <td>A-31596597<br> 961 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"> 962 </a> 963 [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> 964 <td></td> 965 <td>Pixel C, Pixel, Pixel XL</td> 966 <td>2016 4 17</td> 967 </tr> 968 <tr> 969 <td>CVE-2016-5195</td> 970 <td>A-32141528<br> 971 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> 972 </a> 973 [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> 974 <td></td> 975 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 976 Player, Pixel, Pixel XL</td> 977 <td>2016 10 12</td> 978 </tr> 979 </table> 980 981 982 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 983 </h3> 984 <p> 985 NVIDIA GPU 986 987 . 988 , 989 . 990 </p> 991 992 <table> 993 <col width="19%"> 994 <col width="20%"> 995 <col width="10%"> 996 <col width="23%"> 997 <col width="17%"> 998 <tr> 999 <th>CVE</th> 1000 <th></th> 1001 <th></th> 1002 <th> Google </th> 1003 <th> </th> 1004 </tr> 1005 <tr> 1006 <td>CVE-2016-6775</td> 1007 <td>A-31222873*<br>N-CVE-2016-6775</td> 1008 <td></td> 1009 <td>Nexus 9</td> 1010 <td>2016 8 25</td> 1011 </tr> 1012 <tr> 1013 <td>CVE-2016-6776</td> 1014 <td>A-31680980*<br>N-CVE-2016-6776</td> 1015 <td></td> 1016 <td>Nexus 9</td> 1017 <td>2016 9 22</td> 1018 </tr> 1019 <tr> 1020 <td>CVE-2016-6777</td> 1021 <td>A-31910462*<br>N-CVE-2016-6777</td> 1022 <td></td> 1023 <td>Nexus 9</td> 1024 <td>2016 10 3</td> 1025 </tr> 1026 </table> 1027 <p> 1028 * . 1029 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1030 . 1031 </p> 1032 1033 <h3 id="eop-in-kernel"> </h3> 1034 <p> 1035 1036 1037 . 1038 , 1039 . 1040 </p> 1041 1042 <table> 1043 <col width="19%"> 1044 <col width="20%"> 1045 <col width="10%"> 1046 <col width="23%"> 1047 <col width="17%"> 1048 <tr> 1049 <th>CVE</th> 1050 <th></th> 1051 <th></th> 1052 <th> Google </th> 1053 <th> </th> 1054 </tr> 1055 <tr> 1056 <td>CVE-2015-8966</td> 1057 <td>A-31435731<br> 1058 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> 1059 </a></td> 1060 <td></td> 1061 <td>*</td> 1062 <td>2016 9 10</td> 1063 </tr> 1064 </table> 1065 <p> 1066 * Android 7.0 Google 1067 . 1068 </p> 1069 1070 1071 <h3 id="eop-in-nvidia-video-driver">NVIDIA 1072 </h3> 1073 <p> 1074 NVIDIA 1075 1076 . 1077 , 1078 . 1079 </p> 1080 1081 <table> 1082 <col width="19%"> 1083 <col width="20%"> 1084 <col width="10%"> 1085 <col width="23%"> 1086 <col width="17%"> 1087 <tr> 1088 <th>CVE</th> 1089 <th></th> 1090 <th></th> 1091 <th> Google </th> 1092 <th> </th> 1093 </tr> 1094 <tr> 1095 <td>CVE-2016-6915</td> 1096 <td>A-31471161* 1097 <br>N-CVE-2016-6915</td> 1098 <td></td> 1099 <td>Nexus 9</td> 1100 <td>2016 9 13</td> 1101 </tr> 1102 <tr> 1103 <td>CVE-2016-6916</td> 1104 <td>A-32072350* 1105 <br>N-CVE-2016-6916</td> 1106 <td></td> 1107 <td>Nexus 9, Pixel C</td> 1108 <td>2016 9 13</td> 1109 </tr> 1110 <tr> 1111 <td>CVE-2016-6917</td> 1112 <td>A-32072253* 1113 <br>N-CVE-2016-6917</td> 1114 <td></td> 1115 <td>Nexus 9</td> 1116 <td>2016 9 13</td> 1117 </tr> 1118 </table> 1119 <p> 1120 * . 1121 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1122 . 1123 </p> 1124 1125 <h3 id="eop-in-kernel-ion-driver"> ION 1126 </h3> 1127 <p> 1128 ION 1129 . 1130 , 1131 . 1132 </p> 1133 1134 <table> 1135 <col width="19%"> 1136 <col width="20%"> 1137 <col width="10%"> 1138 <col width="23%"> 1139 <col width="17%"> 1140 <tr> 1141 <th>CVE</th> 1142 <th></th> 1143 <th></th> 1144 <th> Google </th> 1145 <th> </th> 1146 </tr> 1147 <tr> 1148 <td>CVE-2016-9120</td> 1149 <td>A-31568617<br> 1150 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> 1151 </a></td> 1152 <td></td> 1153 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player</td> 1154 <td>2016 9 16</td> 1155 </tr> 1156 </table> 1157 1158 <h3>Qualcomm </h3> 1159 <p> 1160 Qualcomm Qualcomm AMSS 2015 11 1161 . 1162 </p> 1163 <table> 1164 <col width="19%"> 1165 <col width="20%"> 1166 <col width="10%"> 1167 <col width="23%"> 1168 <col width="17%"> 1169 <tr> 1170 <th>CVE</th> 1171 <th></th> 1172 <th>*</th> 1173 <th> Google </th> 1174 <th> </th> 1175 </tr> 1176 <tr> 1177 <td>CVE-2016-8411</td> 1178 <td>A-31805216**</td> 1179 <td></td> 1180 <td>Nexus 6, Nexus 6P, Android One</td> 1181 <td>Qualcomm </td> 1182 </tr> 1183 </table> 1184 <p>* .</p> 1185 <p>** . 1186 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1187 . 1188 </p> 1189 1190 <h3 id="eop-in-kernel-file-system"> 1191 </h3> 1192 <p> 1193 1194 1195 . 1196 1197 . 1198 </p> 1199 1200 <table> 1201 <col width="19%"> 1202 <col width="20%"> 1203 <col width="10%"> 1204 <col width="23%"> 1205 <col width="17%"> 1206 <tr> 1207 <th>CVE</th> 1208 <th></th> 1209 <th></th> 1210 <th> Google </th> 1211 <th> </th> 1212 </tr> 1213 <tr> 1214 <td>CVE-2014-4014</td> 1215 <td>A-31252187<br> 1216 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> 1217 </a></td> 1218 <td></td> 1219 <td>Nexus 6, Nexus Player</td> 1220 <td>2014 6 10</td> 1221 </tr> 1222 </table> 1223 1224 1225 <h3 id="eop-in-kernel-2"> </h3> 1226 <p> 1227 1228 1229 . 1230 . 1231 </p> 1232 1233 <table> 1234 <col width="19%"> 1235 <col width="20%"> 1236 <col width="10%"> 1237 <col width="23%"> 1238 <col width="17%"> 1239 <tr> 1240 <th>CVE</th> 1241 <th></th> 1242 <th></th> 1243 <th> Google </th> 1244 <th> </th> 1245 </tr> 1246 <tr> 1247 <td>CVE-2015-8967</td> 1248 <td>A-31703084<br> 1249 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> 1250 </a></td> 1251 <td></td> 1252 <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Pixel, Pixel XL</td> 1253 <td>2015 1 8</td> 1254 </tr> 1255 </table> 1256 1257 1258 <h3 id="eop-in-htc-sound-codec-driver">HTC 1259 </h3> 1260 <p> 1261 HTC 1262 1263 . 1264 . 1265 </p> 1266 1267 <table> 1268 <col width="19%"> 1269 <col width="20%"> 1270 <col width="10%"> 1271 <col width="23%"> 1272 <col width="17%"> 1273 <tr> 1274 <th>CVE</th> 1275 <th></th> 1276 <th></th> 1277 <th> Google </th> 1278 <th> </th> 1279 </tr> 1280 <tr> 1281 <td>CVE-2016-6778</td> 1282 <td>A-31384646*</td> 1283 <td></td> 1284 <td>Nexus 9</td> 1285 <td>2016 2 25</td> 1286 </tr> 1287 <tr> 1288 <td>CVE-2016-6779</td> 1289 <td>A-31386004*</td> 1290 <td></td> 1291 <td>Nexus 9</td> 1292 <td>2016 2 25</td> 1293 </tr> 1294 <tr> 1295 <td>CVE-2016-6780</td> 1296 <td>A-31251496*</td> 1297 <td></td> 1298 <td>Nexus 9</td> 1299 <td>2016 8 30</td> 1300 </tr> 1301 </table> 1302 <p> 1303 * . 1304 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1305 . 1306 </p> 1307 1308 <h3 id="eop-in-mediatek-driver">MediaTek 1309 </h3> 1310 <p> 1311 MediaTek 1312 1313 . 1314 . 1315 </p> 1316 1317 <table> 1318 <col width="19%"> 1319 <col width="20%"> 1320 <col width="10%"> 1321 <col width="23%"> 1322 <col width="17%"> 1323 <tr> 1324 <th>CVE</th> 1325 <th></th> 1326 <th></th> 1327 <th> Google </th> 1328 <th> </th> 1329 </tr> 1330 <tr> 1331 <td>CVE-2016-6492</td> 1332 <td>A-28175122<br>MT-ALPS02696413</td> 1333 <td></td> 1334 <td>*</td> 1335 <td>2016 4 11</td> 1336 </tr> 1337 <tr> 1338 <td>CVE-2016-6781</td> 1339 <td>A-31095175<br>MT-ALPS02943455</td> 1340 <td></td> 1341 <td>*</td> 1342 <td>2016 8 22</td> 1343 </tr> 1344 <tr> 1345 <td>CVE-2016-6782</td> 1346 <td>A-31224389<br>MT-ALPS02943506</td> 1347 <td></td> 1348 <td>*</td> 1349 <td>2016 8 24</td> 1350 </tr> 1351 <tr> 1352 <td>CVE-2016-6783</td> 1353 <td>A-31350044<br>MT-ALPS02943437</td> 1354 <td></td> 1355 <td>*</td> 1356 <td>2016 9 6</td> 1357 </tr> 1358 <tr> 1359 <td>CVE-2016-6784</td> 1360 <td>A-31350755<br>MT-ALPS02961424</td> 1361 <td></td> 1362 <td>*</td> 1363 <td>2016 9 6</td> 1364 </tr> 1365 <tr> 1366 <td>CVE-2016-6785</td> 1367 <td>A-31748056<br>MT-ALPS02961400</td> 1368 <td></td> 1369 <td>*</td> 1370 <td>2016 9 25</td> 1371 </tr> 1372 </table> 1373 <p> 1374 * Android 7.0 Google 1375 . 1376 </p> 1377 1378 1379 <h3 id="eop-in-qualcomm-media-codecs">Qualcomm 1380 </h3> 1381 <p> 1382 Qualcomm 1383 1384 . 1385 1386 . 1387 </p> 1388 1389 <table> 1390 <col width="19%"> 1391 <col width="20%"> 1392 <col width="10%"> 1393 <col width="23%"> 1394 <col width="17%"> 1395 <tr> 1396 <th>CVE</th> 1397 <th></th> 1398 <th></th> 1399 <th> Google </th> 1400 <th> </th> 1401 </tr> 1402 <tr> 1403 <td>CVE-2016-6761</td> 1404 <td>A-29421682* 1405 <br>QC-CR#1055792</td> 1406 <td></td> 1407 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1408 Pixel XL</td> 1409 <td>2016 6 16</td> 1410 </tr> 1411 <tr> 1412 <td>CVE-2016-6760</td> 1413 <td>A-29617572* 1414 <br>QC-CR#1055783</td> 1415 <td></td> 1416 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1417 Pixel XL</td> 1418 <td>2016 6 23</td> 1419 </tr> 1420 <tr> 1421 <td>CVE-2016-6759</td> 1422 <td>A-29982686* 1423 <br>QC-CR#1055766</td> 1424 <td></td> 1425 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1426 Pixel XL</td> 1427 <td>2016 7 4</td> 1428 </tr> 1429 <tr> 1430 <td>CVE-2016-6758</td> 1431 <td>A-30148882* 1432 <br>QC-CR#1071731</td> 1433 <td></td> 1434 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1435 Pixel XL</td> 1436 <td>2016 7 13</td> 1437 </tr> 1438 </table> 1439 <p> 1440 * . 1441 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1442 . 1443 </p> 1444 1445 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm 1446 </h3> 1447 <p> 1448 Qualcomm 1449 1450 . 1451 . 1452 </p> 1453 1454 <table> 1455 <col width="19%"> 1456 <col width="20%"> 1457 <col width="10%"> 1458 <col width="23%"> 1459 <col width="17%"> 1460 <tr> 1461 <th>CVE</th> 1462 <th></th> 1463 <th></th> 1464 <th> Google </th> 1465 <th> </th> 1466 </tr> 1467 <tr> 1468 <td>CVE-2016-6755</td> 1469 <td>A-30740545<br> 1470 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> 1471 QC-CR#1065916</a></td> 1472 <td></td> 1473 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1474 <td>2016 8 3</td> 1475 </tr> 1476 </table> 1477 1478 1479 <h3 id="eop-in-kernel-performance-subsystem"> 1480 </h3> 1481 <p> 1482 1483 . 1484 . 1485 </p> 1486 1487 <table> 1488 <col width="19%"> 1489 <col width="20%"> 1490 <col width="10%"> 1491 <col width="23%"> 1492 <col width="17%"> 1493 <tr> 1494 <th>CVE</th> 1495 <th></th> 1496 <th></th> 1497 <th> Google </th> 1498 <th> </th> 1499 </tr> 1500 <tr> 1501 <td>CVE-2016-6786</td> 1502 <td>A-30955111 1503 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"> </a></td> 1504 <td></td> 1505 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 1506 Player, Pixel, Pixel XL</td> 1507 <td>2016 8 18</td> 1508 </tr> 1509 <tr> 1510 <td>CVE-2016-6787</td> 1511 <td>A-31095224 1512 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"> </a></td> 1513 <td></td> 1514 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 1515 Player, Pixel, Pixel XL</td> 1516 <td>2016 8 22</td> 1517 </tr> 1518 </table> 1519 1520 1521 <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C 1522 </h3> 1523 <p> 1524 MediaTek I2C 1525 1526 . 1527 . 1528 </p> 1529 1530 <table> 1531 <col width="19%"> 1532 <col width="20%"> 1533 <col width="10%"> 1534 <col width="23%"> 1535 <col width="17%"> 1536 <tr> 1537 <th>CVE</th> 1538 <th></th> 1539 <th></th> 1540 <th> Google </th> 1541 <th> </th> 1542 </tr> 1543 <tr> 1544 <td>CVE-2016-6788</td> 1545 <td>A-31224428<br>MT-ALPS02943467</td> 1546 <td></td> 1547 <td>*</td> 1548 <td>2016 8 24</td> 1549 </tr> 1550 </table> 1551 <p> 1552 * Android 7.0 Google 1553 . 1554 </p> 1555 1556 1557 <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx 1558 </h3> 1559 <p> 1560 NVIDIA libomx (libnvomx) 1561 1562 . 1563 1564 . 1565 </p> 1566 1567 <table> 1568 <col width="19%"> 1569 <col width="20%"> 1570 <col width="10%"> 1571 <col width="23%"> 1572 <col width="17%"> 1573 <tr> 1574 <th>CVE</th> 1575 <th></th> 1576 <th></th> 1577 <th> Google </th> 1578 <th> </th> 1579 </tr> 1580 <tr> 1581 <td>CVE-2016-6789</td> 1582 <td>A-31251973* 1583 <br>N-CVE-2016-6789</td> 1584 <td></td> 1585 <td>Pixel C</td> 1586 <td>2016 8 29</td> 1587 </tr> 1588 <tr> 1589 <td>CVE-2016-6790</td> 1590 <td>A-31251628* 1591 <br>N-CVE-2016-6790</td> 1592 <td></td> 1593 <td>Pixel C</td> 1594 <td>2016 8 28</td> 1595 </tr> 1596 </table> 1597 <p> 1598 * . 1599 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1600 . 1601 </p> 1602 1603 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm 1604 </h3> 1605 <p> 1606 Qualcomm 1607 1608 . 1609 . 1610 </p> 1611 1612 <table> 1613 <col width="19%"> 1614 <col width="20%"> 1615 <col width="10%"> 1616 <col width="23%"> 1617 <col width="17%"> 1618 <tr> 1619 <th>CVE</th> 1620 <th></th> 1621 <th></th> 1622 <th> Google </th> 1623 <th> </th> 1624 </tr> 1625 <tr> 1626 <td>CVE-2016-6791</td> 1627 <td>A-31252384<br> 1628 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1629 QC-CR#1071809</a></td> 1630 <td></td> 1631 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1632 <td>2016 8 31</td> 1633 </tr> 1634 <tr> 1635 <td>CVE-2016-8391</td> 1636 <td>A-31253255<br> 1637 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1638 QC-CR#1072166</a></td> 1639 <td></td> 1640 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1641 <td>2016 8 31</td> 1642 </tr> 1643 <tr> 1644 <td>CVE-2016-8392</td> 1645 <td>A-31385862<br> 1646 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1647 QC-CR#1073136</a></td> 1648 <td></td> 1649 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1650 <td>2016 9 8</td> 1651 </tr> 1652 </table> 1653 1654 1655 <h3 id="eop-in-kernel-security-subsystem"> 1656 </h3> 1657 <p> 1658 1659 1660 . 1661 . 1662 </p> 1663 1664 <table> 1665 <col width="19%"> 1666 <col width="20%"> 1667 <col width="10%"> 1668 <col width="23%"> 1669 <col width="17%"> 1670 <tr> 1671 <th>CVE</th> 1672 <th></th> 1673 <th></th> 1674 <th> Google </th> 1675 <th> </th> 1676 </tr> 1677 <tr> 1678 <td>CVE-2015-7872</td> 1679 <td>A-31253168<br> 1680 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> 1681 </a></td> 1682 <td></td> 1683 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, 1684 Pixel XL</td> 1685 <td>2016 8 31</td> 1686 </tr> 1687 </table> 1688 1689 1690 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 1691 </h3> 1692 <p> 1693 Synaptics 1694 1695 . 1696 . 1697 </p> 1698 1699 <table> 1700 <col width="19%"> 1701 <col width="20%"> 1702 <col width="10%"> 1703 <col width="23%"> 1704 <col width="17%"> 1705 <tr> 1706 <th>CVE</th> 1707 <th></th> 1708 <th></th> 1709 <th> Google </th> 1710 <th> </th> 1711 </tr> 1712 <tr> 1713 <td>CVE-2016-8393</td> 1714 <td>A-31911920*</td> 1715 <td></td> 1716 <td>Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td> 1717 <td>2016 9 8</td> 1718 </tr> 1719 <tr> 1720 <td>CVE-2016-8394</td> 1721 <td>A-31913197*</td> 1722 <td></td> 1723 <td>Nexus 9, Android One</td> 1724 <td>2016 9 8</td> 1725 </tr> 1726 </table> 1727 <p> 1728 * . 1729 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1730 . 1731 </p> 1732 1733 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 1734 </h3> 1735 <p> 1736 Broadcom Wi-Fi 1737 1738 . 1739 . 1740 </p> 1741 1742 <table> 1743 <col width="19%"> 1744 <col width="20%"> 1745 <col width="10%"> 1746 <col width="23%"> 1747 <col width="17%"> 1748 <tr> 1749 <th>CVE</th> 1750 <th></th> 1751 <th></th> 1752 <th> Google </th> 1753 <th> </th> 1754 </tr> 1755 <tr> 1756 <td>CVE-2014-9909</td> 1757 <td>A-31676542<br>B-RB#26684</td> 1758 <td></td> 1759 <td>*</td> 1760 <td>2016 9 21</td> 1761 </tr> 1762 <tr> 1763 <td>CVE-2014-9910</td> 1764 <td>A-31746399<br>B-RB#26710</td> 1765 <td></td> 1766 <td>*</td> 1767 <td>2016 9 26</td> 1768 </tr> 1769 </table> 1770 <p> 1771 * Android 7.0 Google 1772 . 1773 </p> 1774 1775 1776 <h3 id="id-in-mediatek-video-driver">MediaTek 1777 </h3> 1778 <p> 1779 MediaTek 1780 . 1781 1782 . 1783 </p> 1784 1785 <table> 1786 <col width="19%"> 1787 <col width="20%"> 1788 <col width="10%"> 1789 <col width="23%"> 1790 <col width="17%"> 1791 <tr> 1792 <th>CVE</th> 1793 <th></th> 1794 <th></th> 1795 <th> Google </th> 1796 <th> </th> 1797 </tr> 1798 <tr> 1799 <td>CVE-2016-8396</td> 1800 <td>A-31249105</td> 1801 <td></td> 1802 <td>*</td> 1803 <td>2016 8 26</td> 1804 </tr> 1805 </table> 1806 <p> 1807 * Android 7.0 Google 1808 . 1809 </p> 1810 1811 1812 <h3 id="id-in-nvidia-video-driver">NVIDIA 1813 </h3> 1814 <p> 1815 NVIDIA 1816 . 1817 1818 . 1819 </p> 1820 1821 <table> 1822 <col width="19%"> 1823 <col width="20%"> 1824 <col width="10%"> 1825 <col width="23%"> 1826 <col width="17%"> 1827 <tr> 1828 <th>CVE</th> 1829 <th></th> 1830 <th></th> 1831 <th> Google </th> 1832 <th> </th> 1833 </tr> 1834 <tr> 1835 <td>CVE-2016-8397</td> 1836 <td>A-31385953*<br> 1837 N-CVE-2016-8397</td> 1838 <td></td> 1839 <td>Nexus 9</td> 1840 <td>2016 9 8</td> 1841 </tr> 1842 </table> 1843 <p> 1844 * . 1845 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1846 . 1847 </p> 1848 1849 <h3 id="dos-in-gps">GPS (DoS) </h3> 1850 <p> 1851 Qualcomm GPS (DoS) 1852 . 1853 . 1854 </p> 1855 1856 <table> 1857 <col width="19%"> 1858 <col width="20%"> 1859 <col width="10%"> 1860 <col width="23%"> 1861 <col width="17%"> 1862 <tr> 1863 <th>CVE</th> 1864 <th></th> 1865 <th></th> 1866 <th> Google </th> 1867 <th> </th> 1868 </tr> 1869 <tr> 1870 <td>CVE-2016-5341</td> 1871 <td>A-31470303*</td> 1872 <td></td> 1873 <td>Nexus 6, Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, 1874 Pixel XL</td> 1875 <td>2016 6 21</td> 1876 </tr> 1877 </table> 1878 <p> 1879 * . 1880 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1881 . 1882 </p> 1883 1884 <h3 id="dos-in-nvidia-camera-driver">NVIDIA 1885 (DoS) </h3> 1886 <p> 1887 NVIDIA (DoS) 1888 , 1889 . 1890 . 1891 </p> 1892 1893 <table> 1894 <col width="19%"> 1895 <col width="20%"> 1896 <col width="10%"> 1897 <col width="23%"> 1898 <col width="17%"> 1899 <tr> 1900 <th>CVE</th> 1901 <th></th> 1902 <th></th> 1903 <th> Google </th> 1904 <th> </th> 1905 </tr> 1906 <tr> 1907 <td>CVE-2016-8395</td> 1908 <td>A-31403040* 1909 <br>N-CVE-2016-8395</td> 1910 <td></td> 1911 <td>Pixel C</td> 1912 <td>2016 9 9</td> 1913 </tr> 1914 </table> 1915 <p> 1916 * . 1917 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1918 . 1919 </p> 1920 1921 <h3 id="eop-in-kernel-networking-subsystem"> 1922 </h3> 1923 <p> 1924 1925 1926 . 1927 , 1928 . 1929 </p> 1930 1931 <table> 1932 <col width="19%"> 1933 <col width="20%"> 1934 <col width="10%"> 1935 <col width="23%"> 1936 <col width="17%"> 1937 <tr> 1938 <th>CVE</th> 1939 <th></th> 1940 <th></th> 1941 <th> Google </th> 1942 <th> </th> 1943 </tr> 1944 <tr> 1945 <td>CVE-2016-8399</td> 1946 <td>A-31349935*</td> 1947 <td></td> 1948 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 1949 Player, Pixel, Pixel XL</td> 1950 <td>2016 9 5</td> 1951 </tr> 1952 </table> 1953 <p> 1954 * . 1955 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 1956 . 1957 </p> 1958 1959 <h3 id="id-in-qualcomm-components">Qualcomm 1960 </h3> 1961 <p> 1962 Qualcomm 1963 1964 . 1965 . 1966 </p> 1967 1968 <table> 1969 <col width="19%"> 1970 <col width="20%"> 1971 <col width="10%"> 1972 <col width="23%"> 1973 <col width="17%"> 1974 <tr> 1975 <th>CVE</th> 1976 <th></th> 1977 <th></th> 1978 <th> Google </th> 1979 <th> </th> 1980 </tr> 1981 <tr> 1982 <td>CVE-2016-6756</td> 1983 <td>A-29464815<br> 1984 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> 1985 QC-CR#1042068</a> 1986 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> 1987 <td></td> 1988 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 1989 <td>2016 6 17</td> 1990 </tr> 1991 <tr> 1992 <td>CVE-2016-6757</td> 1993 <td>A-30148242<br> 1994 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> 1995 QC-CR#1052821</a></td> 1996 <td></td> 1997 <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> 1998 <td>2016 7 13</td> 1999 </tr> 2000 </table> 2001 2002 2003 <h3 id="id-in-nvidia-librm-library">NVIDIA librm 2004 </h3> 2005 <p> 2006 NVIDIA librm (libnvrm) 2007 2008 . 2009 . 2010 </p> 2011 2012 <table> 2013 <col width="19%"> 2014 <col width="20%"> 2015 <col width="10%"> 2016 <col width="23%"> 2017 <col width="17%"> 2018 <tr> 2019 <th>CVE</th> 2020 <th></th> 2021 <th></th> 2022 <th> Google </th> 2023 <th> </th> 2024 </tr> 2025 <tr> 2026 <td>CVE-2016-8400</td> 2027 <td>A-31251599* 2028 <br>N-CVE-2016-8400</td> 2029 <td></td> 2030 <td>Pixel C</td> 2031 <td>2016 8 29</td> 2032 </tr> 2033 </table> 2034 <p> 2035 * . 2036 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2037 . 2038 </p> 2039 2040 <h3 id="id-in-kernel-components"> 2041 </h3> 2042 <p> 2043 ION , Binder, USB , 2044 2045 . 2046 2047 . 2048 </p> 2049 2050 <table> 2051 <col width="19%"> 2052 <col width="20%"> 2053 <col width="10%"> 2054 <col width="23%"> 2055 <col width="17%"> 2056 <tr> 2057 <th>CVE</th> 2058 <th></th> 2059 <th></th> 2060 <th> Google </th> 2061 <th> </th> 2062 </tr> 2063 <tr> 2064 <td>CVE-2016-8401</td> 2065 <td>A-31494725*</td> 2066 <td></td> 2067 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2068 Player, Pixel, Pixel XL</td> 2069 <td>2016 9 13</td> 2070 </tr> 2071 <tr> 2072 <td>CVE-2016-8402</td> 2073 <td>A-31495231*</td> 2074 <td></td> 2075 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2076 Player, Pixel, Pixel XL</td> 2077 <td>2016 9 13</td> 2078 </tr> 2079 <tr> 2080 <td>CVE-2016-8403</td> 2081 <td>A-31495348*</td> 2082 <td></td> 2083 <td>Nexus 9</td> 2084 <td>2016 9 13</td> 2085 </tr> 2086 <tr> 2087 <td>CVE-2016-8404</td> 2088 <td>A-31496950*</td> 2089 <td></td> 2090 <td>Nexus 9</td> 2091 <td>2016 9 13</td> 2092 </tr> 2093 <tr> 2094 <td>CVE-2016-8405</td> 2095 <td>A-31651010*</td> 2096 <td></td> 2097 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2098 Player, Pixel, Pixel XL</td> 2099 <td>2016 9 21</td> 2100 </tr> 2101 <tr> 2102 <td>CVE-2016-8406</td> 2103 <td>A-31796940*</td> 2104 <td></td> 2105 <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus 2106 Player, Pixel, Pixel XL</td> 2107 <td>2016 9 27</td> 2108 </tr> 2109 <tr> 2110 <td>CVE-2016-8407</td> 2111 <td>A-31802656*</td> 2112 <td></td> 2113 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> 2114 <td>2016 9 28</td> 2115 </tr> 2116 </table> 2117 <p> 2118 * . 2119 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2120 . 2121 </p> 2122 2123 <h3 id="id-in-nvidia-video-driver-2">NVIDIA 2124 </h3> 2125 <p> 2126 NVIDIA 2127 . 2128 2129 2130 . 2131 </p> 2132 2133 <table> 2134 <col width="19%"> 2135 <col width="20%"> 2136 <col width="10%"> 2137 <col width="23%"> 2138 <col width="17%"> 2139 <tr> 2140 <th>CVE</th> 2141 <th></th> 2142 <th></th> 2143 <th> Google </th> 2144 <th> </th> 2145 </tr> 2146 <tr> 2147 <td>CVE-2016-8408</td> 2148 <td>A-31496571* 2149 <br>N-CVE-2016-8408</td> 2150 <td></td> 2151 <td>Nexus 9</td> 2152 <td>2016 9 13</td> 2153 </tr> 2154 <tr> 2155 <td>CVE-2016-8409</td> 2156 <td>A-31495687* 2157 <br>N-CVE-2016-8409</td> 2158 <td></td> 2159 <td>Nexus 9</td> 2160 <td>2016 9 13</td> 2161 </tr> 2162 </table> 2163 <p> 2164 * . 2165 <a href="https://developers.google.com/android/nexus/drivers">Google </a> Google 2166 . 2167 </p> 2168 2169 <h3 id="id-in-qualcomm-sound-driver">Qualcomm 2170 </h3> 2171 <p> 2172 Qualcomm 2173 . 2174 . 2175 </p> 2176 2177 <table> 2178 <col width="19%"> 2179 <col width="20%"> 2180 <col width="10%"> 2181 <col width="23%"> 2182 <col width="17%"> 2183 <tr> 2184 <th>CVE</th> 2185 <th></th> 2186 <th></th> 2187 <th> Google </th> 2188 <th> </th> 2189 </tr> 2190 <tr> 2191 <td>CVE-2016-8410</td> 2192 <td>A-31498403<br> 2193 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> 2194 QC-CR#987010</a></td> 2195 <td></td> 2196 <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td> 2197 <td>Google </td> 2198 </tr> 2199 </table> 2200 2201 <h2 id="common-questions-and-answers"> </h2> 2202 <p> 2203 . 2204 </p> 2205 <p> 2206 <strong>1. ? 2207 </strong> 2208 </p> 2209 <p> 2210 2211 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 2212 . 2213 </p> 2214 <ul> 2215 <li>2016-12-01 2016-12-01 2216 .</li> 2217 <li>2016-12-05 2218 2016-12-05 .</li> 2219 </ul> 2220 <p> 2221 2222 . 2223 </p> 2224 <ul> 2225 <li>[ro.build.version.security_patch]:[2016-12-01]</li> 2226 <li>[ro.build.version.security_patch]:[2016-12-05]</li> 2227 </ul> 2228 <p> 2229 <strong>2. ?</strong> 2230 </p> 2231 <p> 2232 Android Android 2233 2234 . Android 2235 . 2236 </p> 2237 <ul> 2238 <li>2016 12 1 2239 2240 .</li> 2241 <li>2016 12 5 2242 2243 .</li> 2244 </ul> 2245 <p> 2246 . 2247 </p> 2248 <p> 2249 <strong>3. Google ?</strong> 2250 </p> 2251 <p> 2252 <a href="#2016-12-01-details">2016 12 1</a> <a href="#2016-12-05-details">2016 12 5</a> <em> Google </em> . Google . . 2253 </p> 2254 <ul> 2255 <li><strong> Google </strong>: Google Pixel 2256 <em> Google </em> 2257 '' . '' <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a> 2258 . Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9, 2259 Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> 2260 <li><strong> Google </strong>: Google 2261 , Google <em> Google </em> 2262 .</li> 2263 <li><strong>Google </strong>: Android 7.0 Google 2264 , <em> Google </em> '' 2265 .</li> 2266 </ul> 2267 <p> 2268 <strong>4. ?</strong> 2269 </p> 2270 <p> 2271 <em></em> 2272 . 2273 . 2274 </p> 2275 <table> 2276 <tr> 2277 <th></th> 2278 <th> </th> 2279 </tr> 2280 <tr> 2281 <td>A-</td> 2282 <td>Android ID</td> 2283 </tr> 2284 <tr> 2285 <td>QC-</td> 2286 <td>Qualcomm </td> 2287 </tr> 2288 <tr> 2289 <td>M-</td> 2290 <td>MediaTek </td> 2291 </tr> 2292 <tr> 2293 <td>N-</td> 2294 <td>NVIDIA </td> 2295 </tr> 2296 <tr> 2297 <td>B-</td> 2298 <td>Broadcom </td> 2299 </tr> 2300 </table> 2301 <h2 id="revisions"> </h2> 2302 <ul> 2303 <li>2016 12 5: </li> 2304 <li>2016 12 7: AOSP 2305 CVE-2016-6915, CVE-2016-6916, CVE-2016-6917 </li> 2306 </ul> 2307 2308 </body> 2309 </html> 2310
