Home | History | Annotate | Download | only in bulletin
      1 <html devsite>
      2   <head>
      3     <title>Android  2017 1</title>
      4     <meta name="project_path" value="/_project.yaml" />
      5     <meta name="book_path" value="/_book.yaml" />
      6   </head>
      7   <body>
      8   <!--
      9       Copyright 2017 The Android Open Source Project
     10 
     11       Licensed under the Apache License, Version 2.0 (the "License");
     12       you may not use this file except in compliance with the License.
     13       You may obtain a copy of the License at
     14 
     15           http://www.apache.org/licenses/LICENSE-2.0
     16 
     17       Unless required by applicable law or agreed to in writing, software
     18       distributed under the License is distributed on an "AS IS" BASIS,
     19       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     20       See the License for the specific language governing permissions and
     21       limitations under the License.
     22   -->
     23 
     24 
     25 <p><em>2017 1 3  | 2017 1 5 </em></p>
     26 
     27 <p>Android   Android     
     28  .   (OTA)  
     29 Google    . Google   
     30 <a href="https://developers.google.com/android/nexus/images">Google  </a> .    2017 1 5
     31      . <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus  </a>
     32        .</p>
     33 
     34 <p>    2016 12 5  .       Android  (AOSP) 
     35 ,    .
     36 
     37   AOSP     .</p>
     38 
     39 <p>        
     40   , MMS      
     41         .</p>
     42 
     43 <p>        
     44  . <a href="#mitigations">SafetyNet</a>  Android   
     45 <a href="/security/enhancements/index.html">Android   </a>     
     46   <a href="https://developer.android.com/training/safetynet/index.html">Android  Google  </a>  .</p>
     47 
     48 <p>       .</p>
     49 
     50 <h2 id="announcements"></h2>
     51 <ul>
     52   <li>  Android   Android   
     53          
     54          .
     55    <a href="#common-questions-and-answers">   </a>
     56   .
     57    <ul>
     58      <li><strong>2017-01-01</strong>:     . 
     59         2017-01-01       
     60         .</li>
     61      <li><strong>2017-01-05</strong>:     . 
     62         2017-01-01 2017-01-05       
     63          .</li>
     64    </ul>
     65   </li>
     66   <li> Google  2017 1 5     OTA
     67     .</li>
     68 </ul>
     69 <h2 id="security-vulnerability-summary">  </h2>
     70 <p>    ,     ID(CVE),
     71    Google    
     72  . <a href="/security/overview/updates-resources.html#severity"> </a>
     73         
     74          
     75  .</p>
     76 
     77 <h3 id="2017-01-01-summary">2017-01-01
     78    </h3>
     79 <p>  2017-01-01     .</p>
     80 
     81 <table>
     82   <col width="55%">
     83   <col width="20%">
     84   <col width="13%">
     85   <col width="12%">
     86   <tr>
     87    <th></th>
     88    <th>CVE</th>
     89    <th></th>
     90    <th>Google   </th>
     91   </tr>
     92   <tr>
     93    <td>c-ares    </td>
     94    <td>CVE-2016-5180</td>
     95    <td></td>
     96    <td></td>
     97   </tr>
     98   <tr>
     99    <td>Framesequence    </td>
    100    <td>CVE-2017-0382</td>
    101    <td></td>
    102    <td></td>
    103   </tr>
    104   <tr>
    105    <td> API   </td>
    106    <td>CVE-2017-0383</td>
    107    <td></td>
    108    <td></td>
    109   </tr>
    110   <tr>
    111    <td>    </td>
    112    <td>CVE-2017-0384, CVE-2017-0385</td>
    113    <td></td>
    114    <td></td>
    115   </tr>
    116   <tr>
    117    <td>libnl   </td>
    118    <td>CVE-2017-0386</td>
    119    <td></td>
    120    <td></td>
    121   </tr>
    122   <tr>
    123    <td>    </td>
    124    <td>CVE-2017-0387</td>
    125    <td></td>
    126    <td></td>
    127   </tr>
    128   <tr>
    129    <td>     </td>
    130    <td>CVE-2017-0388</td>
    131    <td></td>
    132    <td></td>
    133   </tr>
    134   <tr>
    135    <td>   (DoS) </td>
    136    <td>CVE-2017-0389</td>
    137    <td></td>
    138    <td></td>
    139   </tr>
    140   <tr>
    141    <td>   (DoS) </td>
    142    <td>CVE-2017-0390, CVE-2017-0391, CVE-2017-0392, CVE-2017-0393</td>
    143    <td></td>
    144    <td></td>
    145   </tr>
    146   <tr>
    147    <td>   (DoS) </td>
    148    <td>CVE-2017-0394</td>
    149    <td></td>
    150    <td></td>
    151   </tr>
    152   <tr>
    153    <td>   </td>
    154    <td>CVE-2017-0395</td>
    155    <td></td>
    156    <td></td>
    157   </tr>
    158   <tr>
    159    <td>    </td>
    160    <td>CVE-2017-0381, CVE-2017-0396, CVE-2017-0397</td>
    161    <td></td>
    162    <td></td>
    163   </tr>
    164   <tr>
    165    <td>    </td>
    166    <td>CVE-2017-0398, CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td>
    167    <td></td>
    168    <td></td>
    169   </tr>
    170 </table>
    171 
    172 <h3 id="2017-01-05-summary">2017-01-05    </h3>
    173 <p>2017-01-01     2017-01-05
    174     .</p>
    175 
    176 <table>
    177   <col width="55%">
    178   <col width="20%">
    179   <col width="13%">
    180   <col width="12%">
    181   <tr>
    182    <th></th>
    183    <th>CVE</th>
    184    <th></th>
    185    <th>Google   </th>
    186   </tr>
    187   <tr>
    188    <td>      </td>
    189    <td>CVE-2015-3288</td>
    190    <td></td>
    191    <td></td>
    192   </tr>
    193   <tr>
    194    <td>Qualcomm    </td>
    195    <td>CVE-2016-8422, CVE-2016-8423</td>
    196    <td></td>
    197    <td></td>
    198   </tr>
    199   <tr>
    200    <td>     </td>
    201    <td>CVE-2015-5706</td>
    202    <td></td>
    203    <td>*</td>
    204   </tr>
    205   <tr>
    206    <td>NVIDIA GPU    </td>
    207    <td>CVE-2016-8424, CVE-2016-8425, CVE-2016-8426, CVE-2016-8482,
    208        CVE-2016-8427, CVE-2016-8428, CVE-2016-8429, CVE-2016-8430,
    209        CVE-2016-8431, CVE-2016-8432</td>
    210    <td></td>
    211    <td></td>
    212   </tr>
    213   <tr>
    214    <td>MediaTek    </td>
    215    <td>CVE-2016-8433</td>
    216    <td></td>
    217    <td>*</td>
    218   </tr>
    219   <tr>
    220    <td>Qualcomm GPU    </td>
    221    <td>CVE-2016-8434</td>
    222    <td></td>
    223    <td></td>
    224   </tr>
    225   <tr>
    226    <td>NVIDIA GPU    </td>
    227    <td>CVE-2016-8435</td>
    228    <td></td>
    229    <td></td>
    230   </tr>
    231   <tr>
    232    <td>Qualcomm     </td>
    233    <td>CVE-2016-8436</td>
    234    <td></td>
    235    <td>*</td>
    236   </tr>
    237   <tr>
    238    <td>Qualcomm  </td>
    239    <td>CVE-2016-5080, CVE-2016-8398, CVE-2016-8437, CVE-2016-8438,
    240        CVE-2016-8439, CVE-2016-8440, CVE-2016-8441, CVE-2016-8442,
    241        CVE-2016-8443, CVE-2016-8459</td>
    242    <td></td>
    243    <td>*</td>
    244   </tr>
    245   <tr>
    246    <td>Qualcomm    </td>
    247    <td>CVE-2016-8412, CVE-2016-8444</td>
    248    <td></td>
    249    <td></td>
    250   </tr>
    251   <tr>
    252    <td>MediaTek    </td>
    253    <td>CVE-2016-8445, CVE-2016-8446, CVE-2016-8447, CVE-2016-8448</td>
    254    <td></td>
    255    <td>*</td>
    256   </tr>
    257   <tr>
    258    <td>Qualcomm Wi-Fi    </td>
    259    <td>CVE-2016-8415</td>
    260    <td></td>
    261    <td></td>
    262   </tr>
    263   <tr>
    264    <td>NVIDIA GPU    </td>
    265    <td>CVE-2016-8449</td>
    266    <td></td>
    267    <td></td>
    268   </tr>
    269   <tr>
    270    <td>Qualcomm     </td>
    271    <td>CVE-2016-8450</td>
    272    <td></td>
    273    <td></td>
    274   </tr>
    275   <tr>
    276    <td>Synaptics     </td>
    277    <td>CVE-2016-8451</td>
    278    <td></td>
    279    <td>*</td>
    280   </tr>
    281   <tr>
    282    <td>      </td>
    283    <td>CVE-2016-7042</td>
    284    <td></td>
    285    <td></td>
    286   </tr>
    287   <tr>
    288    <td>      </td>
    289    <td>CVE-2017-0403</td>
    290    <td></td>
    291    <td></td>
    292   </tr>
    293   <tr>
    294    <td>      </td>
    295    <td>CVE-2017-0404</td>
    296    <td></td>
    297    <td></td>
    298   </tr>
    299   <tr>
    300    <td>Qualcomm Wi-Fi    </td>
    301    <td>CVE-2016-8452</td>
    302    <td></td>
    303    <td></td>
    304   </tr>
    305   <tr>
    306    <td>Qualcomm     </td>
    307    <td>CVE-2016-5345</td>
    308    <td></td>
    309    <td></td>
    310   </tr>
    311   <tr>
    312    <td>      </td>
    313    <td>CVE-2016-9754</td>
    314    <td></td>
    315    <td></td>
    316   </tr>
    317   <tr>
    318    <td>Broadcom Wi-Fi    </td>
    319    <td>CVE-2016-8453, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457</td>
    320    <td></td>
    321    <td></td>
    322   </tr>
    323   <tr>
    324    <td>Synaptics     </td>
    325    <td>CVE-2016-8458</td>
    326    <td></td>
    327    <td></td>
    328   </tr>
    329   <tr>
    330    <td>NVIDIA     </td>
    331    <td>CVE-2016-8460</td>
    332    <td></td>
    333    <td></td>
    334   </tr>
    335   <tr>
    336    <td>   </td>
    337    <td>CVE-2016-8461, CVE-2016-8462</td>
    338    <td></td>
    339    <td></td>
    340   </tr>
    341   <tr>
    342    <td>Qualcomm FUSE    (DoS) </td>
    343    <td>CVE-2016-8463</td>
    344    <td></td>
    345    <td>*</td>
    346   </tr>
    347   <tr>
    348    <td>  (DoS) </td>
    349    <td>CVE-2016-8467</td>
    350    <td></td>
    351    <td></td>
    352   </tr>
    353   <tr>
    354    <td>Broadcom Wi-Fi    </td>
    355    <td>CVE-2016-8464, CVE-2016-8465, CVE-2016-8466</td>
    356    <td></td>
    357    <td></td>
    358   </tr>
    359   <tr>
    360    <td>   </td>
    361    <td>CVE-2016-8467</td>
    362    <td></td>
    363    <td></td>
    364   </tr>
    365   <tr>
    366    <td>Binder   </td>
    367    <td>CVE-2016-8468</td>
    368    <td></td>
    369    <td></td>
    370   </tr>
    371   <tr>
    372    <td>NVIDIA     </td>
    373    <td>CVE-2016-8469</td>
    374    <td></td>
    375    <td></td>
    376   </tr>
    377   <tr>
    378    <td>MediaTek    </td>
    379    <td>CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</td>
    380    <td></td>
    381    <td>*</td>
    382   </tr>
    383   <tr>
    384    <td>STMicroelectronics    </td>
    385    <td>CVE-2016-8473, CVE-2016-8474</td>
    386    <td></td>
    387    <td></td>
    388   </tr>
    389   <tr>
    390    <td>Qualcomm      </td>
    391    <td>CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td>
    392    <td></td>
    393    <td></td>
    394   </tr>
    395   <tr>
    396    <td>HTC     </td>
    397    <td>CVE-2016-8475</td>
    398    <td></td>
    399    <td></td>
    400   </tr>
    401   <tr>
    402    <td>    (DoS) </td>
    403    <td>CVE-2014-9420</td>
    404    <td></td>
    405    <td></td>
    406   </tr>
    407 </table>
    408 <p>*  Android 7.0  Google      
    409    .</p>
    410 
    411 <h2 id="mitigations">Android  Google 
    412 </h2>
    413 <p> SafetyNet  <a href="/security/enhancements/index.html">Android  </a> 
    414       .
    415    Android   
    416    .</p>
    417 <ul>
    418   <li>Android      Android  
    419     .      Android
    420     .</li>
    421   <li>Android  <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">   </a>
    422      
    423   <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">   SafetyNet</a> 
    424     .   <a href="http://www.android.com/gms">Google  </a>     
    425    Google Play      . Google
    426   Play      
    427          
    428      .   
    429          
    430    .        
    431        .</li>
    432   <li>  Google       
    433      .</li>
    434 </ul>
    435 <h2 id="acknowledgements"> </h2>
    436 <p>    .</p>
    437 <ul>
    438   <li>Alexandru Blanda: CVE-2017-0390</li>
    439   <li>Copperhead Security Daniel Micay: CVE-2017-0397</li>
    440   <li>Tencent Xuanwu Lab
    441   Daxing Guo(<a href="https://twitter.com/freener0">@freener0</a>): CVE-2017-0386</li>
    442   <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2017-0392</li>
    443   <li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)
    444 Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-8412,
    445   CVE-2016-8444, CVE-2016-8427, CVE-2017-0403</li>
    446   <li>Shellphish Grill Team donfos(Aravind Machiry), UC Santa Barbara:
    447   CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</li>
    448   <li><a href="http://www.ms509.com">MS509Team</a> En He(<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>): CVE-2017-0394</li>
    449   <li>Qihoo 360 Technology Co. Ltd.
    450 IceSword Lab Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 
    451 <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8464</li>
    452   <li>Google WebM: CVE-2017-0393</li>
    453   <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. Alpha
    454   Guang Gong()(<a href="http://twitter.com/oldfresher">@oldfresher</a>)
    455 : CVE-2017-0387</li>
    456   <li>Qihoo 360 Technology Co. Ltd Alpha Team Hao Chen, Guang Gong:
    457   CVE-2016-8415, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457,
    458   CVE-2016-8465</li>
    459   <li>Qihoo 360 IceSword Lab Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)  <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8475</li>
    460   <li>Jon Sawyer(<a href="http://twitter.com/jcase">@jcase</a>)  Sean Beaupre
    461   (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>): CVE-2016-8462</li>
    462   <li>Jon Sawyer(<a href="http://twitter.com/jcase">@jcase</a>), Sean Beaupre(<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>), Ben Actis(<a href="https://twitter.com/ben_ra">@Ben_RA</a>): CVE-2016-8461</li>
    463   <li><a href="http://c0reteam.org">C0RE Team</a> Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0383</li>
    464   <li>Monk Avel: CVE-2017-0396, CVE-2017-0399</li>
    465   <li>Trend Micro Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-8469, CVE-2016-8424, CVE-2016-8428, CVE-2016-8429,
    466   CVE-2016-8460, CVE-2016-8473, CVE-2016-8474</li>
    467   <li>Tencent KeenLab()
    468   Qidan He()(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2017-0382</li>
    469   <li>IBM Security X-Force Roee Hay, Michael Goberman: CVE-2016-8467</li>
    470   <li>Trend Micro Mobile Threat Research Team
    471   Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-8466</li>
    472   <li>Stephen Morrow: CVE-2017-0389</li>
    473   <li>Mobile Threat Research Team, <a href="http://www.trendmicro.com">Trend Micro</a>
    474   V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0381</li>
    475   <li>Alibaba Inc. Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>):
    476   CVE-2017-0391</li>
    477   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0402, CVE-2017-0398</li>
    478   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0400</li>
    479   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, <a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0384, CVE-2017-0385</li>
    480   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>, Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2017-0401</li>
    481   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a>, <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-8431, CVE-2016-8432,
    482   CVE-2016-8435</li>
    483   <li>Alibaba Inc. Yong Wang()(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>), 
    484   Jun Cheng: CVE-2017-0404</li>
    485   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-8425, CVE-2016-8426,
    486   CVE-2016-8449</li>
    487   <li><a href="http://c0reteam.org">C0RE Team</a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:bigwyfone (a] gmail.com">Yanfeng Wang</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-8430, CVE-2016-8482</li>
    488   <li>Tencent Security Platform Department
    489   Yuxiang Li(<a href="https://twitter.com/xbalien29">@Xbalien29</a>): CVE-2017-0395</li>
    490   <li><a href="https://twitter.com/0xr0ot">Cheetah Mobile</a> Security Research Lab
    491  Zhanpeng Zhao()(<a href="http://www.cmcm.com/">@0xr0ot</a>):
    492   CVE-2016-8451</li>
    493 </ul>
    494 <p>      
    495 .</p>
    496 <ul>
    497   <li>Alibaba Mobile Security Group Baozeng Ding, Chengming Yang, Peng Xiao, Ning You, Yang Dong, Chao Yang, Yi Zhang, Yang Song</li>
    498   <li>Trend Micro Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>)</li>
    499   <li>Google Zubin Mithra</li>
    500 </ul>
    501 
    502 <h2 id="2017-01-01-details">2017-01-01   
    503 </h2>
    504 <p>
    505    <a href="#2017-01-01-summary">2017-01-01   
    506  </a>    
    507   .
    508    ,    CVE,
    509  , ,  Google ,
    510  AOSP ( ),   
    511   .  
    512 AOSP         ID
    513 .        
    514   ID     .</p>
    515 
    516 
    517 <h3 id="rce-in-c-ares">c-ares    </h3>
    518 <p>
    519 c-ares         
    520           
    521 .    
    522          .
    523 </p>
    524 
    525 <table>
    526   <col width="18%">
    527   <col width="17%">
    528   <col width="10%">
    529   <col width="19%">
    530   <col width="18%">
    531   <col width="17%">
    532   <tr>
    533     <th>CVE</th>
    534     <th></th>
    535     <th></th>
    536     <th> Google </th>
    537     <th> AOSP </th>
    538     <th> </th>
    539   </tr>
    540   <tr>
    541     <td>CVE-2016-5180</td>
    542     <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677">
    543         A-32205736</a></td>
    544     <td></td>
    545     <td></td>
    546     <td>7.0</td>
    547     <td>2016 9 29</td>
    548   </tr>
    549 </table>
    550 
    551 
    552 <h3 id="rce-vulnerability-in-framesequence">Framesequence
    553    </h3>
    554 <p>
    555 Framesequence        
    556         
    557     .   Framesequence 
    558       
    559   .
    560 </p>
    561 <table>
    562   <col width="18%">
    563   <col width="17%">
    564   <col width="10%">
    565   <col width="19%">
    566   <col width="18%">
    567   <col width="17%">
    568   <tr>
    569    <th>CVE</th>
    570    <th></th>
    571    <th></th>
    572    <th> Google </th>
    573    <th> AOSP </th>
    574    <th> </th>
    575   </tr>
    576   <tr>
    577    <td>CVE-2017-0382</td>
    578    <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7">
    579        A-32338390</a></td>
    580    <td></td>
    581    <td></td>
    582    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    583    <td>2016 10 21</td>
    584   </tr>
    585 </table>
    586 <h3 id="eop-in-framework-apis"> API
    587   </h3>
    588 <p>
    589  API       
    590         
    591 .         
    592          
    593 .
    594 </p>
    595 <table>
    596   <col width="18%">
    597   <col width="17%">
    598   <col width="10%">
    599   <col width="19%">
    600   <col width="18%">
    601   <col width="17%">
    602   <tr>
    603    <th>CVE</th>
    604    <th></th>
    605    <th></th>
    606    <th> Google </th>
    607    <th> AOSP </th>
    608    <th> </th>
    609   </tr>
    610   <tr>
    611    <td>CVE-2017-0383</td>
    612    <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266">
    613        A-31677614</a></td>
    614    <td></td>
    615    <td></td>
    616    <td>7.0, 7.1.1</td>
    617    <td>2016 9 21</td>
    618   </tr>
    619 </table>
    620 <h3 id="eop-in-audioserver"> 
    621   </h3>
    622 <p>
    623         
    624         
    625 .         
    626          
    627 .
    628 </p>
    629 <table>
    630   <col width="18%">
    631   <col width="17%">
    632   <col width="10%">
    633   <col width="19%">
    634   <col width="18%">
    635   <col width="17%">
    636   <tr>
    637    <th>CVE</th>
    638    <th></th>
    639    <th></th>
    640    <th> Google </th>
    641    <th> AOSP </th>
    642    <th> </th>
    643   </tr>
    644   <tr>
    645    <td>CVE-2017-0384</td>
    646    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">
    647        A-32095626</a></td>
    648    <td></td>
    649    <td></td>
    650    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    651    <td>2016 10 11</td>
    652   </tr>
    653   <tr>
    654    <td>CVE-2017-0385</td>
    655    <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358">
    656        A-32585400</a></td>
    657    <td></td>
    658    <td></td>
    659    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    660    <td>2016 10 11</td>
    661   </tr>
    662 </table>
    663 <h3 id="eop-in-libnl">libnl
    664   </h3>
    665 <p>
    666 libnl        
    667         
    668 .         
    669          
    670 .
    671 </p>
    672 <table>
    673   <col width="18%">
    674   <col width="17%">
    675   <col width="10%">
    676   <col width="19%">
    677   <col width="18%">
    678   <col width="17%">
    679   <tr>
    680    <th>CVE</th>
    681    <th></th>
    682    <th></th>
    683    <th> Google </th>
    684    <th> AOSP </th>
    685    <th> </th>
    686   </tr>
    687   <tr>
    688    <td>CVE-2017-0386</td>
    689    <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a">
    690        A-32255299</a></td>
    691    <td></td>
    692    <td></td>
    693    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    694    <td>2016 10 18</td>
    695   </tr>
    696 </table>
    697 <h3 id="eop-in-mediaserver"> 
    698   </h3>
    699 <p>
    700         
    701         
    702 .         
    703          
    704 .
    705 </p>
    706 <table>
    707   <col width="18%">
    708   <col width="17%">
    709   <col width="10%">
    710   <col width="19%">
    711   <col width="18%">
    712   <col width="17%">
    713   <tr>
    714    <th>CVE</th>
    715    <th></th>
    716    <th></th>
    717    <th> Google </th>
    718    <th> AOSP </th>
    719    <th> </th>
    720   </tr>
    721   <tr>
    722    <td>CVE-2017-0387</td>
    723    <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f">
    724        A-32660278</a></td>
    725    <td></td>
    726    <td></td>
    727    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    728    <td>2016 11 4</td>
    729   </tr>
    730 </table>
    731 <h3 id="id-in-external-storage-provider">  
    732   </h3>
    733 <p>
    734       
    735         SD 
    736    .        
    737     .
    738 </p>
    739 <table>
    740   <col width="18%">
    741   <col width="17%">
    742   <col width="10%">
    743   <col width="19%">
    744   <col width="18%">
    745   <col width="17%">
    746   <tr>
    747    <th>CVE</th>
    748    <th></th>
    749    <th></th>
    750    <th> Google </th>
    751    <th> AOSP </th>
    752    <th> </th>
    753   </tr>
    754   <tr>
    755    <td>CVE-2017-0388</td>
    756    <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9">
    757        A-32523490</a></td>
    758    <td></td>
    759    <td></td>
    760    <td>6.0, 6.0.1, 7.0, 7.1.1</td>
    761    <td>Google </td>
    762   </tr>
    763 </table>
    764 <h3 id="dos-in-core-networking"> 
    765  (DoS) </h3>
    766 <p>
    767           
    768        .  
    769         .
    770 </p>
    771 <table>
    772   <col width="18%">
    773   <col width="17%">
    774   <col width="10%">
    775   <col width="19%">
    776   <col width="18%">
    777   <col width="17%">
    778   <tr>
    779    <th>CVE</th>
    780    <th></th>
    781    <th></th>
    782    <th> Google </th>
    783    <th> AOSP </th>
    784    <th> </th>
    785   </tr>
    786   <tr>
    787    <td>CVE-2017-0389</td>
    788    <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7">
    789        A-31850211</a>
    790 [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 
    791 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td>
    792    <td></td>
    793    <td></td>
    794    <td>6.0, 6.0.1, 7.0, 7.1.1</td>
    795    <td>2016 7 20</td>
    796   </tr>
    797 </table>
    798 <h3 id="dos-in-mediaserver"> 
    799  (DoS) </h3>
    800 <p>
    801          
    802        .  
    803         .
    804 </p>
    805 <table>
    806   <col width="18%">
    807   <col width="17%">
    808   <col width="10%">
    809   <col width="19%">
    810   <col width="18%">
    811   <col width="17%">
    812   <tr>
    813    <th>CVE</th>
    814    <th></th>
    815    <th></th>
    816    <th> Google </th>
    817    <th> AOSP </th>
    818    <th> </th>
    819   </tr>
    820   <tr>
    821    <td>CVE-2017-0390</td>
    822    <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0">
    823        A-31647370</a></td>
    824    <td></td>
    825    <td></td>
    826    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    827    <td>2016 9 19</td>
    828   </tr>
    829   <tr>
    830    <td>CVE-2017-0391</td>
    831    <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f">
    832        A-32322258</a></td>
    833    <td></td>
    834    <td></td>
    835    <td>6.0, 6.0.1, 7.0, 7.1.1</td>
    836    <td>2016 10 20</td>
    837   </tr>
    838   <tr>
    839    <td>CVE-2017-0392</td>
    840    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c">
    841        A-32577290</a></td>
    842    <td></td>
    843    <td></td>
    844    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    845    <td>2016 10 29</td>
    846   </tr>
    847   <tr>
    848    <td>CVE-2017-0393</td>
    849    <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc">
    850        A-30436808</a></td>
    851    <td></td>
    852    <td></td>
    853    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    854    <td>Google </td>
    855   </tr>
    856 </table>
    857 <h3 id="dos-in-telephony"> 
    858  (DoS) </h3>
    859 <p>
    860        
    861      .  
    862         .
    863 </p>
    864 <table>
    865   <col width="18%">
    866   <col width="17%">
    867   <col width="10%">
    868   <col width="19%">
    869   <col width="18%">
    870   <col width="17%">
    871   <tr>
    872    <th>CVE</th>
    873    <th></th>
    874    <th></th>
    875    <th> Google </th>
    876    <th> AOSP </th>
    877    <th> </th>
    878   </tr>
    879   <tr>
    880    <td>CVE-2017-0394</td>
    881    <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d">
    882        A-31752213</a></td>
    883    <td></td>
    884    <td></td>
    885    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    886    <td>2016 9 23</td>
    887   </tr>
    888 </table>
    889 <h3 id="eop-in-contacts">
    890   </h3>
    891 <p>
    892        
    893      .  
    894   (     
    895     )     
    896   .
    897 </p>
    898 <table>
    899   <col width="18%">
    900   <col width="17%">
    901   <col width="10%">
    902   <col width="19%">
    903   <col width="18%">
    904   <col width="17%">
    905   <tr>
    906    <th>CVE</th>
    907    <th></th>
    908    <th></th>
    909    <th> Google </th>
    910    <th> AOSP </th>
    911    <th> </th>
    912   </tr>
    913   <tr>
    914    <td>CVE-2017-0395</td>
    915    <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b">
    916        A-32219099</a></td>
    917    <td></td>
    918    <td></td>
    919    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    920    <td>2016 10 15</td>
    921   </tr>
    922 </table>
    923 <h3 id="id-in-mediaserver"> 
    924   </h3>
    925 <p>
    926         
    927       .  
    928        
    929    .
    930 </p>
    931 <table>
    932   <col width="18%">
    933   <col width="17%">
    934   <col width="10%">
    935   <col width="19%">
    936   <col width="18%">
    937   <col width="17%">
    938   <tr>
    939    <th>CVE</th>
    940    <th></th>
    941    <th></th>
    942    <th> Google </th>
    943    <th> AOSP </th>
    944    <th> </th>
    945   </tr>
    946     <tr>
    947     <td>CVE-2017-0381</td>
    948     <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7">
    949         A-31607432</a></td>
    950     <td></td>
    951     <td></td>
    952     <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    953     <td>2016 9 18</td>
    954   </tr>
    955   <tr>
    956    <td>CVE-2017-0396</td>
    957    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7">
    958        A-31781965</a></td>
    959    <td></td>
    960    <td></td>
    961    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    962    <td>2016 9 27</td>
    963   </tr>
    964   <tr>
    965    <td>CVE-2017-0397</td>
    966    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c">
    967        A-32377688</a></td>
    968    <td></td>
    969    <td></td>
    970    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
    971    <td>2016 10 21</td>
    972   </tr>
    973 </table>
    974 <h3 id="id-in-audioserver"> 
    975   </h3>
    976 <p>
    977         
    978       .  
    979        
    980    .
    981 </p>
    982 <table>
    983   <col width="18%">
    984   <col width="17%">
    985   <col width="10%">
    986   <col width="19%">
    987   <col width="18%">
    988   <col width="17%">
    989   <tr>
    990    <th>CVE</th>
    991    <th></th>
    992    <th></th>
    993    <th> Google </th>
    994    <th> AOSP </th>
    995    <th> </th>
    996   </tr>
    997   <tr>
    998    <td>CVE-2017-0398</td>
    999    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">
   1000        A-32438594</a></td>
   1001    <td></td>
   1002    <td></td>
   1003    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1004    <td>2016 10 25</td>
   1005   </tr>
   1006   <tr>
   1007    <td>CVE-2017-0398</td>
   1008    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">
   1009        A-32635664</a></td>
   1010    <td></td>
   1011    <td></td>
   1012    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1013    <td>2016 10 25</td>
   1014   </tr>
   1015   <tr>
   1016    <td>CVE-2017-0398</td>
   1017    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">
   1018        A-32624850</a></td>
   1019    <td></td>
   1020    <td></td>
   1021    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1022    <td>2016 10 25</td>
   1023   </tr>
   1024   <tr>
   1025    <td>CVE-2017-0399</td>
   1026    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   1027        A-32247948</a>
   1028 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   1029    <td></td>
   1030    <td></td>
   1031    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1032    <td>2016 10 18</td>
   1033   </tr>
   1034   <tr>
   1035    <td>CVE-2017-0400</td>
   1036    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   1037        A-32584034</a>
   1038 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   1039    <td></td>
   1040    <td></td>
   1041    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1042    <td>2016 10 25</td>
   1043   </tr>
   1044   <tr>
   1045    <td>CVE-2017-0401</td>
   1046    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">
   1047        A-32448258</a></td>
   1048    <td></td>
   1049    <td></td>
   1050    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1051    <td>2016 10 26</td>
   1052   </tr>
   1053   <tr>
   1054    <td>CVE-2017-0402</td>
   1055    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   1056        A-32436341</a>
   1057 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   1058    <td></td>
   1059    <td></td>
   1060    <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   1061    <td>2016 10 25</td>
   1062   </tr>
   1063 </table>
   1064 
   1065 <h2 id="2017-01-05-details">2017-01-05   
   1066 </h2>
   1067 <p>
   1068   
   1069 <a href="#2017-01-05-summary">2017-01-05
   1070     </a>    
   1071    .   ,   
   1072 CVE,  , ,  Google ,
   1073  AOSP ( ),      .  
   1074 AOSP         ID
   1075 .        
   1076   ID     .</p>
   1077 
   1078 
   1079 <h3 id="eop-in-kernel-memory-subsystem">   
   1080   </h3>
   1081 <p>
   1082          
   1083        
   1084 .   
   1085         ,
   1086       .
   1087 </p>
   1088 
   1089 <table>
   1090   <col width="19%">
   1091   <col width="20%">
   1092   <col width="10%">
   1093   <col width="23%">
   1094   <col width="17%">
   1095   <tr>
   1096     <th>CVE</th>
   1097     <th></th>
   1098     <th></th>
   1099     <th> Google </th>
   1100     <th> </th>
   1101   </tr>
   1102   <tr>
   1103     <td>CVE-2015-3288</td>
   1104     <td>A-32460277<br>
   1105         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d">
   1106  </a></td>
   1107     <td></td>
   1108     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player, Pixel,
   1109 Pixel XL</td>
   1110     <td>2016 7 9</td>
   1111   </tr>
   1112 </table>
   1113 
   1114 
   1115 <h3 id="eop-in-qualcomm-bootloader">Qualcomm 
   1116   </h3>
   1117 <p>
   1118 Qualcomm     
   1119        
   1120   .   
   1121         ,
   1122       .
   1123 </p>
   1124 
   1125 <table>
   1126   <col width="19%">
   1127   <col width="20%">
   1128   <col width="10%">
   1129   <col width="23%">
   1130   <col width="17%">
   1131   <tr>
   1132     <th>CVE</th>
   1133     <th></th>
   1134     <th></th>
   1135     <th> Google </th>
   1136     <th> </th>
   1137   </tr>
   1138   <tr>
   1139     <td>CVE-2016-8422</td>
   1140     <td>A-31471220<br>
   1141         <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213">
   1142 QC-CR#979426</a></td>
   1143     <td></td>
   1144     <td>Nexus 6, Nexus 6P, Pixel, Pixel XL</td>
   1145     <td>2016 7 22</td>
   1146   </tr>
   1147   <tr>
   1148     <td>CVE-2016-8423</td>
   1149     <td>A-31399736<br>
   1150         <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867">
   1151 QC-CR#1000546</a></td>
   1152     <td></td>
   1153     <td>Nexus 6P, Pixel, Pixel XL</td>
   1154     <td>2016 8 24</td>
   1155   </tr>
   1156 </table>
   1157 
   1158 
   1159 <h3 id="eop-in-kernel-file-system">  
   1160   </h3>
   1161 <p>
   1162          
   1163       
   1164 .   
   1165         ,
   1166       .
   1167 </p>
   1168 
   1169 <table>
   1170   <col width="19%">
   1171   <col width="20%">
   1172   <col width="10%">
   1173   <col width="23%">
   1174   <col width="17%">
   1175   <tr>
   1176     <th>CVE</th>
   1177     <th></th>
   1178     <th></th>
   1179     <th> Google </th>
   1180     <th> </th>
   1181   </tr>
   1182   <tr>
   1183     <td>CVE-2015-5706</td>
   1184     <td>A-32289301<br>
   1185         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0">
   1186  </a></td>
   1187     <td></td>
   1188     <td>*</td>
   1189     <td>2016 8 1</td>
   1190   </tr>
   1191 </table>
   1192 <p>
   1193 *  Android 7.0  Google      
   1194    .
   1195 </p>
   1196 
   1197 
   1198 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 
   1199   </h3>
   1200 <p>
   1201 NVIDIA GPU     
   1202        
   1203   .   
   1204         ,
   1205       .
   1206 </p>
   1207 
   1208 <table>
   1209   <col width="19%">
   1210   <col width="20%">
   1211   <col width="10%">
   1212   <col width="23%">
   1213   <col width="17%">
   1214   <tr>
   1215     <th>CVE</th>
   1216     <th></th>
   1217     <th></th>
   1218     <th> Google </th>
   1219     <th> </th>
   1220   </tr>
   1221   <tr>
   1222     <td>CVE-2016-8424</td>
   1223     <td>A-31606947*<br>
   1224         N-CVE-2016-8424</td>
   1225     <td></td>
   1226     <td>Nexus 9</td>
   1227     <td>2016 9 17</td>
   1228   </tr>
   1229   <tr>
   1230     <td>CVE-2016-8425</td>
   1231     <td>A-31797770*<br>
   1232         N-CVE-2016-8425</td>
   1233     <td></td>
   1234     <td>Nexus 9</td>
   1235     <td>2016 9 28</td>
   1236   </tr>
   1237   <tr>
   1238     <td>CVE-2016-8426</td>
   1239     <td>A-31799206*<br>
   1240         N-CVE-2016-8426</td>
   1241     <td></td>
   1242     <td>Nexus 9</td>
   1243     <td>2016 9 28</td>
   1244   </tr>
   1245   <tr>
   1246     <td>CVE-2016-8482</td>
   1247     <td>A-31799863*<br>
   1248         N-CVE-2016-8482</td>
   1249     <td></td>
   1250     <td>Nexus 9</td>
   1251     <td>2016 9 28</td>
   1252   </tr>
   1253   <tr>
   1254     <td>CVE-2016-8427</td>
   1255     <td>A-31799885*<br>
   1256         N-CVE-2016-8427</td>
   1257     <td></td>
   1258     <td>Nexus 9</td>
   1259     <td>2016 9 28</td>
   1260   </tr>
   1261   <tr>
   1262     <td>CVE-2016-8428</td>
   1263     <td>A-31993456*<br>
   1264         N-CVE-2016-8428</td>
   1265     <td></td>
   1266     <td>Nexus 9</td>
   1267     <td>2016 10 6</td>
   1268   </tr>
   1269   <tr>
   1270     <td>CVE-2016-8429</td>
   1271     <td>A-32160775*<br>
   1272         N-CVE-2016-8429</td>
   1273     <td></td>
   1274     <td>Nexus 9</td>
   1275     <td>2016 10 13</td>
   1276   </tr>
   1277   <tr>
   1278     <td>CVE-2016-8430</td>
   1279     <td>A-32225180*<br>
   1280         N-CVE-2016-8430</td>
   1281     <td></td>
   1282     <td>Nexus 9</td>
   1283     <td>2016 10 17</td>
   1284   </tr>
   1285   <tr>
   1286     <td>CVE-2016-8431</td>
   1287     <td>A-32402179*<br>
   1288         N-CVE-2016-8431</td>
   1289     <td></td>
   1290     <td>Pixel C</td>
   1291     <td>2016 10 25</td>
   1292   </tr>
   1293   <tr>
   1294     <td>CVE-2016-8432</td>
   1295     <td>A-32447738*<br>
   1296         N-CVE-2016-8432</td>
   1297     <td></td>
   1298     <td>Pixel C</td>
   1299     <td>2016 10 26</td>
   1300   </tr>
   1301 </table>
   1302 <p>
   1303 *       . 
   1304 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus   
   1305   .
   1306 </p>
   1307 
   1308 
   1309 <h3 id="eop-in-mediatek-driver">MediaTek 
   1310   </h3>
   1311 <p>
   1312 MediaTek     
   1313        
   1314   .   
   1315         ,
   1316       .
   1317 </p>
   1318 
   1319 <table>
   1320   <col width="19%">
   1321   <col width="20%">
   1322   <col width="10%">
   1323   <col width="23%">
   1324   <col width="17%">
   1325   <tr>
   1326     <th>CVE</th>
   1327     <th></th>
   1328     <th></th>
   1329     <th> Google </th>
   1330     <th> </th>
   1331   </tr>
   1332   <tr>
   1333     <td>CVE-2016-8433</td>
   1334     <td>A-31750190*<br>
   1335         MT-ALPS02974192</td>
   1336     <td></td>
   1337     <td>**</td>
   1338     <td>2016 9 24</td>
   1339   </tr>
   1340 </table>
   1341 <p>
   1342 *       . 
   1343 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus   
   1344   .
   1345 </p>
   1346 <p>
   1347 **  Android 7.0  Google      
   1348    .
   1349 </p>
   1350 
   1351 
   1352 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU 
   1353   </h3>
   1354 <p>
   1355 Qualcomm GPU     
   1356        
   1357   .   
   1358         ,
   1359       .
   1360 </p>
   1361 
   1362 <table>
   1363   <col width="19%">
   1364   <col width="20%">
   1365   <col width="10%">
   1366   <col width="23%">
   1367   <col width="17%">
   1368   <tr>
   1369     <th>CVE</th>
   1370     <th></th>
   1371     <th></th>
   1372     <th> Google </th>
   1373     <th> </th>
   1374   </tr>
   1375   <tr>
   1376     <td>CVE-2016-8434</td>
   1377     <td>A-32125137<br>
   1378         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9">
   1379 QC-CR#1081855</a></td>
   1380     <td></td>
   1381     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td>
   1382     <td>2016 10 12</td>
   1383   </tr>
   1384 </table>
   1385 
   1386 
   1387 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU 
   1388   </h3>
   1389 <p>
   1390 NVIDIA GPU     
   1391        
   1392   .   
   1393         ,
   1394       .
   1395 </p>
   1396 
   1397 <table>
   1398   <col width="19%">
   1399   <col width="20%">
   1400   <col width="10%">
   1401   <col width="23%">
   1402   <col width="17%">
   1403   <tr>
   1404     <th>CVE</th>
   1405     <th></th>
   1406     <th></th>
   1407     <th> Google </th>
   1408     <th> </th>
   1409   </tr>
   1410   <tr>
   1411     <td>CVE-2016-8435</td>
   1412     <td>A-32700935*<br>
   1413         N-CVE-2016-8435</td>
   1414     <td></td>
   1415     <td>Pixel C</td>
   1416     <td>2015 11 7</td>
   1417   </tr>
   1418 </table>
   1419 <p>
   1420 *       . 
   1421 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1422   
   1423  .
   1424 </p>
   1425 
   1426 
   1427 <h3 id="eop-in-qualcomm-video-driver">Qualcomm  
   1428   </h3>
   1429 <p>
   1430 Qualcomm      
   1431        
   1432   .   
   1433         ,
   1434       .
   1435 </p>
   1436 
   1437 <table>
   1438   <col width="19%">
   1439   <col width="20%">
   1440   <col width="10%">
   1441   <col width="23%">
   1442   <col width="17%">
   1443   <tr>
   1444     <th>CVE</th>
   1445     <th></th>
   1446     <th></th>
   1447     <th> Google </th>
   1448     <th> </th>
   1449   </tr>
   1450   <tr>
   1451     <td>CVE-2016-8436</td>
   1452     <td>A-32450261<br>
   1453         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced">
   1454 QC-CR#1007860</a></td>
   1455     <td></td>
   1456     <td>*</td>
   1457     <td>2016 10 13</td>
   1458   </tr>
   1459 </table>
   1460 <p>
   1461 *  Android 7.0  Google      
   1462    .
   1463 </p>
   1464 
   1465 
   1466 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 
   1467 </h3>
   1468 <p>
   1469   Qualcomm    Qualcomm AMSS 2015 11, 2016 8, 2016 9, 2016 10     .
   1470 </p>
   1471 
   1472 <table>
   1473   <col width="19%">
   1474   <col width="20%">
   1475   <col width="10%">
   1476   <col width="23%">
   1477   <col width="17%">
   1478   <tr>
   1479     <th>CVE</th>
   1480     <th></th>
   1481     <th>*</th>
   1482     <th> Google </th>
   1483     <th> </th>
   1484   </tr>
   1485   <tr>
   1486     <td>CVE-2016-8438</td>
   1487     <td>A-31624565**</td>
   1488     <td></td>
   1489     <td>***</td>
   1490     <td>Qualcomm </td>
   1491   </tr>
   1492   <tr>
   1493     <td>CVE-2016-8442</td>
   1494     <td>A-31625910**</td>
   1495     <td></td>
   1496     <td>***</td>
   1497     <td>Qualcomm </td>
   1498   </tr>
   1499   <tr>
   1500     <td>CVE-2016-8443</td>
   1501     <td>A-32576499**</td>
   1502     <td></td>
   1503     <td>***</td>
   1504     <td>Qualcomm </td>
   1505   </tr>
   1506   <tr>
   1507     <td>CVE-2016-8437</td>
   1508     <td>A-31623057**</td>
   1509     <td></td>
   1510     <td>***</td>
   1511     <td>Qualcomm </td>
   1512   </tr>
   1513   <tr>
   1514     <td>CVE-2016-8439</td>
   1515     <td>A-31625204**</td>
   1516     <td></td>
   1517     <td>***</td>
   1518     <td>Qualcomm </td>
   1519   </tr>
   1520   <tr>
   1521     <td>CVE-2016-8440</td>
   1522     <td>A-31625306**</td>
   1523     <td></td>
   1524     <td>***</td>
   1525     <td>Qualcomm </td>
   1526   </tr>
   1527   <tr>
   1528     <td>CVE-2016-8441</td>
   1529     <td>A-31625904**</td>
   1530     <td></td>
   1531     <td>***</td>
   1532     <td>Qualcomm </td>
   1533   </tr>
   1534   <tr>
   1535     <td>CVE-2016-8398</td>
   1536     <td>A-31548486**</td>
   1537     <td></td>
   1538     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td>
   1539     <td>Qualcomm </td>
   1540   </tr>
   1541   <tr>
   1542     <td>CVE-2016-8459</td>
   1543     <td>A-32577972**</td>
   1544     <td></td>
   1545     <td>***</td>
   1546     <td>Qualcomm </td>
   1547   </tr>
   1548   <tr>
   1549     <td>CVE-2016-5080</td>
   1550     <td>A-31115235**</td>
   1551     <td></td>
   1552     <td>Nexus 5X</td>
   1553     <td>Qualcomm </td>
   1554   </tr>
   1555 </table>
   1556 <p>
   1557 *       .
   1558 </p>
   1559 <p>
   1560 **       . 
   1561 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1562   
   1563  .
   1564 </p>
   1565 <p>
   1566 ***  Android 7.0  Google      
   1567    .
   1568 </p>
   1569 
   1570 
   1571 <h3 id="eop-in-qualcomm-camera">Qualcomm 
   1572   </h3>
   1573 <p>
   1574 Qualcomm     
   1575        
   1576   .        
   1577    .
   1578 </p>
   1579 
   1580 <table>
   1581   <col width="19%">
   1582   <col width="20%">
   1583   <col width="10%">
   1584   <col width="23%">
   1585   <col width="17%">
   1586   <tr>
   1587     <th>CVE</th>
   1588     <th></th>
   1589     <th></th>
   1590     <th> Google </th>
   1591     <th> </th>
   1592   </tr>
   1593   <tr>
   1594     <td>CVE-2016-8412</td>
   1595     <td>A-31225246<br>
   1596         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786">
   1597 QC-CR#1071891</a></td>
   1598     <td></td>
   1599     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
   1600     <td>2016 8 26</td>
   1601   </tr>
   1602   <tr>
   1603     <td>CVE-2016-8444</td>
   1604     <td>A-31243641*<br>
   1605         QC-CR#1074310</td>
   1606     <td></td>
   1607     <td>Nexus 5X, Nexus 6, Nexus 6P</td>
   1608     <td>2016 8 26</td>
   1609   </tr>
   1610 </table>
   1611 <p>
   1612 *       . 
   1613 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1614   
   1615  .
   1616 </p>
   1617 
   1618 
   1619 <h3 id="eop-in-mediatek-components">MediaTek 
   1620   </h3>
   1621 <p>
   1622      MediaTek     
   1623        
   1624   .     
   1625    
   1626   .
   1627 </p>
   1628 
   1629 <table>
   1630   <col width="19%">
   1631   <col width="20%">
   1632   <col width="10%">
   1633   <col width="23%">
   1634   <col width="17%">
   1635   <tr>
   1636     <th>CVE</th>
   1637     <th></th>
   1638     <th></th>
   1639     <th> Google </th>
   1640     <th> </th>
   1641   </tr>
   1642   <tr>
   1643     <td>CVE-2016-8445</td>
   1644     <td>A-31747590*<br>
   1645         MT-ALPS02968983</td>
   1646     <td></td>
   1647     <td>**</td>
   1648     <td>2016 9 25</td>
   1649   </tr>
   1650   <tr>
   1651     <td>CVE-2016-8446</td>
   1652     <td>A-31747749*<br>
   1653         MT-ALPS02968909</td>
   1654     <td></td>
   1655     <td>**</td>
   1656     <td>2016 9 25</td>
   1657   </tr>
   1658   <tr>
   1659     <td>CVE-2016-8447</td>
   1660     <td>A-31749463*<br>
   1661         MT-ALPS02968886</td>
   1662     <td></td>
   1663     <td>**</td>
   1664     <td>2016 9 25</td>
   1665   </tr>
   1666   <tr>
   1667     <td>CVE-2016-8448</td>
   1668     <td>A-31791148*<br>
   1669         MT-ALPS02982181</td>
   1670     <td></td>
   1671     <td>**</td>
   1672     <td>2016 9 28</td>
   1673   </tr>
   1674 </table>
   1675 <p>
   1676 *       . 
   1677 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1678   
   1679  .
   1680 </p>
   1681 <p>
   1682 **  Android 7.0  Google      
   1683    .
   1684 </p>
   1685 
   1686 
   1687 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 
   1688   </h3>
   1689 <p>
   1690 Qualcomm Wi-Fi     
   1691          
   1692 .        
   1693    .
   1694 </p>
   1695 
   1696 <table>
   1697   <col width="19%">
   1698   <col width="20%">
   1699   <col width="10%">
   1700   <col width="23%">
   1701   <col width="17%">
   1702   <tr>
   1703     <th>CVE</th>
   1704     <th></th>
   1705     <th></th>
   1706     <th> Google </th>
   1707     <th> </th>
   1708   </tr>
   1709   <tr>
   1710     <td>CVE-2016-8415</td>
   1711     <td>A-31750554<br>
   1712         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394">
   1713 QC-CR#1079596</a></td>
   1714     <td></td>
   1715     <td>Nexus 5X, Pixel, Pixel XL</td>
   1716     <td>2016 9 26</td>
   1717   </tr>
   1718 </table>
   1719 
   1720 
   1721 <h3 id="eop-in-nvidia-gpu-driver-3">NVIDIA GPU 
   1722   </h3>
   1723 <p>
   1724 NVIDIA GPU     
   1725        
   1726   .        
   1727    .
   1728 </p>
   1729 
   1730 <table>
   1731   <col width="19%">
   1732   <col width="20%">
   1733   <col width="10%">
   1734   <col width="23%">
   1735   <col width="17%">
   1736   <tr>
   1737     <th>CVE</th>
   1738     <th></th>
   1739     <th></th>
   1740     <th> Google </th>
   1741     <th> </th>
   1742   </tr>
   1743   <tr>
   1744     <td>CVE-2016-8449</td>
   1745     <td>A-31798848*<br>
   1746         N-CVE-2016-8449</td>
   1747     <td></td>
   1748     <td>Nexus 9</td>
   1749     <td>2016 9 28</td>
   1750   </tr>
   1751 </table>
   1752 <p>
   1753 *       . 
   1754 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1755   
   1756  .
   1757 </p>
   1758 
   1759 
   1760 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm  
   1761   </h3>
   1762 <p>
   1763 Qualcomm      
   1764        
   1765   .        
   1766    .
   1767 </p>
   1768 
   1769 <table>
   1770   <col width="19%">
   1771   <col width="20%">
   1772   <col width="10%">
   1773   <col width="23%">
   1774   <col width="17%">
   1775   <tr>
   1776     <th>CVE</th>
   1777     <th></th>
   1778     <th></th>
   1779     <th> Google </th>
   1780     <th> </th>
   1781   </tr>
   1782   <tr>
   1783     <td>CVE-2016-8450</td>
   1784     <td>A-32450563<br>
   1785         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb">
   1786 QC-CR#880388</a></td>
   1787     <td></td>
   1788     <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td>
   1789     <td>2016 10 13</td>
   1790   </tr>
   1791 </table>
   1792 
   1793 
   1794 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics  
   1795   </h3>
   1796 <p>
   1797 Synaptics      
   1798        
   1799   .        
   1800    .
   1801 </p>
   1802 
   1803 <table>
   1804   <col width="19%">
   1805   <col width="20%">
   1806   <col width="10%">
   1807   <col width="23%">
   1808   <col width="17%">
   1809   <tr>
   1810     <th>CVE</th>
   1811     <th></th>
   1812     <th></th>
   1813     <th> Google </th>
   1814     <th> </th>
   1815   </tr>
   1816   <tr>
   1817     <td>CVE-2016-8451</td>
   1818     <td>A-32178033*</td>
   1819     <td></td>
   1820     <td>**</td>
   1821     <td>2016 10 13</td>
   1822   </tr>
   1823 </table>
   1824 <p>
   1825 *       . 
   1826 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1827   
   1828  .
   1829 </p>
   1830 <p>
   1831 **  Android 7.0  Google      
   1832    .
   1833 </p>
   1834 
   1835 
   1836 <h3 id="eop-in-kernel-security-subsystem">   
   1837   </h3>
   1838 <p>
   1839        
   1840        
   1841   .        
   1842    .
   1843 </p>
   1844 
   1845 <table>
   1846   <col width="19%">
   1847   <col width="20%">
   1848   <col width="10%">
   1849   <col width="23%">
   1850   <col width="17%">
   1851   <tr>
   1852     <th>CVE</th>
   1853     <th></th>
   1854     <th></th>
   1855     <th> Google </th>
   1856     <th> </th>
   1857   </tr>
   1858   <tr>
   1859     <td>CVE-2016-7042</td>
   1860     <td>A-32178986<br>
   1861         <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc">
   1862  </a></td>
   1863     <td></td>
   1864     <td>Pixel C</td>
   1865     <td>2016 10 14</td>
   1866   </tr>
   1867 </table>
   1868 
   1869 
   1870 <h3 id="eop-in-kernel-performance-subsystem">   
   1871   </h3>
   1872 <p>
   1873           
   1874        .        
   1875    .
   1876 </p>
   1877 
   1878 <table>
   1879   <col width="19%">
   1880   <col width="20%">
   1881   <col width="10%">
   1882   <col width="23%">
   1883   <col width="17%">
   1884   <tr>
   1885     <th>CVE</th>
   1886     <th></th>
   1887     <th></th>
   1888     <th> Google </th>
   1889     <th> </th>
   1890   </tr>
   1891   <tr>
   1892     <td>CVE-2017-0403</td>
   1893     <td>A-32402548*</td>
   1894     <td></td>
   1895     <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
   1896 Player, Pixel, Pixel XL</td>
   1897     <td>2016 10 25</td>
   1898   </tr>
   1899 </table>
   1900 <p>
   1901 *       . 
   1902 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1903   
   1904  .
   1905 </p>
   1906 
   1907 
   1908 <h3 id="eop-in-kernel-sound-subsystem">   
   1909   </h3>
   1910 <p>
   1911        
   1912        
   1913   .        
   1914    .
   1915 </p>
   1916 
   1917 <table>
   1918   <col width="19%">
   1919   <col width="20%">
   1920   <col width="10%">
   1921   <col width="23%">
   1922   <col width="17%">
   1923   <tr>
   1924     <th>CVE</th>
   1925     <th></th>
   1926     <th></th>
   1927     <th> Google </th>
   1928     <th> </th>
   1929   </tr>
   1930   <tr>
   1931     <td>CVE-2017-0404</td>
   1932     <td>A-32510733*</td>
   1933     <td></td>
   1934     <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player, Pixel, Pixel
   1935 XL</td>
   1936     <td>2016 10 27</td>
   1937   </tr>
   1938 </table>
   1939 <p>
   1940 *       . 
   1941 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   1942   
   1943  .
   1944 </p>
   1945 
   1946 
   1947 <h3 id="eop-in-qualcomm-wi-fi-driver-2">Qualcomm Wi-Fi 
   1948   </h3>
   1949 <p>
   1950 Qualcomm Wi-Fi     
   1951          
   1952 .        
   1953    .
   1954 </p>
   1955 
   1956 <table>
   1957   <col width="19%">
   1958   <col width="20%">
   1959   <col width="10%">
   1960   <col width="23%">
   1961   <col width="17%">
   1962   <tr>
   1963     <th>CVE</th>
   1964     <th></th>
   1965     <th></th>
   1966     <th> Google </th>
   1967     <th> </th>
   1968   </tr>
   1969   <tr>
   1970     <td>CVE-2016-8452</td>
   1971     <td>A-32506396<br>
   1972         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526">
   1973 QC-CR#1050323</a></td>
   1974     <td></td>
   1975     <td>Nexus 5X, Android One, Pixel, Pixel XL</td>
   1976     <td>2016 10 28</td>
   1977   </tr>
   1978 </table>
   1979 
   1980 
   1981 <h3 id="eop-in-qualcomm-radio-driver">Qualcomm  
   1982   </h3>
   1983 <p>
   1984 Qualcomm      
   1985        
   1986   .        
   1987    .
   1988 </p>
   1989 
   1990 <table>
   1991   <col width="19%">
   1992   <col width="20%">
   1993   <col width="10%">
   1994   <col width="23%">
   1995   <col width="17%">
   1996   <tr>
   1997     <th>CVE</th>
   1998     <th></th>
   1999     <th></th>
   2000     <th> Google </th>
   2001     <th> </th>
   2002   </tr>
   2003   <tr>
   2004     <td>CVE-2016-5345</td>
   2005     <td>A-32639452<br>
   2006         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6">
   2007 QC-CR#1079713</a></td>
   2008     <td></td>
   2009     <td>Android One</td>
   2010     <td>2016 11 3</td>
   2011   </tr>
   2012 </table>
   2013 
   2014 
   2015 <h3 id="eop-in-kernel-profiling-subsystem">   
   2016   </h3>
   2017 <p>
   2018        
   2019        
   2020   .        
   2021    .
   2022 </p>
   2023 
   2024 <table>
   2025   <col width="19%">
   2026   <col width="20%">
   2027   <col width="10%">
   2028   <col width="23%">
   2029   <col width="17%">
   2030   <tr>
   2031     <th>CVE</th>
   2032     <th></th>
   2033     <th></th>
   2034     <th> Google </th>
   2035     <th> </th>
   2036   </tr>
   2037   <tr>
   2038     <td>CVE-2016-9754</td>
   2039     <td>A-32659848<br>
   2040         <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6">
   2041  </a></td>
   2042     <td></td>
   2043     <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
   2044 Player</td>
   2045     <td>2016 11 4</td>
   2046   </tr>
   2047 </table>
   2048 
   2049 
   2050 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 
   2051   </h3>
   2052 <p>
   2053 Broadcom Wi-Fi     
   2054          
   2055 .        
   2056    .
   2057 </p>
   2058 
   2059 <table>
   2060   <col width="19%">
   2061   <col width="20%">
   2062   <col width="10%">
   2063   <col width="23%">
   2064   <col width="17%">
   2065   <tr>
   2066     <th>CVE</th>
   2067     <th></th>
   2068     <th></th>
   2069     <th> Google </th>
   2070     <th> </th>
   2071   </tr>
   2072   <tr>
   2073     <td>CVE-2016-8453
   2074 </td>
   2075     <td>A-24739315*<br>
   2076         B-RB#73392</td>
   2077     <td></td>
   2078     <td>Nexus 6</td>
   2079     <td>Google </td>
   2080   </tr>
   2081   <tr>
   2082     <td>CVE-2016-8454</td>
   2083     <td>A-32174590*<br>
   2084         B-RB#107142</td>
   2085     <td></td>
   2086     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2087     <td>2016 10 14</td>
   2088   </tr>
   2089   <tr>
   2090     <td>CVE-2016-8455</td>
   2091     <td>A-32219121*<br>
   2092         B-RB#106311</td>
   2093     <td></td>
   2094     <td>Nexus 6P</td>
   2095     <td>2016 10 15</td>
   2096   </tr>
   2097   <tr>
   2098     <td>CVE-2016-8456</td>
   2099     <td>A-32219255*<br>
   2100         B-RB#105580</td>
   2101     <td></td>
   2102     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2103     <td>2016 10 15</td>
   2104   </tr>
   2105   <tr>
   2106     <td>CVE-2016-8457</td>
   2107     <td>A-32219453*<br>
   2108         B-RB#106116</td>
   2109     <td></td>
   2110     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C</td>
   2111     <td>2016 10 15</td>
   2112   </tr>
   2113 </table>
   2114 <p>
   2115 *       . 
   2116 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2117   
   2118  .
   2119 </p>
   2120 
   2121 
   2122 <h3 id="eop-in-synaptics-touchscreen-driver-2">Synaptics  
   2123   </h3>
   2124 <p>
   2125 Synaptics      
   2126        
   2127   .        
   2128    .
   2129 </p>
   2130 
   2131 <table>
   2132   <col width="19%">
   2133   <col width="20%">
   2134   <col width="10%">
   2135   <col width="23%">
   2136   <col width="17%">
   2137   <tr>
   2138     <th>CVE</th>
   2139     <th></th>
   2140     <th></th>
   2141     <th> Google </th>
   2142     <th> </th>
   2143   </tr>
   2144   <tr>
   2145     <td>CVE-2016-8458</td>
   2146     <td>A-31968442*</td>
   2147     <td></td>
   2148     <td>Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td>
   2149     <td>Google </td>
   2150   </tr>
   2151 </table>
   2152 <p>
   2153 *       . 
   2154 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2155   
   2156  .
   2157 </p>
   2158 
   2159 
   2160 <h3 id="id-in-nvidia-video-driver">NVIDIA  
   2161   </h3>
   2162 <p>
   2163 NVIDIA         
   2164       .
   2165             
   2166   .
   2167 </p>
   2168 
   2169 <table>
   2170   <col width="19%">
   2171   <col width="20%">
   2172   <col width="10%">
   2173   <col width="23%">
   2174   <col width="17%">
   2175   <tr>
   2176     <th>CVE</th>
   2177     <th></th>
   2178     <th></th>
   2179     <th> Google </th>
   2180     <th> </th>
   2181   </tr>
   2182   <tr>
   2183     <td>CVE-2016-8460</td>
   2184     <td>A-31668540*<br>
   2185         N-CVE-2016-8460</td>
   2186     <td></td>
   2187     <td>Nexus 9</td>
   2188     <td>2016 9 21</td>
   2189   </tr>
   2190 </table>
   2191 <p>
   2192 *       . 
   2193 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2194   
   2195  .
   2196 </p>
   2197 
   2198 
   2199 <h3 id="id-in-bootloader">
   2200   </h3>
   2201 <p>
   2202       
   2203       .  
   2204          .
   2205 </p>
   2206 
   2207 <table>
   2208   <col width="19%">
   2209   <col width="20%">
   2210   <col width="10%">
   2211   <col width="23%">
   2212   <col width="17%">
   2213   <tr>
   2214     <th>CVE</th>
   2215     <th></th>
   2216     <th></th>
   2217     <th> Google </th>
   2218     <th> </th>
   2219   </tr>
   2220   <tr>
   2221     <td>CVE-2016-8461</td>
   2222     <td>A-32369621*</td>
   2223     <td></td>
   2224     <td>Nexus 9, Pixel, Pixel XL</td>
   2225     <td>2016 10 21</td>
   2226   </tr>
   2227   <tr>
   2228     <td>CVE-2016-8462</td>
   2229     <td>A-32510383*</td>
   2230     <td></td>
   2231     <td>Pixel, Pixel XL</td>
   2232     <td>2016 10 27</td>
   2233   </tr>
   2234 </table>
   2235 <p>
   2236 *       . 
   2237 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2238   
   2239  .
   2240 </p>
   2241 
   2242 
   2243 <h3 id="dos-in-qualcomm-fuse-file-system">Qualcomm FUSE  
   2244  (DoS) </h3>
   2245 <p>
   2246 Qualcomm FUSE      
   2247        
   2248    .  
   2249         .
   2250 </p>
   2251 
   2252 <table>
   2253   <col width="19%">
   2254   <col width="20%">
   2255   <col width="10%">
   2256   <col width="23%">
   2257   <col width="17%">
   2258   <tr>
   2259     <th>CVE</th>
   2260     <th></th>
   2261     <th></th>
   2262     <th> Google </th>
   2263     <th> </th>
   2264   </tr>
   2265   <tr>
   2266     <td>CVE-2016-8463</td>
   2267     <td>A-30786860<br>
   2268         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10">
   2269 QC-CR#586855</a></td>
   2270     <td></td>
   2271     <td>*</td>
   2272     <td>2014 1 3</td>
   2273   </tr>
   2274 </table>
   2275 <p>
   2276 *  Android 7.0  Google      
   2277    .
   2278 </p>
   2279 
   2280 
   2281 <h3 id="dos-in-bootloader">
   2282  (DoS) </h3>
   2283 <p>
   2284   (DoS)   
   2285       ,  
   2286     .   
   2287         .
   2288 </p>
   2289 
   2290 <table>
   2291   <col width="19%">
   2292   <col width="20%">
   2293   <col width="10%">
   2294   <col width="23%">
   2295   <col width="17%">
   2296   <tr>
   2297     <th>CVE</th>
   2298     <th></th>
   2299     <th></th>
   2300     <th> Google </th>
   2301     <th> </th>
   2302   </tr>
   2303   <tr>
   2304     <td>CVE-2016-8467</td>
   2305     <td>A-30308784*</td>
   2306     <td></td>
   2307     <td>Nexus 6, Nexus 6P</td>
   2308     <td>2016 6 29</td>
   2309   </tr>
   2310 </table>
   2311 <p>
   2312 *       . 
   2313 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2314   
   2315  .
   2316 </p>
   2317 
   2318 
   2319 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi 
   2320   </h3>
   2321 <p>
   2322 Broadcom Wi-Fi     
   2323          
   2324 .       
   2325      
   2326   .
   2327 </p>
   2328 
   2329 <table>
   2330   <col width="19%">
   2331   <col width="20%">
   2332   <col width="10%">
   2333   <col width="23%">
   2334   <col width="17%">
   2335   <tr>
   2336     <th>CVE</th>
   2337     <th></th>
   2338     <th></th>
   2339     <th> Google </th>
   2340     <th> </th>
   2341   </tr>
   2342   <tr>
   2343     <td>CVE-2016-8464</td>
   2344     <td>A-29000183*<br>
   2345         B-RB#106314</td>
   2346     <td></td>
   2347     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2348     <td>2016 5 26</td>
   2349   </tr>
   2350   <tr>
   2351     <td>CVE-2016-8466</td>
   2352     <td>A-31822524*<br>
   2353         B-RB#105268</td>
   2354     <td></td>
   2355     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2356     <td>2016 9 28</td>
   2357   </tr>
   2358   <tr>
   2359     <td>CVE-2016-8465</td>
   2360     <td>A-32474971*<br>
   2361         B-RB#106053</td>
   2362     <td></td>
   2363     <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
   2364     <td>2016 10 27</td>
   2365   </tr>
   2366 </table>
   2367 <p>
   2368 *       . 
   2369 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2370   
   2371  .
   2372 </p>
   2373 
   2374 
   2375 <h3 id="eop-in-bootloader">
   2376   </h3>
   2377 <p>
   2378       
   2379       .  
   2380   (      
   2381   )        .
   2382 </p>
   2383 
   2384 <table>
   2385   <col width="19%">
   2386   <col width="20%">
   2387   <col width="10%">
   2388   <col width="23%">
   2389   <col width="17%">
   2390   <tr>
   2391     <th>CVE</th>
   2392     <th></th>
   2393     <th></th>
   2394     <th> Google </th>
   2395     <th> </th>
   2396   </tr>
   2397   <tr>
   2398     <td>CVE-2016-8467</td>
   2399     <td>A-30308784*</td>
   2400     <td></td>
   2401     <td>Nexus 6, Nexus 6P</td>
   2402     <td>2016 6 29</td>
   2403   </tr>
   2404 </table>
   2405 <p>
   2406 *       . 
   2407 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2408   
   2409  .
   2410 </p>
   2411 
   2412 
   2413 <h3 id="eop-in-binder">Binder
   2414   </h3>
   2415 <p>
   2416 Binder       
   2417         
   2418 .       
   2419      
   2420   .
   2421 </p>
   2422 
   2423 <table>
   2424   <col width="19%">
   2425   <col width="20%">
   2426   <col width="10%">
   2427   <col width="23%">
   2428   <col width="17%">
   2429   <tr>
   2430     <th>CVE</th>
   2431     <th></th>
   2432     <th></th>
   2433     <th> Google </th>
   2434     <th> </th>
   2435   </tr>
   2436   <tr>
   2437     <td>CVE-2016-8468</td>
   2438     <td>A-32394425*</td>
   2439     <td></td>
   2440     <td>Pixel C, Pixel, Pixel XL</td>
   2441     <td>Google </td>
   2442   </tr>
   2443 </table>
   2444 <p>
   2445 *       . 
   2446 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2447   
   2448  .
   2449 </p>
   2450 
   2451 
   2452 <h3 id="id-in-nvidia-camera-driver">NVIDIA  
   2453   </h3>
   2454 <p>
   2455         
   2456       .
   2457            .
   2458 </p>
   2459 
   2460 <table>
   2461   <col width="19%">
   2462   <col width="20%">
   2463   <col width="10%">
   2464   <col width="23%">
   2465   <col width="17%">
   2466   <tr>
   2467     <th>CVE</th>
   2468     <th></th>
   2469     <th></th>
   2470     <th> Google </th>
   2471     <th> </th>
   2472   </tr>
   2473   <tr>
   2474     <td>CVE-2016-8469</td>
   2475     <td>A-31351206*<br>
   2476         N-CVE-2016-8469</td>
   2477     <td></td>
   2478     <td>Nexus 9</td>
   2479     <td>2016 9 7</td>
   2480   </tr>
   2481 </table>
   2482 <p>
   2483 *       . 
   2484 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2485   
   2486  .
   2487 </p>
   2488 
   2489 
   2490 <h3 id="id-in-mediatek-driver">MediaTek 
   2491   </h3>
   2492 <p>
   2493 MediaTek        
   2494       .
   2495   
   2496      
   2497   .
   2498 </p>
   2499 
   2500 <table>
   2501   <col width="19%">
   2502   <col width="20%">
   2503   <col width="10%">
   2504   <col width="23%">
   2505   <col width="17%">
   2506   <tr>
   2507     <th>CVE</th>
   2508     <th></th>
   2509     <th></th>
   2510     <th> Google </th>
   2511     <th> </th>
   2512   </tr>
   2513   <tr>
   2514     <td>CVE-2016-8470</td>
   2515     <td>A-31528889*<br>
   2516         MT-ALPS02961395</td>
   2517     <td></td>
   2518     <td>**</td>
   2519     <td>2016 9 15</td>
   2520   </tr>
   2521   <tr>
   2522     <td>CVE-2016-8471</td>
   2523     <td>A-31528890*<br>
   2524         MT-ALPS02961380</td>
   2525     <td></td>
   2526     <td>**</td>
   2527     <td>2016 9 15</td>
   2528   </tr>
   2529   <tr>
   2530     <td>CVE-2016-8472</td>
   2531     <td>A-31531758*<br>
   2532         MT-ALPS02961384</td>
   2533     <td></td>
   2534     <td>**</td>
   2535     <td>2016 9 15</td>
   2536   </tr>
   2537 </table>
   2538 <p>
   2539 *       . 
   2540 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2541   
   2542  .
   2543 </p>
   2544 <p>
   2545 **  Android 7.0  Google      
   2546    .
   2547 </p>
   2548 
   2549 
   2550 <h3 id="id-in-stmicroelectronics-driver">STMicroelectronics 
   2551   </h3>
   2552 <p>
   2553 STMicroelectronics        
   2554       .   
   2555         .
   2556 </p>
   2557 
   2558 <table>
   2559   <col width="19%">
   2560   <col width="20%">
   2561   <col width="10%">
   2562   <col width="23%">
   2563   <col width="17%">
   2564   <tr>
   2565     <th>CVE</th>
   2566     <th></th>
   2567     <th></th>
   2568     <th> Google </th>
   2569     <th> </th>
   2570   </tr>
   2571   <tr>
   2572     <td>CVE-2016-8473</td>
   2573     <td>A-31795790*</td>
   2574     <td></td>
   2575     <td>Nexus 5X, Nexus 6P</td>
   2576     <td>2016 9 28</td>
   2577   </tr>
   2578   <tr>
   2579     <td>CVE-2016-8474</td>
   2580     <td>A-31799972*</td>
   2581     <td></td>
   2582     <td>Nexus 5X, Nexus 6P</td>
   2583     <td>2016 9 28</td>
   2584   </tr>
   2585 </table>
   2586 <p>
   2587 *       . 
   2588 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2589   
   2590  .
   2591 </p>
   2592 
   2593 
   2594 <h3 id="id-in-qualcomm-audio-post-processor-">Qualcomm   
   2595    </h3>
   2596 <p>
   2597 Qualcomm          
   2598       .      
   2599        .
   2600 </p>
   2601 
   2602 <table>
   2603   <col width="18%">
   2604   <col width="17%">
   2605   <col width="10%">
   2606   <col width="19%">
   2607   <col width="18%">
   2608   <col width="17%">
   2609   <tr>
   2610     <th>CVE</th>
   2611     <th></th>
   2612     <th></th>
   2613     <th> Google </th>
   2614     <th> AOSP </th>
   2615     <th> </th>
   2616   </tr>
   2617   <tr>
   2618    <td>CVE-2017-0399
   2619    </td>
   2620    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   2621        A-32588756</a>
   2622 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td>
   2623    <td></td>
   2624    <td></td>
   2625    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2626    <td>2016 10 18</td>
   2627   </tr>
   2628   <tr>
   2629    <td>CVE-2017-0400</td>
   2630    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   2631        A-32438598</a>
   2632 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]
   2633    </td>
   2634    <td></td>
   2635    <td></td>
   2636    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2637    <td>2016 10 25</td>
   2638   </tr>
   2639   <tr>
   2640    <td>CVE-2017-0401</td>
   2641    <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358">
   2642        A-32588016</a>
   2643    </td>
   2644    <td></td>
   2645    <td></td>
   2646    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2647    <td>2016 10 26</td>
   2648   </tr>
   2649   <tr>
   2650    <td>CVE-2017-0402</td>
   2651    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">
   2652        A-32588352</a>
   2653 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]
   2654    </td>
   2655    <td></td>
   2656    <td></td>
   2657    <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
   2658    <td>2016 10 25</td>
   2659   </tr>
   2660 </table>
   2661 
   2662 
   2663 <h3 id="id-in-htc-input-driver">HTC  
   2664   </h3>
   2665 <p>
   2666 HTC         
   2667       .
   2668            .
   2669 </p>
   2670 
   2671 <table>
   2672   <col width="19%">
   2673   <col width="20%">
   2674   <col width="10%">
   2675   <col width="23%">
   2676   <col width="17%">
   2677   <tr>
   2678     <th>CVE</th>
   2679     <th></th>
   2680     <th></th>
   2681     <th> Google </th>
   2682     <th> </th>
   2683   </tr>
   2684   <tr>
   2685     <td>CVE-2016-8475</td>
   2686     <td>A-32591129*</td>
   2687     <td></td>
   2688     <td>Pixel, Pixel XL</td>
   2689     <td>2016 10 30</td>
   2690   </tr>
   2691 </table>
   2692 <p>
   2693 *       . 
   2694 <a href="https://developers.google.com/android/nexus/drivers">Google  </a>  Nexus 
   2695   
   2696  .
   2697 </p>
   2698 
   2699 
   2700 <h3 id="dos-in-kernel-file-system">  
   2701  (DoS) </h3>
   2702 <p>
   2703          
   2704     .    
   2705       
   2706   .
   2707 </p>
   2708 
   2709 <table>
   2710   <col width="19%">
   2711   <col width="20%">
   2712   <col width="10%">
   2713   <col width="23%">
   2714   <col width="17%">
   2715   <tr>
   2716     <th>CVE</th>
   2717     <th></th>
   2718     <th></th>
   2719     <th> Google </th>
   2720     <th> </th>
   2721   </tr>
   2722   <tr>
   2723     <td>CVE-2014-9420</td>
   2724     <td>A-32477499<br>
   2725         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d">
   2726  </a></td>
   2727     <td></td>
   2728     <td>Pixel C</td>
   2729     <td>2014 12 25</td>
   2730   </tr>
   2731 </table>
   2732 
   2733 <h2 id="common-questions-and-answers">   </h2>
   2734 <p>           .</p>
   2735 
   2736 <p><strong>1.          ?
   2737 </strong></p>
   2738 
   2739 <p>      
   2740 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus  </a>
   2741   .</p>
   2742 <ul>
   2743   <li>2017-01-01       2017-01-01
   2744       .</li>
   2745   <li>2017-01-05          
   2746     2017-01-05     .</li>
   2747 </ul>
   2748 <p>       
   2749    .</p>
   2750 <ul>
   2751   <li>[ro.build.version.security_patch]:[2017-01-01]</li>
   2752   <li>[ro.build.version.security_patch]:[2017-01-05]</li>
   2753 </ul>
   2754 <p><strong>2.          ?</strong></p>
   2755 
   2756 <p>  Android   Android   
   2757             
   2758  . Android       
   2759       .</p>
   2760 <ul>
   2761   <li>2017 1 1         
   2762            
   2763    .</li>
   2764   <li>2017 1 5      
   2765           
   2766    .</li>
   2767 </ul>
   2768 <p>            .</p>
   2769 
   2770 <p><strong>3.    Google     ?</strong></p>
   2771 
   2772 <p><a href="#2017-01-01-details">2017 1 1</a>  <a href="#2017-01-05-details">2017 1 5</a>        <em> Google </em>   .     Google     .      .</p>
   2773 <ul>
   2774   <li><strong> Google </strong>:   Google   Pixel 
   2775       <em> Google </em> 
   2776   '' . ''   <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices"> </a>
   2777   . Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9,
   2778   Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li>
   2779   <li><strong> Google </strong>:   Google    
   2780    ,   Google  <em> Google </em> 
   2781   .</li>
   2782   <li><strong>Google  </strong>:   Android  
   2783   Google      
   2784   <em> Google </em>  '' .</li>
   2785 </ul>
   2786 <p><strong>4.      ?</strong></p>
   2787 
   2788 <p>   <em></em>      
   2789      .  
   2790   .</p>
   2791 
   2792 <table>
   2793   <tr>
   2794    <th></th>
   2795    <th> </th>
   2796   </tr>
   2797   <tr>
   2798    <td>A-</td>
   2799    <td>Android  ID</td>
   2800   </tr>
   2801   <tr>
   2802    <td>QC-</td>
   2803    <td>Qualcomm  </td>
   2804   </tr>
   2805   <tr>
   2806    <td>M-</td>
   2807    <td>MediaTek  </td>
   2808   </tr>
   2809   <tr>
   2810    <td>N-</td>
   2811    <td>NVIDIA  </td>
   2812   </tr>
   2813   <tr>
   2814    <td>B-</td>
   2815    <td>Broadcom  </td>
   2816   </tr>
   2817 </table>
   2818 <h2 id="revisions"> </h2>
   2819 <ul>
   2820  <li>2017 1 3:  </li>
   2821  <li>2017 1 4:   AOSP  </li>
   2822  <li>2017 1 5: AOSP   7.1 7.1.1 </li>
   2823 </ul>
   2824 
   2825   </body>
   2826 </html>
   2827