1 <html devsite> 2 <head> 3 <title> Nexus 2015.</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p> 27 <em> 28 5 2015 | 12 2015 29 </em> 30 </p> 31 <p> 32 Android 33 Nexus 34 35 Nexus 36 <a href="https://developers.google.com/android/nexus/images"> 37 38 </a> 39 . 40 LMY48T 41 (, LMY48W), Android6.0 Marshmallow 42 1 2015. , 43 , 44 <a href="https://support.google.com/nexus/answer/4457705"> 45 Nexus 46 </a> 47 . 48 </p> 49 <p> 50 10 2015 . 51 52 Android Open Source Project 53 (AOSP). 54 </p> 55 <p> 56 57 (, 58 , 59 MMS). 60 </p> 61 <p> 62 . 63 <a href="http://source.android.com/security/bulletin/2015-10-01.html#mitigations"> 64 65 </a> 66 , 67 <a href="http://source.android.com/security/enhancements/index.html"> 68 69 </a> 70 , 71 SafetyNet, Android. 72 . 73 </p> 74 <h2 id="security_vulnerability_summary" style="margin-bottom:0px"> 75 76 </h2> 77 <hr/> 78 <p> 79 , (CVE) 80 . 81 <a href="http://source.android.com/security/overview/updates-resources.html#severity"> 82 83 </a> 84 , 85 , 86 . 87 </p> 88 <table> 89 <tbody> 90 <tr> 91 <th> 92 93 </th> 94 <th> 95 CVE 96 </th> 97 <th> 98 99 </th> 100 </tr> 101 <tr> 102 <td> 103 libstagefright 104 </td> 105 <td> 106 CVE-2015-3873 107 <br/> 108 CVE-2015-3872 109 <br/> 110 CVE-2015-3871 111 <br/> 112 CVE-2015-3868 113 <br/> 114 CVE-2015-3867 115 <br/> 116 CVE-2015-3869 117 <br/> 118 CVE-2015-3870 119 <br/> 120 CVE-2015-3823 121 <br/> 122 CVE-2015-6598 123 <br/> 124 CVE-2015-6599 125 <br/> 126 CVE-2015-6600 127 <br/> 128 CVE-2015-6603 129 <br/> 130 CVE-2015-6601 131 <br/> 132 CVE-2015-3876 133 <br/> 134 CVE-2015-6604 135 </td> 136 <td> 137 138 </td> 139 </tr> 140 <tr> 141 <td> 142 Sonivox 143 </td> 144 <td> 145 CVE-2015-3874 146 </td> 147 <td> 148 149 </td> 150 </tr> 151 <tr> 152 <td> 153 libutils 154 </td> 155 <td> 156 CVE-2015-3875 157 <br/> 158 CVE-2015-6602 159 </td> 160 <td> 161 162 </td> 163 </tr> 164 <tr> 165 <td> 166 Skia 167 </td> 168 <td> 169 CVE-2015-3877 170 </td> 171 <td> 172 173 </td> 174 </tr> 175 <tr> 176 <td> 177 libFLAC 178 </td> 179 <td> 180 CVE-2014-9028 181 </td> 182 <td> 183 184 </td> 185 </tr> 186 <tr> 187 <td> 188 Keystore 189 </td> 190 <td> 191 CVE-2015-3863 192 </td> 193 <td> 194 195 </td> 196 </tr> 197 <tr> 198 <td> 199 200 </td> 201 <td> 202 CVE-2015-3879 203 </td> 204 <td> 205 206 </td> 207 </tr> 208 <tr> 209 <td> 210 Android Runtime 211 </td> 212 <td> 213 CVE-2015-3865 214 </td> 215 <td> 216 217 </td> 218 </tr> 219 <tr> 220 <td> 221 mediaserver 222 </td> 223 <td> 224 CVE-2015-6596 225 </td> 226 <td> 227 228 </td> 229 </tr> 230 <tr> 231 <td> 232 SEEK 233 </td> 234 <td> 235 CVE-2015-6606 236 </td> 237 <td> 238 239 </td> 240 </tr> 241 <tr> 242 <td> 243 Media Projection 244 </td> 245 <td> 246 CVE-2015-3878 247 </td> 248 <td> 249 250 </td> 251 </tr> 252 <tr> 253 <td> 254 Bluetooth 255 </td> 256 <td> 257 CVE-2015-3847 258 </td> 259 <td> 260 261 </td> 262 </tr> 263 <tr> 264 <td> 265 SQLite 266 </td> 267 <td> 268 CVE-2015-6607 269 </td> 270 <td> 271 272 </td> 273 </tr> 274 <tr> 275 <td> 276 mediaserver 277 </td> 278 <td> 279 CVE-2015-6605 280 <br/> 281 CVE-2015-3862 282 </td> 283 <td> 284 285 </td> 286 </tr> 287 </tbody> 288 </table> 289 <h2 id="mitigations" style="margin-bottom:0px"> 290 291 </h2> 292 <hr/> 293 <p> 294 , 295 <a href="http://source.android.com/security/enhancements/index.html"> 296 297 </a> 298 , 299 SafetyNet, Android. 300 </p> 301 <ul> 302 <li> 303 Android, 304 . 305 </li> 306 <li> 307 , Android, 308 SafetyNet. 309 . Google Play . 310 , 311 , " " . 312 - 313 . , 314 , , 315 . , 316 . 317 </li> 318 <li> 319 Google Hangouts Messenger. 320 , mediaserver, 321 . 322 </li> 323 </ul> 324 <h2 id="acknowledgements" style="margin-bottom:0px"> 325 326 </h2> 327 <hr/> 328 <p> 329 , : 330 </p> 331 <ul> 332 <li> 333 : CVE-2015-3863. 334 </li> 335 <li> 336 , C0re Team, Qihoo 360: 337 CVE-2015-3868, CVE-2015-3869, CVE-2015-3865, CVE-2015-3862. 338 </li> 339 <li> 340 (daniel.micay (a] copperhead.co) Copperhead Security: 341 CVE-2015-3875. 342 </li> 343 <li> 344 dragonltx Alibaba Mobile Security Team: CVE-2015-6599. 345 </li> 346 <li> 347 Google Project Zero: CVE-2015-6604. 348 </li> 349 <li> 350 (@xeroxnir) (@4Dgifts), 351 , 352 -, : CVE-2015-3870. 353 </li> 354 <li> 355 Zimperium: CVE-2015-3876, CVE-2015-6602. 356 </li> 357 <li> 358 (@jgrusko) Exodus Intelligence: CVE-2015-3867. 359 </li> 360 <li> 361 Trend Micro: CVE-2015-3872, CVE-2015-3871. 362 </li> 363 <li> 364 Qihoo 360 Technology Co. Ltd: CVE-2015-3878 365 </li> 366 <li> 367 : CVE-2015-6600, CVE-2015-3847. 368 </li> 369 <li> 370 (Neobyte) Baidu X-Team: CVE-2015-6598. 371 </li> 372 <li> 373 (@wish_wu) Trend Micro Inc.: CVE-2015-3823. 374 </li> 375 </ul> 376 <p> 377 Chrome, 378 Google, Project Zero Google, 379 , . 380 </p> 381 <h2 id="security_vulnerability_details" style="margin-bottom:0px"> 382 383 </h2> 384 <hr/> 385 <p> 386 387 <a href="http://source.android.com/security/bulletin/2015-10-01.html#security_vulnerability_summary"> 388 389 </a> 390 : , , CVE, 391 , , 392 . 393 , AOSP, 394 , 395 . 396 </p> 397 <h3 id="remote_code_execution_vulnerabilities_in_libstagefright"> 398 libstagefright 399 </h3> 400 <p> 401 libstagefright 402 403 mediaserver. 404 </p> 405 <p> 406 - 407 . 408 - , , 409 . 410 </p> 411 <table> 412 <tbody> 413 <tr> 414 <th> 415 CVE 416 </th> 417 <th> 418 AOSP 419 </th> 420 <th> 421 422 </th> 423 <th> 424 425 </th> 426 <th> 427 428 </th> 429 </tr> 430 <tr> 431 <td rowspan="14"> 432 CVE-2015-3873 433 </td> 434 <td> 435 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c23e3dd8af7397f023aae040c4a03dd14091cbed"> 436 ANDROID-20674086 437 </a> 438 [ 439 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/9abb7401df730b5c510f6b8dac2716a0928d9623"> 440 2 441 </a> 442 , 443 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b62a73b860757143d3b140b2985fdae71e18d675"> 444 3 445 </a> 446 , 447 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b2ae4351539de9aa4667fcb3e02ba40d9c6bd094"> 448 4 449 </a> 450 ] 451 </td> 452 <td rowspan="13"> 453 454 </td> 455 <td rowspan="13"> 456 5.1 457 </td> 458 <td rowspan="13"> 459 Google 460 </td> 461 </tr> 462 <tr> 463 <td> 464 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3fd96683850cf27648e036180acb149fac362242"> 465 ANDROID-20674674 466 </a> 467 [ 468 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/65842db06c2d77e53cc5ac61692160d844cc7d0a"> 469 2 470 </a> 471 , 472 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/38eff9af5c032bf12f89d6e94df05f65eef51afc"> 473 3 474 </a> 475 , 476 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/91860b89488b3ee4644c539e89e657fbb79fb6ad"> 477 4 478 </a> 479 ] 480 </td> 481 </tr> 482 <tr> 483 <td> 484 <a href="https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/2e941e40ce76eb13b273479a4ee8fb6e40d33795"> 485 ANDROID-20718524 486 </a> 487 </td> 488 </tr> 489 <tr> 490 <td> 491 <a href="https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/06ca06ac6107f88530cc67225c47537621bb41a5"> 492 ANDROID-21048776 493 </a> 494 </td> 495 </tr> 496 <tr> 497 <td> 498 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/dc5e47f013bfbb74c5c35ad976aa98d480cb351b"> 499 ANDROID-21443020 500 </a> 501 </td> 502 </tr> 503 <tr> 504 <td> 505 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f11e95b21007f24e5ab77298370855f9f085b2d7"> 506 ANDROID-21814993 507 </a> 508 </td> 509 </tr> 510 <tr> 511 <td> 512 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f810a8298aea13fa177060cdc10c8297eac69c49"> 513 ANDROID-22008959 514 </a> 515 </td> 516 </tr> 517 <tr> 518 <td> 519 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7913508110c80da87fb085514208adbd874d7d54"> 520 ANDROID-22077698 521 </a> 522 </td> 523 </tr> 524 <tr> 525 <td> 526 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/073e4f6748f5d7deb095c42fad9271cb99e22d07"> 527 ANDROID-22388975 528 </a> 529 </td> 530 </tr> 531 <tr> 532 <td> 533 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/bf47eb9c67ed364f3c288954857aab9d9311db4c"> 534 ANDROID-22845824 535 </a> 536 </td> 537 </tr> 538 <tr> 539 <td> 540 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b158a9a5bcfe21480f57bc58d45517f1a81cca39"> 541 ANDROID-23016072 542 </a> 543 </td> 544 </tr> 545 <tr> 546 <td> 547 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5a132594b531f1f48098a790927f82080cc27f61"> 548 ANDROID-23247055 549 </a> 550 </td> 551 </tr> 552 <tr> 553 <td> 554 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/d2ebc0b9e147f9406db20ec4df61da50e3614ee4"> 555 ANDROID-23248776 556 </a> 557 </td> 558 </tr> 559 <tr> 560 <td> 561 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3179e3b3531b5fe93dc7f5b2c378e27010a406d5"> 562 ANDROID-20721050 563 </a> 564 </td> 565 <td> 566 567 </td> 568 <td> 569 5.0 5.1 570 </td> 571 <td> 572 Google 573 </td> 574 </tr> 575 <tr> 576 <td> 577 CVE-2015-3823 578 </td> 579 <td> 580 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/407d475b797fdc595299d67151230dc6e3835ccd"> 581 ANDROID-21335999 582 </a> 583 </td> 584 <td> 585 586 </td> 587 <td> 588 5.1 589 </td> 590 <td> 591 20 2015. 592 </td> 593 </tr> 594 <tr> 595 <td> 596 CVE-2015-6600 597 </td> 598 <td> 599 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/e6f5d47a7f9eab8a0009f8a563de473cd47d3110"> 600 ANDROID-22882938 601 </a> 602 </td> 603 <td> 604 605 </td> 606 <td> 607 5.1 608 </td> 609 <td> 610 31 2015. 611 </td> 612 </tr> 613 <tr> 614 <td> 615 CVE-2015-6601 616 </td> 617 <td> 618 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/738a753a3ca7bf8f9f608ca941575626265294e4"> 619 ANDROID-22935234 620 </a> 621 </td> 622 <td> 623 624 </td> 625 <td> 626 5.1 627 </td> 628 <td> 629 3 2015. 630 </td> 631 </tr> 632 <tr> 633 <td> 634 CVE-2015-3869 635 </td> 636 <td> 637 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/450e1015b7939292ca988dd1b4f0303a094478e9"> 638 ANDROID-23036083 639 </a> 640 </td> 641 <td> 642 643 </td> 644 <td> 645 5.1 646 </td> 647 <td> 648 4 2015. 649 </td> 650 </tr> 651 <tr> 652 <td> 653 CVE-2015-3870 654 </td> 655 <td> 656 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/4bce636865bdf0e2a79fc9a5d9a69107649c850d"> 657 ANDROID-22771132 658 </a> 659 </td> 660 <td> 661 662 </td> 663 <td> 664 5.1 665 </td> 666 <td> 667 5 2015. 668 </td> 669 </tr> 670 <tr> 671 <td> 672 CVE-2015-3871 673 </td> 674 <td> 675 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c570778430a22b5488cae72982cf9fb8033dbda3"> 676 ANDROID-23031033 677 </a> 678 </td> 679 <td> 680 681 </td> 682 <td> 683 5.1 684 </td> 685 <td> 686 6 2015. 687 </td> 688 </tr> 689 <tr> 690 <td> 691 CVE-2015-3868 692 </td> 693 <td> 694 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/937c6bedd4b6e5c6cb29a238eb459047dedd3486"> 695 ANDROID-23270724 696 </a> 697 </td> 698 <td> 699 700 </td> 701 <td> 702 5.1 703 </td> 704 <td> 705 6 2015. 706 </td> 707 </tr> 708 <tr> 709 <td> 710 CVE-2015-6604 711 </td> 712 <td> 713 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f51115bd8e44c2779b74477277c6f6046916e7cf"> 714 ANDROID-23129786 715 </a> 716 </td> 717 <td> 718 719 </td> 720 <td> 721 5.1 722 </td> 723 <td> 724 11 2015. 725 </td> 726 </tr> 727 <tr> 728 <td> 729 CVE-2015-3867 730 </td> 731 <td> 732 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7e9ac3509d72e8dc6f1316b5ce0a0066638b9737"> 733 ANDROID-23213430 734 </a> 735 </td> 736 <td> 737 738 </td> 739 <td> 740 5.1 741 </td> 742 <td> 743 14 2015. 744 </td> 745 </tr> 746 <tr> 747 <td> 748 CVE-2015-6603 749 </td> 750 <td> 751 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c37f7f6fa0cb7f55cdc5b2d4ccbf2c87c3bc6c3b"> 752 ANDROID-23227354 753 </a> 754 </td> 755 <td> 756 757 </td> 758 <td> 759 5.1 760 </td> 761 <td> 762 15 2015. 763 </td> 764 </tr> 765 <tr> 766 <td> 767 CVE-2015-3876 768 </td> 769 <td> 770 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c580c836c1941fb4912e1dd4e08626caf98a62c7"> 771 ANDROID-23285192 772 </a> 773 </td> 774 <td> 775 776 </td> 777 <td> 778 5.1 779 </td> 780 <td> 781 15 2015. 782 </td> 783 </tr> 784 <tr> 785 <td> 786 CVE-2015-6598 787 </td> 788 <td> 789 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/ba6093a4c6997b9d36d9700ee8c974941bf82e3a"> 790 ANDROID-23306638 791 </a> 792 </td> 793 <td> 794 795 </td> 796 <td> 797 5.1 798 </td> 799 <td> 800 18 2015. 801 </td> 802 </tr> 803 <tr> 804 <td> 805 CVE-2015-3872 806 </td> 807 <td> 808 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/4d46f6f18f5160b8992ec1e66ef1844212fc7d48"> 809 ANDROID-23346388 810 </a> 811 </td> 812 <td> 813 814 </td> 815 <td> 816 5.1 817 </td> 818 <td> 819 19 2015 820 </td> 821 </tr> 822 <tr> 823 <td> 824 CVE-2015-6599 825 </td> 826 <td> 827 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/af7e33f6043c0be1c0310d675884e3b263ca2438"> 828 ANDROID-23416608 829 </a> 830 </td> 831 <td> 832 833 </td> 834 <td> 835 5.1 836 </td> 837 <td> 838 21 2015. 839 </td> 840 </tr> 841 </tbody> 842 </table> 843 <h3 id="remote_code_execution_vulnerabilities_in_sonivox"> 844 Sonivox 845 </h3> 846 <p> 847 Sonivox 848 849 mediaserver. - 850 . 851 - , , 852 . 853 </p> 854 <table> 855 <tbody> 856 <tr> 857 <th> 858 CVE 859 </th> 860 <th> 861 AOSP 862 </th> 863 <th> 864 865 </th> 866 <th> 867 868 </th> 869 <th> 870 871 </th> 872 </tr> 873 <tr> 874 <td rowspan="3"> 875 CVE-2015-3874 876 </td> 877 <td> 878 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/8cbef48ba6e3d3f844b895f8ca1a1aee74414fff"> 879 ANDROID-23335715 880 </a> 881 </td> 882 <td rowspan="3"> 883 884 </td> 885 <td rowspan="3"> 886 5.1 887 </td> 888 <td rowspan="3"> 889 890 </td> 891 </tr> 892 <tr> 893 <td> 894 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/5d2e7de37d4a28cf25cc5d0c64b3a29c1824dc0a"> 895 ANDROID-23307276 896 </a> 897 [ 898 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/f333a822c38c3d92f40e8f1686348e6a62c291"> 899 2 900 </a> 901 ] 902 </td> 903 </tr> 904 <tr> 905 <td> 906 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/8a9f53ee2c661e8b5b94d6e9fbb8af3baa34310d"> 907 ANDROID-23286323 908 </a> 909 </td> 910 </tr> 911 </tbody> 912 </table> 913 <h3 id="remote_code_execution_vulnerabilities_in_libutils"> 914 libutils 915 </h3> 916 <p> 917 libutils . 918 919 920 , 921 (, mediaserver). 922 </p> 923 <p> 924 API. , 925 MMS- , 926 . 927 - . 928 - , 929 , . 930 </p> 931 <table> 932 <tbody> 933 <tr> 934 <th> 935 CVE 936 </th> 937 <th> 938 AOSP 939 </th> 940 <th> 941 942 </th> 943 <th> 944 945 </th> 946 <th> 947 948 </th> 949 </tr> 950 <tr> 951 <td> 952 CVE-2015-3875 953 </td> 954 <td> 955 <a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/0cc9a6e6e1f8e675c1238e5e05418cabcc699b52"> 956 ANDROID-22952485 957 </a> 958 </td> 959 <td> 960 961 </td> 962 <td> 963 5.1 964 </td> 965 <td> 966 15 2015. 967 </td> 968 </tr> 969 <tr> 970 <td> 971 CVE-2015-6602 972 </td> 973 <td> 974 <a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/e0dce90b0de2b2b7c2baae8035f810a55526effb"> 975 ANDROID-23290056 976 </a> 977 [ 978 <a href="https://android.googlesource.com/platform%2Fsystem%2Fcore/+/5b85b1d40d619c2064d321364f212ebfeb6ba185"> 979 2 980 </a> 981 ] 982 </td> 983 <td> 984 985 </td> 986 <td> 987 5.1 988 </td> 989 <td> 990 15 2015. 991 </td> 992 </tr> 993 </tbody> 994 </table> 995 <h3 id="remote_code_execution_vulnerability_in_skia"> 996 Skia 997 </h3> 998 <p> 999 Skia 1000 1001 . , 1002 (, , 1003 MMS). 1004 </p> 1005 <table> 1006 <tbody> 1007 <tr> 1008 <th> 1009 CVE 1010 </th> 1011 <th> 1012 AOSP 1013 </th> 1014 <th> 1015 1016 </th> 1017 <th> 1018 1019 </th> 1020 <th> 1021 1022 </th> 1023 </tr> 1024 <tr> 1025 <td> 1026 CVE-2015-3877 1027 </td> 1028 <td> 1029 <a href="https://android.googlesource.com/platform%2Fexternal%2Fskia/+/55ad31336a6de7037139820558c5de834797c09e"> 1030 ANDROID-20723696 1031 </a> 1032 </td> 1033 <td> 1034 1035 </td> 1036 <td> 1037 5.1 1038 </td> 1039 <td> 1040 30 2015. 1041 </td> 1042 </tr> 1043 </tbody> 1044 </table> 1045 <h3 id="remote_code_execution_vulnerabilities_in_libflac"> 1046 libFLAC 1047 </h3> 1048 <p> 1049 libFLAC . 1050 1051 . 1052 </p> 1053 <p> 1054 API. , 1055 , 1056 . - 1057 . 1058 - , , . 1059 </p> 1060 <table> 1061 <tbody> 1062 <tr> 1063 <th> 1064 CVE 1065 </th> 1066 <th> 1067 AOSP 1068 </th> 1069 <th> 1070 1071 </th> 1072 <th> 1073 1074 </th> 1075 <th> 1076 1077 </th> 1078 </tr> 1079 <tr> 1080 <td> 1081 CVE-2014-9028 1082 </td> 1083 <td> 1084 <a href="https://android.googlesource.com/platform%2Fexternal%2Fflac/+/fe03f73d86bb415f5d5145f0de091834d89ae3a9"> 1085 ANDROID-18872897 1086 </a> 1087 [ 1088 <a href="https://android.googlesource.com/platform%2Fexternal%2Fflac/+/5859ae22db0a2d16af3e3ca19d582de37daf5eb6"> 1089 2 1090 </a> 1091 ] 1092 </td> 1093 <td> 1094 1095 </td> 1096 <td> 1097 5.1 1098 </td> 1099 <td> 1100 14 2015. 1101 </td> 1102 </tr> 1103 </tbody> 1104 </table> 1105 <p> 1106 </p> 1107 <h3 id="elevation_of_privilege_vulnerability_in_keystore"> 1108 Keystore 1109 </h3> 1110 <p> 1111 Keystore 1112 Keystore API, 1113 . 1114 , , 1115 . 1116 </p> 1117 <table> 1118 <tbody> 1119 <tr> 1120 <th> 1121 CVE 1122 </th> 1123 <th> 1124 AOSP 1125 </th> 1126 <th> 1127 1128 </th> 1129 <th> 1130 1131 </th> 1132 <th> 1133 1134 </th> 1135 </tr> 1136 <tr> 1137 <td> 1138 CVE-2015-3863 1139 </td> 1140 <td> 1141 <a href="https://android.googlesource.com/platform%2Fsystem%2Fsecurity/+/0d5935262dbbcaf2cf6145529ffd71a728ef4609"> 1142 ANDROID-22802399 1143 </a> 1144 </td> 1145 <td> 1146 1147 </td> 1148 <td> 1149 5.1 1150 </td> 1151 <td> 1152 28 2015. 1153 </td> 1154 </tr> 1155 </tbody> 1156 </table> 1157 <h3 id="elevation_of_privilege_vulnerability_in_media_player_framework"> 1158 1159 </h3> 1160 <p> 1161 1162 mediaserver. 1163 , , 1164 . 1165 </p> 1166 <table> 1167 <tbody> 1168 <tr> 1169 <th> 1170 CVE 1171 </th> 1172 <th> 1173 AOSP 1174 </th> 1175 <th> 1176 1177 </th> 1178 <th> 1179 1180 </th> 1181 <th> 1182 1183 </th> 1184 </tr> 1185 <tr> 1186 <td> 1187 CVE-2015-3879 1188 </td> 1189 <td> 1190 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/aa4da6fa7ca2454f0713de0a5a583b5b8160166b"> 1191 ANDROID-23223325 1192 </a> 1193 [2]* 1194 </td> 1195 <td> 1196 1197 </td> 1198 <td> 1199 5.1 1200 </td> 1201 <td> 1202 14 2015. 1203 </td> 1204 </tr> 1205 </tbody> 1206 </table> 1207 <p> 1208 * AOSP. 1209 Nexus, 1210 1211 <a href="https://developers.google.com/android/nexus/drivers"> 1212 1213 </a> 1214 . 1215 </p> 1216 <h3 id="elevation_of_privilege_vulnerability_in_android_runtime"> 1217 Android Runtime 1218 </h3> 1219 <p> 1220 Android Runtime 1221 . 1222 , 1223 , (, 1224 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1225 Signature 1226 </a> 1227 1228 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1229 SignatureOrSystem 1230 </a> 1231 ). 1232 </p> 1233 <table> 1234 <tbody> 1235 <tr> 1236 <th> 1237 CVE 1238 </th> 1239 <th> 1240 AOSP 1241 </th> 1242 <th> 1243 1244 </th> 1245 <th> 1246 1247 </th> 1248 <th> 1249 1250 </th> 1251 </tr> 1252 <tr> 1253 <td> 1254 CVE-2015-3865 1255 </td> 1256 <td> 1257 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/ff8dc21278b19b22ed8dc9f9475850838336d351"> 1258 ANDROID-23050463 1259 </a> 1260 [ 1261 <a href="https://android.googlesource.com/platform%2Fcts/+/3f7334822ba4cc53f81f22f3519093bf4e1d7f89"> 1262 2 1263 </a> 1264 ] 1265 </td> 1266 <td> 1267 1268 </td> 1269 <td> 1270 5.1 1271 </td> 1272 <td> 1273 8 2015. 1274 </td> 1275 </tr> 1276 </tbody> 1277 </table> 1278 <h3 id="elevation_of_privilege_vulnerabilities_in_mediaserver"> 1279 mediaserver 1280 </h3> 1281 <p> 1282 mediaserver , 1283 1284 . , 1285 , . 1286 </p> 1287 <table> 1288 <tbody> 1289 <tr> 1290 <th> 1291 CVE 1292 </th> 1293 <th> 1294 AOSP 1295 </th> 1296 <th> 1297 1298 </th> 1299 <th> 1300 1301 </th> 1302 <th> 1303 1304 </th> 1305 </tr> 1306 <tr> 1307 <td rowspan="3"> 1308 CVE-2015-6596 1309 </td> 1310 <td> 1311 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b97ee930e4f7ed1587b869c92b4aa1dc90b641cc"> 1312 ANDROID-20731946 1313 </a> 1314 </td> 1315 <td rowspan="2"> 1316 1317 </td> 1318 <td rowspan="2"> 1319 5.1 1320 </td> 1321 <td rowspan="2"> 1322 1323 </td> 1324 </tr> 1325 <tr> 1326 <td> 1327 ANDROID-20719651* 1328 </td> 1329 </tr> 1330 <tr> 1331 <td> 1332 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/9ef830c6dbd4f6000b94abee3df14b9e27a38294"> 1333 ANDROID-19573085 1334 </a> 1335 </td> 1336 <td> 1337 1338 </td> 1339 <td> 1340 5.06.0 1341 </td> 1342 <td> 1343 Google 1344 </td> 1345 </tr> 1346 </tbody> 1347 </table> 1348 <p> 1349 * AOSP. 1350 Nexus, 1351 1352 <a href="https://developers.google.com/android/nexus/drivers"> 1353 1354 </a> 1355 . 1356 </p> 1357 <h3 id="elevation_of_privilege_vulnerability_in_secure_element_evaluation_kit"> 1358 SEEK 1359 </h3> 1360 <p> 1361 1362 <a href="http://seek-for-android.github.io/"> 1363 SEEK 1364 </a> 1365 (Secure Element Evaluation Kit, SmartCard API) 1366 , . 1367 , 1368 , (, 1369 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1370 Signature 1371 </a> 1372 1373 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1374 SignatureOrSystem 1375 </a> 1376 ). 1377 </p> 1378 <table> 1379 <tbody> 1380 <tr> 1381 <th> 1382 CVE 1383 </th> 1384 <th> 1385 AOSP 1386 </th> 1387 <th> 1388 1389 </th> 1390 <th> 1391 1392 </th> 1393 <th> 1394 1395 </th> 1396 </tr> 1397 <tr> 1398 <td> 1399 CVE-2015-6606 1400 </td> 1401 <td> 1402 ANDROID-22301786* 1403 </td> 1404 <td> 1405 1406 </td> 1407 <td> 1408 5.1 1409 </td> 1410 <td> 1411 30 2015. 1412 </td> 1413 </tr> 1414 </tbody> 1415 </table> 1416 <p> 1417 * , 1418 <a href="http://seek-for-android.github.io/"> 1419 SEEK for Android 1420 </a> 1421 . 1422 </p> 1423 <h3 id="elevation_of_privilege_vulnerability_in_media_projection"> 1424 Media Projection 1425 </h3> 1426 <p> 1427 Media Projection 1428 , . 1429 ( 1430 ), . 1431 , 1432 . 1433 </p> 1434 <table> 1435 <tbody> 1436 <tr> 1437 <th> 1438 CVE 1439 </th> 1440 <th> 1441 AOSP 1442 </th> 1443 <th> 1444 1445 </th> 1446 <th> 1447 1448 </th> 1449 <th> 1450 1451 </th> 1452 </tr> 1453 <tr> 1454 <td> 1455 CVE-2015-3878 1456 </td> 1457 <td> 1458 <a href="https://android.googlesource.com/platform/frameworks/base/+/b3145760db5d58a107fd1ffd8eeec67d983d45f3"> 1459 ANDROID-23345192 1460 </a> 1461 </td> 1462 <td> 1463 1464 </td> 1465 <td> 1466 5.06.0 1467 </td> 1468 <td> 1469 18 2015. 1470 </td> 1471 </tr> 1472 </tbody> 1473 </table> 1474 <h3 id="elevation_of_privilege_vulnerability_in_bluetooth"> 1475 Bluetooth 1476 </h3> 1477 <p> 1478 Bluetooth SMS. 1479 , 1480 . 1481 </p> 1482 <table> 1483 <tbody> 1484 <tr> 1485 <th> 1486 CVE 1487 </th> 1488 <th> 1489 AOSP 1490 </th> 1491 <th> 1492 1493 </th> 1494 <th> 1495 1496 </th> 1497 <th> 1498 1499 </th> 1500 </tr> 1501 <tr> 1502 <td> 1503 CVE-2015-3847 1504 </td> 1505 <td> 1506 <a href="https://android.googlesource.com/platform%2Fpackages%2Fapps%2FBluetooth/+/19004c751f36aa2b01d3e03d4f761d8897542bd2"> 1507 ANDROID-22343270 1508 </a> 1509 </td> 1510 <td> 1511 1512 </td> 1513 <td> 1514 5.1 1515 </td> 1516 <td> 1517 8 2015. 1518 </td> 1519 </tr> 1520 </tbody> 1521 </table> 1522 <h3 id="elevation_of_privilege_vulnerabilities_in_sqlite"> 1523 SQLite 1524 </h3> 1525 <p> 1526 SQLite . 1527 , 1528 SQL-. 1529 . 1530 </p> 1531 <p> 1532 AOSP 8 2015: 1533 <a href="https://android-review.googlesource.com/#/c/145961/"> 1534 https://android-review.googlesource.com/#/c/145961/ 1535 </a> 1536 . 1537 SQLite 3.8.9. 1538 </p> 1539 <p> 1540 SQLite Android4.4 1541 (SQLite3.7.11), Android5.0 5.1 (SQLite3.8.6). 1542 </p> 1543 <table> 1544 <tbody> 1545 <tr> 1546 <th> 1547 CVE 1548 </th> 1549 <th> 1550 AOSP 1551 </th> 1552 <th> 1553 1554 </th> 1555 <th> 1556 1557 </th> 1558 <th> 1559 1560 </th> 1561 </tr> 1562 <tr> 1563 <td> 1564 CVE-2015-6607 1565 </td> 1566 <td> 1567 <a href="https://android.googlesource.com/platform%2Fexternal%2Fsqlite/+/3fcd43a0f1ef02756029e12af3cb9ba9faa13364"> 1568 ANDROID-20099586 1569 </a> 1570 </td> 1571 <td> 1572 1573 </td> 1574 <td> 1575 5.1 1576 </td> 1577 <td> 1578 7 2015. 1579 <br/> 1580 1581 </td> 1582 </tr> 1583 </tbody> 1584 </table> 1585 <h3 id="denial_of_service_vulnerabilities_in_mediaserver"> 1586 mediaserver 1587 </h3> 1588 <p> 1589 mediaserver , 1590 mediaserver, 1591 . . 1592 </p> 1593 <table> 1594 <tbody> 1595 <tr> 1596 <th> 1597 CVE 1598 </th> 1599 <th> 1600 AOSP 1601 </th> 1602 <th> 1603 1604 </th> 1605 <th> 1606 1607 </th> 1608 <th> 1609 1610 </th> 1611 </tr> 1612 <tr> 1613 <td rowspan="3"> 1614 CVE-2015-6605 1615 </td> 1616 <td> 1617 <a href="https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/36ec928f52271dd1feb4c86b18026564220629e9"> 1618 ANDROID-20915134 1619 </a> 1620 </td> 1621 <td rowspan="2"> 1622 1623 </td> 1624 <td rowspan="2"> 1625 5.1 1626 </td> 1627 <td rowspan="2"> 1628 Google 1629 </td> 1630 </tr> 1631 <tr> 1632 <td> 1633 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3ce293842fed1b3abd2ff0aecd2a0c70a55086ee"> 1634 ANDROID-23142203 1635 </a> 1636 </td> 1637 </tr> 1638 <tr> 1639 <td> 1640 <a href="https://android.googlesource.com/platform%2Fexternal%2Flibhevc/+/2b67e532653b815e2341a0ac0b59d1b0ef82170d"> 1641 ANDROID-22278703 1642 </a> 1643 </td> 1644 <td> 1645 1646 </td> 1647 <td> 1648 5.06.0 1649 </td> 1650 <td> 1651 Google 1652 </td> 1653 </tr> 1654 <tr> 1655 <td> 1656 CVE-2015-3862 1657 </td> 1658 <td> 1659 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f26400c9d01a0e2f71690d5ebc644270f098d590"> 1660 ANDROID-22954006 1661 </a> 1662 </td> 1663 <td> 1664 1665 </td> 1666 <td> 1667 5.1 1668 </td> 1669 <td> 1670 2 2015. 1671 </td> 1672 </tr> 1673 </tbody> 1674 </table> 1675 <h2 id="revisions" style="margin-bottom:0px"> 1676 1677 </h2> 1678 <hr/> 1679 <ul> 1680 <li> 1681 5 2015: . 1682 </li> 1683 <li> 1684 7 2015: AOSP 1685 CVE-2014-9028. 1686 </li> 1687 <li> 1688 12 2015: 1689 CVE-2015-3868, CVE-2015-3869, CVE-2015-3865 CVE-2015-3862. 1690 </li> 1691 </ul> 1692 </div> 1693 <div class="content-footer-sac" itemscope="" itemtype="http://schema.org/SiteNavigationElement"> 1694 <div class="layout-content-col col-9" style="padding-top:4px"> 1695 </div> 1696 <div class="paging-links layout-content-col col-4"> 1697 </div> 1698 </div> 1699 </div> 1700 1701 </body> 1702 </html> 1703
