1 <html devsite> 2 <head> 3 <title> Nexus 2015.</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p> 27 Android 28 Nexus 29 30 Nexus 31 <a href="https://developers.google.com/android/nexus/images"> 32 33 </a> 34 . 35 LMY48Z , 36 Android6.0 1 2015 . 37 <a href="http://source.android.com/security/bulletin/2015-12-01.html#common_questions_and_answers"> 38 39 </a> 40 </p> 41 <p> 42 43 2 2015 . 44 Android Open Source Project (AOSP). 45 </p> 46 <p> 47 48 (, 49 , 50 MMS). 51 </p> 52 <p> 53 . 54 <a href="http://source.android.com/security/bulletin/2015-12-01.html#mitigations"> 55 56 </a> 57 , 58 <a href="http://source.android.com/security/enhancements/index.html"> 59 60 </a> 61 , 62 SafetyNet, Android. 63 . 64 </p> 65 <h2 id="security_vulnerability_summary" style="margin-bottom:0px"> 66 67 </h2> 68 <hr/> 69 <p> 70 , (CVE) 71 . 72 <a href="http://source.android.com/security/overview/updates-resources.html#severity"> 73 74 </a> 75 , 76 , 77 . 78 </p> 79 <table> 80 <tbody> 81 <tr> 82 <th> 83 84 </th> 85 <th> 86 CVE 87 </th> 88 <th> 89 90 </th> 91 </tr> 92 <tr> 93 <td> 94 mediaserver 95 </td> 96 <td> 97 CVE-2015-6616 98 </td> 99 <td> 100 101 </td> 102 </tr> 103 <tr> 104 <td> 105 Skia 106 </td> 107 <td> 108 CVE-2015-6617 109 </td> 110 <td> 111 112 </td> 113 </tr> 114 <tr> 115 <td> 116 117 </td> 118 <td> 119 CVE-2015-6619 120 </td> 121 <td> 122 123 </td> 124 </tr> 125 <tr> 126 <td> 127 128 </td> 129 <td> 130 CVE-2015-6633 131 <br/> 132 CVE-2015-6634 133 </td> 134 <td> 135 136 </td> 137 </tr> 138 <tr> 139 <td> 140 Bluetooth 141 </td> 142 <td> 143 CVE-2015-6618 144 </td> 145 <td> 146 147 </td> 148 </tr> 149 <tr> 150 <td> 151 libstagefright 152 </td> 153 <td> 154 CVE-2015-6620 155 </td> 156 <td> 157 158 </td> 159 </tr> 160 <tr> 161 <td> 162 SystemUI 163 </td> 164 <td> 165 CVE-2015-6621 166 </td> 167 <td> 168 169 </td> 170 </tr> 171 <tr> 172 <td> 173 Android 174 </td> 175 <td> 176 CVE-2015-6622 177 </td> 178 <td> 179 180 </td> 181 </tr> 182 <tr> 183 <td> 184 Wi-Fi 185 </td> 186 <td> 187 CVE-2015-6623 188 </td> 189 <td> 190 191 </td> 192 </tr> 193 <tr> 194 <td> 195 SystemServer 196 </td> 197 <td> 198 CVE-2015-6624 199 </td> 200 <td> 201 202 </td> 203 </tr> 204 <tr> 205 <td> 206 libstagefright 207 </td> 208 <td> 209 CVE-2015-6626 210 <br/> 211 CVE-2015-6631 212 <br/> 213 CVE-2015-6632 214 </td> 215 <td> 216 217 </td> 218 </tr> 219 <tr> 220 <td> 221 Audio 222 </td> 223 <td> 224 CVE-2015-6627 225 </td> 226 <td> 227 228 </td> 229 </tr> 230 <tr> 231 <td> 232 Media Framework 233 </td> 234 <td> 235 CVE-2015-6628 236 </td> 237 <td> 238 239 </td> 240 </tr> 241 <tr> 242 <td> 243 Wi-Fi 244 </td> 245 <td> 246 CVE-2015-6629 247 </td> 248 <td> 249 250 </td> 251 </tr> 252 <tr> 253 <td> 254 SystemServer 255 </td> 256 <td> 257 CVE-2015-6625 258 </td> 259 <td> 260 261 </td> 262 </tr> 263 <tr> 264 <td> 265 SystemUI 266 </td> 267 <td> 268 CVE-2015-6630 269 </td> 270 <td> 271 272 </td> 273 </tr> 274 </tbody> 275 </table> 276 <h2 id="mitigations" style="margin-bottom:0px"> 277 278 </h2> 279 <hr/> 280 <p> 281 , 282 <a href="http://source.android.com/security/enhancements/index.html"> 283 284 </a> 285 , 286 SafetyNet, Android. 287 </p> 288 <ul> 289 <li> 290 Android, 291 . 292 </li> 293 <li> 294 , Android, 295 SafetyNet. 296 . Google Play . 297 , 298 , " " . 299 - 300 . , 301 , , 302 . , 303 . 304 </li> 305 <li> 306 Google Hangouts Messenger 307 , mediaserver, . 308 </li> 309 </ul> 310 <h2 id="acknowledgements" style="margin-bottom:0px"> 311 312 </h2> 313 <hr/> 314 <p> 315 , : 316 </p> 317 <ul> 318 <li> 319 , 320 Google Chrome: CVE-2015-6616, CVE-2015-6617, 321 CVE-2015-6623, CVE-2015-6626, CVE-2015-6619, CVE-2015-6633, 322 CVE-2015-6634. 323 </li> 324 <li> 325 ( 326 <a href="https://twitter.com/flanker_hqd"> @flanker_hqd </a> 327 ) 328 <a href="http://k33nteam.org/"> 329 KeenTeam 330 </a> 331 ( 332 <a href="https://twitter.com/k33nteam"> @K33nTeam </a> 333 ): CVE-2015-6620. 334 </li> 335 <li> 336 () ( 337 <a href="https://twitter.com/oldfresher"> @oldfresher </a> 338 , higongguang (a] gmail.com) 339 <a href="http://www.360.cn/"> 340 Qihoo 360 341 Technology Co.Ltd 342 </a> 343 : CVE-2015-6626. 344 </li> 345 <li> 346 ( 347 <a href="https://twitter.com/hanpingchinese"> @hanpingchinese </a> 348 ) EmberMitre Ltd: CVE-2015-6630. 349 </li> 350 <li> 351 ( 352 <a href="https://github.com/michalbednarski"> 353 https://github.com/michalbednarski 354 </a> 355 ): CVE-2015-6621. 356 </li> 357 <li> 358 Google Project Zero: CVE-2015-6616. 359 </li> 360 <li> 361 Trend Micro: CVE-2015-6616, CVE-2015-6628. 362 </li> 363 <li> 364 ( 365 <a href="https://twitter.com/flanker_hqd"> @flanker_hqd </a> 366 ) ( 367 <a href="https://twitter.com/marcograss"> @marcograss </a> 368 ) 369 <a href="http://k33nteam.org/"> 370 KeenTeam 371 </a> 372 ( 373 <a href="https://twitter.com/k33nteam"> @K33nTeam </a> 374 ): CVE-2015-6622. 375 </li> 376 <li> 377 - () : CVE-2015-6627. 378 </li> 379 <li> 380 ( 381 <a href="https://twitter.com/xeroxnir"> @xeroxnir </a> 382 ), 383 , -, : CVE-2015-6631. 384 </li> 385 </ul> 386 <h2 id="security_vulnerability_details" style="margin-bottom:0px"> 387 388 </h2> 389 <hr/> 390 <p> 391 392 <a href="http://source.android.com/security/bulletin/2015-12-01.html#security_vulnerability_summary"> 393 394 </a> 395 : , , CVE, 396 , , , 397 . 398 , 399 AOSP, , 400 . 401 </p> 402 <h3 id="remote_code_execution_vulnerabilities_in_mediaserver"> 403 mediaserver 404 </h3> 405 <p> 406 407 mediaserver, 408 409 mediaserver. 410 </p> 411 <p> 412 . 413 , MMS- 414 , . 415 </p> 416 <p> 417 - 418 mediaserver. - 419 , , . 420 </p> 421 <table> 422 <tbody> 423 <tr> 424 <th> 425 CVE 426 </th> 427 <th> 428 AOSP 429 </th> 430 <th> 431 432 </th> 433 <th> 434 , 435 </th> 436 <th> 437 438 </th> 439 </tr> 440 <tr> 441 <td rowspan="5"> 442 CVE-2015-6616 443 </td> 444 <td> 445 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/257b3bc581bbc65318a4cc2d3c22a07a4429dc1d"> 446 ANDROID-24630158 447 </a> 448 </td> 449 <td> 450 451 </td> 452 <td> 453 6.0 454 </td> 455 <td> 456 Google 457 </td> 458 </tr> 459 <tr> 460 <td> 461 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/0d35dd2068d6422c3c77fb68f248cbabf3d0b10c"> 462 ANDROID-23882800 463 </a> 464 </td> 465 <td> 466 467 </td> 468 <td> 469 6.0 470 </td> 471 <td> 472 Google 473 </td> 474 </tr> 475 <tr> 476 <td> 477 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/dedaca6f04ac9f95fabe3b64d44cd1a2050f079e"> 478 ANDROID-17769851 479 </a> 480 </td> 481 <td> 482 483 </td> 484 <td> 485 5.1 486 </td> 487 <td> 488 Google 489 </td> 490 </tr> 491 <tr> 492 <td> 493 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5d101298d8b0a78a1dc5bd26dbdada411f4ecd4d"> 494 ANDROID-24441553 495 </a> 496 </td> 497 <td> 498 499 </td> 500 <td> 501 6.0 502 </td> 503 <td> 504 22 2015. 505 </td> 506 </tr> 507 <tr> 508 <td> 509 <a href="https://android.googlesource.com/platform%2Fexternal%2Flibavc/+/2ee0c1bced131ffb06d1b430b08a202cd3a52005"> 510 ANDROID-24157524 511 </a> 512 </td> 513 <td> 514 515 </td> 516 <td> 517 6.0 518 </td> 519 <td> 520 8 2015. 521 </td> 522 </tr> 523 </tbody> 524 </table> 525 <h3 id="remote_code_execution_vulnerability_in_skia"> 526 Skia 527 </h3> 528 <p> 529 Skia 530 531 . , 532 (, , 533 MMS). 534 </p> 535 <table> 536 <tbody> 537 <tr> 538 <th> 539 CVE 540 </th> 541 <th> 542 AOSP 543 </th> 544 <th> 545 546 </th> 547 <th> 548 , 549 </th> 550 <th> 551 552 </th> 553 </tr> 554 <tr> 555 <td> 556 CVE-2015-6617 557 </td> 558 <td> 559 <a href="https://android.googlesource.com/platform%2Fexternal%2Fskia/+/a1d8ac0ac0af44d74fc082838936ec265216ab60"> 560 ANDROID-23648740 561 </a> 562 </td> 563 <td> 564 565 </td> 566 <td> 567 6.0 568 </td> 569 <td> 570 Google 571 </td> 572 </tr> 573 </tbody> 574 </table> 575 <h3 id="elevation_of_privilege_in_kernel"> 576 577 </h3> 578 <p> 579 580 , root-. 581 , - 582 . . 583 </p> 584 <table> 585 <tbody> 586 <tr> 587 <th> 588 CVE 589 </th> 590 <th> 591 AOSP 592 </th> 593 <th> 594 595 </th> 596 <th> 597 , 598 </th> 599 <th> 600 601 </th> 602 </tr> 603 <tr> 604 <td> 605 CVE-2015-6619 606 </td> 607 <td> 608 <a href="https://android.googlesource.com/device%2Fhtc%2Fflounder-kernel/+/25d3e5d71865a7c0324423fad87aaabb70e82ee4"> 609 ANDROID-23520714 610 </a> 611 </td> 612 <td> 613 614 </td> 615 <td> 616 6.0 617 </td> 618 <td> 619 7 2015. 620 </td> 621 </tr> 622 </tbody> 623 </table> 624 <h3 id="remote_code_execution_vulnerabilities_in_display_driver"> 625 626 </h3> 627 <p> 628 . 629 630 , mediaserver 631 . , 632 ( , 633 MMS, 634 ). 635 </p> 636 <table> 637 <tbody> 638 <tr> 639 <th> 640 CVE 641 </th> 642 <th> 643 AOSP 644 </th> 645 <th> 646 647 </th> 648 <th> 649 , 650 </th> 651 <th> 652 653 </th> 654 </tr> 655 <tr> 656 <td> 657 CVE-2015-6633 658 </td> 659 <td> 660 ANDROID-23987307* 661 </td> 662 <td> 663 664 </td> 665 <td> 666 6.0 667 </td> 668 <td> 669 Google 670 </td> 671 </tr> 672 <tr> 673 <td> 674 CVE-2015-6634 675 </td> 676 <td> 677 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/25016fd2865943dec1a6b2b167ef85c772fb90f7"> 678 ANDROID-24163261 679 </a> 680 [ 681 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/0787bc222a016e944f01492c2dd04bd03c1da6af"> 682 2 683 </a> 684 ] [ 685 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/95c2601aab7f27505e8b086fdd1f1dce31091e5d"> 686 3 687 </a> 688 ] [ 689 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/45660529af1f4063a00e84aa2361649e6a9a878c"> 690 4 691 </a> 692 ] 693 </td> 694 <td> 695 696 </td> 697 <td> 698 5.1 699 </td> 700 <td> 701 Google 702 </td> 703 </tr> 704 </tbody> 705 </table> 706 <p> 707 * AOSP. 708 Nexus, 709 710 <a href="https://developers.google.com/android/nexus/drivers"> 711 712 </a> 713 . 714 </p> 715 <h3 id="remote_code_execution_vulnerability_in_bluetooth"> 716 Bluetooth 717 </h3> 718 <p> 719 PAN (, 720 Bluetooth-), 721 , Bluetooth. 722 Bluetooth. 723 , 724 . 725 </p> 726 <p> 727 , , 728 Bluetooth, 729 , 730 . 731 </p> 732 <table> 733 <tbody> 734 <tr> 735 <th> 736 CVE 737 </th> 738 <th> 739 740 </th> 741 <th> 742 743 </th> 744 <th> 745 , 746 </th> 747 <th> 748 749 </th> 750 </tr> 751 <tr> 752 <td> 753 CVE-2015-6618 754 </td> 755 <td> 756 ANDROID-24595992* 757 </td> 758 <td> 759 760 </td> 761 <td> 762 4.4, 5.0, 5.1 763 </td> 764 <td> 765 28 2015. 766 </td> 767 </tr> 768 </tbody> 769 </table> 770 <p> 771 * AOSP. 772 Nexus, 773 774 <a href="https://developers.google.com/android/nexus/drivers"> 775 776 </a> 777 . 778 </p> 779 <h3 id="elevation_of_privilege_vulnerabilities_in_libstagefright"> 780 libstagefright 781 </h3> 782 <p> 783 libstagefright , 784 mediaserver. , 785 , (, 786 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 787 Signature 788 </a> 789 790 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 791 SignatureOrSystem 792 </a> 793 ). 794 </p> 795 <table> 796 <tbody> 797 <tr> 798 <th> 799 CVE 800 </th> 801 <th> 802 AOSP 803 </th> 804 <th> 805 806 </th> 807 <th> 808 , 809 </th> 810 <th> 811 812 </th> 813 </tr> 814 <tr> 815 <td rowspan="2"> 816 CVE-2015-6620 817 </td> 818 <td> 819 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/2b8cd9cbb3e72ffd048ffdd1609fac74f61a22ac"> 820 ANDROID-24123723 821 </a> 822 </td> 823 <td> 824 825 </td> 826 <td> 827 6.0 828 </td> 829 <td> 830 10 2015. 831 </td> 832 </tr> 833 <tr> 834 <td> 835 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/77c185d5499d6174e7a97b3e1512994d3a803151"> 836 ANDROID-24445127 837 </a> 838 </td> 839 <td> 840 841 </td> 842 <td> 843 6.0 844 </td> 845 <td> 846 2 2015. 847 </td> 848 </tr> 849 </tbody> 850 </table> 851 <h3 id="elevation_of_privilege_vulnerability_in_systemui"> 852 SystemUI 853 </h3> 854 <p> 855 SystemUI. 856 "" 857 . , 858 , 859 (, 860 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 861 Signature 862 </a> 863 864 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 865 SignatureOrSystem 866 </a> 867 ). 868 </p> 869 <table> 870 <tbody> 871 <tr> 872 <th> 873 CVE 874 </th> 875 <th> 876 AOSP 877 </th> 878 <th> 879 880 </th> 881 <th> 882 , 883 </th> 884 <th> 885 886 </th> 887 </tr> 888 <tr> 889 <td> 890 CVE-2015-6621 891 </td> 892 <td> 893 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/e70e8ac93807c51240b2cd9afed35bf454ea00b3"> 894 ANDROID-23909438 895 </a> 896 </td> 897 <td> 898 899 </td> 900 <td> 901 5.0, 5.1, 6.0 902 </td> 903 <td> 904 7 2015. 905 </td> 906 </tr> 907 </tbody> 908 </table> 909 <h3 id="information_disclosure_vulnerability_in_native_frameworks_library"> 910 Android 911 </h3> 912 <p> 913 Android , 914 , 915 . , 916 , 917 (, 918 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 919 Signature 920 </a> 921 922 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 923 SignatureOrSystem 924 </a> 925 ). 926 </p> 927 <table> 928 <tbody> 929 <tr> 930 <th> 931 CVE 932 </th> 933 <th> 934 AOSP 935 </th> 936 <th> 937 938 </th> 939 <th> 940 , 941 </th> 942 <th> 943 944 </th> 945 </tr> 946 <tr> 947 <td> 948 CVE-2015-6622 949 </td> 950 <td> 951 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fnative/+/5d17838adef13062717322e79d4db0b9bb6b2395"> 952 ANDROID-23905002 953 </a> 954 </td> 955 <td> 956 957 </td> 958 <td> 959 6.0 960 </td> 961 <td> 962 7 2015. 963 </td> 964 </tr> 965 </tbody> 966 </table> 967 <h3 id="elevation_of_privilege_vulnerability_in_wi-fi"> 968 Wi-Fi 969 </h3> 970 <p> 971 Wi-Fi 972 973 . , 974 , 975 (, 976 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 977 Signature 978 </a> 979 980 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 981 SignatureOrSystem 982 </a> 983 ). 984 </p> 985 <table> 986 <tbody> 987 <tr> 988 <th> 989 CVE 990 </th> 991 <th> 992 AOSP 993 </th> 994 <th> 995 996 </th> 997 <th> 998 , 999 </th> 1000 <th> 1001 1002 </th> 1003 </tr> 1004 <tr> 1005 <td> 1006 CVE-2015-6623 1007 </td> 1008 <td> 1009 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/a15a2ee69156fa6fff09c0dd9b8182cb8fafde1c"> 1010 ANDROID-24872703 1011 </a> 1012 </td> 1013 <td> 1014 1015 </td> 1016 <td> 1017 6.0 1018 </td> 1019 <td> 1020 Google 1021 </td> 1022 </tr> 1023 </tbody> 1024 </table> 1025 <h3 id="elevation_of_privilege_vulnerability_in_system_server"> 1026 SystemServer 1027 </h3> 1028 <p> 1029 SystemServer 1030 . 1031 , , 1032 (, 1033 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1034 Signature 1035 </a> 1036 1037 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1038 SignatureOrSystem 1039 </a> 1040 ). 1041 </p> 1042 <table> 1043 <tbody> 1044 <tr> 1045 <th> 1046 CVE 1047 </th> 1048 <th> 1049 AOSP 1050 </th> 1051 <th> 1052 1053 </th> 1054 <th> 1055 , 1056 </th> 1057 <th> 1058 1059 </th> 1060 </tr> 1061 <tr> 1062 <td> 1063 CVE-2015-6624 1064 </td> 1065 <td> 1066 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f86a441cb5b0dccd3106019e578c3535498e5315"> 1067 ANDROID-23999740 1068 </a> 1069 </td> 1070 <td> 1071 1072 </td> 1073 <td> 1074 6.0 1075 </td> 1076 <td> 1077 Google 1078 </td> 1079 </tr> 1080 </tbody> 1081 </table> 1082 <h3 id="information_disclosure_vulnerabilities_in_libstagefright"> 1083 libstagefright 1084 </h3> 1085 <p> 1086 mediaserver libstagefright 1087 , , 1088 . , 1089 , 1090 (, 1091 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1092 Signature 1093 </a> 1094 1095 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1096 SignatureOrSystem 1097 </a> 1098 ). 1099 </p> 1100 <table> 1101 <tbody> 1102 <tr> 1103 <th> 1104 CVE 1105 </th> 1106 <th> 1107 AOSP 1108 </th> 1109 <th> 1110 1111 </th> 1112 <th> 1113 , 1114 </th> 1115 <th> 1116 1117 </th> 1118 </tr> 1119 <tr> 1120 <td> 1121 CVE-2015-6632 1122 </td> 1123 <td> 1124 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5cae16bdce77b0a3ba590b55637f7d55a2f35402"> 1125 ANDROID-24346430 1126 </a> 1127 </td> 1128 <td> 1129 1130 </td> 1131 <td> 1132 6.0 1133 </td> 1134 <td> 1135 Google 1136 </td> 1137 </tr> 1138 <tr> 1139 <td> 1140 CVE-2015-6626 1141 </td> 1142 <td> 1143 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/8dde7269a5356503d2b283234b6cb46d0c3f214e"> 1144 ANDROID-24310423 1145 </a> 1146 </td> 1147 <td> 1148 1149 </td> 1150 <td> 1151 6.0 1152 </td> 1153 <td> 1154 2 2015. 1155 </td> 1156 </tr> 1157 <tr> 1158 <td> 1159 CVE-2015-6631 1160 </td> 1161 <td> 1162 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7ed8d1eff9b292b3c65a875b13a549e29654534b"> 1163 ANDROID-24623447 1164 </a> 1165 </td> 1166 <td> 1167 1168 </td> 1169 <td> 1170 6.0 1171 </td> 1172 <td> 1173 21 2015. 1174 </td> 1175 </tr> 1176 </tbody> 1177 </table> 1178 <h3 id="information_disclosure_vulnerability_in_audio"> 1179 Audio 1180 </h3> 1181 <p> 1182 Audio 1183 1184 . 1185 , 1186 , 1187 (, 1188 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1189 Signature 1190 </a> 1191 1192 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1193 SignatureOrSystem 1194 </a> 1195 ). 1196 </p> 1197 <table> 1198 <tbody> 1199 <tr> 1200 <th> 1201 CVE 1202 </th> 1203 <th> 1204 AOSP 1205 </th> 1206 <th> 1207 1208 </th> 1209 <th> 1210 , 1211 </th> 1212 <th> 1213 1214 </th> 1215 </tr> 1216 <tr> 1217 <td> 1218 CVE-2015-6627 1219 </td> 1220 <td> 1221 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/8c987fa71326eb0cc504959a5ebb440410d73180"> 1222 ANDROID-24211743 1223 </a> 1224 </td> 1225 <td> 1226 1227 </td> 1228 <td> 1229 6.0 1230 </td> 1231 <td> 1232 Google 1233 </td> 1234 </tr> 1235 </tbody> 1236 </table> 1237 <h3 id="information_disclosure_vulnerability_in_media_framework"> 1238 Media Framework 1239 </h3> 1240 <p> 1241 mediaserver Media Framework 1242 , , 1243 . 1244 , , 1245 (, 1246 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1247 Signature 1248 </a> 1249 1250 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1251 SignatureOrSystem 1252 </a> 1253 ). 1254 </p> 1255 <table> 1256 <tbody> 1257 <tr> 1258 <th> 1259 CVE 1260 </th> 1261 <th> 1262 AOSP 1263 </th> 1264 <th> 1265 1266 </th> 1267 <th> 1268 , 1269 </th> 1270 <th> 1271 1272 </th> 1273 </tr> 1274 <tr> 1275 <td> 1276 CVE-2015-6628 1277 </td> 1278 <td> 1279 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5e7e87a383fdb1fece977097a7e3cc51b296f3a0"> 1280 ANDROID-24074485 1281 </a> 1282 </td> 1283 <td> 1284 1285 </td> 1286 <td> 1287 6.0 1288 </td> 1289 <td> 1290 8 2015. 1291 </td> 1292 </tr> 1293 </tbody> 1294 </table> 1295 <h3 id="information_disclosure_vulnerability_in_wi-fi"> 1296 Wi-Fi 1297 </h3> 1298 <p> 1299 Wi-Fi 1300 . 1301 , , 1302 (, 1303 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1304 Signature 1305 </a> 1306 1307 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1308 SignatureOrSystem 1309 </a> 1310 ). 1311 </p> 1312 <table> 1313 <tbody> 1314 <tr> 1315 <th> 1316 CVE 1317 </th> 1318 <th> 1319 AOSP 1320 </th> 1321 <th> 1322 1323 </th> 1324 <th> 1325 , 1326 </th> 1327 <th> 1328 1329 </th> 1330 </tr> 1331 <tr> 1332 <td> 1333 CVE-2015-6629 1334 </td> 1335 <td> 1336 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/8b41627f7411306a0c42867fb526fa214f2991cd"> 1337 ANDROID-22667667 1338 </a> 1339 </td> 1340 <td> 1341 1342 </td> 1343 <td> 1344 5.1 5.0 1345 </td> 1346 <td> 1347 Google 1348 </td> 1349 </tr> 1350 </tbody> 1351 </table> 1352 <h3 id="elevation_of_privilege_vulnerability_in_system_server19"> 1353 SystemServer 1354 </h3> 1355 <p> 1356 SystemServer 1357 Wi-Fi. , 1358 1359 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1360 dangerous 1361 </a> 1362 (). 1363 </p> 1364 <table> 1365 <tbody> 1366 <tr> 1367 <th> 1368 CVE 1369 </th> 1370 <th> 1371 AOSP 1372 </th> 1373 <th> 1374 1375 </th> 1376 <th> 1377 , 1378 </th> 1379 <th> 1380 1381 </th> 1382 </tr> 1383 <tr> 1384 <td> 1385 CVE-2015-6625 1386 </td> 1387 <td> 1388 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/29fa7d2ffc3bba55173969309e280328b43eeca1"> 1389 ANDROID-23936840 1390 </a> 1391 </td> 1392 <td> 1393 1394 </td> 1395 <td> 1396 6.0 1397 </td> 1398 <td> 1399 Google 1400 </td> 1401 </tr> 1402 </tbody> 1403 </table> 1404 <h3 id="information_disclosure_vulnerability_in_systemui"> 1405 SystemUI 1406 </h3> 1407 <p> 1408 SystemUI 1409 . , 1410 1411 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1412 dangerous 1413 </a> 1414 (). 1415 </p> 1416 <table> 1417 <tbody> 1418 <tr> 1419 <th> 1420 CVE 1421 </th> 1422 <th> 1423 AOSP 1424 </th> 1425 <th> 1426 1427 </th> 1428 <th> 1429 , 1430 </th> 1431 <th> 1432 1433 </th> 1434 </tr> 1435 <tr> 1436 <td> 1437 CVE-2015-6630 1438 </td> 1439 <td> 1440 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/51c2619c7706575a171cf29819db14e91b815a62"> 1441 ANDROID-19121797 1442 </a> 1443 </td> 1444 <td> 1445 1446 </td> 1447 <td> 1448 5.0, 5.1, 6.0 1449 </td> 1450 <td> 1451 22 2015. 1452 </td> 1453 </tr> 1454 </tbody> 1455 </table> 1456 <h3 id="common_questions_and_answers"> 1457 1458 </h3> 1459 <p> 1460 , 1461 . 1462 </p> 1463 <p> 1464 <strong> 1465 1. , , 1466 ? 1467 </strong> 1468 </p> 1469 <p> 1470 LMY48Z 1471 , Android 6.0 1 2015 1472 . , 1473 , 1474 <a href="https://support.google.com/nexus/answer/4457705"> 1475 Nexus 1476 </a> 1477 . 1478 , , 1479 [ro.build.version.security_patch]:[2015-12-01]. 1480 </p> 1481 <h2 id="revisions" style="margin-bottom:0px"> 1482 1483 </h2> 1484 <hr/> 1485 <ul> 1486 <li> 1487 7 2015. . 1488 </li> 1489 <li> 1490 9 2015. AOSP. 1491 </li> 1492 <li> 1493 22 2015. . 1494 </li> 1495 </ul> 1496 1497 </body> 1498 </html> 1499
