1 <html devsite> 2 <head> 3 <title> Nexus 2016.</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 27 28 <p><em> 4 2016. | 6 2016.</em></p> 29 <p> Android 30 Nexus 31 32 Nexus <a href="https://developers.google.com/android/nexus/images"> </a>. 33 34 2 2016 . 35 , , 36 <a href="https://support.google.com/nexus/answer/4457705"> Nexus</a>.</p> 37 <p> 16 2016 . 38 39 Android Open Source Project (AOSP).</p> 40 <p> 41 (, 42 , 43 MMS).</p> 44 <p> - <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 45 <a href="/security/advisory/2016-03-18.html"> Android 18 2016.</a> 46 <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805"></a>. 47 . 48 <a href="#mitigations"> </a> , <a href="/security/enhancements/index.html"> </a> 49 , SafetyNet, 50 Android.</p> 51 <h2 id="security_vulnerability_summary"> </h2> 52 <p> , (CVE) 53 . <a href="/security/overview/updates-resources.html#severity"></a> , 54 , 55 .</p> 56 <table> 57 <tr> 58 <th></th> 59 <th>CVE</th> 60 <th> </th> 61 </tr> 62 <tr> 63 <td> dhcpcd</td> 64 <td>CVE-2016-1503<br/> 65 CVE-2014-6060</td> 66 <td></td> 67 </tr> 68 <tr> 69 <td> </td> 70 <td>CVE-2016-0834</td> 71 <td></td> 72 </tr> 73 <tr> 74 <td> mediaserver</td> 75 <td>CVE-2016-0835<br/> 76 CVE-2016-0836<br/> 77 CVE-2016-0837<br/> 78 CVE-2016-0838<br/> 79 CVE-2016-0839<br/> 80 CVE-2016-0840<br/> 81 CVE-2016-0841</td> 82 <td></td> 83 </tr> 84 <tr> 85 <td> libstagefright</td> 86 <td>CVE-2016-0842</td> 87 <td></td> 88 </tr> 89 <tr> 90 <td> </td> 91 <td>CVE-2015-1805</td> 92 <td></td> 93 </tr> 94 <tr> 95 <td> <br/> 96 Qualcomm</td> 97 <td>CVE-2016-0843</td> 98 <td></td> 99 </tr> 100 <tr> 101 <td> RF- Qualcomm</td> 102 <td>CVE-2016-0844</td> 103 <td></td> 104 </tr> 105 <tr> 106 <td> </td> 107 <td>CVE-2014-9322</td> 108 <td></td> 109 </tr> 110 <tr> 111 <td> IMemory Native Interface</td> 112 <td>CVE-2016-0846</td> 113 <td></td> 114 </tr> 115 <tr> 116 <td> Telecom</td> 117 <td>CVE-2016-0847</td> 118 <td></td> 119 </tr> 120 <tr> 121 <td> </td> 122 <td>CVE-2016-0848</td> 123 <td></td> 124 </tr> 125 <tr> 126 <td> </td> 127 <td>CVE-2016-0849</td> 128 <td></td> 129 </tr> 130 <tr> 131 <td> Bluetooth</td> 132 <td>CVE-2016-0850</td> 133 <td></td> 134 </tr> 135 <tr> 136 <td> Texas Instruments</td> 137 <td>CVE-2016-2409</td> 138 <td></td> 139 </tr> 140 <tr> 141 <td> Qualcomm</td> 142 <td>CVE-2016-2410</td> 143 <td></td> 144 </tr> 145 <tr> 146 <td> <br/> 147 Qualcomm</td> 148 <td>CVE-2016-2411</td> 149 <td></td> 150 </tr> 151 <tr> 152 <td> system_server</td> 153 <td>CVE-2016-2412</td> 154 <td></td> 155 </tr> 156 <tr> 157 <td> mediaserver</td> 158 <td>CVE-2016-2413</td> 159 <td></td> 160 </tr> 161 <tr> 162 <td> Minikin</td> 163 <td>CVE-2016-2414</td> 164 <td></td> 165 </tr> 166 <tr> 167 <td> Exchange ActiveSync</td> 168 <td>CVE-2016-2415</td> 169 <td></td> 170 </tr> 171 <tr> 172 <td> mediaserver</td> 173 <td>CVE-2016-2416<br/> 174 CVE-2016-2417<br/> 175 CVE-2016-2418<br/> 176 CVE-2016-2419</td> 177 <td></td> 178 </tr> 179 <tr> 180 <td> Debuggerd</td> 181 <td>CVE-2016-2420</td> 182 <td></td> 183 </tr> 184 <tr> 185 <td> </td> 186 <td>CVE-2016-2421</td> 187 <td></td> 188 </tr> 189 <tr> 190 <td> Wi-Fi</td> 191 <td>CVE-2016-2422</td> 192 <td></td> 193 </tr> 194 <tr> 195 <td> </td> 196 <td>CVE-2016-2423</td> 197 <td></td> 198 </tr> 199 <tr> 200 <td> SyncStorageEngine</td> 201 <td>CVE-2016-2424</td> 202 <td></td> 203 </tr> 204 <tr> 205 <td> AOSP</td> 206 <td>CVE-2016-2425</td> 207 <td></td> 208 </tr> 209 <tr> 210 <td> Framework</td> 211 <td>CVE-2016-2426</td> 212 <td></td> 213 </tr> 214 <tr> 215 <td> Bouncy Castle</td> 216 <td>CVE-2016-2427</td> 217 <td></td> 218 </tr> 219 </table> 220 <h2 id="mitigations"> </h2> 221 <p> , <a href="/security/enhancements/index.html"> </a> , 222 SafetyNet, Android.</p> 223 <ul> 224 <li> Android, 225 . 226 </li><li> , Android, 227 SafetyNet. 228 229 . Google Play 230 . , 231 , " " 232 . 233 -. , 234 , , 235 . , 236 . 237 </li><li> Google Hangouts Messenger 238 , mediaserver, . 239 </li></ul> 240 <h2 id="acknowledgements"></h2> 241 <p> , :</p> 242 <ul> 243 <li> , 244 Google Chrome: CVE-2016-0834, CVE-2016-0841, CVE-2016-0840, CVE-2016-0839, CVE-2016-0838 245 </li><li> (<a href="https://twitter.com/anestisb">@anestisb</a>) 246 CENSUS S.A.: CVE-2016-0842, CVE-2016-0836, CVE-2016-0835 247 </li><li> Google Telecom: CVE-2016-0847 248 </li><li> <a href="https://www.ibr.cs.tu-bs.de"> </a>, : CVE-2016-2425 249 </li><li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), 250 <a href="http://weibo.com/jfpan">pjf</a> 251 (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) IceSword Lab, 252 Qihoo 360: CVE-2016-0844 253 </li><li> <a href="mailto:gpiskas (a] gmail.com"> </a> 254 <a href="https://www.epfl.ch"> </a>: CVE-2016-2426 255 </li><li> () (<a href="https://twitter.com/oldfresher">@oldfresher</a>) 256 <a href="http://www.360.com/">Qihoo 360 Technology Co.Ltd</a>: CVE-2016-2412, CVE-2016-2416 257 </li><li> Google Project Zero: CVE-2016-2417, CVE-2016-0846 258 </li><li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), 259 <a href="http://weibo.com/jfpan">pjf</a> 260 (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) IceSword Lab, 261 Qihoo 360: CVE-2016-2410, CVE-2016-2411 262 </li><li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) 263 <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360: CVE-2016-2409 264 </li><li> Vertu Ltd.: CVE-2016-0837 265 </li><li> <a href="mailto:nasim (a] zamir.ca"> </a>: CVE-2016-2409 266 </li><li> (<a href="https://twitter.com/iamnion">@iamnion</a>) Qualcomm 267 Product Security Initiative: CVE-2016-2420, CVE-2016-0849 268 </li><li> (<a href="https://twitter.com/heisecode">@heisecode</a>) 269 Trend Micro: CVE-2016-2418, CVE-2016-2413, CVE-2016-2419 270 </li><li> Google : CVE-2016-2427 271 </li><li> : CVE-2016-2415 272 </li><li> (<a href="https://twitter.com/bouuntyyy">@bouuntyyy)</a> 273 <a href="https://labs.mwrinfosecurity.com/">MWR Labs</a>: CVE-2016-0850 274 </li><li> : CVE-2016-2422 275 </li><li> Android: CVE-2016-2424 276 </li><li> (<a href="https://twitter.com/sunblate">@sunblate</a>) 277 Alibaba Inc.: CVE-2016-2414 278 </li><li> (<a href="https://twitter.com/wish_wu">@wish_wu</a>) 279 Trend Micro Inc.: CVE-2016-0843 280 </li><li> <a href="mailto:luc2yj (a] gmail.com"> </a> 281 <a href="mailto:xw7 (a] indiana.edu"> </a> , 282 <a href="mailto:litongxin1991 (a] gmail.com"> </a> 283 <a href="mailto:hanxinhui (a] pku.edu.cn"> </a> : CVE-2016-0848 284 </li></ul> 285 <p> Android , 286 CVE-2015-1805: 287 <a href="mailto:computernik (a] gmail.com">- </a>, 288 <a href="mailto:vancouverdou (a] gmail.com"> </a>, 289 (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 290 <a href="http://c0reteam.org">C0RE Team</a> 291 <a href="https://www.zimperium.com/">Zimperium</a>.</p> 292 <h2 id="security_vulnerability_details"> </h2> 293 <p> <a href="#security_vulnerability_summary"> </a> 294 : , , CVE, 295 , , 296 . 297 , AOSP, 298 , 299 .</p> 300 <h3 id="remote_code_execution_vulnerability_in_dhcpcd"> dhcpcd</h3> 301 <p> DHCP 302 . - 303 . DHCP , 304 .</p> 305 <table> 306 <tr> 307 <th>CVE</th> 308 <th> AOSP</th> 309 <th> </th> 310 <th>, </th> 311 <th> </th> 312 </tr> 313 <tr> 314 <td>CVE-2014-6060</td> 315 <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> 316 ANDROID-15268738</a></td> 317 <td></td> 318 <td>4.4.4</td> 319 <td>30 2014.</td> 320 </tr> 321 <tr> 322 <td>CVE-2014-6060</td> 323 <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> 324 ANDROID-16677003</a></td> 325 <td></td> 326 <td>4.4.4</td> 327 <td>30 2014.</td> 328 </tr> 329 <tr> 330 <td>CVE-2016-1503</td> 331 <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> 332 ANDROID-26461634</a></td> 333 <td></td> 334 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 335 <td>4 2016.</td> 336 </tr> 337 </table> 338 <h3 id="remote_code_execution_vulnerability_in_media_codec"> </h3> 339 <p> 340 mediaserver, 341 342 mediaserver.</p> 343 <p> . 344 , MMS- 345 , .</p> 346 <p> - 347 mediaserver. - 348 , , .</p> 349 <table> 350 <tr> 351 <th>CVE</th> 352 <th></th> 353 <th> </th> 354 <th>, </th> 355 <th> </th> 356 </tr> 357 <tr> 358 <td>CVE-2016-0834</td> 359 <td>ANDROID-26220548*</td> 360 <td></td> 361 <td>6.0, 6.0.1</td> 362 <td>16 2015.</td> 363 </tr> 364 </table> 365 <p>* AOSP. 366 Nexus, 367 <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 368 <h3 id="remote_code_execution_vulnerability_in_mediaserver"> mediaserver</h3> 369 <p> 370 mediaserver, 371 mediaserver.</p> 372 <p> . 373 , MMS- 374 , .</p> 375 <p> - 376 mediaserver. - 377 , , .</p> 378 <table> 379 <tr> 380 <th>CVE</th> 381 <th> AOSP</th> 382 <th> </th> 383 <th>, </th> 384 <th> </th> 385 </tr> 386 <tr> 387 <td>CVE-2016-0835</td> 388 <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> 389 ANDROID-26070014</a> 390 [<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>] 391 </td> 392 <td></td> 393 <td>6.0, 6.0.1</td> 394 <td>6 2015.</td> 395 </tr> 396 <tr> 397 <td>CVE-2016-0836</td> 398 <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> 399 ANDROID-25812590</a></td> 400 <td></td> 401 <td>6.0, 6.0.1</td> 402 <td>19 2015.</td> 403 </tr> 404 <tr> 405 <td>CVE-2016-0837</td> 406 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> 407 ANDROID-27208621</a></td> 408 <td></td> 409 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 410 <td>11 2016.</td> 411 </tr> 412 <tr> 413 <td>CVE-2016-0838</td> 414 <td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> 415 ANDROID-26366256</a> 416 [<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> 417 <td></td> 418 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 419 <td> Google</td> 420 </tr> 421 <tr> 422 <td>CVE-2016-0839</td> 423 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> 424 ANDROID-25753245</a></td> 425 <td></td> 426 <td>6.0, 6.0.1</td> 427 <td> Google</td> 428 </tr> 429 <tr> 430 <td>CVE-2016-0840</td> 431 <td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> 432 ANDROID-26399350</a></td> 433 <td></td> 434 <td>6.0, 6.0.1</td> 435 <td> Google</td> 436 </tr> 437 <tr> 438 <td>CVE-2016-0841</td> 439 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> 440 ANDROID-26040840</a></td> 441 <td></td> 442 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 443 <td> Google</td> 444 </tr> 445 </table> 446 <h3 id="remote_code_execution_vulnerability_in_libstagefright"> libstagefright</h3> 447 <p> 448 libstagefright, 449 450 mediaserver.</p> 451 <p> . 452 , MMS- 453 , .</p> 454 <p> - 455 mediaserver. - 456 , , .</p> 457 <table> 458 <tr> 459 <th>CVE</th> 460 <th> AOSP</th> 461 <th> </th> 462 <th>, </th> 463 <th> </th> 464 </tr> 465 <tr> 466 <td>CVE-2016-0842</td> 467 <td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> 468 ANDROID-25818142</a></td> 469 <td></td> 470 <td>6.0, 6.0.1</td> 471 <td>23 2015.</td> 472 </tr> 473 </table> 474 <h3 id="elevation_of_privilege_vulnerability_in_kernel"> </h3> 475 <p> 476 . , - 477 . 478 . 479 <a href="/security/advisory/2016-03-18.html"> Android 18 2016.</a></p> 480 <table> 481 <tr> 482 <th>CVE</th> 483 <th></th> 484 <th> </th> 485 <th>, </th> 486 <th> </th> 487 </tr> 488 <tr> 489 <td>CVE-2015-1805</td> 490 <td>ANDROID-27275324*</td> 491 <td></td> 492 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 493 <td>19 2016.</td> 494 </tr> 495 </table> 496 <p>* AOSP : 497 <a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a> 498 <a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a> 499 <a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a></p> 500 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module"> Qualcomm</h3> 501 <p> 502 ARM- Qualcomm. 503 . 504 , - . 505 .</p> 506 <table> 507 <tr> 508 <th>CVE</th> 509 <th></th> 510 <th> </th> 511 <th>, </th> 512 <th> </th> 513 </tr> 514 <tr> 515 <td>CVE-2016-0843</td> 516 <td>ANDROID-25801197*</td> 517 <td></td> 518 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 519 <td>19 2015.</td> 520 </tr> 521 </table> 522 <p>* AOSP. 523 Nexus, 524 <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 525 <h3 id="elevation_of_privilege_in_qualcomm_rf_component"> RF- Qualcomm</h3> 526 <p> RF- Qualcomm 527 . 528 , - 529 . .</p> 530 <table> 531 <tr> 532 <th>CVE</th> 533 <th></th> 534 <th> </th> 535 <th>, </th> 536 <th> </th> 537 </tr> 538 <tr> 539 <td>CVE-2016-0844</td> 540 <td>ANDROID-26324307*</td> 541 <td></td> 542 <td>6.0, 6.0.1</td> 543 <td>25 2015.</td> 544 </tr> 545 </table> 546 <p>* AOSP, <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa"> Linux</a>.</p> 547 <h3 id="elevation_of_privilege_vulnerability_in_kernel12"> </h3> 548 <p> 549 . , 550 - . 551 .</p> 552 <table> 553 <tr> 554 <th>CVE</th> 555 <th> AOSP</th> 556 <th> </th> 557 <th>, </th> 558 <th> </th> 559 </tr> 560 <tr> 561 <td>CVE-2014-9322</td> 562 <td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> 563 [<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>] 564 [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br/> 565 [<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>] 566 [<a href="">5</a>] 567 [<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>] 568 [<a href="https://android.googlesource.com/kernel/common/+/e068734f9e7344997a61022629b92d142a985ab3">7</a>] 569 [<a href="https://android.googlesource.com/kernel/common/+/fdc6c1052bc7d89a5826904fbb4318677e8442ce">8</a>] 570 [<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>] 571 [<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>] 572 [<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> 573 <td></td> 574 <td>6.0, 6.0.1</td> 575 <td>25 2015.</td> 576 </tr> 577 </table> 578 <h3 id="elevation_of_privilege_in_imemory_native_interface"> 579 IMemory Native Interface</h3> 580 <p> 581 . 582 , 583 , 584 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 585 <table> 586 <tr> 587 <th>CVE</th> 588 <th> AOSP</th> 589 <th> </th> 590 <th>, </th> 591 <th> </th> 592 </tr> 593 <tr> 594 <td>CVE-2016-0846</td> 595 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> 596 ANDROID-26877992</a></td> 597 <td></td> 598 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 599 <td>29 2016.</td> 600 </tr> 601 </table> 602 <h3 id="elevation_of_privilege_vulnerability_in_telecom_component"> 603 Telecom</h3> 604 <p> , 605 . , 606 , 607 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 608 <table> 609 <tr> 610 <th>CVE</th> 611 <th> AOSP</th> 612 <th> </th> 613 <th>, </th> 614 <th> </th> 615 </tr> 616 <tr> 617 <td>CVE-2016-0847</td> 618 <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> 619 ANDROID-26864502</a> 620 [<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>] 621 </td> 622 <td></td> 623 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 624 <td> Google</td> 625 </tr> 626 </table> 627 <h3 id="elevation_of_privilege_vulnerability_in_download_manager"> 628 </h3> 629 <p> . 630 . 631 , , 632 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 633 <table> 634 <tr> 635 <th>CVE</th> 636 <th> AOSP</th> 637 <th> </th> 638 <th>, </th> 639 <th> </th> 640 </tr> 641 <tr> 642 <td>CVE-2016-0848</td> 643 <td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> 644 ANDROID-26211054</a></td> 645 <td></td> 646 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 647 <td>14 2015.</td> 648 </tr> 649 </table> 650 <h3 id="elevation_of_privilege_in_recovery_procedure"> 651 </h3> 652 <p> 653 . 654 , 655 , 656 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 657 <table> 658 <tr> 659 <th>CVE</th> 660 <th> AOSP</th> 661 <th> </th> 662 <th>, </th> 663 <th> </th> 664 </tr> 665 <tr> 666 <td>CVE-2016-0849</td> 667 <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> 668 ANDROID-26960931</a></td> 669 <td></td> 670 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 671 <td>3 2016.</td> 672 </tr> 673 </table> 674 <h3 id="elevation_of_privilege_in_bluetooth"> 675 Bluetooth</h3> 676 <p> Bluetooth. 677 . 678 , 679 -. 680 , , 681 .</p> 682 <table> 683 <tr> 684 <th>CVE</th> 685 <th> AOSP</th> 686 <th> </th> 687 <th>, </th> 688 <th> </th> 689 </tr> 690 <tr> 691 <td>CVE-2016-0850</td> 692 <td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> 693 ANDROID-26551752</a></td> 694 <td></td> 695 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 696 <td>13 2016.</td> 697 </tr> 698 </table> 699 <h3 id="elevation_of_privilege_in_texas_instruments_haptic_driver"> 700 Texas Instruments</h3> 701 <p> 702 . , 703 , 704 , , 705 .</p> 706 <table> 707 <tr> 708 <th>CVE</th> 709 <th></th> 710 <th> </th> 711 <th>, </th> 712 <th> </th> 713 </tr> 714 <tr> 715 <td>CVE-2016-2409</td> 716 <td>ANDROID-25981545*</td> 717 <td></td> 718 <td>6.0, 6.0.1</td> 719 <td>25 2015.</td> 720 </tr> 721 </table> 722 <p>* AOSP. 723 Nexus, 724 <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 725 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_kernel_driver"> 726 Qualcomm</h3> 727 <p> 728 . , 729 , 730 , , .</p> 731 <table> 732 <tr> 733 <th>CVE</th> 734 <th></th> 735 <th> </th> 736 <th>, </th> 737 <th> </th> 738 </tr> 739 <tr> 740 <td>CVE-2016-2410</td> 741 <td>ANDROID-26291677*</td> 742 <td></td> 743 <td>6.0, 6.0.1</td> 744 <td>21 2015.</td> 745 </tr> 746 </table> 747 <p>* AOSP. 748 Nexus, 749 <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 750 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_power_management_component"> 751 Qualcomm</h3> 752 <p> Qualcomm. 753 754 . , 755 , 756 root-, .</p> 757 <table> 758 <tr> 759 <th>CVE</th> 760 <th></th> 761 <th> </th> 762 <th>, </th> 763 <th> </th> 764 </tr> 765 <tr> 766 <td>CVE-2016-2411</td> 767 <td>ANDROID-26866053*</td> 768 <td></td> 769 <td>6.0, 6.0.1</td> 770 <td>28 2016.</td> 771 </tr> 772 </table> 773 <p>* AOSP. 774 Nexus, 775 <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 776 <h3 id="elevation_of_privilege_vulnerability_in_system_server"> 777 system_server</h3> 778 <p> 779 780 . , 781 , 782 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 783 <table> 784 <tr> 785 <th>CVE</th> 786 <th> AOSP</th> 787 <th> </th> 788 <th>, </th> 789 <th> </th> 790 </tr> 791 <tr> 792 <td>CVE-2016-2412</td> 793 <td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> 794 ANDROID-26593930</a></td> 795 <td></td> 796 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 797 <td>15 2016.</td> 798 </tr> 799 </table> 800 <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> 801 mediaserver</h3> 802 <p> 803 804 . , 805 , 806 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 807 <table> 808 <tr> 809 <th>CVE</th> 810 <th> AOSP</th> 811 <th> </th> 812 <th>, </th> 813 <th> </th> 814 </tr> 815 <tr> 816 <td>CVE-2016-2413</td> 817 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> 818 ANDROID-26403627</a></td> 819 <td></td> 820 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 821 <td>5 2016.</td> 822 </tr> 823 </table> 824 <h3 id="denial_of_service_vulnerability_in_minikin"> Minikin</h3> 825 <p> Minikin 826 . 827 , Minikin 828 . , 829 - 830 .</p> 831 <table> 832 <tr> 833 <th>CVE</th> 834 <th> AOSP</th> 835 <th> </th> 836 <th>, </th> 837 <th> </th> 838 </tr> 839 <tr> 840 <td>CVE-2016-2414</td> 841 <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> 842 ANDROID-26413177</a> 843 [<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>] 844 </td> 845 <td></td> 846 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 847 <td>3 2015.</td> 848 </tr> 849 </table> 850 <h3 id="information_disclosure_vulnerability_in_exchange_activesync"> 851 Exchange ActiveSync</h3> 852 <p> 853 . 854 - 855 .</p> 856 <table> 857 <tr> 858 <th>CVE</th> 859 <th> AOSP</th> 860 <th> </th> 861 <th>, </th> 862 <th> </th> 863 </tr> 864 <tr> 865 <td>CVE-2016-2415</td> 866 <td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> 867 ANDROID-26488455</a></td> 868 <td></td> 869 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 870 <td>11 2016.</td> 871 </tr> 872 </table> 873 <h3 id="information_disclosure_vulnerability_in_mediaserver"> mediaserver</h3> 874 <p> , 875 , . 876 , 877 , (, 878 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 879 <table> 880 <tr> 881 <th>CVE</th> 882 <th> AOSP</th> 883 <th> </th> 884 <th>, </th> 885 <th> </th> 886 </tr> 887 <tr> 888 <td>CVE-2016-2416</td> 889 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> 890 ANDROID-27046057</a> 891 [<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>] 892 </td> 893 <td></td> 894 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 895 <td>5 2016.</td> 896 </tr> 897 <tr> 898 <td>CVE-2016-2417</td> 899 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> 900 ANDROID-26914474</a></td> 901 <td></td> 902 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 903 <td>1 2016.</td> 904 </tr> 905 <tr> 906 <td>CVE-2016-2418</td> 907 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> 908 ANDROID-26324358</a></td> 909 <td></td> 910 <td>6.0, 6.0.1</td> 911 <td>24 2015.</td> 912 </tr> 913 <tr> 914 <td>CVE-2016-2419</td> 915 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> 916 ANDROID-26323455</a></td> 917 <td></td> 918 <td>6.0, 6.0.1</td> 919 <td>24 2015.</td> 920 </tr> 921 </table> 922 <h3 id="elevation_of_privilege_vulnerability_in_debuggerd_component"> 923 Debuggerd</h3> 924 <p> Debuggerd 925 . - 926 . . 927 , , 928 Android4.4.4, 929 . Android5.0 SELinux 930 .</p> 931 <table> 932 <tr> 933 <th>CVE</th> 934 <th> AOSP</th> 935 <th> </th> 936 <th>, </th> 937 <th> </th> 938 </tr> 939 <tr> 940 <td>CVE-2016-2420</td> 941 <td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> 942 ANDROID-26403620</a> 943 [<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>] 944 </td> 945 <td></td> 946 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 947 <td>5 2016.</td> 948 </tr> 949 </table> 950 <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard"> 951 </h3> 952 <p> , , 953 . 954 , 955 .</p> 956 <table> 957 <tr> 958 <th>CVE</th> 959 <th></th> 960 <th> </th> 961 <th>, </th> 962 <th> </th> 963 </tr> 964 <tr> 965 <td>CVE-2016-2421</td> 966 <td>ANDROID-26154410*</td> 967 <td></td> 968 <td>5.1.1, 6.0, 6.0.1</td> 969 <td> Google</td> 970 </tr> 971 </table> 972 <p>* AOSP. 973 974 Nexus, 975 <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 976 <h3 id="elevation_of_privilege_in_wi-fi"> Wi-Fi</h3> 977 <p> Wi-Fi 978 979 . , 980 , 981 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 982 <table> 983 <tr> 984 <th>CVE</th> 985 <th> AOSP</th> 986 <th> </th> 987 <th>, </th> 988 <th> </th> 989 </tr> 990 <tr> 991 <td>CVE-2016-2422</td> 992 <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> 993 ANDROID-26324357</a></td> 994 <td></td> 995 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 996 <td>23 2015.</td> 997 </tr> 998 </table> 999 <h3 id="elevation_of_privilege_in_telephony"> </h3> 1000 <p> , , 1001 . 1002 , 1003 .</p> 1004 <table> 1005 <tr> 1006 <th>CVE</th> 1007 <th> AOSP</th> 1008 <th> </th> 1009 <th>, </th> 1010 <th> </th> 1011 </tr> 1012 <tr> 1013 <td>CVE-2016-2423</td> 1014 <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> 1015 ANDROID-26303187</a></td> 1016 <td></td> 1017 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1018 <td> Google</td> 1019 </tr> 1020 </table> 1021 <h3 id="denial_of_service_in_syncstorageengine"> SyncStorageEngine</h3> 1022 <p> 1023 . 1024 , - . 1025 .</p> 1026 <table> 1027 <tr> 1028 <th>CVE</th> 1029 <th> AOSP</th> 1030 <th> </th> 1031 <th>, </th> 1032 <th> </th> 1033 </tr> 1034 <tr> 1035 <td>CVE-2016-2424</td> 1036 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> 1037 ANDROID-26513719</a></td> 1038 <td></td> 1039 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1040 <td> Google</td> 1041 </tr> 1042 </table> 1043 <h3 id="information_disclosure_vulnerability_in_aosp_mail"> AOSP</h3> 1044 <p> 1045 . 1046 , 1047 dangerous ().</p> 1048 <table> 1049 <tr> 1050 <th>CVE</th> 1051 <th> AOSP</th> 1052 <th> </th> 1053 <th>, </th> 1054 <th> </th> 1055 </tr> 1056 <tr> 1057 <td>CVE-2016-2425</td> 1058 <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> 1059 ANDROID-26989185</a></td> 1060 <td></td> 1061 <td>4.4.4, 5.1.1, 6.0, 6.0.1</td> 1062 <td>29 2016.</td> 1063 </tr> 1064 <tr> 1065 <td>CVE-2016-2425</td> 1066 <td>ANDROID-7154234*</td> 1067 <td></td> 1068 <td>5.0.2</td> 1069 <td>29 2016.</td> 1070 </tr> 1071 </table> 1072 <p>* AOSP. 1073 1074 Nexus, 1075 <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1076 <h3 id="information_disclosure_vulnerability_in_framework"> Framework</h3> 1077 <p> Framework 1078 . - 1079 .</p> 1080 <table> 1081 <tr> 1082 <th>CVE</th> 1083 <th> AOSP</th> 1084 <th> </th> 1085 <th>, </th> 1086 <th> </th> 1087 </tr> 1088 <tr> 1089 <td>CVE-2016-2426</td> 1090 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> 1091 ANDROID-26094635</a></td> 1092 <td></td> 1093 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1094 <td>8 2015.</td> 1095 </tr> 1096 </table> 1097 <h3 id="information_disclosure_vulnerability_in_bouncycastle"> Bouncy Castle</h3> 1098 <p> . 1099 , 1100 dangerous (), 1101 .</p> 1102 <table> 1103 <tr> 1104 <th>CVE</th> 1105 <th> AOSP</th> 1106 <th> </th> 1107 <th>, </th> 1108 <th> </th> 1109 </tr> 1110 <tr> 1111 <td>CVE-2016-2427</td> 1112 <td><a href="https://android.googlesource.com/platform/libcore/+/efd369d996fd38c50a50ea0de8f20507253cb6de"> 1113 ANDROID-26234568</a> 1114 [<a href="https://android.googlesource.com/platform/external/bouncycastle/+/b3bddea0f33c0459293c6419569ad151b4a7b44b">2</a>] 1115 </td> 1116 <td></td> 1117 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 1118 <td> Google</td> 1119 </tr> 1120 </table> 1121 <h2 id="common_questions_and_answers"> </h2> 1122 <p> , 1123 .</p> 1124 <p><strong>1. , , ? </strong></p> 1125 <p> 2 2016 1126 . , , 1127 <a href="https://support.google.com/nexus/answer/4457705"> Nexus</a>. , 1128 , 1129 [ro.build.version.security_patch]:[2016-04-02].</p> 1130 <p><strong>2. 2 2016 ?</strong></p> 1131 <p> 1- 1132 . 1133 , , CVE-2015-1805. 1134 <a href="/security/advisory/2016-03-18.html"> Android 1135 18 2016.</a> 2 2016 1136 , CVE-2015-1805, .<a href="/security/advisory/2016-03-18.html"></a></p> 1137 <h2 id="revisions"></h2> 1138 <ul> 1139 <li> 4 2016. . 1140 </li><li> 6 2016. AOSP. 1141 </li></ul> 1142 1143 </body> 1144 </html> 1145
