1 <html devsite> 2 <head> 3 <title> Android 2016.</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em> 6 2016. | 8 2016.</em></p> 27 28 <p> 29 Android. 30 Nexus 31 Nexus <a href="https://developers.google.com/android/nexus/images"> </a>. 32 33 1 2016 . , 34 , 35 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> Nexus</a>.</p> 36 37 <p> 2 2016 . Android Open Source Project (AOSP).</p> 38 39 <p> 40 (, 41 , 42 MMS).</p> 43 44 <p> . <a href="#mitigations"> </a> 45 , <a href="/security/enhancements/index.html"> </a> , 46 SafetyNet, Android.</p> 47 48 <p> .</p> 49 50 <h2 id="security_vulnerability_summary"> </h2> 51 52 53 <p> , (CVE) 54 , , Nexus. <a href="/security/overview/updates-resources.html#severity"> </a> , 55 , 56 .</p> 57 <table> 58 <col width="55%"> 59 <col width="20%"> 60 <col width="13%"> 61 <col width="12%"> 62 <tr> 63 <th></th> 64 <th>CVE</th> 65 <th> </th> 66 <th> Nexus?</th> 67 </tr> 68 <tr> 69 <td> mediaserver</td> 70 <td>CVE-2016-2463</td> 71 <td></td> 72 <td></td> 73 </tr> 74 <tr> 75 <td> libwebm</td> 76 <td>CVE-2016-2464</td> 77 <td></td> 78 <td></td> 79 </tr> 80 <tr> 81 <td> Qualcomm</td> 82 <td>CVE-2016-2465</td> 83 <td></td> 84 <td></td> 85 </tr> 86 <tr> 87 <td> Qualcomm</td> 88 <td>CVE-2016-2466<br> 89 CVE-2016-2467</td> 90 <td></td> 91 <td></td> 92 </tr> 93 <tr> 94 <td> Qualcomm </td> 95 <td>CVE-2016-2468<br> 96 CVE-2016-2062</td> 97 <td></td> 98 <td></td> 99 </tr> 100 <tr> 101 <td> Wi-Fi- Qualcomm</td> 102 <td>CVE-2016-2474</td> 103 <td></td> 104 <td></td> 105 </tr> 106 <tr> 107 <td> Wi-Fi- Broadcom</td> 108 <td>CVE-2016-2475</td> 109 <td></td> 110 <td></td> 111 </tr> 112 <tr> 113 <td> Qualcomm</td> 114 <td>CVE-2016-2066<br> 115 CVE-2016-2469</td> 116 <td></td> 117 <td></td> 118 </tr> 119 <tr> 120 <td> mediaserver</td> 121 <td>CVE-2016-2476<br> 122 CVE-2016-2477<br> 123 CVE-2016-2478<br> 124 CVE-2016-2479<br> 125 CVE-2016-2480<br> 126 CVE-2016-2481<br> 127 CVE-2016-2482<br> 128 CVE-2016-2483<br> 129 CVE-2016-2484<br> 130 CVE-2016-2485<br> 131 CVE-2016-2486<br> 132 CVE-2016-2487</td> 133 <td></td> 134 <td></td> 135 </tr> 136 <tr> 137 <td> Qualcomm </td> 138 <td>CVE-2016-2061<br> 139 CVE-2016-2488</td> 140 <td></td> 141 <td></td> 142 </tr> 143 <tr> 144 <td> Qualcomm</td> 145 <td>CVE-2016-2489</td> 146 <td></td> 147 <td></td> 148 </tr> 149 <tr> 150 <td> NVIDIA </td> 151 <td>CVE-2016-2490<br> 152 CVE-2016-2491</td> 153 <td></td> 154 <td></td> 155 </tr> 156 <tr> 157 <td> Wi-Fi- Qualcomm</td> 158 <td>CVE-2016-2470<br> 159 CVE-2016-2471<br> 160 CVE-2016-2472<br> 161 CVE-2016-2473</td> 162 <td></td> 163 <td></td> 164 </tr> 165 <tr> 166 <td> MediaTek</td> 167 <td>CVE-2016-2492</td> 168 <td></td> 169 <td></td> 170 </tr> 171 <tr> 172 <td> SD-</td> 173 <td>CVE-2016-2494</td> 174 <td></td> 175 <td></td> 176 </tr> 177 <tr> 178 <td> Wi-Fi- Broadcom</td> 179 <td>CVE-2016-2493</td> 180 <td></td> 181 <td></td> 182 </tr> 183 <tr> 184 <td> mediaserver</td> 185 <td>CVE-2016-2495</td> 186 <td></td> 187 <td></td> 188 </tr> 189 <tr> 190 <td> Framework</td> 191 <td>CVE-2016-2496</td> 192 <td></td> 193 <td></td> 194 </tr> 195 <tr> 196 <td> Wi-Fi- Qualcomm</td> 197 <td>CVE-2016-2498</td> 198 <td></td> 199 <td></td> 200 </tr> 201 <tr> 202 <td> mediaserver</td> 203 <td>CVE-2016-2499</td> 204 <td></td> 205 <td></td> 206 </tr> 207 <tr> 208 <td> </td> 209 <td>CVE-2016-2500</td> 210 <td></td> 211 <td></td> 212 </tr> 213 </table> 214 215 216 <h2 id="mitigations"> </h2> 217 218 219 <p> , <a href="/security/enhancements/index.html"> </a> , 220 SafetyNet, Android.</p> 221 222 <ul> 223 <li> Android, 224 225 . 226 <li> , Android, 227 <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a>. 228 229 <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf"> </a>. 230 231 <a href="http://www.android.com/gms"> Google</a>. , 232 . 233 Google Play , 234 . 235 , . 236 , , 237 , 238 . , 239 . 240 <li> Google Hangouts Messenger 241 , mediaserver, . 242 </li></li></li></ul> 243 244 <h2 id="acknowledgements"></h2> 245 246 247 <p> , :</p> 248 249 <ul> 250 <li> (<a href="https://twitter.com/returnsme">@returnsme</a>) KeenLab 251 (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-2468 252 <li> <a href="http://bits-please.blogspot.com"> </a> 253 (<a href="https://twitter.com/laginimaineb">@laginimaineb</a>): CVE-2016-2476 254 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) pjf 255 (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) IceSword Lab, Qihoo 360 256 Technology Co. Ltd.: CVE-2016-2492 257 <li> , Mobile Safe Team, Qihoo 360 Technology 258 Co. Ltd.: CVE-2016-2470, CVE-2016-2471, CVE-2016-2472, CVE-2016-2473, 259 CVE-2016-2498 260 <li> <a href="http://www.iwobanas.com"> </a>: CVE-2016-2496 261 <li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) 262 pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) IceSword Lab, 263 Qihoo360 Technology Co. Ltd.: CVE-2016-2490, CVE-2016-2491 264 <li> Google: CVE-2016-2500 265 <li> Google: CVE-2016-2474 266 <li> Google: CVE-2016-2487 267 <li> Google Project Zero: CVE-2016-2494 268 <li> (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), 269 (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 270 <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-2477, CVE-2016-2478, 271 CVE-2016-2479, CVE-2016-2480, CVE-2016-2481, CVE-2016-2482, CVE-2016-2483, CVE-2016-2484, 272 CVE-2016-2485, CVE-2016-2486 273 <li> <a href="mailto:sbauer (a] plzdonthack.me"> </a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): 274 CVE-2016-2066, CVE-2016-2061, CVE-2016-2465, CVE-2016-2469, CVE-2016-2489 275 <li> : CVE-2016-2463 276 <li> (<a href="https://twitter.com/sunblate">@sunblate</a>) Alibaba Inc.: CVE-2016-2495 277 <li> Tencent: CVE-2016-2499 278 <li> (<a href="https://twitter.com/ebeip90">@ebeip90</a>) Android: CVE-2016-2493 279 </li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 280 281 <h2 id="security_vulnerability_details"> </h2> 282 283 284 <p> 285 <a href="#security_vulnerability_summary"> </a> : , , 286 CVE, Android, , 287 Nexus AOSP ( ) 288 . 289 , AOSP, 290 , 291 .</p> 292 293 <h3 id="remote_code_execution_vulnerability_in_mediaserver"> 294 mediaserver</h3> 295 296 297 <p> 298 . 299 - 300 mediaserver. 301 - , , 302 .</p> 303 304 <p> . 305 , MMS- 306 , .</p> 307 <table> 308 <col width="19%"> 309 <col width="16%"> 310 <col width="10%"> 311 <col width="19%"> 312 <col width="18%"> 313 <col width="16%"> 314 <tr> 315 <th>CVE</th> 316 <th> Android</th> 317 <th> </th> 318 <th> Nexus</th> 319 <th> AOSP</th> 320 <th> </th> 321 </tr> 322 <tr> 323 <td>CVE-2016-2463</td> 324 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/2b6f22dc64d456471a1dc6df09d515771d1427c8">27855419</a></td> 325 <td></td> 326 <td><a href="#nexus_devices"> </a></td> 327 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 328 <td>25 2016.</td> 329 </tr> 330 </table> 331 332 333 <h3 id="remote_code_execution_vulnerabilities_in_libwebm"> 334 libwebm</h3> 335 336 337 <p> 338 . 339 - 340 mediaserver. 341 - , , 342 .</p> 343 344 <p> . 345 , MMS- 346 , .</p> 347 <table> 348 <col width="19%"> 349 <col width="16%"> 350 <col width="10%"> 351 <col width="19%"> 352 <col width="18%"> 353 <col width="16%"> 354 <tr> 355 <th>CVE</th> 356 <th> Android</th> 357 <th> </th> 358 <th> Nexus</th> 359 <th> AOSP</th> 360 <th> </th> 361 </tr> 362 <tr> 363 <td>CVE-2016-2464</td> 364 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d">23167726</a> 365 [<a href="https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148">2</a>] 366 </td> 367 <td></td> 368 <td><a href="#nexus_devices"> </a></td> 369 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 370 <td> Google</td> 371 </tr> 372 </table> 373 374 375 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_driver"> 376 Qualcomm</h3> 377 378 379 <p> 380 . , 381 - . , 382 .</p> 383 <table> 384 <col width="19%"> 385 <col width="16%"> 386 <col width="10%"> 387 <col width="27%"> 388 <col width="16%"> 389 <tr> 390 <th>CVE</th> 391 <th> Android</th> 392 <th> </th> 393 <th> Nexus</th> 394 <th> </th> 395 </tr> 396 <tr> 397 <td>CVE-2016-2465</td> 398 <td>27407865*</td> 399 <td></td> 400 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 401 <td>21 2016.</td> 402 </tr> 403 </table> 404 <p> 405 * AOSP. 406 Nexus, 407 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 408 </p> 409 410 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_sound_driver"> 411 Qualcomm</h3> 412 413 <p> 414 . , 415 - . , 416 .</p> 417 418 <table> 419 <col width="19%"> 420 <col width="16%"> 421 <col width="10%"> 422 <col width="27%"> 423 <col width="16%"> 424 <tr> 425 <th>CVE</th> 426 <th> Android</th> 427 <th> </th> 428 <th> Nexus</th> 429 <th> </th> 430 </tr> 431 <tr> 432 <td>CVE-2016-2466</td> 433 <td>27947307*</td> 434 <td></td> 435 <td>Nexus6</td> 436 <td>27 2016.</td> 437 </tr> 438 <tr> 439 <td>CVE-2016-2467</td> 440 <td>28029010*</td> 441 <td></td> 442 <td>Nexus5</td> 443 <td>13 2014.</td> 444 </tr> 445 </table> 446 <p> 447 * AOSP. 448 Nexus, 449 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 450 </p> 451 452 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_gpu_driver"> 453 Qualcomm </h3> 454 455 456 <p> 457 . , 458 - . , 459 .</p> 460 461 <table> 462 <col width="19%"> 463 <col width="16%"> 464 <col width="10%"> 465 <col width="27%"> 466 <col width="16%"> 467 <tr> 468 <th>CVE</th> 469 <th> Android</th> 470 <th> </th> 471 <th> Nexus</th> 472 <th> </th> 473 </tr> 474 <tr> 475 <td>CVE-2016-2468</td> 476 <td>27475454*</td> 477 <td></td> 478 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus7</td> 479 <td>2 2016.</td> 480 </tr> 481 <tr> 482 <td>CVE-2016-2062</td> 483 <td>27364029*</td> 484 <td></td> 485 <td>Nexus5X, Nexus6P</td> 486 <td>6 2016.</td> 487 </tr> 488 </table> 489 <p> 490 * AOSP. 491 Nexus, 492 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 493 </p> 494 495 496 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wi-fi_driver"> 497 Wi-Fi- Qualcomm</h3> 498 499 500 <p> 501 . , 502 - . , 503 .</p> 504 <table> 505 <col width="19%"> 506 <col width="16%"> 507 <col width="10%"> 508 <col width="27%"> 509 <col width="16%"> 510 <tr> 511 <th>CVE</th> 512 <th> Android</th> 513 <th> </th> 514 <th> Nexus</th> 515 <th> </th> 516 </tr> 517 <tr> 518 <td>CVE-2016-2474</td> 519 <td>27424603*</td> 520 <td></td> 521 <td>Nexus5X</td> 522 <td> Google</td> 523 </tr> 524 </table> 525 <p> 526 * AOSP. 527 Nexus, 528 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 529 </p> 530 531 532 <h3 id="elevation_of_privilege_vulnerability_in_broadcom_wi-fi_driver"> 533 Wi-Fi- Broadcom</h3> 534 535 536 <p> 537 538 . , 539 .</p> 540 <table> 541 <col width="19%"> 542 <col width="16%"> 543 <col width="10%"> 544 <col width="27%"> 545 <col width="16%"> 546 <tr> 547 <th>CVE</th> 548 <th> Android</th> 549 <th> </th> 550 <th> Nexus</th> 551 <th> </th> 552 </tr> 553 <tr> 554 <td>CVE-2016-2475</td> 555 <td>26425765*</td> 556 <td></td> 557 <td>Nexus5, Nexus6, Nexus6P, Nexus7 (2013), Nexus9, Nexus Player, PixelC</td> 558 <td>6 2016.</td> 559 </tr> 560 </table> 561 <p> 562 * AOSP. 563 Nexus, 564 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 565 </p> 566 567 568 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_sound_driver"> 569 Qualcomm</h3> 570 571 572 <p> 573 . , 574 , 575 .</p> 576 577 <table> 578 <col width="19%"> 579 <col width="16%"> 580 <col width="10%"> 581 <col width="27%"> 582 <col width="16%"> 583 <tr> 584 <th>CVE</th> 585 <th> Android</th> 586 <th> </th> 587 <th> Nexus</th> 588 <th> </th> 589 </tr> 590 <tr> 591 <td>CVE-2016-2066</td> 592 <td>26876409*</td> 593 <td></td> 594 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 595 <td>29 2016.</td> 596 </tr> 597 <tr> 598 <td>CVE-2016-2469</td> 599 <td>27531992*</td> 600 <td></td> 601 <td>Nexus5, Nexus6, Nexus6P</td> 602 <td>4 2016.</td> 603 </tr> 604 </table> 605 <p> 606 * AOSP. 607 Nexus, 608 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 609 </p> 610 611 612 <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> 613 mediaserver</h3> 614 615 616 <p> 617 618 . , 619 , 620 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 621 622 <table> 623 <col width="19%"> 624 <col width="16%"> 625 <col width="10%"> 626 <col width="19%"> 627 <col width="18%"> 628 <col width="16%"> 629 <tr> 630 <th>CVE</th> 631 <th> Android</th> 632 <th> </th> 633 <th> Nexus</th> 634 <th> AOSP</th> 635 <th> </th> 636 </tr> 637 <tr> 638 <td>CVE-2016-2476</td> 639 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/295c883fe3105b19bcd0f9e07d54c6b589fc5bff">27207275</a> 640 [<a href="https://android.googlesource.com/platform/frameworks/av/+/94d9e646454f6246bf823b6897bd6aea5f08eda3">2</a>] 641 [<a href="https://android.googlesource.com/platform/frameworks/av/+/0bb5ced60304da7f61478ffd359e7ba65d72f181">3</a>] 642 [<a href="https://android.googlesource.com/platform/frameworks/av/+/db829699d3293f254a7387894303451a91278986">4</a>] 643 </td> 644 <td></td> 645 <td><a href="#nexus_devices"> </a></td> 646 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 647 <td>11 2016.</td> 648 </tr> 649 <tr> 650 <td>CVE-2016-2477</td> 651 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0">27251096</a> 652 </td> 653 <td></td> 654 <td><a href="#nexus_devices"> </a></td> 655 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 656 <td>17 2016.</td> 657 </tr> 658 <tr> 659 <td>CVE-2016-2478</td> 660 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0">27475409</a> 661 </td> 662 <td></td> 663 <td><a href="#nexus_devices"> </a></td> 664 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 665 <td>3 2016.</td> 666 </tr> 667 <tr> 668 <td>CVE-2016-2479</td> 669 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/46e305be6e670a5a0041b0b4861122a0f1aabefa">27532282</a> 670 </td> 671 <td></td> 672 <td><a href="#nexus_devices"> </a></td> 673 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 674 <td>6 2016.</td> 675 </tr> 676 <tr> 677 <td>CVE-2016-2480</td> 678 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/560ccdb509a7b86186fac0fce1b25bd9a3e6a6e8">27532721</a> 679 </td> 680 <td></td> 681 <td><a href="#nexus_devices"> </a></td> 682 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 683 <td>6 2016.</td> 684 </tr> 685 <tr> 686 <td>CVE-2016-2481</td> 687 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/89913d7df36dbeb458ce165856bd6505a2ec647d">27532497</a> 688 </td> 689 <td></td> 690 <td><a href="#nexus_devices"> </a></td> 691 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 692 <td>6 2016.</td> 693 </tr> 694 <tr> 695 <td>CVE-2016-2482</td> 696 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/46e305be6e670a5a0041b0b4861122a0f1aabefa">27661749</a> 697 </td> 698 <td></td> 699 <td><a href="#nexus_devices"> </a></td> 700 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 701 <td>14 2016.</td> 702 </tr> 703 <tr> 704 <td>CVE-2016-2483</td> 705 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/89913d7df36dbeb458ce165856bd6505a2ec647d">27662502</a> 706 </td> 707 <td></td> 708 <td><a href="#nexus_devices"> </a></td> 709 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 710 <td>14 2016.</td> 711 </tr> 712 <tr> 713 <td>CVE-2016-2484</td> 714 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7cea5cb64b83d690fe02bc210bbdf08f5a87636f">27793163</a> 715 </td> 716 <td></td> 717 <td><a href="#nexus_devices"> </a></td> 718 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 719 <td>22 2016.</td> 720 </tr> 721 <tr> 722 <td>CVE-2016-2485</td> 723 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7cea5cb64b83d690fe02bc210bbdf08f5a87636f">27793367</a> 724 </td> 725 <td></td> 726 <td><a href="#nexus_devices"> </a></td> 727 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 728 <td>22 2016.</td> 729 </tr> 730 <tr> 731 <td>CVE-2016-2486</td> 732 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/ad40e57890f81a3cf436c5f06da66396010bd9e5">27793371</a> 733 </td> 734 <td></td> 735 <td><a href="#nexus_devices"> </a></td> 736 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 737 <td>22 2016.</td> 738 </tr> 739 <tr> 740 <td>CVE-2016-2487</td> 741 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/918eeaa29d99d257282fafec931b4bda0e3bae12">27833616</a> 742 [<a href="https://android.googlesource.com/platform/frameworks/av/+/d2f47191538837e796e2b10c1ff7e1ee35f6e0ab">2</a>] 743 [<a href="https://android.googlesource.com/platform/frameworks/av/+/4e32001e4196f39ddd0b86686ae0231c8f5ed944">3</a>] 744 </td> 745 <td></td> 746 <td><a href="#nexus_devices"> </a></td> 747 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 748 <td> Google</td> 749 </tr> 750 </table> 751 752 753 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_camera_driver"> 754 Qualcomm </h3> 755 756 757 <p> 758 . , 759 , 760 .</p> 761 <table> 762 <col width="19%"> 763 <col width="16%"> 764 <col width="10%"> 765 <col width="27%"> 766 <col width="16%"> 767 <tr> 768 <th>CVE</th> 769 <th> Android</th> 770 <th> </th> 771 <th> Nexus</th> 772 <th> </th> 773 </tr> 774 <tr> 775 <td>CVE-2016-2061</td> 776 <td>27207747*</td> 777 <td></td> 778 <td>Nexus5X, Nexus6P</td> 779 <td>15 2016.</td> 780 </tr> 781 <tr> 782 <td>CVE-2016-2488</td> 783 <td>27600832*</td> 784 <td></td> 785 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus7 (2013)</td> 786 <td> Google</td> 787 </tr> 788 </table> 789 <p> 790 * AOSP. 791 Nexus, 792 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 793 </p> 794 795 796 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_driver_2"> 797 Qualcomm</h3> 798 799 800 <p> 801 . , 802 , 803 .</p> 804 <table> 805 <col width="19%"> 806 <col width="16%"> 807 <col width="10%"> 808 <col width="27%"> 809 <col width="16%"> 810 <tr> 811 <th>CVE</th> 812 <th> Android</th> 813 <th> </th> 814 <th> Nexus</th> 815 <th> </th> 816 </tr> 817 <tr> 818 <td>CVE-2016-2489</td> 819 <td>27407629*</td> 820 <td></td> 821 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 822 <td>21 2016.</td> 823 </tr> 824 </table> 825 <p> 826 * AOSP. 827 Nexus, 828 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 829 </p> 830 831 832 <h3 id="elevation_of_privilege_vulnerability_in_nvidia_camera_driver"> 833 NVIDIA </h3> 834 835 836 <p> 837 . , 838 , 839 .</p> 840 <table> 841 <col width="19%"> 842 <col width="16%"> 843 <col width="10%"> 844 <col width="27%"> 845 <col width="16%"> 846 <tr> 847 <th>CVE</th> 848 <th> Android</th> 849 <th> </th> 850 <th> Nexus</th> 851 <th> </th> 852 </tr> 853 <tr> 854 <td>CVE-2016-2490</td> 855 <td>27533373*</td> 856 <td></td> 857 <td>Nexus9</td> 858 <td>6 2016.</td> 859 </tr> 860 <tr> 861 <td>CVE-2016-2491</td> 862 <td>27556408*</td> 863 <td></td> 864 <td>Nexus9</td> 865 <td>8 2016.</td> 866 </tr> 867 </table> 868 <p> 869 * AOSP. 870 Nexus, 871 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 872 </p> 873 874 875 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wi-fi_driver_2"> 876 Wi-Fi- Qualcomm</h3> 877 878 879 <p> 880 . , 881 , 882 .</p> 883 884 <table> 885 <col width="19%"> 886 <col width="16%"> 887 <col width="10%"> 888 <col width="27%"> 889 <col width="16%"> 890 <tr> 891 <th>CVE</th> 892 <th> Android</th> 893 <th> </th> 894 <th> Nexus</th> 895 <th> </th> 896 </tr> 897 <tr> 898 <td>CVE-2016-2470</td> 899 <td>27662174*</td> 900 <td></td> 901 <td>Nexus7 (2013)</td> 902 <td>13 2016.</td> 903 </tr> 904 <tr> 905 <td>CVE-2016-2471</td> 906 <td>27773913*</td> 907 <td></td> 908 <td>Nexus7 (2013)</td> 909 <td>19 2016.</td> 910 </tr> 911 <tr> 912 <td>CVE-2016-2472</td> 913 <td>27776888*</td> 914 <td></td> 915 <td>Nexus7 (2013)</td> 916 <td>20 2016.</td> 917 </tr> 918 <tr> 919 <td>CVE-2016-2473</td> 920 <td>27777501*</td> 921 <td></td> 922 <td>Nexus7 (2013)</td> 923 <td>20 2016.</td> 924 </tr> 925 </table> 926 <p> 927 * AOSP. 928 Nexus, 929 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 930 </p> 931 932 933 <h3 id="elevation_of_privilege_vulnerability_in_mediatek_power_management_driver"> 934 MediaTek</h3> 935 936 937 <p> 938 . , 939 940 root- .</p> 941 942 <table> 943 <col width="19%"> 944 <col width="16%"> 945 <col width="10%"> 946 <col width="27%"> 947 <col width="16%"> 948 <tr> 949 <th>CVE</th> 950 <th> Android</th> 951 <th> </th> 952 <th> Nexus</th> 953 <th> </th> 954 </tr> 955 <tr> 956 <td>CVE-2016-2492</td> 957 <td>28085410*</td> 958 <td></td> 959 <td>AndroidOne</td> 960 <td>7 2016.</td> 961 </tr> 962 </table> 963 <p> 964 * AOSP. 965 Nexus, 966 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 967 </p> 968 969 970 <h3 id="elevation_of_privilege_vulnerability_in_sd_card_emulation_layer"> 971 SD-</h3> 972 973 974 <p> 975 . 976 , 977 , 978 (, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> 979 980 <table> 981 <col width="19%"> 982 <col width="16%"> 983 <col width="10%"> 984 <col width="19%"> 985 <col width="18%"> 986 <col width="16%"> 987 <tr> 988 <th>CVE</th> 989 <th> Android</th> 990 <th> </th> 991 <th> Nexus</th> 992 <th> AOSP</th> 993 <th> </th> 994 </tr> 995 <tr> 996 <td>CVE-2016-2494</td> 997 <td><a href="https://android.googlesource.com/platform/system/core/+/864e2e22fcd0cba3f5e67680ccabd0302dfda45d">28085658</a> 998 </td> 999 <td></td> 1000 <td><a href="#nexus_devices"> </a></td> 1001 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1002 <td>7 2016.</td> 1003 </tr> 1004 </table> 1005 1006 1007 <h3 id="elevation_of_privilege_vulnerability_in_broadcom_wi-fi_driver_2"> 1008 Wi-Fi- Broadcom</h3> 1009 1010 1011 <p> 1012 . , 1013 , 1014 .</p> 1015 <table> 1016 <col width="19%"> 1017 <col width="16%"> 1018 <col width="10%"> 1019 <col width="27%"> 1020 <col width="16%"> 1021 <tr> 1022 <th>CVE</th> 1023 <th> Android</th> 1024 <th> </th> 1025 <th> Nexus</th> 1026 <th> </th> 1027 </tr> 1028 <tr> 1029 <td>CVE-2016-2493</td> 1030 <td>26571522*</td> 1031 <td></td> 1032 <td>Nexus5, Nexus6, Nexus6P, Nexus7 (2013), Nexus Player, PixelC</td> 1033 <td> Google</td> 1034 </tr> 1035 </table> 1036 <p> 1037 * AOSP. 1038 Nexus, 1039 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1040 </p> 1041 1042 <h3 id="remote_denial_of_service_vulnerability_in_mediaserver"> 1043 mediaserver</h3> 1044 1045 1046 <p> 1047 . 1048 , 1049 .</p> 1050 <table> 1051 <col width="19%"> 1052 <col width="16%"> 1053 <col width="10%"> 1054 <col width="19%"> 1055 <col width="18%"> 1056 <col width="16%"> 1057 <tr> 1058 <th>CVE</th> 1059 <th> Android</th> 1060 <th> </th> 1061 <th> Nexus</th> 1062 <th> AOSP</th> 1063 <th> </th> 1064 </tr> 1065 <tr> 1066 <td>CVE-2016-2495</td> 1067 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/45737cb776625f17384540523674761e6313e6d4">28076789</a> 1068 [<a href="https://android.googlesource.com/platform/frameworks/av/+/b57b3967b1a42dd505dbe4fcf1e1d810e3ae3777">2</a>] 1069 </td> 1070 <td></td> 1071 <td><a href="#nexus_devices"> </a></td> 1072 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1073 <td>6 2016.</td> 1074 </tr> 1075 </table> 1076 1077 <h3 id="elevation_of_privilege_vulnerability_in_framework_ui"> 1078 Framework</h3> 1079 1080 1081 <p> Framework. 1082 . 1083 , 1084 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">dangerous</a> ().</p> 1085 <table> 1086 <col width="19%"> 1087 <col width="16%"> 1088 <col width="10%"> 1089 <col width="19%"> 1090 <col width="18%"> 1091 <col width="16%"> 1092 <tr> 1093 <th>CVE</th> 1094 <th> Android</th> 1095 <th> </th> 1096 <th> Nexus</th> 1097 <th> AOSP</th> 1098 <th> </th> 1099 </tr> 1100 <tr> 1101 <td>CVE-2016-2496</td> 1102 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/03a53d1c7765eeb3af0bc34c3dff02ada1953fbf">26677796</a> 1103 [<a href="https://android.googlesource.com/platform/frameworks/base/+/613f63b938145bb86cd64fe0752eaf5e99b5f628">2</a>] 1104 [<a href="https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/2068c7997265011ddc5e4dfa3418407881f7f81e">3</a>] 1105 </td> 1106 <td></td> 1107 <td><a href="#nexus_devices"> </a></td> 1108 <td>6.0, 6.1</td> 1109 <td>26 2015.</td> 1110 </tr> 1111 </table> 1112 1113 <h3 id="information_disclosure_vulnerability_in_qualcomm_wi-fi_driver"> 1114 Wi-Fi- Qualcomm</h3> 1115 1116 1117 <p> 1118 . , 1119 , 1120 .</p> 1121 <table> 1122 <col width="19%"> 1123 <col width="16%"> 1124 <col width="10%"> 1125 <col width="27%"> 1126 <col width="16%"> 1127 <tr> 1128 <th>CVE</th> 1129 <th> Android</th> 1130 <th> </th> 1131 <th> Nexus</th> 1132 <th> </th> 1133 </tr> 1134 <tr> 1135 <td>CVE-2016-2498</td> 1136 <td>27777162*</td> 1137 <td></td> 1138 <td>Nexus7 (2013)</td> 1139 <td>20 2016.</td> 1140 </tr> 1141 </table> 1142 <p> 1143 * AOSP. 1144 Nexus, 1145 <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1146 </p> 1147 1148 1149 <h3 id="information_disclosure_vulnerability_in_mediaserver"> 1150 mediaserver</h3> 1151 1152 1153 <p> 1154 . - 1155 .</p> 1156 <table> 1157 <col width="19%"> 1158 <col width="16%"> 1159 <col width="10%"> 1160 <col width="19%"> 1161 <col width="18%"> 1162 <col width="16%"> 1163 <tr> 1164 <th>CVE</th> 1165 <th> Android</th> 1166 <th> </th> 1167 <th> Nexus</th> 1168 <th> AOSP</th> 1169 <th> </th> 1170 </tr> 1171 <tr> 1172 <td>CVE-2016-2499</td> 1173 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/dd3546765710ce8dd49eb23901d90345dec8282f">27855172</a> 1174 </td> 1175 <td></td> 1176 <td><a href="#nexus_devices"> </a></td> 1177 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1178 <td>24 2016.</td> 1179 </tr> 1180 </table> 1181 1182 1183 <h3 id="information_disclosure_vulnerability_in_activity_manager"> 1184 </h3> 1185 1186 1187 <p> 1188 . - 1189 .</p> 1190 <table> 1191 <col width="19%"> 1192 <col width="16%"> 1193 <col width="10%"> 1194 <col width="19%"> 1195 <col width="18%"> 1196 <col width="16%"> 1197 <tr> 1198 <th>CVE</th> 1199 <th> Android</th> 1200 <th> </th> 1201 <th> Nexus</th> 1202 <th> AOSP</th> 1203 <th> </th> 1204 </tr> 1205 <tr> 1206 <td>CVE-2016-2500</td> 1207 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/9878bb99b77c3681f0fda116e2964bac26f349c3">19285814</a> 1208 </td> 1209 <td></td> 1210 <td><a href="#nexus_devices"> </a></td> 1211 <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> 1212 <td> Google</td> 1213 </tr> 1214 </table> 1215 1216 1217 <h2 id="common_questions_and_answers"> </h2> 1218 1219 1220 <p> , 1221 .</p> 1222 1223 <p><strong>1. , , ?</strong></p> 1224 1225 <p> 1 2016 1226 . , 1227 , <a href="https://support.google.com/nexus/answer/4457705"> Nexus</a>. 1228 , , 1229 [ro.build.version.security_patch]:[2016-06-01].</p> 1230 1231 <p id="nexus_devices"><strong>2. , Nexus ?</strong></p> 1232 1233 <p> <a href="#security_vulnerability_summary"> </a> " 1234 Nexus". , .</p> 1235 1236 <ul> 1237 <li> <strong> .</strong> <em></em> 1238 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> Nexus</a>: Nexus5, Nexus5X, Nexus6, 1239 Nexus6P, Nexus7 (2013), Nexus9, AndroidOne, Nexus Player 1240 PixelC.</li> 1241 <li> <strong> .</strong> <em></em> , 1242 .</li> 1243 <li> <strong>.</strong> Nexus.<em></em></li> 1244 </ul> 1245 1246 <h2 id="revisions"></h2> 1247 1248 1249 <ul> 1250 <li> 6 2016. .</li> 1251 <li>7 2016. 1252 <ul> 1253 <li> AOSP. 1254 <li> CVE-2016-2496 . 1255 </li></li></ul> 1256 </li> 1257 <li>8 2016. CVE-2016-2496 .</li> 1258 </ul> 1259 1260 </body> 1261 </html> 1262
