1 <html devsite> 2 <head> 3 <title> Android 2016.</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 <p><em> 6 2016. | 12 2016.</em> 26 </p> 27 28 <p> 29 30 Android. 31 Nexus 32 Nexus <a href="https://developers.google.com/android/nexus/images"> </a>. , 33 , 6 2016 34 . , , 35 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> </a>. Nexus 36 37 6 2016. 38 </p> 39 40 <p> 41 5 2016 . 42 Android Open Source Project (AOSP). 43 AOSP. 44 </p> 45 46 <p> 47 48 49 (, , 50 MMS). 51 </p> 52 53 <p> 54 . <a href="#mitigations"> </a> 55 , <a href="/security/enhancements/index.html"> </a> , 56 SafetyNet, Android. 57 </p> 58 59 <p> 60 . 61 </p> 62 63 <h2 id="announcements"></h2> 64 <ul> 65 <li> , 66 67 , Android. 68 69 <a href="#common-questions-and-answers"> </a>. 70 <ul> 71 <li><strong>2016-09-01</strong>: , 72 2016-09-01 . 73 <li><strong>2016-09-05</strong>: , 74 2016-09-01 2016-09-05, . 75 <li><strong>2016-09-06</strong>: ( 76 , ), 77 2016-09-01, 2016-09-05 2016-09-06, 78 . 79 <li> Nexus 80 6 2016.</li> 81 </li></li></li></ul> 82 </li> 83 </ul> 84 <h2> </h2> 85 <p> 86 , (CVE) 87 , , Nexus. <a href="/security/overview/updates-resources.html#severity"> </a> , 88 , 89 . 90 </p> 91 92 <h3 id="2016-09-01-summary"> ( 2016-09-01)</h3> 93 <p> 94 1 2016 . 95 </p> 96 97 <table> 98 <col width="55%"> 99 <col width="20%"> 100 <col width="13%"> 101 <col width="12%"> 102 <tr> 103 <th></th> 104 <th>CVE</th> 105 <th> </th> 106 <th> Nexus?</th> 107 </tr> 108 <tr> 109 <td> libutils</td> 110 <td>CVE-2016-3861</td> 111 <td></td> 112 <td></td> 113 </tr> 114 <tr> 115 <td> mediaserver</td> 116 <td>CVE-2016-3862</td> 117 <td></td> 118 <td></td> 119 </tr> 120 <tr> 121 <td> mediamuxer</td> 122 <td>CVE-2016-3863</td> 123 <td></td> 124 <td></td> 125 </tr> 126 <tr> 127 <td> mediaserver</td> 128 <td>CVE-2016-3870, CVE-2016-3871, CVE-2016-3872</td> 129 <td></td> 130 <td></td> 131 </tr> 132 <tr> 133 <td> </td> 134 <td>CVE-2016-3875</td> 135 <td></td> 136 <td>*</td> 137 </tr> 138 <tr> 139 <td> ""</td> 140 <td>CVE-2016-3876</td> 141 <td></td> 142 <td></td> 143 </tr> 144 <tr> 145 <td> mediaserver</td> 146 <td>CVE-2016-3899, CVE-2016-3878, 147 CVE-2016-3879, CVE-2016-3880, CVE-2016-3881</td> 148 <td></td> 149 <td></td> 150 </tr> 151 <tr> 152 <td> </td> 153 <td>CVE-2016-3883</td> 154 <td></td> 155 <td></td> 156 </tr> 157 <tr> 158 <td> </td> 159 <td>CVE-2016-3884</td> 160 <td></td> 161 <td></td> 162 </tr> 163 <tr> 164 <td> Debuggerd</td> 165 <td>CVE-2016-3885</td> 166 <td></td> 167 <td></td> 168 </tr> 169 <tr> 170 <td> " "</td> 171 <td>CVE-2016-3886</td> 172 <td></td> 173 <td></td> 174 </tr> 175 <tr> 176 <td> ""</td> 177 <td>CVE-2016-3887</td> 178 <td></td> 179 <td></td> 180 </tr> 181 <tr> 182 <td> SMS</td> 183 <td>CVE-2016-3888</td> 184 <td></td> 185 <td></td> 186 </tr> 187 <tr> 188 <td> ""</td> 189 <td>CVE-2016-3889</td> 190 <td></td> 191 <td></td> 192 </tr> 193 <tr> 194 <td> Java Debug Wire Protocol</td> 195 <td>CVE-2016-3890</td> 196 <td></td> 197 <td>*</td> 198 </tr> 199 <tr> 200 <td> mediaserver</td> 201 <td>CVE-2016-3895</td> 202 <td></td> 203 <td></td> 204 </tr> 205 <tr> 206 <td> AOSP</td> 207 <td>CVE-2016-3896</td> 208 <td></td> 209 <td>*</td> 210 </tr> 211 <tr> 212 <td> Wi-Fi</td> 213 <td>CVE-2016-3897</td> 214 <td></td> 215 <td>*</td> 216 </tr> 217 <tr> 218 <td> </td> 219 <td>CVE-2016-3898</td> 220 <td></td> 221 <td></td> 222 </tr> 223 </table> 224 <p> 225 * Nexus Android7.0, 226 . 227 </p> 228 229 <h3 id="2016-09-05-summary"> ( 2016-09-05)</h3> 230 <p> 231 5 2016 , 232 2016-09-01, , . 233 </p> 234 235 <table> 236 <col width="55%"> 237 <col width="20%"> 238 <col width="13%"> 239 <col width="12%"> 240 <tr> 241 <th></th> 242 <th>CVE</th> 243 <th> </th> 244 <th> Nexus?</th> 245 </tr> 246 <tr> 247 <td> </td> 248 <td>CVE-2014-9529, CVE-2016-4470</td> 249 <td></td> 250 <td></td> 251 </tr> 252 <tr> 253 <td> </td> 254 <td>CVE-2013-7446</td> 255 <td></td> 256 <td></td> 257 </tr> 258 <tr> 259 <td> </td> 260 <td>CVE-2016-3134</td> 261 <td></td> 262 <td></td> 263 </tr> 264 <tr> 265 <td> USB- </td> 266 <td>CVE-2016-3951</td> 267 <td></td> 268 <td></td> 269 </tr> 270 <tr> 271 <td> </td> 272 <td>CVE-2014-4655</td> 273 <td></td> 274 <td></td> 275 </tr> 276 <tr> 277 <td> ASN.1 </td> 278 <td>CVE-2016-2053</td> 279 <td></td> 280 <td></td> 281 </tr> 282 <tr> 283 <td> Qualcomm</td> 284 <td>CVE-2016-3864</td> 285 <td></td> 286 <td></td> 287 </tr> 288 <tr> 289 <td> Qualcomm</td> 290 <td>CVE-2016-3858</td> 291 <td></td> 292 <td></td> 293 </tr> 294 <tr> 295 <td> </td> 296 <td>CVE-2016-4805</td> 297 <td></td> 298 <td></td> 299 </tr> 300 <tr> 301 <td> Synaptics</td> 302 <td>CVE-2016-3865</td> 303 <td></td> 304 <td></td> 305 </tr> 306 <tr> 307 <td> Qualcomm</td> 308 <td>CVE-2016-3859</td> 309 <td></td> 310 <td></td> 311 </tr> 312 <tr> 313 <td> Qualcomm</td> 314 <td>CVE-2016-3866</td> 315 <td></td> 316 <td></td> 317 </tr> 318 <tr> 319 <td> Qualcomm</td> 320 <td>CVE-2016-3867</td> 321 <td></td> 322 <td></td> 323 </tr> 324 <tr> 325 <td> Qualcomm</td> 326 <td>CVE-2016-3868</td> 327 <td></td> 328 <td></td> 329 </tr> 330 <tr> 331 <td> Wi-Fi- Broadcom</td> 332 <td>CVE-2016-3869</td> 333 <td></td> 334 <td></td> 335 </tr> 336 <tr> 337 <td> eCryptfs</td> 338 <td>CVE-2016-1583</td> 339 <td></td> 340 <td></td> 341 </tr> 342 <tr> 343 <td> NVIDIA</td> 344 <td>CVE-2016-3873</td> 345 <td></td> 346 <td></td> 347 </tr> 348 <tr> 349 <td> Wi-Fi- Qualcomm</td> 350 <td>CVE-2016-3874</td> 351 <td></td> 352 <td></td> 353 </tr> 354 <tr> 355 <td> </td> 356 <td>CVE-2015-1465, CVE-2015-5364</td> 357 <td></td> 358 <td></td> 359 </tr> 360 <tr> 361 <td> ext4</td> 362 <td>CVE-2015-8839</td> 363 <td></td> 364 <td></td> 365 </tr> 366 <tr> 367 <td> SPMI- Qualcomm</td> 368 <td>CVE-2016-3892</td> 369 <td></td> 370 <td></td> 371 </tr> 372 <tr> 373 <td> Qualcomm</td> 374 <td>CVE-2016-3893</td> 375 <td></td> 376 <td></td> 377 </tr> 378 <tr> 379 <td> DMA- Qualcomm</td> 380 <td>CVE-2016-3894</td> 381 <td></td> 382 <td></td> 383 </tr> 384 <tr> 385 <td> </td> 386 <td>CVE-2016-4998</td> 387 <td></td> 388 <td></td> 389 </tr> 390 <tr> 391 <td> </td> 392 <td>CVE-2015-2922</td> 393 <td></td> 394 <td></td> 395 </tr> 396 <tr> 397 <td> Qualcomm</td> 398 <td>CVE-2016-2469</td> 399 <td></td> 400 <td></td> 401 </tr> 402 </table> 403 <h3 id="2016-09-06-summary"> ( 2016-09-06)</h3> 404 <p> 405 6 2016 , 406 2016-09-01 2016-09-05, , . 407 </p> 408 409 <table> 410 <col width="55%"> 411 <col width="20%"> 412 <col width="13%"> 413 <col width="12%"> 414 <tr> 415 <th></th> 416 <th>CVE</th> 417 <th> </th> 418 <th> Nexus?</th> 419 </tr> 420 <tr> 421 <td> </td> 422 <td>CVE-2016-5340</td> 423 <td></td> 424 <td></td> 425 </tr> 426 <tr> 427 <td> Qualcomm</td> 428 <td>CVE-2016-2059</td> 429 <td></td> 430 <td></td> 431 </tr> 432 </table> 433 <h2 id="mitigations"> </h2> 434 <p> 435 , <a href="/security/enhancements/index.html"> </a> 436 , SafetyNet, 437 Android. 438 </p> 439 <ul> 440 <li> 441 Android, 442 .</li> 443 <li>, Android, 444 <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a>. 445 <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_PHA_classifications.pdf"> 446 </a>. 447 <a href="http://www.android.com/gms"> Google</a>. , 448 . 449 Google Play , 450 . 451 , . 452 , , 453 , 454 . , 455 .</li> 456 <li> Google Hangouts Messenger 457 , mediaserver, .</li> 458 </ul> 459 460 <h2 id="acknowledgements"></h2> 461 <p> 462 , : 463 </p> 464 465 466 <ul> 467 <li> : CVE-2016-3897</li> 468 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 469 <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360 470 Technology Co. Ltd.: CVE-2016-3869, CVE-2016-3865, CVE-2016-3866, CVE-2016-3867</li> 471 <li> Security Research Lab, <a href="http://www.cmcm.com">Cheetah 472 Mobile</a>: CVE-2016-3863</li> 473 <li> Google Project Zero: CVE-2016-3885</li> 474 <li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) 475 <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360: CVE-2016-3858</li> 476 <li> (<a href="https://twitter.com/jduck">@jduck</a>): CVE-2016-3861</li> 477 <li> , (CISPA) : CVE-2016-3896</li> 478 <li> Google: CVE-2016-3876</li> 479 <li> Google Project Zero: CVE-2016-3861</li> 480 <li> Android Security: CVE-2016-3888</li> 481 <li> Android Security: CVE-2016-3889</li> 482 <li> (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), 483 (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), 484 <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3895</li> 485 <li> (<a href="https://twitter.com/natecray">@natecray</a>) 486 Tesla Motors Product Security Team: , 487 CVE-2016-2446</li> 488 <li> Google: CVE-2016-3890</li> 489 <li> Google Chrome: CVE-2016-3880</li> 490 <li> , , , Alibaba 491 Mobile Security Group: CVE-2016-3859</li> 492 <li> . (<a href="https://twitter.com/loor_rlv">@loor_rlv</a>) 493 TEAM Lv51: CVE-2016-3886</li> 494 <li> IBM Security X-Force: CVE-2016-3873</li> 495 <li><a href="mailto:sbauer (a] plzdonthack.me"> </a> 496 (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-3893, 497 CVE-2016-3868, CVE-2016-3867</li> 498 <li> (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) 499 TrendMicro: CVE-2016-3894</li> 500 <li> (<a href="https://twitter.com/timstrazz">@timstrazz</a>) 501 SentinelOne/RedNaga: CVE-2016-3862</li> 502 <li>trotmaster (<a href="https://twitter.com/trotmaster99">@trotmaster99</a>): 503 CVE-2016-3883</li> 504 <li> Google: CVE-2016-3887</li> 505 <li> Google: CVE-2016-3881</li> 506 <li> (<a href="https://twitter.com/sunblate">@sunblate</a>) Alibaba Inc.: CVE-2016-3878</li> 507 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, 508 (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), 509 (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 510 <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3870, CVE-2016-3871, 511 CVE-2016-3872</li> 512 <li> (<a href="http://weibo.com/wishlinux"></a>) 513 (<a href="https://twitter.com/wish_wu">@wish_wu</a>) 514 <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/author/wishwu/">Trend 515 Micro Inc</a>.: CVE-2016-3892</li> 516 <li> () (<a href="https://twitter.com/Spid3r_">@Spid3r_</a>) 517 <a href="http://www.alibaba.com/">Alibaba Inc</a>: CVE-2016-3879</li> 518 <li> TCA : 519 CVE-2016-3884</li> 520 <li><a href="http://yurushao.info"> </a> (-): CVE-2016-3898</li> 521 </ul> 522 523 <h2 id="2016-09-01-details"> ( 2016-09-01)</h2> 524 <p> 525 526 <a href="#2016-09-01-summary"> </a> : , 527 CVE, , , 528 Nexus AOSP ( ), 529 . , 530 , (, AOSP), 531 . 532 </p> 533 534 <h3> libutils</h3> 535 <p> 536 537 . 538 - 539 , . 540 </p> 541 542 <table> 543 <col width="18%"> 544 <col width="16%"> 545 <col width="10%"> 546 <col width="19%"> 547 <col width="19%"> 548 <col width="17%"> 549 <tr> 550 <th>CVE</th> 551 <th></th> 552 <th> </th> 553 <th> Nexus</th> 554 <th> AOSP</th> 555 <th> </th> 556 </tr> 557 <tr> 558 <td>CVE-2016-3861</td> 559 <td><a href="https://android.googlesource.com/platform/system/core/+/ecf5fd58a8f50362ce9e8d4245a33d56f29f142b"> 560 A-29250543</a> 561 [<a href="https://android.googlesource.com/platform/frameworks/av/+/3944c65637dfed14a5a895685edfa4bacaf9f76e">2</a>] 562 [<a href="https://android.googlesource.com/platform/frameworks/base/+/866dc26ad4a98cc835d075b627326e7d7e52ffa1">3</a>] 563 [<a href="https://android.googlesource.com/platform/frameworks/native/+/1f4b49e64adf4623eefda503bca61e253597b9bf">4</a>] 564 </td> 565 <td></td> 566 <td> </td> 567 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 568 <td>9 2016.</td> 569 </tr> 570 </table> 571 <h3> mediaserver</h3> 572 <p> 573 574 . - 575 mediaserver. 576 </p> 577 578 <table> 579 <col width="18%"> 580 <col width="18%"> 581 <col width="10%"> 582 <col width="19%"> 583 <col width="17%"> 584 <col width="17%"> 585 <tr> 586 <th>CVE</th> 587 <th></th> 588 <th> </th> 589 <th> Nexus</th> 590 <th> AOSP</th> 591 <th> </th> 592 </tr> 593 <tr> 594 <td>CVE-2016-3862</td> 595 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e739d9ca5469ed30129d0fa228e3d0f2878671ac"> 596 A-29270469</a></td> 597 <td></td> 598 <td> </td> 599 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 600 <td>10 2016.</td> 601 </tr> 602 </table> 603 <h3> mediamuxer</h3> 604 <p> 605 606 . 607 - 608 , . 609 </p> 610 611 <table> 612 <col width="18%"> 613 <col width="16%"> 614 <col width="10%"> 615 <col width="19%"> 616 <col width="19%"> 617 <col width="17%"> 618 <tr> 619 <th>CVE</th> 620 <th></th> 621 <th> </th> 622 <th> Nexus</th> 623 <th> AOSP</th> 624 <th> </th> 625 </tr> 626 <tr> 627 <td>CVE-2016-3863</td> 628 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/119a012b2a9a186655da4bef3ed4ed8dd9b94c26"> 629 A-29161888</a></td> 630 <td></td> 631 <td> </td> 632 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 633 <td>6 2016.</td> 634 </tr> 635 </table> 636 <h3> mediaserver</h3> 637 <p> 638 639 . 640 , , 641 . 642 </p> 643 644 <table> 645 <col width="18%"> 646 <col width="16%"> 647 <col width="10%"> 648 <col width="19%"> 649 <col width="19%"> 650 <col width="17%"> 651 <tr> 652 <th>CVE</th> 653 <th></th> 654 <th> </th> 655 <th> Nexus</th> 656 <th> AOSP</th> 657 <th> </th> 658 </tr> 659 <tr> 660 <td>CVE-2016-3870</td> 661 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1e9801783770917728b7edbdeff3d0ec09c621ac"> 662 A-29421804</a> 663 <td></td> 664 <td> </td> 665 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 666 <td>15 2016.</td> 667 </td></tr> 668 <tr> 669 <td>CVE-2016-3871</td> 670 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c2639afac631f5c1ffddf70ee8a6fe943d0bedf9"> 671 A-29422022</a> 672 [<a href="https://android.googlesource.com/platform/frameworks/av/+/3c4edac2a5b00dec6c8579a0ee658cfb3bb16d94">2</a>] 673 [<a href="https://android.googlesource.com/platform/frameworks/av/+/c17ad2f0c7e00fd1bbf01d0dfed41f72d78267ad">3</a>] 674 </td> 675 <td></td> 676 <td> </td> 677 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 678 <td>15 2016.</td> 679 </tr> 680 <tr> 681 <td>CVE-2016-3872</td> 682 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/630ed150f7201ddadb00b8b8ce0c55c4cc6e8742"> 683 A-29421675</a> 684 [<a href="https://android.googlesource.com/platform/frameworks/av/+/9f9ba255a0c59544f3555c9c45512c3a2fac5fad">2</a>] 685 </td> 686 <td></td> 687 <td> </td> 688 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 689 <td>15 2016.</td> 690 </tr> 691 </table> 692 <h3> </h3> 693 <p> 694 , , 695 , . 696 , 697 698 . 699 </p> 700 701 <table> 702 <col width="18%"> 703 <col width="18%"> 704 <col width="10%"> 705 <col width="19%"> 706 <col width="17%"> 707 <col width="17%"> 708 <tr> 709 <th>CVE</th> 710 <th></th> 711 <th> </th> 712 <th> Nexus</th> 713 <th> AOSP</th> 714 <th> </th> 715 </tr> 716 <tr> 717 <td>CVE-2016-3875</td> 718 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/69729fa8b13cadbf3173fe1f389fe4f3b7bd0f9c"> 719 A-26251884</a></td> 720 <td></td> 721 <td>*</td> 722 <td>6.0, 6.0.1</td> 723 <td> Google</td> 724 </tr> 725 </table> 726 <p> 727 * Nexus Android7.0, 728 . 729 </p> 730 731 <h3> ""</h3> 732 <p> 733 , , 734 , . , 735 736 . 737 </p> 738 739 <table> 740 <col width="18%"> 741 <col width="18%"> 742 <col width="10%"> 743 <col width="19%"> 744 <col width="17%"> 745 <col width="17%"> 746 <tr> 747 <th>CVE</th> 748 <th></th> 749 <th> </th> 750 <th> Nexus</th> 751 <th> AOSP</th> 752 <th> </th> 753 </tr> 754 <tr> 755 <td>CVE-2016-3876</td> 756 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/91fc934bb2e5ea59929bb2f574de6db9b5100745"> 757 A-29900345</a></td> 758 <td></td> 759 <td> </td> 760 <td>6.0, 6.0.1, 7.0</td> 761 <td> Google</td> 762 </tr> 763 </table> 764 <h3> mediaserver</h3> 765 <p> 766 767 . 768 , 769 . 770 </p> 771 772 <table> 773 <col width="18%"> 774 <col width="16%"> 775 <col width="10%"> 776 <col width="19%"> 777 <col width="19%"> 778 <col width="17%"> 779 <tr> 780 <th>CVE</th> 781 <th></th> 782 <th> </th> 783 <th> Nexus</th> 784 <th> AOSP</th> 785 <th> </th> 786 </tr> 787 <tr> 788 <td>CVE-2016-3899</td> 789 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/97837bb6cbac21ea679843a0037779d3834bed64"> 790 A-29421811</a></td> 791 <td></td> 792 <td> </td> 793 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 794 <td>16 2016.</td> 795 </tr> 796 <tr> 797 <td>CVE-2016-3878</td> 798 <td><a href="https://android.googlesource.com/platform/external/libavc/+/7109ce3f8f90a28ca9f0ee6e14f6ac5e414c62cf"> 799 A-29493002</a></td> 800 <td></td> 801 <td> *</td> 802 <td>6.0, 6.0.1</td> 803 <td>17 2016.</td> 804 </tr> 805 <tr> 806 <td>CVE-2016-3879</td> 807 <td><a href="https://android.googlesource.com/platform/external/sonivox/+/cadfb7a3c96d4fef06656cf37143e1b3e62cae86"> 808 A-29770686</a></td> 809 <td></td> 810 <td> *</td> 811 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 812 <td>25 2016.</td> 813 </tr> 814 <tr> 815 <td>CVE-2016-3880</td> 816 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/68f67ef6cf1f41e77337be3bc4bff91f3a3c6324"> 817 A-25747670</a></td> 818 <td></td> 819 <td> </td> 820 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 821 <td> Google</td> 822 </tr> 823 <tr> 824 <td>CVE-2016-3881</td> 825 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/4974dcbd0289a2530df2ee2a25b5f92775df80da"> 826 A-30013856</a></td> 827 <td></td> 828 <td> </td> 829 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 830 <td> Google</td> 831 </tr> 832 </table> 833 <p> 834 * Nexus Android7.0, 835 . 836 </p> 837 838 <h3> </h3> 839 <p> 840 841 SMS. , 842 843 . 844 </p> 845 846 <table> 847 <col width="18%"> 848 <col width="16%"> 849 <col width="10%"> 850 <col width="19%"> 851 <col width="19%"> 852 <col width="17%"> 853 <tr> 854 <th>CVE</th> 855 <th></th> 856 <th> </th> 857 <th> Nexus</th> 858 <th> AOSP</th> 859 <th> </th> 860 </tr> 861 <tr> 862 <td>CVE-2016-3883</td> 863 <td><a href="https://android.googlesource.com/platform/frameworks/opt/telephony/+/b2c89e6f8962dc7aff88cb38aa3ee67d751edda9"> 864 A-28557603</a></td> 865 <td></td> 866 <td> </td> 867 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 868 <td>3 2016.</td> 869 </tr> 870 </table> 871 <h3> NotificationManager</h3> 872 <p> 873 , 874 . 875 , 876 (, , 877 ). 878 </p> 879 880 <table> 881 <col width="18%"> 882 <col width="18%"> 883 <col width="10%"> 884 <col width="19%"> 885 <col width="17%"> 886 <col width="17%"> 887 <tr> 888 <th>CVE</th> 889 <th></th> 890 <th> </th> 891 <th> Nexus</th> 892 <th> AOSP</th> 893 <th> </th> 894 </tr> 895 <tr> 896 <td>CVE-2016-3884</td> 897 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/61e9103b5725965568e46657f4781dd8f2e5b623"> 898 A-29421441</a></td> 899 <td></td> 900 <td> </td> 901 <td>6.0, 6.0.1, 7.0</td> 902 <td>15 2016.</td> 903 </tr> 904 </table> 905 <h3> Debuggerd</h3> 906 <p> 907 908 Android. 909 - . 910 </p> 911 912 <table> 913 <col width="18%"> 914 <col width="18%"> 915 <col width="10%"> 916 <col width="19%"> 917 <col width="17%"> 918 <col width="17%"> 919 <tr> 920 <th>CVE</th> 921 <th></th> 922 <th> </th> 923 <th> Nexus</th> 924 <th> AOSP</th> 925 <th> </th> 926 </tr> 927 <tr> 928 <td>CVE-2016-3885</td> 929 <td><a href="https://android.googlesource.com/platform/system/core/+/d7603583f90c2bc6074a4ee2886bd28082d7c65b"> 930 A-29555636</a></td> 931 <td></td> 932 <td> </td> 933 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 934 <td>21 2016.</td> 935 </tr> 936 </table> 937 <h3> " "</h3> 938 <p> 939 , , , 940 . , 941 942 . 943 </p> 944 945 <table> 946 <col width="18%"> 947 <col width="18%"> 948 <col width="10%"> 949 <col width="19%"> 950 <col width="17%"> 951 <col width="17%"> 952 <tr> 953 <th>CVE</th> 954 <th></th> 955 <th> </th> 956 <th> Nexus</th> 957 <th> AOSP</th> 958 <th> </th> 959 </tr> 960 <tr> 961 <td>CVE-2016-3886</td> 962 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/6ca6cd5a50311d58a1b7bf8fbef3f9aa29eadcd5"> 963 A-30107438</a></td> 964 <td></td> 965 <td> </td> 966 <td>7.0</td> 967 <td>23 2016.</td> 968 </tr> 969 </table> 970 <h3> ""</h3> 971 <p> 972 973 VPN. 974 , 975 . 976 </p> 977 978 <table> 979 <col width="18%"> 980 <col width="17%"> 981 <col width="10%"> 982 <col width="19%"> 983 <col width="17%"> 984 <col width="18%"> 985 <tr> 986 <th>CVE</th> 987 <th></th> 988 <th> </th> 989 <th> Nexus</th> 990 <th> AOSP</th> 991 <th> </th> 992 </tr> 993 <tr> 994 <td>CVE-2016-3887</td> 995 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/335702d106797bce8a88044783fa1fc1d5f751d0"> 996 A-29899712</a></td> 997 <td></td> 998 <td> </td> 999 <td>7.0</td> 1000 <td> Google</td> 1001 </tr> 1002 </table> 1003 <h3> SMS</h3> 1004 <p> 1005 , , 1006 SMS . , 1007 , 1008 . 1009 </p> 1010 1011 <table> 1012 <col width="18%"> 1013 <col width="16%"> 1014 <col width="10%"> 1015 <col width="19%"> 1016 <col width="19%"> 1017 <col width="17%"> 1018 <tr> 1019 <th>CVE</th> 1020 <th></th> 1021 <th> </th> 1022 <th> Nexus</th> 1023 <th> AOSP</th> 1024 <th> </th> 1025 </tr> 1026 <tr> 1027 <td>CVE-2016-3888</td> 1028 <td><a href="https://android.googlesource.com/platform/frameworks/opt/telephony/+/b8d1aee993dcc565e6576b2f2439a8f5a507cff6"> 1029 A-29420123</a></td> 1030 <td></td> 1031 <td> </td> 1032 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1033 <td> Google</td> 1034 </tr> 1035 </table> 1036 <h3> ""</h3> 1037 <p> 1038 , , 1039 . 1040 1041 , 1042 . 1043 </p> 1044 1045 <table> 1046 <col width="18%"> 1047 <col width="17%"> 1048 <col width="10%"> 1049 <col width="19%"> 1050 <col width="17%"> 1051 <col width="18%"> 1052 <tr> 1053 <th>CVE</th> 1054 <th></th> 1055 <th> </th> 1056 <th> Nexus</th> 1057 <th> AOSP</th> 1058 <th> </th> 1059 </tr> 1060 <tr> 1061 <td>CVE-2016-3889</td> 1062 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e206f02d46ae5e38c74d138b51f6e1637e261abe"> 1063 A-29194585</a> 1064 [<a href="https://android.googlesource.com/platform/packages/apps/Settings/+/bd5d5176c74021e8cf4970f93f273ba3023c3d72">2</a>] 1065 </td> 1066 <td></td> 1067 <td> </td> 1068 <td>6.0, 6.0.1, 7.0</td> 1069 <td> Google</td> 1070 </tr> 1071 </table> 1072 <h3> Java Debug Wire Protocol</h3> 1073 <p> 1074 1075 . 1076 , 1077 . 1078 </p> 1079 1080 <table> 1081 <col width="18%"> 1082 <col width="16%"> 1083 <col width="10%"> 1084 <col width="19%"> 1085 <col width="18%"> 1086 <col width="18%"> 1087 <tr> 1088 <th>CVE</th> 1089 <th></th> 1090 <th> </th> 1091 <th> Nexus</th> 1092 <th> AOSP</th> 1093 <th> </th> 1094 </tr> 1095 <tr> 1096 <td>CVE-2016-3890</td> 1097 <td><a href="https://android.googlesource.com/platform/system/core/+/268068f25673242d1d5130d96202d3288c91b700"> 1098 A-28347842</a> 1099 [<a href="https://android.googlesource.com/platform/system/core/+/014b01706cc64dc9c2ad94a96f62e07c058d0b5d">2</a>] 1100 </td> 1101 <td></td> 1102 <td>*</td> 1103 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1104 <td> Google</td> 1105 </tr> 1106 </table> 1107 <p> 1108 * Nexus Android7.0, 1109 . 1110 </p> 1111 1112 <h3> mediaserver</h3> 1113 <p> 1114 1115 . - . 1116 </p> 1117 1118 <table> 1119 <col width="18%"> 1120 <col width="18%"> 1121 <col width="10%"> 1122 <col width="19%"> 1123 <col width="17%"> 1124 <col width="17%"> 1125 <tr> 1126 <th>CVE</th> 1127 <th></th> 1128 <th> </th> 1129 <th> Nexus</th> 1130 <th> AOSP</th> 1131 <th> </th> 1132 </tr> 1133 <tr> 1134 <td>CVE-2016-3895</td> 1135 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/363247929c35104b3e5ee9e637e9dcf579080aee"> 1136 A-29983260</a></td> 1137 <td></td> 1138 <td> </td> 1139 <td>6.0, 6.0.1, 7.0</td> 1140 <td>4 2016.</td> 1141 </tr> 1142 </table> 1143 <h3> AOSP</h3> 1144 <p> 1145 1146 . - 1147 . 1148 </p> 1149 1150 <table> 1151 <col width="18%"> 1152 <col width="16%"> 1153 <col width="10%"> 1154 <col width="19%"> 1155 <col width="19%"> 1156 <col width="17%"> 1157 <tr> 1158 <th>CVE</th> 1159 <th></th> 1160 <th> </th> 1161 <th> Nexus</th> 1162 <th> AOSP</th> 1163 <th> </th> 1164 </tr> 1165 <tr> 1166 <td>CVE-2016-3896</td> 1167 <td><a href="https://android.googlesource.com/platform/packages/apps/Email/+/cb2dfe43f25cb0c32cc73aa4569c0a5186a4ef43"> 1168 A-29767043</a></td> 1169 <td></td> 1170 <td>*</td> 1171 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1172 <td>24 2016.</td> 1173 </tr> 1174 </table> 1175 <p> 1176 * Nexus Android7.0, 1177 . 1178 </p> 1179 1180 <h3> Wi-Fi</h3> 1181 <p> 1182 1183 . - 1184 . 1185 </p> 1186 1187 <table> 1188 <col width="18%"> 1189 <col width="16%"> 1190 <col width="10%"> 1191 <col width="19%"> 1192 <col width="19%"> 1193 <col width="17%"> 1194 <tr> 1195 <th>CVE</th> 1196 <th></th> 1197 <th> </th> 1198 <th> Nexus</th> 1199 <th> AOSP</th> 1200 <th> </th> 1201 </tr> 1202 <tr> 1203 <td>CVE-2016-3897</td> 1204 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/55271d454881b67ff38485fdd97598c542cc2d55"> 1205 A-25624963</a> 1206 [<a href="https://android.googlesource.com/platform/frameworks/base/+/81be4e3aac55305cbb5c9d523cf5c96c66604b39">2</a>] 1207 </td> 1208 <td></td> 1209 <td>*</td> 1210 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> 1211 <td>5 2015.</td> 1212 </tr> 1213 </table> 1214 <p> 1215 * Nexus Android7.0, 1216 . 1217 </p> 1218 1219 <h3> </h3> 1220 <p> 1221 1222 911 . 1223 , 1224 . 1225 </p> 1226 1227 <table> 1228 <col width="18%"> 1229 <col width="18%"> 1230 <col width="10%"> 1231 <col width="19%"> 1232 <col width="17%"> 1233 <col width="17%"> 1234 <tr> 1235 <th>CVE</th> 1236 <th></th> 1237 <th> </th> 1238 <th> Nexus</th> 1239 <th> AOSP</th> 1240 <th> </th> 1241 </tr> 1242 <tr> 1243 <td>CVE-2016-3898</td> 1244 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/d1d248d10cf03498efb7041f1a8c9c467482a19d"> 1245 A-29832693</a></td> 1246 <td></td> 1247 <td> </td> 1248 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 1249 <td>28 2016.</td> 1250 </tr> 1251 </table> 1252 <h2 id="2016-09-05-details"> ( 2016-09-05)</h2> 1253 <p> 1254 1255 <a href="#2016-09-05-summary"> </a> : , 1256 CVE, , , 1257 Nexus AOSP ( ), 1258 . , 1259 , (, AOSP), 1260 . 1261 </p> 1262 1263 <h3> </h3> 1264 <p> 1265 1266 . , 1267 - . , 1268 . 1269 </p> 1270 1271 <table> 1272 <col width="19%"> 1273 <col width="20%"> 1274 <col width="10%"> 1275 <col width="23%"> 1276 <col width="17%"> 1277 <tr> 1278 <th>CVE</th> 1279 <th></th> 1280 <th> </th> 1281 <th> Nexus</th> 1282 <th> </th> 1283 </tr> 1284 <tr> 1285 <td>CVE-2014-9529</td> 1286 <td>A-29510361 1287 <p> 1288 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a3a8784454692dd72e5d5d34dcdab17b4420e74c">Upstream 1289 kernel</a></p></td> 1290 <td></td> 1291 <td>Nexus5, Nexus6, Nexus9, Nexus Player, Android One</td> 1292 <td>6 2015.</td> 1293 </tr> 1294 <tr> 1295 <td>CVE-2016-4470</td> 1296 <td>A-29823941 1297 <p> 1298 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a">Upstream 1299 kernel</a></p></td> 1300 <td></td> 1301 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player</td> 1302 <td>15 2016.</td> 1303 </tr> 1304 </table> 1305 <h3> </h3> 1306 <p> 1307 1308 . , 1309 - . , 1310 . 1311 </p> 1312 1313 <table> 1314 <col width="19%"> 1315 <col width="20%"> 1316 <col width="10%"> 1317 <col width="23%"> 1318 <col width="17%"> 1319 <tr> 1320 <th>CVE</th> 1321 <th></th> 1322 <th> </th> 1323 <th> Nexus</th> 1324 <th> </th> 1325 </tr> 1326 <tr> 1327 <td>CVE-2013-7446</td> 1328 <td>A-29119002 1329 <p> 1330 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/unix/af_unix.c?id=7d267278a9ece963d77eefec61630223fce08c6c">Upstream 1331 kernel</a></p></td> 1332 <td></td> 1333 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC, 1334 Android One</td> 1335 <td>18 2015.</td> 1336 </tr> 1337 </table> 1338 <h3> </h3> 1339 <p> 1340 1341 . , 1342 - . , 1343 . 1344 </p> 1345 1346 <table> 1347 <col width="19%"> 1348 <col width="20%"> 1349 <col width="10%"> 1350 <col width="23%"> 1351 <col width="17%"> 1352 <tr> 1353 <th>CVE</th> 1354 <th></th> 1355 <th> </th> 1356 <th> Nexus</th> 1357 <th> </th> 1358 </tr> 1359 <tr> 1360 <td>CVE-2016-3134</td> 1361 <td>A-28940694 1362 <p> 1363 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309">Upstream 1364 kernel</a></p></td> 1365 <td></td> 1366 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC, 1367 Android One</td> 1368 <td>9 2016.</td> 1369 </tr> 1370 </table> 1371 <h3> USB- </h3> 1372 <p> 1373 1374 . , 1375 - . , 1376 . 1377 </p> 1378 1379 <table> 1380 <col width="19%"> 1381 <col width="20%"> 1382 <col width="10%"> 1383 <col width="23%"> 1384 <col width="17%"> 1385 <tr> 1386 <th>CVE</th> 1387 <th></th> 1388 <th> </th> 1389 <th> Nexus</th> 1390 <th> </th> 1391 </tr> 1392 <tr> 1393 <td>CVE-2016-3951</td> 1394 <td>A-28744625 1395 <p> 1396 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274">Upstream kernel</a> 1397 [<a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b">2</a>]</p></td> 1398 <td></td> 1399 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC, 1400 Android One</td> 1401 <td>6 2016.</td> 1402 </tr> 1403 </table> 1404 <h3> </h3> 1405 <p> 1406 1407 . , 1408 . 1409 </p> 1410 1411 <table> 1412 <col width="19%"> 1413 <col width="20%"> 1414 <col width="10%"> 1415 <col width="23%"> 1416 <col width="17%"> 1417 <tr> 1418 <th>CVE</th> 1419 <th></th> 1420 <th> </th> 1421 <th> Nexus</th> 1422 <th> </th> 1423 </tr> 1424 <tr> 1425 <td>CVE-2014-4655</td> 1426 <td>A-29916012 1427 <p> 1428 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82262a46627bebb0febcc26664746c25cef08563">Upstream 1429 kernel</a></p></td> 1430 <td></td> 1431 <td>Nexus5, Nexus6, Nexus9, Nexus Player</td> 1432 <td>26 2016.</td> 1433 </tr> 1434 </table> 1435 <h3> ASN.1 </h3> 1436 <p> 1437 1438 . , 1439 . 1440 </p> 1441 1442 <table> 1443 <col width="19%"> 1444 <col width="20%"> 1445 <col width="10%"> 1446 <col width="23%"> 1447 <col width="17%"> 1448 <tr> 1449 <th>CVE</th> 1450 <th></th> 1451 <th> </th> 1452 <th> Nexus</th> 1453 <th> </th> 1454 </tr> 1455 <tr> 1456 <td>CVE-2016-2053</td> 1457 <td>A-28751627 1458 <p> 1459 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f">Upstream 1460 kernel</a></p></td> 1461 <td></td> 1462 <td>Nexus5X, Nexus6P</td> 1463 <td>25 2016.</td> 1464 </tr> 1465 </table> 1466 <h3> Qualcomm</h3> 1467 <p> 1468 1469 . , 1470 . 1471 </p> 1472 1473 <table> 1474 <col width="19%"> 1475 <col width="18%"> 1476 <col width="10%"> 1477 <col width="25%"> 1478 <col width="17%"> 1479 <tr> 1480 <th>CVE</th> 1481 <th></th> 1482 <th> </th> 1483 <th> Nexus</th> 1484 <th> </th> 1485 </tr> 1486 <tr> 1487 <td>CVE-2016-3864</td> 1488 <td>A-28823714*<br> 1489 QC-CR#913117</td> 1490 <td></td> 1491 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Android One</td> 1492 <td>29 2016.</td> 1493 </tr> 1494 </table> 1495 <p> 1496 * . 1497 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1498 </p> 1499 1500 <h3> Qualcomm</h3> 1501 <p> 1502 1503 . , 1504 . 1505 </p> 1506 1507 <table> 1508 <col width="19%"> 1509 <col width="20%"> 1510 <col width="10%"> 1511 <col width="23%"> 1512 <col width="17%"> 1513 <tr> 1514 <th>CVE</th> 1515 <th></th> 1516 <th> </th> 1517 <th> Nexus</th> 1518 <th> </th> 1519 </tr> 1520 <tr> 1521 <td>CVE-2016-3858</td> 1522 <td>A-28675151<br> 1523 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0c148b9a9028c566eac680f19e5d664b483cdee3">QC-CR#1022641</a></td> 1524 <td></td> 1525 <td>Nexus5X, Nexus6P</td> 1526 <td>9 2016.</td> 1527 </tr> 1528 </table> 1529 <h3> </h3> 1530 <p> 1531 1532 . , 1533 . 1534 </p> 1535 1536 <table> 1537 <col width="19%"> 1538 <col width="20%"> 1539 <col width="10%"> 1540 <col width="23%"> 1541 <col width="17%"> 1542 <tr> 1543 <th>CVE</th> 1544 <th></th> 1545 <th> </th> 1546 <th> Nexus</th> 1547 <th> </th> 1548 </tr> 1549 <tr> 1550 <td>CVE-2016-4805</td> 1551 <td>A-28979703 1552 <p> 1553 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89">Upstream 1554 kernel</a></p></td> 1555 <td></td> 1556 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9</td> 1557 <td>15 2016.</td> 1558 </tr> 1559 </table> 1560 <h3> Synaptics</h3> 1561 <p> 1562 1563 . , 1564 . 1565 </p> 1566 1567 <table> 1568 <col width="19%"> 1569 <col width="20%"> 1570 <col width="10%"> 1571 <col width="23%"> 1572 <col width="17%"> 1573 <tr> 1574 <th>CVE</th> 1575 <th></th> 1576 <th> </th> 1577 <th> Nexus</th> 1578 <th> </th> 1579 </tr> 1580 <tr> 1581 <td>CVE-2016-3865</td> 1582 <td>A-28799389*</td> 1583 <td></td> 1584 <td>Nexus5X, Nexus9</td> 1585 <td>16 2016.</td> 1586 </tr> 1587 </table> 1588 <p> 1589 * . 1590 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1591 </p> 1592 1593 <h3> Qualcomm</h3> 1594 <p> 1595 1596 . , 1597 . 1598 </p> 1599 1600 <table> 1601 <col width="19%"> 1602 <col width="20%"> 1603 <col width="10%"> 1604 <col width="23%"> 1605 <col width="17%"> 1606 <tr> 1607 <th>CVE</th> 1608 <th></th> 1609 <th> </th> 1610 <th> Nexus</th> 1611 <th> </th> 1612 </tr> 1613 <tr> 1614 <td>CVE-2016-3859</td> 1615 <td>A-28815326*<br> 1616 QC-CR#1034641</td> 1617 <td></td> 1618 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 1619 <td>17 2016.</td> 1620 </tr> 1621 </table> 1622 <p> 1623 * . 1624 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1625 </p> 1626 1627 <h3> Qualcomm</h3> 1628 <p> 1629 1630 . , 1631 . 1632 </p> 1633 1634 <table> 1635 <col width="19%"> 1636 <col width="20%"> 1637 <col width="10%"> 1638 <col width="23%"> 1639 <col width="17%"> 1640 <tr> 1641 <th>CVE</th> 1642 <th></th> 1643 <th> </th> 1644 <th> Nexus</th> 1645 <th> </th> 1646 </tr> 1647 <tr> 1648 <td>CVE-2016-3866</td> 1649 <td>A-28868303*<br> 1650 QC-CR#1032820</td> 1651 <td></td> 1652 <td>Nexus5X, Nexus6, Nexus6P</td> 1653 <td>18 2016.</td> 1654 </tr> 1655 </table> 1656 <p> 1657 * . 1658 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1659 </p> 1660 1661 <h3> Qualcomm</h3> 1662 <p> 1663 1664 . , 1665 . 1666 </p> 1667 1668 <table> 1669 <col width="19%"> 1670 <col width="20%"> 1671 <col width="10%"> 1672 <col width="23%"> 1673 <col width="17%"> 1674 <tr> 1675 <th>CVE</th> 1676 <th></th> 1677 <th> </th> 1678 <th> Nexus</th> 1679 <th> </th> 1680 </tr> 1681 <tr> 1682 <td>CVE-2016-3867</td> 1683 <td>A-28919863*<br> 1684 QC-CR#1037897</td> 1685 <td></td> 1686 <td>Nexus5X, Nexus6P</td> 1687 <td>21 2016.</td> 1688 </tr> 1689 </table> 1690 <p> 1691 * . 1692 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1693 </p> 1694 1695 <h3> Qualcomm</h3> 1696 <p> 1697 1698 . , 1699 . 1700 </p> 1701 1702 <table> 1703 <col width="19%"> 1704 <col width="20%"> 1705 <col width="10%"> 1706 <col width="23%"> 1707 <col width="17%"> 1708 <tr> 1709 <th>CVE</th> 1710 <th></th> 1711 <th> </th> 1712 <th> Nexus</th> 1713 <th> </th> 1714 </tr> 1715 <tr> 1716 <td>CVE-2016-3868</td> 1717 <td>A-28967028*<br> 1718 QC-CR#1032875</td> 1719 <td></td> 1720 <td>Nexus5X, Nexus6P</td> 1721 <td>25 2016.</td> 1722 </tr> 1723 </table> 1724 <p> 1725 * . 1726 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1727 </p> 1728 1729 <h3> Wi-Fi- Broadcom</h3> 1730 <p> 1731 1732 . , 1733 . 1734 </p> 1735 1736 <table> 1737 <col width="19%"> 1738 <col width="20%"> 1739 <col width="10%"> 1740 <col width="23%"> 1741 <col width="17%"> 1742 <tr> 1743 <th>CVE</th> 1744 <th></th> 1745 <th> </th> 1746 <th> Nexus</th> 1747 <th> </th> 1748 </tr> 1749 <tr> 1750 <td>CVE-2016-3869</td> 1751 <td>A-29009982*<br> 1752 B-RB#96070</td> 1753 <td></td> 1754 <td>Nexus5, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC</td> 1755 <td>27 2016.</td> 1756 </tr> 1757 </table> 1758 <p> 1759 * . 1760 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1761 </p> 1762 1763 <h3> eCryptfs</h3> 1764 <p> 1765 1766 . , 1767 . 1768 </p> 1769 1770 <table> 1771 <col width="17%"> 1772 <col width="22%"> 1773 <col width="10%"> 1774 <col width="23%"> 1775 <col width="17%"> 1776 <tr> 1777 <th>CVE</th> 1778 <th></th> 1779 <th> </th> 1780 <th> Nexus</th> 1781 <th> </th> 1782 </tr> 1783 <tr> 1784 <td>CVE-2016-1583</td> 1785 <td>A-29444228<br> 1786 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e54ad7f1ee263ffa5a2de9c609d58dfa27b21cd9">Upstream kernel</a> 1787 [<a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87">2</a>] 1788 [<a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=29d6455178a09e1dc340380c582b13356227e8df">3</a>]</td> 1789 <td></td> 1790 <td>Pixel</td> 1791 <td>1 2016.</td> 1792 </tr> 1793 </table> 1794 <h3> NVIDIA</h3> 1795 <p> 1796 1797 . , 1798 . 1799 </p> 1800 1801 <table> 1802 <col width="19%"> 1803 <col width="20%"> 1804 <col width="10%"> 1805 <col width="23%"> 1806 <col width="17%"> 1807 <tr> 1808 <th>CVE</th> 1809 <th></th> 1810 <th> </th> 1811 <th> Nexus</th> 1812 <th> </th> 1813 </tr> 1814 <tr> 1815 <td>CVE-2016-3873</td> 1816 <td>A-29518457*<br> 1817 N-CVE-2016-3873</td> 1818 <td></td> 1819 <td>Nexus9</td> 1820 <td>20 2016.</td> 1821 </tr> 1822 </table> 1823 <p> 1824 * . 1825 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1826 </p> 1827 1828 <h3> Wi-Fi- Qualcomm</h3> 1829 <p> 1830 1831 . , 1832 . 1833 </p> 1834 1835 <table> 1836 <col width="19%"> 1837 <col width="20%"> 1838 <col width="10%"> 1839 <col width="23%"> 1840 <col width="17%"> 1841 <tr> 1842 <th>CVE</th> 1843 <th></th> 1844 <th> </th> 1845 <th> Nexus</th> 1846 <th> </th> 1847 </tr> 1848 <tr> 1849 <td>CVE-2016-3874</td> 1850 <td>A-29944562<br> 1851 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=50e8f265b3f7926aeb4e49c33f7301ace89faa77">QC-CR#997797</a> 1852 [<a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a3974e61c960aadcc147c3c5704a67309171642d">2</a>]</td> 1853 <td></td> 1854 <td>Nexus5X</td> 1855 <td>1 2016.</td> 1856 </tr> 1857 </table> 1858 <h3> </h3> 1859 <p> 1860 1861 . , 1862 . 1863 </p> 1864 1865 <table> 1866 <col width="19%"> 1867 <col width="18%"> 1868 <col width="10%"> 1869 <col width="25%"> 1870 <col width="17%"> 1871 <tr> 1872 <th>CVE</th> 1873 <th></th> 1874 <th> </th> 1875 <th> Nexus</th> 1876 <th> </th> 1877 </tr> 1878 <tr> 1879 <td>CVE-2015-1465</td> 1880 <td>A-29506807 1881 <p> 1882 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0">Upstream 1883 kernel</a></p></td> 1884 <td></td> 1885 <td>Nexus5, Nexus6, Nexus9, Nexus Player, PixelC, Android One</td> 1886 <td>3 2015.</td> 1887 </tr> 1888 <tr> 1889 <td>CVE-2015-5364</td> 1890 <td>A-29507402 1891 <p> 1892 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0">Upstream 1893 kernel</a></p></td> 1894 <td></td> 1895 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC, 1896 Android One</td> 1897 <td>30 2015.</td> 1898 </tr> 1899 </table> 1900 <h3> ext4</h3> 1901 <p> 1902 . 1903 , . 1904 , 1905 . 1906 </p> 1907 1908 <table> 1909 <col width="19%"> 1910 <col width="16%"> 1911 <col width="10%"> 1912 <col width="27%"> 1913 <col width="17%"> 1914 <tr> 1915 <th>CVE</th> 1916 <th></th> 1917 <th> </th> 1918 <th> Nexus</th> 1919 <th> </th> 1920 </tr> 1921 <tr> 1922 <td>CVE-2015-8839</td> 1923 <td>A-28760453*</td> 1924 <td></td> 1925 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC, Android One</td> 1926 <td>4 2016.</td> 1927 </tr> 1928 </table> 1929 <p> 1930 * . 1931 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1932 </p> 1933 1934 <h3> SPMI- Qualcomm</h3> 1935 <p> 1936 1937 . 1938 1939 , 1940 . 1941 </p> 1942 1943 <table> 1944 <col width="19%"> 1945 <col width="20%"> 1946 <col width="10%"> 1947 <col width="23%"> 1948 <col width="17%"> 1949 <tr> 1950 <th>CVE</th> 1951 <th></th> 1952 <th> </th> 1953 <th> Nexus</th> 1954 <th> </th> 1955 </tr> 1956 <tr> 1957 <td>CVE-2016-3892</td> 1958 <td>A-28760543*<br> 1959 QC-CR#1024197</td> 1960 <td></td> 1961 <td>Nexus5, Nexus5X, Nexus6, Nexus6P</td> 1962 <td>13 2016.</td> 1963 </tr> 1964 </table> 1965 <p> 1966 * . 1967 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1968 </p> 1969 1970 <h3> Qualcomm</h3> 1971 <p> 1972 1973 . 1974 1975 , 1976 . 1977 </p> 1978 1979 <table> 1980 <col width="19%"> 1981 <col width="20%"> 1982 <col width="10%"> 1983 <col width="23%"> 1984 <col width="17%"> 1985 <tr> 1986 <th>CVE</th> 1987 <th></th> 1988 <th> </th> 1989 <th> Nexus</th> 1990 <th> </th> 1991 </tr> 1992 <tr> 1993 <td>CVE-2016-3893</td> 1994 <td>A-29512527<br> 1995 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=a7a6ddc91cce7ad5ad55c9709b24bfc80f5ac873">QC-CR#856400</a></td> 1996 <td></td> 1997 <td>Nexus6P</td> 1998 <td>20 2016.</td> 1999 </tr> 2000 </table> 2001 <h3> DMA- Qualcomm</h3> 2002 <p> 2003 2004 . 2005 , 2006 . 2007 </p> 2008 2009 <table> 2010 <col width="19%"> 2011 <col width="20%"> 2012 <col width="10%"> 2013 <col width="23%"> 2014 <col width="17%"> 2015 <tr> 2016 <th>CVE</th> 2017 <th></th> 2018 <th> </th> 2019 <th> Nexus</th> 2020 <th> </th> 2021 </tr> 2022 <tr> 2023 <td>CVE-2016-3894</td> 2024 <td>A-29618014*<br> 2025 QC-CR#1042033</td> 2026 <td></td> 2027 <td>Nexus6</td> 2028 <td>23 2016.</td> 2029 </tr> 2030 </table> 2031 <p> 2032 * . 2033 Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2034 </p> 2035 2036 <h3> </h3> 2037 <p> 2038 2039 . 2040 , 2041 . 2042 </p> 2043 2044 <table> 2045 <col width="19%"> 2046 <col width="20%"> 2047 <col width="10%"> 2048 <col width="23%"> 2049 <col width="17%"> 2050 <tr> 2051 <th>CVE</th> 2052 <th></th> 2053 <th> </th> 2054 <th> Nexus</th> 2055 <th> </th> 2056 </tr> 2057 <tr> 2058 <td>CVE-2016-4998</td> 2059 <td>A-29637687<br> 2060 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968e9686df777dc178486f600c6e617">Upstream kernel</a> 2061 [<a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91">2</a>]</td> 2062 <td></td> 2063 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC, 2064 Android One</td> 2065 <td>24 2016.</td> 2066 </tr> 2067 </table> 2068 <h3> </h3> 2069 <p> 2070 2071 Wi-Fi. , 2072 . 2073 </p> 2074 2075 <table> 2076 <col width="19%"> 2077 <col width="20%"> 2078 <col width="10%"> 2079 <col width="23%"> 2080 <col width="17%"> 2081 <tr> 2082 <th>CVE</th> 2083 <th></th> 2084 <th> </th> 2085 <th> Nexus</th> 2086 <th> </th> 2087 </tr> 2088 <tr> 2089 <td>CVE-2015-2922</td> 2090 <td>A-29409847 2091 <p> 2092 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a">Upstream 2093 kernel</a></p></td> 2094 <td></td> 2095 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Nexus9, Nexus Player, PixelC, 2096 Android One</td> 2097 <td>4 2015.</td> 2098 </tr> 2099 </table> 2100 <h3> Qualcomm</h3> 2101 <p> 2102 , 2103 Qualcomm, , , , 2104 , , , . 2105 </p> 2106 2107 <table> 2108 <col width="19%"> 2109 <col width="20%"> 2110 <col width="10%"> 2111 <col width="23%"> 2112 <col width="17%"> 2113 <tr> 2114 <th>CVE</th> 2115 <th></th> 2116 <th> </th> 2117 <th> Nexus</th> 2118 <th> </th> 2119 </tr> 2120 <tr> 2121 <td>CVE-2016-2469</td> 2122 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7eb824e8e1ebbdbfad896b090a9f048ca6e63c9e">QC-CR#997025</a></td> 2123 <td></td> 2124 <td></td> 2125 <td> 2016.</td> 2126 </tr> 2127 <tr> 2128 <td>CVE-2016-2469</td> 2129 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=e7369163162e7773bc887f7a264d6aa46cfcc665">QC-CR#997015</a></td> 2130 <td></td> 2131 <td></td> 2132 <td> 2016.</td> 2133 </tr> 2134 </table> 2135 <h2 id="2016-09-06-details"> ( 2016-09-06)</h2> 2136 <p> 2137 2138 <a href="#2016-09-06-summary"> </a> : , 2139 CVE, , , 2140 Nexus AOSP ( ), 2141 . , 2142 , (, AOSP), 2143 . 2144 </p> 2145 2146 <h3> </h3> 2147 <p> 2148 2149 . , 2150 - . , 2151 . 2152 </p> 2153 2154 <table> 2155 <col width="19%"> 2156 <col width="20%"> 2157 <col width="10%"> 2158 <col width="23%"> 2159 <col width="17%"> 2160 <tr> 2161 <th>CVE</th> 2162 <th></th> 2163 <th> </th> 2164 <th> Nexus</th> 2165 <th> </th> 2166 </tr> 2167 <tr> 2168 <td>CVE-2016-5340</td> 2169 <td>A-30652312<br> 2170 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6">QC-CR#1008948</a></td> 2171 <td></td> 2172 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Android One</td> 2173 <td>26 2016.</td> 2174 </tr> 2175 </table> 2176 <h3> Qualcomm</h3> 2177 <p> 2178 2179 . , 2180 . 2181 </p> 2182 2183 <table> 2184 <col width="19%"> 2185 <col width="20%"> 2186 <col width="10%"> 2187 <col width="23%"> 2188 <col width="17%"> 2189 <tr> 2190 <th>CVE</th> 2191 <th></th> 2192 <th> </th> 2193 <th> Nexus</th> 2194 <th> </th> 2195 </tr> 2196 <tr> 2197 <td>CVE-2016-2059</td> 2198 <td>A-27045580<br> 2199 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d">QC-CR#974577</a></td> 2200 <td></td> 2201 <td>Nexus5, Nexus5X, Nexus6, Nexus6P, Android One</td> 2202 <td>4 2016.</td> 2203 </tr> 2204 </table> 2205 <h2 id="common-questions-and-answers"> </h2> 2206 <p> 2207 , 2208 . 2209 </p> 2210 2211 <p> 2212 <strong>1. , , ? 2213 </strong> 2214 </p> 2215 2216 <p> 2217 1 2016 , 2218 2016-09-01. 5 2016 2219 , 2016-09-05. 2220 6 2016 , 2221 2016-09-06. , 2222 , <a href="https://support.google.com/nexus/answer/4457705"> </a>. , 2223 , 2224 [ro.build.version.security_patch]:[2016-09-01], 2225 [ro.build.version.security_patch]:[2016-09-05] 2226 [ro.build.version.security_patch]:[2016-09-06]. 2227 </p> 2228 2229 <p> 2230 <strong>2. ?</strong> 2231 </p> 2232 2233 <p> 2234 , 2235 , 2236 Android. Android 2237 2238 . 2239 </p> 2240 2241 <p> 2242 6 2016 2243 , 2244 . , 2245 . 2246 </p> 2247 2248 <p> 2249 5 2016 2250 , 2251 , . , 2252 , 2253 6 2016. 2254 </p> 2255 2256 <p> 2257 1 2016 2258 , 2259 , . , 2260 , 2261 5 6 2016. 2262 </p> 2263 2264 <p> 2265 <strong>3. , Nexus ?</strong> 2266 </p> 2267 2268 <p> 2269 <a href="#2016-09-01-details">2016-09-01</a>, <a href="#2016-09-05-details">2016-09-05</a> 2270 <a href="#2016-09-06-details">2016-09-06</a> <em> Nexus</em>. , 2271 . 2272 </p> 2273 2274 <ul> 2275 <li><strong> .</strong> <em></em> 2276 2277 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"> Nexus</a>: Nexus5, Nexus5X, Nexus6, Nexus6P, 2278 Nexus7(2013), Nexus9, Android One, Nexus Player PixelC.</li> 2279 <li><strong> .</strong> <em></em> , .</li> 2280 <li><strong>.</strong> Nexus.<em></em></li> 2281 </ul> 2282 <p> 2283 <strong>4. ""?</strong> 2284 </p> 2285 2286 <p> 2287 <em></em>. 2288 , 2289 , : 2290 </p> 2291 2292 <table> 2293 <tr> 2294 <th></th> 2295 <th></th> 2296 </tr> 2297 <tr> 2298 <td>A-</td> 2299 <td> Android</td> 2300 </tr> 2301 <tr> 2302 <td>QC-</td> 2303 <td> Qualcomm</td> 2304 </tr> 2305 <tr> 2306 <td>M-</td> 2307 <td> MediaTek</td> 2308 </tr> 2309 <tr> 2310 <td>N-</td> 2311 <td> NVIDIA</td> 2312 </tr> 2313 <tr> 2314 <td>B-</td> 2315 <td> Broadcom</td> 2316 </tr> 2317 </table> 2318 2319 <h2 id="revisions"></h2> 2320 <ul> 2321 <li>6 2016. .</li> 2322 <li>7 2016. AOSP.</li> 2323 <li>12 2016. 2324 CVE-2016-3861 CVE-2016-3877.</li> 2325 </ul> 2326 2327 </body> 2328 </html> 2329
