1 <html devsite> 2 <head> 3 <title> Android 2017.</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 <p><em> 3 2017. | 5 2017.</em></p> 26 27 <p> Android. Google <a href="https://developers.google.com/android/nexus/images"> </a>. , , 5 2017 . , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>.</p> 28 29 <p> 5 2016 . Android Open Source Project (AOSP). 30 AOSP.</p> 31 32 <p> (, , MMS).</p> 33 34 <p> . <a href="#mitigations"> </a> , <a href="/security/enhancements/index.html"> </a> , <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, Android.</p> 35 36 <p> .</p> 37 38 <h2 id="announcements"></h2> 39 <ul> 40 <li> , , Android. <a href="#common-questions-and-answers"> </a>. 41 <ul> 42 <li><strong>2017-01-01</strong>: , 2017-01-01 .</li> 43 <li><strong>2017-01-05</strong>: , 2017-01-01 2017-01-05, .</li> 44 </ul> 45 </li> 46 <li> Google 5 2017.</li> 47 </ul> 48 <h2 id="security-vulnerability-summary"> </h2> 49 <p> , (CVE) , , Google. <a href="/security/overview/updates-resources.html#severity"> </a> , , .</p> 50 51 <h3 id="2017-01-01-summary"> ( 2017-01-01)</h3> 52 <p> 1 2017 .</p> 53 54 <table> 55 <col width="55%"> 56 <col width="20%"> 57 <col width="13%"> 58 <col width="12%"> 59 <tr> 60 <th></th> 61 <th>CVE</th> 62 <th> </th> 63 <th> Google?</th> 64 </tr> 65 <tr> 66 <td> c-ares</td> 67 <td>CVE-2016-5180</td> 68 <td></td> 69 <td></td> 70 </tr> 71 <tr> 72 <td> Framesequence</td> 73 <td>CVE-2017-0382</td> 74 <td></td> 75 <td></td> 76 </tr> 77 <tr> 78 <td> Framework API</td> 79 <td>CVE-2017-0383</td> 80 <td></td> 81 <td></td> 82 </tr> 83 <tr> 84 <td> audioserver</td> 85 <td>CVE-2017-0384, CVE-2017-0385</td> 86 <td></td> 87 <td></td> 88 </tr> 89 <tr> 90 <td> libnl</td> 91 <td>CVE-2017-0386</td> 92 <td></td> 93 <td></td> 94 </tr> 95 <tr> 96 <td> mediaserver</td> 97 <td>CVE-2017-0387</td> 98 <td></td> 99 <td></td> 100 </tr> 101 <tr> 102 <td> External Storage Provider</td> 103 <td>CVE-2017-0388</td> 104 <td></td> 105 <td></td> 106 </tr> 107 <tr> 108 <td> </td> 109 <td>CVE-2017-0389</td> 110 <td></td> 111 <td></td> 112 </tr> 113 <tr> 114 <td> mediaserver</td> 115 <td>CVE-2017-0390, CVE-2017-0391, CVE-2017-0392, CVE-2017-0393</td> 116 <td></td> 117 <td></td> 118 </tr> 119 <tr> 120 <td> </td> 121 <td>CVE-2017-0394</td> 122 <td></td> 123 <td></td> 124 </tr> 125 <tr> 126 <td> </td> 127 <td>CVE-2017-0395</td> 128 <td></td> 129 <td></td> 130 </tr> 131 <tr> 132 <td> mediaserver</td> 133 <td>CVE-2017-0381, CVE-2017-0396, CVE-2017-0397</td> 134 <td></td> 135 <td></td> 136 </tr> 137 <tr> 138 <td> audioserver</td> 139 <td>CVE-2017-0398, CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td> 140 <td></td> 141 <td></td> 142 </tr> 143 </table> 144 145 <h3 id="2017-01-05-summary"> ( 2017-01-05)</h3> 146 <p> 5 2017 , 2017-01-01, , .</p> 147 148 <table> 149 <col width="55%"> 150 <col width="20%"> 151 <col width="13%"> 152 <col width="12%"> 153 <tr> 154 <th></th> 155 <th>CVE</th> 156 <th> </th> 157 <th> Google?</th> 158 </tr> 159 <tr> 160 <td> </td> 161 <td>CVE-2015-3288</td> 162 <td></td> 163 <td></td> 164 </tr> 165 <tr> 166 <td> Qualcomm</td> 167 <td>CVE-2016-8422, CVE-2016-8423</td> 168 <td></td> 169 <td></td> 170 </tr> 171 <tr> 172 <td> </td> 173 <td>CVE-2015-5706</td> 174 <td></td> 175 <td>*</td> 176 </tr> 177 <tr> 178 <td> NVIDIA </td> 179 <td>CVE-2016-8424, CVE-2016-8425, CVE-2016-8426, CVE-2016-8482, CVE-2016-8427, CVE-2016-8428, CVE-2016-8429, CVE-2016-8430, CVE-2016-8431, CVE-2016-8432</td> 180 <td></td> 181 <td></td> 182 </tr> 183 <tr> 184 <td> MediaTek</td> 185 <td>CVE-2016-8433</td> 186 <td></td> 187 <td>*</td> 188 </tr> 189 <tr> 190 <td> Qualcomm </td> 191 <td>CVE-2016-8434</td> 192 <td></td> 193 <td></td> 194 </tr> 195 <tr> 196 <td> NVIDIA </td> 197 <td>CVE-2016-8435</td> 198 <td></td> 199 <td></td> 200 </tr> 201 <tr> 202 <td> Qualcomm</td> 203 <td>CVE-2016-8436</td> 204 <td></td> 205 <td>*</td> 206 </tr> 207 <tr> 208 <td> Qualcomm</td> 209 <td>CVE-2016-5080, CVE-2016-8398, CVE-2016-8437, CVE-2016-8438, CVE-2016-8439, CVE-2016-8440, CVE-2016-8441, CVE-2016-8442, CVE-2016-8443, CVE-2016-8459</td> 210 <td></td> 211 <td>*</td> 212 </tr> 213 <tr> 214 <td> Qualcomm</td> 215 <td>CVE-2016-8412, CVE-2016-8444</td> 216 <td></td> 217 <td></td> 218 </tr> 219 <tr> 220 <td> MediaTek</td> 221 <td>CVE-2016-8445, CVE-2016-8446, CVE-2016-8447, CVE-2016-8448</td> 222 <td></td> 223 <td>*</td> 224 </tr> 225 <tr> 226 <td> Wi-Fi- Qualcomm</td> 227 <td>CVE-2016-8415</td> 228 <td></td> 229 <td></td> 230 </tr> 231 <tr> 232 <td> NVIDIA </td> 233 <td>CVE-2016-8449</td> 234 <td></td> 235 <td></td> 236 </tr> 237 <tr> 238 <td> Qualcomm</td> 239 <td>CVE-2016-8450</td> 240 <td></td> 241 <td></td> 242 </tr> 243 <tr> 244 <td> Synaptics</td> 245 <td>CVE-2016-8451</td> 246 <td></td> 247 <td>*</td> 248 </tr> 249 <tr> 250 <td> </td> 251 <td>CVE-2016-7042</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td> </td> 257 <td>CVE-2017-0403</td> 258 <td></td> 259 <td></td> 260 </tr> 261 <tr> 262 <td> </td> 263 <td>CVE-2017-0404</td> 264 <td></td> 265 <td></td> 266 </tr> 267 <tr> 268 <td> Wi-Fi- Qualcomm</td> 269 <td>CVE-2016-8452</td> 270 <td></td> 271 <td></td> 272 </tr> 273 <tr> 274 <td> Qualcomm</td> 275 <td>CVE-2016-5345</td> 276 <td></td> 277 <td></td> 278 </tr> 279 <tr> 280 <td> </td> 281 <td>CVE-2016-9754</td> 282 <td></td> 283 <td></td> 284 </tr> 285 <tr> 286 <td> Wi-Fi- Broadcom</td> 287 <td>CVE-2016-8453, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457</td> 288 <td></td> 289 <td></td> 290 </tr> 291 <tr> 292 <td> Synaptics</td> 293 <td>CVE-2016-8458</td> 294 <td></td> 295 <td></td> 296 </tr> 297 <tr> 298 <td> NVIDIA</td> 299 <td>CVE-2016-8460</td> 300 <td></td> 301 <td></td> 302 </tr> 303 <tr> 304 <td> </td> 305 <td>CVE-2016-8461, CVE-2016-8462</td> 306 <td></td> 307 <td></td> 308 </tr> 309 <tr> 310 <td> FUSE Qualcomm</td> 311 <td>CVE-2016-8463</td> 312 <td></td> 313 <td>*</td> 314 </tr> 315 <tr> 316 <td> </td> 317 <td>CVE-2016-8467</td> 318 <td></td> 319 <td></td> 320 </tr> 321 <tr> 322 <td> Wi-Fi- Broadcom</td> 323 <td>CVE-2016-8464, CVE-2016-8465, CVE-2016-8466</td> 324 <td></td> 325 <td></td> 326 </tr> 327 <tr> 328 <td> </td> 329 <td>CVE-2016-8467</td> 330 <td></td> 331 <td></td> 332 </tr> 333 <tr> 334 <td> Binder</td> 335 <td>CVE-2016-8468</td> 336 <td></td> 337 <td></td> 338 </tr> 339 <tr> 340 <td> NVIDIA </td> 341 <td>CVE-2016-8469</td> 342 <td></td> 343 <td></td> 344 </tr> 345 <tr> 346 <td> MediaTek</td> 347 <td>CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</td> 348 <td></td> 349 <td>*</td> 350 </tr> 351 <tr> 352 <td> STMicroelectronics</td> 353 <td>CVE-2016-8473, CVE-2016-8474</td> 354 <td></td> 355 <td></td> 356 </tr> 357 <tr> 358 <td> Qualcomm</td> 359 <td>CVE-2017-0399, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402</td> 360 <td></td> 361 <td></td> 362 </tr> 363 <tr> 364 <td> HTC</td> 365 <td>CVE-2016-8475</td> 366 <td></td> 367 <td></td> 368 </tr> 369 <tr> 370 <td> </td> 371 <td>CVE-2014-9420</td> 372 <td></td> 373 <td></td> 374 </tr> 375 </table> 376 <p>* Google Android7.0, .</p> 377 378 <h2 id="mitigations"> </h2> 379 <p> , <a href="/security/enhancements/index.html"> </a> , SafetyNet, Android.</p> 380 <ul> 381 <li> Android, .</li> 382 <li>, Android, <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a>. <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_PHA_classifications.pdf"> </a>. <a href="http://www.android.com/gms"> Google</a>. , . Google Play , . , . , , , . , .</li> 383 <li> Google Hangouts Messenger , mediaserver, .</li> 384 </ul> 385 <h2 id="acknowledgements"></h2> 386 <p> , :</p> 387 <ul> 388 <li> : CVE-2017-0390</li> 389 <li> Copperhead Security: CVE-2017-0397</li> 390 <li> (<a href="https://twitter.com/freener0">@freener0</a>) Xuanwu Lab, Tencent: CVE-2017-0386</li> 391 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2017-0392</li> 392 <li> (<a href="https://twitter.com/returnsme">@returnsme</a>) KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-8412, CVE-2016-8444, CVE-2016-8427, CVE-2017-0403</li> 393 <li>donfos ( ) Shellphish Grill, -: CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</li> 394 <li> (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>) <a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0394</li> 395 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2016-8464</li> 396 <li> Google WebM: CVE-2017-0393</li> 397 <li> () (<a href="http://twitter.com/oldfresher">@oldfresher</a>) Alpha Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>.: CVE-2017-0387</li> 398 <li> Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2016-8415, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465</li> 399 <li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360: CVE-2016-8475</li> 400 <li> (<a href="http://twitter.com/jcase">@jcase</a>) (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>): CVE-2016-8462</li> 401 <li> (<a href="http://twitter.com/jcase">@jcase</a>), (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>) (<a href="https://twitter.com/ben_ra">@Ben_RA</a>): CVE-2016-8461</li> 402 <li> (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), (<a href="https://twitter.com/nikos233__">@nikos233</a>), (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0383</li> 403 <li> : CVE-2017-0396, CVE-2017-0399</li> 404 <li> (<a href="https://twitter.com/heisecode">@heisecode</a>) Trend Micro: CVE-2016-8469, CVE-2016-8424, CVE-2016-8428, CVE-2016-8429, CVE-2016-8460, CVE-2016-8473, CVE-2016-8474</li> 405 <li> () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) KeenLab, Tencent (): CVE-2017-0382</li> 406 <li> IBM Security X-Force: CVE-2016-8467</li> 407 <li> (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) , Trend Micro: CVE-2016-8466</li> 408 <li> : CVE-2017-0389</li> 409 <li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) , <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0381</li> 410 <li> (<a href="https://twitter.com/sunblate">@sunblate</a>) Alibaba Inc.: CVE-2017-0391</li> 411 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0402, CVE-2017-0398</li> 412 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, <a href="mailto:arnow117 (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0400</li> 413 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, <a href="mailto:hlhan (a] bupt.edu.cn"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0384, CVE-2017-0385</li> 414 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, (<a href="https://twitter.com/nikos233__">@nikos233</a>), (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0401</li> 415 <li><a href="mailto:yaojun8558363 (a] gmail.com"> </a>, <a href="mailto:computernik (a] gmail.com">- </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8431, CVE-2016-8432, CVE-2016-8435</li> 416 <li> () (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Alibaba Inc.: CVE-2017-0404</li> 417 <li><a href="mailto:computernik (a] gmail.com">- </a>, <a href="mailto:segfault5514 (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8425, CVE-2016-8426, CVE-2016-8449</li> 418 <li><a href="mailto:computernik (a] gmail.com">- </a>, <a href="mailto:bigwyfone (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8430, CVE-2016-8482</li> 419 <li> (<a href="https://twitter.com/xbalien29">@Xbalien29</a>) Tencent: CVE-2017-0395</li> 420 <li> () (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>) Security Research Lab, <a href="http://www.cmcm.com/">Cheetah Mobile</a>: CVE-2016-8451</li> 421 </ul> 422 <p> , :</p> 423 <ul> 424 <li> , , , , , , Alibaba Mobile Security Group</li> 425 <li> (<a href="https://twitter.com/heisecode">@heisecode</a>) Trend Micro</li> 426 <li> Google</li> 427 </ul> 428 429 <h2 id="2017-01-01-details"> ( 2017-01-01)</h2> 430 <p> 431 , <a href="#2017-01-01-summary"> ( 2017-01-01)</a>: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 432 433 434 <h3 id="rce-in-c-ares"> c-ares</h3> 435 <p> 436 . - , . 437 </p> 438 439 <table> 440 <col width="18%"> 441 <col width="17%"> 442 <col width="10%"> 443 <col width="19%"> 444 <col width="18%"> 445 <col width="17%"> 446 <tr> 447 <th>CVE</th> 448 <th></th> 449 <th> </th> 450 <th> Google</th> 451 <th> AOSP</th> 452 <th> </th> 453 </tr> 454 <tr> 455 <td>CVE-2016-5180</td> 456 <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677"> 457 A-32205736</a></td> 458 <td></td> 459 <td></td> 460 <td>7.0</td> 461 <td>29 2016.</td> 462 </tr> 463 </table> 464 465 466 <h3 id="rce-vulnerability-in-framesequence"> Framesequence</h3> 467 <p> 468 . - , . 469 </p> 470 <table> 471 <col width="18%"> 472 <col width="17%"> 473 <col width="10%"> 474 <col width="19%"> 475 <col width="18%"> 476 <col width="17%"> 477 <tr> 478 <th>CVE</th> 479 <th></th> 480 <th> </th> 481 <th> Google</th> 482 <th> AOSP</th> 483 <th> </th> 484 </tr> 485 <tr> 486 <td>CVE-2017-0382</td> 487 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7"> 488 A-32338390</a></td> 489 <td></td> 490 <td></td> 491 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 492 <td>21 2016.</td> 493 </tr> 494 </table> 495 <h3 id="eop-in-framework-apis"> Framework API</h3> 496 <p> 497 . , , . 498 </p> 499 <table> 500 <col width="18%"> 501 <col width="17%"> 502 <col width="10%"> 503 <col width="19%"> 504 <col width="18%"> 505 <col width="17%"> 506 <tr> 507 <th>CVE</th> 508 <th></th> 509 <th> </th> 510 <th> Google</th> 511 <th> AOSP</th> 512 <th> </th> 513 </tr> 514 <tr> 515 <td>CVE-2017-0383</td> 516 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266"> 517 A-31677614</a></td> 518 <td></td> 519 <td></td> 520 <td>7.0, 7.1.1</td> 521 <td>21 2016.</td> 522 </tr> 523 </table> 524 <h3 id="eop-in-audioserver"> audioserver</h3> 525 <p> 526 . , , . 527 </p> 528 <table> 529 <col width="18%"> 530 <col width="17%"> 531 <col width="10%"> 532 <col width="19%"> 533 <col width="18%"> 534 <col width="17%"> 535 <tr> 536 <th>CVE</th> 537 <th></th> 538 <th> </th> 539 <th> Google</th> 540 <th> AOSP</th> 541 <th> </th> 542 </tr> 543 <tr> 544 <td>CVE-2017-0384</td> 545 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 546 A-32095626</a></td> 547 <td></td> 548 <td></td> 549 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 550 <td>11 2016.</td> 551 </tr> 552 <tr> 553 <td>CVE-2017-0385</td> 554 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 555 A-32585400</a></td> 556 <td></td> 557 <td></td> 558 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 559 <td>11 2016.</td> 560 </tr> 561 </table> 562 <h3 id="eop-in-libnl"> libnl</h3> 563 <p> 564 . , , . 565 </p> 566 <table> 567 <col width="18%"> 568 <col width="17%"> 569 <col width="10%"> 570 <col width="19%"> 571 <col width="18%"> 572 <col width="17%"> 573 <tr> 574 <th>CVE</th> 575 <th></th> 576 <th> </th> 577 <th> Google</th> 578 <th> AOSP</th> 579 <th> </th> 580 </tr> 581 <tr> 582 <td>CVE-2017-0386</td> 583 <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a"> 584 A-32255299</a></td> 585 <td></td> 586 <td></td> 587 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 588 <td>18 2016.</td> 589 </tr> 590 </table> 591 <h3 id="eop-in-mediaserver"> mediaserver</h3> 592 <p> 593 . , , . 594 </p> 595 <table> 596 <col width="18%"> 597 <col width="17%"> 598 <col width="10%"> 599 <col width="19%"> 600 <col width="18%"> 601 <col width="17%"> 602 <tr> 603 <th>CVE</th> 604 <th></th> 605 <th> </th> 606 <th> Google</th> 607 <th> AOSP</th> 608 <th> </th> 609 </tr> 610 <tr> 611 <td>CVE-2017-0387</td> 612 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f"> 613 A-32660278</a></td> 614 <td></td> 615 <td></td> 616 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 617 <td>4 2016.</td> 618 </tr> 619 </table> 620 <h3 id="id-in-external-storage-provider"> External Storage Provider</h3> 621 <p> 622 SD-, . - . 623 </p> 624 <table> 625 <col width="18%"> 626 <col width="17%"> 627 <col width="10%"> 628 <col width="19%"> 629 <col width="18%"> 630 <col width="17%"> 631 <tr> 632 <th>CVE</th> 633 <th></th> 634 <th> </th> 635 <th> Google</th> 636 <th> AOSP</th> 637 <th> </th> 638 </tr> 639 <tr> 640 <td>CVE-2017-0388</td> 641 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9"> 642 A-32523490</a></td> 643 <td></td> 644 <td></td> 645 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 646 <td> Google</td> 647 </tr> 648 </table> 649 <h3 id="dos-in-core-networking"> </h3> 650 <p> 651 . , . 652 </p> 653 <table> 654 <col width="18%"> 655 <col width="17%"> 656 <col width="10%"> 657 <col width="19%"> 658 <col width="18%"> 659 <col width="17%"> 660 <tr> 661 <th>CVE</th> 662 <th></th> 663 <th> </th> 664 <th> Google</th> 665 <th> AOSP</th> 666 <th> </th> 667 </tr> 668 <tr> 669 <td>CVE-2017-0389</td> 670 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7">A-31850211</a> 671 [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 672 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td> 673 <td></td> 674 <td></td> 675 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 676 <td>20 2016.</td> 677 </tr> 678 </table> 679 <h3 id="dos-in-mediaserver"> mediaserver</h3> 680 <p> 681 . , . 682 </p> 683 <table> 684 <col width="18%"> 685 <col width="17%"> 686 <col width="10%"> 687 <col width="19%"> 688 <col width="18%"> 689 <col width="17%"> 690 <tr> 691 <th>CVE</th> 692 <th></th> 693 <th> </th> 694 <th> Google</th> 695 <th> AOSP</th> 696 <th> </th> 697 </tr> 698 <tr> 699 <td>CVE-2017-0390</td> 700 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0"> 701 A-31647370</a></td> 702 <td></td> 703 <td></td> 704 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 705 <td>19 2016.</td> 706 </tr> 707 <tr> 708 <td>CVE-2017-0391</td> 709 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f"> 710 A-32322258</a></td> 711 <td></td> 712 <td></td> 713 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 714 <td>20 2016.</td> 715 </tr> 716 <tr> 717 <td>CVE-2017-0392</td> 718 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c"> 719 A-32577290</a></td> 720 <td></td> 721 <td></td> 722 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 723 <td>29 2016.</td> 724 </tr> 725 <tr> 726 <td>CVE-2017-0393</td> 727 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc"> 728 A-30436808</a></td> 729 <td></td> 730 <td></td> 731 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 732 <td> Google</td> 733 </tr> 734 </table> 735 <h3 id="dos-in-telephony"> </h3> 736 <p> 737 . , . 738 </p> 739 <table> 740 <col width="18%"> 741 <col width="17%"> 742 <col width="10%"> 743 <col width="19%"> 744 <col width="18%"> 745 <col width="17%"> 746 <tr> 747 <th>CVE</th> 748 <th></th> 749 <th> </th> 750 <th> Google</th> 751 <th> AOSP</th> 752 <th> </th> 753 </tr> 754 <tr> 755 <td>CVE-2017-0394</td> 756 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d"> 757 A-31752213</a></td> 758 <td></td> 759 <td></td> 760 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 761 <td>23 2016.</td> 762 </tr> 763 </table> 764 <h3 id="eop-in-contacts"> </h3> 765 <p> 766 . , (, , ). 767 </p> 768 <table> 769 <col width="18%"> 770 <col width="17%"> 771 <col width="10%"> 772 <col width="19%"> 773 <col width="18%"> 774 <col width="17%"> 775 <tr> 776 <th>CVE</th> 777 <th></th> 778 <th> </th> 779 <th> Google</th> 780 <th> AOSP</th> 781 <th> </th> 782 </tr> 783 <tr> 784 <td>CVE-2017-0395</td> 785 <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b"> 786 A-32219099</a></td> 787 <td></td> 788 <td></td> 789 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 790 <td>15 2016.</td> 791 </tr> 792 </table> 793 <h3 id="id-in-mediaserver"> mediaserver</h3> 794 <p> 795 . - . 796 </p> 797 <table> 798 <col width="18%"> 799 <col width="17%"> 800 <col width="10%"> 801 <col width="19%"> 802 <col width="18%"> 803 <col width="17%"> 804 <tr> 805 <th>CVE</th> 806 <th></th> 807 <th> </th> 808 <th> Google</th> 809 <th> AOSP</th> 810 <th> </th> 811 </tr> 812 <tr> 813 <td>CVE-2017-0381</td> 814 <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7"> 815 A-31607432</a></td> 816 <td></td> 817 <td></td> 818 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 819 <td>18 2016.</td> 820 </tr> 821 <tr> 822 <td>CVE-2017-0396</td> 823 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7"> 824 A-31781965</a></td> 825 <td></td> 826 <td></td> 827 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 828 <td>27 2016.</td> 829 </tr> 830 <tr> 831 <td>CVE-2017-0397</td> 832 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c"> 833 A-32377688</a></td> 834 <td></td> 835 <td></td> 836 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 837 <td>21 2016.</td> 838 </tr> 839 </table> 840 <h3 id="id-in-audioserver"> audioserver</h3> 841 <p> 842 . - . 843 </p> 844 <table> 845 <col width="18%"> 846 <col width="17%"> 847 <col width="10%"> 848 <col width="19%"> 849 <col width="18%"> 850 <col width="17%"> 851 <tr> 852 <th>CVE</th> 853 <th></th> 854 <th> </th> 855 <th> Google</th> 856 <th> AOSP</th> 857 <th> </th> 858 </tr> 859 <tr> 860 <td>CVE-2017-0398</td> 861 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 862 A-32438594</a></td> 863 <td></td> 864 <td></td> 865 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 866 <td>25 2016.</td> 867 </tr> 868 <tr> 869 <td>CVE-2017-0398</td> 870 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 871 A-32635664</a></td> 872 <td></td> 873 <td></td> 874 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 875 <td>25 2016.</td> 876 </tr> 877 <tr> 878 <td>CVE-2017-0398</td> 879 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 880 A-32624850</a></td> 881 <td></td> 882 <td></td> 883 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 884 <td>25 2016.</td> 885 </tr> 886 <tr> 887 <td>CVE-2017-0399</td> 888 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32247948</a> 889 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 890 <td></td> 891 <td></td> 892 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 893 <td>18 2016.</td> 894 </tr> 895 <tr> 896 <td>CVE-2017-0400</td> 897 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32584034</a> 898 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 899 <td></td> 900 <td></td> 901 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 902 <td>25 2016.</td> 903 </tr> 904 <tr> 905 <td>CVE-2017-0401</td> 906 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 907 A-32448258</a></td> 908 <td></td> 909 <td></td> 910 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 911 <td>26 2016.</td> 912 </tr> 913 <tr> 914 <td>CVE-2017-0402</td> 915 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32436341</a> 916 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 917 <td></td> 918 <td></td> 919 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 920 <td>25 2016.</td> 921 </tr> 922 </table> 923 924 <h2 id="2017-01-05-details"> ( 2017-01-05)</h2> 925 <p> 926 , <a href="#2017-01-05-summary"> ( 2017-01-05)</a>: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 927 928 929 <h3 id="eop-in-kernel-memory-subsystem"> </h3> 930 <p> 931 . , - . , . 932 </p> 933 934 <table> 935 <col width="19%"> 936 <col width="20%"> 937 <col width="10%"> 938 <col width="23%"> 939 <col width="17%"> 940 <tr> 941 <th>CVE</th> 942 <th></th> 943 <th> </th> 944 <th> Google</th> 945 <th> </th> 946 </tr> 947 <tr> 948 <td>CVE-2015-3288</td> 949 <td>A-32460277<br> 950 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d"> 951 Upstream kernel</a></td> 952 <td></td> 953 <td>Nexus5X, Nexus6, Nexus6P, AndroidOne, PixelC, Nexus Player, Pixel, PixelXL</td> 954 <td>9 2015.</td> 955 </tr> 956 </table> 957 958 959 <h3 id="eop-in-qualcomm-bootloader"> Qualcomm</h3> 960 <p> 961 . , - . , . 962 </p> 963 964 <table> 965 <col width="19%"> 966 <col width="20%"> 967 <col width="10%"> 968 <col width="23%"> 969 <col width="17%"> 970 <tr> 971 <th>CVE</th> 972 <th></th> 973 <th> </th> 974 <th> Google</th> 975 <th> </th> 976 </tr> 977 <tr> 978 <td>CVE-2016-8422</td> 979 <td>A-31471220<br> 980 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213"> 981 QC-CR#979426</a></td> 982 <td></td> 983 <td>Nexus6, Nexus6P, Pixel, PixelXL</td> 984 <td>22 2016.</td> 985 </tr> 986 <tr> 987 <td>CVE-2016-8423</td> 988 <td>A-31399736<br> 989 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867"> 990 QC-CR#1000546</a></td> 991 <td></td> 992 <td>Nexus6P, Pixel, PixelXL</td> 993 <td>24 2016.</td> 994 </tr> 995 </table> 996 997 998 <h3 id="eop-in-kernel-file-system"> </h3> 999 <p> 1000 . , - . , . 1001 </p> 1002 1003 <table> 1004 <col width="19%"> 1005 <col width="20%"> 1006 <col width="10%"> 1007 <col width="23%"> 1008 <col width="17%"> 1009 <tr> 1010 <th>CVE</th> 1011 <th></th> 1012 <th> </th> 1013 <th> Google</th> 1014 <th> </th> 1015 </tr> 1016 <tr> 1017 <td>CVE-2015-5706</td> 1018 <td>A-32289301<br> 1019 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0"> 1020 Upstream kernel</a></td> 1021 <td></td> 1022 <td>*</td> 1023 <td>1 2016.</td> 1024 </tr> 1025 </table> 1026 <p> 1027 * Google Android7.0, . 1028 </p> 1029 1030 1031 <h3 id="eop-in-nvidia-gpu-driver"> NVIDIA </h3> 1032 <p> 1033 . , - . , . 1034 </p> 1035 1036 <table> 1037 <col width="19%"> 1038 <col width="20%"> 1039 <col width="10%"> 1040 <col width="23%"> 1041 <col width="17%"> 1042 <tr> 1043 <th>CVE</th> 1044 <th></th> 1045 <th> </th> 1046 <th> Google</th> 1047 <th> </th> 1048 </tr> 1049 <tr> 1050 <td>CVE-2016-8424</td> 1051 <td>A-31606947*<br> 1052 N-CVE-2016-8424</td> 1053 <td></td> 1054 <td>Nexus9</td> 1055 <td>17 2016.</td> 1056 </tr> 1057 <tr> 1058 <td>CVE-2016-8425</td> 1059 <td>A-31797770*<br> 1060 N-CVE-2016-8425</td> 1061 <td></td> 1062 <td>Nexus9</td> 1063 <td>28 2016.</td> 1064 </tr> 1065 <tr> 1066 <td>CVE-2016-8426</td> 1067 <td>A-31799206*<br> 1068 N-CVE-2016-8426</td> 1069 <td></td> 1070 <td>Nexus9</td> 1071 <td>28 2016.</td> 1072 </tr> 1073 <tr> 1074 <td>CVE-2016-8482</td> 1075 <td>A-31799863*<br> 1076 N-CVE-2016-8482</td> 1077 <td></td> 1078 <td>Nexus9</td> 1079 <td>28 2016.</td> 1080 </tr> 1081 <tr> 1082 <td>CVE-2016-8427</td> 1083 <td>A-31799885*<br> 1084 N-CVE-2016-8427</td> 1085 <td></td> 1086 <td>Nexus9</td> 1087 <td>28 2016.</td> 1088 </tr> 1089 <tr> 1090 <td>CVE-2016-8428</td> 1091 <td>A-31993456*<br> 1092 N-CVE-2016-8428</td> 1093 <td></td> 1094 <td>Nexus9</td> 1095 <td>6 2016.</td> 1096 </tr> 1097 <tr> 1098 <td>CVE-2016-8429</td> 1099 <td>A-32160775*<br> 1100 N-CVE-2016-8429</td> 1101 <td></td> 1102 <td>Nexus9</td> 1103 <td>13 2016.</td> 1104 </tr> 1105 <tr> 1106 <td>CVE-2016-8430</td> 1107 <td>A-32225180*<br> 1108 N-CVE-2016-8430</td> 1109 <td></td> 1110 <td>Nexus9</td> 1111 <td>17 2016.</td> 1112 </tr> 1113 <tr> 1114 <td>CVE-2016-8431</td> 1115 <td>A-32402179*<br> 1116 N-CVE-2016-8431</td> 1117 <td></td> 1118 <td>Pixel</td> 1119 <td>25 2016.</td> 1120 </tr> 1121 <tr> 1122 <td>CVE-2016-8432</td> 1123 <td>A-32447738*<br> 1124 N-CVE-2016-8432</td> 1125 <td></td> 1126 <td>Pixel</td> 1127 <td>26 2016.</td> 1128 </tr> 1129 </table> 1130 <p> 1131 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1132 </p> 1133 1134 1135 <h3 id="eop-in-mediatek-driver"> MediaTek</h3> 1136 <p> 1137 . , - . , . 1138 </p> 1139 1140 <table> 1141 <col width="19%"> 1142 <col width="20%"> 1143 <col width="10%"> 1144 <col width="23%"> 1145 <col width="17%"> 1146 <tr> 1147 <th>CVE</th> 1148 <th></th> 1149 <th> </th> 1150 <th> Google</th> 1151 <th> </th> 1152 </tr> 1153 <tr> 1154 <td>CVE-2016-8433</td> 1155 <td>A-31750190*<br> 1156 MT-ALPS02974192</td> 1157 <td></td> 1158 <td>**</td> 1159 <td>24 2016.</td> 1160 </tr> 1161 </table> 1162 <p> 1163 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1164 </p> 1165 <p> 1166 ** Google Android7.0, . 1167 </p> 1168 1169 1170 <h3 id="eop-in-qualcomm-gpu-driver"> Qualcomm </h3> 1171 <p> 1172 . , - . , . 1173 </p> 1174 1175 <table> 1176 <col width="19%"> 1177 <col width="20%"> 1178 <col width="10%"> 1179 <col width="23%"> 1180 <col width="17%"> 1181 <tr> 1182 <th>CVE</th> 1183 <th></th> 1184 <th> </th> 1185 <th> Google</th> 1186 <th> </th> 1187 </tr> 1188 <tr> 1189 <td>CVE-2016-8434</td> 1190 <td>A-32125137<br> 1191 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9"> 1192 QC-CR#1081855</a></td> 1193 <td></td> 1194 <td>Nexus5X, Nexus6, Nexus6P, Android One</td> 1195 <td>12 2016.</td> 1196 </tr> 1197 </table> 1198 1199 1200 <h3 id="eop-in-nvidia-gpu-driver-2"> NVIDIA </h3> 1201 <p> 1202 . , - . , . 1203 </p> 1204 1205 <table> 1206 <col width="19%"> 1207 <col width="20%"> 1208 <col width="10%"> 1209 <col width="23%"> 1210 <col width="17%"> 1211 <tr> 1212 <th>CVE</th> 1213 <th></th> 1214 <th> </th> 1215 <th> Google</th> 1216 <th> </th> 1217 </tr> 1218 <tr> 1219 <td>CVE-2016-8435</td> 1220 <td>A-32700935*<br> 1221 N-CVE-2016-8435</td> 1222 <td></td> 1223 <td>Pixel</td> 1224 <td>7 2016.</td> 1225 </tr> 1226 </table> 1227 <p> 1228 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1229 </p> 1230 1231 1232 <h3 id="eop-in-qualcomm-video-driver"> Qualcomm</h3> 1233 <p> 1234 . , - . , . 1235 </p> 1236 1237 <table> 1238 <col width="19%"> 1239 <col width="20%"> 1240 <col width="10%"> 1241 <col width="23%"> 1242 <col width="17%"> 1243 <tr> 1244 <th>CVE</th> 1245 <th></th> 1246 <th> </th> 1247 <th> Google</th> 1248 <th> </th> 1249 </tr> 1250 <tr> 1251 <td>CVE-2016-8436</td> 1252 <td>A-32450261<br> 1253 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced"> 1254 QC-CR#1007860</a></td> 1255 <td></td> 1256 <td>*</td> 1257 <td>13 2016.</td> 1258 </tr> 1259 </table> 1260 <p> 1261 * Google Android7.0, . 1262 </p> 1263 1264 1265 <h3 id="vulnerabilities-in-qualcomm-components"> Qualcomm</h3> 1266 <p> 1267 Qualcomm Qualcomm AMSS 2015, 2016, 2016 2016. 1268 </p> 1269 1270 <table> 1271 <col width="19%"> 1272 <col width="20%"> 1273 <col width="10%"> 1274 <col width="23%"> 1275 <col width="17%"> 1276 <tr> 1277 <th>CVE</th> 1278 <th></th> 1279 <th> *</th> 1280 <th> Google</th> 1281 <th> </th> 1282 </tr> 1283 <tr> 1284 <td>CVE-2016-8438</td> 1285 <td>A-31624565**</td> 1286 <td></td> 1287 <td>***</td> 1288 <td> Qualcomm</td> 1289 </tr> 1290 <tr> 1291 <td>CVE-2016-8442</td> 1292 <td>A-31625910**</td> 1293 <td></td> 1294 <td>***</td> 1295 <td> Qualcomm</td> 1296 </tr> 1297 <tr> 1298 <td>CVE-2016-8443</td> 1299 <td>A-32576499**</td> 1300 <td></td> 1301 <td>***</td> 1302 <td> Qualcomm</td> 1303 </tr> 1304 <tr> 1305 <td>CVE-2016-8437</td> 1306 <td>A-31623057**</td> 1307 <td></td> 1308 <td>***</td> 1309 <td> Qualcomm</td> 1310 </tr> 1311 <tr> 1312 <td>CVE-2016-8439</td> 1313 <td>A-31625204**</td> 1314 <td></td> 1315 <td>***</td> 1316 <td> Qualcomm</td> 1317 </tr> 1318 <tr> 1319 <td>CVE-2016-8440</td> 1320 <td>A-31625306**</td> 1321 <td></td> 1322 <td>***</td> 1323 <td> Qualcomm</td> 1324 </tr> 1325 <tr> 1326 <td>CVE-2016-8441</td> 1327 <td>A-31625904**</td> 1328 <td></td> 1329 <td>***</td> 1330 <td> Qualcomm</td> 1331 </tr> 1332 <tr> 1333 <td>CVE-2016-8398</td> 1334 <td>A-31548486**</td> 1335 <td></td> 1336 <td>Nexus5X, Nexus6, Nexus6P, Android One</td> 1337 <td> Qualcomm</td> 1338 </tr> 1339 <tr> 1340 <td>CVE-2016-8459</td> 1341 <td>A-32577972**</td> 1342 <td></td> 1343 <td>***</td> 1344 <td> Qualcomm</td> 1345 </tr> 1346 <tr> 1347 <td>CVE-2016-5080</td> 1348 <td>A-31115235**</td> 1349 <td></td> 1350 <td>Nexus5X</td> 1351 <td> Qualcomm</td> 1352 </tr> 1353 </table> 1354 <p> 1355 * Qualcomm. 1356 </p> 1357 <p> 1358 ** . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1359 </p> 1360 <p> 1361 *** Google Android7.0, . 1362 </p> 1363 1364 1365 <h3 id="eop-in-qualcomm-camera"> Qualcomm</h3> 1366 <p> 1367 . , . 1368 </p> 1369 1370 <table> 1371 <col width="19%"> 1372 <col width="20%"> 1373 <col width="10%"> 1374 <col width="23%"> 1375 <col width="17%"> 1376 <tr> 1377 <th>CVE</th> 1378 <th></th> 1379 <th> </th> 1380 <th> Google</th> 1381 <th> </th> 1382 </tr> 1383 <tr> 1384 <td>CVE-2016-8412</td> 1385 <td>A-31225246<br> 1386 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786"> 1387 QC-CR#1071891</a></td> 1388 <td></td> 1389 <td>Nexus5X, Nexus6, Nexus6P, AndroidOne, Pixel, PixelXL</td> 1390 <td>26 2016.</td> 1391 </tr> 1392 <tr> 1393 <td>CVE-2016-8444</td> 1394 <td>A-31243641*<br> 1395 QC-CR#1074310</td> 1396 <td></td> 1397 <td>Nexus5X, Nexus6, Nexus6P</td> 1398 <td>26 2016.</td> 1399 </tr> 1400 </table> 1401 <p> 1402 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1403 </p> 1404 1405 1406 <h3 id="eop-in-mediatek-components"> MediaTek</h3> 1407 <p> 1408 . , . 1409 </p> 1410 1411 <table> 1412 <col width="19%"> 1413 <col width="20%"> 1414 <col width="10%"> 1415 <col width="23%"> 1416 <col width="17%"> 1417 <tr> 1418 <th>CVE</th> 1419 <th></th> 1420 <th> </th> 1421 <th> Google</th> 1422 <th> </th> 1423 </tr> 1424 <tr> 1425 <td>CVE-2016-8445</td> 1426 <td>A-31747590*<br> 1427 MT-ALPS02968983</td> 1428 <td></td> 1429 <td>**</td> 1430 <td>25 2016.</td> 1431 </tr> 1432 <tr> 1433 <td>CVE-2016-8446</td> 1434 <td>A-31747749*<br> 1435 MT-ALPS02968909</td> 1436 <td></td> 1437 <td>**</td> 1438 <td>25 2016.</td> 1439 </tr> 1440 <tr> 1441 <td>CVE-2016-8447</td> 1442 <td>A-31749463*<br> 1443 MT-ALPS02968886</td> 1444 <td></td> 1445 <td>**</td> 1446 <td>25 2016.</td> 1447 </tr> 1448 <tr> 1449 <td>CVE-2016-8448</td> 1450 <td>A-31791148*<br> 1451 MT-ALPS02982181</td> 1452 <td></td> 1453 <td>**</td> 1454 <td>28 2016.</td> 1455 </tr> 1456 </table> 1457 <p> 1458 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1459 </p> 1460 <p> 1461 ** Google Android7.0, . 1462 </p> 1463 1464 1465 <h3 id="eop-in-qualcomm-wi-fi-driver"> Wi-Fi- Qualcomm</h3> 1466 <p> 1467 . , . 1468 </p> 1469 1470 <table> 1471 <col width="19%"> 1472 <col width="20%"> 1473 <col width="10%"> 1474 <col width="23%"> 1475 <col width="17%"> 1476 <tr> 1477 <th>CVE</th> 1478 <th></th> 1479 <th> </th> 1480 <th> Google</th> 1481 <th> </th> 1482 </tr> 1483 <tr> 1484 <td>CVE-2016-8415</td> 1485 <td>A-31750554<br> 1486 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394"> 1487 QC-CR#1079596</a></td> 1488 <td></td> 1489 <td>Nexus5X, Pixel, PixelXL</td> 1490 <td>26 2016.</td> 1491 </tr> 1492 </table> 1493 1494 1495 <h3 id="eop-in-nvidia-gpu-driver-3"> NVIDIA </h3> 1496 <p> 1497 . , . 1498 </p> 1499 1500 <table> 1501 <col width="19%"> 1502 <col width="20%"> 1503 <col width="10%"> 1504 <col width="23%"> 1505 <col width="17%"> 1506 <tr> 1507 <th>CVE</th> 1508 <th></th> 1509 <th> </th> 1510 <th> Google</th> 1511 <th> </th> 1512 </tr> 1513 <tr> 1514 <td>CVE-2016-8449</td> 1515 <td>A-31798848*<br> 1516 N-CVE-2016-8449</td> 1517 <td></td> 1518 <td>Nexus9</td> 1519 <td>28 2016.</td> 1520 </tr> 1521 </table> 1522 <p> 1523 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1524 </p> 1525 1526 1527 <h3 id="eop-in-qualcomm-sound-driver"> Qualcomm</h3> 1528 <p> 1529 . , . 1530 </p> 1531 1532 <table> 1533 <col width="19%"> 1534 <col width="20%"> 1535 <col width="10%"> 1536 <col width="23%"> 1537 <col width="17%"> 1538 <tr> 1539 <th>CVE</th> 1540 <th></th> 1541 <th> </th> 1542 <th> Google</th> 1543 <th> </th> 1544 </tr> 1545 <tr> 1546 <td>CVE-2016-8450</td> 1547 <td>A-32450563<br> 1548 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb"> 1549 QC-CR#880388</a></td> 1550 <td></td> 1551 <td>Nexus5X, Nexus6, Nexus6P, Android One</td> 1552 <td>13 2016.</td> 1553 </tr> 1554 </table> 1555 1556 1557 <h3 id="eop-in-synaptics-touchscreen-driver"> Synaptics</h3> 1558 <p> 1559 . , . 1560 </p> 1561 1562 <table> 1563 <col width="19%"> 1564 <col width="20%"> 1565 <col width="10%"> 1566 <col width="23%"> 1567 <col width="17%"> 1568 <tr> 1569 <th>CVE</th> 1570 <th></th> 1571 <th> </th> 1572 <th> Google</th> 1573 <th> </th> 1574 </tr> 1575 <tr> 1576 <td>CVE-2016-8451</td> 1577 <td>A-32178033*</td> 1578 <td></td> 1579 <td>**</td> 1580 <td>13 2016.</td> 1581 </tr> 1582 </table> 1583 <p> 1584 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1585 </p> 1586 <p> 1587 ** Google Android7.0, . 1588 </p> 1589 1590 1591 <h3 id="eop-in-kernel-security-subsystem"> </h3> 1592 <p> 1593 . , . 1594 </p> 1595 1596 <table> 1597 <col width="19%"> 1598 <col width="20%"> 1599 <col width="10%"> 1600 <col width="23%"> 1601 <col width="17%"> 1602 <tr> 1603 <th>CVE</th> 1604 <th></th> 1605 <th> </th> 1606 <th> Google</th> 1607 <th> </th> 1608 </tr> 1609 <tr> 1610 <td>CVE-2016-7042</td> 1611 <td>A-32178986<br> 1612 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc"> 1613 Upstream kernel</a></td> 1614 <td></td> 1615 <td>Pixel</td> 1616 <td>14 2016.</td> 1617 </tr> 1618 </table> 1619 1620 1621 <h3 id="eop-in-kernel-performance-subsystem"> </h3> 1622 <p> 1623 . , . 1624 </p> 1625 1626 <table> 1627 <col width="19%"> 1628 <col width="20%"> 1629 <col width="10%"> 1630 <col width="23%"> 1631 <col width="17%"> 1632 <tr> 1633 <th>CVE</th> 1634 <th></th> 1635 <th> </th> 1636 <th> Google</th> 1637 <th> </th> 1638 </tr> 1639 <tr> 1640 <td>CVE-2017-0403</td> 1641 <td>A-32402548*</td> 1642 <td></td> 1643 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, AndroidOne, PixelC, Nexus Player, Pixel, PixelXL</td> 1644 <td>25 2016.</td> 1645 </tr> 1646 </table> 1647 <p> 1648 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1649 </p> 1650 1651 1652 <h3 id="eop-in-kernel-sound-subsystem"> </h3> 1653 <p> 1654 . , . 1655 </p> 1656 1657 <table> 1658 <col width="19%"> 1659 <col width="20%"> 1660 <col width="10%"> 1661 <col width="23%"> 1662 <col width="17%"> 1663 <tr> 1664 <th>CVE</th> 1665 <th></th> 1666 <th> </th> 1667 <th> Google</th> 1668 <th> </th> 1669 </tr> 1670 <tr> 1671 <td>CVE-2017-0404</td> 1672 <td>A-32510733*</td> 1673 <td></td> 1674 <td>Nexus5X, Nexus6P, Nexus9, PixelC, Nexus Player, Pixel, PixelXL</td> 1675 <td>27 2016.</td> 1676 </tr> 1677 </table> 1678 <p> 1679 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1680 </p> 1681 1682 1683 <h3 id="eop-in-qualcomm-wi-fi-driver-2"> Wi-Fi- Qualcomm</h3> 1684 <p> 1685 . , . 1686 </p> 1687 1688 <table> 1689 <col width="19%"> 1690 <col width="20%"> 1691 <col width="10%"> 1692 <col width="23%"> 1693 <col width="17%"> 1694 <tr> 1695 <th>CVE</th> 1696 <th></th> 1697 <th> </th> 1698 <th> Google</th> 1699 <th> </th> 1700 </tr> 1701 <tr> 1702 <td>CVE-2016-8452</td> 1703 <td>A-32506396<br> 1704 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526"> 1705 QC-CR#1050323</a></td> 1706 <td></td> 1707 <td>Nexus5X, Android One, Pixel, PixelXL</td> 1708 <td>28 2016.</td> 1709 </tr> 1710 </table> 1711 1712 1713 <h3 id="eop-in-qualcomm-radio-driver"> Qualcomm</h3> 1714 <p> 1715 . , . 1716 </p> 1717 1718 <table> 1719 <col width="19%"> 1720 <col width="20%"> 1721 <col width="10%"> 1722 <col width="23%"> 1723 <col width="17%"> 1724 <tr> 1725 <th>CVE</th> 1726 <th></th> 1727 <th> </th> 1728 <th> Google</th> 1729 <th> </th> 1730 </tr> 1731 <tr> 1732 <td>CVE-2016-5345</td> 1733 <td>A-32639452<br> 1734 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6"> 1735 QC-CR#1079713</a></td> 1736 <td></td> 1737 <td>AndroidOne</td> 1738 <td>3 2016.</td> 1739 </tr> 1740 </table> 1741 1742 1743 <h3 id="eop-in-kernel-profiling-subsystem"> </h3> 1744 <p> 1745 . , . 1746 </p> 1747 1748 <table> 1749 <col width="19%"> 1750 <col width="20%"> 1751 <col width="10%"> 1752 <col width="23%"> 1753 <col width="17%"> 1754 <tr> 1755 <th>CVE</th> 1756 <th></th> 1757 <th> </th> 1758 <th> Google</th> 1759 <th> </th> 1760 </tr> 1761 <tr> 1762 <td>CVE-2016-9754</td> 1763 <td>A-32659848<br> 1764 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6"> 1765 Upstream kernel</a></td> 1766 <td></td> 1767 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Android One, PixelC, Nexus Player</td> 1768 <td>4 2016.</td> 1769 </tr> 1770 </table> 1771 1772 1773 <h3 id="eop-in-broadcom-wi-fi-driver"> Wi-Fi- Broadcom</h3> 1774 <p> 1775 . , . 1776 </p> 1777 1778 <table> 1779 <col width="19%"> 1780 <col width="20%"> 1781 <col width="10%"> 1782 <col width="23%"> 1783 <col width="17%"> 1784 <tr> 1785 <th>CVE</th> 1786 <th></th> 1787 <th> </th> 1788 <th> Google</th> 1789 <th> </th> 1790 </tr> 1791 <tr> 1792 <td>CVE-2016-8453 1793 </td> 1794 <td>A-24739315*<br> 1795 B-RB#73392</td> 1796 <td></td> 1797 <td>Nexus6</td> 1798 <td> Google</td> 1799 </tr> 1800 <tr> 1801 <td>CVE-2016-8454</td> 1802 <td>A-32174590*<br> 1803 B-RB#107142</td> 1804 <td></td> 1805 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 1806 <td>14 2016.</td> 1807 </tr> 1808 <tr> 1809 <td>CVE-2016-8455</td> 1810 <td>A-32219121*<br> 1811 B-RB#106311</td> 1812 <td></td> 1813 <td>Nexus6P</td> 1814 <td>15 2016.</td> 1815 </tr> 1816 <tr> 1817 <td>CVE-2016-8456</td> 1818 <td>A-32219255*<br> 1819 B-RB#105580</td> 1820 <td></td> 1821 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 1822 <td>15 2016.</td> 1823 </tr> 1824 <tr> 1825 <td>CVE-2016-8457</td> 1826 <td>A-32219453*<br> 1827 B-RB#106116</td> 1828 <td></td> 1829 <td>Nexus6, Nexus6P, Nexus9, PixelC</td> 1830 <td>15 2016.</td> 1831 </tr> 1832 </table> 1833 <p> 1834 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1835 </p> 1836 1837 1838 <h3 id="eop-in-synaptics-touchscreen-driver-2"> Synaptics</h3> 1839 <p> 1840 . , . 1841 </p> 1842 1843 <table> 1844 <col width="19%"> 1845 <col width="20%"> 1846 <col width="10%"> 1847 <col width="23%"> 1848 <col width="17%"> 1849 <tr> 1850 <th>CVE</th> 1851 <th></th> 1852 <th> </th> 1853 <th> Google</th> 1854 <th> </th> 1855 </tr> 1856 <tr> 1857 <td>CVE-2016-8458</td> 1858 <td>A-31968442*</td> 1859 <td></td> 1860 <td>Nexus5X, Nexus6P, Nexus9, AndroidOne, Pixel, PixelXL</td> 1861 <td> Google</td> 1862 </tr> 1863 </table> 1864 <p> 1865 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1866 </p> 1867 1868 1869 <h3 id="id-in-nvidia-video-driver"> NVIDIA</h3> 1870 <p> 1871 . 1872 - . 1873 </p> 1874 1875 <table> 1876 <col width="19%"> 1877 <col width="20%"> 1878 <col width="10%"> 1879 <col width="23%"> 1880 <col width="17%"> 1881 <tr> 1882 <th>CVE</th> 1883 <th></th> 1884 <th> </th> 1885 <th> Google</th> 1886 <th> </th> 1887 </tr> 1888 <tr> 1889 <td>CVE-2016-8460</td> 1890 <td>A-31668540*<br> 1891 N-CVE-2016-8460</td> 1892 <td></td> 1893 <td>Nexus9</td> 1894 <td>21 2016.</td> 1895 </tr> 1896 </table> 1897 <p> 1898 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1899 </p> 1900 1901 1902 <h3 id="id-in-bootloader"> </h3> 1903 <p> 1904 , , . - . 1905 </p> 1906 1907 <table> 1908 <col width="19%"> 1909 <col width="20%"> 1910 <col width="10%"> 1911 <col width="23%"> 1912 <col width="17%"> 1913 <tr> 1914 <th>CVE</th> 1915 <th></th> 1916 <th> </th> 1917 <th> Google</th> 1918 <th> </th> 1919 </tr> 1920 <tr> 1921 <td>CVE-2016-8461</td> 1922 <td>A-32369621*</td> 1923 <td></td> 1924 <td>Nexus9, Pixel, PixelXL</td> 1925 <td>21 2016.</td> 1926 </tr> 1927 <tr> 1928 <td>CVE-2016-8462</td> 1929 <td>A-32510383*</td> 1930 <td></td> 1931 <td>Pixel, PixelXL</td> 1932 <td>27 2016.</td> 1933 </tr> 1934 </table> 1935 <p> 1936 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1937 </p> 1938 1939 1940 <h3 id="dos-in-qualcomm-fuse-file-system"> FUSE Qualcomm</h3> 1941 <p> 1942 . , . 1943 </p> 1944 1945 <table> 1946 <col width="19%"> 1947 <col width="20%"> 1948 <col width="10%"> 1949 <col width="23%"> 1950 <col width="17%"> 1951 <tr> 1952 <th>CVE</th> 1953 <th></th> 1954 <th> </th> 1955 <th> Google</th> 1956 <th> </th> 1957 </tr> 1958 <tr> 1959 <td>CVE-2016-8463</td> 1960 <td>A-30786860<br> 1961 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10"> 1962 QC-CR#586855</a></td> 1963 <td></td> 1964 <td>*</td> 1965 <td>3 2016.</td> 1966 </tr> 1967 </table> 1968 <p> 1969 * Google Android7.0, . 1970 </p> 1971 1972 1973 <h3 id="dos-in-bootloader"> </h3> 1974 <p> 1975 . , . , . 1976 </p> 1977 1978 <table> 1979 <col width="19%"> 1980 <col width="20%"> 1981 <col width="10%"> 1982 <col width="23%"> 1983 <col width="17%"> 1984 <tr> 1985 <th>CVE</th> 1986 <th></th> 1987 <th> </th> 1988 <th> Google</th> 1989 <th> </th> 1990 </tr> 1991 <tr> 1992 <td>CVE-2016-8467</td> 1993 <td>A-30308784*</td> 1994 <td></td> 1995 <td>Nexus6, Nexus6P</td> 1996 <td>29 2016.</td> 1997 </tr> 1998 </table> 1999 <p> 2000 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2001 </p> 2002 2003 2004 <h3 id="eop-in-broadcom-wi-fi-driver-2"> Wi-Fi- Broadcom</h3> 2005 <p> 2006 . , , . 2007 </p> 2008 2009 <table> 2010 <col width="19%"> 2011 <col width="20%"> 2012 <col width="10%"> 2013 <col width="23%"> 2014 <col width="17%"> 2015 <tr> 2016 <th>CVE</th> 2017 <th></th> 2018 <th> </th> 2019 <th> Google</th> 2020 <th> </th> 2021 </tr> 2022 <tr> 2023 <td>CVE-2016-8464</td> 2024 <td>A-29000183*<br> 2025 B-RB#106314</td> 2026 <td></td> 2027 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 2028 <td>26 2016.</td> 2029 </tr> 2030 <tr> 2031 <td>CVE-2016-8466</td> 2032 <td>A-31822524*<br> 2033 B-RB#105268</td> 2034 <td></td> 2035 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 2036 <td>28 2016.</td> 2037 </tr> 2038 <tr> 2039 <td>CVE-2016-8465</td> 2040 <td>A-32474971*<br> 2041 B-RB#106053</td> 2042 <td></td> 2043 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 2044 <td>27 2016.</td> 2045 </tr> 2046 </table> 2047 <p> 2048 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2049 </p> 2050 2051 2052 <h3 id="eop-in-bootloader"> </h3> 2053 <p> 2054 , , . , (, , ). 2055 </p> 2056 2057 <table> 2058 <col width="19%"> 2059 <col width="20%"> 2060 <col width="10%"> 2061 <col width="23%"> 2062 <col width="17%"> 2063 <tr> 2064 <th>CVE</th> 2065 <th></th> 2066 <th> </th> 2067 <th> Google</th> 2068 <th> </th> 2069 </tr> 2070 <tr> 2071 <td>CVE-2016-8467</td> 2072 <td>A-30308784*</td> 2073 <td></td> 2074 <td>Nexus6, Nexus6P</td> 2075 <td>29 2016.</td> 2076 </tr> 2077 </table> 2078 <p> 2079 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2080 </p> 2081 2082 2083 <h3 id="eop-in-binder"> Binder</h3> 2084 <p> 2085 . , , . 2086 </p> 2087 2088 <table> 2089 <col width="19%"> 2090 <col width="20%"> 2091 <col width="10%"> 2092 <col width="23%"> 2093 <col width="17%"> 2094 <tr> 2095 <th>CVE</th> 2096 <th></th> 2097 <th> </th> 2098 <th> Google</th> 2099 <th> </th> 2100 </tr> 2101 <tr> 2102 <td>CVE-2016-8468</td> 2103 <td>A-32394425*</td> 2104 <td></td> 2105 <td>PixelC, Pixel, PixelXL</td> 2106 <td> Google</td> 2107 </tr> 2108 </table> 2109 <p> 2110 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2111 </p> 2112 2113 2114 <h3 id="id-in-nvidia-camera-driver"> NVIDIA </h3> 2115 <p> 2116 . 2117 , . 2118 </p> 2119 2120 <table> 2121 <col width="19%"> 2122 <col width="20%"> 2123 <col width="10%"> 2124 <col width="23%"> 2125 <col width="17%"> 2126 <tr> 2127 <th>CVE</th> 2128 <th></th> 2129 <th> </th> 2130 <th> Google</th> 2131 <th> </th> 2132 </tr> 2133 <tr> 2134 <td>CVE-2016-8469</td> 2135 <td>A-31351206*<br> 2136 N-CVE-2016-8469</td> 2137 <td></td> 2138 <td>Nexus9</td> 2139 <td>7 2016.</td> 2140 </tr> 2141 </table> 2142 <p> 2143 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2144 </p> 2145 2146 2147 <h3 id="id-in-mediatek-driver"> MediaTek</h3> 2148 <p> 2149 . 2150 , . 2151 </p> 2152 2153 <table> 2154 <col width="19%"> 2155 <col width="20%"> 2156 <col width="10%"> 2157 <col width="23%"> 2158 <col width="17%"> 2159 <tr> 2160 <th>CVE</th> 2161 <th></th> 2162 <th> </th> 2163 <th> Google</th> 2164 <th> </th> 2165 </tr> 2166 <tr> 2167 <td>CVE-2016-8470</td> 2168 <td>A-31528889*<br> 2169 MT-ALPS02961395</td> 2170 <td></td> 2171 <td>**</td> 2172 <td>15 2016.</td> 2173 </tr> 2174 <tr> 2175 <td>CVE-2016-8471</td> 2176 <td>A-31528890*<br> 2177 MT-ALPS02961380</td> 2178 <td></td> 2179 <td>**</td> 2180 <td>15 2016.</td> 2181 </tr> 2182 <tr> 2183 <td>CVE-2016-8472</td> 2184 <td>A-31531758*<br> 2185 MT-ALPS02961384</td> 2186 <td></td> 2187 <td>**</td> 2188 <td>15 2016.</td> 2189 </tr> 2190 </table> 2191 <p> 2192 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2193 </p> 2194 <p> 2195 ** Google Android7.0, . 2196 </p> 2197 2198 2199 <h3 id="id-in-stmicroelectronics-driver"> STMicroelectronics</h3> 2200 <p> 2201 . , . 2202 </p> 2203 2204 <table> 2205 <col width="19%"> 2206 <col width="20%"> 2207 <col width="10%"> 2208 <col width="23%"> 2209 <col width="17%"> 2210 <tr> 2211 <th>CVE</th> 2212 <th></th> 2213 <th> </th> 2214 <th> Google</th> 2215 <th> </th> 2216 </tr> 2217 <tr> 2218 <td>CVE-2016-8473</td> 2219 <td>A-31795790*</td> 2220 <td></td> 2221 <td>Nexus5X, Nexus6P</td> 2222 <td>28 2016.</td> 2223 </tr> 2224 <tr> 2225 <td>CVE-2016-8474</td> 2226 <td>A-31799972*</td> 2227 <td></td> 2228 <td>Nexus5X, Nexus6P</td> 2229 <td>28 2016.</td> 2230 </tr> 2231 </table> 2232 <p> 2233 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2234 </p> 2235 2236 2237 <h3 id="id-in-qualcomm-audio-post-processor-"> Qualcomm </h3> 2238 <p> 2239 . - . 2240 </p> 2241 2242 <table> 2243 <col width="18%"> 2244 <col width="17%"> 2245 <col width="10%"> 2246 <col width="19%"> 2247 <col width="18%"> 2248 <col width="17%"> 2249 <tr> 2250 <th>CVE</th> 2251 <th></th> 2252 <th> </th> 2253 <th> Google</th> 2254 <th> AOSP</th> 2255 <th> </th> 2256 </tr> 2257 <tr> 2258 <td>CVE-2017-0399 2259 </td> 2260 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32588756</a> 2261 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2262 <td></td> 2263 <td></td> 2264 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2265 <td>18 2016.</td> 2266 </tr> 2267 <tr> 2268 <td>CVE-2017-0400</td> 2269 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32438598</a> 2270 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2271 </td> 2272 <td></td> 2273 <td></td> 2274 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2275 <td>25 2016.</td> 2276 </tr> 2277 <tr> 2278 <td>CVE-2017-0401</td> 2279 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 2280 A-32588016</a> 2281 </td> 2282 <td></td> 2283 <td></td> 2284 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2285 <td>26 2016.</td> 2286 </tr> 2287 <tr> 2288 <td>CVE-2017-0402</td> 2289 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32588352</a> 2290 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2291 </td> 2292 <td></td> 2293 <td></td> 2294 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 2295 <td>25 2016.</td> 2296 </tr> 2297 </table> 2298 2299 2300 <h3 id="id-in-htc-input-driver"> HTC</h3> 2301 <p> 2302 . 2303 , . 2304 </p> 2305 2306 <table> 2307 <col width="19%"> 2308 <col width="20%"> 2309 <col width="10%"> 2310 <col width="23%"> 2311 <col width="17%"> 2312 <tr> 2313 <th>CVE</th> 2314 <th></th> 2315 <th> </th> 2316 <th> Google</th> 2317 <th> </th> 2318 </tr> 2319 <tr> 2320 <td>CVE-2016-8475</td> 2321 <td>A-32591129*</td> 2322 <td></td> 2323 <td>Pixel, PixelXL</td> 2324 <td>30 2016.</td> 2325 </tr> 2326 </table> 2327 <p> 2328 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 2329 </p> 2330 2331 2332 <h3 id="dos-in-kernel-file-system"> </h3> 2333 <p> 2334 . , , . 2335 </p> 2336 2337 <table> 2338 <col width="19%"> 2339 <col width="20%"> 2340 <col width="10%"> 2341 <col width="23%"> 2342 <col width="17%"> 2343 <tr> 2344 <th>CVE</th> 2345 <th></th> 2346 <th> </th> 2347 <th> Google</th> 2348 <th> </th> 2349 </tr> 2350 <tr> 2351 <td>CVE-2014-9420</td> 2352 <td>A-32477499<br> 2353 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d"> 2354 Upstream kernel</a></td> 2355 <td></td> 2356 <td>Pixel</td> 2357 <td>25 2014.</td> 2358 </tr> 2359 </table> 2360 2361 <h2 id="common-questions-and-answers"> </h2> 2362 <p> , 2363 .</p> 2364 2365 <p><strong>1. , , ? 2366 </strong></p> 2367 2368 <p> , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>.</p> 2369 <ul> 2370 <li> 1 2017 , 2017-01-01.</li> 2371 <li> 5 2017 , 2017-01-05.</li> 2372 </ul> 2373 <p> , , :</p> 2374 <ul> 2375 <li>[ro.build.version.security_patch]:[2017-01-01];</li> 2376 <li>[ro.build.version.security_patch]:[2017-01-05].</li> 2377 </ul> 2378 <p><strong>2. ?</strong></p> 2379 2380 <p> , , Android. Android .</p> 2381 <ul> 2382 <li> 1 2017 , , .</li> 2383 <li> 5 2017 , .</li> 2384 </ul> 2385 <p> .</p> 2386 2387 <p><strong>3. , Google ?</strong></p> 2388 2389 <p> <a href="#2017-01-01-details">2017-01-01</a> <a href="#2017-01-05-details">2017-01-05</a> <em> Google</em>. , .</p> 2390 <ul> 2391 <li><strong> .</strong> <em></em> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> Google</a>: Nexus5X, Nexus6, Nexus6P, Nexus7 (2013), Nexus9, Android One, Nexus Player, PixelC, Pixel PixelXL.</li> 2392 <li><strong> .</strong> <em></em> , .</li> 2393 <li><strong>.</strong> Google.<em></em></li> 2394 </ul> 2395 <p><strong>4. ""?</strong></p> 2396 2397 <p> <em></em>. 2398 , 2399 , :</p> 2400 2401 <table> 2402 <tr> 2403 <th></th> 2404 <th></th> 2405 </tr> 2406 <tr> 2407 <td>A-</td> 2408 <td> Android</td> 2409 </tr> 2410 <tr> 2411 <td>QC-</td> 2412 <td> Qualcomm</td> 2413 </tr> 2414 <tr> 2415 <td>M-</td> 2416 <td> MediaTek</td> 2417 </tr> 2418 <tr> 2419 <td>N-</td> 2420 <td> NVIDIA</td> 2421 </tr> 2422 <tr> 2423 <td>B-</td> 2424 <td> Broadcom</td> 2425 </tr> 2426 </table> 2427 <h2 id="revisions"></h2> 2428 <ul> 2429 <li>3 2017. .</li> 2430 <li>4 2017. AOSP.</li> 2431 <li>5 2017. AOSP 7.1 7.1.1.</li> 2432 </ul> 2433 2434 </body> 2435 </html> 2436
