1 <html devsite> 2 <head> 3 <title> Android 2017.</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em> 6 2017. | 8 2017.</em></p> 27 <p> 28 Android. Google <a href="https://developers.google.com/android/nexus/images"> </a>. , , 5 2017 . , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>. 29 </p> 30 <p> 31 3 2017 . Android Open Source Project (AOSP). 32 AOSP. 33 </p> 34 <p> 35 (, , MMS). 36 </p> 37 <p> 38 . <a href="#mitigations"> </a> , <a href="/security/enhancements/index.html"> </a> , <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, Android. 39 </p> 40 <p> 41 . 42 </p> 43 <h2 id="announcements"></h2> 44 <ul> 45 <li> , , Android. <a href="#common-questions-and-answers"> </a>. 46 <ul> 47 <li><strong>2017-02-01</strong>: , 2017-02-01 .</li> 48 <li><strong>2017-02-05</strong>: , 2017-02-01 2017-02-05, .</li> 49 </ul> 50 </li> 51 <li> Google 5 2017.</li> 52 </ul> 53 <h2 id="security-vulnerability-summary"> </h2> 54 <p> 55 , (CVE) , , Google. <a href="/security/overview/updates-resources.html#severity"> </a> , , . 56 </p> 57 <h3 id="2017-02-01-summary"> ( 2017-02-01)</h3> 58 <p> 59 1 2017 . 60 </p> 61 <table> 62 <col width="55%"> 63 <col width="20%"> 64 <col width="13%"> 65 <col width="12%"> 66 <tr> 67 <th></th> 68 <th>CVE</th> 69 <th> </th> 70 <th> Google?</th> 71 </tr> 72 <tr> 73 <td> surfaceflinger</td> 74 <td>CVE-2017-0405</td> 75 <td></td> 76 <td></td> 77 </tr> 78 <tr> 79 <td> mediaserver</td> 80 <td>CVE-2017-0406, CVE-2017-0407</td> 81 <td></td> 82 <td></td> 83 </tr> 84 <tr> 85 <td> libgdx</td> 86 <td>CVE-2017-0408</td> 87 <td></td> 88 <td></td> 89 </tr> 90 <tr> 91 <td> libstagefright</td> 92 <td>CVE-2017-0409</td> 93 <td></td> 94 <td></td> 95 </tr> 96 <tr> 97 <td> Java.Net</td> 98 <td>CVE-2016-5552</td> 99 <td></td> 100 <td></td> 101 </tr> 102 <tr> 103 <td> Framework API</td> 104 <td>CVE-2017-0410, CVE-2017-0411, CVE-2017-0412</td> 105 <td></td> 106 <td></td> 107 </tr> 108 <tr> 109 <td> mediaserver</td> 110 <td>CVE-2017-0415</td> 111 <td></td> 112 <td></td> 113 </tr> 114 <tr> 115 <td> audioserver</td> 116 <td>CVE-2017-0416, CVE-2017-0417, CVE-2017-0418, CVE-2017-0419</td> 117 <td></td> 118 <td></td> 119 </tr> 120 <tr> 121 <td> AOSP</td> 122 <td>CVE-2017-0420</td> 123 <td></td> 124 <td></td> 125 </tr> 126 <tr> 127 <td> AOSP</td> 128 <td>CVE-2017-0413, CVE-2017-0414</td> 129 <td></td> 130 <td></td> 131 </tr> 132 <tr> 133 <td> Framework API</td> 134 <td>CVE-2017-0421</td> 135 <td></td> 136 <td></td> 137 </tr> 138 <tr> 139 <td> Bionic DNS</td> 140 <td>CVE-2017-0422</td> 141 <td></td> 142 <td></td> 143 </tr> 144 <tr> 145 <td> Bluetooth</td> 146 <td>CVE-2017-0423</td> 147 <td></td> 148 <td></td> 149 </tr> 150 <tr> 151 <td> AOSP</td> 152 <td>CVE-2017-0424</td> 153 <td></td> 154 <td></td> 155 </tr> 156 <tr> 157 <td> audioserver</td> 158 <td>CVE-2017-0425</td> 159 <td></td> 160 <td></td> 161 </tr> 162 <tr> 163 <td> </td> 164 <td>CVE-2017-0426</td> 165 <td></td> 166 <td></td> 167 </tr> 168 </table> 169 <h3 id="2017-02-05-summary"> ( 2017-02-05)</h3> 170 <p> 5 2017 , 2017-02-01, , .</p> 171 <table> 172 <col width="55%"> 173 <col width="20%"> 174 <col width="13%"> 175 <col width="12%"> 176 <tr> 177 <th></th> 178 <th>CVE</th> 179 <th> </th> 180 <th> Google?</th> 181 </tr> 182 <tr> 183 <td> Qualcomm</td> 184 <td>CVE-2016-8418</td> 185 <td></td> 186 <td>*</td> 187 </tr> 188 <tr> 189 <td> </td> 190 <td>CVE-2017-0427</td> 191 <td></td> 192 <td></td> 193 </tr> 194 <tr> 195 <td> NVIDIA </td> 196 <td>CVE-2017-0428, CVE-2017-0429</td> 197 <td></td> 198 <td></td> 199 </tr> 200 <tr> 201 <td> </td> 202 <td>CVE-2014-9914</td> 203 <td></td> 204 <td></td> 205 </tr> 206 <tr> 207 <td> Wi-Fi- Broadcom</td> 208 <td>CVE-2017-0430</td> 209 <td></td> 210 <td></td> 211 </tr> 212 <tr> 213 <td> Qualcomm</td> 214 <td>CVE-2017-0431</td> 215 <td></td> 216 <td>*</td> 217 </tr> 218 <tr> 219 <td> MediaTek</td> 220 <td>CVE-2017-0432</td> 221 <td></td> 222 <td>*</td> 223 </tr> 224 <tr> 225 <td> Synaptics</td> 226 <td>CVE-2017-0433, CVE-2017-0434</td> 227 <td></td> 228 <td></td> 229 </tr> 230 <tr> 231 <td> Qualcomm QSEE Communicator</td> 232 <td>CVE-2016-8480</td> 233 <td></td> 234 <td></td> 235 </tr> 236 <tr> 237 <td> Qualcomm</td> 238 <td>CVE-2016-8481, CVE-2017-0435, CVE-2017-0436</td> 239 <td></td> 240 <td></td> 241 </tr> 242 <tr> 243 <td> Wi-Fi- Qualcomm</td> 244 <td>CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421, CVE-2017-0440, CVE-2017-0441, CVE-2017-0442, CVE-2017-0443, CVE-2016-8476</td> 245 <td></td> 246 <td></td> 247 </tr> 248 <tr> 249 <td> Realtek</td> 250 <td>CVE-2017-0444</td> 251 <td></td> 252 <td></td> 253 </tr> 254 <tr> 255 <td> HTC</td> 256 <td>CVE-2017-0445, CVE-2017-0446, CVE-2017-0447</td> 257 <td></td> 258 <td></td> 259 </tr> 260 <tr> 261 <td> NVIDIA</td> 262 <td>CVE-2017-0448</td> 263 <td></td> 264 <td></td> 265 </tr> 266 <tr> 267 <td> Wi-Fi- Broadcom</td> 268 <td>CVE-2017-0449</td> 269 <td></td> 270 <td></td> 271 </tr> 272 <tr> 273 <td> audioserver</td> 274 <td>CVE-2017-0450</td> 275 <td></td> 276 <td></td> 277 </tr> 278 <tr> 279 <td> </td> 280 <td>CVE-2016-10044</td> 281 <td></td> 282 <td></td> 283 </tr> 284 <tr> 285 <td> QSEE Communicator</td> 286 <td>CVE-2016-8414</td> 287 <td></td> 288 <td></td> 289 </tr> 290 <tr> 291 <td> Qualcomm</td> 292 <td>CVE-2017-0451</td> 293 <td></td> 294 <td></td> 295 </tr> 296 </table> 297 298 <p>* Google Android7.0, .</p> 299 300 <h2 id="mitigations"> </h2> 301 <p> , <a href="/security/enhancements/index.html"> </a> , SafetyNet, Android.</p> 302 <ul> 303 <li> Android, 304 .</li> 305 <li>, Android, <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a>. <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_PHA_classifications.pdf"> </a>. <a href="http://www.android.com/gms"> Google</a>. , . Google Play , . , . , , , . , .</li> 306 <li> Google Hangouts Messenger , mediaserver, .</li> 307 </ul> 308 <h2 id="acknowledgements"></h2> 309 <p> 310 , : 311 </p> 312 <ul> 313 <li> : CVE-2017-0420</li> 314 <li> Copperhead Security: CVE-2017-0410</li> 315 <li><a href="http://www.linkedin.com/in/dzima"> </a>: CVE-2017-0414</li> 316 <li> Chrome: CVE-2017-0409</li> 317 <li> Project Zero: CVE-2017-0411, CVE-2017-0412</li> 318 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2017-0434, CVE-2017-0446, CVE-2017-0447, CVE-2017-0432</li> 319 <li> () (<a href="https://twitter.com/oldfresher">@oldfresher</a>) Alpha Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>.: CVE-2017-0415</li> 320 <li><a href="mailto:arnow117 (a] gmail.com"> </a>, <a href="mailto:vancouverdou (a] gmail.com"> </a>, (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0418</li> 321 <li> Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421, CVE-2017-0441, CVE-2017-0442, CVE-2016-8476, CVE-2017-0443</li> 322 <li> Google: CVE-2017-0421, CVE-2017-0423</li> 323 <li> : CVE-2017-0422</li> 324 <li> (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360: CVE-2017-0445</li> 325 <li>ma.la LINE Corporation: CVE-2016-5552</li> 326 <li> Google: CVE-2017-0416</li> 327 <li> (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), (<a href="https://twitter.com/nikos233__">@nikos233</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0425</li> 328 <li> () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) () (<a href="https://twitter.com/returnsme">@returnsme</a>) KeenLab, Tencent (): CVE-2017-0427</li> 329 <li> IBM X-Force Research: CVE-2017-0433</li> 330 <li> (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>) Copperhead Security: CVE-2017-0405</li> 331 <li> (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) , Trend Micro: CVE-2017-0449, CVE-2016-8418</li> 332 <li><a href="mailto:segfault5514 (a] gmail.com"> </a>, <a href="mailto:computernik (a] gmail.com">- </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0436, CVE-2016-8481, CVE-2017-0435</li> 333 <li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"> </a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0424</li> 334 <li> (<a href="https://twitter.com/sunblate">@sunblate</a>) Alibaba Inc.: CVE-2017-0407</li> 335 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, <a href="mailto:hlhan (a] bupt.edu.cn"> </a>, (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0450</li> 336 <li><a href="mailto:vancouverdou (a] gmail.com"> </a>, (<a href="https://twitter.com/nikos233__">@nikos233</a>), (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0417</li> 337 <li> (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://www.weibo.com/wishlinux"></a> ) Ant-financial Light-Year Security Lab: CVE-2017-0408</li> 338 <li><a href="mailto:yaojun8558363 (a] gmail.com"> </a>, <a href="mailto:computernik (a] gmail.com">- </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8480</li> 339 <li><a href="mailto:computernik (a] gmail.com">- </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0444</li> 340 <li><a href="mailto:computernik (a] gmail.com">- </a>, <a href="mailto:segfault5514 (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0428</li> 341 <li><a href="mailto:computernik (a] gmail.com">- </a>, <a href="mailto:wisedd (a] gmail.com"> </a>, (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0448, CVE-2017-0429</li> 342 <li><a href="mailto:zhouzhenster (a] gmail.com"> </a> (<a href="https://twitter.com/henices">@henices</a>) <a href="mailto:sundaywind2004 (a] gmail.com"> </a> <a href="http://www.nsfocus.com">NSFocus</a>: CVE-2017-0406</li> 343 </ul> 344 <p> 345 , : 346 </p><ul> 347 <li> (), (), () Baidu X-Lab ()</li> 348 </ul> 349 350 <h2 id="2017-02-01-details"> ( 2017-02-01)</h2> 351 <p> 352 , <a href="#2017-02-01-summary"> ( 2017-02-01)</a>: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 353 354 355 <h3 id="rce-in-surfaceflinger"> surfaceflinger</h3> 356 <p> 357 . - surfaceflinger. 358 </p> 359 360 <table> 361 <col width="18%"> 362 <col width="17%"> 363 <col width="10%"> 364 <col width="19%"> 365 <col width="18%"> 366 <col width="17%"> 367 <tr> 368 <th>CVE</th> 369 <th></th> 370 <th> </th> 371 <th> Google</th> 372 <th> AOSP</th> 373 <th> </th> 374 </tr> 375 <tr> 376 <td>CVE-2017-0405</td> 377 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979"> 378 A-31960359</a></td> 379 <td></td> 380 <td></td> 381 <td>7.0, 7.1.1</td> 382 <td>4 2016.</td> 383 </tr> 384 </table> 385 386 387 <h3 id="rce-in-mediaserver"> mediaserver</h3> 388 <p> 389 . - mediaserver. 390 </p> 391 392 <table> 393 <col width="18%"> 394 <col width="17%"> 395 <col width="10%"> 396 <col width="19%"> 397 <col width="18%"> 398 <col width="17%"> 399 <tr> 400 <th>CVE</th> 401 <th></th> 402 <th> </th> 403 <th> Google</th> 404 <th> AOSP</th> 405 <th> </th> 406 </tr> 407 <tr> 408 <td>CVE-2017-0406</td> 409 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575"> 410 A-32915871</a> 411 [<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td> 412 <td></td> 413 <td></td> 414 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 415 <td>14 2016.</td> 416 </tr> 417 <tr> 418 <td>CVE-2017-0407</td> 419 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7"> 420 A-32873375</a></td> 421 <td></td> 422 <td></td> 423 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 424 <td>12 2016.</td> 425 </tr> 426 </table> 427 428 429 <h3 id="rce-in-libgdx"> libgdx</h3> 430 <p> 431 . - , . 432 </p> 433 434 <table> 435 <col width="18%"> 436 <col width="17%"> 437 <col width="10%"> 438 <col width="19%"> 439 <col width="18%"> 440 <col width="17%"> 441 <tr> 442 <th>CVE</th> 443 <th></th> 444 <th> </th> 445 <th> Google</th> 446 <th> AOSP</th> 447 <th> </th> 448 </tr> 449 <tr> 450 <td>CVE-2017-0408</td> 451 <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b"> 452 A-32769670</a></td> 453 <td></td> 454 <td></td> 455 <td>7.1.1</td> 456 <td>9 2016.</td> 457 </tr> 458 </table> 459 460 461 <h3 id="rce-in-libstagefright"> libstagefright</h3> 462 <p> 463 . - , . 464 </p> 465 466 <table> 467 <col width="18%"> 468 <col width="17%"> 469 <col width="10%"> 470 <col width="19%"> 471 <col width="18%"> 472 <col width="17%"> 473 <tr> 474 <th>CVE</th> 475 <th></th> 476 <th> </th> 477 <th> Google</th> 478 <th> AOSP</th> 479 <th> </th> 480 </tr> 481 <tr> 482 <td>CVE-2017-0409</td> 483 <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b"> 484 A-31999646</a></td> 485 <td></td> 486 <td></td> 487 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 488 <td> Google</td> 489 </tr> 490 </table> 491 492 493 <h3 id="eop-in-java.net"> Java.Net</h3> 494 <p> 495 - . , . 496 </p> 497 498 <table> 499 <col width="18%"> 500 <col width="17%"> 501 <col width="10%"> 502 <col width="19%"> 503 <col width="18%"> 504 <col width="17%"> 505 <tr> 506 <th>CVE</th> 507 <th></th> 508 <th> </th> 509 <th> Google</th> 510 <th> AOSP</th> 511 <th> </th> 512 </tr> 513 <tr> 514 <td>CVE-2016-5552</td> 515 <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea"> 516 A-31858037</a></td> 517 <td></td> 518 <td></td> 519 <td>7.0, 7.1.1</td> 520 <td>30 2016.</td> 521 </tr> 522 </table> 523 524 525 <h3 id="eop-in-framework-apis"> Framework API</h3> 526 <p> 527 . , , . 528 </p> 529 530 <table> 531 <col width="18%"> 532 <col width="17%"> 533 <col width="10%"> 534 <col width="19%"> 535 <col width="18%"> 536 <col width="17%"> 537 <tr> 538 <th>CVE</th> 539 <th></th> 540 <th> </th> 541 <th> Google</th> 542 <th> AOSP</th> 543 <th> </th> 544 </tr> 545 <tr> 546 <td>CVE-2017-0410</td> 547 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa"> 548 A-31929765</a></td> 549 <td></td> 550 <td></td> 551 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 552 <td>2 2016.</td> 553 </tr> 554 <tr> 555 <td>CVE-2017-0411</td> 556 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f"> 557 A-33042690</a> 558 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 559 <td></td> 560 <td></td> 561 <td>7.0, 7.1.1</td> 562 <td>21 2016.</td> 563 </tr> 564 <tr> 565 <td>CVE-2017-0412</td> 566 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f"> 567 A-33039926</a> 568 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 569 <td></td> 570 <td></td> 571 <td>7.0, 7.1.1</td> 572 <td>21 2016.</td> 573 </tr> 574 </table> 575 576 <h3 id="eop-in-mediaserver"> mediaserver</h3> 577 <p> 578 . , , . 579 </p> 580 581 <table> 582 <col width="18%"> 583 <col width="17%"> 584 <col width="10%"> 585 <col width="19%"> 586 <col width="18%"> 587 <col width="17%"> 588 <tr> 589 <th>CVE</th> 590 <th></th> 591 <th> </th> 592 <th> Google</th> 593 <th> AOSP</th> 594 <th> </th> 595 </tr> 596 <tr> 597 <td>CVE-2017-0415</td> 598 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34"> 599 A-32706020</a></td> 600 <td></td> 601 <td></td> 602 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 603 <td>4 2016.</td> 604 </tr> 605 </table> 606 607 608 <h3 id="eop-in-audioserver"> audioserver</h3> 609 <p> 610 . , , . 611 </p> 612 613 <table> 614 <col width="18%"> 615 <col width="17%"> 616 <col width="10%"> 617 <col width="19%"> 618 <col width="18%"> 619 <col width="17%"> 620 <tr> 621 <th>CVE</th> 622 <th></th> 623 <th> </th> 624 <th> Google</th> 625 <th> AOSP</th> 626 <th> </th> 627 </tr> 628 <tr> 629 <td>CVE-2017-0416</td> 630 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 631 A-32886609</a> 632 [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td> 633 <td></td> 634 <td></td> 635 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 636 <td> Google</td> 637 </tr> 638 <tr> 639 <td>CVE-2017-0417</td> 640 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 641 A-32705438</a></td> 642 <td></td> 643 <td></td> 644 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 645 <td>7 2016.</td> 646 </tr> 647 <tr> 648 <td>CVE-2017-0418</td> 649 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 650 A-32703959</a> 651 [<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td> 652 <td></td> 653 <td></td> 654 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 655 <td>7 2016.</td> 656 </tr> 657 <tr> 658 <td>CVE-2017-0419</td> 659 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff"> 660 A-32220769</a></td> 661 <td></td> 662 <td></td> 663 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 664 <td>15 2016.</td> 665 </tr> 666 </table> 667 668 <h3 id="id-in-aosp-mail"> AOSP</h3> 669 <p> 670 , . , . 671 </p> 672 673 <table> 674 <col width="18%"> 675 <col width="17%"> 676 <col width="10%"> 677 <col width="19%"> 678 <col width="18%"> 679 <col width="17%"> 680 <tr> 681 <th>CVE</th> 682 <th></th> 683 <th> </th> 684 <th> Google</th> 685 <th> AOSP</th> 686 <th> </th> 687 </tr> 688 <tr> 689 <td>CVE-2017-0420</td> 690 <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909"> 691 A-32615212</a></td> 692 <td></td> 693 <td></td> 694 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 695 <td>12 2016.</td> 696 </tr> 697 </table> 698 699 700 <h3 id="id-in-aosp-messaging"> AOSP</h3> 701 <p> 702 , . , . 703 </p> 704 705 <table> 706 <col width="18%"> 707 <col width="17%"> 708 <col width="10%"> 709 <col width="19%"> 710 <col width="18%"> 711 <col width="17%"> 712 <tr> 713 <th>CVE</th> 714 <th></th> 715 <th> </th> 716 <th> Google</th> 717 <th> AOSP</th> 718 <th> </th> 719 </tr> 720 <tr> 721 <td>CVE-2017-0413</td> 722 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e"> 723 A-32161610</a></td> 724 <td></td> 725 <td></td> 726 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 727 <td>13 2016.</td> 728 </tr> 729 <tr> 730 <td>CVE-2017-0414</td> 731 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd"> 732 A-32807795</a></td> 733 <td></td> 734 <td></td> 735 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 736 <td>10 2016.</td> 737 </tr> 738 </table> 739 740 741 <h3 id="id-in-framework-apis"> Framework API</h3> 742 <p> 743 , . , . 744 </p> 745 746 <table> 747 <col width="18%"> 748 <col width="17%"> 749 <col width="10%"> 750 <col width="19%"> 751 <col width="18%"> 752 <col width="17%"> 753 <tr> 754 <th>CVE</th> 755 <th></th> 756 <th> </th> 757 <th> Google</th> 758 <th> AOSP</th> 759 <th> </th> 760 </tr> 761 <tr> 762 <td>CVE-2017-0421</td> 763 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336"> 764 A-32555637</a></td> 765 <td></td> 766 <td></td> 767 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 768 <td> Google</td> 769 </tr> 770 </table> 771 772 773 <h3 id="dos-in-bionic-dns"> Bionic DNS</h3> 774 <p> 775 . 776 , . 777 778 </p> 779 780 <table> 781 <col width="18%"> 782 <col width="17%"> 783 <col width="10%"> 784 <col width="19%"> 785 <col width="18%"> 786 <col width="17%"> 787 <tr> 788 <th>CVE</th> 789 <th></th> 790 <th> </th> 791 <th> Google</th> 792 <th> AOSP</th> 793 <th> </th> 794 </tr> 795 <tr> 796 <td>CVE-2017-0422</td> 797 <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d"> 798 A-32322088</a></td> 799 <td></td> 800 <td></td> 801 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 802 <td>20 2016.</td> 803 </tr> 804 </table> 805 806 807 <h3 id="eop-in-bluetooth"> Bluetooth</h3> 808 <p> 809 , , Bluetooth. , Bluetooth-. 810 </p> 811 812 <table> 813 <col width="18%"> 814 <col width="17%"> 815 <col width="10%"> 816 <col width="19%"> 817 <col width="18%"> 818 <col width="17%"> 819 <tr> 820 <th>CVE</th> 821 <th></th> 822 <th> </th> 823 <th> Google</th> 824 <th> AOSP</th> 825 <th> </th> 826 </tr> 827 <tr> 828 <td>CVE-2017-0423</td> 829 <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083"> 830 A-32612586</a></td> 831 <td></td> 832 <td></td> 833 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 834 <td>2 2016.</td> 835 </tr> 836 </table> 837 838 839 <h3 id="id-in-aosp-messaging-2"> AOSP</h3> 840 <p> 841 . , . 842 </p> 843 844 <table> 845 <col width="18%"> 846 <col width="17%"> 847 <col width="10%"> 848 <col width="19%"> 849 <col width="18%"> 850 <col width="17%"> 851 <tr> 852 <th>CVE</th> 853 <th></th> 854 <th> </th> 855 <th> Google</th> 856 <th> AOSP</th> 857 <th> </th> 858 </tr> 859 <tr> 860 <td>CVE-2017-0424</td> 861 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc"> 862 A-32322450</a></td> 863 <td></td> 864 <td></td> 865 <td>6.0, 6.0.1, 7.0, 7.1.1</td> 866 <td>20 2016.</td> 867 </tr> 868 </table> 869 870 871 <h3 id="id-in-audioserver"> audioserver</h3> 872 <p> 873 . - . 874 </p> 875 876 <table> 877 <col width="18%"> 878 <col width="17%"> 879 <col width="10%"> 880 <col width="19%"> 881 <col width="18%"> 882 <col width="17%"> 883 <tr> 884 <th>CVE</th> 885 <th></th> 886 <th> </th> 887 <th> Google</th> 888 <th> AOSP</th> 889 <th> </th> 890 </tr> 891 <tr> 892 <td>CVE-2017-0425</td> 893 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff"> 894 A-32720785</a></td> 895 <td></td> 896 <td></td> 897 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 898 <td>7 2016.</td> 899 </tr> 900 </table> 901 902 903 <h3 id="id-in-filesystem"> </h3> 904 <p> 905 . - . 906 </p> 907 908 <table> 909 <col width="18%"> 910 <col width="17%"> 911 <col width="10%"> 912 <col width="19%"> 913 <col width="18%"> 914 <col width="17%"> 915 <tr> 916 <th>CVE</th> 917 <th></th> 918 <th> </th> 919 <th> Google</th> 920 <th> AOSP</th> 921 <th> </th> 922 </tr> 923 <tr> 924 <td>CVE-2017-0426</td> 925 <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a"> 926 A-32799236</a> 927 [<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td> 928 <td></td> 929 <td></td> 930 <td>7.0, 7.1.1</td> 931 <td> Google</td> 932 </tr> 933 </table> 934 935 936 <h2 id="2017-02-05-details"> ( 2017-02-05)</h2> 937 <p> 938 , <a href="#2017-02-05-summary"> ( 2017-02-05)</a>: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 939 940 941 <h3 id="rce-in-qualcomm-crypto-driver"> Qualcomm</h3> 942 <p> 943 . - . 944 </p> 945 946 <table> 947 <col width="19%"> 948 <col width="20%"> 949 <col width="10%"> 950 <col width="23%"> 951 <col width="17%"> 952 <tr> 953 <th>CVE</th> 954 <th></th> 955 <th> </th> 956 <th> Google</th> 957 <th> </th> 958 </tr> 959 <tr> 960 <td>CVE-2016-8418</td> 961 <td>A-32652894<br> 962 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f"> 963 QC-CR#1077457</a></td> 964 <td></td> 965 <td>*</td> 966 <td>10 2016.</td> 967 </tr> 968 </table> 969 <p> 970 * Google Android7.0, . 971 </p> 972 973 974 <h3 id="eop-in-kernel-file-system"> </h3> 975 <p> 976 . , - . , . 977 </p> 978 979 <table> 980 <col width="19%"> 981 <col width="20%"> 982 <col width="10%"> 983 <col width="23%"> 984 <col width="17%"> 985 <tr> 986 <th>CVE</th> 987 <th></th> 988 <th> </th> 989 <th> Google</th> 990 <th> </th> 991 </tr> 992 <tr> 993 <td>CVE-2017-0427</td> 994 <td>A-31495866*</td> 995 <td></td> 996 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, AndroidOne, PixelC, Nexus Player, Pixel, PixelXL</td> 997 <td>13 2016.</td> 998 </tr> 999 </table> 1000 <p> 1001 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1002 </p> 1003 1004 1005 <h3 id="eop-in-nvidia-gpu-driver"> NVIDIA </h3> 1006 <p> 1007 . , - . , . 1008 </p> 1009 1010 <table> 1011 <col width="19%"> 1012 <col width="20%"> 1013 <col width="10%"> 1014 <col width="23%"> 1015 <col width="17%"> 1016 <tr> 1017 <th>CVE</th> 1018 <th></th> 1019 <th> </th> 1020 <th> Google</th> 1021 <th> </th> 1022 </tr> 1023 <tr> 1024 <td>CVE-2017-0428</td> 1025 <td>A-32401526*<br> 1026 N-CVE-2017-0428</td> 1027 <td></td> 1028 <td>Nexus9</td> 1029 <td>25 2016.</td> 1030 </tr> 1031 <tr> 1032 <td>CVE-2017-0429</td> 1033 <td>A-32636619*<br> 1034 N-CVE-2017-0429</td> 1035 <td></td> 1036 <td>Nexus9</td> 1037 <td>3 2016.</td> 1038 </tr> 1039 </table> 1040 <p> 1041 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1042 </p> 1043 1044 1045 <h3 id="eop-in-kernel-networking-subsystem"> </h3> 1046 <p> 1047 . , - . , . 1048 </p> 1049 1050 <table> 1051 <col width="19%"> 1052 <col width="20%"> 1053 <col width="10%"> 1054 <col width="23%"> 1055 <col width="17%"> 1056 <tr> 1057 <th>CVE</th> 1058 <th></th> 1059 <th> </th> 1060 <th> Google</th> 1061 <th> </th> 1062 </tr> 1063 <tr> 1064 <td>CVE-2014-9914</td> 1065 <td>A-32882659<br> 1066 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a"> 1067 Upstream kernel</a></td> 1068 <td></td> 1069 <td>Nexus6, Nexus Player</td> 1070 <td>9 2016.</td> 1071 </tr> 1072 </table> 1073 1074 1075 <h3 id="eop-in-broadcom-wi-fi-driver"> Wi-Fi- Broadcom</h3> 1076 <p> 1077 . , - . , . 1078 </p> 1079 1080 <table> 1081 <col width="19%"> 1082 <col width="20%"> 1083 <col width="10%"> 1084 <col width="23%"> 1085 <col width="17%"> 1086 <tr> 1087 <th>CVE</th> 1088 <th></th> 1089 <th> </th> 1090 <th> Google</th> 1091 <th> </th> 1092 </tr> 1093 <tr> 1094 <td>CVE-2017-0430</td> 1095 <td>A-32838767*<br> 1096 B-RB#107459</td> 1097 <td></td> 1098 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 1099 <td> Google</td> 1100 </tr> 1101 </table> 1102 <p> 1103 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1104 </p> 1105 1106 1107 <h3 id="vulnerabilities-in-qualcomm-components"> Qualcomm</h3> 1108 <p> 1109 Qualcomm Qualcomm AMSS 2016. 1110 </p> 1111 1112 <table> 1113 <col width="19%"> 1114 <col width="20%"> 1115 <col width="10%"> 1116 <col width="23%"> 1117 <col width="17%"> 1118 <tr> 1119 <th>CVE</th> 1120 <th></th> 1121 <th> *</th> 1122 <th> Google</th> 1123 <th> </th> 1124 </tr> 1125 <tr> 1126 <td>CVE-2017-0431</td> 1127 <td>A-32573899**</td> 1128 <td></td> 1129 <td>***</td> 1130 <td> Qualcomm</td> 1131 </tr> 1132 </table> 1133 <p> 1134 * Qualcomm. 1135 </p> 1136 <p> 1137 ** . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1138 </p> 1139 <p> 1140 *** Google Android7.0, . 1141 </p> 1142 1143 1144 <h3 id="eop-in-mediatek-driver"> MediaTek</h3> 1145 <p> 1146 . , . 1147 </p> 1148 1149 <table> 1150 <col width="19%"> 1151 <col width="20%"> 1152 <col width="10%"> 1153 <col width="23%"> 1154 <col width="17%"> 1155 <tr> 1156 <th>CVE</th> 1157 <th></th> 1158 <th> </th> 1159 <th> Google</th> 1160 <th> </th> 1161 </tr> 1162 <tr> 1163 <td>CVE-2017-0432</td> 1164 <td>A-28332719*<br> 1165 M-ALPS02708925</td> 1166 <td></td> 1167 <td>**</td> 1168 <td>21 2016.</td> 1169 </tr> 1170 </table> 1171 <p> 1172 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1173 </p> 1174 <p> 1175 ** Google Android7.0, . 1176 </p> 1177 1178 1179 <h3 id="eop-in-synaptics-touchscreen-driver"> Synaptics</h3> 1180 <p> 1181 . , . 1182 </p> 1183 1184 <table> 1185 <col width="19%"> 1186 <col width="20%"> 1187 <col width="10%"> 1188 <col width="23%"> 1189 <col width="17%"> 1190 <tr> 1191 <th>CVE</th> 1192 <th></th> 1193 <th> </th> 1194 <th> Google</th> 1195 <th> </th> 1196 </tr> 1197 <tr> 1198 <td>CVE-2017-0433</td> 1199 <td>A-31913571*</td> 1200 <td></td> 1201 <td>Nexus6P, Nexus9, AndroidOne, Pixel, PixelXL</td> 1202 <td>8 2016.</td> 1203 </tr> 1204 <tr> 1205 <td>CVE-2017-0434</td> 1206 <td>A-33001936*</td> 1207 <td></td> 1208 <td>Pixel, PixelXL</td> 1209 <td>18 2016.</td> 1210 </tr> 1211 </table> 1212 <p> 1213 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1214 </p> 1215 1216 1217 <h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver"> Qualcomm QSEE Communicator</h3> 1218 <p> 1219 . , . 1220 </p> 1221 1222 <table> 1223 <col width="19%"> 1224 <col width="20%"> 1225 <col width="10%"> 1226 <col width="23%"> 1227 <col width="17%"> 1228 <tr> 1229 <th>CVE</th> 1230 <th></th> 1231 <th> </th> 1232 <th> Google</th> 1233 <th> </th> 1234 </tr> 1235 <tr> 1236 <td>CVE-2016-8480</td> 1237 <td>A-31804432<br> 1238 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471"> 1239 QC-CR#1086186</a> 1240 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td> 1241 <td></td> 1242 <td>Nexus5X, Nexus6, Nexus6P, AndroidOne, Pixel, PixelXL</td> 1243 <td>28 2016.</td> 1244 </tr> 1245 </table> 1246 1247 1248 <h3 id="eop-in-qualcomm-sound-driver"> Qualcomm</h3> 1249 <p> 1250 . , . 1251 </p> 1252 1253 <table> 1254 <col width="19%"> 1255 <col width="20%"> 1256 <col width="10%"> 1257 <col width="23%"> 1258 <col width="17%"> 1259 <tr> 1260 <th>CVE</th> 1261 <th></th> 1262 <th> </th> 1263 <th> Google</th> 1264 <th> </th> 1265 </tr> 1266 <tr> 1267 <td>CVE-2016-8481</td> 1268 <td>A-31906415*<br> 1269 QC-CR#1078000</td> 1270 <td></td> 1271 <td>Nexus5X, Nexus6P, Pixel, PixelXL</td> 1272 <td>1 2016.</td> 1273 </tr> 1274 <tr> 1275 <td>CVE-2017-0435</td> 1276 <td>A-31906657*<br> 1277 QC-CR#1078000</td> 1278 <td></td> 1279 <td>Nexus5X, Nexus6P, Pixel, PixelXL</td> 1280 <td>1 2016.</td> 1281 </tr> 1282 <tr> 1283 <td>CVE-2017-0436</td> 1284 <td>A-32624661*<br> 1285 QC-CR#1078000</td> 1286 <td></td> 1287 <td>Nexus5X, Nexus6P, Pixel, PixelXL</td> 1288 <td>2 2016.</td> 1289 </tr> 1290 </table> 1291 <p> 1292 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1293 </p> 1294 1295 1296 <h3 id="eop-in-qualcomm-wi-fi-driver"> Wi-Fi- Qualcomm</h3> 1297 <p> 1298 . , . 1299 </p> 1300 1301 <table> 1302 <col width="19%"> 1303 <col width="20%"> 1304 <col width="10%"> 1305 <col width="23%"> 1306 <col width="17%"> 1307 <tr> 1308 <th>CVE</th> 1309 <th></th> 1310 <th> </th> 1311 <th> Google</th> 1312 <th> </th> 1313 </tr> 1314 <tr> 1315 <td>CVE-2017-0437</td> 1316 <td>A-32402310<br> 1317 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1318 QC-CR#1092497</a></td> 1319 <td></td> 1320 <td>Nexus5X, Pixel, PixelXL</td> 1321 <td>25 2016.</td> 1322 </tr> 1323 <tr> 1324 <td>CVE-2017-0438</td> 1325 <td>A-32402604<br> 1326 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1327 QC-CR#1092497</a></td> 1328 <td></td> 1329 <td>Nexus5X, Pixel, PixelXL</td> 1330 <td>25 2016.</td> 1331 </tr> 1332 <tr> 1333 <td>CVE-2017-0439</td> 1334 <td>A-32450647<br> 1335 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61"> 1336 QC-CR#1092059</a></td> 1337 <td></td> 1338 <td>Nexus5X, Pixel, PixelXL</td> 1339 <td>25 2016.</td> 1340 </tr> 1341 <tr> 1342 <td>CVE-2016-8419</td> 1343 <td>A-32454494<br> 1344 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488"> 1345 QC-CR#1087209</a></td> 1346 <td></td> 1347 <td>Nexus5X, Pixel, PixelXL</td> 1348 <td>26 2016.</td> 1349 </tr> 1350 <tr> 1351 <td>CVE-2016-8420</td> 1352 <td>A-32451171<br> 1353 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e"> 1354 QC-CR#1087807</a></td> 1355 <td></td> 1356 <td>Nexus5X, Pixel, PixelXL</td> 1357 <td>26 2016.</td> 1358 </tr> 1359 <tr> 1360 <td>CVE-2016-8421</td> 1361 <td>A-32451104<br> 1362 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb"> 1363 QC-CR#1087797</a></td> 1364 <td></td> 1365 <td>Nexus5X, Pixel, PixelXL</td> 1366 <td>26 2016.</td> 1367 </tr> 1368 <tr> 1369 <td>CVE-2017-0440</td> 1370 <td>A-33252788<br> 1371 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268"> 1372 QC-CR#1095770</a></td> 1373 <td></td> 1374 <td>Nexus5X, Pixel, PixelXL</td> 1375 <td>11 2016.</td> 1376 </tr> 1377 <tr> 1378 <td>CVE-2017-0441</td> 1379 <td>A-32872662<br> 1380 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684"> 1381 QC-CR#1095009</a></td> 1382 <td></td> 1383 <td>Nexus5X, Pixel, PixelXL</td> 1384 <td>11 2016.</td> 1385 </tr> 1386 <tr> 1387 <td>CVE-2017-0442</td> 1388 <td>A-32871330<br> 1389 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1390 QC-CR#1092497</a></td> 1391 <td></td> 1392 <td>Nexus5X, Pixel, PixelXL</td> 1393 <td>13 2016.</td> 1394 </tr> 1395 <tr> 1396 <td>CVE-2017-0443</td> 1397 <td>A-32877494<br> 1398 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1399 QC-CR#1092497</a></td> 1400 <td></td> 1401 <td>Nexus5X, Pixel, PixelXL</td> 1402 <td>13 2016.</td> 1403 </tr> 1404 <tr> 1405 <td>CVE-2016-8476</td> 1406 <td>A-32879283<br> 1407 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799"> 1408 QC-CR#1091940</a></td> 1409 <td></td> 1410 <td>Nexus5X, Pixel, PixelXL</td> 1411 <td>14 2016.</td> 1412 </tr> 1413 </table> 1414 1415 1416 <h3 id="eop-in-realtek-sound-driver"> Realtek</h3> 1417 <p> 1418 . , . 1419 </p> 1420 1421 <table> 1422 <col width="19%"> 1423 <col width="20%"> 1424 <col width="10%"> 1425 <col width="23%"> 1426 <col width="17%"> 1427 <tr> 1428 <th>CVE</th> 1429 <th></th> 1430 <th> </th> 1431 <th> Google</th> 1432 <th> </th> 1433 </tr> 1434 <tr> 1435 <td>CVE-2017-0444</td> 1436 <td>A-32705232*</td> 1437 <td></td> 1438 <td>Nexus9</td> 1439 <td>7 2016.</td> 1440 </tr> 1441 </table> 1442 <p> 1443 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1444 </p> 1445 1446 1447 <h3 id="eop-in-htc-touchscreen-driver"> HTC</h3> 1448 <p> 1449 . , . 1450 </p> 1451 1452 <table> 1453 <col width="19%"> 1454 <col width="20%"> 1455 <col width="10%"> 1456 <col width="23%"> 1457 <col width="17%"> 1458 <tr> 1459 <th>CVE</th> 1460 <th></th> 1461 <th> </th> 1462 <th> Google</th> 1463 <th> </th> 1464 </tr> 1465 <tr> 1466 <td>CVE-2017-0445</td> 1467 <td>A-32769717*</td> 1468 <td></td> 1469 <td>Pixel, PixelXL</td> 1470 <td>9 2016.</td> 1471 </tr> 1472 <tr> 1473 <td>CVE-2017-0446</td> 1474 <td>A-32917445*</td> 1475 <td></td> 1476 <td>Pixel, PixelXL</td> 1477 <td>15 2016.</td> 1478 </tr> 1479 <tr> 1480 <td>CVE-2017-0447</td> 1481 <td>A-32919560*</td> 1482 <td></td> 1483 <td>Pixel, PixelXL</td> 1484 <td>15 2016.</td> 1485 </tr> 1486 </table> 1487 <p> 1488 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1489 </p> 1490 1491 1492 <h3 id="id-in-nvidia-video-driver"> NVIDIA</h3> 1493 <p> 1494 . 1495 - . 1496 </p> 1497 1498 <table> 1499 <col width="19%"> 1500 <col width="20%"> 1501 <col width="10%"> 1502 <col width="23%"> 1503 <col width="17%"> 1504 <tr> 1505 <th>CVE</th> 1506 <th></th> 1507 <th> </th> 1508 <th> Google</th> 1509 <th> </th> 1510 </tr> 1511 <tr> 1512 <td>CVE-2017-0448</td> 1513 <td>A-32721029*<br> 1514 N-CVE-2017-0448</td> 1515 <td></td> 1516 <td>Nexus9</td> 1517 <td>7 2016.</td> 1518 </tr> 1519 </table> 1520 <p> 1521 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1522 </p> 1523 1524 1525 <h3 id="eop-in-broadcom-wi-fi-driver-2"> Wi-Fi- Broadcom</h3> 1526 <p> 1527 . , , . 1528 </p> 1529 1530 <table> 1531 <col width="19%"> 1532 <col width="20%"> 1533 <col width="10%"> 1534 <col width="23%"> 1535 <col width="17%"> 1536 <tr> 1537 <th>CVE</th> 1538 <th></th> 1539 <th> </th> 1540 <th> Google</th> 1541 <th> </th> 1542 </tr> 1543 <tr> 1544 <td>CVE-2017-0449</td> 1545 <td>A-31707909*<br> 1546 B-RB#32094</td> 1547 <td></td> 1548 <td>Nexus6, Nexus6P</td> 1549 <td>23 2016.</td> 1550 </tr> 1551 </table> 1552 <p> 1553 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1554 </p> 1555 1556 1557 <h3 id="eop-in-audioserver-2"> audioserver</h3> 1558 <p> 1559 . , . 1560 </p> 1561 1562 <table> 1563 <col width="19%"> 1564 <col width="20%"> 1565 <col width="10%"> 1566 <col width="23%"> 1567 <col width="17%"> 1568 <tr> 1569 <th>CVE</th> 1570 <th></th> 1571 <th> </th> 1572 <th> Google</th> 1573 <th> </th> 1574 </tr> 1575 <tr> 1576 <td>CVE-2017-0450</td> 1577 <td>A-32917432*</td> 1578 <td></td> 1579 <td>Nexus9</td> 1580 <td>15 2016.</td> 1581 </tr> 1582 </table> 1583 <p> 1584 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1585 </p> 1586 1587 1588 <h3 id="eop-in-kernel-file-system-2"> </h3> 1589 <p> 1590 , . , . 1591 </p> 1592 1593 <table> 1594 <col width="19%"> 1595 <col width="20%"> 1596 <col width="10%"> 1597 <col width="23%"> 1598 <col width="17%"> 1599 <tr> 1600 <th>CVE</th> 1601 <th></th> 1602 <th> </th> 1603 <th> Google</th> 1604 <th> </th> 1605 </tr> 1606 <tr> 1607 <td>CVE-2016-10044</td> 1608 <td>A-31711619*</td> 1609 <td></td> 1610 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, AndroidOne, PixelC, Nexus Player, Pixel, PixelXL</td> 1611 <td> Google</td> 1612 </tr> 1613 </table> 1614 <p> 1615 * . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>. 1616 </p> 1617 1618 1619 <h3 id="id-in-qualcomm-secure-execution-environment-communicator"> QSEE Communicator</h3> 1620 <p> 1621 . , . 1622 </p> 1623 1624 <table> 1625 <col width="19%"> 1626 <col width="20%"> 1627 <col width="10%"> 1628 <col width="23%"> 1629 <col width="17%"> 1630 <tr> 1631 <th>CVE</th> 1632 <th></th> 1633 <th> </th> 1634 <th> Google</th> 1635 <th> </th> 1636 </tr> 1637 <tr> 1638 <td>CVE-2016-8414</td> 1639 <td>A-31704078<br> 1640 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846"> 1641 QC-CR#1076407</a></td> 1642 <td></td> 1643 <td>Nexus5X, Nexus6P, AndroidOne, Pixel, PixelXL</td> 1644 <td>23 2016.</td> 1645 </tr> 1646 </table> 1647 1648 1649 <h3 id="id-in-qualcomm-sound-driver"> Qualcomm</h3> 1650 <p> 1651 . , . 1652 </p> 1653 1654 <table> 1655 <col width="19%"> 1656 <col width="20%"> 1657 <col width="10%"> 1658 <col width="23%"> 1659 <col width="17%"> 1660 <tr> 1661 <th>CVE</th> 1662 <th></th> 1663 <th> </th> 1664 <th> Google</th> 1665 <th> </th> 1666 </tr> 1667 <tr> 1668 <td>CVE-2017-0451</td> 1669 <td>A-31796345<br> 1670 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e"> 1671 QC-CR#1073129</a> 1672 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td> 1673 <td></td> 1674 <td>Nexus5X, Nexus6P, AndroidOne, Pixel, PixelXL</td> 1675 <td>27 2016.</td> 1676 </tr> 1677 </table> 1678 1679 <h2 id="common-questions-and-answers"> </h2> 1680 <p> , 1681 .</p> 1682 <p><strong>1) , , ?</strong></p> 1683 <p> , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>.</p> 1684 <ul> 1685 <li> 1 2017 , 2017-02-01.</li> 1686 <li> 5 2017 , 2017-02-05. 1687 </li> 1688 </ul> 1689 <p> , , :</p> 1690 <ul> 1691 <li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li> 1692 <li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li> 1693 </ul> 1694 1695 <p><strong>2. ?</strong></p> 1696 1697 <p> , , Android. Android .</p> 1698 <ul> 1699 <li> 1 2017 , , .</li> 1700 <li> 5 2017 , .</li> 1701 </ul> 1702 <p> .</p> 1703 <p><strong>3. , Google ?</strong></p> 1704 <p> <a href="#2017-02-01-details">2017-02-01</a> <a href="#2017-02-05-details">2017-02-05</a> <em> Google</em>. , . 1705 </p> 1706 <ul> 1707 <li><strong> .</strong> <em></em> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> Google</a>: Nexus5X, Nexus6, Nexus6P, Nexus7 (2013), Nexus9, Android One, Nexus Player, PixelC, Pixel PixelXL.</li> 1708 <li><strong> .</strong> <em></em> , .</li> 1709 <li><strong>.</strong> Google.<em></em></li> 1710 </ul> 1711 <p><strong>4. ""?</strong></p> 1712 <p> <em></em>. 1713 , 1714 , :</p> 1715 <table> 1716 <tr> 1717 <th></th> 1718 <th></th> 1719 </tr> 1720 <tr> 1721 <td>A-</td> 1722 <td> Android</td> 1723 </tr> 1724 <tr> 1725 <td>QC-</td> 1726 <td> Qualcomm</td> 1727 </tr> 1728 <tr> 1729 <td>M-</td> 1730 <td> MediaTek</td> 1731 </tr> 1732 <tr> 1733 <td>N-</td> 1734 <td> NVIDIA</td> 1735 </tr> 1736 <tr> 1737 <td>B-</td> 1738 <td> Broadcom</td> 1739 </tr> 1740 </table> 1741 1742 <h2 id="revisions"></h2> 1743 <ul> 1744 <li>6 2017. .</li> 1745 <li>8 2017. AOSP.</li> 1746 </ul> 1747 1748 </body> 1749 </html> 1750
