1 <html devsite><head> 2 <title> Android 2017.</title> 3 <meta name="project_path" value="/_project.yaml"/> 4 <meta name="book_path" value="/_book.yaml"/> 5 </head> 6 <body> 7 <!-- 8 Copyright 2017 The Android Open Source Project 9 10 Licensed under the Apache License, Version 2.0 (the "License"); 11 you may not use this file except in compliance with the License. 12 You may obtain a copy of the License at 13 14 http://www.apache.org/licenses/LICENSE-2.0 15 16 Unless required by applicable law or agreed to in writing, software 17 distributed under the License is distributed on an "AS IS" BASIS, 18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 See the License for the specific language governing permissions and 20 limitations under the License. 21 --> 22 23 <p><em> 1 2017. | 2 2017.</em></p> 24 25 <p> Android. Google <a href="https://developers.google.com/android/nexus/images"> </a>. , , 5 2017 . , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>.</p> 26 27 <p> 3 2017 . Android Open Source Project (AOSP). 28 AOSP.</p> 29 30 <p> (, , MMS). <a href="/security/overview/updates-resources.html#severity"> </a> , , .</p> 31 32 <p> . <a href="#mitigations"> </a> , <a href="/security/enhancements/index.html"> </a> , <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, Android.</p> 33 34 <p> .</p> 35 <h2 id="announcements"></h2> 36 <ul> 37 <li> , , Android. <a href="#common-questions-and-answers"> </a>. 38 <ul> 39 <li><strong>2017-05-01</strong>: , 2017-05-01 .</li> 40 <li><strong>2017-05-05</strong>: , 2017-05-01 2017-05-05, .</li> 41 </ul> 42 </li> 43 <li> Google 5 2017.</li> 44 </ul> 45 46 <h2 id="mitigations"> </h2> 47 48 <p> , <a href="/security/enhancements/index.html"> </a> , SafetyNet, Android.</p> 49 50 <ul> 51 <li> 52 Android, 53 .</li> 54 <li>, Android, <a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf"> SafetyNet</a>. <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf"> </a>. <a href="http://www.android.com/gms"> Google</a>. , . Google Play , . , . , , , . , .</li> 55 <li> Google Hangouts Messenger , mediaserver, .</li> 56 </ul> 57 58 <h2 id="acknowledgements"></h2> 59 60 <p> , :</p> 61 <ul> 62 <li>ADlab Venustech: CVE-2017-0630</li> 63 <li> (<a href="https://twitter.com/returnsme">@returnsme</a>) KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-10287</li> 64 <li> () Trend Micro: CVE-2017-0599, CVE-2017-0635</li> 65 <li> (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) <a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0601</li> 66 <li> <a href="https://twrp.me/">Team Win Recovery Project</a>: CVE-2017-0493</li> 67 <li> (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a> IceSword Lab, Qihoo 360 Technology Co. Ltd: CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, CVE-2017-0624, CVE-2017-0616, CVE-2017-0617, CVE-2016-10294, CVE-2016-10295, CVE-2016-10296</li> 68 <li>godzheng ( <a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>) Tencent PC Manager: CVE-2017-0602</li> 69 <li><a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/"> </a> <a href="http://tuncay2.web.engr.illinois.edu"> -</a>: CVE-2017-0593</li> 70 <li> Alpha Team, Qihoo 360 Technology Co. Ltd: CVE-2016-10283</li> 71 <li> , , Xiaomi Inc: CVE-2016-10276</li> 72 <li><a href="https://github.com/michalbednarski"> </a>: CVE-2017-0598</li> 73 <li> (<a href="https://twitter.com/natecray">@natecray</a>) Tesla's Product Security Team: CVE-2017-0331, CVE-2017-0606</li> 74 <li><a href="mailto:jiych.guru (a] gmail.com">Niky1235</a> (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>): CVE-2017-0603</li> 75 <li> , , , Alibaba Mobile Security Group: CVE-2016-10281, CVE-2016-10280</li> 76 <li> (<a href="https://twitter.com/roeehay">@roeehay</a>) <a href="https://alephsecurity.com/">Aleph Research</a>: CVE-2016-10277</li> 77 <li><a href="mailto:sbauer (a] plzdonthack.me"> </a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-10274</li> 78 <li><a href="mailto:segfault5514 (a] gmail.com"> </a>, <a href="mailto:computernik (a] gmail.com">- </a> <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-10291</li> 79 <li> : CVE-2017-0589</li> 80 <li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0590, CVE-2017-0587, CVE-2017-0600</li> 81 <li> Tencent: CVE-2017-0597</li> 82 <li> 360 Marvel Team: CVE-2017-0627</li> 83 <li> () (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Alibaba Inc: CVE-2017-0588</li> 84 <li> (<a href="https://twitter.com/guoygang">@guoygang</a>) IceSword Lab, Qihoo 360 Technology Co. Ltd: CVE-2016-10289, CVE-2017-0465</li> 85 <li> Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2016-10282, CVE-2017-0615</li> 86 <li> Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2017-0618, CVE-2017-0625</li> 87 </ul> 88 89 <h2 id="2017-05-01-details"> ( 2017-05-01)</h2> 90 91 <p> 2017-05-01: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 92 93 <h3 id="rce-in-mediaserver"> mediaserver</h3> 94 95 <p> . - mediaserver.</p> 96 97 <table> 98 <colgroup><col width="18%" /> 99 <col width="17%" /> 100 <col width="10%" /> 101 <col width="19%" /> 102 <col width="18%" /> 103 <col width="17%" /> 104 </colgroup><tbody><tr> 105 <th>CVE</th> 106 <th></th> 107 <th> </th> 108 <th> Google</th> 109 <th> AOSP</th> 110 <th> </th> 111 </tr> 112 <tr> 113 <td>CVE-2017-0587</td> 114 <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td> 115 <td></td> 116 <td></td> 117 <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 118 <td>4 2017.</td> 119 </tr> 120 <tr> 121 <td>CVE-2017-0588</td> 122 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td> 123 <td></td> 124 <td></td> 125 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 126 <td>21 2017.</td> 127 </tr> 128 <tr> 129 <td>CVE-2017-0589</td> 130 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td> 131 <td></td> 132 <td></td> 133 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 134 <td>1 2017.</td> 135 </tr> 136 <tr> 137 <td>CVE-2017-0590</td> 138 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td> 139 <td></td> 140 <td></td> 141 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 142 <td>6 2017.</td> 143 </tr> 144 <tr> 145 <td>CVE-2017-0591</td> 146 <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td> 147 <td></td> 148 <td></td> 149 <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 150 <td> Google</td> 151 </tr> 152 <tr> 153 <td>CVE-2017-0592</td> 154 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td> 155 <td></td> 156 <td></td> 157 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 158 <td> Google</td> 159 </tr> 160 </tbody></table> 161 162 <h3 id="eop-in-framework-apis"> Framework API</h3> 163 164 <p> . , , .</p> 165 166 <table> 167 <colgroup><col width="18%" /> 168 <col width="17%" /> 169 <col width="10%" /> 170 <col width="19%" /> 171 <col width="18%" /> 172 <col width="17%" /> 173 </colgroup><tbody><tr> 174 <th>CVE</th> 175 <th></th> 176 <th> </th> 177 <th> Google</th> 178 <th> AOSP</th> 179 <th> </th> 180 </tr> 181 <tr> 182 <td>CVE-2017-0593</td> 183 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td> 184 <td></td> 185 <td></td> 186 <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 187 <td>5 2017.</td> 188 </tr> 189 </tbody></table> 190 191 <h3 id="eop-in-mediaserver"> mediaserver</h3> 192 193 <p> . , , .</p> 194 195 <table> 196 <colgroup><col width="18%" /> 197 <col width="17%" /> 198 <col width="10%" /> 199 <col width="19%" /> 200 <col width="18%" /> 201 <col width="17%" /> 202 </colgroup><tbody><tr> 203 <th>CVE</th> 204 <th></th> 205 <th> </th> 206 <th> Google</th> 207 <th> AOSP</th> 208 <th> </th> 209 </tr> 210 <tr> 211 <td>CVE-2017-0594</td> 212 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td> 213 <td></td> 214 <td></td> 215 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 216 <td>22 2017.</td> 217 </tr> 218 <tr> 219 <td>CVE-2017-0595</td> 220 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td> 221 <td></td> 222 <td></td> 223 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 224 <td>24 2017.</td> 225 </tr> 226 <tr> 227 <td>CVE-2017-0596</td> 228 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td> 229 <td></td> 230 <td></td> 231 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> 232 <td>24 2017.</td> 233 </tr> 234 </tbody></table> 235 236 <h3 id="eop-in-audioserver"> audioserver</h3> 237 238 <p> . , , .</p> 239 240 <table> 241 <colgroup><col width="18%" /> 242 <col width="17%" /> 243 <col width="10%" /> 244 <col width="19%" /> 245 <col width="18%" /> 246 <col width="17%" /> 247 </colgroup><tbody><tr> 248 <th>CVE</th> 249 <th></th> 250 <th> </th> 251 <th> Google</th> 252 <th> AOSP</th> 253 <th> </th> 254 </tr> 255 <tr> 256 <td>CVE-2017-0597</td> 257 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td> 258 <td></td> 259 <td></td> 260 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 261 <td>25 2017.</td> 262 </tr> 263 </tbody></table> 264 265 <h3 id="id-in-framework-apis"> Framework API</h3> 266 267 <p> , . , .</p> 268 269 <table> 270 <colgroup><col width="18%" /> 271 <col width="17%" /> 272 <col width="10%" /> 273 <col width="19%" /> 274 <col width="18%" /> 275 <col width="17%" /> 276 </colgroup><tbody><tr> 277 <th>CVE</th> 278 <th></th> 279 <th> </th> 280 <th> Google</th> 281 <th> AOSP</th> 282 <th> </th> 283 </tr> 284 <tr> 285 <td>CVE-2017-0598</td> 286 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> 287 [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> 288 <td></td> 289 <td></td> 290 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 291 <td>6 2017.</td> 292 </tr> 293 </tbody></table> 294 295 <h3 id="dos-in-mediaserver"> mediaserver</h3> 296 297 <p> . , .</p> 298 299 <table> 300 <colgroup><col width="18%" /> 301 <col width="17%" /> 302 <col width="10%" /> 303 <col width="19%" /> 304 <col width="18%" /> 305 <col width="17%" /> 306 </colgroup><tbody><tr> 307 <th>CVE</th> 308 <th></th> 309 <th> </th> 310 <th> Google</th> 311 <th> AOSP</th> 312 <th> </th> 313 </tr> 314 <tr> 315 <td>CVE-2017-0599</td> 316 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td> 317 <td></td> 318 <td></td> 319 <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 320 <td>23 2017.</td> 321 </tr> 322 <tr> 323 <td>CVE-2017-0600</td> 324 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td> 325 <td></td> 326 <td></td> 327 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 328 <td>10 2017.</td> 329 </tr> 330 </tbody></table> 331 332 <h3 id="eop-in-bluetooth"> Bluetooth</h3> 333 334 <p> Bluetooth . , . </p> 335 336 <table> 337 <colgroup><col width="18%" /> 338 <col width="17%" /> 339 <col width="10%" /> 340 <col width="19%" /> 341 <col width="18%" /> 342 <col width="17%" /> 343 </colgroup><tbody><tr> 344 <th>CVE</th> 345 <th></th> 346 <th> </th> 347 <th> Google</th> 348 <th> AOSP</th> 349 <th> </th> 350 </tr> 351 <tr> 352 <td>CVE-2017-0601</td> 353 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td> 354 <td></td> 355 <td></td> 356 <td>7.0, 7.1.1, 7.1.2</td> 357 <td>9 2017.</td> 358 </tr> 359 </tbody></table> 360 361 <h3 id="id-in-file-based-encryption"> </h3> 362 363 <p> , , . - .</p> 364 365 <table> 366 <colgroup><col width="18%" /> 367 <col width="17%" /> 368 <col width="10%" /> 369 <col width="19%" /> 370 <col width="18%" /> 371 <col width="17%" /> 372 </colgroup><tbody><tr> 373 <th>CVE</th> 374 <th></th> 375 <th> </th> 376 <th> Google</th> 377 <th> AOSP</th> 378 <th> </th> 379 </tr> 380 <tr> 381 <td>CVE-2017-0493</td> 382 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> 383 [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td> 384 <td></td> 385 <td></td> 386 <td>7.0, 7.1.1</td> 387 <td>9 2016.</td> 388 </tr> 389 </tbody></table> 390 391 <h3 id="id-in-bluetooth"> Bluetooth</h3> 392 393 <p> , . - .</p> 394 395 <table> 396 <colgroup><col width="18%" /> 397 <col width="17%" /> 398 <col width="10%" /> 399 <col width="19%" /> 400 <col width="18%" /> 401 <col width="17%" /> 402 </colgroup><tbody><tr> 403 <th>CVE</th> 404 <th></th> 405 <th> </th> 406 <th> Google</th> 407 <th> AOSP</th> 408 <th> </th> 409 </tr> 410 <tr> 411 <td>CVE-2017-0602</td> 412 <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td> 413 <td></td> 414 <td></td> 415 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 416 <td>5 2016.</td> 417 </tr> 418 </tbody></table> 419 420 <h3 id="id-in-openssl-&-boringssl"> OpenSSL BoringSSL</h3> 421 422 <p> . - .</p> 423 424 <table> 425 <colgroup><col width="18%" /> 426 <col width="17%" /> 427 <col width="10%" /> 428 <col width="19%" /> 429 <col width="18%" /> 430 <col width="17%" /> 431 </colgroup><tbody><tr> 432 <th>CVE</th> 433 <th></th> 434 <th> </th> 435 <th> Google</th> 436 <th> AOSP</th> 437 <th> </th> 438 </tr> 439 <tr> 440 <td>CVE-2016-7056</td> 441 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td> 442 <td></td> 443 <td></td> 444 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 445 <td>19 2016.</td> 446 </tr> 447 </tbody></table> 448 449 <h3 id="dos-in-mediaserver-2"> mediaserver</h3> 450 451 <p> . , .</p> 452 453 <table> 454 <colgroup><col width="18%" /> 455 <col width="17%" /> 456 <col width="10%" /> 457 <col width="19%" /> 458 <col width="18%" /> 459 <col width="17%" /> 460 </colgroup><tbody><tr> 461 <th>CVE</th> 462 <th></th> 463 <th> </th> 464 <th> Google</th> 465 <th> AOSP</th> 466 <th> </th> 467 </tr> 468 <tr> 469 <td>CVE-2017-0603</td> 470 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td> 471 <td></td> 472 <td></td> 473 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 474 <td>23 2017.</td> 475 </tr> 476 </tbody></table> 477 478 <h3 id="dos-in-mediaserver-3"> mediaserver</h3> 479 480 <p> . - .</p> 481 482 <table> 483 <colgroup><col width="18%" /> 484 <col width="17%" /> 485 <col width="10%" /> 486 <col width="19%" /> 487 <col width="18%" /> 488 <col width="17%" /> 489 </colgroup><tbody><tr> 490 <th>CVE</th> 491 <th></th> 492 <th> </th> 493 <th> Google</th> 494 <th> AOSP</th> 495 <th> </th> 496 </tr> 497 <tr> 498 <td>CVE-2017-0635</td> 499 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td> 500 <td></td> 501 <td></td> 502 <td>7.0, 7.1.1, 7.1.2</td> 503 <td>16 2017.</td> 504 </tr> 505 </tbody></table> 506 507 <h2 id="2017-05-05-details"> ( 2017-05-05)</h2> 508 509 <p> 2017-05-05: , CVE, , , Google AOSP ( ), . , , (, AOSP), .</p> 510 511 <h3 id="rce-in-giflib"> GIFLIB</h3> 512 513 <p> . - mediaserver.</p> 514 515 <table> 516 <colgroup><col width="18%" /> 517 <col width="17%" /> 518 <col width="10%" /> 519 <col width="19%" /> 520 <col width="18%" /> 521 <col width="17%" /> 522 </colgroup><tbody><tr> 523 <th>CVE</th> 524 <th></th> 525 <th> </th> 526 <th> Google</th> 527 <th> AOSP</th> 528 <th> </th> 529 </tr> 530 <tr> 531 <td>CVE-2015-7555</td> 532 <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td> 533 <td></td> 534 <td></td> 535 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> 536 <td>13 2016.</td> 537 </tr> 538 </tbody></table> 539 540 <h3 id="eop-in-mediatek-touchscreen-driver"> MediaTek</h3> 541 542 <p> . , - . , .</p> 543 544 <table> 545 <colgroup><col width="19%" /> 546 <col width="20%" /> 547 <col width="10%" /> 548 <col width="23%" /> 549 <col width="17%" /> 550 </colgroup><tbody><tr> 551 <th>CVE</th> 552 <th></th> 553 <th> </th> 554 <th> Google</th> 555 <th> </th> 556 </tr> 557 <tr> 558 <td>CVE-2016-10274</td> 559 <td>A-30202412*<br /> 560 M-ALPS02897901</td> 561 <td></td> 562 <td>**</td> 563 <td>16 2016.</td> 564 </tr> 565 </tbody></table> 566 567 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 568 569 <p>** Google Android7.1.1, .</p> 570 571 <h3 id="eop-in-qualcomm-bootloader"> Qualcomm</h3> 572 573 <p> . , - . , .</p> 574 575 <table> 576 <colgroup><col width="19%" /> 577 <col width="20%" /> 578 <col width="10%" /> 579 <col width="23%" /> 580 <col width="17%" /> 581 </colgroup><tbody><tr> 582 <th>CVE</th> 583 <th></th> 584 <th> </th> 585 <th> Google</th> 586 <th> </th> 587 </tr> 588 <tr> 589 <td>CVE-2016-10275</td> 590 <td>A-34514954<br /> 591 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b"> 592 QC-CR#1009111</a></td> 593 <td></td> 594 <td>Nexus5X, Nexus6, Pixel, PixelXL, Android One</td> 595 <td>13 2016.</td> 596 </tr> 597 <tr> 598 <td>CVE-2016-10276</td> 599 <td>A-32952839<br /> 600 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64"> 601 QC-CR#1094105</a></td> 602 <td></td> 603 <td>Nexus5X, Nexus6P, Pixel, PixelXL</td> 604 <td>16 2016.</td> 605 </tr> 606 </tbody></table> 607 608 <h3 id="eop-in-kernel-sound-subsystem"> </h3> 609 610 <p> . , - . , .</p> 611 612 <table> 613 <colgroup><col width="19%" /> 614 <col width="20%" /> 615 <col width="10%" /> 616 <col width="23%" /> 617 <col width="17%" /> 618 </colgroup><tbody><tr> 619 <th>CVE</th> 620 <th></th> 621 <th> </th> 622 <th> Google</th> 623 <th> </th> 624 </tr> 625 <tr> 626 <td>CVE-2016-9794</td> 627 <td>A-34068036<br /> 628 <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757"> 629 Upstream kernel</a></td> 630 <td></td> 631 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Pixel, PixelXL, PixelC, Android One, Nexus Player</td> 632 <td>3 2016.</td> 633 </tr> 634 </tbody></table> 635 636 <h3 id="eop-in-motorola-bootloader"> Motorola</h3> 637 638 <p> . , - . , .</p> 639 640 <table> 641 <colgroup><col width="19%" /> 642 <col width="20%" /> 643 <col width="10%" /> 644 <col width="23%" /> 645 <col width="17%" /> 646 </colgroup><tbody><tr> 647 <th>CVE</th> 648 <th></th> 649 <th> </th> 650 <th> Google</th> 651 <th> </th> 652 </tr> 653 <tr> 654 <td>CVE-2016-10277</td> 655 <td>A-33840490*<br /> 656 </td> 657 <td></td> 658 <td>Nexus6</td> 659 <td>21 2016.</td> 660 </tr> 661 </tbody></table> 662 663 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 664 665 <h3 id="eop-in-nvidia-video-driver"> NVIDIA</h3> 666 667 <p> . , - . , .</p> 668 669 <table> 670 <colgroup><col width="19%" /> 671 <col width="20%" /> 672 <col width="10%" /> 673 <col width="23%" /> 674 <col width="17%" /> 675 </colgroup><tbody><tr> 676 <th>CVE</th> 677 <th></th> 678 <th> </th> 679 <th> Google</th> 680 <th> </th> 681 </tr> 682 <tr> 683 <td>CVE-2017-0331</td> 684 <td>A-34113000*<br /> 685 N-CVE-2017-0331</td> 686 <td></td> 687 <td>Nexus9</td> 688 <td>4 2017.</td> 689 </tr> 690 </tbody></table> 691 692 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 693 694 <h3 id="eop-in-qualcomm-power-driver"> Qualcomm</h3> 695 696 <p> . , - . , .</p> 697 698 <table> 699 <colgroup><col width="19%" /> 700 <col width="20%" /> 701 <col width="10%" /> 702 <col width="23%" /> 703 <col width="17%" /> 704 </colgroup><tbody><tr> 705 <th>CVE</th> 706 <th></th> 707 <th> </th> 708 <th> Google</th> 709 <th> </th> 710 </tr> 711 <tr> 712 <td>CVE-2017-0604</td> 713 <td>A-35392981<br /> 714 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7"> 715 QC-CR#826589</a></td> 716 <td></td> 717 <td>*</td> 718 <td>15 2017.</td> 719 </tr> 720 </tbody></table> 721 722 <p>* Google Android7.1.1, .</p> 723 724 <h3 id="eop-in-kernel-trace-subsystem"> </h3> 725 726 <p> . , - . , .</p> 727 728 <table> 729 <colgroup><col width="19%" /> 730 <col width="20%" /> 731 <col width="10%" /> 732 <col width="23%" /> 733 <col width="17%" /> 734 </colgroup><tbody><tr> 735 <th>CVE</th> 736 <th></th> 737 <th> </th> 738 <th> Google</th> 739 <th> </th> 740 </tr> 741 <tr> 742 <td>CVE-2017-0605</td> 743 <td>A-35399704<br /> 744 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> 745 QC-CR#1048480</a></td> 746 <td></td> 747 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Pixel, PixelXL, PixelC, Android One, Nexus Player</td> 748 <td>15 2017.</td> 749 </tr> 750 </tbody></table> 751 752 <h3 id="vulnerabilities-in-qualcomm-components"> Qualcomm</h3> 753 754 <p> Qualcomm Qualcomm AMSS , , 2016.</p> 755 756 <table> 757 <colgroup><col width="19%" /> 758 <col width="20%" /> 759 <col width="10%" /> 760 <col width="23%" /> 761 <col width="17%" /> 762 </colgroup><tbody><tr> 763 <th>CVE</th> 764 <th></th> 765 <th> </th> 766 <th> Google</th> 767 <th> </th> 768 </tr> 769 <tr> 770 <td>CVE-2016-10240</td> 771 <td>A-32578446**<br /> 772 QC-CR#955710</td> 773 <td></td> 774 <td>Nexus6P</td> 775 <td> Qualcomm</td> 776 </tr> 777 <tr> 778 <td>CVE-2016-10241</td> 779 <td>A-35436149**<br /> 780 QC-CR#1068577</td> 781 <td></td> 782 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL</td> 783 <td> Qualcomm</td> 784 </tr> 785 <tr> 786 <td>CVE-2016-10278</td> 787 <td>A-31624008**<br /> 788 QC-CR#1043004</td> 789 <td></td> 790 <td>Pixel, PixelXL</td> 791 <td> Qualcomm</td> 792 </tr> 793 <tr> 794 <td>CVE-2016-10279</td> 795 <td>A-31624421**<br /> 796 QC-CR#1031821</td> 797 <td></td> 798 <td>Pixel, PixelXL</td> 799 <td> Qualcomm</td> 800 </tr> 801 </tbody></table> 802 803 <p>* Qualcomm.</p> 804 805 <p>** . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 806 807 <p>*** Google Android7.1.1, .</p> 808 809 <h3 id="rce-in-libxml2"> libxml2</h3> 810 811 <p> . - , .</p> 812 813 <table> 814 <colgroup><col width="18%" /> 815 <col width="17%" /> 816 <col width="10%" /> 817 <col width="19%" /> 818 <col width="18%" /> 819 <col width="17%" /> 820 </colgroup><tbody><tr> 821 <th>CVE</th> 822 <th></th> 823 <th> </th> 824 <th> Google</th> 825 <th> AOSP</th> 826 <th> </th> 827 </tr> 828 <tr> 829 <td>CVE-2016-5131</td> 830 <td>A-32956747*</td> 831 <td></td> 832 <td>**</td> 833 <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> 834 <td>23 2016.</td> 835 </tr> 836 </tbody></table> 837 838 <p>* . Nexus, <a href="https://developers.google.com/android/drivers"> </a>.</p> 839 840 <p>** Google Android7.1.1, .</p> 841 842 <h3 id="eop-in-mediatek-thermal-driver"> MediaTek</h3> 843 844 <p> . , .</p> 845 846 <table> 847 <colgroup><col width="19%" /> 848 <col width="20%" /> 849 <col width="10%" /> 850 <col width="23%" /> 851 <col width="17%" /> 852 </colgroup><tbody><tr> 853 <th>CVE</th> 854 <th></th> 855 <th> </th> 856 <th> Google</th> 857 <th> </th> 858 </tr> 859 <tr> 860 <td>CVE-2016-10280</td> 861 <td>A-28175767*<br /> 862 M-ALPS02696445</td> 863 <td></td> 864 <td>**</td> 865 <td>11 2016.</td> 866 </tr> 867 <tr> 868 <td>CVE-2016-10281</td> 869 <td>A-28175647*<br /> 870 M-ALPS02696475</td> 871 <td></td> 872 <td>**</td> 873 <td>11 2016.</td> 874 </tr> 875 <tr> 876 <td>CVE-2016-10282</td> 877 <td>A-33939045*<br /> 878 M-ALPS03149189</td> 879 <td></td> 880 <td>**</td> 881 <td>27 2016.</td> 882 </tr> 883 </tbody></table> 884 885 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 886 887 <p>** Google Android7.1.1, .</p> 888 889 <h3 id="eop-in-qualcomm-wi-fi-driver"> Wi-Fi- Qualcomm</h3> 890 891 <p> . , .</p> 892 893 <table> 894 <colgroup><col width="19%" /> 895 <col width="20%" /> 896 <col width="10%" /> 897 <col width="23%" /> 898 <col width="17%" /> 899 </colgroup><tbody><tr> 900 <th>CVE</th> 901 <th></th> 902 <th> </th> 903 <th> Google</th> 904 <th> </th> 905 </tr> 906 <tr> 907 <td>CVE-2016-10283</td> 908 <td>A-32094986<br /> 909 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd"> 910 QC-CR#2002052</a></td> 911 <td></td> 912 <td>Nexus5X, Pixel, PixelXL, Android One</td> 913 <td>11 2016.</td> 914 </tr> 915 </tbody></table> 916 917 <h3 id="eop-in-qualcomm-video-driver"> Qualcomm</h3> 918 919 <p> . , .</p> 920 921 <table> 922 <colgroup><col width="19%" /> 923 <col width="20%" /> 924 <col width="10%" /> 925 <col width="23%" /> 926 <col width="17%" /> 927 </colgroup><tbody><tr> 928 <th>CVE</th> 929 <th></th> 930 <th> </th> 931 <th> Google</th> 932 <th> </th> 933 </tr> 934 <tr> 935 <td>CVE-2016-10284</td> 936 <td>A-32402303*<br /> 937 QC-CR#2000664</td> 938 <td></td> 939 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 940 <td>24 2016.</td> 941 </tr> 942 <tr> 943 <td>CVE-2016-10285</td> 944 <td>A-33752702<br /> 945 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9"> 946 QC-CR#1104899</a></td> 947 <td></td> 948 <td>Pixel, PixelXL</td> 949 <td>19 2016.</td> 950 </tr> 951 <tr> 952 <td>CVE-2016-10286</td> 953 <td>A-35400904<br /> 954 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999"> 955 QC-CR#1090237</a></td> 956 <td></td> 957 <td>Pixel, PixelXL</td> 958 <td>15 2017.</td> 959 </tr> 960 </tbody></table> 961 962 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 963 964 <h3 id="eop-in-kernel-performance-subsystem"> </h3> 965 966 <p> . , .</p> 967 968 <table> 969 <colgroup><col width="19%" /> 970 <col width="20%" /> 971 <col width="10%" /> 972 <col width="23%" /> 973 <col width="17%" /> 974 </colgroup><tbody><tr> 975 <th>CVE</th> 976 <th></th> 977 <th> </th> 978 <th> Google</th> 979 <th> </th> 980 </tr> 981 <tr> 982 <td>CVE-2015-9004</td> 983 <td>A-34515362<br /> 984 <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"> 985 Upstream kernel</a></td> 986 <td></td> 987 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Pixel, PixelXL, PixelC, Android One, Nexus Player</td> 988 <td>23 2016.</td> 989 </tr> 990 </tbody></table> 991 992 <h3 id="eop-in-qualcomm-sound-driver"> Qualcomm</h3> 993 994 <p> . , .</p> 995 996 <table> 997 <colgroup><col width="19%" /> 998 <col width="20%" /> 999 <col width="10%" /> 1000 <col width="23%" /> 1001 <col width="17%" /> 1002 </colgroup><tbody><tr> 1003 <th>CVE</th> 1004 <th></th> 1005 <th> </th> 1006 <th> Google</th> 1007 <th> </th> 1008 </tr> 1009 <tr> 1010 <td>CVE-2016-10287</td> 1011 <td>A-33784446<br /> 1012 <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded"> 1013 QC-CR#1112751</a></td> 1014 <td></td> 1015 <td>Nexus5X, Nexus6P, Pixel, PixelXL, Android One</td> 1016 <td>20 2016.</td> 1017 </tr> 1018 <tr> 1019 <td>CVE-2017-0606</td> 1020 <td>A-34088848<br /> 1021 <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250"> 1022 QC-CR#1116015</a></td> 1023 <td></td> 1024 <td>Nexus5X, Nexus6P, Pixel, PixelXL, Android One</td> 1025 <td>3 2017.</td> 1026 </tr> 1027 <tr> 1028 <td>CVE-2016-5860</td> 1029 <td>A-34623424<br /> 1030 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498"> 1031 QC-CR#1100682</a></td> 1032 <td></td> 1033 <td>Pixel, PixelXL</td> 1034 <td>22 2017.</td> 1035 </tr> 1036 <tr> 1037 <td>CVE-2016-5867</td> 1038 <td>A-35400602<br /> 1039 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5"> 1040 QC-CR#1095947</a></td> 1041 <td></td> 1042 <td>*</td> 1043 <td>15 2017.</td> 1044 </tr> 1045 <tr> 1046 <td>CVE-2017-0607</td> 1047 <td>A-35400551<br /> 1048 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d"> 1049 QC-CR#1085928</a></td> 1050 <td></td> 1051 <td>Pixel, PixelXL</td> 1052 <td>15 2017.</td> 1053 </tr> 1054 <tr> 1055 <td>CVE-2017-0608</td> 1056 <td>A-35400458<br /> 1057 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980"> 1058 QC-CR#1098363</a></td> 1059 <td></td> 1060 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1061 <td>15 2017.</td> 1062 </tr> 1063 <tr> 1064 <td>CVE-2017-0609</td> 1065 <td>A-35399801<br /> 1066 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567"> 1067 QC-CR#1090482</a></td> 1068 <td></td> 1069 <td>Nexus5X, Nexus6P, Pixel, PixelXL, Android One</td> 1070 <td>15 2017.</td> 1071 </tr> 1072 <tr> 1073 <td>CVE-2016-5859</td> 1074 <td>A-35399758<br /> 1075 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe"> 1076 QC-CR#1096672</a></td> 1077 <td></td> 1078 <td>*</td> 1079 <td>15 2017.</td> 1080 </tr> 1081 <tr> 1082 <td>CVE-2017-0610</td> 1083 <td>A-35399404<br /> 1084 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe"> 1085 QC-CR#1094852</a></td> 1086 <td></td> 1087 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1088 <td>15 2017.</td> 1089 </tr> 1090 <tr> 1091 <td>CVE-2017-0611</td> 1092 <td>A-35393841<br /> 1093 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8"> 1094 QC-CR#1084210</a></td> 1095 <td></td> 1096 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1097 <td>15 2017.</td> 1098 </tr> 1099 <tr> 1100 <td>CVE-2016-5853</td> 1101 <td>A-35392629<br /> 1102 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be"> 1103 QC-CR#1102987</a></td> 1104 <td></td> 1105 <td>*</td> 1106 <td>15 2017.</td> 1107 </tr> 1108 </tbody></table> 1109 1110 <p>* Google Android7.1.1, .</p> 1111 1112 <h3 id="eop-in-qualcomm-led-driver"> LED- Qualcomm</h3> 1113 1114 <p> . , .</p> 1115 1116 <table> 1117 <colgroup><col width="19%" /> 1118 <col width="20%" /> 1119 <col width="10%" /> 1120 <col width="23%" /> 1121 <col width="17%" /> 1122 </colgroup><tbody><tr> 1123 <th>CVE</th> 1124 <th></th> 1125 <th> </th> 1126 <th> Google</th> 1127 <th> </th> 1128 </tr> 1129 <tr> 1130 <td>CVE-2016-10288</td> 1131 <td>A-33863909<br /> 1132 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660"> 1133 QC-CR#1109763</a></td> 1134 <td></td> 1135 <td>Pixel, PixelXL</td> 1136 <td>23 2016.</td> 1137 </tr> 1138 </tbody></table> 1139 1140 <h3 id="eop-in-qualcomm-crypto-driver"> Qualcomm</h3> 1141 1142 <p> . , .</p> 1143 1144 <table> 1145 <colgroup><col width="19%" /> 1146 <col width="20%" /> 1147 <col width="10%" /> 1148 <col width="23%" /> 1149 <col width="17%" /> 1150 </colgroup><tbody><tr> 1151 <th>CVE</th> 1152 <th></th> 1153 <th> </th> 1154 <th> Google</th> 1155 <th> </th> 1156 </tr> 1157 <tr> 1158 <td>CVE-2016-10289</td> 1159 <td>A-33899710<br /> 1160 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816"> 1161 QC-CR#1116295</a></td> 1162 <td></td> 1163 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1164 <td>24 2016.</td> 1165 </tr> 1166 </tbody></table> 1167 1168 <h3 id="eop-in-qualcomm-shared-memory-driver"> Qualcomm</h3> 1169 1170 <p> . , .</p> 1171 1172 <table> 1173 <colgroup><col width="19%" /> 1174 <col width="20%" /> 1175 <col width="10%" /> 1176 <col width="23%" /> 1177 <col width="17%" /> 1178 </colgroup><tbody><tr> 1179 <th>CVE</th> 1180 <th></th> 1181 <th> </th> 1182 <th> Google</th> 1183 <th> </th> 1184 </tr> 1185 <tr> 1186 <td>CVE-2016-10290</td> 1187 <td>A-33898330<br /> 1188 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> 1189 QC-CR#1109782</a></td> 1190 <td></td> 1191 <td>Nexus5X, Nexus6P, Pixel, PixelXL</td> 1192 <td>24 2016.</td> 1193 </tr> 1194 </tbody></table> 1195 1196 <h3 id="eop-in-qualcomm-slimbus-driver"> Slimbus- Qualcomm</h3> 1197 1198 <p> . , .</p> 1199 1200 <table> 1201 <colgroup><col width="19%" /> 1202 <col width="20%" /> 1203 <col width="10%" /> 1204 <col width="23%" /> 1205 <col width="17%" /> 1206 </colgroup><tbody><tr> 1207 <th>CVE</th> 1208 <th></th> 1209 <th> </th> 1210 <th> Google</th> 1211 <th> </th> 1212 </tr> 1213 <tr> 1214 <td>CVE-2016-10291</td> 1215 <td>A-34030871<br /> 1216 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de"> 1217 QC-CR#986837</a></td> 1218 <td></td> 1219 <td>Nexus5X, Nexus6, Nexus6P, Android One</td> 1220 <td>31 2016.</td> 1221 </tr> 1222 </tbody></table> 1223 1224 <h3 id="eop-in-qualcomm-adsprpc-driver"> ADSPRPC- Qualcomm</h3> 1225 1226 <p> . , .</p> 1227 1228 <table> 1229 <colgroup><col width="19%" /> 1230 <col width="20%" /> 1231 <col width="10%" /> 1232 <col width="23%" /> 1233 <col width="17%" /> 1234 </colgroup><tbody><tr> 1235 <th>CVE</th> 1236 <th></th> 1237 <th> </th> 1238 <th> Google</th> 1239 <th> </th> 1240 </tr> 1241 <tr> 1242 <td>CVE-2017-0465</td> 1243 <td>A-34112914<br /> 1244 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544"> 1245 QC-CR#1110747</a></td> 1246 <td></td> 1247 <td>Nexus5X, Nexus6P, Pixel, PixelXL, Android One</td> 1248 <td>5 2017.</td> 1249 </tr> 1250 </tbody></table> 1251 1252 <h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver"> Qualcomm QSEE Communicator</h3> 1253 1254 <p> . , .</p> 1255 1256 <table> 1257 <colgroup><col width="19%" /> 1258 <col width="20%" /> 1259 <col width="10%" /> 1260 <col width="23%" /> 1261 <col width="17%" /> 1262 </colgroup><tbody><tr> 1263 <th>CVE</th> 1264 <th></th> 1265 <th> </th> 1266 <th> Google</th> 1267 <th> </th> 1268 </tr> 1269 <tr> 1270 <td>CVE-2017-0612</td> 1271 <td>A-34389303<br /> 1272 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb"> 1273 QC-CR#1061845</a></td> 1274 <td></td> 1275 <td>Pixel, PixelXL</td> 1276 <td>10 2017.</td> 1277 </tr> 1278 <tr> 1279 <td>CVE-2017-0613</td> 1280 <td>A-35400457<br /> 1281 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747"> 1282 QC-CR#1086140</a></td> 1283 <td></td> 1284 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1285 <td>15 2017.</td> 1286 </tr> 1287 <tr> 1288 <td>CVE-2017-0614</td> 1289 <td>A-35399405<br /> 1290 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604"> 1291 QC-CR#1080290</a></td> 1292 <td></td> 1293 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1294 <td>15 2017.</td> 1295 </tr> 1296 </tbody></table> 1297 1298 <h3 id="eop-in-mediatek-power-driver"> MediaTek</h3> 1299 1300 <p> . , .</p> 1301 1302 <table> 1303 <colgroup><col width="19%" /> 1304 <col width="20%" /> 1305 <col width="10%" /> 1306 <col width="23%" /> 1307 <col width="17%" /> 1308 </colgroup><tbody><tr> 1309 <th>CVE</th> 1310 <th></th> 1311 <th> </th> 1312 <th> Google</th> 1313 <th> </th> 1314 </tr> 1315 <tr> 1316 <td>CVE-2017-0615</td> 1317 <td>A-34259126*<br /> 1318 M-ALPS03150278</td> 1319 <td></td> 1320 <td>**</td> 1321 <td>12 2017.</td> 1322 </tr> 1323 </tbody></table> 1324 1325 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1326 1327 <p>** Google Android7.1.1, .</p> 1328 1329 <h3 id="eop-in-mediatek-system-management-interrupt-driver"> MediaTek</h3> 1330 1331 <p> . , .</p> 1332 1333 <table> 1334 <colgroup><col width="19%" /> 1335 <col width="20%" /> 1336 <col width="10%" /> 1337 <col width="23%" /> 1338 <col width="17%" /> 1339 </colgroup><tbody><tr> 1340 <th>CVE</th> 1341 <th></th> 1342 <th> </th> 1343 <th> Google</th> 1344 <th> </th> 1345 </tr> 1346 <tr> 1347 <td>CVE-2017-0616</td> 1348 <td>A-34470286*<br /> 1349 M-ALPS03149160</td> 1350 <td></td> 1351 <td>**</td> 1352 <td>19 2017.</td> 1353 </tr> 1354 </tbody></table> 1355 1356 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1357 1358 <p>** Google Android7.1.1, .</p> 1359 1360 <h3 id="eop-in-mediatek-video-driver"> MediaTek</h3> 1361 1362 <p> . , .</p> 1363 1364 <table> 1365 <colgroup><col width="19%" /> 1366 <col width="20%" /> 1367 <col width="10%" /> 1368 <col width="23%" /> 1369 <col width="17%" /> 1370 </colgroup><tbody><tr> 1371 <th>CVE</th> 1372 <th></th> 1373 <th> </th> 1374 <th> Google</th> 1375 <th> </th> 1376 </tr> 1377 <tr> 1378 <td>CVE-2017-0617</td> 1379 <td>A-34471002*<br /> 1380 M-ALPS03149173</td> 1381 <td></td> 1382 <td>**</td> 1383 <td>19 2017.</td> 1384 </tr> 1385 </tbody></table> 1386 1387 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1388 1389 <p>** Google Android7.1.1, .</p> 1390 1391 <h3 id="eop-in-mediatek-command-queue-driver"> MediaTek</h3> 1392 1393 <p> . , .</p> 1394 1395 <table> 1396 <colgroup><col width="19%" /> 1397 <col width="20%" /> 1398 <col width="10%" /> 1399 <col width="23%" /> 1400 <col width="17%" /> 1401 </colgroup><tbody><tr> 1402 <th>CVE</th> 1403 <th></th> 1404 <th> </th> 1405 <th> Google</th> 1406 <th> </th> 1407 </tr> 1408 <tr> 1409 <td>CVE-2017-0618</td> 1410 <td>A-35100728*<br /> 1411 M-ALPS03161536</td> 1412 <td></td> 1413 <td>**</td> 1414 <td>7 2017.</td> 1415 </tr> 1416 </tbody></table> 1417 1418 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1419 1420 <p>** Google Android7.1.1, .</p> 1421 1422 <h3 id="eop-in-qualcomm-pin-controller-driver"> Qualcomm</h3> 1423 1424 <p> . , .</p> 1425 1426 <table> 1427 <colgroup><col width="19%" /> 1428 <col width="20%" /> 1429 <col width="10%" /> 1430 <col width="23%" /> 1431 <col width="17%" /> 1432 </colgroup><tbody><tr> 1433 <th>CVE</th> 1434 <th></th> 1435 <th> </th> 1436 <th> Google</th> 1437 <th> </th> 1438 </tr> 1439 <tr> 1440 <td>CVE-2017-0619</td> 1441 <td>A-35401152<br /> 1442 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1"> 1443 QC-CR#826566</a></td> 1444 <td></td> 1445 <td>Nexus6, AndroidOne</td> 1446 <td>15 2017.</td> 1447 </tr> 1448 </tbody></table> 1449 1450 <h3 id="eop-in-qualcomm-secure-channel-manager-driver"> Qualcomm</h3> 1451 1452 <p> . , .</p> 1453 1454 <table> 1455 <colgroup><col width="19%" /> 1456 <col width="20%" /> 1457 <col width="10%" /> 1458 <col width="23%" /> 1459 <col width="17%" /> 1460 </colgroup><tbody><tr> 1461 <th>CVE</th> 1462 <th></th> 1463 <th> </th> 1464 <th> Google</th> 1465 <th> </th> 1466 </tr> 1467 <tr> 1468 <td>CVE-2017-0620</td> 1469 <td>A-35401052<br /> 1470 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed"> 1471 QC-CR#1081711</a></td> 1472 <td></td> 1473 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1474 <td>15 2017.</td> 1475 </tr> 1476 </tbody></table> 1477 1478 <h3 id="eop-in-qualcomm-sound-codec-driver"> Qualcomm</h3> 1479 1480 <p> . , .</p> 1481 1482 <table> 1483 <colgroup><col width="19%" /> 1484 <col width="20%" /> 1485 <col width="10%" /> 1486 <col width="23%" /> 1487 <col width="17%" /> 1488 </colgroup><tbody><tr> 1489 <th>CVE</th> 1490 <th></th> 1491 <th> </th> 1492 <th> Google</th> 1493 <th> </th> 1494 </tr> 1495 <tr> 1496 <td>CVE-2016-5862</td> 1497 <td>A-35399803<br /> 1498 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04"> 1499 QC-CR#1099607</a></td> 1500 <td></td> 1501 <td>Pixel, PixelXL</td> 1502 <td>15 2017.</td> 1503 </tr> 1504 </tbody></table> 1505 1506 <h3 id="eop-in-kernel-voltage-regulator-driver"> </h3> 1507 1508 <p> . , .</p> 1509 1510 <table> 1511 <colgroup><col width="19%" /> 1512 <col width="20%" /> 1513 <col width="10%" /> 1514 <col width="23%" /> 1515 <col width="17%" /> 1516 </colgroup><tbody><tr> 1517 <th>CVE</th> 1518 <th></th> 1519 <th> </th> 1520 <th> Google</th> 1521 <th> </th> 1522 </tr> 1523 <tr> 1524 <td>CVE-2014-9940</td> 1525 <td>A-35399757<br /> 1526 <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba"> 1527 Upstream kernel</a></td> 1528 <td></td> 1529 <td>Nexus6, Nexus9, PixelC, Android One, Nexus Player</td> 1530 <td>15 2017.</td> 1531 </tr> 1532 </tbody></table> 1533 1534 <h3 id="eop-in-qualcomm-camera-driver"> Qualcomm </h3> 1535 1536 <p> . , .</p> 1537 1538 <table> 1539 <colgroup><col width="19%" /> 1540 <col width="20%" /> 1541 <col width="10%" /> 1542 <col width="23%" /> 1543 <col width="17%" /> 1544 </colgroup><tbody><tr> 1545 <th>CVE</th> 1546 <th></th> 1547 <th> </th> 1548 <th> Google</th> 1549 <th> </th> 1550 </tr> 1551 <tr> 1552 <td>CVE-2017-0621</td> 1553 <td>A-35399703<br /> 1554 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f"> 1555 QC-CR#831322</a></td> 1556 <td></td> 1557 <td>Android One</td> 1558 <td>15 2017.</td> 1559 </tr> 1560 </tbody></table> 1561 1562 <h3 id="eop-in-qualcomm-networking-driver"> Qualcomm</h3> 1563 1564 <p> . , .</p> 1565 1566 <table> 1567 <colgroup><col width="19%" /> 1568 <col width="20%" /> 1569 <col width="10%" /> 1570 <col width="23%" /> 1571 <col width="17%" /> 1572 </colgroup><tbody><tr> 1573 <th>CVE</th> 1574 <th></th> 1575 <th> </th> 1576 <th> Google</th> 1577 <th> </th> 1578 </tr> 1579 <tr> 1580 <td>CVE-2016-5868</td> 1581 <td>A-35392791<br /> 1582 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c"> 1583 QC-CR#1104431</a></td> 1584 <td></td> 1585 <td>Nexus5X, Pixel, PixelXL</td> 1586 <td>15 2017.</td> 1587 </tr> 1588 </tbody></table> 1589 1590 <h3 id="eop-in-kernel-networking-subsystem"> </h3> 1591 1592 <p> . , .</p> 1593 1594 <table> 1595 <colgroup><col width="19%" /> 1596 <col width="20%" /> 1597 <col width="10%" /> 1598 <col width="23%" /> 1599 <col width="17%" /> 1600 </colgroup><tbody><tr> 1601 <th>CVE</th> 1602 <th></th> 1603 <th> </th> 1604 <th> Google</th> 1605 <th> </th> 1606 </tr> 1607 <tr> 1608 <td>CVE-2017-7184</td> 1609 <td>A-36565222<br /> 1610 <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> 1611 Upstream kernel</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> 1612 [2]</a></td> 1613 <td></td> 1614 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Pixel, PixelXL, Android One</td> 1615 <td>23 2017.</td> 1616 </tr> 1617 </tbody></table> 1618 1619 <h3 id="eop-in-goodix-touchscreen-driver"> Goodix</h3> 1620 1621 <p> . , .</p> 1622 1623 <table> 1624 <colgroup><col width="19%" /> 1625 <col width="20%" /> 1626 <col width="10%" /> 1627 <col width="23%" /> 1628 <col width="17%" /> 1629 </colgroup><tbody><tr> 1630 <th>CVE</th> 1631 <th></th> 1632 <th> </th> 1633 <th> Google</th> 1634 <th> </th> 1635 </tr> 1636 <tr> 1637 <td>CVE-2017-0622</td> 1638 <td>A-32749036<br /> 1639 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10"> 1640 QC-CR#1098602</a></td> 1641 <td></td> 1642 <td>Android One</td> 1643 <td> Google</td> 1644 </tr> 1645 </tbody></table> 1646 1647 <h3 id="eop-in-htc-bootloader"> HTC</h3> 1648 1649 <p> . , .</p> 1650 1651 <table> 1652 <colgroup><col width="19%" /> 1653 <col width="20%" /> 1654 <col width="10%" /> 1655 <col width="23%" /> 1656 <col width="17%" /> 1657 </colgroup><tbody><tr> 1658 <th>CVE</th> 1659 <th></th> 1660 <th> </th> 1661 <th> Google</th> 1662 <th> </th> 1663 </tr> 1664 <tr> 1665 <td>CVE-2017-0623</td> 1666 <td>A-32512358*<br /> 1667 </td> 1668 <td></td> 1669 <td>Pixel, PixelXL</td> 1670 <td> Google</td> 1671 </tr> 1672 </tbody></table> 1673 1674 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1675 1676 <h3 id="id-in-qualcomm-wi-fi-driver"> Wi-Fi- Qualcomm</h3> 1677 1678 <p> . - .</p> 1679 1680 <table> 1681 <colgroup><col width="19%" /> 1682 <col width="20%" /> 1683 <col width="10%" /> 1684 <col width="23%" /> 1685 <col width="17%" /> 1686 </colgroup><tbody><tr> 1687 <th>CVE</th> 1688 <th></th> 1689 <th> </th> 1690 <th> Google</th> 1691 <th> </th> 1692 </tr> 1693 <tr> 1694 <td>CVE-2017-0624</td> 1695 <td>A-34327795*<br /> 1696 QC-CR#2005832</td> 1697 <td></td> 1698 <td>Nexus5X, Pixel, PixelXL</td> 1699 <td>16 2017.</td> 1700 </tr> 1701 </tbody></table> 1702 1703 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1704 1705 <h3 id="id-in-mediatek-command-queue-driver"> MediaTek</h3> 1706 1707 <p> . - .</p> 1708 1709 <table> 1710 <colgroup><col width="19%" /> 1711 <col width="20%" /> 1712 <col width="10%" /> 1713 <col width="23%" /> 1714 <col width="17%" /> 1715 </colgroup><tbody><tr> 1716 <th>CVE</th> 1717 <th></th> 1718 <th> </th> 1719 <th> Google</th> 1720 <th> </th> 1721 </tr> 1722 <tr> 1723 <td>CVE-2017-0625</td> 1724 <td>A-35142799*<br /> 1725 M-ALPS03161531</td> 1726 <td></td> 1727 <td>**</td> 1728 <td>8 2017.</td> 1729 </tr> 1730 </tbody></table> 1731 1732 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1733 1734 <p>** Google Android7.1.1, .</p> 1735 1736 <h3 id="id-in-qualcomm-crypto-engine-driver"> Qualcomm </h3> 1737 1738 <p> . - .</p> 1739 1740 <table> 1741 <colgroup><col width="19%" /> 1742 <col width="20%" /> 1743 <col width="10%" /> 1744 <col width="23%" /> 1745 <col width="17%" /> 1746 </colgroup><tbody><tr> 1747 <th>CVE</th> 1748 <th></th> 1749 <th> </th> 1750 <th> Google</th> 1751 <th> </th> 1752 </tr> 1753 <tr> 1754 <td>CVE-2017-0626</td> 1755 <td>A-35393124<br /> 1756 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004"> 1757 QC-CR#1088050</a></td> 1758 <td></td> 1759 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 1760 <td>15 2017.</td> 1761 </tr> 1762 </tbody></table> 1763 1764 <h3 id="dos-in-qualcomm-wi-fi-driver"> Wi-Fi- Qualcomm</h3> 1765 1766 <p> Wi-Fi. , .</p> 1767 1768 <table> 1769 <colgroup><col width="19%" /> 1770 <col width="20%" /> 1771 <col width="10%" /> 1772 <col width="23%" /> 1773 <col width="17%" /> 1774 </colgroup><tbody><tr> 1775 <th>CVE</th> 1776 <th></th> 1777 <th> </th> 1778 <th> Google</th> 1779 <th> </th> 1780 </tr> 1781 <tr> 1782 <td>CVE-2016-10292</td> 1783 <td>A-34514463*<br /> 1784 QC-CR#1065466</td> 1785 <td></td> 1786 <td>Nexus5X, Pixel, PixelXL</td> 1787 <td>16 2016.</td> 1788 </tr> 1789 </tbody></table> 1790 1791 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1792 1793 <h3 id="id-in-kernel-uvc-driver"> UVC- </h3> 1794 1795 <p> . 1796 , .</p> 1797 1798 <table> 1799 <colgroup><col width="19%" /> 1800 <col width="20%" /> 1801 <col width="10%" /> 1802 <col width="23%" /> 1803 <col width="17%" /> 1804 </colgroup><tbody><tr> 1805 <th>CVE</th> 1806 <th></th> 1807 <th> </th> 1808 <th> Google</th> 1809 <th> </th> 1810 </tr> 1811 <tr> 1812 <td>CVE-2017-0627</td> 1813 <td>A-33300353*<br /> 1814 </td> 1815 <td></td> 1816 <td>Nexus5X, Nexus6P, Nexus9, PixelC, Nexus Player</td> 1817 <td>2 2016.</td> 1818 </tr> 1819 </tbody></table> 1820 1821 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 1822 1823 <h3 id="id-in-qualcomm-video-driver"> Qualcomm</h3> 1824 1825 <p> . , .</p> 1826 1827 <table> 1828 <colgroup><col width="19%" /> 1829 <col width="20%" /> 1830 <col width="10%" /> 1831 <col width="23%" /> 1832 <col width="17%" /> 1833 </colgroup><tbody><tr> 1834 <th>CVE</th> 1835 <th></th> 1836 <th> </th> 1837 <th> Google</th> 1838 <th> </th> 1839 </tr> 1840 <tr> 1841 <td>CVE-2016-10293</td> 1842 <td>A-33352393<br /> 1843 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f"> 1844 QC-CR#1101943</a></td> 1845 <td></td> 1846 <td>Nexus5X, Nexus6P, Android One</td> 1847 <td>4 2016.</td> 1848 </tr> 1849 </tbody></table> 1850 1851 <h3 id="id-in-qualcomm-power-driver-(device-specific)"> Qualcomm ( )</h3> 1852 1853 <p> . , .</p> 1854 1855 <table> 1856 <colgroup><col width="19%" /> 1857 <col width="20%" /> 1858 <col width="10%" /> 1859 <col width="23%" /> 1860 <col width="17%" /> 1861 </colgroup><tbody><tr> 1862 <th>CVE</th> 1863 <th></th> 1864 <th> </th> 1865 <th> Google</th> 1866 <th> </th> 1867 </tr> 1868 <tr> 1869 <td>CVE-2016-10294</td> 1870 <td>A-33621829<br /> 1871 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c"> 1872 QC-CR#1105481</a></td> 1873 <td></td> 1874 <td>Nexus5X, Nexus6P, Pixel, PixelXL</td> 1875 <td>14 2016.</td> 1876 </tr> 1877 </tbody></table> 1878 1879 <h3 id="id-in-qualcomm-led-driver"> LED- Qualcomm</h3> 1880 1881 <p> . 1882 , .</p> 1883 1884 <table> 1885 <colgroup><col width="19%" /> 1886 <col width="20%" /> 1887 <col width="10%" /> 1888 <col width="23%" /> 1889 <col width="17%" /> 1890 </colgroup><tbody><tr> 1891 <th>CVE</th> 1892 <th></th> 1893 <th> </th> 1894 <th> Google</th> 1895 <th> </th> 1896 </tr> 1897 <tr> 1898 <td>CVE-2016-10295</td> 1899 <td>A-33781694<br /> 1900 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9"> 1901 QC-CR#1109326</a></td> 1902 <td></td> 1903 <td>Pixel, PixelXL</td> 1904 <td>20 2016.</td> 1905 </tr> 1906 </tbody></table> 1907 1908 <h3 id="id-in-qualcomm-shared-memory-driver"> Qualcomm</h3> 1909 1910 <p> . , .</p> 1911 1912 <table> 1913 <colgroup><col width="19%" /> 1914 <col width="20%" /> 1915 <col width="10%" /> 1916 <col width="23%" /> 1917 <col width="17%" /> 1918 </colgroup><tbody><tr> 1919 <th>CVE</th> 1920 <th></th> 1921 <th> </th> 1922 <th> Google</th> 1923 <th> </th> 1924 </tr> 1925 <tr> 1926 <td>CVE-2016-10296</td> 1927 <td>A-33845464<br /> 1928 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> 1929 QC-CR#1109782</a></td> 1930 <td></td> 1931 <td>Nexus5X, Nexus6P, Pixel, PixelXL, Android One</td> 1932 <td>22 2016.</td> 1933 </tr> 1934 </tbody></table> 1935 1936 <h3 id="id-in-qualcomm-camera-driver"> Qualcomm </h3> 1937 1938 <p> . , .</p> 1939 1940 <table> 1941 <colgroup><col width="19%" /> 1942 <col width="20%" /> 1943 <col width="10%" /> 1944 <col width="23%" /> 1945 <col width="17%" /> 1946 </colgroup><tbody><tr> 1947 <th>CVE</th> 1948 <th></th> 1949 <th> </th> 1950 <th> Google</th> 1951 <th> </th> 1952 </tr> 1953 <tr> 1954 <td>CVE-2017-0628</td> 1955 <td>A-34230377<br /> 1956 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> 1957 QC-CR#1086833</a></td> 1958 <td></td> 1959 <td>Nexus5X, Nexus6, Pixel, PixelXL</td> 1960 <td>10 2017.</td> 1961 </tr> 1962 <tr> 1963 <td>CVE-2017-0629</td> 1964 <td>A-35214296<br /> 1965 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> 1966 QC-CR#1086833</a></td> 1967 <td></td> 1968 <td>Nexus5X, Nexus6, Pixel, PixelXL</td> 1969 <td>8 2017.</td> 1970 </tr> 1971 </tbody></table> 1972 1973 <h3 id="id-in-kernel-trace-subsystem"> </h3> 1974 1975 <p> . , .</p> 1976 1977 <table> 1978 <colgroup><col width="19%" /> 1979 <col width="20%" /> 1980 <col width="10%" /> 1981 <col width="23%" /> 1982 <col width="17%" /> 1983 </colgroup><tbody><tr> 1984 <th>CVE</th> 1985 <th></th> 1986 <th> </th> 1987 <th> Google</th> 1988 <th> </th> 1989 </tr> 1990 <tr> 1991 <td>CVE-2017-0630</td> 1992 <td>A-34277115*<br /> 1993 </td> 1994 <td></td> 1995 <td>Nexus5X, Nexus6, Nexus6P, Nexus9, Pixel, PixelXL, PixelC, Android One, Nexus Player</td> 1996 <td>11 2017.</td> 1997 </tr> 1998 </tbody></table> 1999 2000 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2001 2002 <h3 id="id-in-qualcomm-sound-codec-driver"> Qualcomm</h3> 2003 2004 <p> . , .</p> 2005 2006 <table> 2007 <colgroup><col width="19%" /> 2008 <col width="20%" /> 2009 <col width="10%" /> 2010 <col width="23%" /> 2011 <col width="17%" /> 2012 </colgroup><tbody><tr> 2013 <th>CVE</th> 2014 <th></th> 2015 <th> </th> 2016 <th> Google</th> 2017 <th> </th> 2018 </tr> 2019 <tr> 2020 <td>CVE-2016-5858</td> 2021 <td>A-35400153<br /> 2022 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> 2023 QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> 2024 [2]</a></td> 2025 <td></td> 2026 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 2027 <td>15 2017.</td> 2028 </tr> 2029 </tbody></table> 2030 2031 <h3 id="id-in-qualcomm-camera-driver-2"> Qualcomm </h3> 2032 2033 <p> . , .</p> 2034 2035 <table> 2036 <colgroup><col width="19%" /> 2037 <col width="20%" /> 2038 <col width="10%" /> 2039 <col width="23%" /> 2040 <col width="17%" /> 2041 </colgroup><tbody><tr> 2042 <th>CVE</th> 2043 <th></th> 2044 <th> </th> 2045 <th> Google</th> 2046 <th> </th> 2047 </tr> 2048 <tr> 2049 <td>CVE-2017-0631</td> 2050 <td>A-35399756<br /> 2051 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8"> 2052 QC-CR#1093232</a></td> 2053 <td></td> 2054 <td>Nexus5X, Nexus6P, Pixel, PixelXL, Android One</td> 2055 <td>15 2017.</td> 2056 </tr> 2057 </tbody></table> 2058 2059 <h3 id="id-in-qualcomm-sound-driver"> Qualcomm</h3> 2060 2061 <p> . , .</p> 2062 2063 <table> 2064 <colgroup><col width="19%" /> 2065 <col width="20%" /> 2066 <col width="10%" /> 2067 <col width="23%" /> 2068 <col width="17%" /> 2069 </colgroup><tbody><tr> 2070 <th>CVE</th> 2071 <th></th> 2072 <th> </th> 2073 <th> Google</th> 2074 <th> </th> 2075 </tr> 2076 <tr> 2077 <td>CVE-2016-5347</td> 2078 <td>A-35394329<br /> 2079 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6"> 2080 QC-CR#1100878</a></td> 2081 <td></td> 2082 <td>Nexus5X, Nexus6, Nexus6P, Pixel, PixelXL, Android One</td> 2083 <td>15 2017.</td> 2084 </tr> 2085 </tbody></table> 2086 2087 <h3 id="id-in-qualcomm-spcom-driver"> SPCom- Qualcomm</h3> 2088 2089 <p> . , .</p> 2090 2091 <table> 2092 <colgroup><col width="19%" /> 2093 <col width="20%" /> 2094 <col width="10%" /> 2095 <col width="23%" /> 2096 <col width="17%" /> 2097 </colgroup><tbody><tr> 2098 <th>CVE</th> 2099 <th></th> 2100 <th> </th> 2101 <th> Google</th> 2102 <th> </th> 2103 </tr> 2104 <tr> 2105 <td>CVE-2016-5854</td> 2106 <td>A-35392792<br /> 2107 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9"> 2108 QC-CR#1092683</a></td> 2109 <td></td> 2110 <td>*</td> 2111 <td>15 2017.</td> 2112 </tr> 2113 <tr> 2114 <td>CVE-2016-5855</td> 2115 <td>A-35393081<br /> 2116 <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834"> 2117 QC-CR#1094143</a></td> 2118 <td></td> 2119 <td>*</td> 2120 <td>15 2017.</td> 2121 </tr> 2122 </tbody></table> 2123 2124 <p>* Google Android7.1.1, .</p> 2125 2126 <h3 id="id-in-qualcomm-sound-codec-driver-2"> Qualcomm</h3> 2127 2128 <p> . , .</p> 2129 2130 <table> 2131 <colgroup><col width="19%" /> 2132 <col width="20%" /> 2133 <col width="10%" /> 2134 <col width="23%" /> 2135 <col width="17%" /> 2136 </colgroup><tbody><tr> 2137 <th>CVE</th> 2138 <th></th> 2139 <th> </th> 2140 <th> Google</th> 2141 <th> </th> 2142 </tr> 2143 <tr> 2144 <td>CVE-2017-0632</td> 2145 <td>A-35392586<br /> 2146 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f"> 2147 QC-CR#832915</a></td> 2148 <td></td> 2149 <td>Android One</td> 2150 <td>15 2017.</td> 2151 </tr> 2152 </tbody></table> 2153 2154 <h3 id="id-in-broadcom-wi-fi-driver"> Wi-Fi- Broadcom</h3> 2155 2156 <p> . , .</p> 2157 2158 <table> 2159 <colgroup><col width="19%" /> 2160 <col width="20%" /> 2161 <col width="10%" /> 2162 <col width="23%" /> 2163 <col width="17%" /> 2164 </colgroup><tbody><tr> 2165 <th>CVE</th> 2166 <th></th> 2167 <th> </th> 2168 <th> Google</th> 2169 <th> </th> 2170 </tr> 2171 <tr> 2172 <td>CVE-2017-0633</td> 2173 <td>A-36000515*<br /> 2174 B-RB#117131</td> 2175 <td></td> 2176 <td>Nexus6, Nexus6P, Nexus9, PixelC, Nexus Player</td> 2177 <td>23 2017.</td> 2178 </tr> 2179 </tbody></table> 2180 2181 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2182 2183 <h3 id="id-in-synaptics-touchscreen-driver"> Synaptics</h3> 2184 2185 <p> . , .</p> 2186 2187 <table> 2188 <colgroup><col width="19%" /> 2189 <col width="20%" /> 2190 <col width="10%" /> 2191 <col width="23%" /> 2192 <col width="17%" /> 2193 </colgroup><tbody><tr> 2194 <th>CVE</th> 2195 <th></th> 2196 <th> </th> 2197 <th> Google</th> 2198 <th> </th> 2199 </tr> 2200 <tr> 2201 <td>CVE-2017-0634</td> 2202 <td>A-32511682*<br /> 2203 </td> 2204 <td></td> 2205 <td>Pixel, PixelXL</td> 2206 <td> Google</td> 2207 </tr> 2208 </tbody></table> 2209 2210 <p>* . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2211 2212 <h3 id="vulnerabilities-in-qualcomm-components-2"> Qualcomm</h3> 2213 2214 <p> Qualcomm Qualcomm AMSS 20142016. Android, .</p> 2215 2216 <table> 2217 <colgroup><col width="19%" /> 2218 <col width="20%" /> 2219 <col width="10%" /> 2220 <col width="23%" /> 2221 <col width="17%" /> 2222 </colgroup><tbody><tr> 2223 <th>CVE</th> 2224 <th></th> 2225 <th> </th> 2226 <th> Google</th> 2227 <th> </th> 2228 </tr> 2229 <tr> 2230 <td>CVE-2014-9923</td> 2231 <td>A-35434045**<br /> 2232 QC-CR#403910</td> 2233 <td></td> 2234 <td>***</td> 2235 <td> Qualcomm</td> 2236 </tr> 2237 <tr> 2238 <td>CVE-2014-9924</td> 2239 <td>A-35434631**<br /> 2240 QC-CR#596102</td> 2241 <td></td> 2242 <td>***</td> 2243 <td> Qualcomm</td> 2244 </tr> 2245 <tr> 2246 <td>CVE-2014-9925</td> 2247 <td>A-35444657**<br /> 2248 QC-CR#638130</td> 2249 <td></td> 2250 <td>***</td> 2251 <td> Qualcomm</td> 2252 </tr> 2253 <tr> 2254 <td>CVE-2014-9926</td> 2255 <td>A-35433784**<br /> 2256 QC-CR#631527</td> 2257 <td></td> 2258 <td>***</td> 2259 <td> Qualcomm</td> 2260 </tr> 2261 <tr> 2262 <td>CVE-2014-9927</td> 2263 <td>A-35433785**<br /> 2264 QC-CR#661111</td> 2265 <td></td> 2266 <td>***</td> 2267 <td> Qualcomm</td> 2268 </tr> 2269 <tr> 2270 <td>CVE-2014-9928</td> 2271 <td>A-35438623**<br /> 2272 QC-CR#696972</td> 2273 <td></td> 2274 <td>***</td> 2275 <td> Qualcomm</td> 2276 </tr> 2277 <tr> 2278 <td>CVE-2014-9929</td> 2279 <td>A-35443954**<br /> 2280 QC-CR#644783</td> 2281 <td></td> 2282 <td>***</td> 2283 <td> Qualcomm</td> 2284 </tr> 2285 <tr> 2286 <td>CVE-2014-9930</td> 2287 <td>A-35432946**<br /> 2288 QC-CR#634637</td> 2289 <td></td> 2290 <td>***</td> 2291 <td> Qualcomm</td> 2292 </tr> 2293 <tr> 2294 <td>CVE-2015-9005</td> 2295 <td>A-36393500**<br /> 2296 QC-CR#741548</td> 2297 <td></td> 2298 <td>***</td> 2299 <td> Qualcomm</td> 2300 </tr> 2301 <tr> 2302 <td>CVE-2015-9006</td> 2303 <td>A-36393450**<br /> 2304 QC-CR#750559</td> 2305 <td></td> 2306 <td>***</td> 2307 <td> Qualcomm</td> 2308 </tr> 2309 <tr> 2310 <td>CVE-2015-9007</td> 2311 <td>A-36393700**<br /> 2312 QC-CR#807173</td> 2313 <td></td> 2314 <td>***</td> 2315 <td> Qualcomm</td> 2316 </tr> 2317 <tr> 2318 <td>CVE-2016-10297</td> 2319 <td>A-36393451**<br /> 2320 QC-CR#1061123</td> 2321 <td></td> 2322 <td>***</td> 2323 <td> Qualcomm</td> 2324 </tr> 2325 <tr> 2326 <td>CVE-2014-9941</td> 2327 <td>A-36385125**<br /> 2328 QC-CR#509915</td> 2329 <td></td> 2330 <td>***</td> 2331 <td> Qualcomm</td> 2332 </tr> 2333 <tr> 2334 <td>CVE-2014-9942</td> 2335 <td>A-36385319**<br /> 2336 QC-CR#533283</td> 2337 <td></td> 2338 <td>***</td> 2339 <td> Qualcomm</td> 2340 </tr> 2341 <tr> 2342 <td>CVE-2014-9943</td> 2343 <td>A-36385219**<br /> 2344 QC-CR#546527</td> 2345 <td></td> 2346 <td>***</td> 2347 <td> Qualcomm</td> 2348 </tr> 2349 <tr> 2350 <td>CVE-2014-9944</td> 2351 <td>A-36384534**<br /> 2352 QC-CR#613175</td> 2353 <td></td> 2354 <td>***</td> 2355 <td> Qualcomm</td> 2356 </tr> 2357 <tr> 2358 <td>CVE-2014-9945</td> 2359 <td>A-36386912**<br /> 2360 QC-CR#623452</td> 2361 <td></td> 2362 <td>***</td> 2363 <td> Qualcomm</td> 2364 </tr> 2365 <tr> 2366 <td>CVE-2014-9946</td> 2367 <td>A-36385281**<br /> 2368 QC-CR#520149</td> 2369 <td></td> 2370 <td>***</td> 2371 <td> Qualcomm</td> 2372 </tr> 2373 <tr> 2374 <td>CVE-2014-9947</td> 2375 <td>A-36392400**<br /> 2376 QC-CR#650540</td> 2377 <td></td> 2378 <td>***</td> 2379 <td> Qualcomm</td> 2380 </tr> 2381 <tr> 2382 <td>CVE-2014-9948</td> 2383 <td>A-36385126**<br /> 2384 QC-CR#650500</td> 2385 <td></td> 2386 <td>***</td> 2387 <td> Qualcomm</td> 2388 </tr> 2389 <tr> 2390 <td>CVE-2014-9949</td> 2391 <td>A-36390608**<br /> 2392 QC-CR#652426</td> 2393 <td></td> 2394 <td>***</td> 2395 <td> Qualcomm</td> 2396 </tr> 2397 <tr> 2398 <td>CVE-2014-9950</td> 2399 <td>A-36385321**<br /> 2400 QC-CR#655530</td> 2401 <td></td> 2402 <td>***</td> 2403 <td> Qualcomm</td> 2404 </tr> 2405 <tr> 2406 <td>CVE-2014-9951</td> 2407 <td>A-36389161**<br /> 2408 QC-CR#525043</td> 2409 <td></td> 2410 <td>***</td> 2411 <td> Qualcomm</td> 2412 </tr> 2413 <tr> 2414 <td>CVE-2014-9952</td> 2415 <td>A-36387019**<br /> 2416 QC-CR#674836</td> 2417 <td></td> 2418 <td>***</td> 2419 <td> Qualcomm</td> 2420 </tr> 2421 </tbody></table> 2422 2423 <p>* Qualcomm.</p> 2424 2425 <p>** . Nexus, <a href="https://developers.google.com/android/nexus/drivers"> </a>.</p> 2426 2427 <p>*** Google Android7.1.1, .</p> 2428 2429 <h2 id="common-questions-and-answers"> </h2> 2430 <p> , 2431 .</p> 2432 2433 <p><strong>1. , , ? 2434 </strong></p> 2435 2436 <p> , , <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> </a>.</p> 2437 2438 <ul> 2439 <li> 1 2017 , 2017-05-01.</li> 2440 <li> 5 2017 , 2017-05-05. 2441 </li> 2442 </ul> 2443 2444 <p> , , :</p> 2445 <ul> 2446 <li>[ro.build.version.security_patch]:[2017-05-01];</li> 2447 <li>[ro.build.version.security_patch]:[2017-05-05].</li> 2448 </ul> 2449 2450 <p><strong>2. ?</strong></p> 2451 2452 <p> , , Android. Android .</p> 2453 <ul> 2454 <li> 1 2017 , , .</li> 2455 <li> 5 2017 , .</li> 2456 </ul> 2457 2458 <p> .</p> 2459 2460 <p><strong>3. , Google ?</strong></p> 2461 2462 <p> <a href="#2017-05-01-details">2017-05-01</a> <a href="#2017-05-05-details">2017-05-05</a> <em> Google</em>. , .</p> 2463 <ul> 2464 <li><strong> .</strong> <em></em> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"> Google</a>: Nexus5X, Nexus6, Nexus6P, Nexus9, Android One, Nexus Player, PixelC, Pixel PixelXL.</li> 2465 <li><strong> .</strong> <em></em> , .</li> 2466 <li><strong>.</strong> Google.<em></em> </li> 2467 </ul> 2468 <p><strong>4. ""?</strong></p> 2469 2470 <p> <em></em>. , , :</p> 2471 2472 <table> 2473 <tbody><tr> 2474 <th></th> 2475 <th></th> 2476 </tr> 2477 <tr> 2478 <td>A-</td> 2479 <td> Android</td> 2480 </tr> 2481 <tr> 2482 <td>QC-</td> 2483 <td> Qualcomm</td> 2484 </tr> 2485 <tr> 2486 <td>M-</td> 2487 <td> MediaTek</td> 2488 </tr> 2489 <tr> 2490 <td>N-</td> 2491 <td> NVIDIA</td> 2492 </tr> 2493 <tr> 2494 <td>B-</td> 2495 <td> Broadcom</td> 2496 </tr> 2497 </tbody></table> 2498 <h2 id="revisions"></h2> 2499 <ul> 2500 <li>1 2017. .</li> 2501 <li>2 2017. AOSP.</li> 2502 </ul> 2503 2504 </body></html>
