1 <html devsite> 2 <head> 3 <title>Android - 2016 7 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2016 7 6 | 2016 7 14 </em></p> 27 <p>Android Android (OTA) Nexus <a href="https://developers.google.com/android/nexus/images">Google Developers </a> Nexus 2016 7 5 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a></p> 28 <p> 2016 6 6 Android (AOSP) AOSP </p> 29 30 <p></p> 31 <p> <a href="mitigations">Android Google </a> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 32 <p></p> 33 <h2 id="announcements"></h2> 34 <ul> 35 <li> Android Android <a href="#common-questions-and-answers"></a><ul> 36 <li><strong>2016-07-01</strong> 2016-07-01 37 <li><strong>2016-07-05</strong> 2016-07-01 2016-07-05 </li> 38 </li></ul> 39 </li> 40 <li> Nexus 2016 7 5 OTA </li> 41 </ul> 42 <h2 id="security_vulnerability_summary"></h2> 43 <p> CVE Nexus <a href="/security/overview/updates-resources.html#severity"></a></p> 44 45 <h3 id="2016-07-01_summary">2016-07-01 - </h3> 46 <p>2016-07-01</p> 47 48 <table> 49 <col width="55%"> 50 <col width="20%"> 51 <col width="13%"> 52 <col width="12%"> 53 <tr> 54 <th></th> 55 <th>CVE</th> 56 <th></th> 57 <th> Nexus </th> 58 </tr> 59 <tr> 60 <td>Mediaserver </td> 61 <td>CVE-2016-2506CVE-2016-2505CVE-2016-2507CVE-2016-2508CVE-2016-3741CVE-2016-3742CVE-2016-3743</td> 62 <td></td> 63 <td></td> 64 </tr> 65 <tr> 66 <td>OpenSSL BoringSSL </td> 67 <td>CVE-2016-2108</td> 68 <td></td> 69 <td></td> 70 </tr> 71 <tr> 72 <td></td> 73 <td>CVE-2016-3744</td> 74 <td></td> 75 <td></td> 76 </tr> 77 <tr> 78 <td>libpng </td> 79 <td>CVE-2016-3751</td> 80 <td></td> 81 <td></td> 82 </tr> 83 <tr> 84 <td>Mediaserver </td> 85 <td>CVE-2016-3745CVE-2016-3746CVE-2016-3747</td> 86 <td></td> 87 <td></td> 88 </tr> 89 <tr> 90 <td></td> 91 <td>CVE-2016-3748</td> 92 <td></td> 93 <td></td> 94 </tr> 95 <tr> 96 <td>LockSettingsService </td> 97 <td>CVE-2016-3749</td> 98 <td></td> 99 <td></td> 100 </tr> 101 <tr> 102 <td>Framework API </td> 103 <td>CVE-2016-3750</td> 104 <td></td> 105 <td></td> 106 </tr> 107 <tr> 108 <td>ChooserTarget </td> 109 <td>CVE-2016-3752</td> 110 <td></td> 111 <td></td> 112 </tr> 113 <tr> 114 <td>Mediaserver </td> 115 <td>CVE-2016-3753</td> 116 <td></td> 117 <td>*</td> 118 </tr> 119 <tr> 120 <td>OpenSSL </td> 121 <td>CVE-2016-2107</td> 122 <td></td> 123 <td>*</td> 124 </tr> 125 <tr> 126 <td>Mediaserver </td> 127 <td>CVE-2016-3754CVE-2016-3755CVE-2016-3756</td> 128 <td></td> 129 <td></td> 130 </tr> 131 <tr> 132 <td>libc </td> 133 <td>CVE-2016-3818</td> 134 <td></td> 135 <td>*</td> 136 </tr> 137 <tr> 138 <td>lsof </td> 139 <td>CVE-2016-3757</td> 140 <td></td> 141 <td></td> 142 </tr> 143 <tr> 144 <td>DexClassLoader </td> 145 <td>CVE-2016-3758</td> 146 <td></td> 147 <td></td> 148 </tr> 149 <tr> 150 <td>Framework API </td> 151 <td>CVE-2016-3759</td> 152 <td></td> 153 <td></td> 154 </tr> 155 <tr> 156 <td></td> 157 <td>CVE-2016-3760</td> 158 <td></td> 159 <td></td> 160 </tr> 161 <tr> 162 <td>NFC </td> 163 <td>CVE-2016-3761</td> 164 <td></td> 165 <td></td> 166 </tr> 167 <tr> 168 <td></td> 169 <td>CVE-2016-3762</td> 170 <td></td> 171 <td></td> 172 </tr> 173 <tr> 174 <td></td> 175 <td>CVE-2016-3763</td> 176 <td></td> 177 <td></td> 178 </tr> 179 <tr> 180 <td>Mediaserver </td> 181 <td>CVE-2016-3764CVE-2016-3765</td> 182 <td></td> 183 <td></td> 184 </tr> 185 <tr> 186 <td>Mediaserver </td> 187 <td>CVE-2016-3766</td> 188 <td></td> 189 <td></td> 190 </tr> 191 </table> 192 <p>* Nexus </p> 193 194 195 <h3 id="2016-07-05_summary">2016-07-05 - </h3> 196 <p>2016-07-05 2016-07-01 </p> 197 198 <table> 199 <col width="55%"> 200 <col width="20%"> 201 <col width="13%"> 202 <col width="12%"> 203 <tr> 204 <th></th> 205 <th>CVE</th> 206 <th></th> 207 <th> Nexus </th> 208 </tr> 209 <tr> 210 <td>Qualcomm GPU </td> 211 <td>CVE-2016-2503CVE-2016-2067</td> 212 <td></td> 213 <td></td> 214 </tr> 215 <tr> 216 <td>MediaTek WLAN </td> 217 <td>CVE-2016-3767</td> 218 <td></td> 219 <td></td> 220 </tr> 221 <tr> 222 <td>Qualcomm </td> 223 <td>CVE-2016-3768</td> 224 <td></td> 225 <td></td> 226 </tr> 227 <tr> 228 <td>NVIDIA </td> 229 <td>CVE-2016-3769</td> 230 <td></td> 231 <td></td> 232 </tr> 233 <tr> 234 <td>MediaTek </td> 235 <td>CVE-2016-3770CVE-2016-3771CVE-2016-3772CVE-2016-3773CVE-2016-3774</td> 236 <td></td> 237 <td></td> 238 </tr> 239 <tr> 240 <td></td> 241 <td>CVE-2016-3775</td> 242 <td></td> 243 <td></td> 244 </tr> 245 <tr> 246 <td>USB </td> 247 <td>CVE-2015-8816</td> 248 <td></td> 249 <td></td> 250 </tr> 251 <tr> 252 <td>Qualcomm </td> 253 <td>CVE-2014-9794CVE-2014-9795CVE-2015-8892CVE-2013-7457CVE-2014-9781CVE-2014-9786CVE-2014-9788CVE-2014-9779CVE-2014-9780CVE-2014-9789CVE-2014-9793CVE-2014-9782CVE-2014-9783CVE-2014-9785CVE-2014-9787CVE-2014-9784CVE-2014-9777CVE-2014-9778CVE-2014-9790CVE-2014-9792CVE-2014-9797CVE-2014-9791CVE-2014-9796CVE-2014-9800CVE-2014-9799CVE-2014-9801CVE-2014-9802CVE-2015-8891CVE-2015-8888CVE-2015-8889CVE-2015-8890</td> 254 <td></td> 255 <td></td> 256 </tr> 257 <tr> 258 <td>Qualcomm USB </td> 259 <td>CVE-2016-2502</td> 260 <td></td> 261 <td></td> 262 </tr> 263 <tr> 264 <td>Qualcomm WLAN </td> 265 <td>CVE-2016-3792</td> 266 <td></td> 267 <td></td> 268 </tr> 269 <tr> 270 <td>Qualcomm </td> 271 <td>CVE-2016-2501</td> 272 <td></td> 273 <td></td> 274 </tr> 275 <tr> 276 <td>NVIDIA </td> 277 <td>CVE-2016-3793</td> 278 <td></td> 279 <td></td> 280 </tr> 281 <tr> 282 <td>MediaTek </td> 283 <td>CVE-2016-3795CVE-2016-3796</td> 284 <td></td> 285 <td></td> 286 </tr> 287 <tr> 288 <td>Qualcomm WLAN </td> 289 <td>CVE-2016-3797</td> 290 <td></td> 291 <td></td> 292 </tr> 293 <tr> 294 <td>MediaTek </td> 295 <td>CVE-2016-3798</td> 296 <td></td> 297 <td></td> 298 </tr> 299 <tr> 300 <td>MediaTek </td> 301 <td>CVE-2016-3799CVE-2016-3800</td> 302 <td></td> 303 <td></td> 304 </tr> 305 <tr> 306 <td>MediaTek GPS </td> 307 <td>CVE-2016-3801</td> 308 <td></td> 309 <td></td> 310 </tr> 311 <tr> 312 <td></td> 313 <td>CVE-2016-3802CVE-2016-3803</td> 314 <td></td> 315 <td></td> 316 </tr> 317 <tr> 318 <td>MediaTek </td> 319 <td>CVE-2016-3804CVE-2016-3805</td> 320 <td></td> 321 <td></td> 322 </tr> 323 <tr> 324 <td>MediaTek </td> 325 <td>CVE-2016-3806</td> 326 <td></td> 327 <td></td> 328 </tr> 329 <tr> 330 <td></td> 331 <td>CVE-2016-3807CVE-2016-3808</td> 332 <td></td> 333 <td></td> 334 </tr> 335 <tr> 336 <td>Qualcomm </td> 337 <td>CVE-2016-2068</td> 338 <td></td> 339 <td></td> 340 </tr> 341 <tr> 342 <td></td> 343 <td>CVE-2014-9803</td> 344 <td></td> 345 <td></td> 346 </tr> 347 <tr> 348 <td></td> 349 <td>CVE-2016-3809</td> 350 <td></td> 351 <td></td> 352 </tr> 353 <tr> 354 <td>MediaTek WLAN </td> 355 <td>CVE-2016-3810</td> 356 <td></td> 357 <td></td> 358 </tr> 359 <tr> 360 <td></td> 361 <td>CVE-2016-3811</td> 362 <td></td> 363 <td></td> 364 </tr> 365 <tr> 366 <td>MediaTek </td> 367 <td>CVE-2016-3812</td> 368 <td></td> 369 <td></td> 370 </tr> 371 <tr> 372 <td>Qualcomm USB </td> 373 <td>CVE-2016-3813</td> 374 <td></td> 375 <td></td> 376 </tr> 377 <tr> 378 <td>NVIDIA </td> 379 <td>CVE-2016-3814CVE-2016-3815</td> 380 <td></td> 381 <td></td> 382 </tr> 383 <tr> 384 <td>MediaTek </td> 385 <td>CVE-2016-3816</td> 386 <td></td> 387 <td></td> 388 </tr> 389 <tr> 390 <td></td> 391 <td>CVE-2016-0723</td> 392 <td></td> 393 <td></td> 394 </tr> 395 <tr> 396 <td>Qualcomm </td> 397 <td>CVE-2014-9798CVE-2015-8893</td> 398 <td></td> 399 <td></td> 400 </tr> 401 </table> 402 403 <h2 id="mitigations">Android Google </h2> 404 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 405 <ul> 406 <li> Android Android Android</li> 407 <li>Android <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root </li> 408 <li> Google Messenger mediaserver </li> 409 </ul> 410 411 <h2 id="acknowledgements"></h2> 412 <p></p> 413 <ul> 414 <li>Google Chrome Abhishek AryaOliver Chang Martin BarbellaCVE-2016-3756CVE-2016-3741CVE-2016-3743CVE-2016-3742<li>Check Point Adam Donenfeld et al.CVE-2016-2503<li>Google Adam PowellCVE-2016-3752<li>Context Information Security Alex Chapman Paul StoneCVE-2016-3763<li><a href="https://www.e2e-assure.com/">e2e-assure</a> Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>)CVE-2016-2457<li>Google Project Zero Ben HawkesCVE-2016-3775<li><a href="http://c0reteam.org">C0RE </a> Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)Yuan-Tsung Lo (<a href="mailto:computernik (a] gmail.com">computernik (a] gmail.com</a>) Xuxian JiangCVE-2016-3770CVE-2016-3771CVE-2016-3772CVE-2016-3773CVE-2016-3774<li>Google Christopher TateCVE-2016-3759<li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-3762<li><a href="http://www.360.com"> 360 </a> IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>)CVE-2016-3806CVE-2016-3816CVE-2016-3805CVE-2016-3804CVE-2016-3767CVE-2016-3810CVE-2016-3795CVE-2016-3796<li>Google Android Greg KaiserCVE-2016-3758<li><a href="http://www.360.com"> 360 </a> Guang Gong(<a href="https://twitter.com/oldfresher">@oldfresher</a>)CVE-2016-3764<li><a href="http://www.360.com"> 360 </a> Hao Chen Guang GongCVE-2016-3792CVE-2016-3768<li><a href="http://www.cmcm.com"></a> Hao QinCVE-2016-3754CVE-2016-3766<li><a href="http://www.360.com"> 360 </a> IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>)CVE-2016-3814CVE-2016-3802CVE-2016-3769CVE-2016-3807CVE-2016-3808<li>Google Marco NelissenCVE-2016-3818<li>Google Project Zero Mark BrandCVE-2016-3757<li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2016-3750<li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3747CVE-2016-3746CVE-2016-3765<li> Peng XiaoChengming YangNing YouChao Yang Yang SsongCVE-2016-3800CVE-2016-3799CVE-2016-3801CVE-2016-3812CVE-2016-3798<li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-3793<li>Google Ricky WaiCVE-2016-3749<li>Roeland KrakCVE-2016-3753<li>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2016-3797CVE-2016-3813CVE-2016-3815CVE-2016-2501CVE-2016-2502<li>Vasily VasilevCVE-2016-2507<li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2016-2508CVE-2016-3755<li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>)CVE-2016-3809<li> Xiling GongCVE-2016-3745<li> TCA Yacong GuCVE-2016-3761<li> Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>)CVE-2016-2505<li> Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>)CVE-2016-2506<li> X-Lab Yulong Zhang Tao (Lenx) WeiCVE-2016-3744</li> 415 </li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 416 417 <h2 id="2016-07-01_details">2016-07-01 - </h2> 418 <p> <a href="#2016-07-01_summary">2016-07-01 - </a> CVE Nexus AOSP Bug ID AOSP Bug Bug ID </p> 419 420 <h3 id="remote-code-execution-vulnerability-in-mediaserver">Mediaserver </h3> 421 <p>Mediaserver Mediaserver Mediaserver </p> 422 <p></p> 423 424 <table> 425 <col width="19%"> 426 <col width="19%"> 427 <col width="10%"> 428 <col width="16%"> 429 <col width="17%"> 430 <col width="17%"> 431 <tr> 432 <th>CVE</th> 433 <th></th> 434 <th></th> 435 <th> Nexus </th> 436 <th> AOSP </th> 437 <th></th> 438 </tr> 439 <tr> 440 <td>CVE-2016-2506</td> 441 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/e248db02fbab2ee9162940bc19f087fd7d96cb9d">A-28175045</a></td> 442 <td></td> 443 <td><a href="#all_nexus"> Nexus </a></td> 444 <td>4.4.45.0.25.1.16.06.0.1</td> 445 <td>2016 4 11 </td> 446 </tr> 447 <tr> 448 <td>CVE-2016-2505</td> 449 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/4f236c532039a61f0cf681d2e3c6e022911bbb5c">A-28333006</a></td> 450 <td></td> 451 <td><a href="#all_nexus"> Nexus </a></td> 452 <td>6.06.0.1</td> 453 <td>2016 4 21 </td> 454 </tr> 455 <tr> 456 <td>CVE-2016-2507</td> 457 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/60547808ca4e9cfac50028c00c58a6ceb2319301">A-28532266</a></td> 458 <td></td> 459 <td><a href="#all_nexus"> Nexus </a></td> 460 <td>4.4.45.0.25.1.16.06.0.1</td> 461 <td>2016 5 2 </td> 462 </tr> 463 <tr> 464 <td>CVE-2016-2508</td> 465 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f">A-28799341</a>[<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>]</td> 466 <td></td> 467 <td><a href="#all_nexus"> Nexus </a></td> 468 <td>4.4.45.0.25.1.16.06.0.1</td> 469 <td>2016 5 16 </td> 470 </tr> 471 <tr> 472 <td>CVE-2016-3741</td> 473 <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795">A-28165661</a>[<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>]</td> 474 <td></td> 475 <td><a href="#all_nexus"> Nexus </a></td> 476 <td>6.06.0.1</td> 477 <td>Google </td> 478 </tr> 479 <tr> 480 <td>CVE-2016-3742</td> 481 <td><a href="https://android.googlesource.com/platform/external/libavc/+/a583270e1c96d307469c83dc42bd3c5f1b9ef63f">A-28165659</a> 482 </td> 483 <td></td> 484 <td><a href="#all_nexus"> Nexus </a></td> 485 <td>6.06.0.1</td> 486 <td>Google </td> 487 </tr> 488 <tr> 489 <td>CVE-2016-3743</td> 490 <td><a href="https://android.googlesource.com/platform/external/libavc/+/ecf6c7ce6d5a22d52160698aab44fc234c63291a">A-27907656</a> 491 </td> 492 <td></td> 493 <td><a href="#all_nexus"> Nexus </a></td> 494 <td>6.06.0.1</td> 495 <td>Google </td> 496 </tr> 497 </table> 498 499 500 <h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl">OpenSSL BoringSSL </h3> 501 <p>OpenSSL BoringSSL </p> 502 503 <table> 504 <col width="19%"> 505 <col width="16%"> 506 <col width="10%"> 507 <col width="19%"> 508 <col width="18%"> 509 <col width="16%"> 510 <tr> 511 <th>CVE</th> 512 <th></th> 513 <th></th> 514 <th> Nexus </th> 515 <th> AOSP </th> 516 <th></th> 517 </tr> 518 <tr> 519 <td>CVE-2016-2108</td> 520 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/74750e1fb24149043a533497f79c577b704d6e30">A-28175332</a> 521 </td> 522 <td></td> 523 <td><a href="#all_nexus"> Nexus </a></td> 524 <td>4.4.45.0.25.1.16.06.0.1</td> 525 <td>2016 5 3 </td> 526 </tr> 527 </table> 528 529 <h3 id="remote-code-execution-vulnerability-in-bluetooth"></h3> 530 <p></p> 531 532 <table> 533 <col width="19%"> 534 <col width="16%"> 535 <col width="10%"> 536 <col width="19%"> 537 <col width="18%"> 538 <col width="16%"> 539 <tr> 540 <th>CVE</th> 541 <th></th> 542 <th></th> 543 <th> Nexus </th> 544 <th> AOSP </th> 545 <th></th> 546 </tr> 547 <tr> 548 <td>CVE-2016-3744</td> 549 <td><a href="https://android.googlesource.com/platform/system/bt/+/514139f4b40cbb035bb92f3e24d5a389d75db9e6">A-27930580</a></td> 550 <td></td> 551 <td><a href="#all_nexus"> Nexus </a></td> 552 <td>4.4.45.0.25.1.16.06.0.1</td> 553 <td>2016 3 30 </td> 554 </tr> 555 </table> 556 557 <h3 id="elevation-of-privilege-vulnerability-in-libpng">libpng </h3> 558 <p>libpng <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> </p> 559 560 <table> 561 <col width="19%"> 562 <col width="16%"> 563 <col width="10%"> 564 <col width="19%"> 565 <col width="18%"> 566 <col width="16%"> 567 <tr> 568 <th>CVE</th> 569 <th></th> 570 <th></th> 571 <th> Nexus </th> 572 <th> AOSP </th> 573 <th></th> 574 </tr> 575 <tr> 576 <td>CVE-2016-3751</td> 577 <td><a href="https://android.googlesource.com/platform/external/libpng/+/9d4853418ab2f754c2b63e091c29c5529b8b86ca">A-23265085</a> 578 </td> 579 <td></td> 580 <td><a href="#all_nexus"> Nexus </a></td> 581 <td>4.4.45.0.25.1.16.06.0.1</td> 582 <td>2015 12 3 </td> 583 </tr> 584 </table> 585 586 <h3 id="elevation-of-privilege-vulnerability-in-mediaserver">Mediaserver </h3> 587 <p>Mediaserver <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> </p> 588 589 <table> 590 <col width="19%"> 591 <col width="16%"> 592 <col width="10%"> 593 <col width="19%"> 594 <col width="18%"> 595 <col width="16%"> 596 <tr> 597 <th>CVE</th> 598 <th></th> 599 <th></th> 600 <th> Nexus </th> 601 <th> AOSP </th> 602 <th></th> 603 </tr> 604 <tr> 605 <td>CVE-2016-3745</td> 606 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/073a80800f341325932c66818ce4302b312909a4">A-28173666</a> 607 </td> 608 <td></td> 609 <td><a href="#all_nexus"> Nexus </a></td> 610 <td>4.4.45.0.25.1.16.06.0.1</td> 611 <td>2016 4 10 </td> 612 </tr> 613 <tr> 614 <td>CVE-2016-3746</td> 615 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/5b82f4f90c3d531313714df4b936f92fb0ff15cf">A-27890802</a> 616 </td> 617 <td></td> 618 <td><a href="#all_nexus"> Nexus </a></td> 619 <td>4.4.45.0.25.1.16.06.0.1</td> 620 <td>2016 3 27 </td> 621 </tr> 622 <tr> 623 <td>CVE-2016-3747</td> 624 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/4ed06d14080d8667d5be14eed200e378cba78345">A-27903498</a> 625 </td> 626 <td></td> 627 <td><a href="#all_nexus"> Nexus </a></td> 628 <td>4.4.45.0.25.1.16.06.0.1</td> 629 <td>2016 3 28 </td> 630 </tr> 631 </table> 632 633 <h3 id="elevation-of-privilege-vulnerability-in-sockets"></h3> 634 <p></p> 635 636 <table> 637 <col width="19%"> 638 <col width="16%"> 639 <col width="10%"> 640 <col width="19%"> 641 <col width="18%"> 642 <col width="16%"> 643 <tr> 644 <th>CVE</th> 645 <th></th> 646 <th></th> 647 <th> Nexus </th> 648 <th> AOSP </th> 649 <th></th> 650 </tr> 651 <tr> 652 <td>CVE-2016-3748</td> 653 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/556bb0f55324e8839d7b735a0de9bc31028e839e">A-28171804</a> 654 </td> 655 <td></td> 656 <td><a href="#all_nexus"> Nexus </a></td> 657 <td>6.06.0.1</td> 658 <td>2016 4 13 </td> 659 </tr> 660 </table> 661 662 <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice">LockSettingsService </h3> 663 <p>LockSettingsService </p> 664 665 <table> 666 <col width="19%"> 667 <col width="16%"> 668 <col width="10%"> 669 <col width="19%"> 670 <col width="17%"> 671 <col width="17%"> 672 <tr> 673 <th>CVE</th> 674 <th></th> 675 <th></th> 676 <th> Nexus </th> 677 <th> AOSP </th> 678 <th></th> 679 </tr> 680 <tr> 681 <td>CVE-2016-3749</td> 682 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e83f0f6a5a6f35323f5367f99c8e287c440f33f5">A-28163930</a> 683 </td> 684 <td></td> 685 <td><a href="#all_nexus"> Nexus </a></td> 686 <td>6.06.0.1</td> 687 <td>Google </td> 688 </tr> 689 </table> 690 691 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis">Framework API </h3> 692 <p>Parcels Framework API </p> 693 694 <table> 695 <col width="19%"> 696 <col width="16%"> 697 <col width="10%"> 698 <col width="19%"> 699 <col width="17%"> 700 <col width="17%"> 701 <tr> 702 <th>CVE</th> 703 <th></th> 704 <th></th> 705 <th> Nexus </th> 706 <th> AOSP </th> 707 <th></th> 708 </tr> 709 <tr> 710 <td>CVE-2016-3750</td> 711 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/54cb02ad733fb71b1bdf78590428817fb780aff8">A-28395952</a> 712 </td> 713 <td></td> 714 <td><a href="#all_nexus"> Nexus </a></td> 715 <td>4.4.45.0.25.1.16.06.0.1</td> 716 <td>2015 12 16 </td> 717 </tr> 718 </table> 719 720 <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service">ChooserTarget </h3> 721 <p>ChooserTarget </p> 722 723 <table> 724 <col width="19%"> 725 <col width="16%"> 726 <col width="10%"> 727 <col width="19%"> 728 <col width="17%"> 729 <col width="17%"> 730 <tr> 731 <th>CVE</th> 732 <th></th> 733 <th></th> 734 <th> Nexus </th> 735 <th> AOSP </th> 736 <th></th> 737 </tr> 738 <tr> 739 <td>CVE-2016-3752</td> 740 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ddbf2db5b946be8fdc45c7b0327bf560b2a06988">A-28384423</a> 741 </td> 742 <td></td> 743 <td><a href="#all_nexus"> Nexus </a></td> 744 <td>6.06.0.1</td> 745 <td>Google </td> 746 </tr> 747 </table> 748 749 <h3 id="information-disclosure-vulnerability-in-mediaserver">Mediaserver </h3> 750 <p>Mediaserver </p> 751 752 <table> 753 <col width="19%"> 754 <col width="16%"> 755 <col width="10%"> 756 <col width="19%"> 757 <col width="18%"> 758 <col width="16%"> 759 <tr> 760 <th>CVE</th> 761 <th></th> 762 <th></th> 763 <th> Nexus </th> 764 <th> AOSP </th> 765 <th></th> 766 </tr> 767 <tr> 768 <td>CVE-2016-3753</td> 769 <td>A-27210135</td> 770 <td></td> 771 <td>*</td> 772 <td>4.4.4</td> 773 <td>2016 2 15 </td> 774 </tr> 775 </table> 776 <p>* Nexus </p> 777 778 <h3 id="information-disclosure-vulnerability-in-openssl">OpenSSL </h3> 779 <p>OpenSSL </p> 780 781 <table> 782 <col width="19%"> 783 <col width="16%"> 784 <col width="10%"> 785 <col width="19%"> 786 <col width="18%"> 787 <col width="16%"> 788 <tr> 789 <th>CVE</th> 790 <th></th> 791 <th></th> 792 <th> Nexus </th> 793 <th> AOSP </th> 794 <th></th> 795 </tr> 796 <tr> 797 <td>CVE-2016-2107</td> 798 <td>A-28550804</td> 799 <td></td> 800 <td>*</td> 801 <td>4.4.45.0.25.1.1</td> 802 <td>2016 4 13 </td> 803 </tr> 804 </table> 805 <p>* Nexus </p> 806 807 <h3 id="denial-of-service-vulnerability-in-mediaserver">Mediaserver </h3> 808 <p>Mediaserver </p> 809 810 <table> 811 <col width="19%"> 812 <col width="19%"> 813 <col width="10%"> 814 <col width="16%"> 815 <col width="17%"> 816 <col width="17%"> 817 <tr> 818 <th>CVE</th> 819 <th></th> 820 <th></th> 821 <th> Nexus </th> 822 <th> AOSP </th> 823 <th></th> 824 </tr> 825 <tr> 826 <td>CVE-2016-3754</td> 827 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e">A-28615448</a>[<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>]</td> 828 <td></td> 829 <td><a href="#all_nexus"> Nexus </a></td> 830 <td>4.4.45.0.25.1.16.06.0.1</td> 831 <td>2016 5 5 </td> 832 </tr> 833 <tr> 834 <td>CVE-2016-3755</td> 835 <td><a href="https://android.googlesource.com/platform/external/libavc/+/d4841f1161bdb5e13cb19e81af42437a634dd6ef">A-28470138</a> 836 </td> 837 <td></td> 838 <td><a href="#all_nexus"> Nexus </a></td> 839 <td>6.06.0.1</td> 840 <td>2016 4 29 </td> 841 </tr> 842 <tr> 843 <td>CVE-2016-3756</td> 844 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/659030a2e80c38fb8da0a4eb68695349eec6778b">A-28556125</a> 845 </td> 846 <td></td> 847 <td><a href="#all_nexus"> Nexus </a></td> 848 <td>4.4.45.0.25.1.16.06.0.1</td> 849 <td>Google </td> 850 </tr> 851 </table> 852 853 <h3 id="denial-of-service-vulnerability-in-libc">libc </h3> 854 <p>libc </p> 855 856 <table> 857 <col width="19%"> 858 <col width="16%"> 859 <col width="10%"> 860 <col width="19%"> 861 <col width="17%"> 862 <col width="17%"> 863 <tr> 864 <th>CVE</th> 865 <th></th> 866 <th></th> 867 <th> Nexus </th> 868 <th> AOSP </th> 869 <th></th> 870 </tr> 871 <tr> 872 <td>CVE-2016-3818</td> 873 <td>A-28740702</td> 874 <td></td> 875 <td>*</td> 876 <td>4.4.4</td> 877 <td>Google </td> 878 </tr> 879 </table> 880 <p>* Nexus </p> 881 882 <h3 id="elevation-of-privilege-vulnerability-in-lsof">lsof </h3> 883 <p>lsof </p> 884 885 <table> 886 <col width="19%"> 887 <col width="16%"> 888 <col width="10%"> 889 <col width="19%"> 890 <col width="18%"> 891 <col width="16%"> 892 <tr> 893 <th>CVE</th> 894 <th></th> 895 <th></th> 896 <th> Nexus </th> 897 <th> AOSP </th> 898 <th></th> 899 </tr> 900 <tr> 901 <td>CVE-2016-3757</td> 902 <td><a href="https://android.googlesource.com/platform/system/core/+/ae18eb014609948a40e22192b87b10efc680daa7">A-28175237</a> 903 </td> 904 <td></td> 905 <td><a href="#all_nexus"> Nexus </a></td> 906 <td>4.4.45.0.25.1.16.06.0.1</td> 907 <td>2016 4 11 </td> 908 </tr> 909 </table> 910 911 <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader">DexClassLoader </h3> 912 <p>DexClassLoader </p> 913 914 <table> 915 <col width="19%"> 916 <col width="16%"> 917 <col width="10%"> 918 <col width="19%"> 919 <col width="17%"> 920 <col width="17%"> 921 <tr> 922 <th>CVE</th> 923 <th></th> 924 <th></th> 925 <th> Nexus </th> 926 <th> AOSP </th> 927 <th></th> 928 </tr> 929 <tr> 930 <td>CVE-2016-3758</td> 931 <td><a href="https://android.googlesource.com/platform/dalvik/+/338aeaf28e9981c15d0673b18487dba61eb5447c">A-27840771</a> 932 </td> 933 <td></td> 934 <td><a href="#all_nexus"> Nexus </a></td> 935 <td>4.4.45.0.25.1.16.06.0.1</td> 936 <td>Google </td> 937 </tr> 938 </table> 939 940 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2">Framework API </h3> 941 <p>Framework API </p> 942 943 <table> 944 <col width="19%"> 945 <col width="16%"> 946 <col width="10%"> 947 <col width="19%"> 948 <col width="17%"> 949 <col width="17%"> 950 <tr> 951 <th>CVE</th> 952 <th></th> 953 <th></th> 954 <th> Nexus </th> 955 <th> AOSP </th> 956 <th></th> 957 </tr> 958 <tr> 959 <td>CVE-2016-3759</td> 960 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/9b8c6d2df35455ce9e67907edded1e4a2ecb9e28">A-28406080</a> 961 </td> 962 <td></td> 963 <td><a href="#all_nexus"> Nexus </a></td> 964 <td>5.0.25.1.16.06.0.1</td> 965 <td>Google </td> 966 </tr> 967 </table> 968 969 <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"></h3> 970 <p></p> 971 972 <table> 973 <col width="19%"> 974 <col width="16%"> 975 <col width="10%"> 976 <col width="19%"> 977 <col width="18%"> 978 <col width="16%"> 979 <tr> 980 <th>CVE</th> 981 <th></th> 982 <th></th> 983 <th> Nexus </th> 984 <th> AOSP </th> 985 <th></th> 986 </tr> 987 <tr> 988 <td>CVE-2016-3760</td> 989 <td><a href="https://android.googlesource.com/platform/hardware/libhardware/+/8b3d5a64c3c8d010ad4517f652731f09107ae9c5">A-27410683</a> 990 [<a href="https://android.googlesource.com/platform/system/bt/+/37c88107679d36c419572732b4af6e18bb2f7dce">2</a>] 991 [<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>]</td> 992 <td></td> 993 <td><a href="#all_nexus"> Nexus </a></td> 994 <td>5.0.25.1.16.06.0.1</td> 995 <td>2016 2 29 </td> 996 </tr> 997 </table> 998 999 <h3 id="elevation-of-privilege-vulnerability-in-nfc">NFC </h3> 1000 <p>NFC </p> 1001 1002 <table> 1003 <col width="19%"> 1004 <col width="16%"> 1005 <col width="10%"> 1006 <col width="19%"> 1007 <col width="18%"> 1008 <col width="16%"> 1009 <tr> 1010 <th>CVE</th> 1011 <th></th> 1012 <th></th> 1013 <th> Nexus </th> 1014 <th> AOSP </th> 1015 <th></th> 1016 </tr> 1017 <tr> 1018 <td>CVE-2016-3761</td> 1019 <td><a href="https://android.googlesource.com/platform/packages/apps/Nfc/+/9ea802b5456a36f1115549b645b65c791eff3c2c">A-28300969</a> 1020 </td> 1021 <td></td> 1022 <td><a href="#all_nexus"> Nexus </a></td> 1023 <td>4.4.45.0.25.1.16.06.0.1</td> 1024 <td>2016 4 20 </td> 1025 </tr> 1026 </table> 1027 1028 <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"></h3> 1029 <p></p> 1030 1031 <table> 1032 <col width="19%"> 1033 <col width="16%"> 1034 <col width="10%"> 1035 <col width="19%"> 1036 <col width="18%"> 1037 <col width="16%"> 1038 <tr> 1039 <th>CVE</th> 1040 <th></th> 1041 <th></th> 1042 <th> Nexus </th> 1043 <th> AOSP </th> 1044 <th></th> 1045 </tr> 1046 <tr> 1047 <td>CVE-2016-3762</td> 1048 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39">A-28612709</a> 1049 </td> 1050 <td></td> 1051 <td><a href="#all_nexus"> Nexus </a></td> 1052 <td>5.0.25.1.16.06.0.1</td> 1053 <td>2016 4 21 </td> 1054 </tr> 1055 </table> 1056 1057 <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> 1058 </h3> 1059 <p></p> 1060 1061 <table> 1062 <col width="19%"> 1063 <col width="16%"> 1064 <col width="10%"> 1065 <col width="19%"> 1066 <col width="18%"> 1067 <col width="16%"> 1068 <tr> 1069 <th>CVE</th> 1070 <th></th> 1071 <th></th> 1072 <th> Nexus </th> 1073 <th> AOSP </th> 1074 <th></th> 1075 </tr> 1076 <tr> 1077 <td>CVE-2016-3763</td> 1078 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ec2fc50d202d975447211012997fe425496c849c">A-27593919</a> 1079 </td> 1080 <td></td> 1081 <td><a href="#all_nexus"> Nexus </a></td> 1082 <td>4.4.45.0.25.1.16.06.0.1</td> 1083 <td>2016 3 10 </td> 1084 </tr> 1085 </table> 1086 1087 <h3 id="information-disclosure-vulnerability-in-mediaserver-2">Mediaserver </h3> 1088 <p>Mediaserver </p> 1089 1090 <table> 1091 <col width="19%"> 1092 <col width="16%"> 1093 <col width="10%"> 1094 <col width="19%"> 1095 <col width="18%"> 1096 <col width="16%"> 1097 <tr> 1098 <th>CVE</th> 1099 <th></th> 1100 <th></th> 1101 <th> Nexus </th> 1102 <th> AOSP </th> 1103 <th></th> 1104 </tr> 1105 <tr> 1106 <td>CVE-2016-3764</td> 1107 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/daef4327fe0c75b0a90bb8627458feec7a301e1f">A-28377502</a> 1108 </td> 1109 <td></td> 1110 <td><a href="#all_nexus"> Nexus </a></td> 1111 <td>4.4.45.0.25.1.16.06.0.1</td> 1112 <td>2016 4 25 </td> 1113 </tr> 1114 <tr> 1115 <td>CVE-2016-3765</td> 1116 <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/d1c775d1d8d2ed117d1e026719b7f9f089716597">A-28168413</a> 1117 </td> 1118 <td></td> 1119 <td><a href="#all_nexus"> Nexus </a></td> 1120 <td>6.06.0.1</td> 1121 <td>2016 4 8 </td> 1122 </tr> 1123 </table> 1124 1125 <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> 1126 Mediaserver </h3> 1127 <p>Mediaserver </p> 1128 1129 <table> 1130 <col width="19%"> 1131 <col width="16%"> 1132 <col width="10%"> 1133 <col width="19%"> 1134 <col width="18%"> 1135 <col width="16%"> 1136 <tr> 1137 <th>CVE</th> 1138 <th></th> 1139 <th></th> 1140 <th> Nexus </th> 1141 <th> AOSP </th> 1142 <th></th> 1143 </tr> 1144 <tr> 1145 <td>CVE-2016-3766</td> 1146 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e">A-28471206</a>[<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>]</td> 1147 <td></td> 1148 <td><a href="#all_nexus"> Nexus </a></td> 1149 <td>4.4.45.0.25.1.16.06.0.1</td> 1150 <td>2016 4 29 </td> 1151 </tr> 1152 </table> 1153 1154 <h2 id="2016-07-05_details">2016-07-05 - </h2> 1155 <p> <a href="2016-07-05_summary">2016-07-05 - </a> CVE Nexus AOSP Bug ID AOSP Bug Bug ID </p> 1156 1157 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> 1158 Qualcomm GPU </h3> 1159 <p>Qualcomm GPU </p> 1160 1161 <table> 1162 <col width="19%"> 1163 <col width="16%"> 1164 <col width="10%"> 1165 <col width="27%"> 1166 <col width="16%"> 1167 <tr> 1168 <th>CVE</th> 1169 <th></th> 1170 <th></th> 1171 <th> Nexus </th> 1172 <th></th> 1173 </tr> 1174 <tr> 1175 <td>CVE-2016-2503</td> 1176 <td>A-28084795* QC-CR1006067</td> 1177 <td></td> 1178 <td>Nexus 5XNexus 6P</td> 1179 <td>2016 4 5 </td> 1180 </tr> 1181 <tr> 1182 <td>CVE-2016-2067</td> 1183 <td>A-28305757 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/?id=410cfa95f0a1cf58819cbfbd896f9aa45b004ac0">QC-CR988993</a></td> 1184 <td></td> 1185 <td>Nexus 5XNexus 6Nexus 6P</td> 1186 <td>2016 4 20 </td> 1187 </tr> 1188 </table> 1189 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1190 1191 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> 1192 MediaTek WLAN </h3> 1193 <p>MediaTek WLAN </p> 1194 1195 <table> 1196 <col width="19%"> 1197 <col width="20%"> 1198 <col width="10%"> 1199 <col width="23%"> 1200 <col width="16%"> 1201 <tr> 1202 <th>CVE</th> 1203 <th></th> 1204 <th></th> 1205 <th> Nexus </th> 1206 <th></th> 1207 </tr> 1208 <tr> 1209 <td>CVE-2016-3767</td> 1210 <td>A-28169363*<br>M-ALPS02689526</td> 1211 <td></td> 1212 <td>Android One</td> 1213 <td>2016 4 6 </td> 1214 </tr> 1215 </table> 1216 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1217 1218 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> 1219 Qualcomm </h3> 1220 <p>Qualcomm </p> 1221 1222 <table> 1223 <col width="19%"> 1224 <col width="16%"> 1225 <col width="10%"> 1226 <col width="27%"> 1227 <col width="16%"> 1228 <tr> 1229 <th>CVE</th> 1230 <th></th> 1231 <th></th> 1232 <th> Nexus </th> 1233 <th></th> 1234 </tr> 1235 <tr> 1236 <td>CVE-2016-3768</td> 1237 <td>A-28172137* QC-CR1010644</td> 1238 <td></td> 1239 <td>Nexus 5Nexus 6Nexus 5XNexus 6PNexus 7 (2013)</td> 1240 <td>2016 4 9 </td> 1241 </tr> 1242 </table> 1243 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1244 1245 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> 1246 NVIDIA </h3> 1247 <p>NVIDIA </p> 1248 1249 <table> 1250 <col width="19%"> 1251 <col width="20%"> 1252 <col width="10%"> 1253 <col width="23%"> 1254 <col width="16%"> 1255 <tr> 1256 <th>CVE</th> 1257 <th></th> 1258 <th></th> 1259 <th> Nexus </th> 1260 <th></th> 1261 </tr> 1262 <tr> 1263 <td>CVE-2016-3769</td> 1264 <td>A-28376656*<br>N-CVE20163769</td> 1265 <td></td> 1266 <td>Nexus 9</td> 1267 <td>2016 4 18 </td> 1268 </tr> 1269 </table> 1270 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1271 1272 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific"> 1273 MediaTek </h3> 1274 <p> MediaTek </p> 1275 1276 <table> 1277 <col width="19%"> 1278 <col width="20%"> 1279 <col width="10%"> 1280 <col width="23%"> 1281 <col width="16%"> 1282 <tr> 1283 <th>CVE</th> 1284 <th></th> 1285 <th></th> 1286 <th> Nexus </th> 1287 <th></th> 1288 </tr> 1289 <tr> 1290 <td>CVE-2016-3770</td> 1291 <td>A-28346752*<br>M-ALPS02703102</td> 1292 <td></td> 1293 <td>Android One</td> 1294 <td>2016 4 22 </td> 1295 </tr> 1296 <tr> 1297 <td>CVE-2016-3771</td> 1298 <td>A-29007611*<br>M-ALPS02703102</td> 1299 <td></td> 1300 <td>Android One</td> 1301 <td>2016 4 22 </td> 1302 </tr> 1303 <tr> 1304 <td>CVE-2016-3772</td> 1305 <td>A-29008188*<br>M-ALPS02703102</td> 1306 <td></td> 1307 <td>Android One</td> 1308 <td>2016 4 22 </td> 1309 </tr> 1310 <tr> 1311 <td>CVE-2016-3773</td> 1312 <td>A-29008363*<br>M-ALPS02703102</td> 1313 <td></td> 1314 <td>Android One</td> 1315 <td>2016 4 22 </td> 1316 </tr> 1317 <tr> 1318 <td>CVE-2016-3774</td> 1319 <td>A-29008609*<br>M-ALPS02703102</td> 1320 <td></td> 1321 <td>Android One</td> 1322 <td>2016 4 22 </td> 1323 </tr> 1324 </table> 1325 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1326 1327 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> 1328 </h3> 1329 <p></p> 1330 1331 <table> 1332 <col width="19%"> 1333 <col width="16%"> 1334 <col width="10%"> 1335 <col width="27%"> 1336 <col width="16%"> 1337 <tr> 1338 <th>CVE</th> 1339 <th></th> 1340 <th></th> 1341 <th> Nexus </th> 1342 <th></th> 1343 </tr> 1344 <tr> 1345 <td>CVE-2016-3775</td> 1346 <td>A-28588279*</td> 1347 <td></td> 1348 <td>Nexus 5XNexus 6Nexus 6P Nexus PlayerPixel C</td> 1349 <td>2016 5 4 </td> 1350 </tr> 1351 </table> 1352 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1353 1354 <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> 1355 USB serena</h3> 1356 <p>USB </p> 1357 1358 <table> 1359 <col width="19%"> 1360 <col width="16%"> 1361 <col width="10%"> 1362 <col width="27%"> 1363 <col width="16%"> 1364 <tr> 1365 <th>CVE</th> 1366 <th></th> 1367 <th></th> 1368 <th> Nexus </th> 1369 <th></th> 1370 </tr> 1371 <tr> 1372 <td>CVE-2015-8816</td> 1373 <td>A-28712303*</td> 1374 <td></td> 1375 <td>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Nexus PlayerPixel C</td> 1376 <td>2016 5 4 </td> 1377 </tr> 1378 </table> 1379 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1380 1381 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> 1382 Qualcomm </h3> 1383 <p> Qualcomm </p> 1384 <p></p> 1385 1386 <table> 1387 <col width="19%"> 1388 <col width="20%"> 1389 <col width="10%"> 1390 <col width="23%"> 1391 <col width="16%"> 1392 <tr> 1393 <th>CVE</th> 1394 <th></th> 1395 <th>*</th> 1396 <th> Nexus </th> 1397 <th></th> 1398 </tr> 1399 <tr> 1400 <td>CVE-2014-9795</td> 1401 <td>A-28820720<br> 1402 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> 1403 [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] 1404 </td> 1405 <td></td> 1406 <td>Nexus 5</td> 1407 <td>2014 8 8 </td> 1408 </tr> 1409 <tr> 1410 <td>CVE-2014-9794</td> 1411 <td>A-28821172<br> 1412 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> 1413 </td> 1414 <td></td> 1415 <td>Nexus 7 (2013)</td> 1416 <td>2014 8 8 </td> 1417 </tr> 1418 <tr> 1419 <td>CVE-2015-8892</td> 1420 <td>A-28822807<br> 1421 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> 1422 </td> 1423 <td></td> 1424 <td>Nexus 5XNexus 6P</td> 1425 <td>2015 12 30 </td> 1426 </tr> 1427 <tr> 1428 <td>CVE-2014-9781</td> 1429 <td>A-28410333<br> 1430 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> 1431 </td> 1432 <td></td> 1433 <td>Nexus 7 (2013)</td> 1434 <td>2014 2 6 </td> 1435 </tr> 1436 <tr> 1437 <td>CVE-2014-9786</td> 1438 <td>A-28557260<br> 1439 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> 1440 <td></td> 1441 <td>Nexus 5Nexus 7 (2013)</td> 1442 <td>2014 3 13 </td> 1443 </tr> 1444 <tr> 1445 <td>CVE-2014-9788</td> 1446 <td>A-28573112<br> 1447 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> 1448 <td></td> 1449 <td>Nexus 5</td> 1450 <td>2014 3 13 </td> 1451 </tr> 1452 <tr> 1453 <td>CVE-2014-9779</td> 1454 <td>A-28598347<br> 1455 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> 1456 <td></td> 1457 <td>Nexus 5</td> 1458 <td>2014 3 13 </td> 1459 </tr> 1460 <tr> 1461 <td>CVE-2014-9780</td> 1462 <td>A-28602014<br> 1463 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> 1464 <td></td> 1465 <td>Nexus 5Nexus 5XNexus 6P</td> 1466 <td>2014 3 13 </td> 1467 </tr> 1468 <tr> 1469 <td>CVE-2014-9789</td> 1470 <td>A-28749392<br> 1471 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> 1472 <td></td> 1473 <td>Nexus 5</td> 1474 <td>2014 3 13 </td> 1475 </tr> 1476 <tr> 1477 <td>CVE-2014-9793</td> 1478 <td>A-28821253<br> 1479 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> 1480 <td></td> 1481 <td>Nexus 7 (2013)</td> 1482 <td>2014 3 13 </td> 1483 </tr> 1484 <tr> 1485 <td>CVE-2014-9782</td> 1486 <td>A-28431531<br> 1487 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> 1488 <td></td> 1489 <td>Nexus 5Nexus 7 (2013)</td> 1490 <td>2014 3 31 </td> 1491 </tr> 1492 <tr> 1493 <td>CVE-2014-9783</td> 1494 <td>A-28441831<br> 1495 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> 1496 <td></td> 1497 <td>Nexus 7 (2013)</td> 1498 <td>2014 3 31 </td> 1499 </tr> 1500 <tr> 1501 <td>CVE-2014-9785</td> 1502 <td>A-28469042<br> 1503 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> 1504 <td></td> 1505 <td>Nexus 7 (2013)</td> 1506 <td>2014 3 31 </td> 1507 </tr> 1508 <tr> 1509 <td>CVE-2014-9787</td> 1510 <td>A-28571496<br> 1511 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> 1512 <td></td> 1513 <td>Nexus 7 (2013)</td> 1514 <td>2014 3 31 </td> 1515 </tr> 1516 <tr> 1517 <td>CVE-2014-9784</td> 1518 <td>A-28442449<br> 1519 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> 1520 <td></td> 1521 <td>Nexus 5Nexus 7 (2013)</td> 1522 <td>2014 4 30 </td> 1523 </tr> 1524 <tr> 1525 <td>CVE-2014-9777</td> 1526 <td>A-28598501<br> 1527 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> 1528 <td></td> 1529 <td>Nexus 5Nexus 7 (2013)</td> 1530 <td>2014 4 30 </td> 1531 </tr> 1532 <tr> 1533 <td>CVE-2014-9778</td> 1534 <td>A-28598515<br> 1535 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> 1536 <td></td> 1537 <td>Nexus 5Nexus 7 (2013)</td> 1538 <td>2014 4 30 </td> 1539 </tr> 1540 <tr> 1541 <td>CVE-2014-9790</td> 1542 <td>A-28769136<br> 1543 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a>[<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> 1544 <td></td> 1545 <td>Nexus 5Nexus 7 (2013)</td> 1546 <td>2014 4 30 </td> 1547 </tr> 1548 <tr> 1549 <td>CVE-2014-9792</td> 1550 <td>A-28769399<br> 1551 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> 1552 <td></td> 1553 <td>Nexus 5</td> 1554 <td>2014 4 30 </td> 1555 </tr> 1556 <tr> 1557 <td>CVE-2014-9797</td> 1558 <td>A-28821090<br> 1559 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> 1560 <td></td> 1561 <td>Nexus 5</td> 1562 <td>2014 7 3 </td> 1563 </tr> 1564 <tr> 1565 <td>CVE-2014-9791</td> 1566 <td>A-28803396<br> 1567 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> 1568 <td></td> 1569 <td>Nexus 7 (2013)</td> 1570 <td>2014 8 29 </td> 1571 </tr> 1572 <tr> 1573 <td>CVE-2014-9796</td> 1574 <td>A-28820722<br> 1575 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> 1576 <td></td> 1577 <td>Nexus 5Nexus 7 (2013)</td> 1578 <td>2014 9 30 </td> 1579 </tr> 1580 <tr> 1581 <td>CVE-2014-9800</td> 1582 <td>A-28822150<br> 1583 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> 1584 <td></td> 1585 <td>Nexus 5Nexus 7 (2013)</td> 1586 <td>2014 10 31 </td> 1587 </tr> 1588 <tr> 1589 <td>CVE-2014-9799</td> 1590 <td>A-28821731<br> 1591 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> 1592 <td></td> 1593 <td>Nexus 5Nexus 7 (2013)</td> 1594 <td>2014 10 31 </td> 1595 </tr> 1596 <tr> 1597 <td>CVE-2014-9801</td> 1598 <td>A-28822060<br> 1599 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> 1600 <td></td> 1601 <td>Nexus 5</td> 1602 <td>2014 11 28 </td> 1603 </tr> 1604 <tr> 1605 <td>CVE-2014-9802</td> 1606 <td>A-28821965<br> 1607 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> 1608 <td></td> 1609 <td>Nexus 5Nexus 7 (2013)</td> 1610 <td>2014 12 31 </td> 1611 </tr> 1612 <tr> 1613 <td>CVE-2015-8891</td> 1614 <td>A-28842418<br> 1615 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> 1616 <td></td> 1617 <td>Nexus 5Nexus 7 (2013)</td> 1618 <td>2015 5 29 </td> 1619 </tr> 1620 <tr> 1621 <td>CVE-2015-8888</td> 1622 <td>A-28822465<br> 1623 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> 1624 <td></td> 1625 <td>Nexus 5</td> 1626 <td>2015 6 30 </td> 1627 </tr> 1628 <tr> 1629 <td>CVE-2015-8889</td> 1630 <td>A-28822677<br> 1631 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> 1632 <td></td> 1633 <td>Nexus 6P</td> 1634 <td>2015 6 30 </td> 1635 </tr> 1636 <tr> 1637 <td>CVE-2015-8890</td> 1638 <td>A-28822878<br> 1639 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> 1640 <td></td> 1641 <td>Nexus 5Nexus 7 (2013)</td> 1642 <td>2015 8 19 </td> 1643 </tr> 1644 </table> 1645 <p> 1646 * Qualcomm </p> 1647 1648 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> 1649 Qualcomm USB </h3> 1650 <p>Qualcomm USB </p> 1651 1652 <table> 1653 <col width="19%"> 1654 <col width="16%"> 1655 <col width="10%"> 1656 <col width="27%"> 1657 <col width="16%"> 1658 <tr> 1659 <th>CVE</th> 1660 <th></th> 1661 <th></th> 1662 <th> Nexus </th> 1663 <th></th> 1664 </tr> 1665 <tr> 1666 <td>CVE-2016-2502</td> 1667 <td>A-27657963 1668 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=0bc45d7712eabe315ce8299a49d16433c3801156">QC-CR997044</a></td> 1669 <td></td> 1670 <td>Nexus 5XNexus 6P</td> 1671 <td>2016 3 11 </td> 1672 </tr> 1673 </table> 1674 1675 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> 1676 Qualcomm WLAN </h3> 1677 <p>Qualcomm WLAN </p> 1678 1679 <table> 1680 <col width="19%"> 1681 <col width="16%"> 1682 <col width="10%"> 1683 <col width="27%"> 1684 <col width="16%"> 1685 <tr> 1686 <th>CVE</th> 1687 <th></th> 1688 <th></th> 1689 <th> Nexus </th> 1690 <th></th> 1691 </tr> 1692 <tr> 1693 <td>CVE-2016-3792</td> 1694 <td>A-27725204 1695 <a href="https://us.codeaurora.org/cgit/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=28d4f0c1f712bffb4aa5b47f06e97d5a9fa06d29">QC-CR561022</a></td> 1696 <td></td> 1697 <td>Nexus 7 (2013)</td> 1698 <td>2016 3 17 </td> 1699 </tr> 1700 </table> 1701 1702 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> 1703 Qualcomm </h3> 1704 <p>Qualcomm </p> 1705 1706 <table> 1707 <col width="19%"> 1708 <col width="16%"> 1709 <col width="10%"> 1710 <col width="27%"> 1711 <col width="16%"> 1712 <tr> 1713 <th>CVE</th> 1714 <th></th> 1715 <th></th> 1716 <th> Nexus </th> 1717 <th></th> 1718 </tr> 1719 <tr> 1720 <td>CVE-2016-2501</td> 1721 <td>A-27890772* 1722 QC-CR1001092</td> 1723 <td></td> 1724 <td>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)</td> 1725 <td>2016 3 27 </td> 1726 </tr> 1727 </table> 1728 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1729 1730 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> 1731 NVIDIA </h3> 1732 <p>NVIDIA </p> 1733 1734 <table> 1735 <col width="19%"> 1736 <col width="20%"> 1737 <col width="10%"> 1738 <col width="23%"> 1739 <col width="16%"> 1740 <tr> 1741 <th>CVE</th> 1742 <th></th> 1743 <th></th> 1744 <th> Nexus </th> 1745 <th></th> 1746 </tr> 1747 <tr> 1748 <td>CVE-2016-3793</td> 1749 <td>A-28026625*<br> 1750 N-CVE20163793</td> 1751 <td></td> 1752 <td>Nexus 9</td> 1753 <td>2016 4 5 </td> 1754 </tr> 1755 </table> 1756 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1757 1758 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> 1759 MediaTek </h3> 1760 <p>MediaTek </p> 1761 1762 <table> 1763 <col width="19%"> 1764 <col width="20%"> 1765 <col width="10%"> 1766 <col width="23%"> 1767 <col width="16%"> 1768 <tr> 1769 <th>CVE</th> 1770 <th></th> 1771 <th></th> 1772 <th> Nexus </th> 1773 <th></th> 1774 </tr> 1775 <tr> 1776 <td>CVE-2016-3795</td> 1777 <td>A-28085222*<br>M-ALPS02677244</td> 1778 <td></td> 1779 <td>Android One</td> 1780 <td>2016 4 7 </td> 1781 </tr> 1782 <tr> 1783 <td>CVE-2016-3796</td> 1784 <td>A-29008443*<br>M-ALPS02677244</td> 1785 <td></td> 1786 <td>Android One</td> 1787 <td>2016 4 7 </td> 1788 </tr> 1789 </table> 1790 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1791 1792 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> 1793 Qualcomm WLAN </h3> 1794 <p>Qualcomm WLAN </p> 1795 1796 <table> 1797 <col width="19%"> 1798 <col width="16%"> 1799 <col width="10%"> 1800 <col width="27%"> 1801 <col width="16%"> 1802 <tr> 1803 <th>CVE</th> 1804 <th></th> 1805 <th></th> 1806 <th> Nexus </th> 1807 <th></th> 1808 </tr> 1809 <tr> 1810 <td>CVE-2016-3797</td> 1811 <td>A-28085680* 1812 QC-CR1001450</td> 1813 <td></td> 1814 <td>Nexus 5X</td> 1815 <td>2016 4 7 </td> 1816 </tr> 1817 </table> 1818 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1819 1820 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> 1821 MediaTek </h3> 1822 <p>MediaTek </p> 1823 1824 <table> 1825 <col width="19%"> 1826 <col width="20%"> 1827 <col width="10%"> 1828 <col width="23%"> 1829 <col width="16%"> 1830 <tr> 1831 <th>CVE</th> 1832 <th></th> 1833 <th></th> 1834 <th> Nexus </th> 1835 <th></th> 1836 </tr> 1837 <tr> 1838 <td>CVE-2016-3798</td> 1839 <td>A-28174490*<br> 1840 M-ALPS02703105</td> 1841 <td></td> 1842 <td>Android One</td> 1843 <td>2016 4 11 </td> 1844 </tr> 1845 </table> 1846 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1847 1848 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> 1849 MediaTek </h3> 1850 <p>MediaTek </p> 1851 1852 <table> 1853 <col width="19%"> 1854 <col width="20%"> 1855 <col width="10%"> 1856 <col width="23%"> 1857 <col width="16%"> 1858 <tr> 1859 <th>CVE</th> 1860 <th></th> 1861 <th></th> 1862 <th> Nexus </th> 1863 <th></th> 1864 </tr> 1865 <tr> 1866 <td>CVE-2016-3799</td> 1867 <td>A-28175025*<br> 1868 M-ALPS02693738</td> 1869 <td></td> 1870 <td>Android One</td> 1871 <td>2016 4 11 </td> 1872 </tr> 1873 <tr> 1874 <td>CVE-2016-3800</td> 1875 <td>A-28175027*<br> 1876 M-ALPS02693739</td> 1877 <td></td> 1878 <td>Android One</td> 1879 <td>2016 4 11 </td> 1880 </tr> 1881 </table> 1882 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1883 1884 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> 1885 MediaTek GPS </h3> 1886 <p>MediaTek GPS </p> 1887 1888 <table> 1889 <col width="19%"> 1890 <col width="20%"> 1891 <col width="10%"> 1892 <col width="23%"> 1893 <col width="16%"> 1894 <tr> 1895 <th>CVE</th> 1896 <th></th> 1897 <th></th> 1898 <th> Nexus </th> 1899 <th></th> 1900 </tr> 1901 <tr> 1902 <td>CVE-2016-3801</td> 1903 <td>A-28174914*<br> 1904 M-ALPS02688853</td> 1905 <td></td> 1906 <td>Android One</td> 1907 <td>2016 4 11 </td> 1908 </tr> 1909 </table> 1910 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1911 1912 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> 1913 </h3> 1914 <p></p> 1915 1916 <table> 1917 <col width="19%"> 1918 <col width="16%"> 1919 <col width="10%"> 1920 <col width="27%"> 1921 <col width="16%"> 1922 <tr> 1923 <th>CVE</th> 1924 <th></th> 1925 <th></th> 1926 <th> Nexus </th> 1927 <th></th> 1928 </tr> 1929 <tr> 1930 <td>CVE-2016-3802</td> 1931 <td>A-28271368*</td> 1932 <td></td> 1933 <td>Nexus 9</td> 1934 <td>2016 4 19 </td> 1935 </tr> 1936 <tr> 1937 <td>CVE-2016-3803</td> 1938 <td>A-28588434*</td> 1939 <td></td> 1940 <td>Nexus 5XNexus 6P</td> 1941 <td>2016 5 4 </td> 1942 </tr> 1943 </table> 1944 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1945 1946 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> 1947 MediaTek </h3> 1948 <p>MediaTek </p> 1949 1950 <table> 1951 <col width="19%"> 1952 <col width="20%"> 1953 <col width="10%"> 1954 <col width="23%"> 1955 <col width="16%"> 1956 <tr> 1957 <th>CVE</th> 1958 <th></th> 1959 <th></th> 1960 <th> Nexus </th> 1961 <th></th> 1962 </tr> 1963 <tr> 1964 <td>CVE-2016-3804</td> 1965 <td>A-28332766*<br> 1966 M-ALPS02694410</td> 1967 <td></td> 1968 <td>Android One</td> 1969 <td>2016 4 20 </td> 1970 </tr> 1971 <tr> 1972 <td>CVE-2016-3805</td> 1973 <td>A-28333002*<br> 1974 M-ALPS02694412</td> 1975 <td></td> 1976 <td>Android One</td> 1977 <td>2016 4 21 </td> 1978 </tr> 1979 </table> 1980 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1981 1982 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> 1983 MediaTek </h3> 1984 <p>MediaTek </p> 1985 1986 <table> 1987 <col width="19%"> 1988 <col width="20%"> 1989 <col width="10%"> 1990 <col width="23%"> 1991 <col width="16%"> 1992 <tr> 1993 <th>CVE</th> 1994 <th></th> 1995 <th></th> 1996 <th> Nexus </th> 1997 <th></th> 1998 </tr> 1999 <tr> 2000 <td>CVE-2016-3806</td> 2001 <td>A-28402341*<br> 2002 M-ALPS02715341</td> 2003 <td></td> 2004 <td>Android One</td> 2005 <td>2016 4 26 </td> 2006 </tr> 2007 </table> 2008 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2009 2010 <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> 2011 </h3> 2012 <p></p> 2013 2014 <table> 2015 <col width="19%"> 2016 <col width="16%"> 2017 <col width="10%"> 2018 <col width="27%"> 2019 <col width="16%"> 2020 <tr> 2021 <th>CVE</th> 2022 <th></th> 2023 <th></th> 2024 <th> Nexus </th> 2025 <th></th> 2026 </tr> 2027 <tr> 2028 <td>CVE-2016-3807</td> 2029 <td>A-28402196*</td> 2030 <td></td> 2031 <td>Nexus 5XNexus 6P</td> 2032 <td>2016 4 26 </td> 2033 </tr> 2034 <tr> 2035 <td>CVE-2016-3808</td> 2036 <td>A-28430009*</td> 2037 <td></td> 2038 <td>Pixel C</td> 2039 <td>2016 4 26 </td> 2040 </tr> 2041 </table> 2042 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2043 2044 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> 2045 Qualcomm </h3> 2046 <p>Qualcomm </p> 2047 2048 <table> 2049 <col width="19%"> 2050 <col width="16%"> 2051 <col width="10%"> 2052 <col width="27%"> 2053 <col width="16%"> 2054 <tr> 2055 <th>CVE</th> 2056 <th></th> 2057 <th></th> 2058 <th> Nexus </th> 2059 <th></th> 2060 </tr> 2061 <tr> 2062 <td>CVE-2016-2068</td> 2063 <td>A-28470967 2064 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> 2065 <td></td> 2066 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 2067 <td>2016 4 28 </td> 2068 </tr> 2069 </table> 2070 2071 <h3 id="elevation-of-privilege-vulnerability-in-kernel"></h3> 2072 <p></p> 2073 2074 <table> 2075 <col width="19%"> 2076 <col width="20%"> 2077 <col width="10%"> 2078 <col width="23%"> 2079 <col width="16%"> 2080 <tr> 2081 <th>CVE</th> 2082 <th></th> 2083 <th></th> 2084 <th> Nexus </th> 2085 <th></th> 2086 </tr> 2087 <tr> 2088 <td>CVE-2014-9803</td> 2089 <td>A-28557020<br> 2090 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> 2091 </a></td> 2092 <td></td> 2093 <td>Nexus 5XNexus 6P</td> 2094 <td>Google </td> 2095 </tr> 2096 </table> 2097 2098 <h3 id="information-disclosure-vulnerability-in-networking-component"> 2099 </h3> 2100 <p></p> 2101 2102 <table> 2103 <col width="19%"> 2104 <col width="16%"> 2105 <col width="10%"> 2106 <col width="27%"> 2107 <col width="16%"> 2108 <tr> 2109 <th>CVE</th> 2110 <th></th> 2111 <th></th> 2112 <th> Nexus </th> 2113 <th></th> 2114 </tr> 2115 <tr> 2116 <td>CVE-2016-3809</td> 2117 <td>A-27532522*</td> 2118 <td></td> 2119 <td><a href="#all_nexus"> Nexus </a></td> 2120 <td>2016 3 5 </td> 2121 </tr> 2122 </table> 2123 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2124 2125 <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver">MediaTek WLAN </h3> 2126 <p>MediaTek WLAN </p> 2127 2128 <table> 2129 <col width="19%"> 2130 <col width="20%"> 2131 <col width="10%"> 2132 <col width="23%"> 2133 <col width="16%"> 2134 <tr> 2135 <th>CVE</th> 2136 <th></th> 2137 <th></th> 2138 <th> Nexus </th> 2139 <th></th> 2140 </tr> 2141 <tr> 2142 <td>CVE-2016-3810</td> 2143 <td>A-28175522*<br> 2144 M-ALPS02694389</td> 2145 <td></td> 2146 <td>Android One</td> 2147 <td>2016 4 12 </td> 2148 </tr> 2149 </table> 2150 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2151 2152 <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> 2153 </h3> 2154 <p></p> 2155 2156 <table> 2157 <col width="19%"> 2158 <col width="16%"> 2159 <col width="10%"> 2160 <col width="27%"> 2161 <col width="16%"> 2162 <tr> 2163 <th>CVE</th> 2164 <th></th> 2165 <th></th> 2166 <th> Nexus </th> 2167 <th></th> 2168 </tr> 2169 <tr> 2170 <td>CVE-2016-3811</td> 2171 <td>A-28447556*</td> 2172 <td></td> 2173 <td>Nexus 9</td> 2174 <td>Google </td> 2175 </tr> 2176 </table> 2177 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2178 2179 <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> 2180 MediaTek </h3> 2181 <p>MediaTek </p> 2182 2183 <table> 2184 <col width="19%"> 2185 <col width="20%"> 2186 <col width="10%"> 2187 <col width="23%"> 2188 <col width="16%"> 2189 <tr> 2190 <th>CVE</th> 2191 <th></th> 2192 <th></th> 2193 <th> Nexus </th> 2194 <th></th> 2195 </tr> 2196 <tr> 2197 <td>CVE-2016-3812</td> 2198 <td>A-28174833*<br>M-ALPS02688832</td> 2199 <td></td> 2200 <td>Android One</td> 2201 <td>2016 4 11 </td> 2202 </tr> 2203 </table> 2204 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2205 2206 <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> 2207 Qualcomm USB </h3> 2208 <p>Qualcomm USB </p> 2209 2210 <table> 2211 <col width="19%"> 2212 <col width="16%"> 2213 <col width="10%"> 2214 <col width="27%"> 2215 <col width="16%"> 2216 <tr> 2217 <th>CVE</th> 2218 <th></th> 2219 <th></th> 2220 <th> Nexus </th> 2221 <th></th> 2222 </tr> 2223 <tr> 2224 <td>CVE-2016-3813</td> 2225 <td>A-28172322* QC-CR1010222</td> 2226 <td></td> 2227 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 2228 <td>2016 4 11 </td> 2229 </tr> 2230 </table> 2231 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2232 2233 <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> 2234 NVIDIA </h3> 2235 <p>NVIDIA </p> 2236 2237 <table> 2238 <col width="19%"> 2239 <col width="20%"> 2240 <col width="10%"> 2241 <col width="23%"> 2242 <col width="16%"> 2243 <tr> 2244 <th>CVE</th> 2245 <th></th> 2246 <th></th> 2247 <th> Nexus </th> 2248 <th></th> 2249 </tr> 2250 <tr> 2251 <td>CVE-2016-3814</td> 2252 <td>A-28193342*<br>N-CVE20163814</td> 2253 <td></td> 2254 <td>Nexus 9</td> 2255 <td>2016 4 14 </td> 2256 </tr> 2257 <tr> 2258 <td>CVE-2016-3815</td> 2259 <td>A-28522274*<br>N-CVE20163815</td> 2260 <td></td> 2261 <td>Nexus 9</td> 2262 <td>2016 5 1 </td> 2263 </tr> 2264 </table> 2265 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2266 2267 <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> 2268 MediaTek </h3> 2269 <p>MediaTek </p> 2270 2271 <table> 2272 <col width="19%"> 2273 <col width="16%"> 2274 <col width="10%"> 2275 <col width="27%"> 2276 <col width="16%"> 2277 <tr> 2278 <th>CVE</th> 2279 <th></th> 2280 <th></th> 2281 <th> Nexus </th> 2282 <th></th> 2283 </tr> 2284 <tr> 2285 <td>CVE-2016-3816</td> 2286 <td>A-28402240*</td> 2287 <td></td> 2288 <td>Android One</td> 2289 <td>2016 4 26 </td> 2290 </tr> 2291 </table> 2292 <p>*<a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2293 2294 <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> 2295 </h3> 2296 <p></p> 2297 2298 <table> 2299 <col width="19%"> 2300 <col width="20%"> 2301 <col width="10%"> 2302 <col width="23%"> 2303 <col width="16%"> 2304 <tr> 2305 <th>CVE</th> 2306 <th></th> 2307 <th></th> 2308 <th> Nexus </th> 2309 <th></th> 2310 </tr> 2311 <tr> 2312 <td>CVE-2016-0723</td> 2313 <td>A-28409131<br> 2314 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439"></a></td> 2315 <td></td> 2316 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Nexus PlayerPixel C</td> 2317 <td>2016 4 26 </td> 2318 </tr> 2319 </table> 2320 2321 <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> 2322 Qualcomm </h3> 2323 <p>Qualcomm </p> 2324 2325 <table> 2326 <col width="19%"> 2327 <col width="16%"> 2328 <col width="10%"> 2329 <col width="27%"> 2330 <col width="16%"> 2331 <tr> 2332 <th>CVE</th> 2333 <th></th> 2334 <th></th> 2335 <th> Nexus </th> 2336 <th></th> 2337 </tr> 2338 <tr> 2339 <td>CVE-2014-9798</td> 2340 <td>A-28821448 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484">QC-CR681965</a></td> 2341 <td></td> 2342 <td>Nexus 5</td> 2343 <td>2014 10 31 </td> 2344 </tr> 2345 <tr> 2346 <td>CVE-2015-8893</td> 2347 <td>A-28822690 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=800255e8bfcc31a02e89460460e3811f225e7a69">QC-CR822275</a></td> 2348 <td></td> 2349 <td>Nexus 5Nexus 7 (2013)</td> 2350 <td>2015 8 19 </td> 2351 </tr> 2352 </table> 2353 <h2 id="common-questions-and-answers"></h2> 2354 <p></p> 2355 2356 <p><strong>1. </strong></p> 2357 <p>2016-07-01 2016-7-01 2016-07-05 2016-07-05 <a href="https://support.google.com/nexus/answer/4457705"></a>[ro.build.version.security_patch]:[2016-07-01] [ro.build.version.security_patch]:[2016-07-05]</p> 2358 2359 <p><strong>2. </strong></p> 2360 <p> Android Android Android </p> 2361 <p> 2016 7 5 </p> 2362 <p> 2016 7 1 2016 7 1 2016 7 5 </p> 2363 2364 <p id="all_nexus"><strong>3. Nexus </strong></p> 2365 <p> <a href="#2016-07-01_details">2016-07-01</a> <a href="#2016-07-05_details">2016-07-05</a> Nexus Nexus </p> 2366 <ul> 2367 <li><strong> Nexus </strong> Nexus Nexus Nexus <em></em> Nexus <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus Player Pixel C</li> 2368 <li><strong> Nexus </strong> Nexus Nexus Nexus <em></em></li> 2369 <li><strong> Nexus </strong> Nexus Nexus <em></em></li> 2370 </ul> 2371 2372 <p><strong>4. </strong></p> 2373 <p><em></em></p> 2374 2375 <table> 2376 <tr> 2377 <th></th> 2378 <th></th> 2379 </tr> 2380 <tr> 2381 <td>A-</td> 2382 <td>Android Bug ID</td> 2383 </tr> 2384 <tr> 2385 <td>QC-</td> 2386 <td>Qualcomm </td> 2387 </tr> 2388 <tr> 2389 <td>M-</td> 2390 <td>MediaTek </td> 2391 </tr> 2392 <tr> 2393 <td>N-</td> 2394 <td>NVIDIA </td> 2395 </tr> 2396 </table> 2397 2398 <h2 id="revisions"></h2> 2399 <ul> 2400 <li>2016 7 6 </li> 2401 <li>2016 7 7 <ul> 2402 <li> AOSP 2403 <li>CVE-2016-3794 CVE-2016-3814 <li> CVE-2016-2501 CVE-2016-2502 </li></li></li></ul> 2404 </li> 2405 <li>2016 7 11 CVE-2016-3750 </li> 2406 <li>2016 7 14 CVE-2016-2503 </li> 2407 </ul> 2408 2409 </body> 2410 </html> 2411
