1 <html devsite> 2 <head> 3 <title>Android - 2016 9 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 <p><em>2016 9 6 | 2016 9 12 </em> 26 </p> 27 28 <p> 29 Android Android (OTA) Nexus <a href="https://developers.google.com/android/nexus/images">Google Developers </a> Nexus 2016 9 6 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a> Nexus 2016 9 6 OTA 30 </p> 31 32 <p> 33 2016 8 5 Android (AOSP) AOSP 34 </p> 35 36 <p> 37 38 </p> 39 40 <p> 41 <a href="#mitigations">Android Google </a> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android 42 </p> 43 44 <p> 45 46 </p> 47 48 <h2 id="announcements"></h2> 49 <ul> 50 <li> 3 Android Android <a href="#common-questions-and-answers"></a> 51 <ul> 52 <li><strong>2016-09-01</strong> 2016-09-01 53 <li><strong>2016-09-05</strong> 2016-09-01 2016-09-05 54 <li><strong>2016-09-06</strong> 2016-09-012016-09-05 2016-09-06 55 <li> Nexus 2016 9 6 OTA </li> 56 </li></li></li></ul> 57 </li> 58 </ul> 59 <h2></h2> 60 <p> 61 CVE Nexus <a href="/security/overview/updates-resources.html#severity"></a> 62 </p> 63 64 <h3 id="2016-09-01-summary">2016-09-01 - </h3> 65 <p> 66 2016-09-01 67 </p> 68 69 <table> 70 <col width="55%"> 71 <col width="20%"> 72 <col width="13%"> 73 <col width="12%"> 74 <tr> 75 <th></th> 76 <th>CVE</th> 77 <th></th> 78 <th> Nexus </th> 79 </tr> 80 <tr> 81 <td>LibUtils </td> 82 <td>CVE-2016-3861</td> 83 <td></td> 84 <td></td> 85 </tr> 86 <tr> 87 <td>Mediaserver </td> 88 <td>CVE-2016-3862</td> 89 <td></td> 90 <td></td> 91 </tr> 92 <tr> 93 <td>MediaMuxer </td> 94 <td>CVE-2016-3863</td> 95 <td></td> 96 <td></td> 97 </tr> 98 <tr> 99 <td>Mediaserver </td> 100 <td>CVE-2016-3870CVE-2016-3871CVE-2016-3872</td> 101 <td></td> 102 <td></td> 103 </tr> 104 <tr> 105 <td></td> 106 <td>CVE-2016-3875</td> 107 <td></td> 108 <td>*</td> 109 </tr> 110 <tr> 111 <td></td> 112 <td>CVE-2016-3876</td> 113 <td></td> 114 <td></td> 115 </tr> 116 <tr> 117 <td>Mediaserver </td> 118 <td>CVE-2016-3899CVE-2016-3878CVE-2016-3879CVE-2016-3880CVE-2016-3881</td> 119 <td></td> 120 <td></td> 121 </tr> 122 <tr> 123 <td>Telephony </td> 124 <td>CVE-2016-3883</td> 125 <td></td> 126 <td></td> 127 </tr> 128 <tr> 129 <td></td> 130 <td>CVE-2016-3884</td> 131 <td></td> 132 <td></td> 133 </tr> 134 <tr> 135 <td>Debuggerd </td> 136 <td>CVE-2016-3885</td> 137 <td></td> 138 <td></td> 139 </tr> 140 <tr> 141 <td></td> 142 <td>CVE-2016-3886</td> 143 <td></td> 144 <td></td> 145 </tr> 146 <tr> 147 <td></td> 148 <td>CVE-2016-3887</td> 149 <td></td> 150 <td></td> 151 </tr> 152 <tr> 153 <td></td> 154 <td>CVE-2016-3888</td> 155 <td></td> 156 <td></td> 157 </tr> 158 <tr> 159 <td></td> 160 <td>CVE-2016-3889</td> 161 <td></td> 162 <td></td> 163 </tr> 164 <tr> 165 <td>Java </td> 166 <td>CVE-2016-3890</td> 167 <td></td> 168 <td>*</td> 169 </tr> 170 <tr> 171 <td>Mediaserver </td> 172 <td>CVE-2016-3895</td> 173 <td></td> 174 <td></td> 175 </tr> 176 <tr> 177 <td>AOSP </td> 178 <td>CVE-2016-3896</td> 179 <td></td> 180 <td>*</td> 181 </tr> 182 <tr> 183 <td>WLAN </td> 184 <td>CVE-2016-3897</td> 185 <td></td> 186 <td>*</td> 187 </tr> 188 <tr> 189 <td>Telephony </td> 190 <td>CVE-2016-3898</td> 191 <td></td> 192 <td></td> 193 </tr> 194 </table> 195 <p> 196 * Android 7.0 Nexus 197 </p> 198 199 <h3 id="2016-09-05-summary">2016-09-05 - </h3> 200 <p> 201 2016-09-05 2016-09-01 202 </p> 203 204 <table> 205 <col width="55%"> 206 <col width="20%"> 207 <col width="13%"> 208 <col width="12%"> 209 <tr> 210 <th></th> 211 <th>CVE</th> 212 <th></th> 213 <th> Nexus </th> 214 </tr> 215 <tr> 216 <td></td> 217 <td>CVE-2014-9529CVE-2016-4470</td> 218 <td></td> 219 <td></td> 220 </tr> 221 <tr> 222 <td></td> 223 <td>CVE-2013-7446</td> 224 <td></td> 225 <td></td> 226 </tr> 227 <tr> 228 <td> Netfilter </td> 229 <td>CVE-2016-3134</td> 230 <td></td> 231 <td></td> 232 </tr> 233 <tr> 234 <td> USB </td> 235 <td>CVE-2016-3951</td> 236 <td></td> 237 <td></td> 238 </tr> 239 <tr> 240 <td></td> 241 <td>CVE-2014-4655</td> 242 <td></td> 243 <td></td> 244 </tr> 245 <tr> 246 <td> ASN.1 </td> 247 <td>CVE-2016-2053</td> 248 <td></td> 249 <td></td> 250 </tr> 251 <tr> 252 <td>Qualcomm </td> 253 <td>CVE-2016-3864</td> 254 <td></td> 255 <td></td> 256 </tr> 257 <tr> 258 <td>Qualcomm </td> 259 <td>CVE-2016-3858</td> 260 <td></td> 261 <td></td> 262 </tr> 263 <tr> 264 <td></td> 265 <td>CVE-2016-4805</td> 266 <td></td> 267 <td></td> 268 </tr> 269 <tr> 270 <td>Synaptics </td> 271 <td>CVE-2016-3865</td> 272 <td></td> 273 <td></td> 274 </tr> 275 <tr> 276 <td>Qualcomm </td> 277 <td>CVE-2016-3859</td> 278 <td></td> 279 <td></td> 280 </tr> 281 <tr> 282 <td>Qualcomm </td> 283 <td>CVE-2016-3866</td> 284 <td></td> 285 <td></td> 286 </tr> 287 <tr> 288 <td>Qualcomm IPA </td> 289 <td>CVE-2016-3867</td> 290 <td></td> 291 <td></td> 292 </tr> 293 <tr> 294 <td>Qualcomm </td> 295 <td>CVE-2016-3868</td> 296 <td></td> 297 <td></td> 298 </tr> 299 <tr> 300 <td>Broadcom WLAN </td> 301 <td>CVE-2016-3869</td> 302 <td></td> 303 <td></td> 304 </tr> 305 <tr> 306 <td> eCryptfs </td> 307 <td>CVE-2016-1583</td> 308 <td></td> 309 <td></td> 310 </tr> 311 <tr> 312 <td>NVIDIA </td> 313 <td>CVE-2016-3873</td> 314 <td></td> 315 <td></td> 316 </tr> 317 <tr> 318 <td>Qualcomm WLAN </td> 319 <td>CVE-2016-3874</td> 320 <td></td> 321 <td></td> 322 </tr> 323 <tr> 324 <td></td> 325 <td>CVE-2015-1465CVE-2015-5364</td> 326 <td></td> 327 <td></td> 328 </tr> 329 <tr> 330 <td> ext4 </td> 331 <td>CVE-2015-8839</td> 332 <td></td> 333 <td></td> 334 </tr> 335 <tr> 336 <td>Qualcomm SPMI </td> 337 <td>CVE-2016-3892</td> 338 <td></td> 339 <td></td> 340 </tr> 341 <tr> 342 <td>Qualcomm </td> 343 <td>CVE-2016-3893</td> 344 <td></td> 345 <td></td> 346 </tr> 347 <tr> 348 <td>Qualcomm DMA </td> 349 <td>CVE-2016-3894</td> 350 <td></td> 351 <td></td> 352 </tr> 353 <tr> 354 <td></td> 355 <td>CVE-2016-4998</td> 356 <td></td> 357 <td></td> 358 </tr> 359 <tr> 360 <td></td> 361 <td>CVE-2015-2922</td> 362 <td></td> 363 <td></td> 364 </tr> 365 <tr> 366 <td>Qualcomm </td> 367 <td>CVE-2016-2469</td> 368 <td></td> 369 <td></td> 370 </tr> 371 </table> 372 <h3 id="2016-09-06-summary">2016-09-06 - </h3> 373 <p> 374 2016-09-06 2016-09-05 2016-09-01 375 </p> 376 377 <table> 378 <col width="55%"> 379 <col width="20%"> 380 <col width="13%"> 381 <col width="12%"> 382 <tr> 383 <th></th> 384 <th>CVE</th> 385 <th></th> 386 <th> Nexus </th> 387 </tr> 388 <tr> 389 <td></td> 390 <td>CVE-2016-5340</td> 391 <td></td> 392 <td></td> 393 </tr> 394 <tr> 395 <td>Qualcomm </td> 396 <td>CVE-2016-2059</td> 397 <td></td> 398 <td></td> 399 </tr> 400 </table> 401 <h2 id="mitigations">Android Google </h2> 402 <p> 403 <a href="/security/enhancements/index.html">Android </a> SafetyNet Android 404 </p> 405 <ul> 406 <li> Android Android Android</li> 407 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root </li> 408 <li> Google Messenger Mediaserver </li> 409 </ul> 410 411 <h2 id="acknowledgements"></h2> 412 <p> 413 </p> 414 415 416 <ul> 417 <li> Cory PruceCVE-2016-3897</li> 418 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-3869CVE-2016-3865CVE-2016-3866CVE-2016-3867</li> 419 <li><a href="http://www.cmcm.com"></a> Hao QinCVE-2016-3863</li> 420 <li>Google Project Zero Jann HornCVE-2016-3885</li> 421 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-3858</li> 422 <li>Joshua Drake (<a href="https://twitter.com/jduck">@jduck</a>)CVE-2016-3861</li> 423 <li> CISPA Madhu Priya MuruganCVE-2016-3896</li> 424 <li>Google Makoto OnukiCVE-2016-3876</li> 425 <li>Google Project Zero Mark BrandCVE-2016-3861</li> 426 <li>Android Max SpectorCVE-2016-3888</li> 427 <li>Android Max Spector Quan ToCVE-2016-3889</li> 428 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3895</li> 429 <li> Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) CVE-2016-2446 </li> 430 <li>Google Oleksiy VyalovCVE-2016-3890</li> 431 <li>Google Chrome Oliver ChangCVE-2016-3880</li> 432 <li> Peng XiaoChengming YangNing YouChao Yang Yang SongCVE-2016-3859</li> 433 <li>Lv51 Ronald L. Loor Vargas (<a href="https://twitter.com/loor_rlv">@loor_rlv</a>)CVE-2016-3886</li> 434 <li>IBM X-Force Sagi KedmiCVE-2016-3873</li> 435 <li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2016-3893CVE-2016-3868CVE-2016-3867</li> 436 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-3894</li> 437 <li>SentinelOne / RedNaga Tim Strazzere (<a href="https://twitter.com/timstrazz">@timstrazz</a>)CVE-2016-3862</li> 438 <li>trotmaster (<a href="https://twitter.com/trotmaster99">@trotmaster99</a>)CVE-2016-3883</li> 439 <li>Google Victor ChangCVE-2016-3887</li> 440 <li>Google Vignesh VenkatasubramanianCVE-2016-3881</li> 441 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2016-3878</li> 442 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3870CVE-2016-3871CVE-2016-3872</li> 443 <li><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/author/wishwu/"></a><a href="http://weibo.com/wishlinux"></a> (<a href="https://twitter.com/wish_wu">@wish_wu</a>)CVE-2016-3892</li> 444 <li><a href="http://www.alibaba.com/"></a> (<a href="https://twitter.com/Spid3r_">@Spid3r_</a>)CVE-2016-3879</li> 445 <li> TCA Yacong GuCVE-2016-3884</li> 446 <li> <a href="http://yurushao.info">Yuru Shao</a>CVE-2016-3898</li> 447 </ul> 448 449 <h2 id="2016-09-01-details">2016-09-01 - </h2> 450 <p> 451 <a href="#2016-09-01-summary">2016-09-01 - </a> CVE Nexus AOSP Bug ID AOSP Bug Bug ID </p> 452 453 <h3>LibUtils </h3> 454 <p> 455 LibUtils 456 </p> 457 458 <table> 459 <col width="18%"> 460 <col width="16%"> 461 <col width="10%"> 462 <col width="19%"> 463 <col width="19%"> 464 <col width="17%"> 465 <tr> 466 <th>CVE</th> 467 <th></th> 468 <th></th> 469 <th> Nexus </th> 470 <th> AOSP </th> 471 <th></th> 472 </tr> 473 <tr> 474 <td>CVE-2016-3861</td> 475 <td><a href="https://android.googlesource.com/platform/system/core/+/ecf5fd58a8f50362ce9e8d4245a33d56f29f142b">A-29250543</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/3944c65637dfed14a5a895685edfa4bacaf9f76e">2</a>] [<a href="https://android.googlesource.com/platform/frameworks/base/+/866dc26ad4a98cc835d075b627326e7d7e52ffa1">3</a>] [<a href="https://android.googlesource.com/platform/frameworks/native/+/1f4b49e64adf4623eefda503bca61e253597b9bf">4</a>]</td> 476 <td></td> 477 <td> Nexus </td> 478 <td>4.4.45.0.25.1.16.06.0.17.0</td> 479 <td>2016 6 9 </td> 480 </tr> 481 </table> 482 <h3>Mediaserver </h3> 483 <p> 484 Mediaserver Mediaserver 485 </p> 486 487 <table> 488 <col width="18%"> 489 <col width="18%"> 490 <col width="10%"> 491 <col width="19%"> 492 <col width="17%"> 493 <col width="17%"> 494 <tr> 495 <th>CVE</th> 496 <th></th> 497 <th></th> 498 <th> Nexus </th> 499 <th> AOSP </th> 500 <th></th> 501 </tr> 502 <tr> 503 <td>CVE-2016-3862</td> 504 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e739d9ca5469ed30129d0fa228e3d0f2878671ac">A-29270469</a></td> 505 <td></td> 506 <td> Nexus </td> 507 <td>4.4.45.0.25.1.16.06.0.1</td> 508 <td>2016 6 10 </td> 509 </tr> 510 </table> 511 <h3>MediaMuxer </h3> 512 <p> 513 MediaMuxer MediaMuxer 514 </p> 515 516 <table> 517 <col width="18%"> 518 <col width="16%"> 519 <col width="10%"> 520 <col width="19%"> 521 <col width="19%"> 522 <col width="17%"> 523 <tr> 524 <th>CVE</th> 525 <th></th> 526 <th></th> 527 <th> Nexus </th> 528 <th> AOSP </th> 529 <th></th> 530 </tr> 531 <tr> 532 <td>CVE-2016-3863</td> 533 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/119a012b2a9a186655da4bef3ed4ed8dd9b94c26">A-29161888</a></td> 534 <td></td> 535 <td> Nexus </td> 536 <td>4.4.45.0.25.1.16.06.0.17.0</td> 537 <td>2016 6 6 </td> 538 </tr> 539 </table> 540 <h3>Mediaserver </h3> 541 <p> 542 Mediaserver 543 </p> 544 545 <table> 546 <col width="18%"> 547 <col width="16%"> 548 <col width="10%"> 549 <col width="19%"> 550 <col width="19%"> 551 <col width="17%"> 552 <tr> 553 <th>CVE</th> 554 <th></th> 555 <th></th> 556 <th> Nexus </th> 557 <th> AOSP </th> 558 <th></th> 559 </tr> 560 <tr> 561 <td>CVE-2016-3870</td> 562 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1e9801783770917728b7edbdeff3d0ec09c621ac">A-29421804</a> 563 <td></td> 564 <td> Nexus </td> 565 <td>4.4.45.0.25.1.16.06.0.17.0</td> 566 <td>2016 6 15 </td> 567 </td></tr> 568 <tr> 569 <td>CVE-2016-3871</td> 570 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c2639afac631f5c1ffddf70ee8a6fe943d0bedf9">A-29422022</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/3c4edac2a5b00dec6c8579a0ee658cfb3bb16d94">2</a>] [<a href="https://android.googlesource.com/platform/frameworks/av/+/c17ad2f0c7e00fd1bbf01d0dfed41f72d78267ad">3</a>]</td> 571 <td></td> 572 <td> Nexus </td> 573 <td>4.4.45.0.25.1.16.06.0.17.0</td> 574 <td>2016 6 15 </td> 575 </tr> 576 <tr> 577 <td>CVE-2016-3872</td> 578 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/630ed150f7201ddadb00b8b8ce0c55c4cc6e8742">A-29421675</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/9f9ba255a0c59544f3555c9c45512c3a2fac5fad">2</a>]</td> 579 <td></td> 580 <td> Nexus </td> 581 <td>4.4.45.0.25.1.16.06.0.17.0</td> 582 <td>2016 6 15 </td> 583 </tr> 584 </table> 585 <h3></h3> 586 <p> 587 588 </p> 589 590 <table> 591 <col width="18%"> 592 <col width="18%"> 593 <col width="10%"> 594 <col width="19%"> 595 <col width="17%"> 596 <col width="17%"> 597 <tr> 598 <th>CVE</th> 599 <th></th> 600 <th></th> 601 <th> Nexus </th> 602 <th> AOSP </th> 603 <th></th> 604 </tr> 605 <tr> 606 <td>CVE-2016-3875</td> 607 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/69729fa8b13cadbf3173fe1f389fe4f3b7bd0f9c">A-26251884</a></td> 608 <td></td> 609 <td>*</td> 610 <td>6.06.0.1</td> 611 <td>Google </td> 612 </tr> 613 </table> 614 <p> 615 * Android 7.0 Nexus 616 </p> 617 618 <h3></h3> 619 <p> 620 621 </p> 622 623 <table> 624 <col width="18%"> 625 <col width="18%"> 626 <col width="10%"> 627 <col width="19%"> 628 <col width="17%"> 629 <col width="17%"> 630 <tr> 631 <th>CVE</th> 632 <th></th> 633 <th></th> 634 <th> Nexus </th> 635 <th> AOSP </th> 636 <th></th> 637 </tr> 638 <tr> 639 <td>CVE-2016-3876</td> 640 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/91fc934bb2e5ea59929bb2f574de6db9b5100745">A-29900345</a></td> 641 <td></td> 642 <td> Nexus </td> 643 <td>6.06.0.17.0</td> 644 <td>Google </td> 645 </tr> 646 </table> 647 <h3>Mediaserver </h3> 648 <p> 649 Mediaserver 650 </p> 651 652 <table> 653 <col width="18%"> 654 <col width="16%"> 655 <col width="10%"> 656 <col width="19%"> 657 <col width="19%"> 658 <col width="17%"> 659 <tr> 660 <th>CVE</th> 661 <th></th> 662 <th></th> 663 <th> Nexus </th> 664 <th> AOSP </th> 665 <th></th> 666 </tr> 667 <tr> 668 <td>CVE-2016-3899</td> 669 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/97837bb6cbac21ea679843a0037779d3834bed64">A-29421811</a></td> 670 <td></td> 671 <td> Nexus </td> 672 <td>4.4.45.0.25.1.16.06.0.17.0</td> 673 <td>2016 6 16 </td> 674 </tr> 675 <tr> 676 <td>CVE-2016-3878</td> 677 <td><a href="https://android.googlesource.com/platform/external/libavc/+/7109ce3f8f90a28ca9f0ee6e14f6ac5e414c62cf">A-29493002</a></td> 678 <td></td> 679 <td> Nexus *</td> 680 <td>6.06.0.1</td> 681 <td>2016 6 17 </td> 682 </tr> 683 <tr> 684 <td>CVE-2016-3879</td> 685 <td><a href="https://android.googlesource.com/platform/external/sonivox/+/cadfb7a3c96d4fef06656cf37143e1b3e62cae86">A-29770686</a></td> 686 <td></td> 687 <td> Nexus *</td> 688 <td>4.4.45.0.25.1.16.06.0.1</td> 689 <td>2016 6 25 </td> 690 </tr> 691 <tr> 692 <td>CVE-2016-3880</td> 693 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/68f67ef6cf1f41e77337be3bc4bff91f3a3c6324">A-25747670</a></td> 694 <td></td> 695 <td> Nexus </td> 696 <td>4.4.45.0.25.1.16.06.0.17.0</td> 697 <td>Google </td> 698 </tr> 699 <tr> 700 <td>CVE-2016-3881</td> 701 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/4974dcbd0289a2530df2ee2a25b5f92775df80da">A-30013856</a></td> 702 <td></td> 703 <td> Nexus </td> 704 <td>4.4.45.0.25.1.16.06.0.17.0</td> 705 <td>Google </td> 706 </tr> 707 </table> 708 <p> 709 * Android 7.0 Nexus 710 </p> 711 712 <h3>Telephony </h3> 713 <p> 714 Telephony 715 </p> 716 717 <table> 718 <col width="18%"> 719 <col width="16%"> 720 <col width="10%"> 721 <col width="19%"> 722 <col width="19%"> 723 <col width="17%"> 724 <tr> 725 <th>CVE</th> 726 <th></th> 727 <th></th> 728 <th> Nexus </th> 729 <th> AOSP </th> 730 <th></th> 731 </tr> 732 <tr> 733 <td>CVE-2016-3883</td> 734 <td><a href="https://android.googlesource.com/platform/frameworks/opt/telephony/+/b2c89e6f8962dc7aff88cb38aa3ee67d751edda9">A-28557603</a></td> 735 <td></td> 736 <td> Nexus </td> 737 <td>4.4.45.0.25.1.16.06.0.17.0</td> 738 <td>2016 5 3 </td> 739 </tr> 740 </table> 741 <h3></h3> 742 <p> 743 744 </p> 745 746 <table> 747 <col width="18%"> 748 <col width="18%"> 749 <col width="10%"> 750 <col width="19%"> 751 <col width="17%"> 752 <col width="17%"> 753 <tr> 754 <th>CVE</th> 755 <th></th> 756 <th></th> 757 <th> Nexus </th> 758 <th> AOSP </th> 759 <th></th> 760 </tr> 761 <tr> 762 <td>CVE-2016-3884</td> 763 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/61e9103b5725965568e46657f4781dd8f2e5b623">A-29421441</a></td> 764 <td></td> 765 <td> Nexus </td> 766 <td>6.06.0.17.0</td> 767 <td>2016 6 15 </td> 768 </tr> 769 </table> 770 <h3>Debuggerd </h3> 771 <p> 772 Android Android 773 </p> 774 775 <table> 776 <col width="18%"> 777 <col width="18%"> 778 <col width="10%"> 779 <col width="19%"> 780 <col width="17%"> 781 <col width="17%"> 782 <tr> 783 <th>CVE</th> 784 <th></th> 785 <th></th> 786 <th> Nexus </th> 787 <th> AOSP </th> 788 <th></th> 789 </tr> 790 <tr> 791 <td>CVE-2016-3885</td> 792 <td><a href="https://android.googlesource.com/platform/system/core/+/d7603583f90c2bc6074a4ee2886bd28082d7c65b">A-29555636</a></td> 793 <td></td> 794 <td> Nexus </td> 795 <td>5.0.25.1.16.06.0.17.0</td> 796 <td>2016 6 21 </td> 797 </tr> 798 </table> 799 <h3></h3> 800 <p> 801 802 </p> 803 804 <table> 805 <col width="18%"> 806 <col width="18%"> 807 <col width="10%"> 808 <col width="19%"> 809 <col width="17%"> 810 <col width="17%"> 811 <tr> 812 <th>CVE</th> 813 <th></th> 814 <th></th> 815 <th> Nexus </th> 816 <th> AOSP </th> 817 <th></th> 818 </tr> 819 <tr> 820 <td>CVE-2016-3886</td> 821 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/6ca6cd5a50311d58a1b7bf8fbef3f9aa29eadcd5">A-30107438</a></td> 822 <td></td> 823 <td> Nexus </td> 824 <td>7.0</td> 825 <td>2016 6 23 </td> 826 </tr> 827 </table> 828 <h3></h3> 829 <p> 830 VPN 831 </p> 832 833 <table> 834 <col width="18%"> 835 <col width="17%"> 836 <col width="10%"> 837 <col width="19%"> 838 <col width="17%"> 839 <col width="18%"> 840 <tr> 841 <th>CVE</th> 842 <th></th> 843 <th></th> 844 <th> Nexus </th> 845 <th> AOSP </th> 846 <th></th> 847 </tr> 848 <tr> 849 <td>CVE-2016-3887</td> 850 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/335702d106797bce8a88044783fa1fc1d5f751d0">A-29899712</a></td> 851 <td></td> 852 <td> Nexus </td> 853 <td>7.0</td> 854 <td>Google </td> 855 </tr> 856 </table> 857 <h3></h3> 858 <p> 859 860 </p> 861 862 <table> 863 <col width="18%"> 864 <col width="16%"> 865 <col width="10%"> 866 <col width="19%"> 867 <col width="19%"> 868 <col width="17%"> 869 <tr> 870 <th>CVE</th> 871 <th></th> 872 <th></th> 873 <th> Nexus </th> 874 <th> AOSP </th> 875 <th></th> 876 </tr> 877 <tr> 878 <td>CVE-2016-3888</td> 879 <td><a href="https://android.googlesource.com/platform/frameworks/opt/telephony/+/b8d1aee993dcc565e6576b2f2439a8f5a507cff6">A-29420123</a></td> 880 <td></td> 881 <td> Nexus </td> 882 <td>4.4.45.0.25.1.16.06.0.17.0</td> 883 <td>Google </td> 884 </tr> 885 </table> 886 <h3></h3> 887 <p> 888 889 </p> 890 891 <table> 892 <col width="18%"> 893 <col width="17%"> 894 <col width="10%"> 895 <col width="19%"> 896 <col width="17%"> 897 <col width="18%"> 898 <tr> 899 <th>CVE</th> 900 <th></th> 901 <th></th> 902 <th> Nexus </th> 903 <th> AOSP </th> 904 <th></th> 905 </tr> 906 <tr> 907 <td>CVE-2016-3889</td> 908 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e206f02d46ae5e38c74d138b51f6e1637e261abe">A-29194585</a> [<a href="https://android.googlesource.com/platform/packages/apps/Settings/+/bd5d5176c74021e8cf4970f93f273ba3023c3d72">2</a>]</td> 909 <td></td> 910 <td> Nexus </td> 911 <td>6.06.0.17.0</td> 912 <td>Google </td> 913 </tr> 914 </table> 915 <h3>Java </h3> 916 <p> 917 Java 918 </p> 919 920 <table> 921 <col width="18%"> 922 <col width="16%"> 923 <col width="10%"> 924 <col width="19%"> 925 <col width="18%"> 926 <col width="18%"> 927 <tr> 928 <th>CVE</th> 929 <th></th> 930 <th></th> 931 <th> Nexus </th> 932 <th> AOSP </th> 933 <th></th> 934 </tr> 935 <tr> 936 <td>CVE-2016-3890</td> 937 <td><a href="https://android.googlesource.com/platform/system/core/+/268068f25673242d1d5130d96202d3288c91b700">A-28347842</a> [<a href="https://android.googlesource.com/platform/system/core/+/014b01706cc64dc9c2ad94a96f62e07c058d0b5d">2</a>]</td> 938 <td></td> 939 <td>*</td> 940 <td>4.4.45.0.25.1.16.06.0.1</td> 941 <td>Google </td> 942 </tr> 943 </table> 944 <p> 945 * Android 7.0 Nexus 946 </p> 947 948 <h3>Mediaserver </h3> 949 <p> 950 Mediaserver 951 </p> 952 953 <table> 954 <col width="18%"> 955 <col width="18%"> 956 <col width="10%"> 957 <col width="19%"> 958 <col width="17%"> 959 <col width="17%"> 960 <tr> 961 <th>CVE</th> 962 <th></th> 963 <th></th> 964 <th> Nexus </th> 965 <th> AOSP </th> 966 <th></th> 967 </tr> 968 <tr> 969 <td>CVE-2016-3895</td> 970 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/363247929c35104b3e5ee9e637e9dcf579080aee">A-29983260</a></td> 971 <td></td> 972 <td> Nexus </td> 973 <td>6.06.0.17.0</td> 974 <td>2016 7 4 </td> 975 </tr> 976 </table> 977 <h3>AOSP </h3> 978 <p> 979 AOSP 980 </p> 981 982 <table> 983 <col width="18%"> 984 <col width="16%"> 985 <col width="10%"> 986 <col width="19%"> 987 <col width="19%"> 988 <col width="17%"> 989 <tr> 990 <th>CVE</th> 991 <th></th> 992 <th></th> 993 <th> Nexus </th> 994 <th> AOSP </th> 995 <th></th> 996 </tr> 997 <tr> 998 <td>CVE-2016-3896</td> 999 <td><a href="https://android.googlesource.com/platform/packages/apps/Email/+/cb2dfe43f25cb0c32cc73aa4569c0a5186a4ef43">A-29767043</a></td> 1000 <td></td> 1001 <td>*</td> 1002 <td>4.4.45.0.25.1.16.06.0.1</td> 1003 <td>2016 7 24 </td> 1004 </tr> 1005 </table> 1006 <p> 1007 * Android 7.0 Nexus 1008 </p> 1009 1010 <h3>WLAN </h3> 1011 <p> 1012 WLAN 1013 </p> 1014 1015 <table> 1016 <col width="18%"> 1017 <col width="16%"> 1018 <col width="10%"> 1019 <col width="19%"> 1020 <col width="19%"> 1021 <col width="17%"> 1022 <tr> 1023 <th>CVE</th> 1024 <th></th> 1025 <th></th> 1026 <th> Nexus </th> 1027 <th> AOSP </th> 1028 <th></th> 1029 </tr> 1030 <tr> 1031 <td>CVE-2016-3897</td> 1032 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/55271d454881b67ff38485fdd97598c542cc2d55">A-25624963</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/81be4e3aac55305cbb5c9d523cf5c96c66604b39">2</a>]</td> 1033 <td></td> 1034 <td>*</td> 1035 <td>4.4.45.0.25.1.16.06.0.1</td> 1036 <td>2015 11 5 </td> 1037 </tr> 1038 </table> 1039 <p> 1040 * Android 7.0 Nexus 1041 </p> 1042 1043 <h3>Telephony </h3> 1044 <p> 1045 Telephony TTY (911) 1046 </p> 1047 1048 <table> 1049 <col width="18%"> 1050 <col width="18%"> 1051 <col width="10%"> 1052 <col width="19%"> 1053 <col width="17%"> 1054 <col width="17%"> 1055 <tr> 1056 <th>CVE</th> 1057 <th></th> 1058 <th></th> 1059 <th> Nexus </th> 1060 <th> AOSP </th> 1061 <th></th> 1062 </tr> 1063 <tr> 1064 <td>CVE-2016-3898</td> 1065 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/d1d248d10cf03498efb7041f1a8c9c467482a19d">A-29832693</a></td> 1066 <td></td> 1067 <td> Nexus </td> 1068 <td>5.0.25.1.16.06.0.17.0</td> 1069 <td>2016 6 28 </td> 1070 </tr> 1071 </table> 1072 <h2 id="2016-09-05-details">2016-09-05 - </h2> 1073 <p> 1074 <a href="#2016-09-05-summary">2016-09-05 - </a> CVE Nexus AOSP Bug ID AOSP Bug Bug ID </p> 1075 1076 <h3></h3> 1077 <p> 1078 1079 </p> 1080 1081 <table> 1082 <col width="19%"> 1083 <col width="20%"> 1084 <col width="10%"> 1085 <col width="23%"> 1086 <col width="17%"> 1087 <tr> 1088 <th>CVE</th> 1089 <th></th> 1090 <th></th> 1091 <th> Nexus </th> 1092 <th></th> 1093 </tr> 1094 <tr> 1095 <td>CVE-2014-9529</td> 1096 <td>A-29510361<p> 1097 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a3a8784454692dd72e5d5d34dcdab17b4420e74c"></a></p></td> 1098 <td></td> 1099 <td>Nexus 5Nexus 6Nexus 9Nexus PlayerAndroid One</td> 1100 <td>2015 1 6 </td> 1101 </tr> 1102 <tr> 1103 <td>CVE-2016-4470</td> 1104 <td>A-29823941<p> 1105 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a"></a></p></td> 1106 <td></td> 1107 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus Player</td> 1108 <td>2016 6 15 </td> 1109 </tr> 1110 </table> 1111 <h3></h3> 1112 <p> 1113 1114 </p> 1115 1116 <table> 1117 <col width="19%"> 1118 <col width="20%"> 1119 <col width="10%"> 1120 <col width="23%"> 1121 <col width="17%"> 1122 <tr> 1123 <th>CVE</th> 1124 <th></th> 1125 <th></th> 1126 <th> Nexus </th> 1127 <th></th> 1128 </tr> 1129 <tr> 1130 <td>CVE-2013-7446</td> 1131 <td>A-29119002<p> 1132 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/unix/af_unix.c?id=7d267278a9ece963d77eefec61630223fce08c6c"></a></p></td> 1133 <td></td> 1134 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1135 <td>2015 11 18 </td> 1136 </tr> 1137 </table> 1138 <h3> Netfilter </h3> 1139 <p> 1140 Netfilter 1141 </p> 1142 1143 <table> 1144 <col width="19%"> 1145 <col width="20%"> 1146 <col width="10%"> 1147 <col width="23%"> 1148 <col width="17%"> 1149 <tr> 1150 <th>CVE</th> 1151 <th></th> 1152 <th></th> 1153 <th> Nexus </th> 1154 <th></th> 1155 </tr> 1156 <tr> 1157 <td>CVE-2016-3134</td> 1158 <td>A-28940694<p> 1159 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309"></a></p></td> 1160 <td></td> 1161 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1162 <td>2016 3 9 </td> 1163 </tr> 1164 </table> 1165 <h3> USB </h3> 1166 <p> 1167 USB 1168 </p> 1169 1170 <table> 1171 <col width="19%"> 1172 <col width="20%"> 1173 <col width="10%"> 1174 <col width="23%"> 1175 <col width="17%"> 1176 <tr> 1177 <th>CVE</th> 1178 <th></th> 1179 <th></th> 1180 <th> Nexus </th> 1181 <th></th> 1182 </tr> 1183 <tr> 1184 <td>CVE-2016-3951</td> 1185 <td>A-28744625<p> 1186 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274"></a> [<a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b">2</a>]</p></td> 1187 <td></td> 1188 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1189 <td>2016 4 6 </td> 1190 </tr> 1191 </table> 1192 <h3></h3> 1193 <p> 1194 1195 </p> 1196 1197 <table> 1198 <col width="19%"> 1199 <col width="20%"> 1200 <col width="10%"> 1201 <col width="23%"> 1202 <col width="17%"> 1203 <tr> 1204 <th>CVE</th> 1205 <th></th> 1206 <th></th> 1207 <th> Nexus </th> 1208 <th></th> 1209 </tr> 1210 <tr> 1211 <td>CVE-2014-4655</td> 1212 <td>A-29916012<p> 1213 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82262a46627bebb0febcc26664746c25cef08563"></a></p></td> 1214 <td></td> 1215 <td>Nexus 5Nexus 6Nexus 9Nexus Player</td> 1216 <td>2014 6 26 </td> 1217 </tr> 1218 </table> 1219 <h3> ASN.1 </h3> 1220 <p> 1221 ASN.1 1222 </p> 1223 1224 <table> 1225 <col width="19%"> 1226 <col width="20%"> 1227 <col width="10%"> 1228 <col width="23%"> 1229 <col width="17%"> 1230 <tr> 1231 <th>CVE</th> 1232 <th></th> 1233 <th></th> 1234 <th> Nexus </th> 1235 <th></th> 1236 </tr> 1237 <tr> 1238 <td>CVE-2016-2053</td> 1239 <td>A-28751627<p> 1240 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f"></a></p></td> 1241 <td></td> 1242 <td>Nexus 5XNexus 6P</td> 1243 <td>2016 1 25 </td> 1244 </tr> 1245 </table> 1246 <h3>Qualcomm </h3> 1247 <p> 1248 Qualcomm 1249 </p> 1250 1251 <table> 1252 <col width="19%"> 1253 <col width="18%"> 1254 <col width="10%"> 1255 <col width="25%"> 1256 <col width="17%"> 1257 <tr> 1258 <th>CVE</th> 1259 <th></th> 1260 <th></th> 1261 <th> Nexus </th> 1262 <th></th> 1263 </tr> 1264 <tr> 1265 <td>CVE-2016-3864</td> 1266 <td>A-28823714*<br>QC-CR#913117</td> 1267 <td></td> 1268 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1269 <td>2016 4 29 </td> 1270 </tr> 1271 </table> 1272 <p> 1273 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1274 </p> 1275 1276 <h3>Qualcomm </h3> 1277 <p> 1278 Qualcomm 1279 </p> 1280 1281 <table> 1282 <col width="19%"> 1283 <col width="20%"> 1284 <col width="10%"> 1285 <col width="23%"> 1286 <col width="17%"> 1287 <tr> 1288 <th>CVE</th> 1289 <th></th> 1290 <th></th> 1291 <th> Nexus </th> 1292 <th></th> 1293 </tr> 1294 <tr> 1295 <td>CVE-2016-3858</td> 1296 <td>A-28675151<br> 1297 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0c148b9a9028c566eac680f19e5d664b483cdee3">QC-CR#1022641</a></td> 1298 <td></td> 1299 <td>Nexus 5XNexus 6P</td> 1300 <td>2016 5 9 </td> 1301 </tr> 1302 </table> 1303 <h3></h3> 1304 <p> 1305 1306 </p> 1307 1308 <table> 1309 <col width="19%"> 1310 <col width="20%"> 1311 <col width="10%"> 1312 <col width="23%"> 1313 <col width="17%"> 1314 <tr> 1315 <th>CVE</th> 1316 <th></th> 1317 <th></th> 1318 <th> Nexus </th> 1319 <th></th> 1320 </tr> 1321 <tr> 1322 <td>CVE-2016-4805</td> 1323 <td>A-28979703<p> 1324 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89"></a></p></td> 1325 <td></td> 1326 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9</td> 1327 <td>2016 5 15 </td> 1328 </tr> 1329 </table> 1330 <h3>Synaptics </h3> 1331 <p> 1332 Synaptics 1333 </p> 1334 1335 <table> 1336 <col width="19%"> 1337 <col width="20%"> 1338 <col width="10%"> 1339 <col width="23%"> 1340 <col width="17%"> 1341 <tr> 1342 <th>CVE</th> 1343 <th></th> 1344 <th></th> 1345 <th> Nexus </th> 1346 <th></th> 1347 </tr> 1348 <tr> 1349 <td>CVE-2016-3865</td> 1350 <td>A-28799389*</td> 1351 <td></td> 1352 <td>Nexus 5XNexus 9</td> 1353 <td>2016 5 16 </td> 1354 </tr> 1355 </table> 1356 <p> 1357 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1358 </p> 1359 1360 <h3>Qualcomm </h3> 1361 <p> 1362 Qualcomm 1363 </p> 1364 1365 <table> 1366 <col width="19%"> 1367 <col width="20%"> 1368 <col width="10%"> 1369 <col width="23%"> 1370 <col width="17%"> 1371 <tr> 1372 <th>CVE</th> 1373 <th></th> 1374 <th></th> 1375 <th> Nexus </th> 1376 <th></th> 1377 </tr> 1378 <tr> 1379 <td>CVE-2016-3859</td> 1380 <td>A-28815326*<br>QC-CR#1034641</td> 1381 <td></td> 1382 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 1383 <td>2016 5 17 </td> 1384 </tr> 1385 </table> 1386 <p> 1387 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1388 </p> 1389 1390 <h3>Qualcomm </h3> 1391 <p> 1392 Qualcomm 1393 </p> 1394 1395 <table> 1396 <col width="19%"> 1397 <col width="20%"> 1398 <col width="10%"> 1399 <col width="23%"> 1400 <col width="17%"> 1401 <tr> 1402 <th>CVE</th> 1403 <th></th> 1404 <th></th> 1405 <th> Nexus </th> 1406 <th></th> 1407 </tr> 1408 <tr> 1409 <td>CVE-2016-3866</td> 1410 <td>A-28868303*<br>QC-CR#1032820</td> 1411 <td></td> 1412 <td>Nexus 5XNexus 6Nexus 6P</td> 1413 <td>2016 5 18 </td> 1414 </tr> 1415 </table> 1416 <p> 1417 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1418 </p> 1419 1420 <h3>Qualcomm IPA </h3> 1421 <p> 1422 Qualcomm IPA 1423 </p> 1424 1425 <table> 1426 <col width="19%"> 1427 <col width="20%"> 1428 <col width="10%"> 1429 <col width="23%"> 1430 <col width="17%"> 1431 <tr> 1432 <th>CVE</th> 1433 <th></th> 1434 <th></th> 1435 <th> Nexus </th> 1436 <th></th> 1437 </tr> 1438 <tr> 1439 <td>CVE-2016-3867</td> 1440 <td>A-28919863*<br>QC-CR#1037897</td> 1441 <td></td> 1442 <td>Nexus 5XNexus 6P</td> 1443 <td>2016 5 21 </td> 1444 </tr> 1445 </table> 1446 <p> 1447 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1448 </p> 1449 1450 <h3>Qualcomm </h3> 1451 <p> 1452 Qualcomm 1453 </p> 1454 1455 <table> 1456 <col width="19%"> 1457 <col width="20%"> 1458 <col width="10%"> 1459 <col width="23%"> 1460 <col width="17%"> 1461 <tr> 1462 <th>CVE</th> 1463 <th></th> 1464 <th></th> 1465 <th> Nexus </th> 1466 <th></th> 1467 </tr> 1468 <tr> 1469 <td>CVE-2016-3868</td> 1470 <td>A-28967028*<br>QC-CR#1032875</td> 1471 <td></td> 1472 <td>Nexus 5XNexus 6P</td> 1473 <td>2016 5 25 </td> 1474 </tr> 1475 </table> 1476 <p> 1477 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1478 </p> 1479 1480 <h3>Broadcom WLAN </h3> 1481 <p> 1482 Broadcom WLAN 1483 </p> 1484 1485 <table> 1486 <col width="19%"> 1487 <col width="20%"> 1488 <col width="10%"> 1489 <col width="23%"> 1490 <col width="17%"> 1491 <tr> 1492 <th>CVE</th> 1493 <th></th> 1494 <th></th> 1495 <th> Nexus </th> 1496 <th></th> 1497 </tr> 1498 <tr> 1499 <td>CVE-2016-3869</td> 1500 <td>A-29009982*<br>B-RB#96070</td> 1501 <td></td> 1502 <td>Nexus 5Nexus 6Nexus 6PNexus 9Nexus PlayerPixel C</td> 1503 <td>2016 5 27 </td> 1504 </tr> 1505 </table> 1506 <p> 1507 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1508 </p> 1509 1510 <h3> eCryptfs </h3> 1511 <p> 1512 eCryptfs 1513 </p> 1514 1515 <table> 1516 <col width="17%"> 1517 <col width="22%"> 1518 <col width="10%"> 1519 <col width="23%"> 1520 <col width="17%"> 1521 <tr> 1522 <th>CVE</th> 1523 <th></th> 1524 <th></th> 1525 <th> Nexus </th> 1526 <th></th> 1527 </tr> 1528 <tr> 1529 <td>CVE-2016-1583</td> 1530 <td>A-29444228<br> 1531 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e54ad7f1ee263ffa5a2de9c609d58dfa27b21cd9"></a> [<a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87">2</a>] [<a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=29d6455178a09e1dc340380c582b13356227e8df">3</a>]</td> 1532 <td></td> 1533 <td>Pixel C</td> 1534 <td>2016 6 1 </td> 1535 </tr> 1536 </table> 1537 <h3>NVIDIA </h3> 1538 <p> 1539 NVIDIA 1540 </p> 1541 1542 <table> 1543 <col width="19%"> 1544 <col width="20%"> 1545 <col width="10%"> 1546 <col width="23%"> 1547 <col width="17%"> 1548 <tr> 1549 <th>CVE</th> 1550 <th></th> 1551 <th></th> 1552 <th> Nexus </th> 1553 <th></th> 1554 </tr> 1555 <tr> 1556 <td>CVE-2016-3873</td> 1557 <td>A-29518457*<br>N-CVE-2016-3873</td> 1558 <td></td> 1559 <td>Nexus 9</td> 1560 <td>2016 6 20 </td> 1561 </tr> 1562 </table> 1563 <p> 1564 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1565 </p> 1566 1567 <h3>Qualcomm WLAN </h3> 1568 <p> 1569 Qualcomm WLAN 1570 </p> 1571 1572 <table> 1573 <col width="19%"> 1574 <col width="20%"> 1575 <col width="10%"> 1576 <col width="23%"> 1577 <col width="17%"> 1578 <tr> 1579 <th>CVE</th> 1580 <th></th> 1581 <th></th> 1582 <th> Nexus </th> 1583 <th></th> 1584 </tr> 1585 <tr> 1586 <td>CVE-2016-3874</td> 1587 <td>A-29944562<br> 1588 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=50e8f265b3f7926aeb4e49c33f7301ace89faa77">QC-CR#997797</a> [<a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a3974e61c960aadcc147c3c5704a67309171642d">2</a>]</td> 1589 <td></td> 1590 <td>Nexus 5X</td> 1591 <td>2016 7 1 </td> 1592 </tr> 1593 </table> 1594 <h3></h3> 1595 <p> 1596 1597 </p> 1598 1599 <table> 1600 <col width="19%"> 1601 <col width="18%"> 1602 <col width="10%"> 1603 <col width="25%"> 1604 <col width="17%"> 1605 <tr> 1606 <th>CVE</th> 1607 <th></th> 1608 <th></th> 1609 <th> Nexus </th> 1610 <th></th> 1611 </tr> 1612 <tr> 1613 <td>CVE-2015-1465</td> 1614 <td>A-29506807<p> 1615 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0"></a></p></td> 1616 <td></td> 1617 <td>Nexus 5Nexus 6Nexus 9Nexus PlayerPixel CAndroid One</td> 1618 <td>2015 2 3 </td> 1619 </tr> 1620 <tr> 1621 <td>CVE-2015-5364</td> 1622 <td>A-29507402<p> 1623 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0"></a></p></td> 1624 <td></td> 1625 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1626 <td>2015 6 30 </td> 1627 </tr> 1628 </table> 1629 <h3> ext4 </h3> 1630 <p> 1631 ext4 1632 </p> 1633 1634 <table> 1635 <col width="19%"> 1636 <col width="16%"> 1637 <col width="10%"> 1638 <col width="27%"> 1639 <col width="17%"> 1640 <tr> 1641 <th>CVE</th> 1642 <th></th> 1643 <th></th> 1644 <th> Nexus </th> 1645 <th></th> 1646 </tr> 1647 <tr> 1648 <td>CVE-2015-8839</td> 1649 <td>A-28760453*</td> 1650 <td></td> 1651 <td>Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1652 <td>2016 4 4 </td> 1653 </tr> 1654 </table> 1655 <p> 1656 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1657 </p> 1658 1659 <h3>Qualcomm SPMI </h3> 1660 <p> 1661 Qualcomm SPMI 1662 </p> 1663 1664 <table> 1665 <col width="19%"> 1666 <col width="20%"> 1667 <col width="10%"> 1668 <col width="23%"> 1669 <col width="17%"> 1670 <tr> 1671 <th>CVE</th> 1672 <th></th> 1673 <th></th> 1674 <th> Nexus </th> 1675 <th></th> 1676 </tr> 1677 <tr> 1678 <td>CVE-2016-3892</td> 1679 <td>A-28760543*<br>QC-CR#1024197</td> 1680 <td></td> 1681 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 1682 <td>2016 5 13 </td> 1683 </tr> 1684 </table> 1685 <p> 1686 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1687 </p> 1688 1689 <h3>Qualcomm </h3> 1690 <p> 1691 Qualcomm 1692 </p> 1693 1694 <table> 1695 <col width="19%"> 1696 <col width="20%"> 1697 <col width="10%"> 1698 <col width="23%"> 1699 <col width="17%"> 1700 <tr> 1701 <th>CVE</th> 1702 <th></th> 1703 <th></th> 1704 <th> Nexus </th> 1705 <th></th> 1706 </tr> 1707 <tr> 1708 <td>CVE-2016-3893</td> 1709 <td>A-29512527<br> 1710 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=a7a6ddc91cce7ad5ad55c9709b24bfc80f5ac873">QC-CR#856400</a></td> 1711 <td></td> 1712 <td>Nexus 6P</td> 1713 <td>2016 6 20 </td> 1714 </tr> 1715 </table> 1716 <h3>Qualcomm DMA </h3> 1717 <p> 1718 Qualcomm DMA 1719 </p> 1720 1721 <table> 1722 <col width="19%"> 1723 <col width="20%"> 1724 <col width="10%"> 1725 <col width="23%"> 1726 <col width="17%"> 1727 <tr> 1728 <th>CVE</th> 1729 <th></th> 1730 <th></th> 1731 <th> Nexus </th> 1732 <th></th> 1733 </tr> 1734 <tr> 1735 <td>CVE-2016-3894</td> 1736 <td>A-29618014*<br>QC-CR#1042033</td> 1737 <td></td> 1738 <td>Nexus 6</td> 1739 <td>2016 6 23 </td> 1740 </tr> 1741 </table> 1742 <p> 1743 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1744 </p> 1745 1746 <h3></h3> 1747 <p> 1748 1749 </p> 1750 1751 <table> 1752 <col width="19%"> 1753 <col width="20%"> 1754 <col width="10%"> 1755 <col width="23%"> 1756 <col width="17%"> 1757 <tr> 1758 <th>CVE</th> 1759 <th></th> 1760 <th></th> 1761 <th> Nexus </th> 1762 <th></th> 1763 </tr> 1764 <tr> 1765 <td>CVE-2016-4998</td> 1766 <td>A-29637687<br> 1767 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968e9686df777dc178486f600c6e617"></a> [<a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91">2</a>]</td> 1768 <td></td> 1769 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1770 <td>2016 6 24 </td> 1771 </tr> 1772 </table> 1773 <h3></h3> 1774 <p> 1775 WLAN WLAN 1776 </p> 1777 1778 <table> 1779 <col width="19%"> 1780 <col width="20%"> 1781 <col width="10%"> 1782 <col width="23%"> 1783 <col width="17%"> 1784 <tr> 1785 <th>CVE</th> 1786 <th></th> 1787 <th></th> 1788 <th> Nexus </th> 1789 <th></th> 1790 </tr> 1791 <tr> 1792 <td>CVE-2015-2922</td> 1793 <td>A-29409847<p> 1794 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a"></a></p></td> 1795 <td></td> 1796 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1797 <td>2015 4 4 </td> 1798 </tr> 1799 </table> 1800 <h3>Qualcomm </h3> 1801 <p> 1802 Qualcomm 1803 </p> 1804 1805 <table> 1806 <col width="19%"> 1807 <col width="20%"> 1808 <col width="10%"> 1809 <col width="23%"> 1810 <col width="17%"> 1811 <tr> 1812 <th>CVE</th> 1813 <th></th> 1814 <th></th> 1815 <th> Nexus </th> 1816 <th></th> 1817 </tr> 1818 <tr> 1819 <td>CVE-2016-2469</td> 1820 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7eb824e8e1ebbdbfad896b090a9f048ca6e63c9e">QC-CR#997025</a></td> 1821 <td></td> 1822 <td></td> 1823 <td>2016 6 </td> 1824 </tr> 1825 <tr> 1826 <td>CVE-2016-2469</td> 1827 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=e7369163162e7773bc887f7a264d6aa46cfcc665">QC-CR#997015</a></td> 1828 <td></td> 1829 <td></td> 1830 <td>2016 6 </td> 1831 </tr> 1832 </table> 1833 <h2 id="2016-09-06-details">2016-09-06 - </h2> 1834 <p> 1835 <a href="#2016-09-06-summary">2016-09-06 - </a> CVE Nexus AOSP Bug ID AOSP Bug Bug ID </p> 1836 1837 <h3></h3> 1838 <p> 1839 1840 </p> 1841 1842 <table> 1843 <col width="19%"> 1844 <col width="20%"> 1845 <col width="10%"> 1846 <col width="23%"> 1847 <col width="17%"> 1848 <tr> 1849 <th>CVE</th> 1850 <th></th> 1851 <th></th> 1852 <th> Nexus </th> 1853 <th></th> 1854 </tr> 1855 <tr> 1856 <td>CVE-2016-5340</td> 1857 <td>A-30652312<br> 1858 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6">QC-CR#1008948</a></td> 1859 <td></td> 1860 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1861 <td>2016 7 26 </td> 1862 </tr> 1863 </table> 1864 <h3>Qualcomm </h3> 1865 <p> 1866 Qualcomm 1867 </p> 1868 1869 <table> 1870 <col width="19%"> 1871 <col width="20%"> 1872 <col width="10%"> 1873 <col width="23%"> 1874 <col width="17%"> 1875 <tr> 1876 <th>CVE</th> 1877 <th></th> 1878 <th></th> 1879 <th> Nexus </th> 1880 <th></th> 1881 </tr> 1882 <tr> 1883 <td>CVE-2016-2059</td> 1884 <td>A-27045580<br> 1885 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d">QC-CR#974577</a></td> 1886 <td></td> 1887 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1888 <td>2016 2 4 </td> 1889 </tr> 1890 </table> 1891 <h2 id="common-questions-and-answers"></h2> 1892 <p> 1893 1894 </p> 1895 1896 <p> 1897 <strong>1. 1898 </strong> 1899 </p> 1900 1901 <p> 1902 2016-09-01 2016-09-01 2016-09-05 2016-09-05 2016-09-06 2016-09-06 <a href="https://support.google.com/nexus/answer/4457705"></a>[ro.build.version.security_patch]:[2016-09-01][ro.build.version.security_patch]:[2016-09-05] [ro.build.version.security_patch]:[2016-09-06] 1903 </p> 1904 1905 <p> 1906 <strong>2. 3 </strong> 1907 </p> 1908 1909 <p> 1910 3 Android Android Android 1911 </p> 1912 1913 <p> 1914 2016 9 6 1915 </p> 1916 1917 <p> 1918 2016 9 5 2016 9 1 2016 9 5 2016 9 6 1919 </p> 1920 1921 <p> 1922 2016 9 1 2016 9 1 2016 9 5 2016 9 6 1923 </p> 1924 1925 <p> 1926 3<strong>. Nexus </strong> 1927 </p> 1928 1929 <p> 1930 <a href="#2016-09-01-details">2016-09-01</a><a href="#2016-09-05-details">2016-09-05</a> <a href="#2016-09-06-details">2016-09-06</a> Nexus Nexus <em></em> 1931 </p> 1932 1933 <ul> 1934 <li><strong> Nexus </strong> Nexus Nexus Nexus <em></em> Nexus <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus Player Pixel C</li> 1935 <li><strong> Nexus </strong> Nexus Nexus Nexus <em></em></li> 1936 <li><strong> Nexus </strong> Android 7.0 Nexus Nexus <em></em></li> 1937 </ul> 1938 <p> 1939 <strong>4. </strong> 1940 </p> 1941 1942 <p> 1943 <em></em> 1944 </p> 1945 1946 <table> 1947 <tr> 1948 <th></th> 1949 <th></th> 1950 </tr> 1951 <tr> 1952 <td>A-</td> 1953 <td>Android Bug ID</td> 1954 </tr> 1955 <tr> 1956 <td>QC-</td> 1957 <td>Qualcomm </td> 1958 </tr> 1959 <tr> 1960 <td>M-</td> 1961 <td>MediaTek </td> 1962 </tr> 1963 <tr> 1964 <td>N-</td> 1965 <td>NVIDIA </td> 1966 </tr> 1967 <tr> 1968 <td>B-</td> 1969 <td>Broadcom </td> 1970 </tr> 1971 </table> 1972 1973 <h2 id="revisions"></h2> 1974 <ul> 1975 <li>2016 9 6 </li> 1976 <li>2016 9 7 AOSP </li> 1977 <li>2016 9 12 CVE-2016-3861 CVE-2016-3877 </li> 1978 </ul> 1979 1980 </body> 1981 </html> 1982