1 <html devsite> 2 <head> 3 <title>Android - 2016 12 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2016 12 5 | 2016 12 7 </em></p> 27 <p> 28 Android Android (OTA) Google <a href="https://developers.google.com/android/nexus/images">Google Developer </a> Google 2016 12 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 29 </p> 30 <p> 31 2016 11 7 Android (AOSP) 32 AOSP 33 </p> 34 <p> 35 36 </p> 37 <p> 38 <a href="#mitigations">Android Google </a> <a href="/security/enhancements/index.html">Android </a> <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android 39 </p> 40 <p> 41 42 </p> 43 <h2 id="announcements"></h2> 44 <ul> 45 <li> Android Android <a href="#common-questions-and-answers"></a><ul> 46 <li><strong>2016-12-01</strong> 2016-12-01</li> 47 <li><strong>2016-12-05</strong> 2016-12-01 2016-12-05</li> 48 </ul> 49 </li> 50 <li> Google 2016 12 5 OTA </li> 51 </ul> 52 <h2 id="security-vulnerability-summary"></h2> 53 <p> 54 CVE Google <a href="/security/overview/updates-resources.html#severity"></a> 55 </p> 56 <h3 id="2016-12-01-summary">2016-12-01 - </h3> 57 <p> 58 2016-12-01 59 </p> 60 <table> 61 <col width="55%"> 62 <col width="20%"> 63 <col width="13%"> 64 <col width="12%"> 65 <tr> 66 <th></th> 67 <th>CVE</th> 68 <th></th> 69 <th> Google </th> 70 </tr> 71 <tr> 72 <td>CURL/LIBCURL </td> 73 <td>CVE-2016-5419CVE-2016-5420CVE-2016-5421</td> 74 <td></td> 75 <td></td> 76 </tr> 77 <tr> 78 <td>libziparchive </td> 79 <td>CVE-2016-6762</td> 80 <td></td> 81 <td></td> 82 </tr> 83 <tr> 84 <td>Telephony </td> 85 <td>CVE-2016-6763</td> 86 <td></td> 87 <td></td> 88 </tr> 89 <tr> 90 <td>Mediaserver </td> 91 <td>CVE-2016-6766CVE-2016-6765CVE-2016-6764CVE-2016-6767</td> 92 <td></td> 93 <td></td> 94 </tr> 95 <tr> 96 <td>Framesequence </td> 97 <td>CVE-2016-6768</td> 98 <td></td> 99 <td></td> 100 </tr> 101 <tr> 102 <td>Smart Lock </td> 103 <td>CVE-2016-6769</td> 104 <td></td> 105 <td>*</td> 106 </tr> 107 <tr> 108 <td>Framework API </td> 109 <td>CVE-2016-6770</td> 110 <td></td> 111 <td></td> 112 </tr> 113 <tr> 114 <td>Telephony </td> 115 <td>CVE-2016-6771</td> 116 <td></td> 117 <td></td> 118 </tr> 119 <tr> 120 <td>WLAN </td> 121 <td>CVE-2016-6772</td> 122 <td></td> 123 <td></td> 124 </tr> 125 <tr> 126 <td>Mediaserver </td> 127 <td>CVE-2016-6773</td> 128 <td></td> 129 <td></td> 130 </tr> 131 <tr> 132 <td></td> 133 <td>CVE-2016-6774</td> 134 <td></td> 135 <td></td> 136 </tr> 137 </table> 138 <p> 139 * Android 7.0 Google 140 </p> 141 <h3 id="2016-12-05-summary">2016-12-05 - </h3> 142 <p> 143 2016-12-05 2016-12-01 144 </p> 145 <table> 146 <col width="55%"> 147 <col width="20%"> 148 <col width="13%"> 149 <col width="12%"> 150 <tr> 151 <th></th> 152 <th>CVE</th> 153 <th></th> 154 <th> Google </th> 155 </tr> 156 <tr> 157 <td></td> 158 <td>CVE-2016-4794CVE-2016-5195</td> 159 <td></td> 160 <td></td> 161 </tr> 162 <tr> 163 <td>NVIDIA GPU </td> 164 <td>CVE-2016-6775CVE-2016-6776CVE-2016-6777</td> 165 <td></td> 166 <td></td> 167 </tr> 168 <tr> 169 <td></td> 170 <td>CVE-2015-8966</td> 171 <td></td> 172 <td>*</td> 173 </tr> 174 <tr> 175 <td>NVIDIA </td> 176 <td>CVE-2016-6915CVE-2016-6916CVE-2016-6917</td> 177 <td></td> 178 <td></td> 179 </tr> 180 <tr> 181 <td> ION </td> 182 <td>CVE-2016-9120</td> 183 <td></td> 184 <td></td> 185 </tr> 186 <tr> 187 <td>Qualcomm </td> 188 <td>CVE-2016-8411</td> 189 <td></td> 190 <td></td> 191 </tr> 192 <tr> 193 <td></td> 194 <td>CVE-2014-4014</td> 195 <td></td> 196 <td></td> 197 </tr> 198 <tr> 199 <td></td> 200 <td>CVE-2015-8967</td> 201 <td></td> 202 <td></td> 203 </tr> 204 <tr> 205 <td>HTC </td> 206 <td>CVE-2016-6778CVE-2016-6779CVE-2016-6780</td> 207 <td></td> 208 <td></td> 209 </tr> 210 <tr> 211 <td>MediaTek </td> 212 <td>CVE-2016-6492CVE-2016-6781CVE-2016-6782CVE-2016-6783CVE-2016-6784CVE-2016-6785</td> 213 <td></td> 214 <td>*</td> 215 </tr> 216 <tr> 217 <td>Qualcomm </td> 218 <td>CVE-2016-6761CVE-2016-6760CVE-2016-6759CVE-2016-6758</td> 219 <td></td> 220 <td></td> 221 </tr> 222 <tr> 223 <td>Qualcomm </td> 224 <td>CVE-2016-6755</td> 225 <td></td> 226 <td></td> 227 </tr> 228 <tr> 229 <td></td> 230 <td>CVE-2016-6786CVE-2016-6787</td> 231 <td></td> 232 <td></td> 233 </tr> 234 <tr> 235 <td>MediaTek I2C </td> 236 <td>CVE-2016-6788</td> 237 <td></td> 238 <td>*</td> 239 </tr> 240 <tr> 241 <td>NVIDIA libomx </td> 242 <td>CVE-2016-6789CVE-2016-6790</td> 243 <td></td> 244 <td></td> 245 </tr> 246 <tr> 247 <td>Qualcomm </td> 248 <td>CVE-2016-6791CVE-2016-8391CVE-2016-8392</td> 249 <td></td> 250 <td></td> 251 </tr> 252 <tr> 253 <td></td> 254 <td>CVE-2015-7872</td> 255 <td></td> 256 <td></td> 257 </tr> 258 <tr> 259 <td>Synaptics </td> 260 <td>CVE-2016-8393CVE-2016-8394</td> 261 <td></td> 262 <td></td> 263 </tr> 264 <tr> 265 <td>Broadcom WLAN </td> 266 <td>CVE-2014-9909CVE-2014-9910</td> 267 <td></td> 268 <td>*</td> 269 </tr> 270 <tr> 271 <td>MediaTek </td> 272 <td>CVE-2016-8396</td> 273 <td></td> 274 <td>*</td> 275 </tr> 276 <tr> 277 <td>NVIDIA </td> 278 <td>CVE-2016-8397</td> 279 <td></td> 280 <td></td> 281 </tr> 282 <tr> 283 <td>GPS </td> 284 <td>CVE-2016-5341</td> 285 <td></td> 286 <td></td> 287 </tr> 288 <tr> 289 <td>NVIDIA </td> 290 <td>CVE-2016-8395</td> 291 <td></td> 292 <td></td> 293 </tr> 294 <tr> 295 <td></td> 296 <td>CVE-2016-8399</td> 297 <td></td> 298 <td></td> 299 </tr> 300 <tr> 301 <td>Qualcomm </td> 302 <td>CVE-2016-6756CVE-2016-6757</td> 303 <td></td> 304 <td></td> 305 </tr> 306 <tr> 307 <td>NVIDIA librm </td> 308 <td>CVE-2016-8400</td> 309 <td></td> 310 <td></td> 311 </tr> 312 <tr> 313 <td></td> 314 <td>CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8404CVE-2016-8405CVE-2016-8406CVE-2016-8407</td> 315 <td></td> 316 <td></td> 317 </tr> 318 <tr> 319 <td>NVIDIA </td> 320 <td>CVE-2016-8408CVE-2016-8409</td> 321 <td></td> 322 <td></td> 323 </tr> 324 <tr> 325 <td>Qualcomm </td> 326 <td>CVE-2016-8410</td> 327 <td></td> 328 <td></td> 329 </tr> 330 </table> 331 <p> 332 * Android 7.0 Google 333 </p> 334 <h2 id="mitigations">Android Google </h2> 335 <p> 336 <a href="/security/enhancements/index.html">Android </a> SafetyNet Android 337 </p> 338 <ul> 339 <li> Android Android Android</li> 340 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root </li> 341 <li> Google Messenger Mediaserver </li> 342 </ul> 343 344 <h2 id="acknowledgements"></h2> 345 <p> 346 </p> 347 348 <ul> 349 <li> Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi Zhang Yang SongCVE-2016-6783CVE-2016-6784CVE-2016-6785</li> 350 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6789CVE-2016-6790</li> 351 <li>Christian SeelCVE-2016-6769</li> 352 <li>Google David Benjamin Kenny RootCVE-2016-6767</li> 353 <li> (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-6776CVE-2016-6787</li> 354 <li><a href="http://www.ms509.com">MS509Team</a> En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)CVE-2016-6763</li> 355 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-6779CVE-2016-6778CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8409CVE-2016-8408CVE-2016-8404</li> 356 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-6788CVE-2016-6781CVE-2016-6782CVE-2016-8396</li> 357 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6791CVE-2016-8391CVE-2016-8392</li> 358 <li>Project Zero Mark BrandCVE-2016-6772</li> 359 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2016-6770CVE-2016-6774</li> 360 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6761CVE-2016-6759CVE-2016-8400</li> 361 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6760</li> 362 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6759</li> 363 <li> Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2016-6915CVE-2016-6916CVE-2016-6917</li> 364 <li>Nightwatch Cybersecurity Research (<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>)CVE-2016-5341</li> 365 <li> X-Lab CVE-2016-6755CVE-2016-6756</li> 366 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-8397CVE-2016-8405CVE-2016-8406CVE-2016-8407</li> 367 <li> (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2016-8399CVE-2016-8395</li> 368 <li> (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) Marco Grassi (<a href="https://twitter.com/marcograss">@marcograss</a>)CVE-2016-6768</li> 369 <li>Richard ShupakCVE-2016-5341</li> 370 <li>IBM X-Force Sagi KedmiCVE-2016-8393CVE-2016-8394</li> 371 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-6757</li> 372 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2016-6773</li> 373 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6765</li> 374 <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/"></a> (<a href="https://twitter.com/wish_wu">@wish_wu</a>)<a href="http://weibo.com/wishlinux"></a>CVE-2016-6704</li> 375 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6786CVE-2016-6780CVE-2016-6775</li> 376 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-6777</li> 377 <li> Yuxiang LiCVE-2016-6771</li> 378 <li> 360 CVE-2016-6764CVE-2016-6766</li> 379 <li> 360 <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>CVE-2016-6762</li> 380 </ul> 381 <p> 382 MengLuo Gou (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)Google (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Zubin Mithra 383 </p> 384 385 <h2 id="2016-12-01-details">2016-12-01 - </h2> 386 <p> 387 <a href="#2016-12-01-summary">2016-12-01 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 388 389 390 <h3 id="rce-in-curl-libcurl">CURL/LIBCURL </h3> 391 <p> 392 CURL LIBCURL 393 </p> 394 395 <table> 396 <col width="18%"> 397 <col width="18%"> 398 <col width="10%"> 399 <col width="19%"> 400 <col width="17%"> 401 <col width="17%"> 402 <tr> 403 <th>CVE</th> 404 <th></th> 405 <th></th> 406 <th> Google </th> 407 <th> AOSP </th> 408 <th></th> 409 </tr> 410 <tr> 411 <td>CVE-2016-5419</td> 412 <td>A-31271247</td> 413 <td></td> 414 <td></td> 415 <td>7.0</td> 416 <td>2016 8 3 </td> 417 </tr> 418 <tr> 419 <td>CVE-2016-5420</td> 420 <td>A-31271247</td> 421 <td></td> 422 <td></td> 423 <td>7.0</td> 424 <td>2016 8 3 </td> 425 </tr> 426 <tr> 427 <td>CVE-2016-5421</td> 428 <td>A-31271247</td> 429 <td></td> 430 <td></td> 431 <td>7.0</td> 432 <td>2016 8 3 </td> 433 </tr> 434 </table> 435 436 437 <h3 id="eop-in-libziparchive">libziparchive </h3> 438 <p> 439 libziparchive 440 </p> 441 442 <table> 443 <col width="18%"> 444 <col width="18%"> 445 <col width="10%"> 446 <col width="19%"> 447 <col width="17%"> 448 <col width="17%"> 449 <tr> 450 <th>CVE</th> 451 <th></th> 452 <th></th> 453 <th> Google </th> 454 <th> AOSP </th> 455 <th></th> 456 </tr> 457 <tr> 458 <td>CVE-2016-6762</td> 459 <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c">A-31251826</a> [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>]</td> 460 <td></td> 461 <td></td> 462 <td>5.0.25.1.16.06.0.17.0</td> 463 <td>2016 8 28 </td> 464 </tr> 465 </table> 466 467 468 <h3 id="dos-in-telephony">Telephony </h3> 469 <p> 470 Telephony 471 </p> 472 473 <table> 474 <col width="18%"> 475 <col width="18%"> 476 <col width="10%"> 477 <col width="19%"> 478 <col width="17%"> 479 <col width="17%"> 480 <tr> 481 <th>CVE</th> 482 <th></th> 483 <th></th> 484 <th> Google </th> 485 <th> AOSP </th> 486 <th></th> 487 </tr> 488 <tr> 489 <td>CVE-2016-6763</td> 490 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1294620627b1e9afdf4bd0ad51c25ed3daf80d84">A-31530456</a></td> 491 <td></td> 492 <td></td> 493 <td>4.4.45.0.25.1.16.06.0.17.0</td> 494 <td>2016 9 12 </td> 495 </tr> 496 </table> 497 498 499 <h3 id="dos-in-mediaserver">Mediaserver </h3> 500 <p> 501 Mediaserver 502 </p> 503 504 <table> 505 <col width="18%"> 506 <col width="18%"> 507 <col width="10%"> 508 <col width="19%"> 509 <col width="17%"> 510 <col width="17%"> 511 <tr> 512 <th>CVE</th> 513 <th></th> 514 <th></th> 515 <th> Google </th> 516 <th> AOSP </th> 517 <th></th> 518 </tr> 519 <tr> 520 <td>CVE-2016-6766</td> 521 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20">A-31318219</a></td> 522 <td></td> 523 <td></td> 524 <td>4.4.45.0.25.1.16.06.0.17.0</td> 525 <td>2016 9 5 </td> 526 </tr> 527 <tr> 528 <td>CVE-2016-6765</td> 529 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/fd9cc97d4dfe2a2fbce2c0f1704d7a27ce7cbc44">A-31449945</a></td> 530 <td></td> 531 <td></td> 532 <td>4.4.45.0.25.1.17.0</td> 533 <td>2016 9 13 </td> 534 </tr> 535 <tr> 536 <td>CVE-2016-6764</td> 537 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20">A-31681434</a></td> 538 <td></td> 539 <td></td> 540 <td>4.4.45.0.25.1.16.06.0.17.0</td> 541 <td>2016 9 22 </td> 542 </tr> 543 <tr> 544 <td>CVE-2016-6767</td> 545 <td>A-31833604</td> 546 <td></td> 547 <td>*</td> 548 <td>4.4.4</td> 549 <td>Google </td> 550 </tr> 551 </table> 552 553 <p> 554 * Android 7.0 Google 555 </p> 556 557 558 <h3 id="rce-in-framesequence-library">Framesequence </h3> 559 <p> 560 Framesequence Framesequence 561 </p> 562 563 <table> 564 <col width="18%"> 565 <col width="18%"> 566 <col width="10%"> 567 <col width="19%"> 568 <col width="17%"> 569 <col width="17%"> 570 <tr> 571 <th>CVE</th> 572 <th></th> 573 <th></th> 574 <th> Google </th> 575 <th> AOSP </th> 576 <th></th> 577 </tr> 578 <tr> 579 <td>CVE-2016-6768</td> 580 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/0ada9456d0270cb0e357a43d9187a6418d770760">A-31631842</a></td> 581 <td></td> 582 <td></td> 583 <td>5.0.25.1.16.06.0.17.0</td> 584 <td>2016 9 19 </td> 585 </tr> 586 </table> 587 588 589 <h3 id="eop-in-smart-lock">Smart Lock </h3> 590 <p> 591 Smart Lock PIN Smart Lock Smart Lock 592 </p> 593 594 <table> 595 <col width="18%"> 596 <col width="18%"> 597 <col width="10%"> 598 <col width="19%"> 599 <col width="17%"> 600 <col width="17%"> 601 <tr> 602 <th>CVE</th> 603 <th></th> 604 <th></th> 605 <th> Google </th> 606 <th> AOSP </th> 607 <th></th> 608 </tr> 609 <tr> 610 <td>CVE-2016-6769</td> 611 <td>A-29055171</td> 612 <td></td> 613 <td>*</td> 614 <td>5.0.25.1.16.06.0.1</td> 615 <td>2016 5 27 </td> 616 </tr> 617 </table> 618 <p> 619 * Android 7.0 Google 620 </p> 621 622 623 <h3 id="eop-in-framework-apis">Framework API </h3> 624 <p> 625 Framework API 626 </p> 627 628 <table> 629 <col width="18%"> 630 <col width="18%"> 631 <col width="10%"> 632 <col width="19%"> 633 <col width="17%"> 634 <col width="17%"> 635 <tr> 636 <th>CVE</th> 637 <th></th> 638 <th></th> 639 <th> Google </th> 640 <th> AOSP </th> 641 <th></th> 642 </tr> 643 <tr> 644 <td>CVE-2016-6770</td> 645 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc">A-30202228</a></td> 646 <td></td> 647 <td></td> 648 <td>4.4.45.0.25.1.16.06.0.17.0</td> 649 <td>2016 7 16 </td> 650 </tr> 651 </table> 652 653 654 <h3 id="eop-in-telephony">Telephony </h3> 655 <p> 656 Telephony 657 </p> 658 659 <table> 660 <col width="18%"> 661 <col width="18%"> 662 <col width="10%"> 663 <col width="19%"> 664 <col width="17%"> 665 <col width="17%"> 666 <tr> 667 <th>CVE</th> 668 <th></th> 669 <th></th> 670 <th> Google </th> 671 <th> AOSP </th> 672 <th></th> 673 </tr> 674 <tr> 675 <td>CVE-2016-6771</td> 676 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a39ff9526aee6f2ea4f6e02412db7b33d486fd7d">A-31566390</a></td> 677 <td></td> 678 <td></td> 679 <td>6.06.0.17.0</td> 680 <td>2016 9 17 </td> 681 </tr> 682 </table> 683 684 685 <h3 id="eop-in-wi-fi">WLAN </h3> 686 <p> 687 WLAN 688 </p> 689 690 <table> 691 <col width="18%"> 692 <col width="18%"> 693 <col width="10%"> 694 <col width="19%"> 695 <col width="17%"> 696 <col width="17%"> 697 <tr> 698 <th>CVE</th> 699 <th></th> 700 <th></th> 701 <th> Google </th> 702 <th> AOSP </th> 703 <th></th> 704 </tr> 705 <tr> 706 <td>CVE-2016-6772</td> 707 <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484">A-31856351</a> [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> 708 <td></td> 709 <td></td> 710 <td>5.0.25.1.16.06.0.17.0</td> 711 <td>2016 9 30 </td> 712 </tr> 713 </table> 714 715 716 <h3 id="id-in-mediaserver">Mediaserver </h3> 717 <p> 718 Mediaserver 719 </p> 720 721 <table> 722 <col width="18%"> 723 <col width="18%"> 724 <col width="10%"> 725 <col width="19%"> 726 <col width="17%"> 727 <col width="17%"> 728 <tr> 729 <th>CVE</th> 730 <th></th> 731 <th></th> 732 <th> Google </th> 733 <th> AOSP </th> 734 <th></th> 735 </tr> 736 <tr> 737 <td>CVE-2016-6773</td> 738 <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0">A-30481714</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> 739 <td></td> 740 <td></td> 741 <td>6.06.0.17.0</td> 742 <td>2016 7 27 </td> 743 </tr> 744 </table> 745 746 747 <h3 id="id-in-package-manager"></h3> 748 <p> 749 750 </p> 751 752 <table> 753 <col width="18%"> 754 <col width="18%"> 755 <col width="10%"> 756 <col width="19%"> 757 <col width="17%"> 758 <col width="17%"> 759 <tr> 760 <th>CVE</th> 761 <th></th> 762 <th></th> 763 <th> Google </th> 764 <th> AOSP </th> 765 <th></th> 766 </tr> 767 <tr> 768 <td>CVE-2016-6774</td> 769 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e2d4f5fc313ecb4ba587b20fff6d346f8cd51775">A-31251489</a></td> 770 <td></td> 771 <td></td> 772 <td>7.0</td> 773 <td>2016 8 29 </td> 774 </tr> 775 </table> 776 777 778 <h2 id="2016-12-05-details">2016-12-05 - </h2> 779 <p> 780 <a href="#2016-12-05-summary">2016-12-05 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 781 782 <h3 id="eop-in-kernel-memory-subsystem"></h3> 783 <p> 784 785 </p> 786 787 <table> 788 <col width="19%"> 789 <col width="20%"> 790 <col width="10%"> 791 <col width="23%"> 792 <col width="17%"> 793 <tr> 794 <th>CVE</th> 795 <th></th> 796 <th></th> 797 <th> Google </th> 798 <th></th> 799 </tr> 800 <tr> 801 <td>CVE-2016-4794</td> 802 <td>A-31596597<br> 803 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"></a> [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> 804 <td></td> 805 <td>Pixel CPixelPixel XL</td> 806 <td>2016 4 17 </td> 807 </tr> 808 <tr> 809 <td>CVE-2016-5195</td> 810 <td>A-32141528<br> 811 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"></a> [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> 812 <td></td> 813 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 814 <td>2016 10 12 </td> 815 </tr> 816 </table> 817 818 819 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 820 <p> 821 NVIDIA GPU 822 </p> 823 824 <table> 825 <col width="19%"> 826 <col width="20%"> 827 <col width="10%"> 828 <col width="23%"> 829 <col width="17%"> 830 <tr> 831 <th>CVE</th> 832 <th></th> 833 <th></th> 834 <th> Google </th> 835 <th></th> 836 </tr> 837 <tr> 838 <td>CVE-2016-6775</td> 839 <td>A-31222873*<br>N-CVE-2016-6775</td> 840 <td></td> 841 <td>Nexus 9</td> 842 <td>2016 8 25 </td> 843 </tr> 844 <tr> 845 <td>CVE-2016-6776</td> 846 <td>A-31680980*<br>N-CVE-2016-6776</td> 847 <td></td> 848 <td>Nexus 9</td> 849 <td>2016 9 22 </td> 850 </tr> 851 <tr> 852 <td>CVE-2016-6777</td> 853 <td>A-31910462*<br>N-CVE-2016-6777</td> 854 <td></td> 855 <td>Nexus 9</td> 856 <td>2016 10 3 </td> 857 </tr> 858 </table> 859 <p> 860 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 861 </p> 862 863 <h3 id="eop-in-kernel"></h3> 864 <p> 865 866 </p> 867 868 <table> 869 <col width="19%"> 870 <col width="20%"> 871 <col width="10%"> 872 <col width="23%"> 873 <col width="17%"> 874 <tr> 875 <th>CVE</th> 876 <th></th> 877 <th></th> 878 <th> Google </th> 879 <th></th> 880 </tr> 881 <tr> 882 <td>CVE-2015-8966</td> 883 <td>A-31435731<br> 884 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"></a></td> 885 <td></td> 886 <td>*</td> 887 <td>2016 9 10 </td> 888 </tr> 889 </table> 890 <p> 891 * Android 7.0 Google 892 </p> 893 894 895 <h3 id="eop-in-nvidia-video-driver">NVIDIA </h3> 896 <p>NVIDIA 897 </p> 898 899 <table> 900 <col width="19%"> 901 <col width="20%"> 902 <col width="10%"> 903 <col width="23%"> 904 <col width="17%"> 905 <tr> 906 <th>CVE</th> 907 <th></th> 908 <th></th> 909 <th> Google </th> 910 <th></th> 911 </tr> 912 <tr> 913 <td>CVE-2016-6915</td> 914 <td>A-31471161*<br>N-CVE-2016-6915</td> 915 <td></td> 916 <td>Nexus 9</td> 917 <td>2016 9 13 </td> 918 </tr> 919 <tr> 920 <td>CVE-2016-6916</td> 921 <td>A-32072350*<br>N-CVE-2016-6916</td> 922 <td></td> 923 <td>Nexus 9Pixel C</td> 924 <td>2016 9 13 </td> 925 </tr> 926 <tr> 927 <td>CVE-2016-6917</td> 928 <td>A-32072253*<br>N-CVE-2016-6917</td> 929 <td></td> 930 <td>Nexus 9</td> 931 <td>2016 9 13 </td> 932 </tr> 933 </table> 934 <p> 935 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 936 </p> 937 938 <h3 id="eop-in-kernel-ion-driver"> ION </h3> 939 <p> 940 ION 941 </p> 942 943 <table> 944 <col width="19%"> 945 <col width="20%"> 946 <col width="10%"> 947 <col width="23%"> 948 <col width="17%"> 949 <tr> 950 <th>CVE</th> 951 <th></th> 952 <th></th> 953 <th> Google </th> 954 <th></th> 955 </tr> 956 <tr> 957 <td>CVE-2016-9120</td> 958 <td>A-31568617<br> 959 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"></a></td> 960 <td></td> 961 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus Player</td> 962 <td>2016 9 16 </td> 963 </tr> 964 </table> 965 966 <h3>Qualcomm </h3> 967 <p> 968 Qualcomm 2015 11 Qualcomm AMSS 969 </p> 970 <table> 971 <col width="19%"> 972 <col width="20%"> 973 <col width="10%"> 974 <col width="23%"> 975 <col width="17%"> 976 <tr> 977 <th>CVE</th> 978 <th></th> 979 <th>*</th> 980 <th> Google </th> 981 <th></th> 982 </tr> 983 <tr> 984 <td>CVE-2016-8411</td> 985 <td>A-31805216**</td> 986 <td></td> 987 <td>Nexus 6Nexus 6PAndroid One</td> 988 <td>Qualcomm </td> 989 </tr> 990 </table> 991 <p>* </p> 992 <p>** <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 993 </p> 994 995 <h3 id="eop-in-kernel-file-system"></h3> 996 <p> 997 998 </p> 999 1000 <table> 1001 <col width="19%"> 1002 <col width="20%"> 1003 <col width="10%"> 1004 <col width="23%"> 1005 <col width="17%"> 1006 <tr> 1007 <th>CVE</th> 1008 <th></th> 1009 <th></th> 1010 <th> Google </th> 1011 <th></th> 1012 </tr> 1013 <tr> 1014 <td>CVE-2014-4014</td> 1015 <td>A-31252187<br> 1016 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"></a></td> 1017 <td></td> 1018 <td>Nexus 6Nexus Player</td> 1019 <td>2014 6 10 </td> 1020 </tr> 1021 </table> 1022 1023 1024 <h3 id="eop-in-kernel-2"></h3> 1025 <p> 1026 1027 </p> 1028 1029 <table> 1030 <col width="19%"> 1031 <col width="20%"> 1032 <col width="10%"> 1033 <col width="23%"> 1034 <col width="17%"> 1035 <tr> 1036 <th>CVE</th> 1037 <th></th> 1038 <th></th> 1039 <th> Google </th> 1040 <th></th> 1041 </tr> 1042 <tr> 1043 <td>CVE-2015-8967</td> 1044 <td>A-31703084<br> 1045 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"></a></td> 1046 <td></td> 1047 <td>Nexus 5XNexus 6PNexus 9Pixel CPixelPixel XL</td> 1048 <td>2015 1 8 </td> 1049 </tr> 1050 </table> 1051 1052 1053 <h3 id="eop-in-htc-sound-codec-driver">HTC </h3> 1054 <p> 1055 HTC 1056 </p> 1057 1058 <table> 1059 <col width="19%"> 1060 <col width="20%"> 1061 <col width="10%"> 1062 <col width="23%"> 1063 <col width="17%"> 1064 <tr> 1065 <th>CVE</th> 1066 <th></th> 1067 <th></th> 1068 <th> Google </th> 1069 <th></th> 1070 </tr> 1071 <tr> 1072 <td>CVE-2016-6778</td> 1073 <td>A-31384646*</td> 1074 <td></td> 1075 <td>Nexus 9</td> 1076 <td>2016 2 25 </td> 1077 </tr> 1078 <tr> 1079 <td>CVE-2016-6779</td> 1080 <td>A-31386004*</td> 1081 <td></td> 1082 <td>Nexus 9</td> 1083 <td>2016 2 25 </td> 1084 </tr> 1085 <tr> 1086 <td>CVE-2016-6780</td> 1087 <td>A-31251496*</td> 1088 <td></td> 1089 <td>Nexus 9</td> 1090 <td>2016 8 30 </td> 1091 </tr> 1092 </table> 1093 <p> 1094 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1095 </p> 1096 1097 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1098 <p> 1099 MediaTek 1100 </p> 1101 1102 <table> 1103 <col width="19%"> 1104 <col width="20%"> 1105 <col width="10%"> 1106 <col width="23%"> 1107 <col width="17%"> 1108 <tr> 1109 <th>CVE</th> 1110 <th></th> 1111 <th></th> 1112 <th> Google </th> 1113 <th></th> 1114 </tr> 1115 <tr> 1116 <td>CVE-2016-6492</td> 1117 <td>A-28175122<br>MT-ALPS02696413</td> 1118 <td></td> 1119 <td>*</td> 1120 <td>2016 4 11 </td> 1121 </tr> 1122 <tr> 1123 <td>CVE-2016-6781</td> 1124 <td>A-31095175<br>MT-ALPS02943455</td> 1125 <td></td> 1126 <td>*</td> 1127 <td>2016 8 22 </td> 1128 </tr> 1129 <tr> 1130 <td>CVE-2016-6782</td> 1131 <td>A-31224389<br>MT-ALPS02943506</td> 1132 <td></td> 1133 <td>*</td> 1134 <td>2016 8 24 </td> 1135 </tr> 1136 <tr> 1137 <td>CVE-2016-6783</td> 1138 <td>A-31350044<br>MT-ALPS02943437</td> 1139 <td></td> 1140 <td>*</td> 1141 <td>2016 9 6 </td> 1142 </tr> 1143 <tr> 1144 <td>CVE-2016-6784</td> 1145 <td>A-31350755<br>MT-ALPS02961424</td> 1146 <td></td> 1147 <td>*</td> 1148 <td>2016 9 6 </td> 1149 </tr> 1150 <tr> 1151 <td>CVE-2016-6785</td> 1152 <td>A-31748056<br>MT-ALPS02961400</td> 1153 <td></td> 1154 <td>*</td> 1155 <td>2016 9 25 </td> 1156 </tr> 1157 </table> 1158 <p> 1159 * Android 7.0 Google 1160 </p> 1161 1162 1163 <h3 id="eop-in-qualcomm-media-codecs">Qualcomm </h3> 1164 <p> 1165 Qualcomm 1166 </p> 1167 1168 <table> 1169 <col width="19%"> 1170 <col width="20%"> 1171 <col width="10%"> 1172 <col width="23%"> 1173 <col width="17%"> 1174 <tr> 1175 <th>CVE</th> 1176 <th></th> 1177 <th></th> 1178 <th> Google </th> 1179 <th></th> 1180 </tr> 1181 <tr> 1182 <td>CVE-2016-6761</td> 1183 <td>A-29421682*<br>QC-CR#1055792</td> 1184 <td></td> 1185 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1186 <td>2016 6 16 </td> 1187 </tr> 1188 <tr> 1189 <td>CVE-2016-6760</td> 1190 <td>A-29617572*<br>QC-CR#1055783</td> 1191 <td></td> 1192 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1193 <td>2016 6 23 </td> 1194 </tr> 1195 <tr> 1196 <td>CVE-2016-6759</td> 1197 <td>A-29982686*<br>QC-CR#1055766</td> 1198 <td></td> 1199 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1200 <td>2016 7 4 </td> 1201 </tr> 1202 <tr> 1203 <td>CVE-2016-6758</td> 1204 <td>A-30148882*<br>QC-CR#1071731</td> 1205 <td></td> 1206 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1207 <td>2016 7 13 </td> 1208 </tr> 1209 </table> 1210 <p> 1211 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1212 </p> 1213 1214 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3> 1215 <p> 1216 Qualcomm 1217 </p> 1218 1219 <table> 1220 <col width="19%"> 1221 <col width="20%"> 1222 <col width="10%"> 1223 <col width="23%"> 1224 <col width="17%"> 1225 <tr> 1226 <th>CVE</th> 1227 <th></th> 1228 <th></th> 1229 <th> Google </th> 1230 <th></th> 1231 </tr> 1232 <tr> 1233 <td>CVE-2016-6755</td> 1234 <td>A-30740545<br> 1235 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0">QC-CR#1065916</a></td> 1236 <td></td> 1237 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1238 <td>2016 8 3 </td> 1239 </tr> 1240 </table> 1241 1242 1243 <h3 id="eop-in-kernel-performance-subsystem"></h3> 1244 <p> 1245 1246 </p> 1247 1248 <table> 1249 <col width="19%"> 1250 <col width="20%"> 1251 <col width="10%"> 1252 <col width="23%"> 1253 <col width="17%"> 1254 <tr> 1255 <th>CVE</th> 1256 <th></th> 1257 <th></th> 1258 <th> Google </th> 1259 <th></th> 1260 </tr> 1261 <tr> 1262 <td>CVE-2016-6786</td> 1263 <td>A-30955111<a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"> 1264 </a></td> 1265 <td></td> 1266 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1267 <td>2016 8 18 </td> 1268 </tr> 1269 <tr> 1270 <td>CVE-2016-6787</td> 1271 <td>A-31095224 1272 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"></a></td> 1273 <td></td> 1274 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1275 <td>2016 8 22 </td> 1276 </tr> 1277 </table> 1278 1279 1280 <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C </h3> 1281 <p> 1282 MediaTek I2C 1283 </p> 1284 1285 <table> 1286 <col width="19%"> 1287 <col width="20%"> 1288 <col width="10%"> 1289 <col width="23%"> 1290 <col width="17%"> 1291 <tr> 1292 <th>CVE</th> 1293 <th></th> 1294 <th></th> 1295 <th> Google </th> 1296 <th></th> 1297 </tr> 1298 <tr> 1299 <td>CVE-2016-6788</td> 1300 <td>A-31224428<br>MT-ALPS02943467</td> 1301 <td></td> 1302 <td>*</td> 1303 <td>2016 8 24 </td> 1304 </tr> 1305 </table> 1306 <p> 1307 * Android 7.0 Google 1308 </p> 1309 1310 1311 <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx </h3> 1312 <p> 1313 NVIDIA libomx (libnvomx) 1314 </p> 1315 1316 <table> 1317 <col width="19%"> 1318 <col width="20%"> 1319 <col width="10%"> 1320 <col width="23%"> 1321 <col width="17%"> 1322 <tr> 1323 <th>CVE</th> 1324 <th></th> 1325 <th></th> 1326 <th> Google </th> 1327 <th></th> 1328 </tr> 1329 <tr> 1330 <td>CVE-2016-6789</td> 1331 <td>A-31251973* 1332 <br>N-CVE-2016-6789</td> 1333 <td></td> 1334 <td>Pixel C</td> 1335 <td>2016 8 29 </td> 1336 </tr> 1337 <tr> 1338 <td>CVE-2016-6790</td> 1339 <td>A-31251628* 1340 <br>N-CVE-2016-6790</td> 1341 <td></td> 1342 <td>Pixel C</td> 1343 <td>2016 8 28 </td> 1344 </tr> 1345 </table> 1346 <p> 1347 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1348 </p> 1349 1350 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1351 <p> 1352 Qualcomm 1353 </p> 1354 1355 <table> 1356 <col width="19%"> 1357 <col width="20%"> 1358 <col width="10%"> 1359 <col width="23%"> 1360 <col width="17%"> 1361 <tr> 1362 <th>CVE</th> 1363 <th></th> 1364 <th></th> 1365 <th> Google </th> 1366 <th></th> 1367 </tr> 1368 <tr> 1369 <td>CVE-2016-6791</td> 1370 <td>A-31252384<br> 1371 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1372 QC-CR#1071809</a></td> 1373 <td></td> 1374 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1375 <td>2016 8 31 </td> 1376 </tr> 1377 <tr> 1378 <td>CVE-2016-8391</td> 1379 <td>A-31253255<br> 1380 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1381 QC-CR#1072166</a></td> 1382 <td></td> 1383 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1384 <td>2016 8 31 </td> 1385 </tr> 1386 <tr> 1387 <td>CVE-2016-8392</td> 1388 <td>A-31385862<br> 1389 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> 1390 QC-CR#1073136</a></td> 1391 <td></td> 1392 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1393 <td>2016 9 8 </td> 1394 </tr> 1395 </table> 1396 1397 1398 <h3 id="eop-in-kernel-security-subsystem"></h3> 1399 <p> 1400 1401 </p> 1402 1403 <table> 1404 <col width="19%"> 1405 <col width="20%"> 1406 <col width="10%"> 1407 <col width="23%"> 1408 <col width="17%"> 1409 <tr> 1410 <th>CVE</th> 1411 <th></th> 1412 <th></th> 1413 <th> Google </th> 1414 <th></th> 1415 </tr> 1416 <tr> 1417 <td>CVE-2015-7872</td> 1418 <td>A-31253168<br> 1419 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> 1420 </a></td> 1421 <td></td> 1422 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td> 1423 <td>2016 8 31 </td> 1424 </tr> 1425 </table> 1426 1427 1428 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1429 <p> 1430 Synaptics 1431 </p> 1432 1433 <table> 1434 <col width="19%"> 1435 <col width="20%"> 1436 <col width="10%"> 1437 <col width="23%"> 1438 <col width="17%"> 1439 <tr> 1440 <th>CVE</th> 1441 <th></th> 1442 <th></th> 1443 <th> Google </th> 1444 <th></th> 1445 </tr> 1446 <tr> 1447 <td>CVE-2016-8393</td> 1448 <td>A-31911920*</td> 1449 <td></td> 1450 <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1451 <td>2016 9 8 </td> 1452 </tr> 1453 <tr> 1454 <td>CVE-2016-8394</td> 1455 <td>A-31913197*</td> 1456 <td></td> 1457 <td>Nexus 9Android One</td> 1458 <td>2016 9 8 </td> 1459 </tr> 1460 </table> 1461 <p> 1462 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1463 </p> 1464 1465 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom WLAN </h3> 1466 <p> 1467 Broadcom WLAN 1468 </p> 1469 1470 <table> 1471 <col width="19%"> 1472 <col width="20%"> 1473 <col width="10%"> 1474 <col width="23%"> 1475 <col width="17%"> 1476 <tr> 1477 <th>CVE</th> 1478 <th></th> 1479 <th></th> 1480 <th> Google </th> 1481 <th></th> 1482 </tr> 1483 <tr> 1484 <td>CVE-2014-9909</td> 1485 <td>A-31676542<br>B-RB#26684</td> 1486 <td></td> 1487 <td>*</td> 1488 <td>2016 9 21 </td> 1489 </tr> 1490 <tr> 1491 <td>CVE-2014-9910</td> 1492 <td>A-31746399<br>B-RB#26710</td> 1493 <td></td> 1494 <td>*</td> 1495 <td>2016 9 26 </td> 1496 </tr> 1497 </table> 1498 <p> 1499 * Android 7.0 Google 1500 </p> 1501 1502 1503 <h3 id="id-in-mediatek-video-driver">MediaTek </h3> 1504 <p> 1505 MediaTek 1506 </p> 1507 1508 <table> 1509 <col width="19%"> 1510 <col width="20%"> 1511 <col width="10%"> 1512 <col width="23%"> 1513 <col width="17%"> 1514 <tr> 1515 <th>CVE</th> 1516 <th></th> 1517 <th></th> 1518 <th> Google </th> 1519 <th></th> 1520 </tr> 1521 <tr> 1522 <td>CVE-2016-8396</td> 1523 <td>A-31249105</td> 1524 <td></td> 1525 <td>*</td> 1526 <td>2016 8 26 </td> 1527 </tr> 1528 </table> 1529 <p> 1530 * Android 7.0 Google 1531 </p> 1532 1533 1534 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1535 <p> 1536 NVIDIA 1537 </p> 1538 1539 <table> 1540 <col width="19%"> 1541 <col width="20%"> 1542 <col width="10%"> 1543 <col width="23%"> 1544 <col width="17%"> 1545 <tr> 1546 <th>CVE</th> 1547 <th></th> 1548 <th></th> 1549 <th> Google </th> 1550 <th></th> 1551 </tr> 1552 <tr> 1553 <td>CVE-2016-8397</td> 1554 <td>A-31385953*<br> 1555 N-CVE-2016-8397</td> 1556 <td></td> 1557 <td>Nexus 9</td> 1558 <td>2016 9 8 </td> 1559 </tr> 1560 </table> 1561 <p> 1562 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1563 </p> 1564 1565 <h3 id="dos-in-gps">GPS </h3> 1566 <p> 1567 Qualcomm GPS 1568 </p> 1569 1570 <table> 1571 <col width="19%"> 1572 <col width="20%"> 1573 <col width="10%"> 1574 <col width="23%"> 1575 <col width="17%"> 1576 <tr> 1577 <th>CVE</th> 1578 <th></th> 1579 <th></th> 1580 <th> Google </th> 1581 <th></th> 1582 </tr> 1583 <tr> 1584 <td>CVE-2016-5341</td> 1585 <td>A-31470303*</td> 1586 <td></td> 1587 <td>Nexus 6Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1588 <td>2016 6 21 </td> 1589 </tr> 1590 </table> 1591 <p> 1592 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1593 </p> 1594 1595 <h3 id="dos-in-nvidia-camera-driver">NVIDIA </h3> 1596 <p> 1597 NVIDIA 1598 </p> 1599 1600 <table> 1601 <col width="19%"> 1602 <col width="20%"> 1603 <col width="10%"> 1604 <col width="23%"> 1605 <col width="17%"> 1606 <tr> 1607 <th>CVE</th> 1608 <th></th> 1609 <th></th> 1610 <th> Google </th> 1611 <th></th> 1612 </tr> 1613 <tr> 1614 <td>CVE-2016-8395</td> 1615 <td>A-31403040* 1616 <br>N-CVE-2016-8395</td> 1617 <td></td> 1618 <td>Pixel C</td> 1619 <td>2016 9 9 </td> 1620 </tr> 1621 </table> 1622 <p> 1623 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1624 </p> 1625 1626 <h3 id="eop-in-kernel-networking-subsystem"></h3> 1627 <p> 1628 1629 </p> 1630 1631 <table> 1632 <col width="19%"> 1633 <col width="20%"> 1634 <col width="10%"> 1635 <col width="23%"> 1636 <col width="17%"> 1637 <tr> 1638 <th>CVE</th> 1639 <th></th> 1640 <th></th> 1641 <th> Google </th> 1642 <th></th> 1643 </tr> 1644 <tr> 1645 <td>CVE-2016-8399</td> 1646 <td>A-31349935*</td> 1647 <td></td> 1648 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1649 <td>2016 9 5 </td> 1650 </tr> 1651 </table> 1652 <p> 1653 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1654 </p> 1655 1656 <h3 id="id-in-qualcomm-components">Qualcomm </h3> 1657 <p> 1658 Qualcomm 1659 </p> 1660 1661 <table> 1662 <col width="19%"> 1663 <col width="20%"> 1664 <col width="10%"> 1665 <col width="23%"> 1666 <col width="17%"> 1667 <tr> 1668 <th>CVE</th> 1669 <th></th> 1670 <th></th> 1671 <th> Google </th> 1672 <th></th> 1673 </tr> 1674 <tr> 1675 <td>CVE-2016-6756</td> 1676 <td>A-29464815<br> 1677 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> 1678 QC-CR#1042068</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> 1679 <td></td> 1680 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1681 <td>2016 6 17 </td> 1682 </tr> 1683 <tr> 1684 <td>CVE-2016-6757</td> 1685 <td>A-30148242<br> 1686 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> 1687 QC-CR#1052821</a></td> 1688 <td></td> 1689 <td>Nexus 5XNexus 6Nexus 6PPixelPixel XL</td> 1690 <td>2016 7 13 </td> 1691 </tr> 1692 </table> 1693 1694 1695 <h3 id="id-in-nvidia-librm-library">NVIDIA librm </h3> 1696 <p> 1697 NVIDIA librm (libnvrm) 1698 </p> 1699 1700 <table> 1701 <col width="19%"> 1702 <col width="20%"> 1703 <col width="10%"> 1704 <col width="23%"> 1705 <col width="17%"> 1706 <tr> 1707 <th>CVE</th> 1708 <th></th> 1709 <th></th> 1710 <th> Google </th> 1711 <th></th> 1712 </tr> 1713 <tr> 1714 <td>CVE-2016-8400</td> 1715 <td>A-31251599* 1716 <br>N-CVE-2016-8400</td> 1717 <td></td> 1718 <td>Pixel C</td> 1719 <td>2016 8 29 </td> 1720 </tr> 1721 </table> 1722 <p> 1723 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1724 </p> 1725 1726 <h3 id="id-in-kernel-components"></h3> 1727 <p> 1728 ION BinderUSB 1729 </p> 1730 1731 <table> 1732 <col width="19%"> 1733 <col width="20%"> 1734 <col width="10%"> 1735 <col width="23%"> 1736 <col width="17%"> 1737 <tr> 1738 <th>CVE</th> 1739 <th></th> 1740 <th></th> 1741 <th> Google </th> 1742 <th></th> 1743 </tr> 1744 <tr> 1745 <td>CVE-2016-8401</td> 1746 <td>A-31494725*</td> 1747 <td></td> 1748 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1749 <td>2016 9 13 </td> 1750 </tr> 1751 <tr> 1752 <td>CVE-2016-8402</td> 1753 <td>A-31495231*</td> 1754 <td></td> 1755 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1756 <td>2016 9 13 </td> 1757 </tr> 1758 <tr> 1759 <td>CVE-2016-8403</td> 1760 <td>A-31495348*</td> 1761 <td></td> 1762 <td>Nexus 9</td> 1763 <td>2016 9 13 </td> 1764 </tr> 1765 <tr> 1766 <td>CVE-2016-8404</td> 1767 <td>A-31496950*</td> 1768 <td></td> 1769 <td>Nexus 9</td> 1770 <td>2016 9 13 </td> 1771 </tr> 1772 <tr> 1773 <td>CVE-2016-8405</td> 1774 <td>A-31651010*</td> 1775 <td></td> 1776 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1777 <td>2016 9 21 </td> 1778 </tr> 1779 <tr> 1780 <td>CVE-2016-8406</td> 1781 <td>A-31796940*</td> 1782 <td></td> 1783 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1784 <td>2016 9 27 </td> 1785 </tr> 1786 <tr> 1787 <td>CVE-2016-8407</td> 1788 <td>A-31802656*</td> 1789 <td></td> 1790 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1791 <td>2016 9 28 </td> 1792 </tr> 1793 </table> 1794 <p> 1795 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1796 </p> 1797 1798 <h3 id="id-in-nvidia-video-driver-2">NVIDIA </h3> 1799 <p> 1800 NVIDIA 1801 </p> 1802 1803 <table> 1804 <col width="19%"> 1805 <col width="20%"> 1806 <col width="10%"> 1807 <col width="23%"> 1808 <col width="17%"> 1809 <tr> 1810 <th>CVE</th> 1811 <th></th> 1812 <th></th> 1813 <th> Google </th> 1814 <th></th> 1815 </tr> 1816 <tr> 1817 <td>CVE-2016-8408</td> 1818 <td>A-31496571* 1819 <br>N-CVE-2016-8408</td> 1820 <td></td> 1821 <td>Nexus 9</td> 1822 <td>2016 9 13 </td> 1823 </tr> 1824 <tr> 1825 <td>CVE-2016-8409</td> 1826 <td>A-31495687* 1827 <br>N-CVE-2016-8409</td> 1828 <td></td> 1829 <td>Nexus 9</td> 1830 <td>2016 9 13 </td> 1831 </tr> 1832 </table> 1833 <p> 1834 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google 1835 </p> 1836 1837 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3> 1838 <p> 1839 Qualcomm 1840 </p> 1841 1842 <table> 1843 <col width="19%"> 1844 <col width="20%"> 1845 <col width="10%"> 1846 <col width="23%"> 1847 <col width="17%"> 1848 <tr> 1849 <th>CVE</th> 1850 <th></th> 1851 <th></th> 1852 <th> Google </th> 1853 <th></th> 1854 </tr> 1855 <tr> 1856 <td>CVE-2016-8410</td> 1857 <td>A-31498403<br> 1858 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> 1859 QC-CR#987010</a></td> 1860 <td></td> 1861 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1862 <td>Google </td> 1863 </tr> 1864 </table> 1865 1866 <h2 id="common-questions-and-answers"></h2> 1867 <p> 1868 1869 </p> 1870 <p> 1871 <strong>1. 1872 </strong> 1873 </p> 1874 <p> 1875 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 1876 </p> 1877 <ul> 1878 <li>2016-12-01 2016-12-01 </li> 1879 <li>2016-12-05 2016-12-05 </li> 1880 </ul> 1881 <p> 1882 </p> 1883 <ul> 1884 <li>[ro.build.version.security_patch]:[2016-12-01]</li> 1885 <li>[ro.build.version.security_patch]:[2016-12-05]</li> 1886 </ul> 1887 <p> 1888 <strong>2. 2 </strong> 1889 </p> 1890 <p> 1891 2 Android Android Android 1892 </p> 1893 <ul> 1894 <li> 2016 12 1 </li> 1895 <li> 2016 12 5 </li> 1896 </ul> 1897 <p> 1898 1899 </p> 1900 <p> 1901 <strong>3. Google </strong> 1902 </p> 1903 <p> 1904 <a href="#2016-12-01-details">2016-12-01</a> <a href="#2016-12-05-details">2016-12-05</a> Google Google <em></em> 1905 </p> 1906 <ul> 1907 <li><strong> Google </strong> Nexus Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 1908 <li><strong> Google </strong> Google Google Google <em></em></li> 1909 <li><strong> Google </strong> Android 7.0 Google Google <em></em></li> 1910 </ul> 1911 <p> 1912 <strong>4. </strong> 1913 </p> 1914 <p> 1915 <em></em> 1916 </p> 1917 <table> 1918 <tr> 1919 <th></th> 1920 <th></th> 1921 </tr> 1922 <tr> 1923 <td>A-</td> 1924 <td>Android Bug ID</td> 1925 </tr> 1926 <tr> 1927 <td>QC-</td> 1928 <td>Qualcomm </td> 1929 </tr> 1930 <tr> 1931 <td>M-</td> 1932 <td>MediaTek </td> 1933 </tr> 1934 <tr> 1935 <td>N-</td> 1936 <td>NVIDIA </td> 1937 </tr> 1938 <tr> 1939 <td>B-</td> 1940 <td>Broadcom </td> 1941 </tr> 1942 </table> 1943 <h2 id="revisions"></h2> 1944 <ul> 1945 <li>2016 12 5 </li> 1946 <li>2016 12 7 AOSP CVE-2016-6915CVE-2016-6916 CVE-2016-6917 </li> 1947 </ul> 1948 1949 </body> 1950 </html> 1951
