1 <html devsite> 2 <head> 3 <title>Android - 2017 1 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2017 1 3 | 2017 1 5 </em></p> 27 28 <p>Android Android (OTA) Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a> Google 2017 1 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 29 30 <p> 2016 12 5 Android (AOSP) 31 AOSP </p> 32 33 <p></p> 34 35 <p> <a href="#mitigations">Android Google </a> <a href="/security/enhancements/index.html">Android </a> <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android </p> 36 37 <p></p> 38 39 <h2 id="announcements"></h2> 40 <ul> 41 <li> Android Android <a href="#common-questions-and-answers"></a> 42 <ul> 43 <li><strong>2017-01-01</strong> 2017-01-01</li> 44 <li><strong>2017-01-05</strong> 2017-01-01 2017-01-05</li> 45 </ul> 46 </li> 47 <li> Google 2017 1 5 OTA </li> 48 </ul> 49 <h2 id="security-vulnerability-summary"></h2> 50 <p> CVE Google <a href="/security/overview/updates-resources.html#severity"></a></p> 51 52 <h3 id="2017-01-01-summary">2017-01-01 - </h3> 53 <p>2017-01-01</p> 54 55 <table> 56 <col width="55%"> 57 <col width="20%"> 58 <col width="13%"> 59 <col width="12%"> 60 <tr> 61 <th></th> 62 <th>CVE</th> 63 <th></th> 64 <th> Google </th> 65 </tr> 66 <tr> 67 <td>c-ares </td> 68 <td>CVE-2016-5180</td> 69 <td></td> 70 <td></td> 71 </tr> 72 <tr> 73 <td>Framesequence </td> 74 <td>CVE-2017-0382</td> 75 <td></td> 76 <td></td> 77 </tr> 78 <tr> 79 <td>Framework API </td> 80 <td>CVE-2017-0383</td> 81 <td></td> 82 <td></td> 83 </tr> 84 <tr> 85 <td>Audioserver </td> 86 <td>CVE-2017-0384CVE-2017-0385</td> 87 <td></td> 88 <td></td> 89 </tr> 90 <tr> 91 <td>libnl </td> 92 <td>CVE-2017-0386</td> 93 <td></td> 94 <td></td> 95 </tr> 96 <tr> 97 <td>Mediaserver </td> 98 <td>CVE-2017-0387</td> 99 <td></td> 100 <td></td> 101 </tr> 102 <tr> 103 <td></td> 104 <td>CVE-2017-0388</td> 105 <td></td> 106 <td></td> 107 </tr> 108 <tr> 109 <td></td> 110 <td>CVE-2017-0389</td> 111 <td></td> 112 <td></td> 113 </tr> 114 <tr> 115 <td>Mediaserver </td> 116 <td>CVE-2017-0390CVE-2017-0391CVE-2017-0392CVE-2017-0393</td> 117 <td></td> 118 <td></td> 119 </tr> 120 <tr> 121 <td>Telephony </td> 122 <td>CVE-2017-0394</td> 123 <td></td> 124 <td></td> 125 </tr> 126 <tr> 127 <td></td> 128 <td>CVE-2017-0395</td> 129 <td></td> 130 <td></td> 131 </tr> 132 <tr> 133 <td>Mediaserver </td> 134 <td>CVE-2017-0396CVE-2017-0397CVE-2017-0381</td> 135 <td></td> 136 <td></td> 137 </tr> 138 <tr> 139 <td>Audioserver </td> 140 <td>CVE-2017-0398CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 141 <td></td> 142 <td></td> 143 </tr> 144 </table> 145 146 <h3 id="2017-01-05-summary">2017-01-05 - </h3> 147 <p>2017-01-05 2017-01-01 </p> 148 149 <table> 150 <col width="55%"> 151 <col width="20%"> 152 <col width="13%"> 153 <col width="12%"> 154 <tr> 155 <th></th> 156 <th>CVE</th> 157 <th></th> 158 <th> Google </th> 159 </tr> 160 <tr> 161 <td></td> 162 <td>CVE-2015-3288</td> 163 <td></td> 164 <td></td> 165 </tr> 166 <tr> 167 <td>Qualcomm </td> 168 <td>CVE-2016-8422CVE-2016-8423</td> 169 <td></td> 170 <td></td> 171 </tr> 172 <tr> 173 <td></td> 174 <td>CVE-2015-5706</td> 175 <td></td> 176 <td>*</td> 177 </tr> 178 <tr> 179 <td>NVIDIA GPU </td> 180 <td>CVE-2016-8424CVE-2016-8425CVE-2016-8426CVE-2016-8482CVE-2016-8427CVE-2016-8428CVE-2016-8429CVE-2016-8430CVE-2016-8431CVE-2016-8432</td> 181 <td></td> 182 <td></td> 183 </tr> 184 <tr> 185 <td>MediaTek </td> 186 <td>CVE-2016-8433</td> 187 <td></td> 188 <td>*</td> 189 </tr> 190 <tr> 191 <td>Qualcomm GPU </td> 192 <td>CVE-2016-8434</td> 193 <td></td> 194 <td></td> 195 </tr> 196 <tr> 197 <td>NVIDIA GPU </td> 198 <td>CVE-2016-8435</td> 199 <td></td> 200 <td></td> 201 </tr> 202 <tr> 203 <td>Qualcomm </td> 204 <td>CVE-2016-8436</td> 205 <td></td> 206 <td>*</td> 207 </tr> 208 <tr> 209 <td>Qualcomm </td> 210 <td>CVE-2016-5080CVE-2016-8398CVE-2016-8437CVE-2016-8438CVE-2016-8439CVE-2016-8440CVE-2016-8441CVE-2016-8442CVE-2016-8443CVE-2016-8459</td> 211 <td></td> 212 <td>*</td> 213 </tr> 214 <tr> 215 <td>Qualcomm </td> 216 <td>CVE-2016-8412CVE-2016-8444</td> 217 <td></td> 218 <td></td> 219 </tr> 220 <tr> 221 <td>MediaTek </td> 222 <td>CVE-2016-8445CVE-2016-8446CVE-2016-8447CVE-2016-8448</td> 223 <td></td> 224 <td>*</td> 225 </tr> 226 <tr> 227 <td>Qualcomm WLAN </td> 228 <td>CVE-2016-8415</td> 229 <td></td> 230 <td></td> 231 </tr> 232 <tr> 233 <td>NVIDIA GPU </td> 234 <td>CVE-2016-8449</td> 235 <td></td> 236 <td></td> 237 </tr> 238 <tr> 239 <td>Qualcomm </td> 240 <td>CVE-2016-8450</td> 241 <td></td> 242 <td></td> 243 </tr> 244 <tr> 245 <td>Synaptics </td> 246 <td>CVE-2016-8451</td> 247 <td></td> 248 <td>*</td> 249 </tr> 250 <tr> 251 <td></td> 252 <td>CVE-2016-7042</td> 253 <td></td> 254 <td></td> 255 </tr> 256 <tr> 257 <td></td> 258 <td>CVE-2017-0403</td> 259 <td></td> 260 <td></td> 261 </tr> 262 <tr> 263 <td></td> 264 <td>CVE-2017-0404</td> 265 <td></td> 266 <td></td> 267 </tr> 268 <tr> 269 <td>Qualcomm WLAN </td> 270 <td>CVE-2016-8452</td> 271 <td></td> 272 <td></td> 273 </tr> 274 <tr> 275 <td>Qualcomm </td> 276 <td>CVE-2016-5345</td> 277 <td></td> 278 <td></td> 279 </tr> 280 <tr> 281 <td></td> 282 <td>CVE-2016-9754</td> 283 <td></td> 284 <td></td> 285 </tr> 286 <tr> 287 <td>Broadcom WLAN </td> 288 <td>CVE-2016-8453CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457</td> 289 <td></td> 290 <td></td> 291 </tr> 292 <tr> 293 <td>Synaptics </td> 294 <td>CVE-2016-8458</td> 295 <td></td> 296 <td></td> 297 </tr> 298 <tr> 299 <td>NVIDIA </td> 300 <td>CVE-2016-8460</td> 301 <td></td> 302 <td></td> 303 </tr> 304 <tr> 305 <td></td> 306 <td>CVE-2016-8461CVE-2016-8462</td> 307 <td></td> 308 <td></td> 309 </tr> 310 <tr> 311 <td>Qualcomm FUSE </td> 312 <td>CVE-2016-8463</td> 313 <td></td> 314 <td>*</td> 315 </tr> 316 <tr> 317 <td></td> 318 <td>CVE-2016-8467</td> 319 <td></td> 320 <td></td> 321 </tr> 322 <tr> 323 <td>Broadcom WLAN </td> 324 <td>CVE-2016-8464CVE-2016-8465CVE-2016-8466</td> 325 <td></td> 326 <td></td> 327 </tr> 328 <tr> 329 <td></td> 330 <td>CVE-2016-8467</td> 331 <td></td> 332 <td></td> 333 </tr> 334 <tr> 335 <td>Binder </td> 336 <td>CVE-2016-8468</td> 337 <td></td> 338 <td></td> 339 </tr> 340 <tr> 341 <td>NVIDIA </td> 342 <td>CVE-2016-8469</td> 343 <td></td> 344 <td></td> 345 </tr> 346 <tr> 347 <td>MediaTek </td> 348 <td>CVE-2016-8470CVE-2016-8471CVE-2016-8472</td> 349 <td></td> 350 <td>*</td> 351 </tr> 352 <tr> 353 <td>STMicroelectronics </td> 354 <td>CVE-2016-8473CVE-2016-8474</td> 355 <td></td> 356 <td></td> 357 </tr> 358 <tr> 359 <td>Qualcomm </td> 360 <td>CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 361 <td></td> 362 <td></td> 363 </tr> 364 <tr> 365 <td>HTC </td> 366 <td>CVE-2016-8475</td> 367 <td></td> 368 <td></td> 369 </tr> 370 <tr> 371 <td></td> 372 <td>CVE-2014-9420</td> 373 <td></td> 374 <td></td> 375 </tr> 376 </table> 377 <p>* Android 7.0 Google </p> 378 379 <h2 id="mitigations">Android Google </h2> 380 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 381 <ul> 382 <li> Android Android Android</li> 383 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root </li> 384 <li> Google Messenger mediaserver </li> 385 </ul> 386 <h2 id="acknowledgements"></h2> 387 <p></p> 388 <ul> 389 <li>Alexandru BlandaCVE-2017-0390</li> 390 <li>Copperhead Security Daniel MicayCVE-2017-0397</li> 391 <li> Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>)CVE-2017-0386</li> 392 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>)CVE-2017-0392</li> 393 <li> (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-8412CVE-2016-8444CVE-2016-8427CVE-2017-0403</li> 394 <li> Shellphish Grill donfos (Aravind Machiry)CVE-2016-8448CVE-2016-8470CVE-2016-8471CVE-2016-8472</li> 395 <li><a href="http://www.ms509.com">MS509Team</a> En He (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>)CVE-2017-0394</li> 396 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-8464</li> 397 <li>Google WebM CVE-2017-0393</li> 398 <li><a href="http://www.360.com"> 360 </a> Alpha (<a href="http://twitter.com/oldfresher">@oldfresher</a>)CVE-2017-0387</li> 399 <li> 360 Alpha Hao Chen Guang GongCVE-2016-8415CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457CVE-2016-8465</li> 400 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-8475</li> 401 <li>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>) Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>)CVE-2016-8462</li> 402 <li>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>)Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>) Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)CVE-2016-8461</li> 403 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0383</li> 404 <li>Monk AvelCVE-2017-0396CVE-2017-0399</li> 405 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-8469CVE-2016-8424CVE-2016-8428CVE-2016-8429CVE-2016-8460CVE-2016-8473CVE-2016-8474</li> 406 <li> (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2017-0382</li> 407 <li>IBM X-Force Roee Hay Michael GobermanCVE-2016-8467</li> 408 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-8466</li> 409 <li>Stephen MorrowCVE-2017-0389</li> 410 <li><a href="http://www.trendmicro.com"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0381</li> 411 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2017-0391</li> 412 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0402CVE-2017-0398</li> 413 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0400</li> 414 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0384CVE-2017-0385</li> 415 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0401</li> 416 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8431CVE-2016-8432CVE-2016-8435</li> 417 <li> (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Jun ChengCVE-2017-0404</li> 418 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8425CVE-2016-8426CVE-2016-8449</li> 419 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:bigwyfone (a] gmail.com">Yanfeng Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8430CVE-2016-8482</li> 420 <li> Yuxiang Li (<a href="https://twitter.com/xbalien29">@Xbalien29</a>)CVE-2017-0395</li> 421 <li><a href="http://www.cmcm.com/"></a> Zhanpeng Zhao () (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>)CVE-2016-8451</li> 422 </ul> 423 <p></p> 424 <ul> 425 <li> Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi Zhang Yang Song</li> 426 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)</li> 427 <li>Google Zubin Mithra</li> 428 </ul> 429 430 <h2 id="2017-01-01-details">2017-01-01 - </h2> 431 <p> 432 <a href="#2017-01-01-summary">2017-01-01 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 433 434 435 <h3 id="rce-in-c-ares">c-ares </h3> 436 <p> 437 c-ares 438 </p> 439 440 <table> 441 <col width="18%"> 442 <col width="17%"> 443 <col width="10%"> 444 <col width="19%"> 445 <col width="18%"> 446 <col width="17%"> 447 <tr> 448 <th>CVE</th> 449 <th></th> 450 <th></th> 451 <th> Google </th> 452 <th> AOSP </th> 453 <th></th> 454 </tr> 455 <tr> 456 <td>CVE-2016-5180</td> 457 <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677">A-32205736</a></td> 458 <td></td> 459 <td></td> 460 <td>7.0</td> 461 <td>2016 9 29 </td> 462 </tr> 463 </table> 464 465 466 <h3 id="rce-vulnerability-in-framesequence">Framesequence </h3> 467 <p> 468 Framesequence Framesequence 469 </p> 470 <table> 471 <col width="18%"> 472 <col width="17%"> 473 <col width="10%"> 474 <col width="19%"> 475 <col width="18%"> 476 <col width="17%"> 477 <tr> 478 <th>CVE</th> 479 <th></th> 480 <th></th> 481 <th> Google </th> 482 <th> AOSP </th> 483 <th></th> 484 </tr> 485 <tr> 486 <td>CVE-2017-0382</td> 487 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7">A-32338390</a></td> 488 <td></td> 489 <td></td> 490 <td>5.0.25.1.16.06.0.17.07.1.1</td> 491 <td>2016 10 21 </td> 492 </tr> 493 </table> 494 <h3 id="eop-in-framework-apis">Framework API </h3> 495 <p> 496 Framework API 497 </p> 498 <table> 499 <col width="18%"> 500 <col width="17%"> 501 <col width="10%"> 502 <col width="19%"> 503 <col width="18%"> 504 <col width="17%"> 505 <tr> 506 <th>CVE</th> 507 <th></th> 508 <th></th> 509 <th> Google </th> 510 <th> AOSP </th> 511 <th></th> 512 </tr> 513 <tr> 514 <td>CVE-2017-0383</td> 515 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266">A-31677614</a></td> 516 <td></td> 517 <td></td> 518 <td>7.07.1.1</td> 519 <td>2016 9 21 </td> 520 </tr> 521 </table> 522 <h3 id="eop-in-audioserver">Audioserver </h3> 523 <p> 524 Audioserver 525 </p> 526 <table> 527 <col width="18%"> 528 <col width="17%"> 529 <col width="10%"> 530 <col width="19%"> 531 <col width="18%"> 532 <col width="17%"> 533 <tr> 534 <th>CVE</th> 535 <th></th> 536 <th></th> 537 <th> Google </th> 538 <th> AOSP </th> 539 <th></th> 540 </tr> 541 <tr> 542 <td>CVE-2017-0384</td> 543 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">A-32095626</a></td> 544 <td></td> 545 <td></td> 546 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 547 <td>2016 10 11 </td> 548 </tr> 549 <tr> 550 <td>CVE-2017-0385</td> 551 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358">A-32585400</a></td> 552 <td></td> 553 <td></td> 554 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 555 <td>2016 10 11 </td> 556 </tr> 557 </table> 558 <h3 id="eop-in-libnl">libnl </h3> 559 <p> 560 libnl 561 </p> 562 <table> 563 <col width="18%"> 564 <col width="17%"> 565 <col width="10%"> 566 <col width="19%"> 567 <col width="18%"> 568 <col width="17%"> 569 <tr> 570 <th>CVE</th> 571 <th></th> 572 <th></th> 573 <th> Google </th> 574 <th> AOSP </th> 575 <th></th> 576 </tr> 577 <tr> 578 <td>CVE-2017-0386</td> 579 <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a">A-32255299</a></td> 580 <td></td> 581 <td></td> 582 <td>5.0.25.1.16.06.0.17.07.1.1</td> 583 <td>2016 10 18 </td> 584 </tr> 585 </table> 586 <h3 id="eop-in-mediaserver">Mediaserver </h3> 587 <p> 588 Mediaserver 589 </p> 590 <table> 591 <col width="18%"> 592 <col width="17%"> 593 <col width="10%"> 594 <col width="19%"> 595 <col width="18%"> 596 <col width="17%"> 597 <tr> 598 <th>CVE</th> 599 <th></th> 600 <th></th> 601 <th> Google </th> 602 <th> AOSP </th> 603 <th></th> 604 </tr> 605 <tr> 606 <td>CVE-2017-0387</td> 607 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f">A-32660278</a></td> 608 <td></td> 609 <td></td> 610 <td>5.0.25.1.16.06.0.17.07.1.1</td> 611 <td>2016 11 4 </td> 612 </tr> 613 </table> 614 <h3 id="id-in-external-storage-provider"></h3> 615 <p> 616 SD 617 </p> 618 <table> 619 <col width="18%"> 620 <col width="17%"> 621 <col width="10%"> 622 <col width="19%"> 623 <col width="18%"> 624 <col width="17%"> 625 <tr> 626 <th>CVE</th> 627 <th></th> 628 <th></th> 629 <th> Google </th> 630 <th> AOSP </th> 631 <th></th> 632 </tr> 633 <tr> 634 <td>CVE-2017-0388</td> 635 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9">A-32523490</a></td> 636 <td></td> 637 <td></td> 638 <td>6.06.0.17.07.1.1</td> 639 <td>Google </td> 640 </tr> 641 </table> 642 <h3 id="dos-in-core-networking"></h3> 643 <p> 644 645 </p> 646 <table> 647 <col width="18%"> 648 <col width="17%"> 649 <col width="10%"> 650 <col width="19%"> 651 <col width="18%"> 652 <col width="17%"> 653 <tr> 654 <th>CVE</th> 655 <th></th> 656 <th></th> 657 <th> Google </th> 658 <th> AOSP </th> 659 <th></th> 660 </tr> 661 <tr> 662 <td>CVE-2017-0389</td> 663 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7">A-31850211</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 664 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td> 665 <td></td> 666 <td></td> 667 <td>6.06.0.17.07.1.1</td> 668 <td>2016 7 20 </td> 669 </tr> 670 </table> 671 <h3 id="dos-in-mediaserver">Mediaserver </h3> 672 <p> 673 Mediaserver 674 </p> 675 <table> 676 <col width="18%"> 677 <col width="17%"> 678 <col width="10%"> 679 <col width="19%"> 680 <col width="18%"> 681 <col width="17%"> 682 <tr> 683 <th>CVE</th> 684 <th></th> 685 <th></th> 686 <th> Google </th> 687 <th> AOSP </th> 688 <th></th> 689 </tr> 690 <tr> 691 <td>CVE-2017-0390</td> 692 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0">A-31647370</a></td> 693 <td></td> 694 <td></td> 695 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 696 <td>2016 9 19 </td> 697 </tr> 698 <tr> 699 <td>CVE-2017-0391</td> 700 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f">A-32322258</a></td> 701 <td></td> 702 <td></td> 703 <td>6.06.0.17.07.1.1</td> 704 <td>2016 10 20 </td> 705 </tr> 706 <tr> 707 <td>CVE-2017-0392</td> 708 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c">A-32577290</a></td> 709 <td></td> 710 <td></td> 711 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 712 <td>2016 10 29 </td> 713 </tr> 714 <tr> 715 <td>CVE-2017-0393</td> 716 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc">A-30436808</a></td> 717 <td></td> 718 <td></td> 719 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 720 <td>Google </td> 721 </tr> 722 </table> 723 <h3 id="dos-in-telephony">Telephony </h3> 724 <p> 725 Telephony 726 </p> 727 <table> 728 <col width="18%"> 729 <col width="17%"> 730 <col width="10%"> 731 <col width="19%"> 732 <col width="18%"> 733 <col width="17%"> 734 <tr> 735 <th>CVE</th> 736 <th></th> 737 <th></th> 738 <th> Google </th> 739 <th> AOSP </th> 740 <th></th> 741 </tr> 742 <tr> 743 <td>CVE-2017-0394</td> 744 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d">A-31752213</a></td> 745 <td></td> 746 <td></td> 747 <td>5.0.25.1.16.06.0.17.07.1.1</td> 748 <td>2016 9 23 </td> 749 </tr> 750 </table> 751 <h3 id="eop-in-contacts"></h3> 752 <p> 753 754 </p> 755 <table> 756 <col width="18%"> 757 <col width="17%"> 758 <col width="10%"> 759 <col width="19%"> 760 <col width="18%"> 761 <col width="17%"> 762 <tr> 763 <th>CVE</th> 764 <th></th> 765 <th></th> 766 <th> Google </th> 767 <th> AOSP </th> 768 <th></th> 769 </tr> 770 <tr> 771 <td>CVE-2017-0395</td> 772 <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b">A-32219099</a></td> 773 <td></td> 774 <td></td> 775 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 776 <td>2016 10 15 </td> 777 </tr> 778 </table> 779 <h3 id="id-in-mediaserver">Mediaserver </h3> 780 <p> 781 Mediaserver 782 </p> 783 <table> 784 <col width="18%"> 785 <col width="17%"> 786 <col width="10%"> 787 <col width="19%"> 788 <col width="18%"> 789 <col width="17%"> 790 <tr> 791 <th>CVE</th> 792 <th></th> 793 <th></th> 794 <th> Google </th> 795 <th> AOSP </th> 796 <th></th> 797 </tr> 798 <tr> 799 <td>CVE-2017-0381</td> 800 <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7">A-31607432</a></td> 801 <td></td> 802 <td></td> 803 <td>5.0.25.1.16.06.0.17.07.1.1</td> 804 <td>2016 9 18 </td> 805 </tr> 806 <tr> 807 <td>CVE-2017-0396</td> 808 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7">A-31781965</a></td> 809 <td></td> 810 <td></td> 811 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 812 <td>2016 9 27 </td> 813 </tr> 814 <tr> 815 <td>CVE-2017-0397</td> 816 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c">A-32377688</a></td> 817 <td></td> 818 <td></td> 819 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 820 <td>2016 10 21 </td> 821 </tr> 822 </table> 823 <h3 id="id-in-audioserver">Audioserver </h3> 824 <p> 825 Audioserver 826 </p> 827 <table> 828 <col width="18%"> 829 <col width="17%"> 830 <col width="10%"> 831 <col width="19%"> 832 <col width="18%"> 833 <col width="17%"> 834 <tr> 835 <th>CVE</th> 836 <th></th> 837 <th></th> 838 <th> Google </th> 839 <th> AOSP </th> 840 <th></th> 841 </tr> 842 <tr> 843 <td>CVE-2017-0398</td> 844 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">A-32438594</a></td> 845 <td></td> 846 <td></td> 847 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 848 <td>2016 10 25 </td> 849 </tr> 850 <tr> 851 <td>CVE-2017-0398</td> 852 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">A-32635664</a></td> 853 <td></td> 854 <td></td> 855 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 856 <td>2016 10 25 </td> 857 </tr> 858 <tr> 859 <td>CVE-2017-0398</td> 860 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c">A-32624850</a></td> 861 <td></td> 862 <td></td> 863 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 864 <td>2016 10 25 </td> 865 </tr> 866 <tr> 867 <td>CVE-2017-0399</td> 868 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32247948</a> [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 869 <td></td> 870 <td></td> 871 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 872 <td>2016 10 18 </td> 873 </tr> 874 <tr> 875 <td>CVE-2017-0400</td> 876 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32584034</a> [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 877 <td></td> 878 <td></td> 879 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 880 <td>2016 10 25 </td> 881 </tr> 882 <tr> 883 <td>CVE-2017-0401</td> 884 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">A-32448258</a></td> 885 <td></td> 886 <td></td> 887 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 888 <td>2016 10 26 </td> 889 </tr> 890 <tr> 891 <td>CVE-2017-0402</td> 892 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32436341</a> [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 893 <td></td> 894 <td></td> 895 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 896 <td>2016 10 25 </td> 897 </tr> 898 </table> 899 900 <h2 id="2017-01-05-details">2017-01-05 - </h2> 901 <p> 902 <a href="#2017-01-05-summary">2017-01-05 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 903 904 905 <h3 id="eop-in-kernel-memory-subsystem"></h3> 906 <p> 907 908 </p> 909 910 <table> 911 <col width="19%"> 912 <col width="20%"> 913 <col width="10%"> 914 <col width="23%"> 915 <col width="17%"> 916 <tr> 917 <th>CVE</th> 918 <th></th> 919 <th></th> 920 <th> Google </th> 921 <th></th> 922 </tr> 923 <tr> 924 <td>CVE-2015-3288</td> 925 <td>A-32460277<br> 926 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d"></a></td> 927 <td></td> 928 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus PlayerPixelPixel XL</td> 929 <td>2015 7 9 </td> 930 </tr> 931 </table> 932 933 934 <h3 id="eop-in-qualcomm-bootloader">Qualcomm </h3> 935 <p> 936 Qualcomm 937 </p> 938 939 <table> 940 <col width="19%"> 941 <col width="20%"> 942 <col width="10%"> 943 <col width="23%"> 944 <col width="17%"> 945 <tr> 946 <th>CVE</th> 947 <th></th> 948 <th></th> 949 <th> Google </th> 950 <th></th> 951 </tr> 952 <tr> 953 <td>CVE-2016-8422</td> 954 <td>A-31471220<br> 955 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213">QC-CR#979426</a></td> 956 <td></td> 957 <td>Nexus 6Nexus 6PPixelPixel XL</td> 958 <td>2016 7 22 </td> 959 </tr> 960 <tr> 961 <td>CVE-2016-8423</td> 962 <td>A-31399736<br> 963 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867">QC-CR#1000546</a></td> 964 <td></td> 965 <td>Nexus 6PPixelPixel XL</td> 966 <td>2016 8 24 </td> 967 </tr> 968 </table> 969 970 971 <h3 id="eop-in-kernel-file-system"></h3> 972 <p> 973 974 </p> 975 976 <table> 977 <col width="19%"> 978 <col width="20%"> 979 <col width="10%"> 980 <col width="23%"> 981 <col width="17%"> 982 <tr> 983 <th>CVE</th> 984 <th></th> 985 <th></th> 986 <th> Google </th> 987 <th></th> 988 </tr> 989 <tr> 990 <td>CVE-2015-5706</td> 991 <td>A-32289301<br> 992 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0"></a></td> 993 <td></td> 994 <td>*</td> 995 <td>2016 8 1 </td> 996 </tr> 997 </table> 998 <p> 999 * Android 7.0 Google 1000 </p> 1001 1002 1003 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1004 <p> 1005 NVIDIA GPU 1006 </p> 1007 1008 <table> 1009 <col width="19%"> 1010 <col width="20%"> 1011 <col width="10%"> 1012 <col width="23%"> 1013 <col width="17%"> 1014 <tr> 1015 <th>CVE</th> 1016 <th></th> 1017 <th></th> 1018 <th> Google </th> 1019 <th></th> 1020 </tr> 1021 <tr> 1022 <td>CVE-2016-8424</td> 1023 <td>A-31606947*<br>N-CVE-2016-8424</td> 1024 <td></td> 1025 <td>Nexus 9</td> 1026 <td>2016 9 17 </td> 1027 </tr> 1028 <tr> 1029 <td>CVE-2016-8425</td> 1030 <td>A-31797770*<br>N-CVE-2016-8425</td> 1031 <td></td> 1032 <td>Nexus 9</td> 1033 <td>2016 9 28 </td> 1034 </tr> 1035 <tr> 1036 <td>CVE-2016-8426</td> 1037 <td>A-31799206*<br>N-CVE-2016-8426</td> 1038 <td></td> 1039 <td>Nexus 9</td> 1040 <td>2016 9 28 </td> 1041 </tr> 1042 <tr> 1043 <td>CVE-2016-8482</td> 1044 <td>A-31799863*<br>N-CVE-2016-8482</td> 1045 <td></td> 1046 <td>Nexus 9</td> 1047 <td>2016 9 28 </td> 1048 </tr> 1049 <tr> 1050 <td>CVE-2016-8427</td> 1051 <td>A-31799885*<br>N-CVE-2016-8427</td> 1052 <td></td> 1053 <td>Nexus 9</td> 1054 <td>2016 9 28 </td> 1055 </tr> 1056 <tr> 1057 <td>CVE-2016-8428</td> 1058 <td>A-31993456*<br>N-CVE-2016-8428</td> 1059 <td></td> 1060 <td>Nexus 9</td> 1061 <td>2016 10 6 </td> 1062 </tr> 1063 <tr> 1064 <td>CVE-2016-8429</td> 1065 <td>A-32160775*<br>N-CVE-2016-8429</td> 1066 <td></td> 1067 <td>Nexus 9</td> 1068 <td>2016 10 13 </td> 1069 </tr> 1070 <tr> 1071 <td>CVE-2016-8430</td> 1072 <td>A-32225180*<br>N-CVE-2016-8430</td> 1073 <td></td> 1074 <td>Nexus 9</td> 1075 <td>2016 10 17 </td> 1076 </tr> 1077 <tr> 1078 <td>CVE-2016-8431</td> 1079 <td>A-32402179*<br>N-CVE-2016-8431</td> 1080 <td></td> 1081 <td>Pixel C</td> 1082 <td>2016 10 25 </td> 1083 </tr> 1084 <tr> 1085 <td>CVE-2016-8432</td> 1086 <td>A-32447738*<br>N-CVE-2016-8432</td> 1087 <td></td> 1088 <td>Pixel C</td> 1089 <td>2016 10 26 </td> 1090 </tr> 1091 </table> 1092 <p> 1093 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1094 </p> 1095 1096 1097 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1098 <p> 1099 MediaTek 1100 </p> 1101 1102 <table> 1103 <col width="19%"> 1104 <col width="20%"> 1105 <col width="10%"> 1106 <col width="23%"> 1107 <col width="17%"> 1108 <tr> 1109 <th>CVE</th> 1110 <th></th> 1111 <th></th> 1112 <th> Google </th> 1113 <th></th> 1114 </tr> 1115 <tr> 1116 <td>CVE-2016-8433</td> 1117 <td>A-31750190*<br>MT-ALPS02974192</td> 1118 <td></td> 1119 <td>**</td> 1120 <td>2016 9 24 </td> 1121 </tr> 1122 </table> 1123 <p> 1124 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1125 </p> 1126 <p> 1127 ** Android 7.0 Google 1128 </p> 1129 1130 1131 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU </h3> 1132 <p> 1133 Qualcomm GPU 1134 </p> 1135 1136 <table> 1137 <col width="19%"> 1138 <col width="20%"> 1139 <col width="10%"> 1140 <col width="23%"> 1141 <col width="17%"> 1142 <tr> 1143 <th>CVE</th> 1144 <th></th> 1145 <th></th> 1146 <th> Google </th> 1147 <th></th> 1148 </tr> 1149 <tr> 1150 <td>CVE-2016-8434</td> 1151 <td>A-32125137<br> 1152 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9">QC-CR#1081855</a></td> 1153 <td></td> 1154 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1155 <td>2016 10 12 </td> 1156 </tr> 1157 </table> 1158 1159 1160 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU </h3> 1161 <p> 1162 NVIDIA GPU 1163 </p> 1164 1165 <table> 1166 <col width="19%"> 1167 <col width="20%"> 1168 <col width="10%"> 1169 <col width="23%"> 1170 <col width="17%"> 1171 <tr> 1172 <th>CVE</th> 1173 <th></th> 1174 <th></th> 1175 <th> Google </th> 1176 <th></th> 1177 </tr> 1178 <tr> 1179 <td>CVE-2016-8435</td> 1180 <td>A-32700935*<br>N-CVE-2016-8435</td> 1181 <td></td> 1182 <td>Pixel C</td> 1183 <td>2016 11 7 </td> 1184 </tr> 1185 </table> 1186 <p> 1187 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1188 </p> 1189 1190 1191 <h3 id="eop-in-qualcomm-video-driver">Qualcomm </h3> 1192 <p> 1193 Qualcomm 1194 </p> 1195 1196 <table> 1197 <col width="19%"> 1198 <col width="20%"> 1199 <col width="10%"> 1200 <col width="23%"> 1201 <col width="17%"> 1202 <tr> 1203 <th>CVE</th> 1204 <th></th> 1205 <th></th> 1206 <th> Google </th> 1207 <th></th> 1208 </tr> 1209 <tr> 1210 <td>CVE-2016-8436</td> 1211 <td>A-32450261<br> 1212 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced">QC-CR#1007860</a></td> 1213 <td></td> 1214 <td>*</td> 1215 <td>2016 10 13 </td> 1216 </tr> 1217 </table> 1218 <p> 1219 * Android 7.0 Google 1220 </p> 1221 1222 1223 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1224 <p> 1225 Qualcomm 2015 11 2016 8 2016 9 2016 10 Qualcomm AMSS 1226 </p> 1227 1228 <table> 1229 <col width="19%"> 1230 <col width="20%"> 1231 <col width="10%"> 1232 <col width="23%"> 1233 <col width="17%"> 1234 <tr> 1235 <th>CVE</th> 1236 <th></th> 1237 <th>*</th> 1238 <th> Google </th> 1239 <th></th> 1240 </tr> 1241 <tr> 1242 <td>CVE-2016-8438</td> 1243 <td>A-31624565**</td> 1244 <td></td> 1245 <td>***</td> 1246 <td>Qualcomm </td> 1247 </tr> 1248 <tr> 1249 <td>CVE-2016-8442</td> 1250 <td>A-31625910**</td> 1251 <td></td> 1252 <td>***</td> 1253 <td>Qualcomm </td> 1254 </tr> 1255 <tr> 1256 <td>CVE-2016-8443</td> 1257 <td>A-32576499**</td> 1258 <td></td> 1259 <td>***</td> 1260 <td>Qualcomm </td> 1261 </tr> 1262 <tr> 1263 <td>CVE-2016-8437</td> 1264 <td>A-31623057**</td> 1265 <td></td> 1266 <td>***</td> 1267 <td>Qualcomm </td> 1268 </tr> 1269 <tr> 1270 <td>CVE-2016-8439</td> 1271 <td>A-31625204**</td> 1272 <td></td> 1273 <td>***</td> 1274 <td>Qualcomm </td> 1275 </tr> 1276 <tr> 1277 <td>CVE-2016-8440</td> 1278 <td>A-31625306**</td> 1279 <td></td> 1280 <td>***</td> 1281 <td>Qualcomm </td> 1282 </tr> 1283 <tr> 1284 <td>CVE-2016-8441</td> 1285 <td>A-31625904**</td> 1286 <td></td> 1287 <td>***</td> 1288 <td>Qualcomm </td> 1289 </tr> 1290 <tr> 1291 <td>CVE-2016-8398</td> 1292 <td>A-31548486**</td> 1293 <td></td> 1294 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1295 <td>Qualcomm </td> 1296 </tr> 1297 <tr> 1298 <td>CVE-2016-8459</td> 1299 <td>A-32577972**</td> 1300 <td></td> 1301 <td>***</td> 1302 <td>Qualcomm </td> 1303 </tr> 1304 <tr> 1305 <td>CVE-2016-5080</td> 1306 <td>A-31115235**</td> 1307 <td></td> 1308 <td>Nexus 5X</td> 1309 <td>Qualcomm </td> 1310 </tr> 1311 </table> 1312 <p> 1313 * 1314 </p> 1315 <p> 1316 ** <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1317 </p> 1318 <p> 1319 *** Android 7.0 Google 1320 </p> 1321 1322 1323 <h3 id="eop-in-qualcomm-camera">Qualcomm </h3> 1324 <p> 1325 Qualcomm 1326 </p> 1327 1328 <table> 1329 <col width="19%"> 1330 <col width="20%"> 1331 <col width="10%"> 1332 <col width="23%"> 1333 <col width="17%"> 1334 <tr> 1335 <th>CVE</th> 1336 <th></th> 1337 <th></th> 1338 <th> Google </th> 1339 <th></th> 1340 </tr> 1341 <tr> 1342 <td>CVE-2016-8412</td> 1343 <td>A-31225246<br> 1344 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786">QC-CR#1071891</a></td> 1345 <td></td> 1346 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1347 <td>2016 8 26 </td> 1348 </tr> 1349 <tr> 1350 <td>CVE-2016-8444</td> 1351 <td>A-31243641*<br>QC-CR#1074310</td> 1352 <td></td> 1353 <td>Nexus 5XNexus 6Nexus 6P</td> 1354 <td>2016 8 26 </td> 1355 </tr> 1356 </table> 1357 <p> 1358 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1359 </p> 1360 1361 1362 <h3 id="eop-in-mediatek-components">MediaTek </h3> 1363 <p> 1364 MediaTek 1365 </p> 1366 1367 <table> 1368 <col width="19%"> 1369 <col width="20%"> 1370 <col width="10%"> 1371 <col width="23%"> 1372 <col width="17%"> 1373 <tr> 1374 <th>CVE</th> 1375 <th></th> 1376 <th></th> 1377 <th> Google </th> 1378 <th></th> 1379 </tr> 1380 <tr> 1381 <td>CVE-2016-8445</td> 1382 <td>A-31747590*<br>MT-ALPS02968983</td> 1383 <td></td> 1384 <td>**</td> 1385 <td>2016 9 25 </td> 1386 </tr> 1387 <tr> 1388 <td>CVE-2016-8446</td> 1389 <td>A-31747749*<br>MT-ALPS02968909</td> 1390 <td></td> 1391 <td>**</td> 1392 <td>2016 9 25 </td> 1393 </tr> 1394 <tr> 1395 <td>CVE-2016-8447</td> 1396 <td>A-31749463*<br>MT-ALPS02968886</td> 1397 <td></td> 1398 <td>**</td> 1399 <td>2016 9 25 </td> 1400 </tr> 1401 <tr> 1402 <td>CVE-2016-8448</td> 1403 <td>A-31791148*<br>MT-ALPS02982181</td> 1404 <td></td> 1405 <td>**</td> 1406 <td>2016 9 28 </td> 1407 </tr> 1408 </table> 1409 <p> 1410 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1411 </p> 1412 <p> 1413 ** Android 7.0 Google 1414 </p> 1415 1416 1417 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm WLAN </h3> 1418 <p> 1419 Qualcomm WLAN 1420 </p> 1421 1422 <table> 1423 <col width="19%"> 1424 <col width="20%"> 1425 <col width="10%"> 1426 <col width="23%"> 1427 <col width="17%"> 1428 <tr> 1429 <th>CVE</th> 1430 <th></th> 1431 <th></th> 1432 <th> Google </th> 1433 <th></th> 1434 </tr> 1435 <tr> 1436 <td>CVE-2016-8415</td> 1437 <td>A-31750554<br> 1438 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394">QC-CR#1079596</a></td> 1439 <td></td> 1440 <td>Nexus 5XPixelPixel XL</td> 1441 <td>2016 9 26 </td> 1442 </tr> 1443 </table> 1444 1445 1446 <h3 id="eop-in-nvidia-gpu-driver-3">NVIDIA GPU </h3> 1447 <p> 1448 NVIDIA GPU 1449 </p> 1450 1451 <table> 1452 <col width="19%"> 1453 <col width="20%"> 1454 <col width="10%"> 1455 <col width="23%"> 1456 <col width="17%"> 1457 <tr> 1458 <th>CVE</th> 1459 <th></th> 1460 <th></th> 1461 <th> Google </th> 1462 <th></th> 1463 </tr> 1464 <tr> 1465 <td>CVE-2016-8449</td> 1466 <td>A-31798848*<br>N-CVE-2016-8449</td> 1467 <td></td> 1468 <td>Nexus 9</td> 1469 <td>2016 9 28 </td> 1470 </tr> 1471 </table> 1472 <p> 1473 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1474 </p> 1475 1476 1477 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1478 <p> 1479 Qualcomm 1480 </p> 1481 1482 <table> 1483 <col width="19%"> 1484 <col width="20%"> 1485 <col width="10%"> 1486 <col width="23%"> 1487 <col width="17%"> 1488 <tr> 1489 <th>CVE</th> 1490 <th></th> 1491 <th></th> 1492 <th> Google </th> 1493 <th></th> 1494 </tr> 1495 <tr> 1496 <td>CVE-2016-8450</td> 1497 <td>A-32450563<br> 1498 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb">QC-CR#880388</a></td> 1499 <td></td> 1500 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1501 <td>2016 10 13 </td> 1502 </tr> 1503 </table> 1504 1505 1506 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1507 <p> 1508 Synaptics 1509 </p> 1510 1511 <table> 1512 <col width="19%"> 1513 <col width="20%"> 1514 <col width="10%"> 1515 <col width="23%"> 1516 <col width="17%"> 1517 <tr> 1518 <th>CVE</th> 1519 <th></th> 1520 <th></th> 1521 <th> Google </th> 1522 <th></th> 1523 </tr> 1524 <tr> 1525 <td>CVE-2016-8451</td> 1526 <td>A-32178033*</td> 1527 <td></td> 1528 <td>**</td> 1529 <td>2016 10 13 </td> 1530 </tr> 1531 </table> 1532 <p> 1533 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1534 </p> 1535 <p> 1536 ** Android 7.0 Google 1537 </p> 1538 1539 1540 <h3 id="eop-in-kernel-security-subsystem"></h3> 1541 <p> 1542 1543 </p> 1544 1545 <table> 1546 <col width="19%"> 1547 <col width="20%"> 1548 <col width="10%"> 1549 <col width="23%"> 1550 <col width="17%"> 1551 <tr> 1552 <th>CVE</th> 1553 <th></th> 1554 <th></th> 1555 <th> Google </th> 1556 <th></th> 1557 </tr> 1558 <tr> 1559 <td>CVE-2016-7042</td> 1560 <td>A-32178986<br> 1561 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc"></a></td> 1562 <td></td> 1563 <td>Pixel C</td> 1564 <td>2016 10 14 </td> 1565 </tr> 1566 </table> 1567 1568 1569 <h3 id="eop-in-kernel-performance-subsystem"></h3> 1570 <p> 1571 1572 </p> 1573 1574 <table> 1575 <col width="19%"> 1576 <col width="20%"> 1577 <col width="10%"> 1578 <col width="23%"> 1579 <col width="17%"> 1580 <tr> 1581 <th>CVE</th> 1582 <th></th> 1583 <th></th> 1584 <th> Google </th> 1585 <th></th> 1586 </tr> 1587 <tr> 1588 <td>CVE-2017-0403</td> 1589 <td>A-32402548*</td> 1590 <td></td> 1591 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1592 <td>2016 10 25 </td> 1593 </tr> 1594 </table> 1595 <p> 1596 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1597 </p> 1598 1599 1600 <h3 id="eop-in-kernel-sound-subsystem"></h3> 1601 <p> 1602 1603 </p> 1604 1605 <table> 1606 <col width="19%"> 1607 <col width="20%"> 1608 <col width="10%"> 1609 <col width="23%"> 1610 <col width="17%"> 1611 <tr> 1612 <th>CVE</th> 1613 <th></th> 1614 <th></th> 1615 <th> Google </th> 1616 <th></th> 1617 </tr> 1618 <tr> 1619 <td>CVE-2017-0404</td> 1620 <td>A-32510733*</td> 1621 <td></td> 1622 <td>Nexus 5XNexus 6PNexus 9Pixel CNexus PlayerPixelPixel XL</td> 1623 <td>2016 10 27 </td> 1624 </tr> 1625 </table> 1626 <p> 1627 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1628 </p> 1629 1630 1631 <h3 id="eop-in-qualcomm-wi-fi-driver-2">Qualcomm WLAN </h3> 1632 <p> 1633 Qualcomm WLAN 1634 </p> 1635 1636 <table> 1637 <col width="19%"> 1638 <col width="20%"> 1639 <col width="10%"> 1640 <col width="23%"> 1641 <col width="17%"> 1642 <tr> 1643 <th>CVE</th> 1644 <th></th> 1645 <th></th> 1646 <th> Google </th> 1647 <th></th> 1648 </tr> 1649 <tr> 1650 <td>CVE-2016-8452</td> 1651 <td>A-32506396<br> 1652 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526">QC-CR#1050323</a></td> 1653 <td></td> 1654 <td>Nexus 5XAndroid OnePixelPixel XL</td> 1655 <td>2016 10 28 </td> 1656 </tr> 1657 </table> 1658 1659 1660 <h3 id="eop-in-qualcomm-radio-driver">Qualcomm </h3> 1661 <p> 1662 Qualcomm 1663 </p> 1664 1665 <table> 1666 <col width="19%"> 1667 <col width="20%"> 1668 <col width="10%"> 1669 <col width="23%"> 1670 <col width="17%"> 1671 <tr> 1672 <th>CVE</th> 1673 <th></th> 1674 <th></th> 1675 <th> Google </th> 1676 <th></th> 1677 </tr> 1678 <tr> 1679 <td>CVE-2016-5345</td> 1680 <td>A-32639452<br> 1681 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6">QC-CR#1079713</a></td> 1682 <td></td> 1683 <td>Android One</td> 1684 <td>2016 11 3 </td> 1685 </tr> 1686 </table> 1687 1688 1689 <h3 id="eop-in-kernel-profiling-subsystem"></h3> 1690 <p> 1691 1692 </p> 1693 1694 <table> 1695 <col width="19%"> 1696 <col width="20%"> 1697 <col width="10%"> 1698 <col width="23%"> 1699 <col width="17%"> 1700 <tr> 1701 <th>CVE</th> 1702 <th></th> 1703 <th></th> 1704 <th> Google </th> 1705 <th></th> 1706 </tr> 1707 <tr> 1708 <td>CVE-2016-9754</td> 1709 <td>A-32659848<br> 1710 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6"></a></td> 1711 <td></td> 1712 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus Player</td> 1713 <td>2016 11 4 </td> 1714 </tr> 1715 </table> 1716 1717 1718 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom WLAN </h3> 1719 <p> 1720 Broadcom WLAN 1721 </p> 1722 1723 <table> 1724 <col width="19%"> 1725 <col width="20%"> 1726 <col width="10%"> 1727 <col width="23%"> 1728 <col width="17%"> 1729 <tr> 1730 <th>CVE</th> 1731 <th></th> 1732 <th></th> 1733 <th> Google </th> 1734 <th></th> 1735 </tr> 1736 <tr> 1737 <td>CVE-2016-8453</td> 1738 <td>A-24739315*<br>B-RB#73392</td> 1739 <td></td> 1740 <td>Nexus 6</td> 1741 <td>Google </td> 1742 </tr> 1743 <tr> 1744 <td>CVE-2016-8454</td> 1745 <td>A-32174590*<br>B-RB#107142</td> 1746 <td></td> 1747 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1748 <td>2016 10 14 </td> 1749 </tr> 1750 <tr> 1751 <td>CVE-2016-8455</td> 1752 <td>A-32219121*<br>B-RB#106311</td> 1753 <td></td> 1754 <td>Nexus 6P</td> 1755 <td>2016 10 15 </td> 1756 </tr> 1757 <tr> 1758 <td>CVE-2016-8456</td> 1759 <td>A-32219255*<br>B-RB#105580</td> 1760 <td></td> 1761 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1762 <td>2016 10 15 </td> 1763 </tr> 1764 <tr> 1765 <td>CVE-2016-8457</td> 1766 <td>A-32219453*<br>B-RB#106116</td> 1767 <td></td> 1768 <td>Nexus 6Nexus 6PNexus 9Pixel C</td> 1769 <td>2016 10 15 </td> 1770 </tr> 1771 </table> 1772 <p> 1773 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1774 </p> 1775 1776 1777 <h3 id="eop-in-synaptics-touchscreen-driver-2">Synaptics </h3> 1778 <p> 1779 Synaptics 1780 </p> 1781 1782 <table> 1783 <col width="19%"> 1784 <col width="20%"> 1785 <col width="10%"> 1786 <col width="23%"> 1787 <col width="17%"> 1788 <tr> 1789 <th>CVE</th> 1790 <th></th> 1791 <th></th> 1792 <th> Google </th> 1793 <th></th> 1794 </tr> 1795 <tr> 1796 <td>CVE-2016-8458</td> 1797 <td>A-31968442*</td> 1798 <td></td> 1799 <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1800 <td>Google </td> 1801 </tr> 1802 </table> 1803 <p> 1804 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1805 </p> 1806 1807 1808 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1809 <p> 1810 NVIDIA 1811 </p> 1812 1813 <table> 1814 <col width="19%"> 1815 <col width="20%"> 1816 <col width="10%"> 1817 <col width="23%"> 1818 <col width="17%"> 1819 <tr> 1820 <th>CVE</th> 1821 <th></th> 1822 <th></th> 1823 <th> Google </th> 1824 <th></th> 1825 </tr> 1826 <tr> 1827 <td>CVE-2016-8460</td> 1828 <td>A-31668540*<br>N-CVE-2016-8460</td> 1829 <td></td> 1830 <td>Nexus 9</td> 1831 <td>2016 9 21 </td> 1832 </tr> 1833 </table> 1834 <p> 1835 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1836 </p> 1837 1838 1839 <h3 id="id-in-bootloader"></h3> 1840 <p> 1841 1842 </p> 1843 1844 <table> 1845 <col width="19%"> 1846 <col width="20%"> 1847 <col width="10%"> 1848 <col width="23%"> 1849 <col width="17%"> 1850 <tr> 1851 <th>CVE</th> 1852 <th></th> 1853 <th></th> 1854 <th> Google </th> 1855 <th></th> 1856 </tr> 1857 <tr> 1858 <td>CVE-2016-8461</td> 1859 <td>A-32369621*</td> 1860 <td></td> 1861 <td>Nexus 9PixelPixel XL</td> 1862 <td>2016 10 21 </td> 1863 </tr> 1864 <tr> 1865 <td>CVE-2016-8462</td> 1866 <td>A-32510383*</td> 1867 <td></td> 1868 <td>PixelPixel XL</td> 1869 <td>2016 10 27 </td> 1870 </tr> 1871 </table> 1872 <p> 1873 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1874 </p> 1875 1876 1877 <h3 id="dos-in-qualcomm-fuse-file-system">Qualcomm FUSE </h3> 1878 <p> 1879 Qualcomm FUSE 1880 </p> 1881 1882 <table> 1883 <col width="19%"> 1884 <col width="20%"> 1885 <col width="10%"> 1886 <col width="23%"> 1887 <col width="17%"> 1888 <tr> 1889 <th>CVE</th> 1890 <th></th> 1891 <th></th> 1892 <th> Google </th> 1893 <th></th> 1894 </tr> 1895 <tr> 1896 <td>CVE-2016-8463</td> 1897 <td>A-30786860<br> 1898 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10">QC-CR#586855</a></td> 1899 <td></td> 1900 <td>*</td> 1901 <td>2014 1 3 </td> 1902 </tr> 1903 </table> 1904 <p> 1905 * Android 7.0 Google 1906 </p> 1907 1908 1909 <h3 id="dos-in-bootloader"></h3> 1910 <p> 1911 1912 </p> 1913 1914 <table> 1915 <col width="19%"> 1916 <col width="20%"> 1917 <col width="10%"> 1918 <col width="23%"> 1919 <col width="17%"> 1920 <tr> 1921 <th>CVE</th> 1922 <th></th> 1923 <th></th> 1924 <th> Google </th> 1925 <th></th> 1926 </tr> 1927 <tr> 1928 <td>CVE-2016-8467</td> 1929 <td>A-30308784*</td> 1930 <td></td> 1931 <td>Nexus 6Nexus 6P</td> 1932 <td>2016 6 29 </td> 1933 </tr> 1934 </table> 1935 <p> 1936 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1937 </p> 1938 1939 1940 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom WLAN </h3> 1941 <p> 1942 Broadcom WLAN 1943 </p> 1944 1945 <table> 1946 <col width="19%"> 1947 <col width="20%"> 1948 <col width="10%"> 1949 <col width="23%"> 1950 <col width="17%"> 1951 <tr> 1952 <th>CVE</th> 1953 <th></th> 1954 <th></th> 1955 <th> Google </th> 1956 <th></th> 1957 </tr> 1958 <tr> 1959 <td>CVE-2016-8464</td> 1960 <td>A-29000183*<br>B-RB#106314</td> 1961 <td></td> 1962 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1963 <td>2016 5 26 </td> 1964 </tr> 1965 <tr> 1966 <td>CVE-2016-8466</td> 1967 <td>A-31822524*<br>B-RB#105268</td> 1968 <td></td> 1969 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1970 <td>2016 9 28 </td> 1971 </tr> 1972 <tr> 1973 <td>CVE-2016-8465</td> 1974 <td>A-32474971*<br>B-RB#106053</td> 1975 <td></td> 1976 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1977 <td>2016 10 27 </td> 1978 </tr> 1979 </table> 1980 <p> 1981 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1982 </p> 1983 1984 1985 <h3 id="eop-in-bootloader"></h3> 1986 <p> 1987 1988 </p> 1989 1990 <table> 1991 <col width="19%"> 1992 <col width="20%"> 1993 <col width="10%"> 1994 <col width="23%"> 1995 <col width="17%"> 1996 <tr> 1997 <th>CVE</th> 1998 <th></th> 1999 <th></th> 2000 <th> Google </th> 2001 <th></th> 2002 </tr> 2003 <tr> 2004 <td>CVE-2016-8467</td> 2005 <td>A-30308784*</td> 2006 <td></td> 2007 <td>Nexus 6Nexus 6P</td> 2008 <td>2016 6 29 </td> 2009 </tr> 2010 </table> 2011 <p> 2012 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 2013 </p> 2014 2015 2016 <h3 id="eop-in-binder">Binder </h3> 2017 <p> 2018 Binder 2019 </p> 2020 2021 <table> 2022 <col width="19%"> 2023 <col width="20%"> 2024 <col width="10%"> 2025 <col width="23%"> 2026 <col width="17%"> 2027 <tr> 2028 <th>CVE</th> 2029 <th></th> 2030 <th></th> 2031 <th> Google </th> 2032 <th></th> 2033 </tr> 2034 <tr> 2035 <td>CVE-2016-8468</td> 2036 <td>A-32394425*</td> 2037 <td></td> 2038 <td>Pixel CPixelPixel XL</td> 2039 <td>Google </td> 2040 </tr> 2041 </table> 2042 <p> 2043 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 2044 </p> 2045 2046 2047 <h3 id="id-in-nvidia-camera-driver">NVIDIA </h3> 2048 <p> 2049 2050 </p> 2051 2052 <table> 2053 <col width="19%"> 2054 <col width="20%"> 2055 <col width="10%"> 2056 <col width="23%"> 2057 <col width="17%"> 2058 <tr> 2059 <th>CVE</th> 2060 <th></th> 2061 <th></th> 2062 <th> Google </th> 2063 <th></th> 2064 </tr> 2065 <tr> 2066 <td>CVE-2016-8469</td> 2067 <td>A-31351206*<br>N-CVE-2016-8469</td> 2068 <td></td> 2069 <td>Nexus 9</td> 2070 <td>2016 9 7 </td> 2071 </tr> 2072 </table> 2073 <p> 2074 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 2075 </p> 2076 2077 2078 <h3 id="id-in-mediatek-driver">MediaTek </h3> 2079 <p> 2080 MediaTek 2081 </p> 2082 2083 <table> 2084 <col width="19%"> 2085 <col width="20%"> 2086 <col width="10%"> 2087 <col width="23%"> 2088 <col width="17%"> 2089 <tr> 2090 <th>CVE</th> 2091 <th></th> 2092 <th></th> 2093 <th> Google </th> 2094 <th></th> 2095 </tr> 2096 <tr> 2097 <td>CVE-2016-8470</td> 2098 <td>A-31528889*<br>MT-ALPS02961395</td> 2099 <td></td> 2100 <td>**</td> 2101 <td>2016 9 15 </td> 2102 </tr> 2103 <tr> 2104 <td>CVE-2016-8471</td> 2105 <td>A-31528890*<br>MT-ALPS02961380</td> 2106 <td></td> 2107 <td>**</td> 2108 <td>2016 9 15 </td> 2109 </tr> 2110 <tr> 2111 <td>CVE-2016-8472</td> 2112 <td>A-31531758*<br>MT-ALPS02961384</td> 2113 <td></td> 2114 <td>**</td> 2115 <td>2016 9 15 </td> 2116 </tr> 2117 </table> 2118 <p> 2119 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 2120 </p> 2121 <p> 2122 ** Android 7.0 Google 2123 </p> 2124 2125 2126 <h3 id="id-in-stmicroelectronics-driver">STMicroelectronics </h3> 2127 <p> 2128 STMicroelectronics 2129 </p> 2130 2131 <table> 2132 <col width="19%"> 2133 <col width="20%"> 2134 <col width="10%"> 2135 <col width="23%"> 2136 <col width="17%"> 2137 <tr> 2138 <th>CVE</th> 2139 <th></th> 2140 <th></th> 2141 <th> Google </th> 2142 <th></th> 2143 </tr> 2144 <tr> 2145 <td>CVE-2016-8473</td> 2146 <td>A-31795790*</td> 2147 <td></td> 2148 <td>Nexus 5XNexus 6P</td> 2149 <td>2016 9 28 </td> 2150 </tr> 2151 <tr> 2152 <td>CVE-2016-8474</td> 2153 <td>A-31799972*</td> 2154 <td></td> 2155 <td>Nexus 5XNexus 6P</td> 2156 <td>2016 9 28 </td> 2157 </tr> 2158 </table> 2159 <p> 2160 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 2161 </p> 2162 2163 2164 <h3 id="id-in-qualcomm-audio-post-processor-">Qualcomm </h3> 2165 <p> 2166 Qualcomm 2167 </p> 2168 2169 <table> 2170 <col width="18%"> 2171 <col width="17%"> 2172 <col width="10%"> 2173 <col width="19%"> 2174 <col width="18%"> 2175 <col width="17%"> 2176 <tr> 2177 <th>CVE</th> 2178 <th></th> 2179 <th></th> 2180 <th> Google </th> 2181 <th> AOSP </th> 2182 <th></th> 2183 </tr> 2184 <tr> 2185 <td>CVE-2017-0399</td> 2186 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32588756</a> [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2187 <td></td> 2188 <td></td> 2189 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2190 <td>2016 10 18 </td> 2191 </tr> 2192 <tr> 2193 <td>CVE-2017-0400</td> 2194 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32438598</a> [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2195 <td></td> 2196 <td></td> 2197 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2198 <td>2016 10 25 </td> 2199 </tr> 2200 <tr> 2201 <td>CVE-2017-0401</td> 2202 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358">A-32588016</a> 2203 </td> 2204 <td></td> 2205 <td></td> 2206 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2207 <td>2016 10 26 </td> 2208 </tr> 2209 <tr> 2210 <td>CVE-2017-0402</td> 2211 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac">A-32588352</a> [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2212 <td></td> 2213 <td></td> 2214 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2215 <td>2016 10 25 </td> 2216 </tr> 2217 </table> 2218 2219 2220 <h3 id="id-in-htc-input-driver">HTC </h3> 2221 <p> 2222 HTC 2223 </p> 2224 2225 <table> 2226 <col width="19%"> 2227 <col width="20%"> 2228 <col width="10%"> 2229 <col width="23%"> 2230 <col width="17%"> 2231 <tr> 2232 <th>CVE</th> 2233 <th></th> 2234 <th></th> 2235 <th> Google </th> 2236 <th></th> 2237 </tr> 2238 <tr> 2239 <td>CVE-2016-8475</td> 2240 <td>A-32591129*</td> 2241 <td></td> 2242 <td>PixelPixel XL</td> 2243 <td>2016 10 30 </td> 2244 </tr> 2245 </table> 2246 <p> 2247 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 2248 </p> 2249 2250 2251 <h3 id="dos-in-kernel-file-system"></h3> 2252 <p> 2253 2254 </p> 2255 2256 <table> 2257 <col width="19%"> 2258 <col width="20%"> 2259 <col width="10%"> 2260 <col width="23%"> 2261 <col width="17%"> 2262 <tr> 2263 <th>CVE</th> 2264 <th></th> 2265 <th></th> 2266 <th> Google </th> 2267 <th></th> 2268 </tr> 2269 <tr> 2270 <td>CVE-2014-9420</td> 2271 <td>A-32477499<br> 2272 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d"></a></td> 2273 <td></td> 2274 <td>Pixel C</td> 2275 <td>2014 12 25 </td> 2276 </tr> 2277 </table> 2278 2279 <h2 id="common-questions-and-answers"></h2> 2280 <p></p> 2281 2282 <p><strong>1. 2283 </strong></p> 2284 2285 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 2286 <ul> 2287 <li>2017-01-01 2017-01-01 </li> 2288 <li>2017-01-05 2017-01-05 </li> 2289 </ul> 2290 <p></p> 2291 <ul> 2292 <li>[ro.build.version.security_patch]:[2017-01-01]</li> 2293 <li>[ro.build.version.security_patch]:[2017-01-05]</li> 2294 </ul> 2295 <p><strong>2. 2 </strong></p> 2296 2297 <p> 2 Android Android Android </p> 2298 <ul> 2299 <li> 2017 1 1 </li> 2300 <li> 2017 1 5 </li> 2301 </ul> 2302 <p></p> 2303 2304 <p><strong>3. Google </strong></p> 2305 2306 <p> <a href="#2017-01-01-details">2017-01-01</a> <a href="#2017-01-05-details">2017-01-05</a> Google Google <em></em></p> 2307 <ul> 2308 <li><strong> Google </strong> Nexus Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 2309 <li><strong> Google </strong> Google Google Google <em></em></li> 2310 <li><strong> Google </strong> Android Google Google <em></em></li> 2311 </ul> 2312 <p><strong>4.</strong></p> 2313 2314 <p><em></em></p> 2315 2316 <table> 2317 <tr> 2318 <th></th> 2319 <th></th> 2320 </tr> 2321 <tr> 2322 <td>A-</td> 2323 <td>Android Bug ID</td> 2324 </tr> 2325 <tr> 2326 <td>QC-</td> 2327 <td>Qualcomm </td> 2328 </tr> 2329 <tr> 2330 <td>M-</td> 2331 <td>MediaTek </td> 2332 </tr> 2333 <tr> 2334 <td>N-</td> 2335 <td>NVIDIA </td> 2336 </tr> 2337 <tr> 2338 <td>B-</td> 2339 <td>Broadcom </td> 2340 </tr> 2341 </table> 2342 <h2 id="revisions"></h2> 2343 <ul> 2344 <li>2017 1 3 </li> 2345 <li>2017 1 4 AOSP </li> 2346 <li>2017 1 5 7.1 7.1.1 AOSP </li> 2347 </ul> 2348 2349 </body> 2350 </html> 2351
