1 <html devsite> 2 <head> 3 <title>Android - 2017 2 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 <p><em>2017 2 6 | 2017 2 8 </em></p> 26 <p> 27 Android Android (OTA) Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a> Google 2017 2 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 28 </p> 29 <p> 30 2017 1 3 Android (AOSP) 31 AOSP 32 </p> 33 <p> 34 35 </p> 36 <p> 37 <a href="#mitigations">Android Google </a> <a href="/security/enhancements/index.html">Android </a> <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android 38 </p> 39 <p> 40 41 </p> 42 <h2 id="announcements"></h2> 43 <ul> 44 <li> Android Android <a href="#common-questions-and-answers"></a> 45 <ul> 46 <li><strong>2017-02-01</strong> 2017-02-01</li> 47 <li><strong>2017-02-05</strong> 2017-02-01 2017-02-05</li> 48 </ul> 49 </li> 50 <li> Google 2017 2 5 OTA </li> 51 </ul> 52 <h2 id="security-vulnerability-summary"></h2> 53 <p> 54 CVE Google <a href="/security/overview/updates-resources.html#severity"></a> 55 </p> 56 <h3 id="2017-02-01-summary">2017-02-01 - </h3> 57 <p> 58 2017-02-01 59 </p> 60 <table> 61 <col width="55%"> 62 <col width="20%"> 63 <col width="13%"> 64 <col width="12%"> 65 <tr> 66 <th></th> 67 <th>CVE</th> 68 <th></th> 69 <th> Google </th> 70 </tr> 71 <tr> 72 <td>Surfaceflinger </td> 73 <td>CVE-2017-0405</td> 74 <td></td> 75 <td></td> 76 </tr> 77 <tr> 78 <td>Mediaserver </td> 79 <td>CVE-2017-0406CVE-2017-0407</td> 80 <td></td> 81 <td></td> 82 </tr> 83 <tr> 84 <td>libgdx </td> 85 <td>CVE-2017-0408</td> 86 <td></td> 87 <td></td> 88 </tr> 89 <tr> 90 <td>libstagefright </td> 91 <td>CVE-2017-0409</td> 92 <td></td> 93 <td></td> 94 </tr> 95 <tr> 96 <td>Java.Net </td> 97 <td>CVE-2016-5552</td> 98 <td></td> 99 <td></td> 100 </tr> 101 <tr> 102 <td>Framework API </td> 103 <td>CVE-2017-0410CVE-2017-0411CVE-2017-0412</td> 104 <td></td> 105 <td></td> 106 </tr> 107 <tr> 108 <td>Mediaserver </td> 109 <td>CVE-2017-0415</td> 110 <td></td> 111 <td></td> 112 </tr> 113 <tr> 114 <td>Audioserver </td> 115 <td>CVE-2017-0416CVE-2017-0417CVE-2017-0418CVE-2017-0419</td> 116 <td></td> 117 <td></td> 118 </tr> 119 <tr> 120 <td>AOSP </td> 121 <td>CVE-2017-0420</td> 122 <td></td> 123 <td></td> 124 </tr> 125 <tr> 126 <td>AOSP </td> 127 <td>CVE-2017-0413CVE-2017-0414</td> 128 <td></td> 129 <td></td> 130 </tr> 131 <tr> 132 <td>Framework API </td> 133 <td>CVE-2017-0421</td> 134 <td></td> 135 <td></td> 136 </tr> 137 <tr> 138 <td>Bionic DNS </td> 139 <td>CVE-2017-0422</td> 140 <td></td> 141 <td></td> 142 </tr> 143 <tr> 144 <td></td> 145 <td>CVE-2017-0423</td> 146 <td></td> 147 <td></td> 148 </tr> 149 <tr> 150 <td>AOSP </td> 151 <td>CVE-2017-0424</td> 152 <td></td> 153 <td></td> 154 </tr> 155 <tr> 156 <td>Audioserver </td> 157 <td>CVE-2017-0425</td> 158 <td></td> 159 <td></td> 160 </tr> 161 <tr> 162 <td></td> 163 <td>CVE-2017-0426</td> 164 <td></td> 165 <td></td> 166 </tr> 167 </table> 168 <h3 id="2017-02-05-summary">2017-02-05 - </h3> 169 <p>2017-02-05 2017-02-01 </p> 170 <table> 171 <col width="55%"> 172 <col width="20%"> 173 <col width="13%"> 174 <col width="12%"> 175 <tr> 176 <th></th> 177 <th>CVE</th> 178 <th></th> 179 <th> Google </th> 180 </tr> 181 <tr> 182 <td>Qualcomm </td> 183 <td>CVE-2016-8418</td> 184 <td></td> 185 <td>*</td> 186 </tr> 187 <tr> 188 <td></td> 189 <td>CVE-2017-0427</td> 190 <td></td> 191 <td></td> 192 </tr> 193 <tr> 194 <td>NVIDIA GPU </td> 195 <td>CVE-2017-0428CVE-2017-0429</td> 196 <td></td> 197 <td></td> 198 </tr> 199 <tr> 200 <td></td> 201 <td>CVE-2014-9914</td> 202 <td></td> 203 <td></td> 204 </tr> 205 <tr> 206 <td>Broadcom WLAN </td> 207 <td>CVE-2017-0430</td> 208 <td></td> 209 <td></td> 210 </tr> 211 <tr> 212 <td>Qualcomm </td> 213 <td>CVE-2017-0431</td> 214 <td></td> 215 <td>*</td> 216 </tr> 217 <tr> 218 <td>MediaTek </td> 219 <td>CVE-2017-0432</td> 220 <td></td> 221 <td>*</td> 222 </tr> 223 <tr> 224 <td>Synaptics </td> 225 <td>CVE-2017-0433CVE-2017-0434</td> 226 <td></td> 227 <td></td> 228 </tr> 229 <tr> 230 <td>Qualcomm </td> 231 <td>CVE-2016-8480</td> 232 <td></td> 233 <td></td> 234 </tr> 235 <tr> 236 <td>Qualcomm </td> 237 <td>CVE-2016-8481CVE-2017-0435CVE-2017-0436</td> 238 <td></td> 239 <td></td> 240 </tr> 241 <tr> 242 <td>Qualcomm WLAN </td> 243 <td>CVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0440CVE-2017-0441CVE-2017-0442CVE-2017-0443CVE-2016-8476</td> 244 <td></td> 245 <td></td> 246 </tr> 247 <tr> 248 <td>Realtek </td> 249 <td>CVE-2017-0444</td> 250 <td></td> 251 <td></td> 252 </tr> 253 <tr> 254 <td>HTC </td> 255 <td>CVE-2017-0445CVE-2017-0446CVE-2017-0447</td> 256 <td></td> 257 <td></td> 258 </tr> 259 <tr> 260 <td>NVIDIA </td> 261 <td>CVE-2017-0448</td> 262 <td></td> 263 <td></td> 264 </tr> 265 <tr> 266 <td>Broadcom WLAN </td> 267 <td>CVE-2017-0449</td> 268 <td></td> 269 <td></td> 270 </tr> 271 <tr> 272 <td>Audioserver </td> 273 <td>CVE-2017-0450</td> 274 <td></td> 275 <td></td> 276 </tr> 277 <tr> 278 <td></td> 279 <td>CVE-2016-10044</td> 280 <td></td> 281 <td></td> 282 </tr> 283 <tr> 284 <td>Qualcomm </td> 285 <td>CVE-2016-8414</td> 286 <td></td> 287 <td></td> 288 </tr> 289 <tr> 290 <td>Qualcomm </td> 291 <td>CVE-2017-0451</td> 292 <td></td> 293 <td></td> 294 </tr> 295 </table> 296 297 <p>* Android 7.0 Google </p> 298 299 <h2 id="mitigations">Android Google </h2> 300 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 301 <ul> 302 <li> Android Android Android</li> 303 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root </li> 304 <li> Google Messenger mediaserver </li> 305 </ul> 306 <h2 id="acknowledgements"></h2> 307 <p> 308 </p> 309 <ul> 310 <li>Daniel DakhnoCVE-2017-0420</li> 311 <li>Copperhead Security Daniel MicayCVE-2017-0410</li> 312 <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>CVE-2017-0414</li> 313 <li>Chrome Frank LiberatoCVE-2017-0409</li> 314 <li>Project Zero Gal BeniaminiCVE-2017-0411CVE-2017-0412</li> 315 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2017-0434CVE-2017-0446CVE-2017-0447CVE-2017-0432</li> 316 <li><a href="http://www.360.com"> 360 </a> Alpha (<a href="https://twitter.com/oldfresher">@oldfresher</a>)CVE-2017-0415</li> 317 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a><a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0418</li> 318 <li> 360 Alpha Hao Chen Guang GongCVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0441CVE-2017-0442CVE-2016-8476CVE-2017-0443</li> 319 <li>Google Jeff SharkeyCVE-2017-0421CVE-2017-0423</li> 320 <li>Jeff TrimCVE-2017-0422</li> 321 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2017-0445</li> 322 <li>LINE Corporation ma.la Nikolay ElenkovCVE-2016-5552</li> 323 <li>Google Max SpectorCVE-2017-0416</li> 324 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>) Xuxian JiangCVE-2017-0425</li> 325 <li> (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2017-0427</li> 326 <li>IBM X-Force Sagi KedmiCVE-2017-0433</li> 327 <li>Copperhead Security Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>) Daniel MicayCVE-2017-0405</li> 328 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2017-0449CVE-2016-8418</li> 329 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0436CVE-2016-8481CVE-2017-0435</li> 330 <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0424</li> 331 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2017-0407</li> 332 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0450</li> 333 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0417</li> 334 <li><a href="http://www.weibo.com/wishlinux"></a> (<a href="https://twitter.com/wish_wu">@wish_wu</a>)CVE-2017-0408</li> 335 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8480</li> 336 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0444</li> 337 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0428</li> 338 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0448CVE-2017-0429</li> 339 <li><a href="http://www.nsfocus.com">NSFocus</a> <a href="mailto:zhouzhenster (a] gmail.com">Zhen Zhou</a> (<a href="https://twitter.com/henices">@henices</a>) <a href="mailto:sundaywind2004 (a] gmail.com">Zhixin Li</a>CVE-2017-0406</li> 340 </ul> 341 <p> 342 343 </p><ul> 344 <li></li> 345 </ul> 346 347 <h2 id="2017-02-01-details">2017-02-01 - </h2> 348 <p> 349 <a href="#2017-02-01-summary">2017-02-01 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 350 351 352 <h3 id="rce-in-surfaceflinger">Surfaceflinger </h3> 353 <p> 354 Surfaceflinger Surfaceflinger 355 </p> 356 357 <table> 358 <col width="18%"> 359 <col width="17%"> 360 <col width="10%"> 361 <col width="19%"> 362 <col width="18%"> 363 <col width="17%"> 364 <tr> 365 <th>CVE</th> 366 <th></th> 367 <th></th> 368 <th> Google </th> 369 <th> AOSP </th> 370 <th></th> 371 </tr> 372 <tr> 373 <td>CVE-2017-0405</td> 374 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979">A-31960359</a></td> 375 <td></td> 376 <td></td> 377 <td>7.07.1.1</td> 378 <td>2016 10 4 </td> 379 </tr> 380 </table> 381 382 383 <h3 id="rce-in-mediaserver">Mediaserver </h3> 384 <p> 385 Mediaserver Mediaserver 386 </p> 387 388 <table> 389 <col width="18%"> 390 <col width="17%"> 391 <col width="10%"> 392 <col width="19%"> 393 <col width="18%"> 394 <col width="17%"> 395 <tr> 396 <th>CVE</th> 397 <th></th> 398 <th></th> 399 <th> Google </th> 400 <th> AOSP </th> 401 <th></th> 402 </tr> 403 <tr> 404 <td>CVE-2017-0406</td> 405 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575">A-32915871</a> [<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td> 406 <td></td> 407 <td></td> 408 <td>6.06.0.17.07.1.1</td> 409 <td>2016 11 14 </td> 410 </tr> 411 <tr> 412 <td>CVE-2017-0407</td> 413 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7">A-32873375</a></td> 414 <td></td> 415 <td></td> 416 <td>6.06.0.17.07.1.1</td> 417 <td>2016 11 12 </td> 418 </tr> 419 </table> 420 421 422 <h3 id="rce-in-libgdx">libgdx </h3> 423 <p> 424 libgdx 425 </p> 426 427 <table> 428 <col width="18%"> 429 <col width="17%"> 430 <col width="10%"> 431 <col width="19%"> 432 <col width="18%"> 433 <col width="17%"> 434 <tr> 435 <th>CVE</th> 436 <th></th> 437 <th></th> 438 <th> Google </th> 439 <th> AOSP </th> 440 <th></th> 441 </tr> 442 <tr> 443 <td>CVE-2017-0408</td> 444 <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b">A-32769670</a></td> 445 <td></td> 446 <td></td> 447 <td>7.1.1</td> 448 <td>2016 11 9 </td> 449 </tr> 450 </table> 451 452 453 <h3 id="rce-in-libstagefright">libstagefright </h3> 454 <p> 455 libstagefright 456 </p> 457 458 <table> 459 <col width="18%"> 460 <col width="17%"> 461 <col width="10%"> 462 <col width="19%"> 463 <col width="18%"> 464 <col width="17%"> 465 <tr> 466 <th>CVE</th> 467 <th></th> 468 <th></th> 469 <th> Google </th> 470 <th> AOSP </th> 471 <th></th> 472 </tr> 473 <tr> 474 <td>CVE-2017-0409</td> 475 <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b">A-31999646</a></td> 476 <td></td> 477 <td></td> 478 <td>6.06.0.17.07.1.1</td> 479 <td>Google </td> 480 </tr> 481 </table> 482 483 484 <h3 id="eop-in-java.net">Java.Net </h3> 485 <p> 486 Java.Net 487 </p> 488 489 <table> 490 <col width="18%"> 491 <col width="17%"> 492 <col width="10%"> 493 <col width="19%"> 494 <col width="18%"> 495 <col width="17%"> 496 <tr> 497 <th>CVE</th> 498 <th></th> 499 <th></th> 500 <th> Google </th> 501 <th> AOSP </th> 502 <th></th> 503 </tr> 504 <tr> 505 <td>CVE-2016-5552</td> 506 <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea">A-31858037</a></td> 507 <td></td> 508 <td></td> 509 <td>7.07.1.1</td> 510 <td>2016 9 30 </td> 511 </tr> 512 </table> 513 514 515 <h3 id="eop-in-framework-apis">Framework API </h3> 516 <p> 517 Framework API 518 </p> 519 520 <table> 521 <col width="18%"> 522 <col width="17%"> 523 <col width="10%"> 524 <col width="19%"> 525 <col width="18%"> 526 <col width="17%"> 527 <tr> 528 <th>CVE</th> 529 <th></th> 530 <th></th> 531 <th> Google </th> 532 <th> AOSP </th> 533 <th></th> 534 </tr> 535 <tr> 536 <td>CVE-2017-0410</td> 537 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa">A-31929765</a></td> 538 <td></td> 539 <td></td> 540 <td>5.0.25.1.16.06.0.17.07.1.1</td> 541 <td>2016 10 2 </td> 542 </tr> 543 <tr> 544 <td>CVE-2017-0411</td> 545 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">A-33042690</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 546 <td></td> 547 <td></td> 548 <td>7.07.1.1</td> 549 <td>2016 11 21 </td> 550 </tr> 551 <tr> 552 <td>CVE-2017-0412</td> 553 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">A-33039926</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 554 <td></td> 555 <td></td> 556 <td>7.07.1.1</td> 557 <td>2016 11 21 </td> 558 </tr> 559 </table> 560 561 <h3 id="eop-in-mediaserver">Mediaserver </h3> 562 <p> 563 Mediaserver 564 </p> 565 566 <table> 567 <col width="18%"> 568 <col width="17%"> 569 <col width="10%"> 570 <col width="19%"> 571 <col width="18%"> 572 <col width="17%"> 573 <tr> 574 <th>CVE</th> 575 <th></th> 576 <th></th> 577 <th> Google </th> 578 <th> AOSP </th> 579 <th></th> 580 </tr> 581 <tr> 582 <td>CVE-2017-0415</td> 583 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34">A-32706020</a></td> 584 <td></td> 585 <td></td> 586 <td>6.06.0.17.07.1.1</td> 587 <td>2016 11 4 </td> 588 </tr> 589 </table> 590 591 592 <h3 id="eop-in-audioserver">Audioserver </h3> 593 <p> 594 Audioserver 595 </p> 596 597 <table> 598 <col width="18%"> 599 <col width="17%"> 600 <col width="10%"> 601 <col width="19%"> 602 <col width="18%"> 603 <col width="17%"> 604 <tr> 605 <th>CVE</th> 606 <th></th> 607 <th></th> 608 <th> Google </th> 609 <th> AOSP </th> 610 <th></th> 611 </tr> 612 <tr> 613 <td>CVE-2017-0416</td> 614 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">A-32886609</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td> 615 <td></td> 616 <td></td> 617 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 618 <td>Google </td> 619 </tr> 620 <tr> 621 <td>CVE-2017-0417</td> 622 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">A-32705438</a></td> 623 <td></td> 624 <td></td> 625 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 626 <td>2016 11 7 </td> 627 </tr> 628 <tr> 629 <td>CVE-2017-0418</td> 630 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">A-32703959</a> [<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td> 631 <td></td> 632 <td></td> 633 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 634 <td>2016 11 7 </td> 635 </tr> 636 <tr> 637 <td>CVE-2017-0419</td> 638 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">A-32220769</a></td> 639 <td></td> 640 <td></td> 641 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 642 <td>2016 10 15 </td> 643 </tr> 644 </table> 645 646 <h3 id="id-in-aosp-mail">AOSP </h3> 647 <p> 648 AOSP 649 </p> 650 651 <table> 652 <col width="18%"> 653 <col width="17%"> 654 <col width="10%"> 655 <col width="19%"> 656 <col width="18%"> 657 <col width="17%"> 658 <tr> 659 <th>CVE</th> 660 <th></th> 661 <th></th> 662 <th> Google </th> 663 <th> AOSP </th> 664 <th></th> 665 </tr> 666 <tr> 667 <td>CVE-2017-0420</td> 668 <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909">A-32615212</a></td> 669 <td></td> 670 <td></td> 671 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 672 <td>2016 9 12 </td> 673 </tr> 674 </table> 675 676 677 <h3 id="id-in-aosp-messaging">AOSP </h3> 678 <p> 679 AOSP 680 </p> 681 682 <table> 683 <col width="18%"> 684 <col width="17%"> 685 <col width="10%"> 686 <col width="19%"> 687 <col width="18%"> 688 <col width="17%"> 689 <tr> 690 <th>CVE</th> 691 <th></th> 692 <th></th> 693 <th> Google </th> 694 <th> AOSP </th> 695 <th></th> 696 </tr> 697 <tr> 698 <td>CVE-2017-0413</td> 699 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e">A-32161610</a></td> 700 <td></td> 701 <td></td> 702 <td>6.06.0.17.07.1.1</td> 703 <td>2016 10 13 </td> 704 </tr> 705 <tr> 706 <td>CVE-2017-0414</td> 707 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd">A-32807795</a></td> 708 <td></td> 709 <td></td> 710 <td>6.06.0.17.07.1.1</td> 711 <td>2016 11 10 </td> 712 </tr> 713 </table> 714 715 716 <h3 id="id-in-framework-apis">Framework API </h3> 717 <p> 718 Framework API 719 </p> 720 721 <table> 722 <col width="18%"> 723 <col width="17%"> 724 <col width="10%"> 725 <col width="19%"> 726 <col width="18%"> 727 <col width="17%"> 728 <tr> 729 <th>CVE</th> 730 <th></th> 731 <th></th> 732 <th> Google </th> 733 <th> AOSP </th> 734 <th></th> 735 </tr> 736 <tr> 737 <td>CVE-2017-0421</td> 738 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336">A-32555637</a></td> 739 <td></td> 740 <td></td> 741 <td>5.0.25.1.16.06.0.17.07.1.1</td> 742 <td>Google </td> 743 </tr> 744 </table> 745 746 747 <h3 id="dos-in-bionic-dns">Bionic DNS </h3> 748 <p> 749 Bionic DNS 750 751 752 </p> 753 754 <table> 755 <col width="18%"> 756 <col width="17%"> 757 <col width="10%"> 758 <col width="19%"> 759 <col width="18%"> 760 <col width="17%"> 761 <tr> 762 <th>CVE</th> 763 <th></th> 764 <th></th> 765 <th> Google </th> 766 <th> AOSP </th> 767 <th></th> 768 </tr> 769 <tr> 770 <td>CVE-2017-0422</td> 771 <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d">A-32322088</a></td> 772 <td></td> 773 <td></td> 774 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 775 <td>2016 10 20 </td> 776 </tr> 777 </table> 778 779 780 <h3 id="eop-in-bluetooth"></h3> 781 <p> 782 783 </p> 784 785 <table> 786 <col width="18%"> 787 <col width="17%"> 788 <col width="10%"> 789 <col width="19%"> 790 <col width="18%"> 791 <col width="17%"> 792 <tr> 793 <th>CVE</th> 794 <th></th> 795 <th></th> 796 <th> Google </th> 797 <th> AOSP </th> 798 <th></th> 799 </tr> 800 <tr> 801 <td>CVE-2017-0423</td> 802 <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083">A-32612586</a></td> 803 <td></td> 804 <td></td> 805 <td>5.0.25.1.16.06.0.17.07.1.1</td> 806 <td>2016 11 2 </td> 807 </tr> 808 </table> 809 810 811 <h3 id="id-in-aosp-messaging-2">AOSP </h3> 812 <p> 813 AOSP 814 </p> 815 816 <table> 817 <col width="18%"> 818 <col width="17%"> 819 <col width="10%"> 820 <col width="19%"> 821 <col width="18%"> 822 <col width="17%"> 823 <tr> 824 <th>CVE</th> 825 <th></th> 826 <th></th> 827 <th> Google </th> 828 <th> AOSP </th> 829 <th></th> 830 </tr> 831 <tr> 832 <td>CVE-2017-0424</td> 833 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc">A-32322450</a></td> 834 <td></td> 835 <td></td> 836 <td>6.06.0.17.07.1.1</td> 837 <td>2016 10 20 </td> 838 </tr> 839 </table> 840 841 842 <h3 id="id-in-audioserver">Audioserver </h3> 843 <p> 844 Audioserver 845 </p> 846 847 <table> 848 <col width="18%"> 849 <col width="17%"> 850 <col width="10%"> 851 <col width="19%"> 852 <col width="18%"> 853 <col width="17%"> 854 <tr> 855 <th>CVE</th> 856 <th></th> 857 <th></th> 858 <th> Google </th> 859 <th> AOSP </th> 860 <th></th> 861 </tr> 862 <tr> 863 <td>CVE-2017-0425</td> 864 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">A-32720785</a></td> 865 <td></td> 866 <td></td> 867 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 868 <td>2016 11 7 </td> 869 </tr> 870 </table> 871 872 873 <h3 id="id-in-filesystem"></h3> 874 <p> 875 876 </p> 877 878 <table> 879 <col width="18%"> 880 <col width="17%"> 881 <col width="10%"> 882 <col width="19%"> 883 <col width="18%"> 884 <col width="17%"> 885 <tr> 886 <th>CVE</th> 887 <th></th> 888 <th></th> 889 <th> Google </th> 890 <th> AOSP </th> 891 <th></th> 892 </tr> 893 <tr> 894 <td>CVE-2017-0426</td> 895 <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a">A-32799236</a> [<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td> 896 <td></td> 897 <td></td> 898 <td>7.07.1.1</td> 899 <td>Google </td> 900 </tr> 901 </table> 902 903 904 <h2 id="2017-02-05-details">2017-02-05 - </h2> 905 <p> 906 <a href="#2017-02-05-summary">2017-02-05 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 907 908 909 <h3 id="rce-in-qualcomm-crypto-driver">Qualcomm </h3> 910 <p> 911 Qualcomm 912 </p> 913 914 <table> 915 <col width="19%"> 916 <col width="20%"> 917 <col width="10%"> 918 <col width="23%"> 919 <col width="17%"> 920 <tr> 921 <th>CVE</th> 922 <th></th> 923 <th></th> 924 <th> Google </th> 925 <th></th> 926 </tr> 927 <tr> 928 <td>CVE-2016-8418</td> 929 <td>A-32652894<br> 930 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f">QC-CR#1077457</a></td> 931 <td></td> 932 <td>*</td> 933 <td>2016 10 10 </td> 934 </tr> 935 </table> 936 <p> 937 * Android 7.0 Google 938 </p> 939 940 941 <h3 id="eop-in-kernel-file-system"></h3> 942 <p> 943 944 </p> 945 946 <table> 947 <col width="19%"> 948 <col width="20%"> 949 <col width="10%"> 950 <col width="23%"> 951 <col width="17%"> 952 <tr> 953 <th>CVE</th> 954 <th></th> 955 <th></th> 956 <th> Google </th> 957 <th></th> 958 </tr> 959 <tr> 960 <td>CVE-2017-0427</td> 961 <td>A-31495866*</td> 962 <td></td> 963 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 964 <td>2016 9 13 </td> 965 </tr> 966 </table> 967 <p> 968 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 969 </p> 970 971 972 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 973 <p> 974 NVIDIA GPU 975 </p> 976 977 <table> 978 <col width="19%"> 979 <col width="20%"> 980 <col width="10%"> 981 <col width="23%"> 982 <col width="17%"> 983 <tr> 984 <th>CVE</th> 985 <th></th> 986 <th></th> 987 <th> Google </th> 988 <th></th> 989 </tr> 990 <tr> 991 <td>CVE-2017-0428</td> 992 <td>A-32401526*<br>N-CVE-2017-0428</td> 993 <td></td> 994 <td>Nexus 9</td> 995 <td>2016 10 25 </td> 996 </tr> 997 <tr> 998 <td>CVE-2017-0429</td> 999 <td>A-32636619*<br>N-CVE-2017-0429</td> 1000 <td></td> 1001 <td>Nexus 9</td> 1002 <td>2016 11 3 </td> 1003 </tr> 1004 </table> 1005 <p> 1006 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1007 </p> 1008 1009 1010 <h3 id="eop-in-kernel-networking-subsystem"></h3> 1011 <p> 1012 1013 </p> 1014 1015 <table> 1016 <col width="19%"> 1017 <col width="20%"> 1018 <col width="10%"> 1019 <col width="23%"> 1020 <col width="17%"> 1021 <tr> 1022 <th>CVE</th> 1023 <th></th> 1024 <th></th> 1025 <th> Google </th> 1026 <th></th> 1027 </tr> 1028 <tr> 1029 <td>CVE-2014-9914</td> 1030 <td>A-32882659<br> 1031 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a"></a></td> 1032 <td></td> 1033 <td>Nexus 6Nexus Player</td> 1034 <td>2016 11 9 </td> 1035 </tr> 1036 </table> 1037 1038 1039 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom WLAN </h3> 1040 <p> 1041 Broadcom WLAN 1042 </p> 1043 1044 <table> 1045 <col width="19%"> 1046 <col width="20%"> 1047 <col width="10%"> 1048 <col width="23%"> 1049 <col width="17%"> 1050 <tr> 1051 <th>CVE</th> 1052 <th></th> 1053 <th></th> 1054 <th> Google </th> 1055 <th></th> 1056 </tr> 1057 <tr> 1058 <td>CVE-2017-0430</td> 1059 <td>A-32838767*<br>B-RB#107459</td> 1060 <td></td> 1061 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1062 <td>Google </td> 1063 </tr> 1064 </table> 1065 <p> 1066 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1067 </p> 1068 1069 1070 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1071 <p> 1072 Qualcomm 2016 9 Qualcomm AMSS 1073 </p> 1074 1075 <table> 1076 <col width="19%"> 1077 <col width="20%"> 1078 <col width="10%"> 1079 <col width="23%"> 1080 <col width="17%"> 1081 <tr> 1082 <th>CVE</th> 1083 <th></th> 1084 <th>*</th> 1085 <th> Google </th> 1086 <th></th> 1087 </tr> 1088 <tr> 1089 <td>CVE-2017-0431</td> 1090 <td>A-32573899**</td> 1091 <td></td> 1092 <td>***</td> 1093 <td>Qualcomm </td> 1094 </tr> 1095 </table> 1096 <p> 1097 * 1098 </p> 1099 <p> 1100 ** <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1101 </p> 1102 <p> 1103 *** Android 7.0 Google 1104 </p> 1105 1106 1107 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1108 <p> 1109 MediaTek 1110 </p> 1111 1112 <table> 1113 <col width="19%"> 1114 <col width="20%"> 1115 <col width="10%"> 1116 <col width="23%"> 1117 <col width="17%"> 1118 <tr> 1119 <th>CVE</th> 1120 <th></th> 1121 <th></th> 1122 <th> Google </th> 1123 <th></th> 1124 </tr> 1125 <tr> 1126 <td>CVE-2017-0432</td> 1127 <td>A-28332719*<br>M-ALPS02708925</td> 1128 <td></td> 1129 <td>**</td> 1130 <td>2016 4 21 </td> 1131 </tr> 1132 </table> 1133 <p> 1134 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1135 </p> 1136 <p> 1137 ** Android 7.0 Google 1138 </p> 1139 1140 1141 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1142 <p> 1143 Synaptics 1144 </p> 1145 1146 <table> 1147 <col width="19%"> 1148 <col width="20%"> 1149 <col width="10%"> 1150 <col width="23%"> 1151 <col width="17%"> 1152 <tr> 1153 <th>CVE</th> 1154 <th></th> 1155 <th></th> 1156 <th> Google </th> 1157 <th></th> 1158 </tr> 1159 <tr> 1160 <td>CVE-2017-0433</td> 1161 <td>A-31913571*</td> 1162 <td></td> 1163 <td>Nexus 6PNexus 9Android OnePixelPixel XL</td> 1164 <td>2016 9 8 </td> 1165 </tr> 1166 <tr> 1167 <td>CVE-2017-0434</td> 1168 <td>A-33001936*</td> 1169 <td></td> 1170 <td>PixelPixel XL</td> 1171 <td>2016 11 18 </td> 1172 </tr> 1173 </table> 1174 <p> 1175 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1176 </p> 1177 1178 1179 <h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm </h3> 1180 <p> 1181 Qualcomm 1182 </p> 1183 1184 <table> 1185 <col width="19%"> 1186 <col width="20%"> 1187 <col width="10%"> 1188 <col width="23%"> 1189 <col width="17%"> 1190 <tr> 1191 <th>CVE</th> 1192 <th></th> 1193 <th></th> 1194 <th> Google </th> 1195 <th></th> 1196 </tr> 1197 <tr> 1198 <td>CVE-2016-8480</td> 1199 <td>A-31804432<br> 1200 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471">QC-CR#1086186</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td> 1201 <td></td> 1202 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1203 <td>2016 9 28 </td> 1204 </tr> 1205 </table> 1206 1207 1208 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1209 <p> 1210 Qualcomm 1211 </p> 1212 1213 <table> 1214 <col width="19%"> 1215 <col width="20%"> 1216 <col width="10%"> 1217 <col width="23%"> 1218 <col width="17%"> 1219 <tr> 1220 <th>CVE</th> 1221 <th></th> 1222 <th></th> 1223 <th> Google </th> 1224 <th></th> 1225 </tr> 1226 <tr> 1227 <td>CVE-2016-8481</td> 1228 <td>A-31906415*<br>QC-CR#1078000</td> 1229 <td></td> 1230 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1231 <td>2016 10 1 </td> 1232 </tr> 1233 <tr> 1234 <td>CVE-2017-0435</td> 1235 <td>A-31906657*<br>QC-CR#1078000</td> 1236 <td></td> 1237 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1238 <td>2016 10 1 </td> 1239 </tr> 1240 <tr> 1241 <td>CVE-2017-0436</td> 1242 <td>A-32624661*<br>QC-CR#1078000</td> 1243 <td></td> 1244 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1245 <td>2016 11 2 </td> 1246 </tr> 1247 </table> 1248 <p> 1249 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1250 </p> 1251 1252 1253 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm WLAN </h3> 1254 <p> 1255 Qualcomm WLAN 1256 </p> 1257 1258 <table> 1259 <col width="19%"> 1260 <col width="20%"> 1261 <col width="10%"> 1262 <col width="23%"> 1263 <col width="17%"> 1264 <tr> 1265 <th>CVE</th> 1266 <th></th> 1267 <th></th> 1268 <th> Google </th> 1269 <th></th> 1270 </tr> 1271 <tr> 1272 <td>CVE-2017-0437</td> 1273 <td>A-32402310<br> 1274 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td> 1275 <td></td> 1276 <td>Nexus 5XPixelPixel XL</td> 1277 <td>2016 10 25 </td> 1278 </tr> 1279 <tr> 1280 <td>CVE-2017-0438</td> 1281 <td>A-32402604<br> 1282 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td> 1283 <td></td> 1284 <td>Nexus 5XPixelPixel XL</td> 1285 <td>2016 10 25 </td> 1286 </tr> 1287 <tr> 1288 <td>CVE-2017-0439</td> 1289 <td>A-32450647<br> 1290 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61">QC-CR#1092059</a></td> 1291 <td></td> 1292 <td>Nexus 5XPixelPixel XL</td> 1293 <td>2016 10 25 </td> 1294 </tr> 1295 <tr> 1296 <td>CVE-2016-8419</td> 1297 <td>A-32454494<br> 1298 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488">QC-CR#1087209</a></td> 1299 <td></td> 1300 <td>Nexus 5XPixelPixel XL</td> 1301 <td>2016 10 26 </td> 1302 </tr> 1303 <tr> 1304 <td>CVE-2016-8420</td> 1305 <td>A-32451171<br> 1306 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e">QC-CR#1087807</a></td> 1307 <td></td> 1308 <td>Nexus 5XPixelPixel XL</td> 1309 <td>2016 10 26 </td> 1310 </tr> 1311 <tr> 1312 <td>CVE-2016-8421</td> 1313 <td>A-32451104<br> 1314 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb">QC-CR#1087797</a></td> 1315 <td></td> 1316 <td>Nexus 5XPixelPixel XL</td> 1317 <td>2016 10 26 </td> 1318 </tr> 1319 <tr> 1320 <td>CVE-2017-0440</td> 1321 <td>A-33252788<br> 1322 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268">QC-CR#1095770</a></td> 1323 <td></td> 1324 <td>Nexus 5XPixelPixel XL</td> 1325 <td>2016 11 11 </td> 1326 </tr> 1327 <tr> 1328 <td>CVE-2017-0441</td> 1329 <td>A-32872662<br> 1330 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684">QC-CR#1095009</a></td> 1331 <td></td> 1332 <td>Nexus 5XPixelPixel XL</td> 1333 <td>2016 11 11 </td> 1334 </tr> 1335 <tr> 1336 <td>CVE-2017-0442</td> 1337 <td>A-32871330<br> 1338 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td> 1339 <td></td> 1340 <td>Nexus 5XPixelPixel XL</td> 1341 <td>2016 11 13 </td> 1342 </tr> 1343 <tr> 1344 <td>CVE-2017-0443</td> 1345 <td>A-32877494<br> 1346 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td> 1347 <td></td> 1348 <td>Nexus 5XPixelPixel XL</td> 1349 <td>2016 11 13 </td> 1350 </tr> 1351 <tr> 1352 <td>CVE-2016-8476</td> 1353 <td>A-32879283<br> 1354 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799">QC-CR#1091940</a></td> 1355 <td></td> 1356 <td>Nexus 5XPixelPixel XL</td> 1357 <td>2016 11 14 </td> 1358 </tr> 1359 </table> 1360 1361 1362 <h3 id="eop-in-realtek-sound-driver">Realtek </h3> 1363 <p> 1364 Realtek 1365 </p> 1366 1367 <table> 1368 <col width="19%"> 1369 <col width="20%"> 1370 <col width="10%"> 1371 <col width="23%"> 1372 <col width="17%"> 1373 <tr> 1374 <th>CVE</th> 1375 <th></th> 1376 <th></th> 1377 <th> Google </th> 1378 <th></th> 1379 </tr> 1380 <tr> 1381 <td>CVE-2017-0444</td> 1382 <td>A-32705232*</td> 1383 <td></td> 1384 <td>Nexus 9</td> 1385 <td>2016 11 7 </td> 1386 </tr> 1387 </table> 1388 <p> 1389 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1390 </p> 1391 1392 1393 <h3 id="eop-in-htc-touchscreen-driver">HTC </h3> 1394 <p> 1395 HTC 1396 </p> 1397 1398 <table> 1399 <col width="19%"> 1400 <col width="20%"> 1401 <col width="10%"> 1402 <col width="23%"> 1403 <col width="17%"> 1404 <tr> 1405 <th>CVE</th> 1406 <th></th> 1407 <th></th> 1408 <th> Google </th> 1409 <th></th> 1410 </tr> 1411 <tr> 1412 <td>CVE-2017-0445</td> 1413 <td>A-32769717*</td> 1414 <td></td> 1415 <td>PixelPixel XL</td> 1416 <td>2016 11 9 </td> 1417 </tr> 1418 <tr> 1419 <td>CVE-2017-0446</td> 1420 <td>A-32917445*</td> 1421 <td></td> 1422 <td>PixelPixel XL</td> 1423 <td>2016 11 15 </td> 1424 </tr> 1425 <tr> 1426 <td>CVE-2017-0447</td> 1427 <td>A-32919560*</td> 1428 <td></td> 1429 <td>PixelPixel XL</td> 1430 <td>2016 11 15 </td> 1431 </tr> 1432 </table> 1433 <p> 1434 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1435 </p> 1436 1437 1438 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1439 <p> 1440 NVIDIA 1441 </p> 1442 1443 <table> 1444 <col width="19%"> 1445 <col width="20%"> 1446 <col width="10%"> 1447 <col width="23%"> 1448 <col width="17%"> 1449 <tr> 1450 <th>CVE</th> 1451 <th></th> 1452 <th></th> 1453 <th> Google </th> 1454 <th></th> 1455 </tr> 1456 <tr> 1457 <td>CVE-2017-0448</td> 1458 <td>A-32721029*<br>N-CVE-2017-0448</td> 1459 <td></td> 1460 <td>Nexus 9</td> 1461 <td>2016 11 7 </td> 1462 </tr> 1463 </table> 1464 <p> 1465 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1466 </p> 1467 1468 1469 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom WLAN </h3> 1470 <p> 1471 Broadcom WLAN 1472 </p> 1473 1474 <table> 1475 <col width="19%"> 1476 <col width="20%"> 1477 <col width="10%"> 1478 <col width="23%"> 1479 <col width="17%"> 1480 <tr> 1481 <th>CVE</th> 1482 <th></th> 1483 <th></th> 1484 <th> Google </th> 1485 <th></th> 1486 </tr> 1487 <tr> 1488 <td>CVE-2017-0449</td> 1489 <td>A-31707909*<br>B-RB#32094</td> 1490 <td></td> 1491 <td>Nexus 6Nexus 6P</td> 1492 <td>2016 9 23 </td> 1493 </tr> 1494 </table> 1495 <p> 1496 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1497 </p> 1498 1499 1500 <h3 id="eop-in-audioserver-2">Audioserver </h3> 1501 <p> 1502 Audioserver 1503 </p> 1504 1505 <table> 1506 <col width="19%"> 1507 <col width="20%"> 1508 <col width="10%"> 1509 <col width="23%"> 1510 <col width="17%"> 1511 <tr> 1512 <th>CVE</th> 1513 <th></th> 1514 <th></th> 1515 <th> Google </th> 1516 <th></th> 1517 </tr> 1518 <tr> 1519 <td>CVE-2017-0450</td> 1520 <td>A-32917432*</td> 1521 <td></td> 1522 <td>Nexus 9</td> 1523 <td>2016 11 15 </td> 1524 </tr> 1525 </table> 1526 <p> 1527 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1528 </p> 1529 1530 1531 <h3 id="eop-in-kernel-file-system-2"></h3> 1532 <p> 1533 1534 </p> 1535 1536 <table> 1537 <col width="19%"> 1538 <col width="20%"> 1539 <col width="10%"> 1540 <col width="23%"> 1541 <col width="17%"> 1542 <tr> 1543 <th>CVE</th> 1544 <th></th> 1545 <th></th> 1546 <th> Google </th> 1547 <th></th> 1548 </tr> 1549 <tr> 1550 <td>CVE-2016-10044</td> 1551 <td>A-31711619*</td> 1552 <td></td> 1553 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1554 <td>Google </td> 1555 </tr> 1556 </table> 1557 <p> 1558 * <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus 1559 </p> 1560 1561 1562 <h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm </h3> 1563 <p> 1564 Qualcomm 1565 </p> 1566 1567 <table> 1568 <col width="19%"> 1569 <col width="20%"> 1570 <col width="10%"> 1571 <col width="23%"> 1572 <col width="17%"> 1573 <tr> 1574 <th>CVE</th> 1575 <th></th> 1576 <th></th> 1577 <th> Google </th> 1578 <th></th> 1579 </tr> 1580 <tr> 1581 <td>CVE-2016-8414</td> 1582 <td>A-31704078<br> 1583 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846">QC-CR#1076407</a></td> 1584 <td></td> 1585 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1586 <td>2016 9 23 </td> 1587 </tr> 1588 </table> 1589 1590 1591 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3> 1592 <p> 1593 Qualcomm 1594 </p> 1595 1596 <table> 1597 <col width="19%"> 1598 <col width="20%"> 1599 <col width="10%"> 1600 <col width="23%"> 1601 <col width="17%"> 1602 <tr> 1603 <th>CVE</th> 1604 <th></th> 1605 <th></th> 1606 <th> Google </th> 1607 <th></th> 1608 </tr> 1609 <tr> 1610 <td>CVE-2017-0451</td> 1611 <td>A-31796345<br> 1612 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e">QC-CR#1073129</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td> 1613 <td></td> 1614 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1615 <td>2016 9 27 </td> 1616 </tr> 1617 </table> 1618 1619 <h2 id="common-questions-and-answers"></h2> 1620 <p></p> 1621 <p><strong>1. </strong></p> 1622 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 1623 <ul> 1624 <li>2017-02-01 2017-02-01 </li> 1625 <li>2017-02-05 2017-02-05 1626 </li> 1627 </ul> 1628 <p></p> 1629 <ul> 1630 <li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li> 1631 <li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li> 1632 </ul> 1633 1634 <p><strong>2. 2 </strong></p> 1635 1636 <p> 2 Android Android Android </p> 1637 <ul> 1638 <li> 2017 1 1 </li> 1639 <li> 2017 1 5 </li> 1640 </ul> 1641 <p></p> 1642 <p><strong>3. Google </strong></p> 1643 <p> <a href="#2017-02-01-details">2017-02-01</a> <a href="#2017-02-05-details">2017-02-05</a> Google Google <em></em> 1644 </p> 1645 <ul> 1646 <li><strong> Google </strong> Nexus Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 1647 <li><strong> Google </strong> Google Google Google <em></em></li> 1648 <li><strong> Google </strong> Android 7.0 Google Google <em></em></li> 1649 </ul> 1650 <p><strong>4. </strong></p> 1651 <p><em></em></p> 1652 <table> 1653 <tr> 1654 <th></th> 1655 <th></th> 1656 </tr> 1657 <tr> 1658 <td>A-</td> 1659 <td>Android Bug ID</td> 1660 </tr> 1661 <tr> 1662 <td>QC-</td> 1663 <td>Qualcomm </td> 1664 </tr> 1665 <tr> 1666 <td>M-</td> 1667 <td>MediaTek </td> 1668 </tr> 1669 <tr> 1670 <td>N-</td> 1671 <td>NVIDIA </td> 1672 </tr> 1673 <tr> 1674 <td>B-</td> 1675 <td>Broadcom </td> 1676 </tr> 1677 </table> 1678 1679 <h2 id="revisions"></h2> 1680 <ul> 1681 <li>2017 2 6 </li> 1682 <li>2017 2 8 AOSP </li> 1683 </ul> 1684 1685 </body> 1686 </html> 1687
