1 <html devsite> 2 <head> 3 <title>Android - 2017 3 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 <p><em>2017 3 6 | 2017 3 7 </em></p> 25 <p>Android Android (OTA) Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a> Google 2017 3 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 26 <p> 2017 2 6 Android (AOSP) 27 AOSP </p> 28 <p></p> 29 <p> <a href="#mitigations">Android Google </a> <a href="{@docRoot}security/enhancements/index.html">Android </a> <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android </p> 30 <p></p> 31 <h2 id="announcements"></h2> 32 <ul> 33 <li> Android Android <a href="#common-questions-and-answers"></a><ul> 34 <li><strong>2017-03-01</strong> 2017-03-01</li> 35 <li><strong>2017-03-05</strong> 2017-03-01 2017-03-05</li> 36 </ul> 37 </li> 38 <li> Google 2017 3 5 OTA </li> 39 </ul> 40 <h2 id="security-vulnerability-summary"></h2> 41 <p> CVE Google <a href="{@docRoot}security/overview/updates-resources.html#severity"></a></p> 42 <h3 id="2017-03-01-summary">2017-03-01 - </h3> 43 <p>2017-03-01</p> 44 <table> 45 <col width="55%"> 46 <col width="20%"> 47 <col width="13%"> 48 <col width="12%"> 49 <tr> 50 <th></th> 51 <th>CVE</th> 52 <th></th> 53 <th> Google </th> 54 </tr> 55 <tr> 56 <td>OpenSSL BoringSSL </td> 57 <td>CVE-2016-2182</td> 58 <td></td> 59 <td></td> 60 </tr> 61 <tr> 62 <td>Mediaserver </td> 63 <td>CVE-2017-0466CVE-2017-0467CVE-2017-0468CVE-2017-0469CVE-2017-0470CVE-2017-0471CVE-2017-0472CVE-2017-0473CVE-2017-0474</td> 64 <td></td> 65 <td></td> 66 </tr> 67 <tr> 68 <td>recovery </td> 69 <td>CVE-2017-0475</td> 70 <td></td> 71 <td></td> 72 </tr> 73 <tr> 74 <td>AOSP </td> 75 <td>CVE-2017-0476</td> 76 <td></td> 77 <td></td> 78 </tr> 79 <tr> 80 <td>libgdx </td> 81 <td>CVE-2017-0477</td> 82 <td></td> 83 <td></td> 84 </tr> 85 <tr> 86 <td>Framesequence </td> 87 <td>CVE-2017-0478</td> 88 <td></td> 89 <td></td> 90 </tr> 91 <tr> 92 <td>NFC </td> 93 <td>CVE-2017-0481</td> 94 <td></td> 95 <td></td> 96 </tr> 97 <tr> 98 <td>Audioserver </td> 99 <td>CVE-2017-0479CVE-2017-0480</td> 100 <td></td> 101 <td></td> 102 </tr> 103 <tr> 104 <td>Mediaserver </td> 105 <td>CVE-2017-0482CVE-2017-0483CVE-2017-0484CVE-2017-0485CVE-2017-0486CVE-2017-0487CVE-2017-0488</td> 106 <td></td> 107 <td></td> 108 </tr> 109 <tr> 110 <td></td> 111 <td>CVE-2017-0489</td> 112 <td></td> 113 <td></td> 114 </tr> 115 <tr> 116 <td>WLAN </td> 117 <td>CVE-2017-0490</td> 118 <td></td> 119 <td></td> 120 </tr> 121 <tr> 122 <td></td> 123 <td>CVE-2017-0491</td> 124 <td></td> 125 <td></td> 126 </tr> 127 <tr> 128 <td></td> 129 <td>CVE-2017-0492</td> 130 <td></td> 131 <td></td> 132 </tr> 133 <tr> 134 <td>AOSP </td> 135 <td>CVE-2017-0494</td> 136 <td></td> 137 <td></td> 138 </tr> 139 <tr> 140 <td>Mediaserver </td> 141 <td>CVE-2017-0495</td> 142 <td></td> 143 <td></td> 144 </tr> 145 <tr> 146 <td></td> 147 <td>CVE-2017-0496</td> 148 <td></td> 149 <td></td> 150 </tr> 151 <tr> 152 <td>Mediaserver </td> 153 <td>CVE-2017-0497</td> 154 <td></td> 155 <td></td> 156 </tr> 157 <tr> 158 <td></td> 159 <td>CVE-2017-0498</td> 160 <td></td> 161 <td>*</td> 162 </tr> 163 <tr> 164 <td>Audioserver </td> 165 <td>CVE-2017-0499</td> 166 <td></td> 167 <td></td> 168 </tr> 169 </table> 170 <p>* Android 7.0 Google </p> 171 <h3 id="2017-03-05-summary">2017-03-05 - </h3> 172 <p>2017-03-05 2017-03-01 </p> 173 <table> 174 <col width="55%"> 175 <col width="20%"> 176 <col width="13%"> 177 <col width="12%"> 178 <tr> 179 <th></th> 180 <th>CVE</th> 181 <th></th> 182 <th> Google </th> 183 </tr> 184 <tr> 185 <td>MediaTek </td> 186 <td>CVE-2017-0500CVE-2017-0501CVE-2017-0502CVE-2017-0503CVE-2017-0504CVE-2017-0505CVE-2017-0506</td> 187 <td></td> 188 <td>*</td> 189 </tr> 190 <tr> 191 <td>NVIDIA GPU </td> 192 <td>CVE-2017-0337CVE-2017-0338CVE-2017-0333CVE-2017-0306CVE-2017-0335</td> 193 <td></td> 194 <td></td> 195 </tr> 196 <tr> 197 <td> ION </td> 198 <td>CVE-2017-0507CVE-2017-0508</td> 199 <td></td> 200 <td></td> 201 </tr> 202 <tr> 203 <td>Broadcom WLAN </td> 204 <td>CVE-2017-0509</td> 205 <td></td> 206 <td>*</td> 207 </tr> 208 <tr> 209 <td> FIQ </td> 210 <td>CVE-2017-0510</td> 211 <td></td> 212 <td></td> 213 </tr> 214 <tr> 215 <td>Qualcomm GPU </td> 216 <td>CVE-2016-8479</td> 217 <td></td> 218 <td></td> 219 </tr> 220 <tr> 221 <td></td> 222 <td>CVE-2016-9806CVE-2016-10200</td> 223 <td></td> 224 <td></td> 225 </tr> 226 <tr> 227 <td>Qualcomm </td> 228 <td>CVE-2016-8484CVE-2016-8485CVE-2016-8486CVE-2016-8487CVE-2016-8488</td> 229 <td></td> 230 <td>*</td> 231 </tr> 232 <tr> 233 <td></td> 234 <td>CVE-2016-8655CVE-2016-9793</td> 235 <td></td> 236 <td></td> 237 </tr> 238 <tr> 239 <td>Qualcomm </td> 240 <td>CVE-2017-0516</td> 241 <td></td> 242 <td></td> 243 </tr> 244 <tr> 245 <td>MediaTek </td> 246 <td>CVE-2017-0517</td> 247 <td></td> 248 <td>*</td> 249 </tr> 250 <tr> 251 <td>Qualcomm ADSPRPC </td> 252 <td>CVE-2017-0457</td> 253 <td></td> 254 <td></td> 255 </tr> 256 <tr> 257 <td>Qualcomm </td> 258 <td>CVE-2017-0518CVE-2017-0519</td> 259 <td></td> 260 <td></td> 261 </tr> 262 <tr> 263 <td>Qualcomm </td> 264 <td>CVE-2017-0520</td> 265 <td></td> 266 <td></td> 267 </tr> 268 <tr> 269 <td>Qualcomm </td> 270 <td>CVE-2017-0458CVE-2017-0521</td> 271 <td></td> 272 <td></td> 273 </tr> 274 <tr> 275 <td>MediaTek APK </td> 276 <td>CVE-2017-0522</td> 277 <td></td> 278 <td>*</td> 279 </tr> 280 <tr> 281 <td>Qualcomm WLAN </td> 282 <td>CVE-2017-0464CVE-2017-0453CVE-2017-0523</td> 283 <td></td> 284 <td></td> 285 </tr> 286 <tr> 287 <td>Synaptics </td> 288 <td>CVE-2017-0524</td> 289 <td></td> 290 <td></td> 291 </tr> 292 <tr> 293 <td>Qualcomm IPA </td> 294 <td>CVE-2017-0456CVE-2017-0525</td> 295 <td></td> 296 <td></td> 297 </tr> 298 <tr> 299 <td>HTC </td> 300 <td>CVE-2017-0526CVE-2017-0527</td> 301 <td></td> 302 <td></td> 303 </tr> 304 <tr> 305 <td>NVIDIA GPU </td> 306 <td>CVE-2017-0307</td> 307 <td></td> 308 <td>*</td> 309 </tr> 310 <tr> 311 <td>Qualcomm </td> 312 <td>CVE-2017-0463CVE-2017-0460</td> 313 <td></td> 314 <td></td> 315 </tr> 316 <tr> 317 <td></td> 318 <td>CVE-2017-0528</td> 319 <td></td> 320 <td></td> 321 </tr> 322 <tr> 323 <td>Qualcomm SPCom </td> 324 <td>CVE-2016-5856CVE-2016-5857</td> 325 <td></td> 326 <td>*</td> 327 </tr> 328 <tr> 329 <td></td> 330 <td>CVE-2014-8709</td> 331 <td></td> 332 <td></td> 333 </tr> 334 <tr> 335 <td>MediaTek </td> 336 <td>CVE-2017-0529</td> 337 <td></td> 338 <td>*</td> 339 </tr> 340 <tr> 341 <td>Qualcomm </td> 342 <td>CVE-2017-0455</td> 343 <td></td> 344 <td></td> 345 </tr> 346 <tr> 347 <td>Qualcomm </td> 348 <td>CVE-2016-8483</td> 349 <td></td> 350 <td></td> 351 </tr> 352 <tr> 353 <td>NVIDIA GPU </td> 354 <td>CVE-2017-0334CVE-2017-0336</td> 355 <td></td> 356 <td></td> 357 </tr> 358 <tr> 359 <td></td> 360 <td>CVE-2016-8650</td> 361 <td></td> 362 <td></td> 363 </tr> 364 <tr> 365 <td>Qualcomm </td> 366 <td>CVE-2016-8417</td> 367 <td></td> 368 <td></td> 369 </tr> 370 <tr> 371 <td>Qualcomm WLAN </td> 372 <td>CVE-2017-0461CVE-2017-0459CVE-2017-0531</td> 373 <td></td> 374 <td></td> 375 </tr> 376 <tr> 377 <td>MediaTek </td> 378 <td>CVE-2017-0532</td> 379 <td></td> 380 <td>*</td> 381 </tr> 382 <tr> 383 <td>Qualcomm </td> 384 <td>CVE-2017-0533CVE-2017-0534CVE-2016-8416CVE-2016-8478</td> 385 <td></td> 386 <td></td> 387 </tr> 388 <tr> 389 <td>Qualcomm </td> 390 <td>CVE-2016-8413CVE-2016-8477</td> 391 <td></td> 392 <td></td> 393 </tr> 394 <tr> 395 <td>HTC </td> 396 <td>CVE-2017-0535</td> 397 <td></td> 398 <td></td> 399 </tr> 400 <tr> 401 <td>Synaptics </td> 402 <td>CVE-2017-0536</td> 403 <td></td> 404 <td></td> 405 </tr> 406 <tr> 407 <td> USB </td> 408 <td>CVE-2017-0537</td> 409 <td></td> 410 <td></td> 411 </tr> 412 <tr> 413 <td>Qualcomm </td> 414 <td>CVE-2017-0452</td> 415 <td></td> 416 <td></td> 417 </tr> 418 </table> 419 <p>* Android 7.0 Google </p> 420 <h2 id="mitigations">Android Google </h2> 421 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android </p> 422 <ul> 423 <li> Android Android Android</li> 424 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root </li> 425 <li> Google Messenger Mediaserver </li> 426 </ul> 427 <h2 id="acknowledgements"></h2> 428 <p></p> 429 <ul> 430 <li>Google Alexander PotapenkoCVE-2017-0537 431 <li> Baozeng DingChengming YangPeng Xiao Yang SongCVE-2017-0506 432 <li> Baozeng DingNing YouChengming YangPeng Xiao Yang SongCVE-2017-0463 433 <li>Android Billy LauCVE-2017-0335CVE-2017-0336CVE-2017-0338CVE-2017-0460 434 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>)CVE-2016-8413CVE-2016-8477CVE-2017-0531 435 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) <a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2017-0521 436 <li> (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2017-0334CVE-2017-0456CVE-2017-0457CVE-2017-0525 437 <li><a href="http://www.ms509.com">MS509Team</a> En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) Bo LiuCVE-2017-0490 438 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2017-0500CVE-2017-0501CVE-2017-0502CVE-2017-0503CVE-2017-0509CVE-2017-0524CVE-2017-0529CVE-2017-0536 439 <li> 360 Alpha Hao Chen Guang GongCVE-2017-0453CVE-2017-0461CVE-2017-0464 440 <li> Hiroki Yamamoto Fang ChenCVE-2017-0481 441 <li>IBM X-Force Sagi Kedmi Roee HayCVE-2017-0510 442 <li><a href="https://skyeye.360safe.com"> 360 </a> Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>)CVE-2017-0478 443 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-8416CVE-2016-8478CVE-2017-0458CVE-2017-0459CVE-2017-0518CVE-2017-0519CVE-2017-0533CVE-2017-0534 444 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a> Xuxian JiangCVE-2016-8479 445 <li>Google Makoto OnukiCVE-2017-0491 446 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a> Xuxian JiangCVE-2017-0479CVE-2017-0480 447 <li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2017-0535 448 <li> Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2017-0306 449 <li>CVE-2016-8417 450 <li> (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2017-0337CVE-2017-0476 451 <li> 360 Qing Zhang (SIT) Guangdong BaiCVE-2017-0496 452 <li> Quhe wanchouchouCVE-2017-0522 453 <li>DarkMatter <a href="mailto:keun-o.park (a] darkmatter.ae">Sahara</a>CVE-2017-0528 454 <li> Shellphish Grill salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>)CVE-2017-0505 455 <li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2017-0504CVE-2017-0516 456 <li>Sean Beaupre (beaups)CVE-2017-0455 457 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2017-0452 458 <li> Shinichi MatsumotoCVE-2017-0498 459 <li><a href="http://www.byterev.com">ByteRev</a> <a href="mailto:smarques84 (a] gmail.com">Stphane Marques</a>CVE-2017-0489 460 <li>Google Svetoslav GanovCVE-2017-0492 461 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a> Xuxian JiangCVE-2017-0333 462 <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0466CVE-2017-0467CVE-2017-0468CVE-2017-0469CVE-2017-0470CVE-2017-0471CVE-2017-0472CVE-2017-0473CVE-2017-0482CVE-2017-0485CVE-2017-0486CVE-2017-0487CVE-2017-0494CVE-2017-0495 463 <li> (<a href="https://twitter.com/wish_wu">@wish_wu</a>)CVE-2017-0477 464 <li> 360 Vulpecker Yu PanCVE-2017-0517CVE-2017-0532 465 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a> Xuxian JiangCVE-2017-0526CVE-2017-0527 466 <li><a href="http://c0reteam.org">C0RE </a> Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)<a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:shaodacheng2016 (a] gmail.com">Dacheng Shao</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 467 468 <h2 id="2017-03-01-details">2017-03-01 - </h2> 469 <p> <a href="#2017-03-01-summary">2017-03-01 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 470 471 472 <h3 id="rce-in-openssl-&-boringssl">OpenSSL BoringSSL </h3> 473 <p>OpenSSL BoringSSL </p> 474 475 <table> 476 <col width="18%"> 477 <col width="17%"> 478 <col width="10%"> 479 <col width="19%"> 480 <col width="18%"> 481 <col width="17%"> 482 <tr> 483 <th>CVE</th> 484 <th></th> 485 <th></th> 486 <th> Google </th> 487 <th> AOSP </th> 488 <th></th> 489 </tr> 490 <tr> 491 <td>CVE-2016-2182</td> 492 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/54bf62a81586d99d0a951ca3342d569b59e69b80">A-32096880</a></td> 493 <td></td> 494 <td></td> 495 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 496 <td>2016 8 5 </td> 497 </tr> 498 </table> 499 500 501 <h3 id="rce-in-mediaserver-">Mediaserver 502 </h3> 503 <p>Mediaserver Mediaserver </p> 504 505 <table> 506 <col width="18%"> 507 <col width="17%"> 508 <col width="10%"> 509 <col width="19%"> 510 <col width="18%"> 511 <col width="17%"> 512 <tr> 513 <th>CVE</th> 514 <th></th> 515 <th></th> 516 <th> Google </th> 517 <th> AOSP </th> 518 <th></th> 519 </tr> 520 <tr> 521 <td>CVE-2017-0466</td> 522 <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>]</td> 523 <td></td> 524 <td></td> 525 <td>6.06.0.17.07.1.1</td> 526 <td>2016 11 25 </td> 527 </tr> 528 <tr> 529 <td>CVE-2017-0467</td> 530 <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>]</td> 531 <td></td> 532 <td></td> 533 <td>6.06.0.17.07.1.1</td> 534 <td>2016 11 30 </td> 535 </tr> 536 <tr> 537 <td>CVE-2017-0468</td> 538 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>]</td> 539 <td></td> 540 <td></td> 541 <td>6.06.0.17.07.1.1</td> 542 <td>2016 12 5 </td> 543 </tr> 544 <tr> 545 <td>CVE-2017-0469</td> 546 <td><a href="https://android.googlesource.com/platform/external/libavc/+/21851eaecc814be709cb0c20f732cb858cfe1440">A-33450635</a></td> 547 <td></td> 548 <td></td> 549 <td>6.06.0.17.07.1.1</td> 550 <td>2016 12 8 </td> 551 </tr> 552 <tr> 553 <td>CVE-2017-0470</td> 554 <td><a href="https://android.googlesource.com/platform/external/libavc/+/6aac82003d665708b4e21e9b91693b642e2fa64f">A-33818500</a></td> 555 <td></td> 556 <td></td> 557 <td>6.06.0.17.07.1.1</td> 558 <td>2016 12 21 </td> 559 </tr> 560 <tr> 561 <td>CVE-2017-0471</td> 562 <td><a href="https://android.googlesource.com/platform/external/libavc/+/4a61d15e7b0ab979ba7e80db8ddbde025c1ce6cc">A-33816782</a></td> 563 <td></td> 564 <td></td> 565 <td>6.06.0.17.07.1.1</td> 566 <td>2016 12 21 </td> 567 </tr> 568 <tr> 569 <td>CVE-2017-0472</td> 570 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/dfa7251ff270ae7e12a019e6735542e36b2a47e0">A-33862021</a></td> 571 <td></td> 572 <td></td> 573 <td>6.06.0.17.07.1.1</td> 574 <td>2016 12 23 </td> 575 </tr> 576 <tr> 577 <td>CVE-2017-0473</td> 578 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0a4463e2beddb8290e05ad552e48b17686f854ce">A-33982658</a></td> 579 <td></td> 580 <td></td> 581 <td>6.06.0.17.07.1.1</td> 582 <td>2016 12 30 </td> 583 </tr> 584 <tr> 585 <td>CVE-2017-0474</td> 586 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6f5927de29337fa532c64d0ef8c7cb68f7c89889">A-32589224</a></td> 587 <td></td> 588 <td></td> 589 <td>7.07.1.1</td> 590 <td>Google </td> 591 </tr> 592 </table> 593 594 <h3 id="eop-in-recovery-verifier">recovery </h3> 595 <p>recovery </p> 596 597 <table> 598 <col width="18%"> 599 <col width="17%"> 600 <col width="10%"> 601 <col width="19%"> 602 <col width="18%"> 603 <col width="17%"> 604 <tr> 605 <th>CVE</th> 606 <th></th> 607 <th></th> 608 <th> Google </th> 609 <th> AOSP </th> 610 <th></th> 611 </tr> 612 <tr> 613 <td>CVE-2017-0475</td> 614 <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/2c6c23f651abb3d215134dfba463eb72a5e9f8eb">A-31914369</a></td> 615 <td></td> 616 <td></td> 617 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 618 <td>2016 10 2 </td> 619 </tr> 620 </table> 621 622 623 <h3 id="rce-in-aosp-messaging">AOSP </h3> 624 <p>AOSP </p> 625 626 <table> 627 <col width="18%"> 628 <col width="17%"> 629 <col width="10%"> 630 <col width="19%"> 631 <col width="18%"> 632 <col width="17%"> 633 <tr> 634 <th>CVE</th> 635 <th></th> 636 <th></th> 637 <th> Google </th> 638 <th> AOSP </th> 639 <th></th> 640 </tr> 641 <tr> 642 <td>CVE-2017-0476</td> 643 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/8ba22b48ebff50311d7eaa8d512f9d507f0bdd0d">A-33388925</a></td> 644 <td></td> 645 <td></td> 646 <td>6.06.0.17.07.1.1</td> 647 <td>2016 12 6 </td> 648 </tr> 649 </table> 650 651 652 <h3 id="rce-in-libgdx">libgdx </h3> 653 <p>libgdx </p> 654 655 <table> 656 <col width="18%"> 657 <col width="17%"> 658 <col width="10%"> 659 <col width="19%"> 660 <col width="18%"> 661 <col width="17%"> 662 <tr> 663 <th>CVE</th> 664 <th></th> 665 <th></th> 666 <th> Google </th> 667 <th> AOSP </th> 668 <th></th> 669 </tr> 670 <tr> 671 <td>CVE-2017-0477</td> 672 <td><a href="https://android.googlesource.com/platform/external/libgdx/+/fba04a52f43315cdb7dd38766822af0324eab7c5">A-33621647</a></td> 673 <td></td> 674 <td></td> 675 <td>7.1.1</td> 676 <td>2016 12 14 </td> 677 </tr> 678 </table> 679 680 681 <h3 id="rce-in-framesequence-library">Framesequence </h3> 682 <p>Framesequence Framesequence </p> 683 684 <table> 685 <col width="18%"> 686 <col width="17%"> 687 <col width="10%"> 688 <col width="19%"> 689 <col width="18%"> 690 <col width="17%"> 691 <tr> 692 <th>CVE</th> 693 <th></th> 694 <th></th> 695 <th> Google </th> 696 <th> AOSP </th> 697 <th></th> 698 </tr> 699 <tr> 700 <td>CVE-2017-0478</td> 701 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7c824f17b3eea976ca58be7ea097cb807126f73b">A-33718716</a></td> 702 <td></td> 703 <td></td> 704 <td>5.0.25.1.16.06.0.17.07.1.1</td> 705 <td>2016 12 16 </td> 706 </tr> 707 </table> 708 709 <h3 id="eop-in-nfc">NFC </h3> 710 <p>NFC </p> 711 712 <table> 713 <col width="18%"> 714 <col width="17%"> 715 <col width="10%"> 716 <col width="19%"> 717 <col width="18%"> 718 <col width="17%"> 719 <tr> 720 <th>CVE</th> 721 <th></th> 722 <th></th> 723 <th> Google </th> 724 <th> AOSP </th> 725 <th></th> 726 </tr> 727 <tr> 728 <td>CVE-2017-0481</td> 729 <td><a href="https://android.googlesource.com/platform/external/libnfc-nci/+/c67cc6ad2addddcb7185a33b08d27290ce54e350">A-33434992</a></td> 730 <td></td> 731 <td></td> 732 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 733 <td>2016 11 6 </td> 734 </tr> 735 </table> 736 737 <h3 id="eop-in-audioserver">Audioserver </h3> 738 <p>Audioserver </p> 739 740 <table> 741 <col width="18%"> 742 <col width="17%"> 743 <col width="10%"> 744 <col width="19%"> 745 <col width="18%"> 746 <col width="17%"> 747 <tr> 748 <th>CVE</th> 749 <th></th> 750 <th></th> 751 <th> Google </th> 752 <th> AOSP </th> 753 <th></th> 754 </tr> 755 <tr> 756 <td>CVE-2017-0479</td> 757 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32707507</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>]</td> 758 <td></td> 759 <td></td> 760 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 761 <td>2016 11 7 </td> 762 </tr> 763 <tr> 764 <td>CVE-2017-0480</td> 765 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32705429</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>]</td> 766 <td></td> 767 <td></td> 768 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 769 <td>2016 11 7 </td> 770 </tr> 771 </table> 772 773 774 <h3 id="dos-in-mediaserver">Mediaserver </h3> 775 <p>Mediaserver </p> 776 777 <table> 778 <col width="18%"> 779 <col width="17%"> 780 <col width="10%"> 781 <col width="19%"> 782 <col width="18%"> 783 <col width="17%"> 784 <tr> 785 <th>CVE</th> 786 <th></th> 787 <th></th> 788 <th> Google </th> 789 <th> AOSP </th> 790 <th></th> 791 </tr> 792 <tr> 793 <td>CVE-2017-0482</td> 794 <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">A-33090864</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td> 795 <td></td> 796 <td></td> 797 <td>6.06.0.17.07.1.1</td> 798 <td>2016 11 22 </td> 799 </tr> 800 <tr> 801 <td>CVE-2017-0483</td> 802 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976">A-33137046</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td> 803 <td></td> 804 <td></td> 805 <td>5.0.25.1.16.06.0.17.07.1.1</td> 806 <td>2016 11 24 </td> 807 </tr> 808 <tr> 809 <td>CVE-2017-0484</td> 810 <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">A-33298089</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a>]</td> 811 <td></td> 812 <td></td> 813 <td>6.06.0.17.07.1.1</td> 814 <td>2016 12 1 </td> 815 </tr> 816 <tr> 817 <td>CVE-2017-0485</td> 818 <td><a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">A-33387820</a></td> 819 <td></td> 820 <td></td> 821 <td>6.06.0.17.07.1.1</td> 822 <td>2016 12 6 </td> 823 </tr> 824 <tr> 825 <td>CVE-2017-0486</td> 826 <td><a href="https://android.googlesource.com/platform/external/libavc/+/19814b7ad4ea6f0cc4cab34e50ebab2e180fc269">A-33621215</a></td> 827 <td></td> 828 <td></td> 829 <td>6.06.0.17.07.1.1</td> 830 <td>2016 12 14 </td> 831 </tr> 832 <tr> 833 <td>CVE-2017-0487</td> 834 <td><a href="https://android.googlesource.com/platform/external/libavc/+/aa78b96e842fc1fb70a18acff22be35c7a715b23">A-33751193</a></td> 835 <td></td> 836 <td></td> 837 <td>6.06.0.17.07.1.1</td> 838 <td>2016 12 19 </td> 839 </tr> 840 <tr> 841 <td>CVE-2017-0488</td> 842 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0340381cd8c220311fd4fe2e8b23e1534657e399">A-34097213</a></td> 843 <td></td> 844 <td></td> 845 <td>6.06.0.17.07.1.1</td> 846 <td>Google </td> 847 </tr> 848 </table> 849 850 <h3 id="eop-in-location-manager"></h3> 851 <p></p> 852 853 <table> 854 <col width="18%"> 855 <col width="17%"> 856 <col width="10%"> 857 <col width="19%"> 858 <col width="18%"> 859 <col width="17%"> 860 <tr> 861 <th>CVE</th> 862 <th></th> 863 <th></th> 864 <th> Google </th> 865 <th> AOSP </th> 866 <th></th> 867 </tr> 868 <tr> 869 <td>CVE-2017-0489</td> 870 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d22261fef84481651e12995062105239d551cbc6">A-33091107</a></td> 871 <td></td> 872 <td></td> 873 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 874 <td>2016 11 20 </td> 875 </tr> 876 </table> 877 878 879 <h3 id="eop-in-wi-fi">WLAN </h3> 880 <p>WLAN </p> 881 882 <table> 883 <col width="18%"> 884 <col width="17%"> 885 <col width="10%"> 886 <col width="19%"> 887 <col width="18%"> 888 <col width="17%"> 889 <tr> 890 <th>CVE</th> 891 <th></th> 892 <th></th> 893 <th> Google </th> 894 <th> AOSP </th> 895 <th></th> 896 </tr> 897 <tr> 898 <td>CVE-2017-0490</td> 899 <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95">A-33178389</a> [<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>] [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>]</td> 900 <td></td> 901 <td></td> 902 <td>6.06.0.17.07.1.1</td> 903 <td>2016 11 25 </td> 904 </tr> 905 </table> 906 907 908 <h3 id="eop-in-package-manager"></h3> 909 <p></p> 910 911 <table> 912 <col width="18%"> 913 <col width="17%"> 914 <col width="10%"> 915 <col width="19%"> 916 <col width="18%"> 917 <col width="17%"> 918 <tr> 919 <th>CVE</th> 920 <th></th> 921 <th></th> 922 <th> Google </th> 923 <th> AOSP </th> 924 <th></th> 925 </tr> 926 <tr> 927 <td>CVE-2017-0491</td> 928 <td><a href="https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/5c49b6bf732c88481466dea341917b8604ce53fa">A-32553261</a> 929 </td> 930 <td></td> 931 <td></td> 932 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 933 <td>Google </td> 934 </tr> 935 </table> 936 937 938 <h3 id="eop-in-system-ui"></h3> 939 <p></p> 940 941 <table> 942 <col width="18%"> 943 <col width="17%"> 944 <col width="10%"> 945 <col width="19%"> 946 <col width="18%"> 947 <col width="17%"> 948 <tr> 949 <th>CVE</th> 950 <th></th> 951 <th></th> 952 <th> Google </th> 953 <th> AOSP </th> 954 <th></th> 955 </tr> 956 <tr> 957 <td>CVE-2017-0492</td> 958 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/f4bed684c939b0f8809ef404b8609fe4ef849263">A-30150688</a> 959 </td> 960 <td></td> 961 <td></td> 962 <td>7.1.1</td> 963 <td>Google </td> 964 </tr> 965 </table> 966 967 968 <h3 id="id-in-aosp-messaging">AOSP </h3> 969 <p>AOSP </p> 970 971 <table> 972 <col width="18%"> 973 <col width="17%"> 974 <col width="10%"> 975 <col width="19%"> 976 <col width="18%"> 977 <col width="17%"> 978 <tr> 979 <th>CVE</th> 980 <th></th> 981 <th></th> 982 <th> Google </th> 983 <th> AOSP </th> 984 <th></th> 985 </tr> 986 <tr> 987 <td>CVE-2017-0494</td> 988 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/3f9821128abd66c4cd2f040d8243efb334bfad2d">A-32764144</a></td> 989 <td></td> 990 <td></td> 991 <td>6.06.0.17.07.1.1</td> 992 <td>2016 11 9 </td> 993 </tr> 994 </table> 995 996 997 <h3 id="id-in-mediaserver">Mediaserver </h3> 998 <p>Mediaserver </p> 999 1000 <table> 1001 <col width="18%"> 1002 <col width="17%"> 1003 <col width="10%"> 1004 <col width="19%"> 1005 <col width="18%"> 1006 <col width="17%"> 1007 <tr> 1008 <th>CVE</th> 1009 <th></th> 1010 <th></th> 1011 <th> Google </th> 1012 <th> AOSP </th> 1013 <th></th> 1014 </tr> 1015 <tr> 1016 <td>CVE-2017-0495</td> 1017 <td><a href="https://android.googlesource.com/platform/external/libavc/+/85c0ec4106659a11c220cd1210f8d76c33d9e2ae">A-33552073</a></td> 1018 <td></td> 1019 <td></td> 1020 <td>6.06.0.17.07.1.1</td> 1021 <td>2016 12 11 </td> 1022 </tr> 1023 </table> 1024 1025 1026 <h3 id="dos-in-setup-wizard"></h3> 1027 <p></p> 1028 1029 <table> 1030 <col width="18%"> 1031 <col width="17%"> 1032 <col width="10%"> 1033 <col width="19%"> 1034 <col width="18%"> 1035 <col width="17%"> 1036 <tr> 1037 <th>CVE</th> 1038 <th></th> 1039 <th></th> 1040 <th> Google </th> 1041 <th> AOSP </th> 1042 <th></th> 1043 </tr> 1044 <tr> 1045 <td>CVE-2017-0496</td> 1046 <td>A-31554152*</td> 1047 <td></td> 1048 <td>**</td> 1049 <td>5.0.25.1.16.06.0.1</td> 1050 <td>2016 9 14 </td> 1051 </tr> 1052 </table> 1053 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Google </p> 1054 <p>** Android 7.0 Google </p> 1055 1056 <h3 id="dos-in-mediaserver-2">Mediaserver </h3> 1057 <p>Mediaserver </p> 1058 1059 <table> 1060 <col width="18%"> 1061 <col width="17%"> 1062 <col width="10%"> 1063 <col width="19%"> 1064 <col width="18%"> 1065 <col width="17%"> 1066 <tr> 1067 <th>CVE</th> 1068 <th></th> 1069 <th></th> 1070 <th> Google </th> 1071 <th> AOSP </th> 1072 <th></th> 1073 </tr> 1074 <tr> 1075 <td>CVE-2017-0497</td> 1076 <td><a href="https://android.googlesource.com/platform/external/skia/+/8888cbf8e74671d44e9ff92ec3847cd647b8cdfb">A-33300701</a></td> 1077 <td></td> 1078 <td></td> 1079 <td>7.07.1.1</td> 1080 <td>2016 12 2 </td> 1081 </tr> 1082 </table> 1083 1084 1085 <h3 id="dos-in-setup-wizard-2"></h3> 1086 <p> Google </p> 1087 1088 <table> 1089 <col width="18%"> 1090 <col width="17%"> 1091 <col width="10%"> 1092 <col width="19%"> 1093 <col width="18%"> 1094 <col width="17%"> 1095 <tr> 1096 <th>CVE</th> 1097 <th></th> 1098 <th></th> 1099 <th> Google </th> 1100 <th> AOSP </th> 1101 <th></th> 1102 </tr> 1103 <tr> 1104 <td>CVE-2017-0498</td> 1105 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b">A-30352311</a>[<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>]</td> 1106 <td></td> 1107 <td></td> 1108 <td>5.1.16.06.0.17.07.1.1</td> 1109 <td>Google </td> 1110 </tr> 1111 </table> 1112 1113 1114 <h3 id="dos-in-audioserver">Audioserver </h3> 1115 <p>Audioserver </p> 1116 1117 <table> 1118 <col width="18%"> 1119 <col width="17%"> 1120 <col width="10%"> 1121 <col width="19%"> 1122 <col width="18%"> 1123 <col width="17%"> 1124 <tr> 1125 <th>CVE</th> 1126 <th></th> 1127 <th></th> 1128 <th> Google </th> 1129 <th> AOSP </th> 1130 <th></th> 1131 </tr> 1132 <tr> 1133 <td>CVE-2017-0499</td> 1134 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32095713</a></td> 1135 <td></td> 1136 <td></td> 1137 <td>5.1.16.06.0.17.07.1.1</td> 1138 <td>2016 10 11 </td> 1139 </tr> 1140 </table> 1141 1142 1143 <h2 id="2017-03-05-details">2017-03-05 - </h2> 1144 <p> <a href="#2017-03-05-summary">2017-03-05 - </a> CVE Google AOSP Bug ID AOSP Bug Bug ID </p> 1145 1146 1147 <h3 id="eop-in-mediatek-components">MediaTek </h3> 1148 <p>MediaTek M4U GPU </p> 1149 1150 <table> 1151 <col width="19%"> 1152 <col width="20%"> 1153 <col width="10%"> 1154 <col width="23%"> 1155 <col width="17%"> 1156 <tr> 1157 <th>CVE</th> 1158 <th></th> 1159 <th></th> 1160 <th> Google </th> 1161 <th></th> 1162 </tr> 1163 <tr> 1164 <td>CVE-2017-0500</td> 1165 <td>A-28429685*<br>M-ALPS02710006</td> 1166 <td></td> 1167 <td>**</td> 1168 <td>2016 4 27 </td> 1169 </tr> 1170 <tr> 1171 <td>CVE-2017-0501</td> 1172 <td>A-28430015*<br>M-ALPS02708983</td> 1173 <td></td> 1174 <td>**</td> 1175 <td>2016 4 27 </td> 1176 </tr> 1177 <tr> 1178 <td>CVE-2017-0502</td> 1179 <td>A-28430164*<br>M-ALPS02710027</td> 1180 <td></td> 1181 <td>**</td> 1182 <td>2016 4 27 </td> 1183 </tr> 1184 <tr> 1185 <td>CVE-2017-0503</td> 1186 <td>A-28449045*<br>M-ALPS02710075</td> 1187 <td></td> 1188 <td>**</td> 1189 <td>2016 4 28 </td> 1190 </tr> 1191 <tr> 1192 <td>CVE-2017-0504</td> 1193 <td>A-30074628*<br>M-ALPS02829371</td> 1194 <td></td> 1195 <td>**</td> 1196 <td>2016 7 9 </td> 1197 </tr> 1198 <tr> 1199 <td>CVE-2017-0505</td> 1200 <td>A-31822282*<br>M-ALPS02992041</td> 1201 <td></td> 1202 <td>**</td> 1203 <td>2016 9 28 </td> 1204 </tr> 1205 <tr> 1206 <td>CVE-2017-0506</td> 1207 <td>A-32276718*<br>M-ALPS03006904</td> 1208 <td></td> 1209 <td>**</td> 1210 <td>2016 10 18 </td> 1211 </tr> 1212 </table> 1213 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1214 <p>** Android 7.0 Google </p> 1215 1216 1217 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1218 <p>NVIDIA GPU </p> 1219 1220 <table> 1221 <col width="19%"> 1222 <col width="20%"> 1223 <col width="10%"> 1224 <col width="23%"> 1225 <col width="17%"> 1226 <tr> 1227 <th>CVE</th> 1228 <th></th> 1229 <th></th> 1230 <th> Google </th> 1231 <th></th> 1232 </tr> 1233 <tr> 1234 <td>CVE-2017-0337</td> 1235 <td>A-31992762*<br>N-CVE-2017-0337</td> 1236 <td></td> 1237 <td>Pixel C</td> 1238 <td>2016 10 6 </td> 1239 </tr> 1240 <tr> 1241 <td>CVE-2017-0338</td> 1242 <td>A-33057977*<br>N-CVE-2017-0338</td> 1243 <td></td> 1244 <td>Pixel C</td> 1245 <td>2016 11 21 </td> 1246 </tr> 1247 <tr> 1248 <td>CVE-2017-0333</td> 1249 <td>A-33899363*<br>N-CVE-2017-0333</td> 1250 <td></td> 1251 <td>Pixel C</td> 1252 <td>2016 12 25 </td> 1253 </tr> 1254 <tr> 1255 <td>CVE-2017-0306</td> 1256 <td>A-34132950*<br>N-CVE-2017-0306</td> 1257 <td></td> 1258 <td>Nexus 9</td> 1259 <td>2017 1 6 </td> 1260 </tr> 1261 <tr> 1262 <td>CVE-2017-0335</td> 1263 <td>A-33043375*<br>N-CVE-2017-0335</td> 1264 <td></td> 1265 <td>Pixel C</td> 1266 <td>Google </td> 1267 </tr> 1268 </table> 1269 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1270 1271 1272 <h3 id="eop-in-kernel-ion-subsystem"> ION </h3> 1273 <p> ION </p> 1274 1275 <table> 1276 <col width="19%"> 1277 <col width="20%"> 1278 <col width="10%"> 1279 <col width="23%"> 1280 <col width="17%"> 1281 <tr> 1282 <th>CVE</th> 1283 <th></th> 1284 <th></th> 1285 <th> Google </th> 1286 <th></th> 1287 </tr> 1288 <tr> 1289 <td>CVE-2017-0507</td> 1290 <td>A-31992382*</td> 1291 <td></td> 1292 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1293 <td>2016 10 6 </td> 1294 </tr> 1295 <tr> 1296 <td>CVE-2017-0508</td> 1297 <td>A-33940449*</td> 1298 <td></td> 1299 <td>Pixel C</td> 1300 <td>2016 12 28 </td> 1301 </tr> 1302 </table> 1303 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1304 1305 1306 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom WLAN </h3> 1307 <p>Broadcom WLAN </p> 1308 1309 <table> 1310 <col width="19%"> 1311 <col width="20%"> 1312 <col width="10%"> 1313 <col width="23%"> 1314 <col width="17%"> 1315 <tr> 1316 <th>CVE</th> 1317 <th></th> 1318 <th></th> 1319 <th> Google </th> 1320 <th></th> 1321 </tr> 1322 <tr> 1323 <td>CVE-2017-0509</td> 1324 <td>A-32124445*<br>B-RB#110688</td> 1325 <td></td> 1326 <td>**</td> 1327 <td>2016 10 12 </td> 1328 </tr> 1329 </table> 1330 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1331 <p>** Android 7.0 Google </p> 1332 1333 1334 <h3 id="eop-in-kernel-fiq-debugger"> FIQ </h3> 1335 <p> FIQ </p> 1336 1337 <table> 1338 <col width="19%"> 1339 <col width="20%"> 1340 <col width="10%"> 1341 <col width="23%"> 1342 <col width="17%"> 1343 <tr> 1344 <th>CVE</th> 1345 <th></th> 1346 <th></th> 1347 <th> Google </th> 1348 <th></th> 1349 </tr> 1350 <tr> 1351 <td>CVE-2017-0510</td> 1352 <td>A-32402555*</td> 1353 <td></td> 1354 <td>Nexus 9</td> 1355 <td>2016 10 25 </td> 1356 </tr> 1357 </table> 1358 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1359 1360 1361 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU </h3> 1362 <p>Qualcomm GPU </p> 1363 1364 <table> 1365 <col width="19%"> 1366 <col width="20%"> 1367 <col width="10%"> 1368 <col width="23%"> 1369 <col width="17%"> 1370 <tr> 1371 <th>CVE</th> 1372 <th></th> 1373 <th></th> 1374 <th> Google </th> 1375 <th></th> 1376 </tr> 1377 <tr> 1378 <td>CVE-2016-8479</td> 1379 <td>A-31824853*<br>QC-CR#1093687</td> 1380 <td></td> 1381 <td>Android OneNexus 5XNexus 6Nexus 6PPixelPixel XL</td> 1382 <td>2016 9 29 </td> 1383 </tr> 1384 </table> 1385 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1386 1387 1388 <h3 id="eop-in-kernel-networking-subsystem"></h3> 1389 <p></p> 1390 1391 <table> 1392 <col width="19%"> 1393 <col width="20%"> 1394 <col width="10%"> 1395 <col width="23%"> 1396 <col width="17%"> 1397 <tr> 1398 <th>CVE</th> 1399 <th></th> 1400 <th></th> 1401 <th> Google </th> 1402 <th></th> 1403 </tr> 1404 <tr> 1405 <td>CVE-2016-9806</td> 1406 <td>A-33393474<br> 1407 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520"></a></td> 1408 <td></td> 1409 <td>Pixel CPixelPixel XL</td> 1410 <td>2016 12 4 </td> 1411 </tr> 1412 <tr> 1413 <td>CVE-2016-10200</td> 1414 <td>A-33753815<br> 1415 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"></a></td> 1416 <td></td> 1417 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1418 <td>2016 12 19 </td> 1419 </tr> 1420 </table> 1421 1422 1423 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1424 <p> Qualcomm 2016 9 Qualcomm AMSS </p> 1425 1426 <table> 1427 <col width="19%"> 1428 <col width="20%"> 1429 <col width="10%"> 1430 <col width="23%"> 1431 <col width="17%"> 1432 <tr> 1433 <th>CVE</th> 1434 <th></th> 1435 <th></th> 1436 <th> Google </th> 1437 <th></th> 1438 </tr> 1439 <tr> 1440 <td>CVE-2016-8484</td> 1441 <td>A-28823575**</td> 1442 <td></td> 1443 <td>***</td> 1444 <td>Qualcomm </td> 1445 </tr> 1446 <tr> 1447 <td>CVE-2016-8485</td> 1448 <td>A-28823681**</td> 1449 <td></td> 1450 <td>***</td> 1451 <td>Qualcomm </td> 1452 </tr> 1453 <tr> 1454 <td>CVE-2016-8486</td> 1455 <td>A-28823691**</td> 1456 <td></td> 1457 <td>***</td> 1458 <td>Qualcomm </td> 1459 </tr> 1460 <tr> 1461 <td>CVE-2016-8487</td> 1462 <td>A-28823724**</td> 1463 <td></td> 1464 <td>***</td> 1465 <td>Qualcomm </td> 1466 </tr> 1467 <tr> 1468 <td>CVE-2016-8488</td> 1469 <td>A-31625756**</td> 1470 <td></td> 1471 <td>***</td> 1472 <td>Qualcomm </td> 1473 </tr> 1474 </table> 1475 <p>* </p> 1476 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1477 <p>*** Android 7.0 Google </p> 1478 1479 1480 <h3 id="eop-in-kernel-networking-subsystem-2"></h3> 1481 <p></p> 1482 1483 <table> 1484 <col width="19%"> 1485 <col width="20%"> 1486 <col width="10%"> 1487 <col width="23%"> 1488 <col width="17%"> 1489 <tr> 1490 <th>CVE</th> 1491 <th></th> 1492 <th></th> 1493 <th> Google </th> 1494 <th></th> 1495 </tr> 1496 <tr> 1497 <td>CVE-2016-8655</td> 1498 <td>A-33358926<br> 1499 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c"></a></td> 1500 <td></td> 1501 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1502 <td>2016 10 12 </td> 1503 </tr> 1504 <tr> 1505 <td>CVE-2016-9793</td> 1506 <td>A-33363517<br> 1507 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"></a></td> 1508 <td></td> 1509 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1510 <td>2016 12 2 </td> 1511 </tr> 1512 </table> 1513 1514 1515 <h3 id="eop-in-qualcomm-input-hardware-driver">Qualcomm </h3> 1516 <p>Qualcomm </p> 1517 1518 <table> 1519 <col width="19%"> 1520 <col width="20%"> 1521 <col width="10%"> 1522 <col width="23%"> 1523 <col width="17%"> 1524 <tr> 1525 <th>CVE</th> 1526 <th></th> 1527 <th></th> 1528 <th> Google </th> 1529 <th></th> 1530 </tr> 1531 <tr> 1532 <td>CVE-2017-0516</td> 1533 <td>A-32341680*<br>QC-CR#1096301</td> 1534 <td></td> 1535 <td>Android OnePixelPixel XL</td> 1536 <td>2016 10 21 </td> 1537 </tr> 1538 </table> 1539 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1540 1541 1542 <h3 id="eop-in-mediatek-hardware-sensor-driver">MediaTek </h3> 1543 <p>MediaTek </p> 1544 1545 <table> 1546 <col width="19%"> 1547 <col width="20%"> 1548 <col width="10%"> 1549 <col width="23%"> 1550 <col width="17%"> 1551 <tr> 1552 <th>CVE</th> 1553 <th></th> 1554 <th></th> 1555 <th> Google </th> 1556 <th></th> 1557 </tr> 1558 <tr> 1559 <td>CVE-2017-0517</td> 1560 <td>A-32372051*<br>M-ALPS02973195</td> 1561 <td></td> 1562 <td>**</td> 1563 <td>2016 10 22 </td> 1564 </tr> 1565 </table> 1566 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1567 <p>** Android 7.0 Google </p> 1568 1569 1570 <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC </h3> 1571 <p>Qualcomm ADSPRPC </p> 1572 1573 <table> 1574 <col width="19%"> 1575 <col width="20%"> 1576 <col width="10%"> 1577 <col width="23%"> 1578 <col width="17%"> 1579 <tr> 1580 <th>CVE</th> 1581 <th></th> 1582 <th></th> 1583 <th> Google </th> 1584 <th></th> 1585 </tr> 1586 <tr> 1587 <td>CVE-2017-0457</td> 1588 <td>A-31695439*<br>QC-CR#1086123<br>QC-CR#1100695</td> 1589 <td></td> 1590 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1591 <td>2016 9 22 </td> 1592 </tr> 1593 </table> 1594 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1595 1596 1597 <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Qualcomm </h3> 1598 <p>Qualcomm </p> 1599 1600 <table> 1601 <col width="19%"> 1602 <col width="20%"> 1603 <col width="10%"> 1604 <col width="23%"> 1605 <col width="17%"> 1606 <tr> 1607 <th>CVE</th> 1608 <th></th> 1609 <th></th> 1610 <th> Google </th> 1611 <th></th> 1612 </tr> 1613 <tr> 1614 <td>CVE-2017-0518</td> 1615 <td>A-32370896*<br>QC-CR#1086530</td> 1616 <td></td> 1617 <td>PixelPixel XL</td> 1618 <td>2016 10 24 </td> 1619 </tr> 1620 <tr> 1621 <td>CVE-2017-0519</td> 1622 <td>A-32372915*<br>QC-CR#1086530</td> 1623 <td></td> 1624 <td>PixelPixel XL</td> 1625 <td>2016 10 24 </td> 1626 </tr> 1627 </table> 1628 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1629 1630 1631 <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm </h3> 1632 <p>Qualcomm </p> 1633 1634 <table> 1635 <col width="19%"> 1636 <col width="20%"> 1637 <col width="10%"> 1638 <col width="23%"> 1639 <col width="17%"> 1640 <tr> 1641 <th>CVE</th> 1642 <th></th> 1643 <th></th> 1644 <th> Google </th> 1645 <th></th> 1646 </tr> 1647 <tr> 1648 <td>CVE-2017-0520</td> 1649 <td>A-31750232<br> 1650 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd">QC-CR#1082636</a></td> 1651 <td></td> 1652 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1653 <td>2016 9 24 </td> 1654 </tr> 1655 </table> 1656 1657 1658 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3> 1659 <p>Qualcomm </p> 1660 1661 <table> 1662 <col width="19%"> 1663 <col width="20%"> 1664 <col width="10%"> 1665 <col width="23%"> 1666 <col width="17%"> 1667 <tr> 1668 <th>CVE</th> 1669 <th></th> 1670 <th></th> 1671 <th> Google </th> 1672 <th></th> 1673 </tr> 1674 <tr> 1675 <td>CVE-2017-0458</td> 1676 <td>A-32588962<br> 1677 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4">QC-CR#1089433</a></td> 1678 <td></td> 1679 <td>PixelPixel XL</td> 1680 <td>2016 10 31 </td> 1681 </tr> 1682 <tr> 1683 <td>CVE-2017-0521</td> 1684 <td>A-32919951<br> 1685 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8">QC-CR#1097709</a></td> 1686 <td></td> 1687 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1688 <td>2016 11 15 </td> 1689 </tr> 1690 </table> 1691 1692 1693 <h3 id="eop-in-mediatek-apk">MediaTek APK </h3> 1694 <p>MediaTek APK </p> 1695 1696 <table> 1697 <col width="19%"> 1698 <col width="20%"> 1699 <col width="10%"> 1700 <col width="23%"> 1701 <col width="17%"> 1702 <tr> 1703 <th>CVE</th> 1704 <th></th> 1705 <th></th> 1706 <th> Google </th> 1707 <th></th> 1708 </tr> 1709 <tr> 1710 <td>CVE-2017-0522</td> 1711 <td>A-32916158*<br>M-ALPS03032516</td> 1712 <td></td> 1713 <td>**</td> 1714 <td>2016 11 15 </td> 1715 </tr> 1716 </table> 1717 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1718 <p>** Android 7.0 Google </p> 1719 1720 1721 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm WLAN </h3> 1722 <p>Qualcomm WLAN </p> 1723 1724 <table> 1725 <col width="19%"> 1726 <col width="20%"> 1727 <col width="10%"> 1728 <col width="23%"> 1729 <col width="17%"> 1730 <tr> 1731 <th>CVE</th> 1732 <th></th> 1733 <th></th> 1734 <th> Google </th> 1735 <th></th> 1736 </tr> 1737 <tr> 1738 <td>CVE-2017-0464</td> 1739 <td>A-32940193<br> 1740 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f">QC-CR#1102593</a></td> 1741 <td></td> 1742 <td>Nexus 5XPixelPixel XL</td> 1743 <td>2016 11 15 </td> 1744 </tr> 1745 <tr> 1746 <td>CVE-2017-0453</td> 1747 <td>A-33979145<br> 1748 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513">QC-CR#1105085</a></td> 1749 <td></td> 1750 <td>Nexus 5XAndroid One</td> 1751 <td>2016 12 30 </td> 1752 </tr> 1753 <tr> 1754 <td>CVE-2017-0523</td> 1755 <td>A-32835279<br> 1756 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582">QC-CR#1096945</a></td> 1757 <td></td> 1758 <td>*</td> 1759 <td>Google </td> 1760 </tr> 1761 </table> 1762 <p>* Android 7.0 Google </p> 1763 1764 1765 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1766 <p>Synaptics </p> 1767 1768 <table> 1769 <col width="19%"> 1770 <col width="20%"> 1771 <col width="10%"> 1772 <col width="23%"> 1773 <col width="17%"> 1774 <tr> 1775 <th>CVE</th> 1776 <th></th> 1777 <th></th> 1778 <th> Google </th> 1779 <th></th> 1780 </tr> 1781 <tr> 1782 <td>CVE-2017-0524</td> 1783 <td>A-33002026</td> 1784 <td></td> 1785 <td>Android OneNexus 5XNexus 6PNexus 9PixelPixel XL</td> 1786 <td>2016 11 18 </td> 1787 </tr> 1788 </table> 1789 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1790 1791 1792 <h3 id="eop-in-qualcomm-ipa-driver">Qualcomm IPA </h3> 1793 <p>Qualcomm IPA </p> 1794 1795 <table> 1796 <col width="19%"> 1797 <col width="20%"> 1798 <col width="10%"> 1799 <col width="23%"> 1800 <col width="17%"> 1801 <tr> 1802 <th>CVE</th> 1803 <th></th> 1804 <th></th> 1805 <th> Google </th> 1806 <th></th> 1807 </tr> 1808 <tr> 1809 <td>CVE-2017-0456</td> 1810 <td>A-33106520*<br>QC-CR#1099598</td> 1811 <td></td> 1812 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1813 <td>2016 11 23 </td> 1814 </tr> 1815 <tr> 1816 <td>CVE-2017-0525</td> 1817 <td>A-33139056*<br>QC-CR#1097714</td> 1818 <td></td> 1819 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1820 <td>2016 11 25 </td> 1821 </tr> 1822 </table> 1823 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1824 1825 1826 <h3 id="eop-in-htc-sensor-hub-driver">HTC </h3> 1827 <p>HTC </p> 1828 1829 <table> 1830 <col width="19%"> 1831 <col width="20%"> 1832 <col width="10%"> 1833 <col width="23%"> 1834 <col width="17%"> 1835 <tr> 1836 <th>CVE</th> 1837 <th></th> 1838 <th></th> 1839 <th> Google </th> 1840 <th></th> 1841 </tr> 1842 <tr> 1843 <td>CVE-2017-0526</td> 1844 <td>A-33897738*</td> 1845 <td></td> 1846 <td>Nexus 9</td> 1847 <td>2016 12 25 </td> 1848 </tr> 1849 <tr> 1850 <td>CVE-2017-0527</td> 1851 <td>A-33899318*</td> 1852 <td></td> 1853 <td>Nexus 9PixelPixel XL</td> 1854 <td>2016 12 25 </td> 1855 </tr> 1856 </table> 1857 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1858 1859 1860 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU </h3> 1861 <p>NVIDIA GPU </p> 1862 1863 <table> 1864 <col width="19%"> 1865 <col width="20%"> 1866 <col width="10%"> 1867 <col width="23%"> 1868 <col width="17%"> 1869 <tr> 1870 <th>CVE</th> 1871 <th></th> 1872 <th></th> 1873 <th> Google </th> 1874 <th></th> 1875 </tr> 1876 <tr> 1877 <td>CVE-2017-0307</td> 1878 <td>A-33177895*<br>N-CVE-2017-0307</td> 1879 <td></td> 1880 <td>**</td> 1881 <td>2016 11 28 </td> 1882 </tr> 1883 </table> 1884 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1885 <p>** Android 7.0 Google </p> 1886 1887 1888 <h3 id="eop-in-qualcomm-networking-driver">Qualcomm </h3> 1889 <p>Qualcomm </p> 1890 1891 <table> 1892 <col width="19%"> 1893 <col width="20%"> 1894 <col width="10%"> 1895 <col width="23%"> 1896 <col width="17%"> 1897 <tr> 1898 <th>CVE</th> 1899 <th></th> 1900 <th></th> 1901 <th> Google </th> 1902 <th></th> 1903 </tr> 1904 <tr> 1905 <td>CVE-2017-0463</td> 1906 <td>A-33277611<br> 1907 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2">QC-CR#1101792</a></td> 1908 <td></td> 1909 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1910 <td>2016 11 30 </td> 1911 </tr> 1912 <tr> 1913 <td>CVE-2017-0460</td> 1914 <td>A-31252965*<br>QC-CR#1098801</td> 1915 <td></td> 1916 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixelPixel XL</td> 1917 <td>Google </td> 1918 </tr> 1919 </table> 1920 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1921 1922 1923 <h3 id="eop-in-kernel-security-subsystem"></h3> 1924 <p></p> 1925 1926 <table> 1927 <col width="19%"> 1928 <col width="20%"> 1929 <col width="10%"> 1930 <col width="23%"> 1931 <col width="17%"> 1932 <tr> 1933 <th>CVE</th> 1934 <th></th> 1935 <th></th> 1936 <th> Google </th> 1937 <th></th> 1938 </tr> 1939 <tr> 1940 <td>CVE-2017-0528</td> 1941 <td>A-33351919*</td> 1942 <td></td> 1943 <td>PixelPixel XL</td> 1944 <td>2016 12 4 </td> 1945 </tr> 1946 </table> 1947 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 1948 1949 1950 <h3 id="eop-in-qualcomm-spcom-driver">Qualcomm SPCom </h3> 1951 <p>Qualcomm SPCom </p> 1952 1953 <table> 1954 <col width="19%"> 1955 <col width="20%"> 1956 <col width="10%"> 1957 <col width="23%"> 1958 <col width="17%"> 1959 <tr> 1960 <th>CVE</th> 1961 <th></th> 1962 <th></th> 1963 <th> Google </th> 1964 <th></th> 1965 </tr> 1966 <tr> 1967 <td>CVE-2016-5856</td> 1968 <td>A-32610665<br> 1969 <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368">QC-CR#1094078</a></td> 1970 <td></td> 1971 <td>*</td> 1972 <td>Google </td> 1973 </tr> 1974 <tr> 1975 <td>CVE-2016-5857</td> 1976 <td>A-34386529<br> 1977 <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5">QC-CR#1094140</a></td> 1978 <td></td> 1979 <td>*</td> 1980 <td>Google </td> 1981 </tr> 1982 </table> 1983 <p>* Android 7.0 Google </p> 1984 1985 1986 <h3 id="id-in-kernel-networking-subsystem"></h3> 1987 <p></p> 1988 1989 <table> 1990 <col width="19%"> 1991 <col width="20%"> 1992 <col width="10%"> 1993 <col width="23%"> 1994 <col width="17%"> 1995 <tr> 1996 <th>CVE</th> 1997 <th></th> 1998 <th></th> 1999 <th> Google </th> 2000 <th></th> 2001 </tr> 2002 <tr> 2003 <td>CVE-2014-8709</td> 2004 <td>A-34077221<br> 2005 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f"></a></td> 2006 <td></td> 2007 <td>Nexus Player</td> 2008 <td>2014 11 9 </td> 2009 </tr> 2010 </table> 2011 2012 2013 <h3 id="id-in-mediatek-driver">MediaTek </h3> 2014 <p>MediaTek </p> 2015 2016 <table> 2017 <col width="19%"> 2018 <col width="20%"> 2019 <col width="10%"> 2020 <col width="23%"> 2021 <col width="17%"> 2022 <tr> 2023 <th>CVE</th> 2024 <th></th> 2025 <th></th> 2026 <th> Google </th> 2027 <th></th> 2028 </tr> 2029 <tr> 2030 <td>CVE-2017-0529</td> 2031 <td>A-28449427*<br>M-ALPS02710042</td> 2032 <td></td> 2033 <td>**</td> 2034 <td>2016 4 27 </td> 2035 </tr> 2036 </table> 2037 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2038 <p>** Android 7.0 Google </p> 2039 2040 2041 <h3 id="id-in-qualcomm-bootloader">Qualcomm </h3> 2042 <p>Qualcomm </p> 2043 2044 <table> 2045 <col width="19%"> 2046 <col width="20%"> 2047 <col width="10%"> 2048 <col width="23%"> 2049 <col width="17%"> 2050 <tr> 2051 <th>CVE</th> 2052 <th></th> 2053 <th></th> 2054 <th> Google </th> 2055 <th></th> 2056 </tr> 2057 <tr> 2058 <td>CVE-2017-0455</td> 2059 <td>A-32370952<br> 2060 <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f">QC-CR#1082755</a></td> 2061 <td></td> 2062 <td>PixelPixel XL</td> 2063 <td>2016 10 21 </td> 2064 </tr> 2065 </table> 2066 2067 2068 <h3 id="id-in-qualcomm-power-driver">Qualcomm </h3> 2069 <p>Qualcomm </p> 2070 2071 <table> 2072 <col width="19%"> 2073 <col width="20%"> 2074 <col width="10%"> 2075 <col width="23%"> 2076 <col width="17%"> 2077 <tr> 2078 <th>CVE</th> 2079 <th></th> 2080 <th></th> 2081 <th> Google </th> 2082 <th></th> 2083 </tr> 2084 <tr> 2085 <td>CVE-2016-8483</td> 2086 <td>A-33745862<br> 2087 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a">QC-CR#1035099</a></td> 2088 <td></td> 2089 <td>Nexus 5XNexus 6P</td> 2090 <td>2016 12 19 </td> 2091 </tr> 2092 </table> 2093 2094 2095 <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU </h3> 2096 <p>NVIDIA GPU </p> 2097 2098 <table> 2099 <col width="19%"> 2100 <col width="20%"> 2101 <col width="10%"> 2102 <col width="23%"> 2103 <col width="17%"> 2104 <tr> 2105 <th>CVE</th> 2106 <th></th> 2107 <th></th> 2108 <th> Google </th> 2109 <th></th> 2110 </tr> 2111 <tr> 2112 <td>CVE-2017-0334</td> 2113 <td>A-33245849*<br>N-CVE-2017-0334</td> 2114 <td></td> 2115 <td>Pixel C</td> 2116 <td>2016 11 30 </td> 2117 </tr> 2118 <tr> 2119 <td>CVE-2017-0336</td> 2120 <td>A-33042679*<br>N-CVE-2017-0336</td> 2121 <td></td> 2122 <td>Pixel C</td> 2123 <td>Google </td> 2124 </tr> 2125 </table> 2126 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2127 2128 2129 <h3 id="dos-in-kernel-cryptographic-subsystem"></h3> 2130 <p></p> 2131 2132 <table> 2133 <col width="19%"> 2134 <col width="20%"> 2135 <col width="10%"> 2136 <col width="23%"> 2137 <col width="17%"> 2138 <tr> 2139 <th>CVE</th> 2140 <th></th> 2141 <th></th> 2142 <th> Google </th> 2143 <th></th> 2144 </tr> 2145 <tr> 2146 <td>CVE-2016-8650</td> 2147 <td>A-33401771<br> 2148 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"></a></td> 2149 <td></td> 2150 <td>Nexus 5XNexus 6PPixelPixel XL</td> 2151 <td>2016 10 12 </td> 2152 </tr> 2153 </table> 2154 2155 2156 <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Qualcomm </h3> 2157 <p>Qualcomm </p> 2158 2159 <table> 2160 <col width="19%"> 2161 <col width="20%"> 2162 <col width="10%"> 2163 <col width="23%"> 2164 <col width="17%"> 2165 <tr> 2166 <th>CVE</th> 2167 <th></th> 2168 <th></th> 2169 <th> Google </th> 2170 <th></th> 2171 </tr> 2172 <tr> 2173 <td>CVE-2016-8417</td> 2174 <td>A-32342399<br> 2175 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0">QC-CR#1088824</a></td> 2176 <td></td> 2177 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2178 <td>2016 10 21 </td> 2179 </tr> 2180 </table> 2181 2182 2183 <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm WLAN </h3> 2184 <p>Qualcomm WLAN </p> 2185 2186 <table> 2187 <col width="19%"> 2188 <col width="20%"> 2189 <col width="10%"> 2190 <col width="23%"> 2191 <col width="17%"> 2192 <tr> 2193 <th>CVE</th> 2194 <th></th> 2195 <th></th> 2196 <th> Google </th> 2197 <th></th> 2198 </tr> 2199 <tr> 2200 <td>CVE-2017-0461</td> 2201 <td>A-32073794<br> 2202 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65">QC-CR#1100132</a></td> 2203 <td></td> 2204 <td>Android OneNexus 5XPixelPixel XL</td> 2205 <td>2016 10 9 </td> 2206 </tr> 2207 <tr> 2208 <td>CVE-2017-0459</td> 2209 <td>A-32644895<br> 2210 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7">QC-CR#1091939</a></td> 2211 <td></td> 2212 <td>PixelPixel XL</td> 2213 <td>2016 11 3 </td> 2214 </tr> 2215 <tr> 2216 <td>CVE-2017-0531</td> 2217 <td>A-32877245<br> 2218 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302">QC-CR#1087469</a></td> 2219 <td></td> 2220 <td>Android OneNexus 5XNexus 6PPixelPixel XL</td> 2221 <td>2016 11 13 </td> 2222 </tr> 2223 </table> 2224 2225 2226 <h3 id="id-in-mediatek-video-codec-driver">MediaTek </h3> 2227 <p>MediaTek </p> 2228 2229 <table> 2230 <col width="19%"> 2231 <col width="20%"> 2232 <col width="10%"> 2233 <col width="23%"> 2234 <col width="17%"> 2235 <tr> 2236 <th>CVE</th> 2237 <th></th> 2238 <th></th> 2239 <th> Google </th> 2240 <th></th> 2241 </tr> 2242 <tr> 2243 <td>CVE-2017-0532</td> 2244 <td>A-32370398*<br>M-ALPS03069985</td> 2245 <td></td> 2246 <td>**</td> 2247 <td>2016 10 22 </td> 2248 </tr> 2249 </table> 2250 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2251 <p>** Android 7.0 Google </p> 2252 2253 2254 <h3 id="id-in-qualcomm-video-driver">Qualcomm </h3> 2255 <p>Qualcomm </p> 2256 2257 <table> 2258 <col width="19%"> 2259 <col width="20%"> 2260 <col width="10%"> 2261 <col width="23%"> 2262 <col width="17%"> 2263 <tr> 2264 <th>CVE</th> 2265 <th></th> 2266 <th></th> 2267 <th> Google </th> 2268 <th></th> 2269 </tr> 2270 <tr> 2271 <td>CVE-2017-0533</td> 2272 <td>A-32509422<br> 2273 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> 2274 <td></td> 2275 <td>PixelPixel XL</td> 2276 <td>2016 10 27 </td> 2277 </tr> 2278 <tr> 2279 <td>CVE-2017-0534</td> 2280 <td>A-32508732<br> 2281 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> 2282 <td></td> 2283 <td>PixelPixel XL</td> 2284 <td>2016 10 28 </td> 2285 </tr> 2286 <tr> 2287 <td>CVE-2016-8416</td> 2288 <td>A-32510746<br> 2289 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> 2290 <td></td> 2291 <td>PixelPixel XL</td> 2292 <td>2016 10 28 </td> 2293 </tr> 2294 <tr> 2295 <td>CVE-2016-8478</td> 2296 <td>A-32511270<br> 2297 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> 2298 <td></td> 2299 <td>PixelPixel XL</td> 2300 <td>2016 10 28 </td> 2301 </tr> 2302 </table> 2303 2304 2305 <h3 id="id-in-qualcomm-camera-driver">Qualcomm </h3> 2306 <p>Qualcomm </p> 2307 2308 <table> 2309 <col width="19%"> 2310 <col width="20%"> 2311 <col width="10%"> 2312 <col width="23%"> 2313 <col width="17%"> 2314 <tr> 2315 <th>CVE</th> 2316 <th></th> 2317 <th></th> 2318 <th> Google </th> 2319 <th></th> 2320 </tr> 2321 <tr> 2322 <td>CVE-2016-8413</td> 2323 <td>A-32709702<br> 2324 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d">QC-CR#518731</a></td> 2325 <td></td> 2326 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2327 <td>2016 11 4 </td> 2328 </tr> 2329 <tr> 2330 <td>CVE-2016-8477</td> 2331 <td>A-32720522<br> 2332 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508">QC-CR#1090007</a>[<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> 2333 <td></td> 2334 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2335 <td>2016 11 7 </td> 2336 </tr> 2337 </table> 2338 2339 2340 <h3 id="id-in-htc-sound-codec-driver">HTC </h3> 2341 <p>HTC </p> 2342 2343 <table> 2344 <col width="19%"> 2345 <col width="20%"> 2346 <col width="10%"> 2347 <col width="23%"> 2348 <col width="17%"> 2349 <tr> 2350 <th>CVE</th> 2351 <th></th> 2352 <th></th> 2353 <th> Google </th> 2354 <th></th> 2355 </tr> 2356 <tr> 2357 <td>CVE-2017-0535</td> 2358 <td>A-33547247*</td> 2359 <td></td> 2360 <td>Nexus 9</td> 2361 <td>2016 12 11 </td> 2362 </tr> 2363 </table> 2364 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2365 2366 2367 <h3 id="id-in-synaptics-touchscreen-driver">Synaptics </h3> 2368 <p>Synaptics </p> 2369 2370 <table> 2371 <col width="19%"> 2372 <col width="20%"> 2373 <col width="10%"> 2374 <col width="23%"> 2375 <col width="17%"> 2376 <tr> 2377 <th>CVE</th> 2378 <th></th> 2379 <th></th> 2380 <th> Google </th> 2381 <th></th> 2382 </tr> 2383 <tr> 2384 <td>CVE-2017-0536</td> 2385 <td>A-33555878*</td> 2386 <td></td> 2387 <td>Android OneNexus 5XNexus 6PNexus 9PixelPixel XL</td> 2388 <td>2016 12 12 </td> 2389 </tr> 2390 </table> 2391 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2392 2393 2394 <h3 id="id-in-kernel-usb-gadget-driver"> USB </h3> 2395 <p> USB </p> 2396 2397 <table> 2398 <col width="19%"> 2399 <col width="20%"> 2400 <col width="10%"> 2401 <col width="23%"> 2402 <col width="17%"> 2403 <tr> 2404 <th>CVE</th> 2405 <th></th> 2406 <th></th> 2407 <th> Google </th> 2408 <th></th> 2409 </tr> 2410 <tr> 2411 <td>CVE-2017-0537</td> 2412 <td>A-31614969*</td> 2413 <td></td> 2414 <td>Pixel C</td> 2415 <td>Google </td> 2416 </tr> 2417 </table> 2418 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2419 2420 2421 <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm </h3> 2422 <p>Qualcomm </p> 2423 2424 <table> 2425 <col width="19%"> 2426 <col width="20%"> 2427 <col width="10%"> 2428 <col width="23%"> 2429 <col width="17%"> 2430 <tr> 2431 <th>CVE</th> 2432 <th></th> 2433 <th></th> 2434 <th> Google </th> 2435 <th></th> 2436 </tr> 2437 <tr> 2438 <td>CVE-2017-0452</td> 2439 <td>A-32873615*<br>QC-CR#1093693</td> 2440 <td></td> 2441 <td>Nexus 5XNexus 6PAndroid One</td> 2442 <td>2016 11 10 </td> 2443 </tr> 2444 </table> 2445 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p> 2446 <h2 id="common-questions-and-answers"></h2> 2447 <p></p> 2448 <p><strong>1. 2449 </strong></p> 2450 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 2451 <ul> 2452 <li>2017-03-01 2017-03-01 </li> 2453 <li>2017-03-05 2017-03-05 2454 </li> 2455 </ul> 2456 <p></p> 2457 <ul> 2458 <li>[ro.build.version.security_patch]:[2017-03-01]</li> 2459 <li>[ro.build.version.security_patch]:[2017-03-05]</li> 2460 </ul> 2461 <p><strong>2. 2 </strong></p> 2462 <p> 2 Android Android Android </p> 2463 <ul> 2464 <li> 2017 3 1 </li> 2465 <li> 2017 3 5 </li> 2466 </ul> 2467 <p></p> 2468 <p><strong>3. Google </strong></p> 2469 <p> <a href="#2017-03-01-details">2017-03-01</a> <a href="#2017-03-05-details">2017-03-05</a> Google Google <em></em></p> 2470 <ul> 2471 <li><strong> Google </strong> Nexus Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 2472 <li><strong> Google </strong> Google Google Google <em></em></li> 2473 <li><strong> Google </strong> Android 7.0 Google Google <em></em></li> 2474 </ul> 2475 <p><strong>4.</strong></p> 2476 <p><em></em></p> 2477 <table> 2478 <tr> 2479 <th></th> 2480 <th></th> 2481 </tr> 2482 <tr> 2483 <td>A-</td> 2484 <td>Android Bug ID</td> 2485 </tr> 2486 <tr> 2487 <td>QC-</td> 2488 <td>Qualcomm </td> 2489 </tr> 2490 <tr> 2491 <td>M-</td> 2492 <td>MediaTek </td> 2493 </tr> 2494 <tr> 2495 <td>N-</td> 2496 <td>NVIDIA </td> 2497 </tr> 2498 <tr> 2499 <td>B-</td> 2500 <td>Broadcom </td> 2501 </tr> 2502 </table> 2503 <h2 id="revisions"></h2> 2504 <ul> 2505 <li>2017 3 6 </li> 2506 <li>2017 3 7 AOSP </li> 2507 </ul> 2508 </body> 2509 </html> 2510
