Home | History | Annotate | Download | only in bulletin
      1 <html devsite><head>
      2     <title>Android  - 2017  5 </title>
      3     <meta name="project_path" value="/_project.yaml"/>
      4     <meta name="book_path" value="/_book.yaml"/>
      5   </head>
      6   <body>
      7   <!--
      8       Copyright 2017 The Android Open Source Project
      9 
     10       Licensed under the Apache License, Version 2.0 (the "License");
     11       you may not use this file except in compliance with the License.
     12       You may obtain a copy of the License at
     13 
     14           http://www.apache.org/licenses/LICENSE-2.0
     15 
     16       Unless required by applicable law or agreed to in writing, software
     17       distributed under the License is distributed on an "AS IS" BASIS,
     18       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     19       See the License for the specific language governing permissions and
     20       limitations under the License.
     21   -->
     22 
     23 <p><em>2017  5  1  | 2017  5  2 </em></p>
     24 
     25 <p>Android  Android  (OTA)  Nexus  <a href="https://developers.google.com/android/nexus/images">Google Developers </a> Google 2017  5  5  <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel  Nexus </a></p>
     26 
     27 <p> 2017  4  3  Android  (AOSP)  AOSP </p>
     28 
     29 <p><a href="/security/overview/updates-resources.html#severity"></a></p>
     30 
     31 <p> <a href="#mitigations">Android  Google </a> <a href="/security/enhancements/index.html">Android </a> <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> Android </p>
     32 
     33 <p></p>
     34 <h2 id="announcements"></h2>
     35 <ul>
     36 <li> Android  Android <a href="#common-questions-and-answers"></a>
     37  <ul>
     38  <li><strong>2017-05-01</strong> 2017-05-01</li>
     39  <li><strong>2017-05-05</strong> 2017-05-01  2017-05-05</li>
     40 </ul>
     41 </li>
     42 <li> Google  2017  5  5  OTA </li>
     43 </ul>
     44 
     45 <h2 id="mitigations">Android  Google </h2>
     46 
     47 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p>
     48 
     49 <ul>
     50 <li> Android  Android  Android</li>
     51 <li>Android <a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf"> SafetyNet</a> <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play  Google Play  Root  Root </li>
     52 <li> Google  Messenger  Mediaserver </li>
     53 </ul>
     54 
     55 <h2 id="acknowledgements"></h2>
     56 
     57 <p></p>
     58 <ul>
     59 <li>Venustech  ADlabCVE-2017-0630</li>
     60 <li> (<a href="https://twitter.com/keen_lab">@keen_lab</a>)  Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-10287</li>
     61 <li>CVE-2017-0599CVE-2017-0635</li>
     62 <li><a href="http://www.ms509.com">MS509Team</a>  En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)  Bo LiuCVE-2017-0601</li>
     63 <li><a href="https://twrp.me/">Team Win Recovery Project</a>  Ethan YonkerCVE-2017-0493</li>
     64 <li> 360  IceSword  Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)  <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-10285CVE-2016-10288CVE-2016-10290CVE-2017-0624CVE-2017-0616CVE-2017-0617CVE-2016-10294CVE-2016-10295CVE-2016-10296</li>
     65 <li> (<a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>)CVE-2017-0602</li>
     66 <li><a href="http://tuncay2.web.engr.illinois.edu">-</a> <a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Gliz Seray Tuncay</a>CVE-2017-0593</li>
     67 <li> 360  Alpha  Hao Chen  Guang GongCVE-2016-10283</li>
     68 <li> Juhu NieYang ChengNan Li  Qiwu HuangCVE-2016-10276</li>
     69 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2017-0598</li>
     70 <li> Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2017-0331CVE-2017-0606</li>
     71 <li><a href="mailto:jiych.guru (a] gmail.com">Niky1235</a> (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>)CVE-2017-0603</li>
     72 <li> Peng XiaoChengming YangNing YouChao Yang  Yang SongCVE-2016-10281CVE-2016-10280</li>
     73 <li><a href="https://alephsecurity.com/">Aleph </a> Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>)CVE-2016-10277</li>
     74 <li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2016-10274</li>
     75 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>  Xuxian JiangCVE-2016-10291</li>
     76 <li>Vasily VasilievCVE-2017-0589</li>
     77 <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0590CVE-2017-0587CVE-2017-0600</li>
     78 <li> Xiling GongCVE-2017-0597</li>
     79 <li>360 Marvel  Xingyuan LinCVE-2017-0627</li>
     80 <li> (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)CVE-2017-0588</li>
     81 <li> 360  IceSword  Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>)CVE-2016-10289CVE-2017-0465</li>
     82 <li> 360  Vulpecker  Yu PanCVE-2016-10282CVE-2017-0615</li>
     83 <li> 360  Vulpecker  Yu Pan  Peide ZhangCVE-2017-0618CVE-2017-0625</li>
     84 </ul>
     85 
     86 <h2 id="2017-05-01-details">2017-05-01  - </h2>
     87 
     88 <p> 2017-05-01  CVE Google  AOSP  Bug ID  AOSP  Bug  Bug ID </p>
     89 
     90 <h3 id="rce-in-mediaserver">Mediaserver </h3>
     91 
     92 <p>Mediaserver  Mediaserver </p>
     93 
     94 <table>
     95   <colgroup><col width="18%" />
     96   <col width="17%" />
     97   <col width="10%" />
     98   <col width="19%" />
     99   <col width="18%" />
    100   <col width="17%" />
    101   </colgroup><tbody><tr>
    102     <th>CVE</th>
    103     <th></th>
    104     <th></th>
    105     <th> Google </th>
    106     <th> AOSP </th>
    107     <th></th>
    108   </tr>
    109   <tr>
    110     <td>CVE-2017-0587</td>
    111     <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td>
    112     <td></td>
    113     <td></td>
    114     <td>6.06.0.17.07.1.17.1.2</td>
    115     <td>2017  1  4 </td>
    116   </tr>
    117   <tr>
    118     <td>CVE-2017-0588</td>
    119     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td>
    120     <td></td>
    121     <td></td>
    122     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    123     <td>2017  1  21 </td>
    124   </tr>
    125   <tr>
    126     <td>CVE-2017-0589</td>
    127     <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td>
    128     <td></td>
    129     <td></td>
    130     <td>5.0.25.1.16.06.0.17.07.1.17.1.2</td>
    131     <td>2017  2  1 </td>
    132   </tr>
    133   <tr>
    134     <td>CVE-2017-0590</td>
    135     <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td>
    136     <td></td>
    137     <td></td>
    138     <td>5.0.25.1.16.06.0.17.07.1.17.1.2</td>
    139     <td>2017  2  6 </td>
    140   </tr>
    141   <tr>
    142     <td>CVE-2017-0591</td>
    143     <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td>
    144     <td></td>
    145     <td></td>
    146     <td>6.06.0.17.07.1.17.1.2</td>
    147     <td>Google </td>
    148   </tr>
    149   <tr>
    150     <td>CVE-2017-0592</td>
    151     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td>
    152     <td></td>
    153     <td></td>
    154     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    155     <td>Google </td>
    156   </tr>
    157 </tbody></table>
    158 
    159 <h3 id="eop-in-framework-apis">Framework API </h3>
    160 
    161 <p>Framework API </p>
    162 
    163 <table>
    164   <colgroup><col width="18%" />
    165   <col width="17%" />
    166   <col width="10%" />
    167   <col width="19%" />
    168   <col width="18%" />
    169   <col width="17%" />
    170   </colgroup><tbody><tr>
    171     <th>CVE</th>
    172     <th></th>
    173     <th></th>
    174     <th> Google </th>
    175     <th> AOSP </th>
    176     <th></th>
    177   </tr>
    178   <tr>
    179     <td>CVE-2017-0593</td>
    180     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td>
    181     <td></td>
    182     <td></td>
    183     <td>6.06.0.17.07.1.17.1.2</td>
    184     <td>2017  1  5 </td>
    185   </tr>
    186 </tbody></table>
    187 
    188 <h3 id="eop-in-mediaserver">Mediaserver </h3>
    189 
    190 <p>Mediaserver </p>
    191 
    192 <table>
    193   <colgroup><col width="18%" />
    194   <col width="17%" />
    195   <col width="10%" />
    196   <col width="19%" />
    197   <col width="18%" />
    198   <col width="17%" />
    199   </colgroup><tbody><tr>
    200     <th>CVE</th>
    201     <th></th>
    202     <th></th>
    203     <th> Google </th>
    204     <th> AOSP </th>
    205     <th></th>
    206   </tr>
    207   <tr>
    208     <td>CVE-2017-0594</td>
    209     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td>
    210     <td></td>
    211     <td></td>
    212     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    213     <td>2017  1  22 </td>
    214   </tr>
    215   <tr>
    216     <td>CVE-2017-0595</td>
    217     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td>
    218     <td></td>
    219     <td></td>
    220     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    221     <td>2017  1  24 </td>
    222   </tr>
    223   <tr>
    224     <td>CVE-2017-0596</td>
    225     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td>
    226     <td></td>
    227     <td></td>
    228     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    229     <td>2017  1  24 </td>
    230   </tr>
    231 </tbody></table>
    232 
    233 <h3 id="eop-in-audioserver">Audioserver </h3>
    234 
    235 <p>Audioserver </p>
    236 
    237 <table>
    238   <colgroup><col width="18%" />
    239   <col width="17%" />
    240   <col width="10%" />
    241   <col width="19%" />
    242   <col width="18%" />
    243   <col width="17%" />
    244   </colgroup><tbody><tr>
    245     <th>CVE</th>
    246     <th></th>
    247     <th></th>
    248     <th> Google </th>
    249     <th> AOSP </th>
    250     <th></th>
    251   </tr>
    252   <tr>
    253     <td>CVE-2017-0597</td>
    254     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td>
    255     <td></td>
    256     <td></td>
    257     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    258     <td>2017  1  25 </td>
    259   </tr>
    260 </tbody></table>
    261 
    262 <h3 id="id-in-framework-apis">Framework API </h3>
    263 
    264 <p>Framework API </p>
    265 
    266 <table>
    267   <colgroup><col width="18%" />
    268   <col width="17%" />
    269   <col width="10%" />
    270   <col width="19%" />
    271   <col width="18%" />
    272   <col width="17%" />
    273   </colgroup><tbody><tr>
    274     <th>CVE</th>
    275     <th></th>
    276     <th></th>
    277     <th> Google </th>
    278     <th> AOSP </th>
    279     <th></th>
    280   </tr>
    281   <tr>
    282     <td>CVE-2017-0598</td>
    283     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td>
    284     <td></td>
    285     <td></td>
    286     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    287     <td>2017  1  6 </td>
    288   </tr>
    289 </tbody></table>
    290 
    291 <h3 id="dos-in-mediaserver">Mediaserver </h3>
    292 
    293 <p>Mediaserver </p>
    294 
    295 <table>
    296   <colgroup><col width="18%" />
    297   <col width="17%" />
    298   <col width="10%" />
    299   <col width="19%" />
    300   <col width="18%" />
    301   <col width="17%" />
    302   </colgroup><tbody><tr>
    303     <th>CVE</th>
    304     <th></th>
    305     <th></th>
    306     <th> Google </th>
    307     <th> AOSP </th>
    308     <th></th>
    309   </tr>
    310   <tr>
    311     <td>CVE-2017-0599</td>
    312     <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td>
    313     <td></td>
    314     <td></td>
    315     <td>6.06.0.17.07.1.17.1.2</td>
    316     <td>2017  1  23 </td>
    317   </tr>
    318   <tr>
    319     <td>CVE-2017-0600</td>
    320     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td>
    321     <td></td>
    322     <td></td>
    323     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    324     <td>2017  2  10 </td>
    325   </tr>
    326 </tbody></table>
    327 
    328 <h3 id="eop-in-bluetooth"></h3>
    329 
    330 <p></p>
    331 
    332 <table>
    333   <colgroup><col width="18%" />
    334   <col width="17%" />
    335   <col width="10%" />
    336   <col width="19%" />
    337   <col width="18%" />
    338   <col width="17%" />
    339   </colgroup><tbody><tr>
    340     <th>CVE</th>
    341     <th></th>
    342     <th></th>
    343     <th> Google </th>
    344     <th> AOSP </th>
    345     <th></th>
    346   </tr>
    347   <tr>
    348     <td>CVE-2017-0601</td>
    349     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td>
    350     <td></td>
    351     <td></td>
    352     <td>7.07.1.17.1.2</td>
    353     <td>2017  2  9 </td>
    354   </tr>
    355 </tbody></table>
    356 
    357 <h3 id="id-in-file-based-encryption"></h3>
    358 
    359 <p></p>
    360 
    361 <table>
    362   <colgroup><col width="18%" />
    363   <col width="17%" />
    364   <col width="10%" />
    365   <col width="19%" />
    366   <col width="18%" />
    367   <col width="17%" />
    368   </colgroup><tbody><tr>
    369     <th>CVE</th>
    370     <th></th>
    371     <th></th>
    372     <th> Google </th>
    373     <th> AOSP </th>
    374     <th></th>
    375   </tr>
    376   <tr>
    377     <td>CVE-2017-0493</td>
    378     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td>
    379     <td></td>
    380     <td></td>
    381     <td>7.07.1.1</td>
    382     <td>2016  11  9 </td>
    383   </tr>
    384 </tbody></table>
    385 
    386 <h3 id="id-in-bluetooth"></h3>
    387 
    388 <p></p>
    389 
    390 <table>
    391   <colgroup><col width="18%" />
    392   <col width="17%" />
    393   <col width="10%" />
    394   <col width="19%" />
    395   <col width="18%" />
    396   <col width="17%" />
    397   </colgroup><tbody><tr>
    398     <th>CVE</th>
    399     <th></th>
    400     <th></th>
    401     <th> Google </th>
    402     <th> AOSP </th>
    403     <th></th>
    404   </tr>
    405   <tr>
    406     <td>CVE-2017-0602</td>
    407     <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td>
    408     <td></td>
    409     <td></td>
    410     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    411     <td>2016  12  5 </td>
    412   </tr>
    413 </tbody></table>
    414 
    415 <h3 id="id-in-openssl-&-boringssl">OpenSSL  BoringSSL </h3>
    416 
    417 <p>OpenSSL  BoringSSL </p>
    418 
    419 <table>
    420   <colgroup><col width="18%" />
    421   <col width="17%" />
    422   <col width="10%" />
    423   <col width="19%" />
    424   <col width="18%" />
    425   <col width="17%" />
    426   </colgroup><tbody><tr>
    427     <th>CVE</th>
    428     <th></th>
    429     <th></th>
    430     <th> Google </th>
    431     <th> AOSP </th>
    432     <th></th>
    433   </tr>
    434   <tr>
    435     <td>CVE-2016-7056</td>
    436     <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td>
    437     <td></td>
    438     <td></td>
    439     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    440     <td>2016  12  19 </td>
    441   </tr>
    442 </tbody></table>
    443 
    444 <h3 id="dos-in-mediaserver-2">Mediaserver </h3>
    445 
    446 <p>Mediaserver </p>
    447 
    448 <table>
    449   <colgroup><col width="18%" />
    450   <col width="17%" />
    451   <col width="10%" />
    452   <col width="19%" />
    453   <col width="18%" />
    454   <col width="17%" />
    455   </colgroup><tbody><tr>
    456     <th>CVE</th>
    457     <th></th>
    458     <th></th>
    459     <th> Google </th>
    460     <th> AOSP </th>
    461     <th></th>
    462   </tr>
    463   <tr>
    464     <td>CVE-2017-0603</td>
    465     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td>
    466     <td></td>
    467     <td></td>
    468     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    469     <td>2017  2  23 </td>
    470   </tr>
    471 </tbody></table>
    472 
    473 <h3 id="dos-in-mediaserver-3">Mediaserver </h3>
    474 
    475 <p>Mediaserver </p>
    476 
    477 <table>
    478   <colgroup><col width="18%" />
    479   <col width="17%" />
    480   <col width="10%" />
    481   <col width="19%" />
    482   <col width="18%" />
    483   <col width="17%" />
    484   </colgroup><tbody><tr>
    485     <th>CVE</th>
    486     <th></th>
    487     <th></th>
    488     <th> Google </th>
    489     <th> AOSP </th>
    490     <th></th>
    491   </tr>
    492   <tr>
    493     <td>CVE-2017-0635</td>
    494     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td>
    495     <td></td>
    496     <td></td>
    497     <td>7.07.1.17.1.2</td>
    498     <td>2017  2  16 </td>
    499   </tr>
    500 </tbody></table>
    501 
    502 <h2 id="2017-05-05-details">2017-05-05  - </h2>
    503 
    504 <p> 2017-05-05  CVE Google  AOSP  Bug ID  AOSP  Bug  Bug ID </p>
    505 
    506 <h3 id="rce-in-giflib">GIFLIB </h3>
    507 
    508 <p>GIFLIB  Mediaserver </p>
    509 
    510 <table>
    511   <colgroup><col width="18%" />
    512   <col width="17%" />
    513   <col width="10%" />
    514   <col width="19%" />
    515   <col width="18%" />
    516   <col width="17%" />
    517   </colgroup><tbody><tr>
    518     <th>CVE</th>
    519     <th></th>
    520     <th></th>
    521     <th> Google </th>
    522     <th> AOSP </th>
    523     <th></th>
    524   </tr>
    525   <tr>
    526     <td>CVE-2015-7555</td>
    527     <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td>
    528     <td></td>
    529     <td></td>
    530     <td>4.4.45.0.25.1.16.06.0.17.07.1.17.1.2</td>
    531     <td>2016  4  13 </td>
    532   </tr>
    533 </tbody></table>
    534 
    535 <h3 id="eop-in-mediatek-touchscreen-driver">MediaTek </h3>
    536 
    537 <p>MediaTek </p>
    538 
    539 <table>
    540   <colgroup><col width="19%" />
    541   <col width="20%" />
    542   <col width="10%" />
    543   <col width="23%" />
    544   <col width="17%" />
    545   </colgroup><tbody><tr>
    546     <th>CVE</th>
    547     <th></th>
    548     <th></th>
    549     <th> Google </th>
    550     <th></th>
    551   </tr>
    552   <tr>
    553     <td>CVE-2016-10274</td>
    554     <td>A-30202412*<br />M-ALPS02897901</td>
    555     <td></td>
    556     <td>**</td>
    557     <td>2016  7  16 </td>
    558   </tr>
    559 </tbody></table>
    560 
    561 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
    562 
    563 <p>**  Android 7.1.1 Google </p>
    564 
    565 <h3 id="eop-in-qualcomm-bootloader">Qualcomm </h3>
    566 
    567 <p>Qualcomm </p>
    568 
    569 <table>
    570   <colgroup><col width="19%" />
    571   <col width="20%" />
    572   <col width="10%" />
    573   <col width="23%" />
    574   <col width="17%" />
    575   </colgroup><tbody><tr>
    576     <th>CVE</th>
    577     <th></th>
    578     <th></th>
    579     <th> Google </th>
    580     <th></th>
    581   </tr>
    582   <tr>
    583     <td>CVE-2016-10275</td>
    584     <td>A-34514954<br />
    585         <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b">QC-CR#1009111</a></td>
    586     <td></td>
    587     <td>Nexus 5XNexus 6PixelPixel XLAndroid One</td>
    588     <td>2016  9  13 </td>
    589   </tr>
    590   <tr>
    591     <td>CVE-2016-10276</td>
    592     <td>A-32952839<br />
    593         <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64">QC-CR#1094105</a></td>
    594     <td></td>
    595     <td>Nexus 5XNexus 6PPixelPixel XL</td>
    596     <td>2016  11  16 </td>
    597   </tr>
    598 </tbody></table>
    599 
    600 <h3 id="eop-in-kernel-sound-subsystem"></h3>
    601 
    602 <p></p>
    603 
    604 <table>
    605   <colgroup><col width="19%" />
    606   <col width="20%" />
    607   <col width="10%" />
    608   <col width="23%" />
    609   <col width="17%" />
    610   </colgroup><tbody><tr>
    611     <th>CVE</th>
    612     <th></th>
    613     <th></th>
    614     <th> Google </th>
    615     <th></th>
    616   </tr>
    617   <tr>
    618     <td>CVE-2016-9794</td>
    619     <td>A-34068036<br />
    620         <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757"></a></td>
    621     <td></td>
    622     <td>Nexus 5XNexus 6Nexus 6PNexus 9PixelPixel XLPixel CAndroid OneNexus Player</td>
    623     <td>2016  12  3 </td>
    624   </tr>
    625 </tbody></table>
    626 
    627 <h3 id="eop-in-motorola-bootloader">Motorola </h3>
    628 
    629 <p>Motorola </p>
    630 
    631 <table>
    632   <colgroup><col width="19%" />
    633   <col width="20%" />
    634   <col width="10%" />
    635   <col width="23%" />
    636   <col width="17%" />
    637   </colgroup><tbody><tr>
    638     <th>CVE</th>
    639     <th></th>
    640     <th></th>
    641     <th> Google </th>
    642     <th></th>
    643   </tr>
    644   <tr>
    645     <td>CVE-2016-10277</td>
    646     <td>A-33840490*<br />
    647         </td>
    648     <td></td>
    649     <td>Nexus 6</td>
    650     <td>2016  12  21 </td>
    651   </tr>
    652 </tbody></table>
    653 
    654 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
    655 
    656 <h3 id="eop-in-nvidia-video-driver">NVIDIA </h3>
    657 
    658 <p>NVIDIA </p>
    659 
    660 <table>
    661   <colgroup><col width="19%" />
    662   <col width="20%" />
    663   <col width="10%" />
    664   <col width="23%" />
    665   <col width="17%" />
    666   </colgroup><tbody><tr>
    667     <th>CVE</th>
    668     <th></th>
    669     <th></th>
    670     <th> Google </th>
    671     <th></th>
    672   </tr>
    673   <tr>
    674     <td>CVE-2017-0331</td>
    675     <td>A-34113000*<br />N-CVE-2017-0331</td>
    676     <td></td>
    677     <td>Nexus 9</td>
    678     <td>2017  1  4 </td>
    679   </tr>
    680 </tbody></table>
    681 
    682 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
    683 
    684 <h3 id="eop-in-qualcomm-power-driver">Qualcomm </h3>
    685 
    686 <p> Qualcomm </p>
    687 
    688 <table>
    689   <colgroup><col width="19%" />
    690   <col width="20%" />
    691   <col width="10%" />
    692   <col width="23%" />
    693   <col width="17%" />
    694   </colgroup><tbody><tr>
    695     <th>CVE</th>
    696     <th></th>
    697     <th></th>
    698     <th> Google </th>
    699     <th></th>
    700   </tr>
    701   <tr>
    702     <td>CVE-2017-0604</td>
    703     <td>A-35392981<br />
    704         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7">QC-CR#826589</a></td>
    705     <td></td>
    706     <td>*</td>
    707     <td>2017  2  15 </td>
    708   </tr>
    709 </tbody></table>
    710 
    711 <p>*  Android 7.1.1 Google </p>
    712 
    713 <h3 id="eop-in-kernel-trace-subsystem"></h3>
    714 
    715 <p></p>
    716 
    717 <table>
    718   <colgroup><col width="19%" />
    719   <col width="20%" />
    720   <col width="10%" />
    721   <col width="23%" />
    722   <col width="17%" />
    723   </colgroup><tbody><tr>
    724     <th>CVE</th>
    725     <th></th>
    726     <th></th>
    727     <th> Google </th>
    728     <th></th>
    729   </tr>
    730   <tr>
    731     <td>CVE-2017-0605</td>
    732     <td>A-35399704<br />
    733         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477">QC-CR#1048480</a></td>
    734     <td></td>
    735     <td>Nexus 5XNexus 6Nexus 6PNexus 9PixelPixel XLPixel CAndroid OneNexus Player</td>
    736     <td>2017  2  15 </td>
    737   </tr>
    738 </tbody></table>
    739 
    740 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3>
    741 
    742 <p> Qualcomm 2016  8 9 10  12  Qualcomm AMSS </p>
    743 
    744 <table>
    745   <colgroup><col width="19%" />
    746   <col width="20%" />
    747   <col width="10%" />
    748   <col width="23%" />
    749   <col width="17%" />
    750   </colgroup><tbody><tr>
    751     <th>CVE</th>
    752     <th></th>
    753     <th></th>
    754     <th> Google </th>
    755     <th></th>
    756   </tr>
    757   <tr>
    758     <td>CVE-2016-10240</td>
    759     <td>A-32578446**<br />QC-CR#955710</td>
    760     <td></td>
    761     <td>Nexus 6P</td>
    762     <td>Qualcomm </td>
    763   </tr>
    764   <tr>
    765     <td>CVE-2016-10241</td>
    766     <td>A-35436149**<br />QC-CR#1068577</td>
    767     <td></td>
    768     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XL</td>
    769     <td>Qualcomm </td>
    770   </tr>
    771   <tr>
    772     <td>CVE-2016-10278</td>
    773     <td>A-31624008**<br />QC-CR#1043004</td>
    774     <td></td>
    775     <td>PixelPixel XL</td>
    776     <td>Qualcomm </td>
    777   </tr>
    778   <tr>
    779     <td>CVE-2016-10279</td>
    780     <td>A-31624421**<br />QC-CR#1031821</td>
    781     <td></td>
    782     <td>PixelPixel XL</td>
    783     <td>Qualcomm </td>
    784   </tr>
    785 </tbody></table>
    786 
    787 <p>* </p>
    788 
    789 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
    790 
    791 <p>***  Android 7.1.1 Google </p>
    792 
    793 <h3 id="rce-in-libxml2">libxml2 </h3>
    794 
    795 <p>libxml2 </p>
    796 
    797 <table>
    798   <colgroup><col width="18%" />
    799   <col width="17%" />
    800   <col width="10%" />
    801   <col width="19%" />
    802   <col width="18%" />
    803   <col width="17%" />
    804   </colgroup><tbody><tr>
    805     <th>CVE</th>
    806     <th></th>
    807     <th></th>
    808     <th> Google </th>
    809     <th> AOSP </th>
    810     <th></th>
    811   </tr>
    812   <tr>
    813     <td>CVE-2016-5131</td>
    814     <td>A-32956747*</td>
    815     <td></td>
    816     <td>**</td>
    817     <td>4.4.45.0.25.1.16.06.0.17.0</td>
    818     <td>2016  7  23 </td>
    819   </tr>
    820 </tbody></table>
    821 
    822 <p>* <a href="https://developers.google.com/android/drivers">Google Developers </a> Nexus </p>
    823 
    824 <p>**  Android 7.1.1 Google </p>
    825 
    826 <h3 id="eop-in-mediatek-thermal-driver">MediaTek </h3>
    827 
    828 <p>MediaTek </p>
    829 
    830 <table>
    831   <colgroup><col width="19%" />
    832   <col width="20%" />
    833   <col width="10%" />
    834   <col width="23%" />
    835   <col width="17%" />
    836   </colgroup><tbody><tr>
    837     <th>CVE</th>
    838     <th></th>
    839     <th></th>
    840     <th> Google </th>
    841     <th></th>
    842   </tr>
    843   <tr>
    844     <td>CVE-2016-10280</td>
    845     <td>A-28175767*<br />M-ALPS02696445</td>
    846     <td></td>
    847     <td>**</td>
    848     <td>2016  4  11 </td>
    849   </tr>
    850   <tr>
    851     <td>CVE-2016-10281</td>
    852     <td>A-28175647*<br />M-ALPS02696475</td>
    853     <td></td>
    854     <td>**</td>
    855     <td>2016  4  11 </td>
    856   </tr>
    857   <tr>
    858     <td>CVE-2016-10282</td>
    859     <td>A-33939045*<br />M-ALPS03149189</td>
    860     <td></td>
    861     <td>**</td>
    862     <td>2016  12  27 </td>
    863   </tr>
    864 </tbody></table>
    865 
    866 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
    867 
    868 <p>**  Android 7.1.1 Google </p>
    869 
    870 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm WLAN </h3>
    871 
    872 <p>Qualcomm WLAN </p>
    873 
    874 <table>
    875   <colgroup><col width="19%" />
    876   <col width="20%" />
    877   <col width="10%" />
    878   <col width="23%" />
    879   <col width="17%" />
    880   </colgroup><tbody><tr>
    881     <th>CVE</th>
    882     <th></th>
    883     <th></th>
    884     <th> Google </th>
    885     <th></th>
    886   </tr>
    887   <tr>
    888     <td>CVE-2016-10283</td>
    889     <td>A-32094986<br />
    890         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd">QC-CR#2002052</a></td>
    891     <td></td>
    892     <td>Nexus 5XPixelPixel XLAndroid One</td>
    893     <td>2016  10  11 </td>
    894   </tr>
    895 </tbody></table>
    896 
    897 <h3 id="eop-in-qualcomm-video-driver">Qualcomm </h3>
    898 
    899 <p>Qualcomm </p>
    900 
    901 <table>
    902   <colgroup><col width="19%" />
    903   <col width="20%" />
    904   <col width="10%" />
    905   <col width="23%" />
    906   <col width="17%" />
    907   </colgroup><tbody><tr>
    908     <th>CVE</th>
    909     <th></th>
    910     <th></th>
    911     <th> Google </th>
    912     <th></th>
    913   </tr>
    914   <tr>
    915     <td>CVE-2016-10284</td>
    916     <td>A-32402303*<br />QC-CR#2000664</td>
    917     <td></td>
    918     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
    919     <td>2016  10  24 </td>
    920   </tr>
    921   <tr>
    922     <td>CVE-2016-10285</td>
    923     <td>A-33752702<br />
    924         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9">QC-CR#1104899</a></td>
    925     <td></td>
    926     <td>PixelPixel XL</td>
    927     <td>2016  12  19 </td>
    928   </tr>
    929   <tr>
    930     <td>CVE-2016-10286</td>
    931     <td>A-35400904<br />
    932         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999">QC-CR#1090237</a></td>
    933     <td></td>
    934     <td>PixelPixel XL</td>
    935     <td>2017  2  15 </td>
    936   </tr>
    937 </tbody></table>
    938 
    939 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
    940 
    941 <h3 id="eop-in-kernel-performance-subsystem"></h3>
    942 
    943 <p></p>
    944 
    945 <table>
    946   <colgroup><col width="19%" />
    947   <col width="20%" />
    948   <col width="10%" />
    949   <col width="23%" />
    950   <col width="17%" />
    951   </colgroup><tbody><tr>
    952     <th>CVE</th>
    953     <th></th>
    954     <th></th>
    955     <th> Google </th>
    956     <th></th>
    957   </tr>
    958   <tr>
    959     <td>CVE-2015-9004</td>
    960     <td>A-34515362<br />
    961         <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"></a></td>
    962     <td></td>
    963     <td>Nexus 5XNexus 6Nexus 6PNexus 9PixelPixel XLPixel CAndroid OneNexus Player</td>
    964     <td>2016  11  23 </td>
    965   </tr>
    966 </tbody></table>
    967 
    968 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3>
    969 
    970 <p>Qualcomm </p>
    971 
    972 <table>
    973   <colgroup><col width="19%" />
    974   <col width="20%" />
    975   <col width="10%" />
    976   <col width="23%" />
    977   <col width="17%" />
    978   </colgroup><tbody><tr>
    979     <th>CVE</th>
    980     <th></th>
    981     <th></th>
    982     <th> Google </th>
    983     <th></th>
    984   </tr>
    985   <tr>
    986     <td>CVE-2016-10287</td>
    987     <td>A-33784446<br />
    988         <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded">QC-CR#1112751</a></td>
    989     <td></td>
    990     <td>Nexus 5XNexus 6PPixelPixel XLAndroid One</td>
    991     <td>2016  12  20 </td>
    992   </tr>
    993   <tr>
    994     <td>CVE-2017-0606</td>
    995     <td>A-34088848<br />
    996         <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250">QC-CR#1116015</a></td>
    997     <td></td>
    998     <td>Nexus 5XNexus 6PPixelPixel XLAndroid One</td>
    999     <td>2017  1  3 </td>
   1000   </tr>
   1001   <tr>
   1002     <td>CVE-2016-5860</td>
   1003     <td>A-34623424<br />
   1004         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498">QC-CR#1100682</a></td>
   1005     <td></td>
   1006     <td>PixelPixel XL</td>
   1007     <td>2017  1  22 </td>
   1008   </tr>
   1009   <tr>
   1010     <td>CVE-2016-5867</td>
   1011     <td>A-35400602<br />
   1012         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5">QC-CR#1095947</a></td>
   1013     <td></td>
   1014     <td>*</td>
   1015     <td>2017  2  15 </td>
   1016   </tr>
   1017   <tr>
   1018     <td>CVE-2017-0607</td>
   1019     <td>A-35400551<br />
   1020         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d">QC-CR#1085928</a></td>
   1021     <td></td>
   1022     <td>PixelPixel XL</td>
   1023     <td>2017  2  15 </td>
   1024   </tr>
   1025   <tr>
   1026     <td>CVE-2017-0608</td>
   1027     <td>A-35400458<br />
   1028         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980">QC-CR#1098363</a></td>
   1029     <td></td>
   1030     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1031     <td>2017  2  15 </td>
   1032   </tr>
   1033   <tr>
   1034     <td>CVE-2017-0609</td>
   1035     <td>A-35399801<br />
   1036         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567">QC-CR#1090482</a></td>
   1037     <td></td>
   1038     <td>Nexus 5XNexus 6PPixelPixel XLAndroid One</td>
   1039     <td>2017  2  15 </td>
   1040   </tr>
   1041   <tr>
   1042     <td>CVE-2016-5859</td>
   1043     <td>A-35399758<br />
   1044         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe">QC-CR#1096672</a></td>
   1045     <td></td>
   1046     <td>*</td>
   1047     <td>2017  2  15 </td>
   1048   </tr>
   1049   <tr>
   1050     <td>CVE-2017-0610</td>
   1051     <td>A-35399404<br />
   1052         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe">QC-CR#1094852</a></td>
   1053     <td></td>
   1054     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1055     <td>2017  2  15 </td>
   1056   </tr>
   1057   <tr>
   1058     <td>CVE-2017-0611</td>
   1059     <td>A-35393841<br />
   1060         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8">QC-CR#1084210</a></td>
   1061     <td></td>
   1062     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1063     <td>2017  2  15 </td>
   1064   </tr>
   1065   <tr>
   1066     <td>CVE-2016-5853</td>
   1067     <td>A-35392629<br />
   1068         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be">QC-CR#1102987</a></td>
   1069     <td></td>
   1070     <td>*</td>
   1071     <td>2017  2  15 </td>
   1072   </tr>
   1073 </tbody></table>
   1074 
   1075 <p>*  Android 7.1.1 Google </p>
   1076 
   1077 <h3 id="eop-in-qualcomm-led-driver">Qualcomm LED </h3>
   1078 
   1079 <p>Qualcomm LED </p>
   1080 
   1081 <table>
   1082   <colgroup><col width="19%" />
   1083   <col width="20%" />
   1084   <col width="10%" />
   1085   <col width="23%" />
   1086   <col width="17%" />
   1087   </colgroup><tbody><tr>
   1088     <th>CVE</th>
   1089     <th></th>
   1090     <th></th>
   1091     <th> Google </th>
   1092     <th></th>
   1093   </tr>
   1094   <tr>
   1095     <td>CVE-2016-10288</td>
   1096     <td>A-33863909<br />
   1097         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660">QC-CR#1109763</a></td>
   1098     <td></td>
   1099     <td>PixelPixel XL</td>
   1100     <td>2016  12  23 </td>
   1101   </tr>
   1102 </tbody></table>
   1103 
   1104 <h3 id="eop-in-qualcomm-crypto-driver">Qualcomm </h3>
   1105 
   1106 <p>Qualcomm </p>
   1107 
   1108 <table>
   1109   <colgroup><col width="19%" />
   1110   <col width="20%" />
   1111   <col width="10%" />
   1112   <col width="23%" />
   1113   <col width="17%" />
   1114   </colgroup><tbody><tr>
   1115     <th>CVE</th>
   1116     <th></th>
   1117     <th></th>
   1118     <th> Google </th>
   1119     <th></th>
   1120   </tr>
   1121   <tr>
   1122     <td>CVE-2016-10289</td>
   1123     <td>A-33899710<br />
   1124         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816">QC-CR#1116295</a></td>
   1125     <td></td>
   1126     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1127     <td>2016  12  24 </td>
   1128   </tr>
   1129 </tbody></table>
   1130 
   1131 <h3 id="eop-in-qualcomm-shared-memory-driver">Qualcomm </h3>
   1132 
   1133 <p>Qualcomm </p>
   1134 
   1135 <table>
   1136   <colgroup><col width="19%" />
   1137   <col width="20%" />
   1138   <col width="10%" />
   1139   <col width="23%" />
   1140   <col width="17%" />
   1141   </colgroup><tbody><tr>
   1142     <th>CVE</th>
   1143     <th></th>
   1144     <th></th>
   1145     <th> Google </th>
   1146     <th></th>
   1147   </tr>
   1148   <tr>
   1149     <td>CVE-2016-10290</td>
   1150     <td>A-33898330<br />
   1151         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49">QC-CR#1109782</a></td>
   1152     <td></td>
   1153     <td>Nexus 5XNexus 6PPixelPixel XL</td>
   1154     <td>2016  12  24 </td>
   1155   </tr>
   1156 </tbody></table>
   1157 
   1158 <h3 id="eop-in-qualcomm-slimbus-driver">Qualcomm Slimbus </h3>
   1159 
   1160 <p>Qualcomm Slimbus </p>
   1161 
   1162 <table>
   1163   <colgroup><col width="19%" />
   1164   <col width="20%" />
   1165   <col width="10%" />
   1166   <col width="23%" />
   1167   <col width="17%" />
   1168   </colgroup><tbody><tr>
   1169     <th>CVE</th>
   1170     <th></th>
   1171     <th></th>
   1172     <th> Google </th>
   1173     <th></th>
   1174   </tr>
   1175   <tr>
   1176     <td>CVE-2016-10291</td>
   1177     <td>A-34030871<br />
   1178         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de">QC-CR#986837</a></td>
   1179     <td></td>
   1180     <td>Nexus 5XNexus 6Nexus 6PAndroid One</td>
   1181     <td>2016  12  31 </td>
   1182   </tr>
   1183 </tbody></table>
   1184 
   1185 <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC </h3>
   1186 
   1187 <p>Qualcomm ADSPRPC </p>
   1188 
   1189 <table>
   1190   <colgroup><col width="19%" />
   1191   <col width="20%" />
   1192   <col width="10%" />
   1193   <col width="23%" />
   1194   <col width="17%" />
   1195   </colgroup><tbody><tr>
   1196     <th>CVE</th>
   1197     <th></th>
   1198     <th></th>
   1199     <th> Google </th>
   1200     <th></th>
   1201   </tr>
   1202   <tr>
   1203     <td>CVE-2017-0465</td>
   1204     <td>A-34112914<br />
   1205         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544">QC-CR#1110747</a></td>
   1206     <td></td>
   1207     <td>Nexus 5XNexus 6PPixelPixel XLAndroid One</td>
   1208     <td>2017  1  5 </td>
   1209   </tr>
   1210 </tbody></table>
   1211 
   1212 <h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm </h3>
   1213 
   1214 <p>Qualcomm </p>
   1215 
   1216 <table>
   1217   <colgroup><col width="19%" />
   1218   <col width="20%" />
   1219   <col width="10%" />
   1220   <col width="23%" />
   1221   <col width="17%" />
   1222   </colgroup><tbody><tr>
   1223     <th>CVE</th>
   1224     <th></th>
   1225     <th></th>
   1226     <th> Google </th>
   1227     <th></th>
   1228   </tr>
   1229   <tr>
   1230     <td>CVE-2017-0612</td>
   1231     <td>A-34389303<br />
   1232         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb">QC-CR#1061845</a></td>
   1233     <td></td>
   1234     <td>PixelPixel XL</td>
   1235     <td>2017  1  10 </td>
   1236   </tr>
   1237   <tr>
   1238     <td>CVE-2017-0613</td>
   1239     <td>A-35400457<br />
   1240         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747">QC-CR#1086140</a></td>
   1241     <td></td>
   1242     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1243     <td>2017  2  15 </td>
   1244   </tr>
   1245   <tr>
   1246     <td>CVE-2017-0614</td>
   1247     <td>A-35399405<br />
   1248         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604">QC-CR#1080290</a></td>
   1249     <td></td>
   1250     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1251     <td>2017  2  15 </td>
   1252   </tr>
   1253 </tbody></table>
   1254 
   1255 <h3 id="eop-in-mediatek-power-driver">MediaTek </h3>
   1256 
   1257 <p>MediaTek </p>
   1258 
   1259 <table>
   1260   <colgroup><col width="19%" />
   1261   <col width="20%" />
   1262   <col width="10%" />
   1263   <col width="23%" />
   1264   <col width="17%" />
   1265   </colgroup><tbody><tr>
   1266     <th>CVE</th>
   1267     <th></th>
   1268     <th></th>
   1269     <th> Google </th>
   1270     <th></th>
   1271   </tr>
   1272   <tr>
   1273     <td>CVE-2017-0615</td>
   1274     <td>A-34259126*<br />M-ALPS03150278</td>
   1275     <td></td>
   1276     <td>**</td>
   1277     <td>2017  1  12 </td>
   1278   </tr>
   1279 </tbody></table>
   1280 
   1281 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1282 
   1283 <p>**  Android 7.1.1 Google </p>
   1284 
   1285 <h3 id="eop-in-mediatek-system-management-interrupt-driver">MediaTek </h3>
   1286 
   1287 <p>MediaTek </p>
   1288 
   1289 <table>
   1290   <colgroup><col width="19%" />
   1291   <col width="20%" />
   1292   <col width="10%" />
   1293   <col width="23%" />
   1294   <col width="17%" />
   1295   </colgroup><tbody><tr>
   1296     <th>CVE</th>
   1297     <th></th>
   1298     <th></th>
   1299     <th> Google </th>
   1300     <th></th>
   1301   </tr>
   1302   <tr>
   1303     <td>CVE-2017-0616</td>
   1304     <td>A-34470286*<br />M-ALPS03149160</td>
   1305     <td></td>
   1306     <td>**</td>
   1307     <td>2017  1  19 </td>
   1308   </tr>
   1309 </tbody></table>
   1310 
   1311 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1312 
   1313 <p>**  Android 7.1.1 Google </p>
   1314 
   1315 <h3 id="eop-in-mediatek-video-driver">MediaTek </h3>
   1316 
   1317 <p>MediaTek </p>
   1318 
   1319 <table>
   1320   <colgroup><col width="19%" />
   1321   <col width="20%" />
   1322   <col width="10%" />
   1323   <col width="23%" />
   1324   <col width="17%" />
   1325   </colgroup><tbody><tr>
   1326     <th>CVE</th>
   1327     <th></th>
   1328     <th></th>
   1329     <th> Google </th>
   1330     <th></th>
   1331   </tr>
   1332   <tr>
   1333     <td>CVE-2017-0617</td>
   1334     <td>A-34471002*<br />M-ALPS03149173</td>
   1335     <td></td>
   1336     <td>**</td>
   1337     <td>2017  1  19 </td>
   1338   </tr>
   1339 </tbody></table>
   1340 
   1341 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1342 
   1343 <p>**  Android 7.1.1 Google </p>
   1344 
   1345 <h3 id="eop-in-mediatek-command-queue-driver">MediaTek </h3>
   1346 
   1347 <p>MediaTek </p>
   1348 
   1349 <table>
   1350   <colgroup><col width="19%" />
   1351   <col width="20%" />
   1352   <col width="10%" />
   1353   <col width="23%" />
   1354   <col width="17%" />
   1355   </colgroup><tbody><tr>
   1356     <th>CVE</th>
   1357     <th></th>
   1358     <th></th>
   1359     <th> Google </th>
   1360     <th></th>
   1361   </tr>
   1362   <tr>
   1363     <td>CVE-2017-0618</td>
   1364     <td>A-35100728*<br />M-ALPS03161536</td>
   1365     <td></td>
   1366     <td>**</td>
   1367     <td>2017  2  7 </td>
   1368   </tr>
   1369 </tbody></table>
   1370 
   1371 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1372 
   1373 <p>**  Android 7.1.1 Google </p>
   1374 
   1375 <h3 id="eop-in-qualcomm-pin-controller-driver">Qualcomm PIN </h3>
   1376 
   1377 <p>Qualcomm PIN </p>
   1378 
   1379 <table>
   1380   <colgroup><col width="19%" />
   1381   <col width="20%" />
   1382   <col width="10%" />
   1383   <col width="23%" />
   1384   <col width="17%" />
   1385   </colgroup><tbody><tr>
   1386     <th>CVE</th>
   1387     <th></th>
   1388     <th></th>
   1389     <th> Google </th>
   1390     <th></th>
   1391   </tr>
   1392   <tr>
   1393     <td>CVE-2017-0619</td>
   1394     <td>A-35401152<br />
   1395         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1">QC-CR#826566</a></td>
   1396     <td></td>
   1397     <td>Nexus 6Android One</td>
   1398     <td>2017  2  15 </td>
   1399   </tr>
   1400 </tbody></table>
   1401 
   1402 <h3 id="eop-in-qualcomm-secure-channel-manager-driver">Qualcomm </h3>
   1403 
   1404 <p>Qualcomm </p>
   1405 
   1406 <table>
   1407   <colgroup><col width="19%" />
   1408   <col width="20%" />
   1409   <col width="10%" />
   1410   <col width="23%" />
   1411   <col width="17%" />
   1412   </colgroup><tbody><tr>
   1413     <th>CVE</th>
   1414     <th></th>
   1415     <th></th>
   1416     <th> Google </th>
   1417     <th></th>
   1418   </tr>
   1419   <tr>
   1420     <td>CVE-2017-0620</td>
   1421     <td>A-35401052<br />
   1422         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed">QC-CR#1081711</a></td>
   1423     <td></td>
   1424     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1425     <td>2017  2  15 </td>
   1426   </tr>
   1427 </tbody></table>
   1428 
   1429 <h3 id="eop-in-qualcomm-sound-codec-driver">Qualcomm </h3>
   1430 
   1431 <p>Qualcomm </p>
   1432 
   1433 <table>
   1434   <colgroup><col width="19%" />
   1435   <col width="20%" />
   1436   <col width="10%" />
   1437   <col width="23%" />
   1438   <col width="17%" />
   1439   </colgroup><tbody><tr>
   1440     <th>CVE</th>
   1441     <th></th>
   1442     <th></th>
   1443     <th> Google </th>
   1444     <th></th>
   1445   </tr>
   1446   <tr>
   1447     <td>CVE-2016-5862</td>
   1448     <td>A-35399803<br />
   1449         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04">QC-CR#1099607</a></td>
   1450     <td></td>
   1451     <td>PixelPixel XL</td>
   1452     <td>2017  2  15 </td>
   1453   </tr>
   1454 </tbody></table>
   1455 
   1456 <h3 id="eop-in-kernel-voltage-regulator-driver"></h3>
   1457 
   1458 <p></p>
   1459 
   1460 <table>
   1461   <colgroup><col width="19%" />
   1462   <col width="20%" />
   1463   <col width="10%" />
   1464   <col width="23%" />
   1465   <col width="17%" />
   1466   </colgroup><tbody><tr>
   1467     <th>CVE</th>
   1468     <th></th>
   1469     <th></th>
   1470     <th> Google </th>
   1471     <th></th>
   1472   </tr>
   1473   <tr>
   1474     <td>CVE-2014-9940</td>
   1475     <td>A-35399757<br />
   1476         <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba"></a></td>
   1477     <td></td>
   1478     <td>Nexus 6Nexus 9Pixel CAndroid OneNexus Player</td>
   1479     <td>2017  2  15 </td>
   1480   </tr>
   1481 </tbody></table>
   1482 
   1483 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3>
   1484 
   1485 <p>Qualcomm </p>
   1486 
   1487 <table>
   1488   <colgroup><col width="19%" />
   1489   <col width="20%" />
   1490   <col width="10%" />
   1491   <col width="23%" />
   1492   <col width="17%" />
   1493   </colgroup><tbody><tr>
   1494     <th>CVE</th>
   1495     <th></th>
   1496     <th></th>
   1497     <th> Google </th>
   1498     <th></th>
   1499   </tr>
   1500   <tr>
   1501     <td>CVE-2017-0621</td>
   1502     <td>A-35399703<br />
   1503         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f">QC-CR#831322</a></td>
   1504     <td></td>
   1505     <td>Android One</td>
   1506     <td>2017  2  15 </td>
   1507   </tr>
   1508 </tbody></table>
   1509 
   1510 <h3 id="eop-in-qualcomm-networking-driver">Qualcomm </h3>
   1511 
   1512 <p>Qualcomm </p>
   1513 
   1514 <table>
   1515   <colgroup><col width="19%" />
   1516   <col width="20%" />
   1517   <col width="10%" />
   1518   <col width="23%" />
   1519   <col width="17%" />
   1520   </colgroup><tbody><tr>
   1521     <th>CVE</th>
   1522     <th></th>
   1523     <th></th>
   1524     <th> Google </th>
   1525     <th></th>
   1526   </tr>
   1527   <tr>
   1528     <td>CVE-2016-5868</td>
   1529     <td>A-35392791<br />
   1530         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c">QC-CR#1104431</a></td>
   1531     <td></td>
   1532     <td>Nexus 5XPixelPixel XL</td>
   1533     <td>2017  2  15 </td>
   1534   </tr>
   1535 </tbody></table>
   1536 
   1537 <h3 id="eop-in-kernel-networking-subsystem"></h3>
   1538 
   1539 <p></p>
   1540 
   1541 <table>
   1542   <colgroup><col width="19%" />
   1543   <col width="20%" />
   1544   <col width="10%" />
   1545   <col width="23%" />
   1546   <col width="17%" />
   1547   </colgroup><tbody><tr>
   1548     <th>CVE</th>
   1549     <th></th>
   1550     <th></th>
   1551     <th> Google </th>
   1552     <th></th>
   1553   </tr>
   1554   <tr>
   1555     <td>CVE-2017-7184</td>
   1556     <td>A-36565222<br />
   1557         <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"></a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df">[2]</a></td>
   1558     <td></td>
   1559     <td>Nexus 5XNexus 6Nexus 6PNexus 9PixelPixel XLAndroid One</td>
   1560     <td>2017  3  23 </td>
   1561   </tr>
   1562 </tbody></table>
   1563 
   1564 <h3 id="eop-in-goodix-touchscreen-driver">Goodix </h3>
   1565 
   1566 <p>Goodix </p>
   1567 
   1568 <table>
   1569   <colgroup><col width="19%" />
   1570   <col width="20%" />
   1571   <col width="10%" />
   1572   <col width="23%" />
   1573   <col width="17%" />
   1574   </colgroup><tbody><tr>
   1575     <th>CVE</th>
   1576     <th></th>
   1577     <th></th>
   1578     <th> Google </th>
   1579     <th></th>
   1580   </tr>
   1581   <tr>
   1582     <td>CVE-2017-0622</td>
   1583     <td>A-32749036<br />
   1584         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10">QC-CR#1098602</a></td>
   1585     <td></td>
   1586     <td>Android One</td>
   1587     <td>Google </td>
   1588   </tr>
   1589 </tbody></table>
   1590 
   1591 <h3 id="eop-in-htc-bootloader">HTC </h3>
   1592 
   1593 <p>HTC </p>
   1594 
   1595 <table>
   1596   <colgroup><col width="19%" />
   1597   <col width="20%" />
   1598   <col width="10%" />
   1599   <col width="23%" />
   1600   <col width="17%" />
   1601   </colgroup><tbody><tr>
   1602     <th>CVE</th>
   1603     <th></th>
   1604     <th></th>
   1605     <th> Google </th>
   1606     <th></th>
   1607   </tr>
   1608   <tr>
   1609     <td>CVE-2017-0623</td>
   1610     <td>A-32512358*<br />
   1611         </td>
   1612     <td></td>
   1613     <td>PixelPixel XL</td>
   1614     <td>Google </td>
   1615   </tr>
   1616 </tbody></table>
   1617 
   1618 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1619 
   1620 <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm WLAN </h3>
   1621 
   1622 <p>Qualcomm WLAN </p>
   1623 
   1624 <table>
   1625   <colgroup><col width="19%" />
   1626   <col width="20%" />
   1627   <col width="10%" />
   1628   <col width="23%" />
   1629   <col width="17%" />
   1630   </colgroup><tbody><tr>
   1631     <th>CVE</th>
   1632     <th></th>
   1633     <th></th>
   1634     <th> Google </th>
   1635     <th></th>
   1636   </tr>
   1637   <tr>
   1638     <td>CVE-2017-0624</td>
   1639     <td>A-34327795*<br />QC-CR#2005832</td>
   1640     <td></td>
   1641     <td>Nexus 5XPixelPixel XL</td>
   1642     <td>2017  1  16 </td>
   1643   </tr>
   1644 </tbody></table>
   1645 
   1646 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1647 
   1648 <h3 id="id-in-mediatek-command-queue-driver">MediaTek </h3>
   1649 
   1650 <p>MediaTek </p>
   1651 
   1652 <table>
   1653   <colgroup><col width="19%" />
   1654   <col width="20%" />
   1655   <col width="10%" />
   1656   <col width="23%" />
   1657   <col width="17%" />
   1658   </colgroup><tbody><tr>
   1659     <th>CVE</th>
   1660     <th></th>
   1661     <th></th>
   1662     <th> Google </th>
   1663     <th></th>
   1664   </tr>
   1665   <tr>
   1666     <td>CVE-2017-0625</td>
   1667     <td>A-35142799*<br />M-ALPS03161531</td>
   1668     <td></td>
   1669     <td>**</td>
   1670     <td>2017  2  8 </td>
   1671   </tr>
   1672 </tbody></table>
   1673 
   1674 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1675 
   1676 <p>**  Android 7.1.1 Google </p>
   1677 
   1678 <h3 id="id-in-qualcomm-crypto-engine-driver">Qualcomm </h3>
   1679 
   1680 <p>Qualcomm </p>
   1681 
   1682 <table>
   1683   <colgroup><col width="19%" />
   1684   <col width="20%" />
   1685   <col width="10%" />
   1686   <col width="23%" />
   1687   <col width="17%" />
   1688   </colgroup><tbody><tr>
   1689     <th>CVE</th>
   1690     <th></th>
   1691     <th></th>
   1692     <th> Google </th>
   1693     <th></th>
   1694   </tr>
   1695   <tr>
   1696     <td>CVE-2017-0626</td>
   1697     <td>A-35393124<br />
   1698         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004">QC-CR#1088050</a></td>
   1699     <td></td>
   1700     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1701     <td>2017  2  15 </td>
   1702   </tr>
   1703 </tbody></table>
   1704 
   1705 <h3 id="dos-in-qualcomm-wi-fi-driver">Qualcomm WLAN </h3>
   1706 
   1707 <p>Qualcomm WLAN  WLAN </p>
   1708 
   1709 <table>
   1710   <colgroup><col width="19%" />
   1711   <col width="20%" />
   1712   <col width="10%" />
   1713   <col width="23%" />
   1714   <col width="17%" />
   1715   </colgroup><tbody><tr>
   1716     <th>CVE</th>
   1717     <th></th>
   1718     <th></th>
   1719     <th> Google </th>
   1720     <th></th>
   1721   </tr>
   1722   <tr>
   1723     <td>CVE-2016-10292</td>
   1724     <td>A-34514463*<br />QC-CR#1065466</td>
   1725     <td></td>
   1726     <td>Nexus 5XPixelPixel XL</td>
   1727     <td>2016  12  16 </td>
   1728   </tr>
   1729 </tbody></table>
   1730 
   1731 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1732 
   1733 <h3 id="id-in-kernel-uvc-driver"> UVC </h3>
   1734 
   1735 <p> UVC </p>
   1736 
   1737 <table>
   1738   <colgroup><col width="19%" />
   1739   <col width="20%" />
   1740   <col width="10%" />
   1741   <col width="23%" />
   1742   <col width="17%" />
   1743   </colgroup><tbody><tr>
   1744     <th>CVE</th>
   1745     <th></th>
   1746     <th></th>
   1747     <th> Google </th>
   1748     <th></th>
   1749   </tr>
   1750   <tr>
   1751     <td>CVE-2017-0627</td>
   1752     <td>A-33300353*<br />
   1753         </td>
   1754     <td></td>
   1755     <td>Nexus 5XNexus 6PNexus 9Pixel CNexus Player</td>
   1756     <td>2016  12  2 </td>
   1757   </tr>
   1758 </tbody></table>
   1759 
   1760 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1761 
   1762 <h3 id="id-in-qualcomm-video-driver">Qualcomm </h3>
   1763 
   1764 <p>Qualcomm </p>
   1765 
   1766 <table>
   1767   <colgroup><col width="19%" />
   1768   <col width="20%" />
   1769   <col width="10%" />
   1770   <col width="23%" />
   1771   <col width="17%" />
   1772   </colgroup><tbody><tr>
   1773     <th>CVE</th>
   1774     <th></th>
   1775     <th></th>
   1776     <th> Google </th>
   1777     <th></th>
   1778   </tr>
   1779   <tr>
   1780     <td>CVE-2016-10293</td>
   1781     <td>A-33352393<br />
   1782         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f">QC-CR#1101943</a></td>
   1783     <td></td>
   1784     <td>Nexus 5XNexus 6PAndroid One</td>
   1785     <td>2016  12  4 </td>
   1786   </tr>
   1787 </tbody></table>
   1788 
   1789 <h3 id="id-in-qualcomm-power-driver-(device-specific)">Qualcomm </h3>
   1790 
   1791 <p>Qualcomm </p>
   1792 
   1793 <table>
   1794   <colgroup><col width="19%" />
   1795   <col width="20%" />
   1796   <col width="10%" />
   1797   <col width="23%" />
   1798   <col width="17%" />
   1799   </colgroup><tbody><tr>
   1800     <th>CVE</th>
   1801     <th></th>
   1802     <th></th>
   1803     <th> Google </th>
   1804     <th></th>
   1805   </tr>
   1806   <tr>
   1807     <td>CVE-2016-10294</td>
   1808     <td>A-33621829<br />
   1809         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c">QC-CR#1105481</a></td>
   1810     <td></td>
   1811     <td>Nexus 5XNexus 6PPixelPixel XL</td>
   1812     <td>2016  12  14 </td>
   1813   </tr>
   1814 </tbody></table>
   1815 
   1816 <h3 id="id-in-qualcomm-led-driver">Qualcomm LED </h3>
   1817 
   1818 <p>Qualcomm LED </p>
   1819 
   1820 <table>
   1821   <colgroup><col width="19%" />
   1822   <col width="20%" />
   1823   <col width="10%" />
   1824   <col width="23%" />
   1825   <col width="17%" />
   1826   </colgroup><tbody><tr>
   1827     <th>CVE</th>
   1828     <th></th>
   1829     <th></th>
   1830     <th> Google </th>
   1831     <th></th>
   1832   </tr>
   1833   <tr>
   1834     <td>CVE-2016-10295</td>
   1835     <td>A-33781694<br />
   1836         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9">QC-CR#1109326</a></td>
   1837     <td></td>
   1838     <td>PixelPixel XL</td>
   1839     <td>2016  12  20 </td>
   1840   </tr>
   1841 </tbody></table>
   1842 
   1843 <h3 id="id-in-qualcomm-shared-memory-driver">Qualcomm </h3>
   1844 
   1845 <p>Qualcomm </p>
   1846 
   1847 <table>
   1848   <colgroup><col width="19%" />
   1849   <col width="20%" />
   1850   <col width="10%" />
   1851   <col width="23%" />
   1852   <col width="17%" />
   1853   </colgroup><tbody><tr>
   1854     <th>CVE</th>
   1855     <th></th>
   1856     <th></th>
   1857     <th> Google </th>
   1858     <th></th>
   1859   </tr>
   1860   <tr>
   1861     <td>CVE-2016-10296</td>
   1862     <td>A-33845464<br />
   1863         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49">QC-CR#1109782</a></td>
   1864     <td></td>
   1865     <td>Nexus 5XNexus 6PPixelPixel XLAndroid One</td>
   1866     <td>2016  12  22 </td>
   1867   </tr>
   1868 </tbody></table>
   1869 
   1870 <h3 id="id-in-qualcomm-camera-driver">Qualcomm </h3>
   1871 
   1872 <p>Qualcomm </p>
   1873 
   1874 <table>
   1875   <colgroup><col width="19%" />
   1876   <col width="20%" />
   1877   <col width="10%" />
   1878   <col width="23%" />
   1879   <col width="17%" />
   1880   </colgroup><tbody><tr>
   1881     <th>CVE</th>
   1882     <th></th>
   1883     <th></th>
   1884     <th> Google </th>
   1885     <th></th>
   1886   </tr>
   1887   <tr>
   1888     <td>CVE-2017-0628</td>
   1889     <td>A-34230377<br />
   1890         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f">QC-CR#1086833</a></td>
   1891     <td></td>
   1892     <td>Nexus 5XNexus 6PixelPixel XL</td>
   1893     <td>2017  1  10 </td>
   1894   </tr>
   1895   <tr>
   1896     <td>CVE-2017-0629</td>
   1897     <td>A-35214296<br />
   1898         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f">QC-CR#1086833</a></td>
   1899     <td></td>
   1900     <td>Nexus 5XNexus 6PixelPixel XL</td>
   1901     <td>2017  2  8 </td>
   1902   </tr>
   1903 </tbody></table>
   1904 
   1905 <h3 id="id-in-kernel-trace-subsystem"></h3>
   1906 
   1907 <p></p>
   1908 
   1909 <table>
   1910   <colgroup><col width="19%" />
   1911   <col width="20%" />
   1912   <col width="10%" />
   1913   <col width="23%" />
   1914   <col width="17%" />
   1915   </colgroup><tbody><tr>
   1916     <th>CVE</th>
   1917     <th></th>
   1918     <th></th>
   1919     <th> Google </th>
   1920     <th></th>
   1921   </tr>
   1922   <tr>
   1923     <td>CVE-2017-0630</td>
   1924     <td>A-34277115*<br />
   1925         </td>
   1926     <td></td>
   1927     <td>Nexus 5XNexus 6Nexus 6PNexus 9PixelPixel XLPixel CAndroid OneNexus Player</td>
   1928     <td>2017  1  11 </td>
   1929   </tr>
   1930 </tbody></table>
   1931 
   1932 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   1933 
   1934 <h3 id="id-in-qualcomm-sound-codec-driver">Qualcomm </h3>
   1935 
   1936 <p>Qualcomm </p>
   1937 
   1938 <table>
   1939   <colgroup><col width="19%" />
   1940   <col width="20%" />
   1941   <col width="10%" />
   1942   <col width="23%" />
   1943   <col width="17%" />
   1944   </colgroup><tbody><tr>
   1945     <th>CVE</th>
   1946     <th></th>
   1947     <th></th>
   1948     <th> Google </th>
   1949     <th></th>
   1950   </tr>
   1951   <tr>
   1952     <td>CVE-2016-5858</td>
   1953     <td>A-35400153<br />
   1954         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711">QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6">[2]</a></td>
   1955     <td></td>
   1956     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   1957     <td>2017  2  15 </td>
   1958   </tr>
   1959 </tbody></table>
   1960 
   1961 <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm </h3>
   1962 
   1963 <p>Qualcomm </p>
   1964 
   1965 <table>
   1966   <colgroup><col width="19%" />
   1967   <col width="20%" />
   1968   <col width="10%" />
   1969   <col width="23%" />
   1970   <col width="17%" />
   1971   </colgroup><tbody><tr>
   1972     <th>CVE</th>
   1973     <th></th>
   1974     <th></th>
   1975     <th> Google </th>
   1976     <th></th>
   1977   </tr>
   1978   <tr>
   1979     <td>CVE-2017-0631</td>
   1980     <td>A-35399756<br />
   1981         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8">QC-CR#1093232</a></td>
   1982     <td></td>
   1983     <td>Nexus 5XNexus 6PPixelPixel XLAndroid One</td>
   1984     <td>2017  2  15 </td>
   1985   </tr>
   1986 </tbody></table>
   1987 
   1988 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3>
   1989 
   1990 <p>Qualcomm </p>
   1991 
   1992 <table>
   1993   <colgroup><col width="19%" />
   1994   <col width="20%" />
   1995   <col width="10%" />
   1996   <col width="23%" />
   1997   <col width="17%" />
   1998   </colgroup><tbody><tr>
   1999     <th>CVE</th>
   2000     <th></th>
   2001     <th></th>
   2002     <th> Google </th>
   2003     <th></th>
   2004   </tr>
   2005   <tr>
   2006     <td>CVE-2016-5347</td>
   2007     <td>A-35394329<br />
   2008         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6">QC-CR#1100878</a></td>
   2009     <td></td>
   2010     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XLAndroid One</td>
   2011     <td>2017  2  15 </td>
   2012   </tr>
   2013 </tbody></table>
   2014 
   2015 <h3 id="id-in-qualcomm-spcom-driver">Qualcomm SPCom </h3>
   2016 
   2017 <p>Qualcomm SPCom </p>
   2018 
   2019 <table>
   2020   <colgroup><col width="19%" />
   2021   <col width="20%" />
   2022   <col width="10%" />
   2023   <col width="23%" />
   2024   <col width="17%" />
   2025   </colgroup><tbody><tr>
   2026     <th>CVE</th>
   2027     <th></th>
   2028     <th></th>
   2029     <th> Google </th>
   2030     <th></th>
   2031   </tr>
   2032   <tr>
   2033     <td>CVE-2016-5854</td>
   2034     <td>A-35392792<br />
   2035         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9">QC-CR#1092683</a></td>
   2036     <td></td>
   2037     <td>*</td>
   2038     <td>2017  2  15 </td>
   2039   </tr>
   2040   <tr>
   2041     <td>CVE-2016-5855</td>
   2042     <td>A-35393081<br />
   2043         <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834">QC-CR#1094143</a></td>
   2044     <td></td>
   2045     <td>*</td>
   2046     <td>2017  2  15 </td>
   2047   </tr>
   2048 </tbody></table>
   2049 
   2050 <p>*  Android 7.1.1 Google </p>
   2051 
   2052 <h3 id="id-in-qualcomm-sound-codec-driver-2">Qualcomm </h3>
   2053 
   2054 <p>Qualcomm </p>
   2055 
   2056 <table>
   2057   <colgroup><col width="19%" />
   2058   <col width="20%" />
   2059   <col width="10%" />
   2060   <col width="23%" />
   2061   <col width="17%" />
   2062   </colgroup><tbody><tr>
   2063     <th>CVE</th>
   2064     <th></th>
   2065     <th></th>
   2066     <th> Google </th>
   2067     <th></th>
   2068   </tr>
   2069   <tr>
   2070     <td>CVE-2017-0632</td>
   2071     <td>A-35392586<br />
   2072         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f">QC-CR#832915</a></td>
   2073     <td></td>
   2074     <td>Android One</td>
   2075     <td>2017  2  15 </td>
   2076   </tr>
   2077 </tbody></table>
   2078 
   2079 <h3 id="id-in-broadcom-wi-fi-driver">Broadcom WLAN </h3>
   2080 
   2081 <p>Broadcom WLAN </p>
   2082 
   2083 <table>
   2084   <colgroup><col width="19%" />
   2085   <col width="20%" />
   2086   <col width="10%" />
   2087   <col width="23%" />
   2088   <col width="17%" />
   2089   </colgroup><tbody><tr>
   2090     <th>CVE</th>
   2091     <th></th>
   2092     <th></th>
   2093     <th> Google </th>
   2094     <th></th>
   2095   </tr>
   2096   <tr>
   2097     <td>CVE-2017-0633</td>
   2098     <td>A-36000515*<br />B-RB#117131</td>
   2099     <td></td>
   2100     <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td>
   2101     <td>2017  2  23 </td>
   2102   </tr>
   2103 </tbody></table>
   2104 
   2105 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   2106 
   2107 <h3 id="id-in-synaptics-touchscreen-driver">Synaptics </h3>
   2108 
   2109 <p>Synaptics </p>
   2110 
   2111 <table>
   2112   <colgroup><col width="19%" />
   2113   <col width="20%" />
   2114   <col width="10%" />
   2115   <col width="23%" />
   2116   <col width="17%" />
   2117   </colgroup><tbody><tr>
   2118     <th>CVE</th>
   2119     <th></th>
   2120     <th></th>
   2121     <th> Google </th>
   2122     <th></th>
   2123   </tr>
   2124   <tr>
   2125     <td>CVE-2017-0634</td>
   2126     <td>A-32511682*<br />
   2127         </td>
   2128     <td></td>
   2129     <td>PixelPixel XL</td>
   2130     <td>Google </td>
   2131   </tr>
   2132 </tbody></table>
   2133 
   2134 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   2135 
   2136 <h3 id="vulnerabilities-in-qualcomm-components-2">Qualcomm </h3>
   2137 
   2138 <p> Qualcomm  2014-2016  Qualcomm AMSS  Android  Android </p>
   2139 
   2140 <table>
   2141   <colgroup><col width="19%" />
   2142   <col width="20%" />
   2143   <col width="10%" />
   2144   <col width="23%" />
   2145   <col width="17%" />
   2146   </colgroup><tbody><tr>
   2147     <th>CVE</th>
   2148     <th></th>
   2149     <th></th>
   2150     <th> Google </th>
   2151     <th></th>
   2152   </tr>
   2153   <tr>
   2154     <td>CVE-2014-9923</td>
   2155     <td>A-35434045**<br />QC-CR#403910</td>
   2156     <td></td>
   2157     <td>***</td>
   2158     <td>Qualcomm </td>
   2159   </tr>
   2160   <tr>
   2161     <td>CVE-2014-9924</td>
   2162     <td>A-35434631**<br />QC-CR#596102</td>
   2163     <td></td>
   2164     <td>***</td>
   2165     <td>Qualcomm </td>
   2166   </tr>
   2167   <tr>
   2168     <td>CVE-2014-9925</td>
   2169     <td>A-35444657**<br />QC-CR#638130</td>
   2170     <td></td>
   2171     <td>***</td>
   2172     <td>Qualcomm </td>
   2173   </tr>
   2174   <tr>
   2175     <td>CVE-2014-9926</td>
   2176     <td>A-35433784**<br />QC-CR#631527</td>
   2177     <td></td>
   2178     <td>***</td>
   2179     <td>Qualcomm </td>
   2180   </tr>
   2181   <tr>
   2182     <td>CVE-2014-9927</td>
   2183     <td>A-35433785**<br />QC-CR#661111</td>
   2184     <td></td>
   2185     <td>***</td>
   2186     <td>Qualcomm </td>
   2187   </tr>
   2188   <tr>
   2189     <td>CVE-2014-9928</td>
   2190     <td>A-35438623**<br />QC-CR#696972</td>
   2191     <td></td>
   2192     <td>***</td>
   2193     <td>Qualcomm </td>
   2194   </tr>
   2195   <tr>
   2196     <td>CVE-2014-9929</td>
   2197     <td>A-35443954**<br />QC-CR#644783</td>
   2198     <td></td>
   2199     <td>***</td>
   2200     <td>Qualcomm </td>
   2201   </tr>
   2202   <tr>
   2203     <td>CVE-2014-9930</td>
   2204     <td>A-35432946**<br />QC-CR#634637</td>
   2205     <td></td>
   2206     <td>***</td>
   2207     <td>Qualcomm </td>
   2208   </tr>
   2209   <tr>
   2210     <td>CVE-2015-9005</td>
   2211     <td>A-36393500**<br />QC-CR#741548</td>
   2212     <td></td>
   2213     <td>***</td>
   2214     <td>Qualcomm </td>
   2215   </tr>
   2216   <tr>
   2217     <td>CVE-2015-9006</td>
   2218     <td>A-36393450**<br />QC-CR#750559</td>
   2219     <td></td>
   2220     <td>***</td>
   2221     <td>Qualcomm </td>
   2222   </tr>
   2223   <tr>
   2224     <td>CVE-2015-9007</td>
   2225     <td>A-36393700**<br />QC-CR#807173</td>
   2226     <td></td>
   2227     <td>***</td>
   2228     <td>Qualcomm </td>
   2229   </tr>
   2230   <tr>
   2231     <td>CVE-2016-10297</td>
   2232     <td>A-36393451**<br />QC-CR#1061123</td>
   2233     <td></td>
   2234     <td>***</td>
   2235     <td>Qualcomm </td>
   2236   </tr>
   2237   <tr>
   2238     <td>CVE-2014-9941</td>
   2239     <td>A-36385125**<br />QC-CR#509915</td>
   2240     <td></td>
   2241     <td>***</td>
   2242     <td>Qualcomm </td>
   2243   </tr>
   2244   <tr>
   2245     <td>CVE-2014-9942</td>
   2246     <td>A-36385319**<br />QC-CR#533283</td>
   2247     <td></td>
   2248     <td>***</td>
   2249     <td>Qualcomm </td>
   2250   </tr>
   2251   <tr>
   2252     <td>CVE-2014-9943</td>
   2253     <td>A-36385219**<br />QC-CR#546527</td>
   2254     <td></td>
   2255     <td>***</td>
   2256     <td>Qualcomm </td>
   2257   </tr>
   2258   <tr>
   2259     <td>CVE-2014-9944</td>
   2260     <td>A-36384534**<br />QC-CR#613175</td>
   2261     <td></td>
   2262     <td>***</td>
   2263     <td>Qualcomm </td>
   2264   </tr>
   2265   <tr>
   2266     <td>CVE-2014-9945</td>
   2267     <td>A-36386912**<br />QC-CR#623452</td>
   2268     <td></td>
   2269     <td>***</td>
   2270     <td>Qualcomm </td>
   2271   </tr>
   2272   <tr>
   2273     <td>CVE-2014-9946</td>
   2274     <td>A-36385281**<br />QC-CR#520149</td>
   2275     <td></td>
   2276     <td>***</td>
   2277     <td>Qualcomm </td>
   2278   </tr>
   2279   <tr>
   2280     <td>CVE-2014-9947</td>
   2281     <td>A-36392400**<br />QC-CR#650540</td>
   2282     <td></td>
   2283     <td>***</td>
   2284     <td>Qualcomm </td>
   2285   </tr>
   2286   <tr>
   2287     <td>CVE-2014-9948</td>
   2288     <td>A-36385126**<br />QC-CR#650500</td>
   2289     <td></td>
   2290     <td>***</td>
   2291     <td>Qualcomm </td>
   2292   </tr>
   2293   <tr>
   2294     <td>CVE-2014-9949</td>
   2295     <td>A-36390608**<br />QC-CR#652426</td>
   2296     <td></td>
   2297     <td>***</td>
   2298     <td>Qualcomm </td>
   2299   </tr>
   2300   <tr>
   2301     <td>CVE-2014-9950</td>
   2302     <td>A-36385321**<br />QC-CR#655530</td>
   2303     <td></td>
   2304     <td>***</td>
   2305     <td>Qualcomm </td>
   2306   </tr>
   2307   <tr>
   2308     <td>CVE-2014-9951</td>
   2309     <td>A-36389161**<br />QC-CR#525043</td>
   2310     <td></td>
   2311     <td>***</td>
   2312     <td>Qualcomm </td>
   2313   </tr>
   2314   <tr>
   2315     <td>CVE-2014-9952</td>
   2316     <td>A-36387019**<br />QC-CR#674836</td>
   2317     <td></td>
   2318     <td>***</td>
   2319     <td>Qualcomm </td>
   2320   </tr>
   2321 </tbody></table>
   2322 
   2323 <p>* </p>
   2324 
   2325 <p>* <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> Nexus </p>
   2326 
   2327 <p>***  Android 7.1.1 Google </p>
   2328 
   2329 <h2 id="common-questions-and-answers"></h2>
   2330 <p></p>
   2331 
   2332 <p><strong>1. 
   2333 </strong></p>
   2334 
   2335 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel  Nexus </a></p>
   2336 
   2337 <ul>
   2338 <li>2017-05-01 2017-05-01 </li>
   2339 <li>2017-05-05 2017-05-05 
   2340 </li>
   2341 </ul>
   2342 
   2343 <p></p>
   2344 <ul>
   2345 <li>[ro.build.version.security_patch]:[2017-05-01]</li>
   2346 <li>[ro.build.version.security_patch]:[2017-05-05]</li>
   2347 </ul>
   2348 
   2349 <p><strong>2.  2 </strong></p>
   2350 
   2351 <p> 2  Android  Android  Android </p>
   2352 <ul>
   2353 <li> 2017  5  1 </li>
   2354 <li> 2017  5  5 </li>
   2355 </ul>
   2356 
   2357 <p></p>
   2358 
   2359 <p><strong>3.  Google </strong></p>
   2360 
   2361 <p> <a href="#2017-05-01-details">2017-05-01</a>  <a href="#2017-05-05-details">2017-05-05</a>  Google  Google <em></em></p>
   2362 <ul>
   2363 <li><strong> Google </strong> Nexus  Pixel  Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixel CPixel  Pixel XL</li>
   2364 <li><strong> Google </strong> Google  Google  Google <em></em></li>
   2365 <li><strong> Google </strong> Android 7.0  Google  Google <em></em></li>
   2366 </ul>
   2367 <p><strong>4.</strong></p>
   2368 
   2369 <p><em></em></p>
   2370 
   2371 <table>
   2372   <tbody><tr>
   2373    <th></th>
   2374    <th></th>
   2375   </tr>
   2376   <tr>
   2377    <td>A-</td>
   2378    <td>Android Bug ID</td>
   2379   </tr>
   2380   <tr>
   2381    <td>QC-</td>
   2382    <td>Qualcomm </td>
   2383   </tr>
   2384   <tr>
   2385    <td>M-</td>
   2386    <td>MediaTek </td>
   2387   </tr>
   2388   <tr>
   2389    <td>N-</td>
   2390    <td>NVIDIA </td>
   2391   </tr>
   2392   <tr>
   2393    <td>B-</td>
   2394    <td>Broadcom </td>
   2395   </tr>
   2396 </tbody></table>
   2397 <h2 id="revisions"></h2>
   2398 <ul>
   2399 <li>2017  5  1 </li>
   2400 <li>2017  5  2  AOSP </li>
   2401 </ul>
   2402 
   2403 </body></html>