1 <html devsite> 2 <head> 3 <title>Nexus - 2015 12 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p> 27 Google Android (OTA) 28 Nexus 29 Nexus 30 <a href="https://developers.google.com/android/nexus/images"> 31 Google 32 </a> 33 LMY48Z Android 6.0 ( 2015 12 1 ) 34 <a href="http://source.android.com/security/bulletin/2015-12-01.html#common_questions_and_answers"> 35 36 </a> 37 38 </p> 39 <p> 40 2015 11 2 41 42 Android (AOSP) 43 </p> 44 <p> 45 46 47 48 </p> 49 <p> 50 51 <a href="http://source.android.com/security/enhancements/index.html"> 52 Android 53 </a> 54 ( SafetyNet) Android 55 <a href="http://source.android.com/security/bulletin/2015-12-01.html#mitigations"> 56 57 </a> 58 59 </p> 60 <h2 id="security_vulnerability_summary" style="margin-bottom:0px"> 61 62 </h2> 63 <hr/> 64 <p> 65 (CVE) 66 67 <a href="http://source.android.com/security/overview/updates-resources.html#severity"> 68 69 </a> 70 71 </p> 72 <table> 73 <tbody> 74 <tr> 75 <th> 76 77 </th> 78 <th> 79 CVE 80 </th> 81 <th> 82 83 </th> 84 </tr> 85 <tr> 86 <td> 87 88 </td> 89 <td> 90 CVE-2015-6616 91 </td> 92 <td> 93 94 </td> 95 </tr> 96 <tr> 97 <td> 98 Skia 99 </td> 100 <td> 101 CVE-2015-6617 102 </td> 103 <td> 104 105 </td> 106 </tr> 107 <tr> 108 <td> 109 110 </td> 111 <td> 112 CVE-2015-6619 113 </td> 114 <td> 115 116 </td> 117 </tr> 118 <tr> 119 <td> 120 121 </td> 122 <td> 123 CVE-2015-6633 124 <br/> 125 CVE-2015-6634 126 </td> 127 <td> 128 129 </td> 130 </tr> 131 <tr> 132 <td> 133 134 </td> 135 <td> 136 CVE-2015-6618 137 </td> 138 <td> 139 140 </td> 141 </tr> 142 <tr> 143 <td> 144 libstagefright 145 </td> 146 <td> 147 CVE-2015-6620 148 </td> 149 <td> 150 151 </td> 152 </tr> 153 <tr> 154 <td> 155 SystemUI 156 </td> 157 <td> 158 CVE-2015-6621 159 </td> 160 <td> 161 162 </td> 163 </tr> 164 <tr> 165 <td> 166 167 </td> 168 <td> 169 CVE-2015-6622 170 </td> 171 <td> 172 173 </td> 174 </tr> 175 <tr> 176 <td> 177 Wi-Fi 178 </td> 179 <td> 180 CVE-2015-6623 181 </td> 182 <td> 183 184 </td> 185 </tr> 186 <tr> 187 <td> 188 189 </td> 190 <td> 191 CVE-2015-6624 192 </td> 193 <td> 194 195 </td> 196 </tr> 197 <tr> 198 <td> 199 libstagefright 200 </td> 201 <td> 202 CVE-2015-6626 203 <br/> 204 CVE-2015-6631 205 <br/> 206 CVE-2015-6632 207 </td> 208 <td> 209 210 </td> 211 </tr> 212 <tr> 213 <td> 214 215 </td> 216 <td> 217 CVE-2015-6627 218 </td> 219 <td> 220 221 </td> 222 </tr> 223 <tr> 224 <td> 225 226 </td> 227 <td> 228 CVE-2015-6628 229 </td> 230 <td> 231 232 </td> 233 </tr> 234 <tr> 235 <td> 236 Wi-Fi 237 </td> 238 <td> 239 CVE-2015-6629 240 </td> 241 <td> 242 243 </td> 244 </tr> 245 <tr> 246 <td> 247 248 </td> 249 <td> 250 CVE-2015-6625 251 </td> 252 <td> 253 254 </td> 255 </tr> 256 <tr> 257 <td> 258 SystemUI 259 </td> 260 <td> 261 CVE-2015-6630 262 </td> 263 <td> 264 265 </td> 266 </tr> 267 </tbody> 268 </table> 269 <h2 id="mitigations" style="margin-bottom:0px"> 270 271 </h2> 272 <hr/> 273 <p> 274 275 <a href="http://source.android.com/security/enhancements/index.html"> 276 Android 277 </a> 278 SafetyNet 279 Android 280 281 </p> 282 <ul> 283 <li> 284 Android 285 Android 286 Android 287 </li> 288 <li> 289 Android SafetyNet 290 291 Google Play Root 292 Google Play 293 Root 294 295 296 297 298 </li> 299 <li> 300 Google Hangouts Messenger 301 302 </li> 303 </ul> 304 <h2 id="acknowledgements" style="margin-bottom:0px"> 305 306 </h2> 307 <hr/> 308 <p> 309 310 </p> 311 <ul> 312 <li> 313 Google Chrome Abhishek AryaOliver Chang Martin Barbella 314 CVE-2015-6616CVE-2015-6617CVE-2015-6623CVE-2015-6626 315 CVE-2015-6619CVE-2015-6633CVE-2015-6634 316 </li> 317 <li> 318 <a href="http://k33nteam.org/"> 319 KeenTeam 320 </a> 321 ( 322 <a href="https://twitter.com/k33nteam">@K33nTeam </a> 323 ) Flanker ( 324 <a href="https://twitter.com/flanker_hqd"> @flanker_hqd </a> 325 )CVE-2015-6620 326 </li> 327 <li> 328 <a href="http://www.360.cn/"> 329 360 330 </a> 331 Guang Gong () ( 332 <a href="https://twitter.com/oldfresher">@oldfresher </a> 333 higongguang (a] gmail.com)CVE-2015-6626 334 </li> 335 <li> 336 EmberMitre Ltd Mark Carter ( 337 <a href="https://twitter.com/hanpingchinese">@hanpingchinese </a>)CVE-2015-6630 338 </li> 339 <li> 340 Micha Bednarski ( 341 <a href="https://github.com/michalbednarski"> 342 https://github.com/michalbednarski 343 </a> 344 )CVE-2015-6621 345 </li> 346 <li> 347 Google Project Zero Natalie SilvanovichCVE-2015-6616 348 </li> 349 <li> 350 Peter PiCVE-2015-6616CVE-2015-6628 351 </li> 352 <li> 353 <a href="http://k33nteam.org/"> 354 KeenTeam 355 </a> 356 ( 357 <a href="https://twitter.com/k33nteam">@K33nTeam</a> 358 ) Qidan He ( 359 <a href="https://twitter.com/flanker_hqd">@flanker_hqd</a> 360 ) Marco Grassi ( 361 <a href="https://twitter.com/marcograss">@marcograss</a> 362 )CVE-2015-6622 363 </li> 364 <li> 365 Tzu-Yin (Nina) TaiCVE-2015-6627 366 </li> 367 <li> 368 Dr. Manuel Sadosky 369 Programa STIC Joaqun Rinaudo ( 370 <a href="https://twitter.com/xeroxnir"> @xeroxnir </a> 371 )CVE-2015-6631 372 </li> 373 </ul> 374 <h2 id="security_vulnerability_details" style="margin-bottom:0px"> 375 376 </h2> 377 <hr/> 378 <p> 379 380 <a href="http://source.android.com/security/bulletin/2015-12-01.html#security_vulnerability_summary"> 381 382 </a> 383 384 385 CVE 386 AOSP 387 AOSP 388 389 </p> 390 <h3 id="remote_code_execution_vulnerabilities_in_mediaserver"> 391 392 </h3> 393 <p> 394 395 396 397 </p> 398 <p> 399 400 401 402 </p> 403 <p> 404 405 406 407 408 </p> 409 <table> 410 <tbody> 411 <tr> 412 <th> 413 CVE 414 </th> 415 <th> 416 ( AOSP ) 417 </th> 418 <th> 419 420 </th> 421 <th> 422 423 </th> 424 <th> 425 426 </th> 427 </tr> 428 <tr> 429 <td rowspan="5"> 430 CVE-2015-6616 431 </td> 432 <td> 433 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/257b3bc581bbc65318a4cc2d3c22a07a4429dc1d"> 434 ANDROID-24630158 435 </a> 436 </td> 437 <td> 438 439 </td> 440 <td> 441 6.0 442 </td> 443 <td> 444 Google 445 </td> 446 </tr> 447 <tr> 448 <td> 449 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/0d35dd2068d6422c3c77fb68f248cbabf3d0b10c"> 450 ANDROID-23882800 451 </a> 452 </td> 453 <td> 454 455 </td> 456 <td> 457 6.0 458 </td> 459 <td> 460 Google 461 </td> 462 </tr> 463 <tr> 464 <td> 465 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/dedaca6f04ac9f95fabe3b64d44cd1a2050f079e"> 466 ANDROID-17769851 467 </a> 468 </td> 469 <td> 470 471 </td> 472 <td> 473 5.1 474 </td> 475 <td> 476 Google 477 </td> 478 </tr> 479 <tr> 480 <td> 481 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5d101298d8b0a78a1dc5bd26dbdada411f4ecd4d"> 482 ANDROID-24441553 483 </a> 484 </td> 485 <td> 486 487 </td> 488 <td> 489 6.0 490 </td> 491 <td> 492 2015 9 22 493 </td> 494 </tr> 495 <tr> 496 <td> 497 <a href="https://android.googlesource.com/platform%2Fexternal%2Flibavc/+/2ee0c1bced131ffb06d1b430b08a202cd3a52005"> 498 ANDROID-24157524 499 </a> 500 </td> 501 <td> 502 503 </td> 504 <td> 505 6.0 506 </td> 507 <td> 508 2015 9 8 509 </td> 510 </tr> 511 </tbody> 512 </table> 513 <h3 id="remote_code_execution_vulnerability_in_skia"> 514 Skia 515 </h3> 516 <p> 517 Skia 518 519 520 521 522 </p> 523 <table> 524 <tbody> 525 <tr> 526 <th> 527 CVE 528 </th> 529 <th> 530 ( AOSP ) 531 </th> 532 <th> 533 534 </th> 535 <th> 536 537 </th> 538 <th> 539 540 </th> 541 </tr> 542 <tr> 543 <td> 544 CVE-2015-6617 545 </td> 546 <td> 547 <a href="https://android.googlesource.com/platform%2Fexternal%2Fskia/+/a1d8ac0ac0af44d74fc082838936ec265216ab60"> 548 ANDROID-23648740 549 </a> 550 </td> 551 <td> 552 553 </td> 554 <td> 555 6.0 556 </td> 557 <td> 558 Google 559 </td> 560 </tr> 561 </tbody> 562 </table> 563 <h3 id="elevation_of_privilege_in_kernel"> 564 565 </h3> 566 <p> 567 568 569 570 (Re-flash) 571 572 </p> 573 <table> 574 <tbody> 575 <tr> 576 <th> 577 CVE 578 </th> 579 <th> 580 ( AOSP ) 581 </th> 582 <th> 583 584 </th> 585 <th> 586 587 </th> 588 <th> 589 590 </th> 591 </tr> 592 <tr> 593 <td> 594 CVE-2015-6619 595 </td> 596 <td> 597 <a href="https://android.googlesource.com/device%2Fhtc%2Fflounder-kernel/+/25d3e5d71865a7c0324423fad87aaabb70e82ee4"> 598 ANDROID-23520714 599 </a> 600 </td> 601 <td> 602 603 </td> 604 <td> 605 6.0 606 </td> 607 <td> 608 2015 6 7 609 </td> 610 </tr> 611 </tbody> 612 </table> 613 <h3 id="remote_code_execution_vulnerabilities_in_display_driver"> 614 615 </h3> 616 <p> 617 618 619 620 621 622 623 </p> 624 <table> 625 <tbody> 626 <tr> 627 <th> 628 CVE 629 </th> 630 <th> 631 ( AOSP ) 632 </th> 633 <th> 634 635 </th> 636 <th> 637 638 </th> 639 <th> 640 641 </th> 642 </tr> 643 <tr> 644 <td> 645 CVE-2015-6633 646 </td> 647 <td> 648 ANDROID-23987307* 649 </td> 650 <td> 651 652 </td> 653 <td> 654 6.0 655 </td> 656 <td> 657 Google 658 </td> 659 </tr> 660 <tr> 661 <td> 662 CVE-2015-6634 663 </td> 664 <td> 665 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/25016fd2865943dec1a6b2b167ef85c772fb90f7"> 666 ANDROID-24163261 667 </a> 668 [ 669 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/0787bc222a016e944f01492c2dd04bd03c1da6af"> 670 2 671 </a> 672 ] [ 673 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/95c2601aab7f27505e8b086fdd1f1dce31091e5d"> 674 3 675 </a> 676 ] [ 677 <a href="https://android.googlesource.com/platform%2Fhardware%2Fqcom%2Fdisplay/+/45660529af1f4063a00e84aa2361649e6a9a878c"> 678 4 679 </a> 680 ] 681 </td> 682 <td> 683 684 </td> 685 <td> 686 5.1 687 </td> 688 <td> 689 Google 690 </td> 691 </tr> 692 </tbody> 693 </table> 694 <p> 695 * AOSP 696 697 <a href="https://developers.google.com/android/nexus/drivers"> 698 Google 699 </a> 700 Nexus 701 </p> 702 <h3 id="remote_code_execution_vulnerability_in_bluetooth"> 703 704 </h3> 705 <p> 706 Android 707 708 709 (PAN) () 710 711 712 713 </p> 714 <p> 715 716 717 718 </p> 719 <table> 720 <tbody> 721 <tr> 722 <th> 723 CVE 724 </th> 725 <th> 726 727 </th> 728 <th> 729 730 </th> 731 <th> 732 733 </th> 734 <th> 735 736 </th> 737 </tr> 738 <tr> 739 <td> 740 CVE-2015-6618 741 </td> 742 <td> 743 ANDROID-24595992* 744 </td> 745 <td> 746 747 </td> 748 <td> 749 4.45.0 5.1 750 </td> 751 <td> 752 2015 9 28 753 </td> 754 </tr> 755 </tbody> 756 </table> 757 <p> 758 * AOSP 759 760 <a href="https://developers.google.com/android/nexus/drivers"> 761 Google 762 </a> 763 Nexus 764 765 </p> 766 <h3 id="elevation_of_privilege_vulnerabilities_in_libstagefright"> 767 libstagefright 768 </h3> 769 <p> 770 libstagefright 771 772 773 ( 774 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 775 Signature 776 </a> 777 778 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 779 SignatureOrSystem 780 </a> 781 782 ) 783 </p> 784 <table> 785 <tbody> 786 <tr> 787 <th> 788 CVE 789 </th> 790 <th> 791 ( AOSP ) 792 </th> 793 <th> 794 795 </th> 796 <th> 797 798 </th> 799 <th> 800 801 </th> 802 </tr> 803 <tr> 804 <td rowspan="2"> 805 CVE-2015-6620 806 </td> 807 <td> 808 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/2b8cd9cbb3e72ffd048ffdd1609fac74f61a22ac"> 809 ANDROID-24123723 810 </a> 811 </td> 812 <td> 813 814 </td> 815 <td> 816 6.0 817 </td> 818 <td> 819 2015 9 10 820 </td> 821 </tr> 822 <tr> 823 <td> 824 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/77c185d5499d6174e7a97b3e1512994d3a803151"> 825 ANDROID-24445127 826 </a> 827 </td> 828 <td> 829 830 </td> 831 <td> 832 6.0 833 </td> 834 <td> 835 2015 9 2 836 </td> 837 </tr> 838 </tbody> 839 </table> 840 <h3 id="elevation_of_privilege_vulnerability_in_systemui"> 841 SystemUI 842 </h3> 843 <p> 844 845 SystemUI 846 847 ( 848 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 849 Signature 850 </a> 851 852 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 853 SignatureOrSystem 854 </a> 855 856 ) 857 </p> 858 <table> 859 <tbody> 860 <tr> 861 <th> 862 CVE 863 </th> 864 <th> 865 ( AOSP ) 866 </th> 867 <th> 868 869 </th> 870 <th> 871 872 </th> 873 <th> 874 875 </th> 876 </tr> 877 <tr> 878 <td> 879 CVE-2015-6621 880 </td> 881 <td> 882 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/e70e8ac93807c51240b2cd9afed35bf454ea00b3"> 883 ANDROID-23909438 884 </a> 885 </td> 886 <td> 887 888 </td> 889 <td> 890 5.05.1 6.0 891 </td> 892 <td> 893 2015 9 7 894 </td> 895 </tr> 896 </tbody> 897 </table> 898 <h3 id="information_disclosure_vulnerability_in_native_frameworks_library"> 899 900 </h3> 901 <p> 902 Android 903 904 905 ( 906 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 907 Signature 908 </a> 909 910 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 911 SignatureOrSystem 912 </a> 913 ) 914 </p> 915 <table> 916 <tbody> 917 <tr> 918 <th> 919 CVE 920 </th> 921 <th> 922 ( AOSP ) 923 </th> 924 <th> 925 926 </th> 927 <th> 928 929 </th> 930 <th> 931 932 </th> 933 </tr> 934 <tr> 935 <td> 936 CVE-2015-6622 937 </td> 938 <td> 939 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fnative/+/5d17838adef13062717322e79d4db0b9bb6b2395"> 940 ANDROID-23905002 941 </a> 942 </td> 943 <td> 944 945 </td> 946 <td> 947 6.0 948 </td> 949 <td> 950 2015 9 7 951 </td> 952 </tr> 953 </tbody> 954 </table> 955 <h3 id="elevation_of_privilege_vulnerability_in_wi-fi"> 956 Wi-Fi 957 </h3> 958 <p> 959 Wi-Fi 960 961 962 ( 963 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 964 Signature 965 </a> 966 967 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 968 SignatureOrSystem 969 </a> 970 ) 971 </p> 972 <table> 973 <tbody> 974 <tr> 975 <th> 976 CVE 977 </th> 978 <th> 979 ( AOSP ) 980 </th> 981 <th> 982 983 </th> 984 <th> 985 986 </th> 987 <th> 988 989 </th> 990 </tr> 991 <tr> 992 <td> 993 CVE-2015-6623 994 </td> 995 <td> 996 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/a15a2ee69156fa6fff09c0dd9b8182cb8fafde1c"> 997 ANDROID-24872703 998 </a> 999 </td> 1000 <td> 1001 1002 </td> 1003 <td> 1004 6.0 1005 </td> 1006 <td> 1007 Google 1008 </td> 1009 </tr> 1010 </tbody> 1011 </table> 1012 <h3 id="elevation_of_privilege_vulnerability_in_system_server"> 1013 1014 </h3> 1015 <p> 1016 1017 1018 1019 ( 1020 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1021 Signature 1022 </a> 1023 1024 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1025 SignatureOrSystem 1026 </a> 1027 ) 1028 </p> 1029 <table> 1030 <tbody> 1031 <tr> 1032 <th> 1033 CVE 1034 </th> 1035 <th> 1036 ( AOSP ) 1037 </th> 1038 <th> 1039 1040 </th> 1041 <th> 1042 1043 </th> 1044 <th> 1045 1046 </th> 1047 </tr> 1048 <tr> 1049 <td> 1050 CVE-2015-6624 1051 </td> 1052 <td> 1053 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f86a441cb5b0dccd3106019e578c3535498e5315"> 1054 ANDROID-23999740 1055 </a> 1056 </td> 1057 <td> 1058 1059 </td> 1060 <td> 1061 6.0 1062 </td> 1063 <td> 1064 Google 1065 </td> 1066 </tr> 1067 </tbody> 1068 </table> 1069 <h3 id="information_disclosure_vulnerabilities_in_libstagefright"> 1070 libstagefright 1071 </h3> 1072 <p> 1073 libstagefright 1074 1075 1076 1077 ( 1078 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1079 Signature 1080 </a> 1081 1082 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1083 SignatureOrSystem 1084 </a> 1085 ) 1086 </p> 1087 <table> 1088 <tbody> 1089 <tr> 1090 <th> 1091 CVE 1092 </th> 1093 <th> 1094 ( AOSP ) 1095 </th> 1096 <th> 1097 1098 </th> 1099 <th> 1100 1101 </th> 1102 <th> 1103 1104 </th> 1105 </tr> 1106 <tr> 1107 <td> 1108 CVE-2015-6632 1109 </td> 1110 <td> 1111 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5cae16bdce77b0a3ba590b55637f7d55a2f35402"> 1112 ANDROID-24346430 1113 </a> 1114 </td> 1115 <td> 1116 1117 </td> 1118 <td> 1119 6.0 1120 </td> 1121 <td> 1122 Google 1123 </td> 1124 </tr> 1125 <tr> 1126 <td> 1127 CVE-2015-6626 1128 </td> 1129 <td> 1130 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/8dde7269a5356503d2b283234b6cb46d0c3f214e"> 1131 ANDROID-24310423 1132 </a> 1133 </td> 1134 <td> 1135 1136 </td> 1137 <td> 1138 6.0 1139 </td> 1140 <td> 1141 2015 9 2 1142 </td> 1143 </tr> 1144 <tr> 1145 <td> 1146 CVE-2015-6631 1147 </td> 1148 <td> 1149 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7ed8d1eff9b292b3c65a875b13a549e29654534b"> 1150 ANDROID-24623447 1151 </a> 1152 </td> 1153 <td> 1154 1155 </td> 1156 <td> 1157 6.0 1158 </td> 1159 <td> 1160 2015 8 21 1161 </td> 1162 </tr> 1163 </tbody> 1164 </table> 1165 <h3 id="information_disclosure_vulnerability_in_audio"> 1166 1167 </h3> 1168 <p> 1169 1170 1171 1172 1173 ( 1174 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1175 Signature 1176 </a> 1177 1178 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1179 SignatureOrSystem 1180 </a> 1181 ) 1182 </p> 1183 <table> 1184 <tbody> 1185 <tr> 1186 <th> 1187 CVE 1188 </th> 1189 <th> 1190 ( AOSP ) 1191 </th> 1192 <th> 1193 1194 </th> 1195 <th> 1196 1197 </th> 1198 <th> 1199 1200 </th> 1201 </tr> 1202 <tr> 1203 <td> 1204 CVE-2015-6627 1205 </td> 1206 <td> 1207 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/8c987fa71326eb0cc504959a5ebb440410d73180"> 1208 ANDROID-24211743 1209 </a> 1210 </td> 1211 <td> 1212 1213 </td> 1214 <td> 1215 6.0 1216 </td> 1217 <td> 1218 Google 1219 </td> 1220 </tr> 1221 </tbody> 1222 </table> 1223 <h3 id="information_disclosure_vulnerability_in_media_framework"> 1224 1225 </h3> 1226 <p> 1227 1228 1229 1230 1231 ( 1232 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1233 Signature 1234 </a> 1235 1236 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1237 SignatureOrSystem 1238 </a> 1239 ) 1240 </p> 1241 <table> 1242 <tbody> 1243 <tr> 1244 <th> 1245 CVE 1246 </th> 1247 <th> 1248 ( AOSP ) 1249 </th> 1250 <th> 1251 1252 </th> 1253 <th> 1254 1255 </th> 1256 <th> 1257 1258 </th> 1259 </tr> 1260 <tr> 1261 <td> 1262 CVE-2015-6628 1263 </td> 1264 <td> 1265 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5e7e87a383fdb1fece977097a7e3cc51b296f3a0"> 1266 ANDROID-24074485 1267 </a> 1268 </td> 1269 <td> 1270 1271 </td> 1272 <td> 1273 6.0 1274 </td> 1275 <td> 1276 2015 9 8 1277 </td> 1278 </tr> 1279 </tbody> 1280 </table> 1281 <h3 id="information_disclosure_vulnerability_in_wi-fi"> 1282 Wi-Fi 1283 </h3> 1284 <p> 1285 Wi-Fi Wi-Fi 1286 1287 ( 1288 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1289 Signature 1290 </a> 1291 1292 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1293 SignatureOrSystem 1294 </a> 1295 1296 ) 1297 </p> 1298 <table> 1299 <tbody> 1300 <tr> 1301 <th> 1302 CVE 1303 </th> 1304 <th> 1305 ( AOSP ) 1306 </th> 1307 <th> 1308 1309 </th> 1310 <th> 1311 1312 </th> 1313 <th> 1314 1315 </th> 1316 </tr> 1317 <tr> 1318 <td> 1319 CVE-2015-6629 1320 </td> 1321 <td> 1322 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/8b41627f7411306a0c42867fb526fa214f2991cd"> 1323 ANDROID-22667667 1324 </a> 1325 </td> 1326 <td> 1327 1328 </td> 1329 <td> 1330 5.1 5.0 1331 </td> 1332 <td> 1333 Google 1334 </td> 1335 </tr> 1336 </tbody> 1337 </table> 1338 <h3 id="elevation_of_privilege_vulnerability_in_system_server19"> 1339 1340 </h3> 1341 <p> 1342 1343 Wi-Fi 1344 1345 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1346 1347 </a> 1348 1349 1350 </p> 1351 <table> 1352 <tbody> 1353 <tr> 1354 <th> 1355 CVE 1356 </th> 1357 <th> 1358 ( AOSP ) 1359 </th> 1360 <th> 1361 1362 </th> 1363 <th> 1364 1365 </th> 1366 <th> 1367 1368 </th> 1369 </tr> 1370 <tr> 1371 <td> 1372 CVE-2015-6625 1373 </td> 1374 <td> 1375 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fopt%2Fnet%2Fwifi/+/29fa7d2ffc3bba55173969309e280328b43eeca1"> 1376 ANDROID-23936840 1377 </a> 1378 </td> 1379 <td> 1380 1381 </td> 1382 <td> 1383 6.0 1384 </td> 1385 <td> 1386 Google 1387 </td> 1388 </tr> 1389 </tbody> 1390 </table> 1391 <h3 id="information_disclosure_vulnerability_in_systemui"> 1392 SystemUI 1393 </h3> 1394 <p> 1395 SystemUI 1396 1397 1398 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"> 1399 1400 </a> 1401 1402 </p> 1403 <table> 1404 <tbody> 1405 <tr> 1406 <th> 1407 CVE 1408 </th> 1409 <th> 1410 ( AOSP ) 1411 </th> 1412 <th> 1413 1414 </th> 1415 <th> 1416 1417 </th> 1418 <th> 1419 1420 </th> 1421 </tr> 1422 <tr> 1423 <td> 1424 CVE-2015-6630 1425 </td> 1426 <td> 1427 <a href="https://android.googlesource.com/platform%2Fframeworks%2Fbase/+/51c2619c7706575a171cf29819db14e91b815a62"> 1428 ANDROID-19121797 1429 </a> 1430 </td> 1431 <td> 1432 1433 </td> 1434 <td> 1435 5.05.1 6.0 1436 </td> 1437 <td> 1438 2015 1 22 1439 </td> 1440 </tr> 1441 </tbody> 1442 </table> 1443 <h3 id="common_questions_and_answers"> 1444 1445 </h3> 1446 <p> 1447 1448 </p> 1449 <p> 1450 <strong> 1451 1. 1452 </strong> 1453 </p> 1454 <p> 1455 LMY48Z Android 6.0 ( 2015 12 1 ) 1456 <a href="https://support.google.com/nexus/answer/4457705"> 1457 Nexus 1458 </a> 1459 1460 1461 [ro.build.version.security_patch]:[2015-12-01] 1462 </p> 1463 <h2 id="revisions" style="margin-bottom:0px"> 1464 1465 </h2> 1466 <hr/> 1467 <ul> 1468 <li> 1469 2015 12 7 1470 </li> 1471 <li> 1472 2015 12 9 AOSP 1473 </li> 1474 <li> 1475 2015 12 22 1476 </li> 1477 </ul> 1478 1479 </body> 1480 </html> 1481