Home | History | Annotate | Download | only in bulletin
      1 <html devsite>
      2   <head>
      3     <title>Android   2016  5 </title>
      4     <meta name="project_path" value="/_project.yaml" />
      5     <meta name="book_path" value="/_book.yaml" />
      6   </head>
      7   <body>
      8   <!--
      9       Copyright 2017 The Android Open Source Project
     10 
     11       Licensed under the Apache License, Version 2.0 (the "License");
     12       you may not use this file except in compliance with the License.
     13       You may obtain a copy of the License at
     14 
     15           http://www.apache.org/licenses/LICENSE-2.0
     16 
     17       Unless required by applicable law or agreed to in writing, software
     18       distributed under the License is distributed on an "AS IS" BASIS,
     19       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     20       See the License for the specific language governing permissions and
     21       limitations under the License.
     22   -->
     23 
     24 
     25 
     26 <p><em>2016  5  2  | 2016  5  4 </em></p>
     27 
     28 <p>Android  Android Google  OTA  Nexus Nexus  <a href="https://developers.google.com/android/nexus/images">Google Developers </a>
     29 2016  5  1  ( <a href="https://support.google.com/nexus/answer/4457705">Nexus </a>)</p>
     30 
     31 <p> 2016  4  4  ()  Android  (AOSP) </p>
     32 
     33 <p></p>
     34 
     35 <p> <a href="/security/enhancements/index.html">Android </a> ( SafetyNet)  Android  <a href="#mitigations">Android  Google </a></p>
     36 
     37 <p></p>
     38 
     39 <h2 id="announcements"></h2>
     40 
     41 
     42 <ul>
     43   <li>Google  () Android  Android  ( Nexus )</li>
     44   <li> Android <a href="/security/overview/updates-resources.html#severity"></a></li>
     45 </ul>
     46 
     47 <h2 id="security_vulnerability_summary"></h2>
     48 
     49 
     50 <p> (CVE) Nexus 
     51 <a href="/security/overview/updates-resources.html#severity"></a></p>
     52 <table>
     53   <col width="55%">
     54   <col width="20%">
     55   <col width="13%">
     56   <col width="12%">
     57  <tr>
     58     <th></th>
     59     <th>CVE</th>
     60     <th></th>
     61     <th> Nexus </th>
     62  </tr>
     63  <tr>
     64     <td></td>
     65     <td>CVE-2016-2428<br>
     66         CVE-2016-2429</td>
     67     <td></td>
     68     <td></td>
     69  </tr>
     70  <tr>
     71     <td>Debuggerd </td>
     72     <td>CVE-2016-2430</td>
     73     <td></td>
     74     <td></td>
     75  </tr>
     76  <tr>
     77     <td>Qualcomm TrustZone </td>
     78     <td>CVE-2016-2431<br>
     79         CVE-2016-2432</td>
     80     <td></td>
     81     <td></td>
     82  </tr>
     83  <tr>
     84     <td>Qualcomm Wi-Fi </td>
     85     <td>CVE-2015-0569<br>
     86         CVE-2015-0570</td>
     87     <td></td>
     88     <td></td>
     89  </tr>
     90  <tr>
     91     <td>NVIDIA </td>
     92     <td>CVE-2016-2434<br>
     93         CVE-2016-2435<br>
     94         CVE-2016-2436<br>
     95         CVE-2016-2437</td>
     96     <td></td>
     97     <td></td>
     98  </tr>
     99  <tr>
    100     <td></td>
    101     <td>CVE-2015-1805</td>
    102     <td></td>
    103     <td></td>
    104  </tr>
    105  <tr>
    106     <td></td>
    107     <td>CVE-2016-2438</td>
    108     <td></td>
    109     <td></td>
    110  </tr>
    111  <tr>
    112     <td>Qualcomm </td>
    113     <td>CVE-2016-2060</td>
    114     <td></td>
    115     <td></td>
    116  </tr>
    117  <tr>
    118     <td></td>
    119     <td>CVE-2016-2439</td>
    120     <td></td>
    121     <td></td>
    122  </tr>
    123  <tr>
    124     <td></td>
    125     <td>CVE-2016-2440</td>
    126     <td></td>
    127     <td></td>
    128  </tr>
    129  <tr>
    130     <td>Qualcomm Buspm </td>
    131     <td>CVE-2016-2441<br>
    132         CVE-2016-2442</td>
    133     <td></td>
    134     <td></td>
    135  </tr>
    136  <tr>
    137     <td>Qualcomm MDP </td>
    138     <td>CVE-2016-2443</td>
    139     <td></td>
    140     <td></td>
    141  </tr>
    142  <tr>
    143     <td>Qualcomm Wi-Fi </td>
    144     <td>CVE-2015-0571</td>
    145     <td></td>
    146     <td></td>
    147  </tr>
    148  <tr>
    149     <td>NVIDIA </td>
    150     <td>CVE-2016-2444<br>
    151         CVE-2016-2445<br>
    152         CVE-2016-2446</td>
    153     <td></td>
    154     <td></td>
    155  </tr>
    156  <tr>
    157     <td>Wi-Fi </td>
    158     <td>CVE-2016-4477</td>
    159     <td></td>
    160     <td></td>
    161  </tr>
    162  <tr>
    163     <td></td>
    164     <td>CVE-2016-2448<br>
    165         CVE-2016-2449<br>
    166         CVE-2016-2450<br>
    167         CVE-2016-2451<br>
    168         CVE-2016-2452</td>
    169     <td></td>
    170     <td></td>
    171  </tr>
    172  <tr>
    173     <td>MediaTek Wi-Fi </td>
    174     <td>CVE-2016-2453</td>
    175     <td></td>
    176     <td></td>
    177  </tr>
    178  <tr>
    179     <td>Qualcomm </td>
    180     <td>CVE-2016-2454</td>
    181     <td></td>
    182     <td></td>
    183  </tr>
    184  <tr>
    185     <td>Conscrypt </td>
    186     <td>CVE-2016-2461<br>
    187         CVE-2016-2462</td>
    188     <td></td>
    189     <td></td>
    190  </tr>
    191  <tr>
    192     <td>OpenSSL  BoringSSL </td>
    193     <td>CVE-2016-0705</td>
    194     <td></td>
    195     <td></td>
    196  </tr>
    197  <tr>
    198     <td>MediaTek Wi-Fi </td>
    199     <td>CVE-2016-2456</td>
    200     <td></td>
    201     <td></td>
    202  </tr>
    203  <tr>
    204     <td>Wi-Fi </td>
    205     <td>CVE-2016-2457</td>
    206     <td></td>
    207     <td></td>
    208  </tr>
    209  <tr>
    210     <td>AOSP Mail </td>
    211     <td>CVE-2016-2458</td>
    212     <td></td>
    213     <td></td>
    214  </tr>
    215  <tr>
    216     <td></td>
    217     <td>CVE-2016-2459<br>
    218         CVE-2016-2460</td>
    219     <td></td>
    220     <td></td>
    221  </tr>
    222  <tr>
    223     <td></td>
    224     <td>CVE-2016-0774</td>
    225     <td></td>
    226     <td></td>
    227  </tr>
    228 </table>
    229 
    230 
    231 <h2 id="android_and_google_service_mitigations">Android  Google </h2>
    232 
    233 
    234 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet  Android </p>
    235 
    236 <ul>
    237   <li>Android  Android  Android</li>
    238   <li>Android <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play  Root  Root  () </li>
    239   <li>Google Hangouts  Messenger </li>
    240 </ul>
    241 
    242 <h2 id="acknowledgements"></h2>
    243 
    244 
    245 <p></p>
    246 
    247 <ul>
    248   <li>Google Chrome  Abhishek AryaOliver Chang  Martin BarbellaCVE-2016-2454
    249   <li><a href="https://www.e2e-assure.com">e2e-assure</a>  Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>)CVE-2016-2457
    250   <li><a href="http://c0reteam.org">C0RE </a> Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-2441CVE-2016-2442
    251   <li>Dzmitry Lukyanenka (<a href="http://www.linkedin.com/in/dzima">www.linkedin.com/in/dzima</a>)CVE-2016-2458
    252   <li>Gal BeniaminiCVE-2016-2431
    253   <li> 360  Vulpecker  Hao ChenCVE-2016-2456
    254   <li>Mandiant ( FireEye)  Jake VallettaCVE-2016-2060
    255   <li> 360 IceSword  Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>)  pjf (<a href="http://weibo.com/jfpan ">weibo.com/jfpan</a>)CVE-2016-2434CVE-2016-2435CVE-2016-2436CVE-2016-2441CVE-2016-2442CVE-2016-2444CVE-2016-2445CVE-2016-2446
    256   <li><a href="http://www.search-lab.hu">Search-Lab Ltd.</a>  Imre RadCVE-2016-4477
    257   <li>Google  Jeremy C. JoslinCVE-2016-2461
    258   <li>Google  Kenny RootCVE-2016-2462
    259   <li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>)  Marco Grassi (<a href="https://twitter.com/marcograss">@marcograss</a>)CVE-2016-2443
    260   <li>Micha Bednarski (<a href="https://github.com/michalbednarski">https://github.com/michalbednarski</a>)CVE-2016-2440
    261   <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-2450CVE-2016-2448CVE-2016-2449CVE-2016-2451CVE-2016-2452
    262   <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-2459CVE-2016-2460
    263   <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2016-2428CVE-2016-2429
    264   <li> <a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-2437
    265   <li> X- Yulong Zhang  Tao (Lenx) WeiCVE-2016-2439
    266   <li>Android  Zach Riggle (<a href="https://twitter.com/ebeip90">@ebeip90</a>)CVE-2016-0821
    267 </li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul>
    268 
    269 <h2 id="security_vulnerability_details"></h2>
    270 
    271 
    272 <p><a href="#security_vulnerability_summary"></a> CVE Nexus AOSP  () 
    273  AOSP  AOSP </p>
    274 
    275 <h3 id="remote_code_execution_vulnerability_in_mediaserver">
    276 </h3>
    277 
    278 
    279 <p></p>
    280 
    281 <p></p>
    282 
    283 <p></p>
    284 <table>
    285   <col width="19%">
    286   <col width="16%">
    287   <col width="10%">
    288   <col width="19%">
    289   <col width="18%">
    290   <col width="16%">
    291  <tr>
    292     <th>CVE</th>
    293     <th>Android </th>
    294     <th></th>
    295     <th> Nexus </th>
    296     <th> AOSP </th>
    297     <th></th>
    298  </tr>
    299  <tr>
    300     <td>CVE-2016-2428</td>
    301     <td><a href="https://android.googlesource.com/platform/external/aac/+/5d4405f601fa11a8955fd7611532c982420e4206">
    302         26751339</a></td>
    303     <td></td>
    304     <td><a href="#nexus_devices"> Nexus </a></td>
    305     <td>4.4.45.0.25.1.16.06.0.1</td>
    306     <td>2016  1  22 </td>
    307  </tr>
    308  <tr>
    309     <td>CVE-2016-2429</td>
    310     <td><a href="https://android.googlesource.com/platform/external/flac/+/b499389da21d89d32deff500376c5ee4f8f0b04c">
    311         27211885</a></td>
    312     <td></td>
    313     <td><a href="#nexus_devices"> Nexus </a></td>
    314     <td>4.4.45.0.25.1.16.06.0.1</td>
    315     <td>2016  2  16 </td>
    316  </tr>
    317 </table>
    318 
    319 
    320 <h3 id="elevation_of_privilege_vulnerability_in_debuggerd">
    321 Debuggerd </h3>
    322 
    323 
    324 <p> Android  Android  (Re-flash) </p>
    325 <table>
    326   <col width="19%">
    327   <col width="16%">
    328   <col width="10%">
    329   <col width="19%">
    330   <col width="18%">
    331   <col width="16%">
    332  <tr>
    333     <th>CVE</th>
    334     <th>Android </th>
    335     <th></th>
    336     <th> Nexus </th>
    337     <th> AOSP </th>
    338     <th></th>
    339  </tr>
    340  <tr>
    341     <td>CVE-2016-2430</td>
    342     <td><a href="https://android.googlesource.com/platform/system/core/+/ad54cfed4516292654c997910839153264ae00a0">
    343         27299236</a></td>
    344     <td></td>
    345     <td><a href="#nexus_devices"> Nexus </a></td>
    346     <td>4.4.45.0.25.1.16.06.0.1</td>
    347     <td>2016  2  22 </td>
    348  </tr>
    349 </table>
    350 
    351 
    352 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_trustzone">
    353 Qualcomm TrustZone </h3>
    354 
    355 
    356 <p>Qualcomm TrustZone  TrustZone  (Re-flash) </p>
    357 <table>
    358   <col width="19%">
    359   <col width="16%">
    360   <col width="10%">
    361   <col width="27%">
    362   <col width="16%">
    363  <tr>
    364     <th>CVE</th>
    365     <th>Android </th>
    366     <th></th>
    367     <th> Nexus </th>
    368     <th></th>
    369  </tr>
    370  <tr>
    371     <td>CVE-2016-2431</td>
    372     <td>24968809*</td>
    373     <td></td>
    374     <td>Nexus 5Nexus 6Nexus 7 (2013)Android One</td>
    375     <td>2015  10  15 </td>
    376  </tr>
    377  <tr>
    378     <td>CVE-2016-2432</td>
    379     <td>25913059*</td>
    380     <td></td>
    381     <td>Nexus 6Android One</td>
    382     <td>2015  11  28 </td>
    383  </tr>
    384 </table>
    385 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    386 
    387 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wi-fi_driver">
    388 Qualcomm Wi-Fi </h3>
    389 
    390 
    391 <p>Qualcomm Wi-Fi </p>
    392 <table>
    393   <col width="19%">
    394   <col width="16%">
    395   <col width="10%">
    396   <col width="27%">
    397   <col width="16%">
    398  <tr>
    399     <th>CVE</th>
    400     <th>Android </th>
    401     <th></th>
    402     <th> Nexus </th>
    403     <th></th>
    404  </tr>
    405  <tr>
    406     <td>CVE-2015-0569</td>
    407     <td>26754117*</td>
    408     <td></td>
    409     <td>Nexus 5XNexus 7 (2013)</td>
    410     <td>2016  1  23 </td>
    411  </tr>
    412  <tr>
    413     <td>CVE-2015-0570</td>
    414     <td>26764809*</td>
    415     <td></td>
    416     <td>Nexus 5XNexus 7 (2013)</td>
    417     <td>2016  1  25 </td>
    418  </tr>
    419 </table>
    420 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    421 
    422 <h3 id="elevation_of_privilege_vulnerability_in_nvidia_video_driver">
    423 NVIDIA </h3>
    424 
    425 
    426 <p>NVIDIA  (Re-flash) </p>
    427 <table>
    428   <col width="19%">
    429   <col width="16%">
    430   <col width="10%">
    431   <col width="27%">
    432   <col width="16%">
    433  <tr>
    434     <th>CVE</th>
    435     <th>Android </th>
    436     <th></th>
    437     <th> Nexus </th>
    438     <th></th>
    439  </tr>
    440  <tr>
    441     <td>CVE-2016-2434</td>
    442     <td>27251090*</td>
    443     <td></td>
    444     <td>Nexus 9</td>
    445     <td>2016  2  17 </td>
    446  </tr>
    447  <tr>
    448     <td>CVE-2016-2435</td>
    449     <td>27297988*</td>
    450     <td></td>
    451     <td>Nexus 9</td>
    452     <td>2016  2  20 </td>
    453  </tr>
    454  <tr>
    455     <td>CVE-2016-2436</td>
    456     <td>27299111*</td>
    457     <td></td>
    458     <td>Nexus 9</td>
    459     <td>2016  2  22 </td>
    460  </tr>
    461  <tr>
    462     <td>CVE-2016-2437</td>
    463     <td>27436822*</td>
    464     <td></td>
    465     <td>Nexus 9</td>
    466     <td>2016  3  1 </td>
    467  </tr>
    468 </table>
    469 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    470 
    471 <h3 id="elevation_of_privilege_vulnerability_in_kernel">
    472 </h3>
    473 
    474 
    475 <p> (Re-flash)  <a href="/security/advisory/2016-03-18.html">Android  2016-03-18</a></p>
    476 <table>
    477   <col width="19%">
    478   <col width="16%">
    479   <col width="10%">
    480   <col width="27%">
    481   <col width="16%">
    482  <tr>
    483     <th>CVE</th>
    484     <th>Android </th>
    485     <th></th>
    486     <th> Nexus </th>
    487     <th></th>
    488  </tr>
    489  <tr>
    490     <td>CVE-2015-1805</td>
    491     <td>27275324*</td>
    492     <td></td>
    493     <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9</td>
    494     <td>2016  2  19 </td>
    495  </tr>
    496 </table>
    497 <p>* AOSP <a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a><a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a>  <a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a></p>
    498 
    499 <h3 id="remote_code_execution_vulnerability_in_kernel">
    500 </h3>
    501 
    502 
    503 <p></p>
    504 <table>
    505   <col width="19%">
    506   <col width="16%">
    507   <col width="10%">
    508   <col width="27%">
    509   <col width="16%">
    510  <tr>
    511     <th>CVE</th>
    512     <th>Android </th>
    513     <th></th>
    514     <th> Nexus </th>
    515     <th></th>
    516  </tr>
    517  <tr>
    518     <td>CVE-2016-2438</td>
    519     <td>26636060*</td>
    520     <td></td>
    521     <td>Nexus 9 </td>
    522     <td>Google </td>
    523  </tr>
    524 </table>
    525 <p>*  <a href="https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d">Linux </a></p>
    526 
    527 <h3 id="information_disclosure_vulnerability_in_qualcomm_tethering_controller">
    528 Qualcomm </h3>
    529 
    530 
    531 <p>Qualcomm  ( <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a>  <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> )</p>
    532 <table>
    533   <col width="19%">
    534   <col width="16%">
    535   <col width="10%">
    536   <col width="27%">
    537   <col width="16%">
    538  <tr>
    539     <th>CVE</th>
    540     <th>Android </th>
    541     <th></th>
    542     <th> Nexus </th>
    543     <th></th>
    544  </tr>
    545  <tr>
    546     <td>CVE-2016-2060</td>
    547     <td>27942588*</td>
    548     <td></td>
    549     <td></td>
    550     <td>2016  3  23 </td>
    551  </tr>
    552 </table>
    553 <p>*  AOSP </p>
    554 
    555 <h3 id="remote_code_execution_vulnerability_in_bluetooth">
    556 </h3>
    557 
    558 
    559 <p></p>
    560 <table>
    561   <col width="19%">
    562   <col width="16%">
    563   <col width="10%">
    564   <col width="19%">
    565   <col width="18%">
    566   <col width="16%">
    567  <tr>
    568     <th>CVE</th>
    569     <th>Android </th>
    570     <th></th>
    571     <th> Nexus </th>
    572     <th> AOSP </th>
    573     <th></th>
    574  </tr>
    575  <tr>
    576     <td>CVE-2016-2439</td>
    577     <td><a href="https://android.googlesource.com/platform/system/bt/+/9b534de2aca5d790c2a1c4d76b545f16137d95dd">
    578         27411268</a></td>
    579     <td></td>
    580     <td><a href="#nexus_devices"> Nexus </a></td>
    581     <td>4.4.45.0.25.1.16.06.0.1</td>
    582     <td>2016  2  28 </td>
    583  </tr>
    584 </table>
    585 
    586 
    587 <h3 id="elevation_of_privilege_vulnerability_in_binder">
    588 </h3>
    589 
    590 
    591 <p> (Binder) </p>
    592 <table>
    593   <col width="19%">
    594   <col width="16%">
    595   <col width="10%">
    596   <col width="19%">
    597   <col width="18%">
    598   <col width="16%">
    599  <tr>
    600     <th>CVE</th>
    601     <th>Android </th>
    602     <th></th>
    603     <th> Nexus </th>
    604     <th> AOSP </th>
    605     <th></th>
    606  </tr>
    607  <tr>
    608     <td>CVE-2016-2440</td>
    609     <td><a href="https://android.googlesource.com/platform/frameworks/native/+/a59b827869a2ea04022dd225007f29af8d61837a">
    610         27252896</a></td>
    611     <td></td>
    612     <td><a href="#nexus_devices"> Nexus </a></td>
    613     <td>4.4.45.0.25.1.16.06.0.1</td>
    614     <td>2016  2  18 </td>
    615  </tr>
    616 </table>
    617 
    618 
    619 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_buspm_driver">
    620 Qualcomm Buspm </h3>
    621 
    622 
    623 <p>Qualcomm Buspm </p>
    624 <table>
    625   <col width="19%">
    626   <col width="16%">
    627   <col width="10%">
    628   <col width="27%">
    629   <col width="16%">
    630  <tr>
    631     <th>CVE</th>
    632     <th>Android </th>
    633     <th></th>
    634     <th> Nexus </th>
    635     <th></th>
    636  </tr>
    637  <tr>
    638     <td>CVE-2016-2441</td>
    639     <td>26354602*</td>
    640     <td></td>
    641     <td>Nexus 5XNexus 6Nexus 6P</td>
    642     <td>2015  12  30 </td>
    643  </tr>
    644  <tr>
    645     <td>CVE-2016-2442</td>
    646     <td>26494907*</td>
    647     <td></td>
    648     <td>Nexus 5XNexus 6Nexus 6P</td>
    649     <td>2015  12  30 </td>
    650  </tr>
    651 </table>
    652 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    653 
    654 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_mdp_driver">
    655 Qualcomm MDP </h3>
    656 
    657 
    658 <p>Qualcomm MDP </p>
    659 <table>
    660   <col width="19%">
    661   <col width="16%">
    662   <col width="10%">
    663   <col width="27%">
    664   <col width="16%">
    665  <tr>
    666     <th>CVE</th>
    667     <th>Android </th>
    668     <th></th>
    669     <th> Nexus </th>
    670     <th></th>
    671  </tr>
    672  <tr>
    673     <td>CVE-2016-2443</td>
    674     <td>26404525*</td>
    675     <td></td>
    676     <td>Nexus 5Nexus 7 (2013)</td>
    677     <td>2016  1  5 </td>
    678  </tr>
    679 </table>
    680 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    681 
    682 <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_wi-fi_driver">
    683 Qualcomm Wi-Fi </h3>
    684 
    685 
    686 <p>Qualcomm Wi-Fi  ( <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a>  <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ) </p>
    687 <table>
    688   <col width="19%">
    689   <col width="16%">
    690   <col width="10%">
    691   <col width="27%">
    692   <col width="16%">
    693  <tr>
    694     <th>CVE</th>
    695     <th>Android </th>
    696     <th></th>
    697     <th> Nexus </th>
    698     <th></th>
    699  </tr>
    700  <tr>
    701     <td>CVE-2015-0571</td>
    702     <td>26763920*</td>
    703     <td></td>
    704     <td>Nexus 5XNexus 7 (2013)</td>
    705     <td>2016  1  25 </td>
    706  </tr>
    707 </table>
    708 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    709 
    710 <h3 id="elevation_of_privilege_vulnerability_in_nvidia_video_driver">
    711 NVIDIA </h3>
    712 
    713 
    714 <p>NVIDIA </p>
    715 <table>
    716   <col width="19%">
    717   <col width="16%">
    718   <col width="10%">
    719   <col width="27%">
    720   <col width="16%">
    721  <tr>
    722     <th>CVE</th>
    723     <th>Android </th>
    724     <th></th>
    725     <th> Nexus </th>
    726     <th></th>
    727  </tr>
    728  <tr>
    729     <td>CVE-2016-2444</td>
    730     <td>27208332*</td>
    731     <td></td>
    732     <td>Nexus 9</td>
    733     <td>2016  2  16 </td>
    734  </tr>
    735  <tr>
    736     <td>CVE-2016-2445</td>
    737     <td>27253079*</td>
    738     <td></td>
    739     <td>Nexus 9</td>
    740     <td>2016  2  17 </td>
    741  </tr>
    742  <tr>
    743     <td>CVE-2016-2446</td>
    744     <td>27441354*</td>
    745     <td></td>
    746     <td>Nexus 9</td>
    747     <td>2016  3  1 </td>
    748  </tr>
    749 </table>
    750 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    751 
    752 <h3 id="elevation_of_privilege_vulnerability_in_wi-fi">
    753 Wi-Fi </h3>
    754 
    755 
    756 <p>Wi-Fi  ( <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a>  <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> )</p>
    757 
    758 <p><strong></strong> MITRE  CVE  CVE-2016-2447  CVE-2016-4477</p>
    759 
    760 <table>
    761   <col width="19%">
    762   <col width="16%">
    763   <col width="10%">
    764   <col width="19%">
    765   <col width="18%">
    766   <col width="16%">
    767  <tr>
    768     <th>CVE</th>
    769     <th>Android </th>
    770     <th></th>
    771     <th> Nexus </th>
    772     <th> AOSP </th>
    773     <th></th>
    774  </tr>
    775  <tr>
    776     <td>CVE-2016-4477</td>
    777     <td><a href="https://android.googlesource.com/platform/external/wpa_supplicant_8/+/b79e09574e50e168dd5f19d540ae0b9a05bd1535">
    778         27371366</a>
    779         [<a href="https://android.googlesource.com/platform/external/wpa_supplicant_8/+/b845b81ec6d724bd359cdb77f515722dd4066cf8">2</a>]
    780     </td>
    781     <td></td>
    782     <td><a href="#nexus_devices"> Nexus </a></td>
    783     <td>4.4.45.0.25.1.16.06.0.1</td>
    784     <td>2016  2  24 </td>
    785  </tr>
    786 </table>
    787 
    788 
    789 <h3 id="elevation_of_privilege_vulnerability_in_mediaserver">
    790 </h3>
    791 
    792 
    793 <p> ( <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a>  <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> )</p>
    794 <table>
    795   <col width="19%">
    796   <col width="16%">
    797   <col width="10%">
    798   <col width="19%">
    799   <col width="18%">
    800   <col width="16%">
    801  <tr>
    802     <th>CVE</th>
    803     <th>Android </th>
    804     <th></th>
    805     <th> Nexus </th>
    806     <th> AOSP </th>
    807     <th></th>
    808  </tr>
    809  <tr>
    810     <td>CVE-2016-2448</td>
    811     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a2d1d85726aa2a3126e9c331a8e00a8c319c9e2b">
    812         27533704</a></td>
    813     <td></td>
    814     <td><a href="#nexus_devices"> Nexus </a></td>
    815     <td>4.4.45.0.25.1.16.06.0.1</td>
    816     <td>2016  3  7 </td>
    817  </tr>
    818  <tr>
    819     <td>CVE-2016-2449</td>
    820     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b04aee833c5cfb6b31b8558350feb14bb1a0f353">
    821         27568958</a></td>
    822     <td></td>
    823     <td><a href="#nexus_devices"> Nexus </a></td>
    824     <td>4.4.45.0.25.1.16.06.0.1</td>
    825     <td>2016  3  9 </td>
    826  </tr>
    827  <tr>
    828     <td>CVE-2016-2450</td>
    829     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7fd96ebfc4c9da496c59d7c45e1f62be178e626d">
    830         27569635</a></td>
    831     <td></td>
    832     <td><a href="#nexus_devices"> Nexus </a></td>
    833     <td>4.4.45.0.25.1.16.06.0.1</td>
    834     <td>2016  3  9 </td>
    835  </tr>
    836  <tr>
    837     <td>CVE-2016-2451</td>
    838     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f9ed2fe6d61259e779a37d4c2d7edb33a1c1f8ba">
    839         27597103</a></td>
    840     <td></td>
    841     <td><a href="#nexus_devices"> Nexus </a></td>
    842     <td>4.4.45.0.25.1.16.06.0.1</td>
    843     <td>2016  3  10 </td>
    844  </tr>
    845  <tr>
    846     <td>CVE-2016-2452</td>
    847     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/44749eb4f273f0eb681d0fa013e3beef754fa687">
    848         27662364</a>
    849         [<a href="https://android.googlesource.com/platform/frameworks/av/+/65756b4082cd79a2d99b2ccb5b392291fd53703f">2</a>]
    850         [<a href="https://android.googlesource.com/platform/frameworks/av/+/daa85dac2055b22dabbb3b4e537597e6ab73a866">3</a>]
    851     </td>
    852     <td></td>
    853     <td><a href="#nexus_devices"> Nexus </a></td>
    854     <td>4.4.45.0.25.1.16.06.0.1</td>
    855     <td>2016  3  14 </td>
    856  </tr>
    857 </table>
    858 
    859 
    860 <h3 id="elevation_of_privilege_vulnerability_in_mediatek_wi-fi_driver">
    861 MediaTek Wi-Fi </h3>
    862 
    863 
    864 <p>MediaTek Wi-Fi </p>
    865 <table>
    866   <col width="19%">
    867   <col width="16%">
    868   <col width="10%">
    869   <col width="27%">
    870   <col width="16%">
    871  <tr>
    872     <th>CVE</th>
    873     <th>Android </th>
    874     <th></th>
    875     <th> Nexus </th>
    876     <th></th>
    877  </tr>
    878  <tr>
    879     <td>CVE-2016-2453</td>
    880     <td>27549705*</td>
    881     <td></td>
    882     <td>Android One</td>
    883     <td>2016  3  8 </td>
    884  </tr>
    885 </table>
    886 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    887 
    888 <h3 id="remote_denial_of_service_vulnerability_in_qualcomm_hardware_codec">
    889 Qualcomm </h3>
    890 
    891 
    892 <p> Qualcomm </p>
    893 <table>
    894   <col width="19%">
    895   <col width="16%">
    896   <col width="10%">
    897   <col width="27%">
    898   <col width="16%">
    899  <tr>
    900     <th>CVE</th>
    901     <th>Android </th>
    902     <th></th>
    903     <th> Nexus </th>
    904     <th></th>
    905  </tr>
    906  <tr>
    907     <td>CVE-2016-2454</td>
    908     <td>26221024*</td>
    909     <td></td>
    910     <td>Nexus 5</td>
    911     <td>2015  12  16 </td>
    912  </tr>
    913 </table>
    914 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
    915 
    916 <h3 id="elevation_of_privilege_vulnerability_in_conscrypt">
    917 Conscrypt </h3>
    918 
    919 
    920 <p>Conscrypt </p>
    921 <table>
    922   <col width="19%">
    923   <col width="16%">
    924   <col width="10%">
    925   <col width="19%">
    926   <col width="18%">
    927   <col width="16%">
    928  <tr>
    929     <th>CVE</th>
    930     <th>Android </th>
    931     <th></th>
    932     <th> Nexus </th>
    933     <th> AOSP </th>
    934     <th></th>
    935  </tr>
    936  <tr>
    937     <td>CVE-2016-2461</td>
    938     <td><a href="https://android.googlesource.com/platform/external/conscrypt/+/50d0447566db4a77d78d592f1c1b5d31096fac8f">
    939         27324690</a>
    940         [<a href="https://android.googlesource.com/platform/external/conscrypt/+/1638945d4ed9403790962ec7abed1b7a232a9ff8">2</a>]
    941     </td>
    942     <td></td>
    943     <td><a href="#nexus_devices"> Nexus </a></td>
    944     <td>6.06.0.1</td>
    945     <td>Google </td>
    946  </tr>
    947  <tr>
    948     <td>CVE-2016-2462</td>
    949     <td><a href="https://android.googlesource.com/platform/external/conscrypt/+/8bec47d2184fca7e8b7337d2a65b2b75a9bc8f54">
    950         27371173</a></td>
    951     <td></td>
    952     <td><a href="#nexus_devices"> Nexus </a></td>
    953     <td>6.06.0.1</td>
    954     <td>Google </td>
    955  </tr>
    956 </table>
    957 
    958 
    959 <h3 id="elevation_of_privilege_vulnerability_in_openssl_&amp;_boringssl">
    960 OpenSSL  BoringSSL </h3>
    961 
    962 
    963 <p>OpenSSL  BoringSSL </p>
    964 <table>
    965   <col width="19%">
    966   <col width="16%">
    967   <col width="10%">
    968   <col width="19%">
    969   <col width="18%">
    970   <col width="16%">
    971  <tr>
    972     <th>CVE</th>
    973     <th>Android </th>
    974     <th></th>
    975     <th> Nexus </th>
    976     <th> AOSP </th>
    977     <th></th>
    978  </tr>
    979  <tr>
    980     <td>CVE-2016-0705</td>
    981     <td><a href="https://android.googlesource.com/platform/external/boringssl/+/591be84e89682622957c8f103ca4be3a5ed0f800">
    982         27449871</a></td>
    983     <td></td>
    984     <td><a href="#nexus_devices"> Nexus </a></td>
    985     <td>4.4.45.0.25.1.16.06.0.1</td>
    986     <td>2016  2  7 </td>
    987  </tr>
    988 </table>
    989 
    990 
    991 <h3 id="elevation_of_privilege_vulnerability_in_mediatek_wi-fi_driver">
    992 MediaTek Wi-Fi </h3>
    993 
    994 
    995 <p>MediaTek Wi-Fi </p>
    996 <table>
    997   <col width="19%">
    998   <col width="16%">
    999   <col width="10%">
   1000   <col width="27%">
   1001   <col width="16%">
   1002  <tr>
   1003     <th>CVE</th>
   1004     <th>Android </th>
   1005     <th></th>
   1006     <th> Nexus </th>
   1007     <th></th>
   1008  </tr>
   1009  <tr>
   1010     <td>CVE-2016-2456</td>
   1011     <td>27275187*</td>
   1012     <td></td>
   1013     <td>Android One</td>
   1014     <td>2016  2  19 </td>
   1015  </tr>
   1016 </table>
   1017 <p>*  AOSP  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p>
   1018 
   1019 <h3 id="elevation_of_privilege_vulnerability_in_wi-fi">
   1020 Wi-Fi </h3>
   1021 
   1022 
   1023 <p>Wi-Fi  Wi-Fi <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel"></a></p>
   1024 <table>
   1025   <col width="19%">
   1026   <col width="16%">
   1027   <col width="10%">
   1028   <col width="19%">
   1029   <col width="18%">
   1030   <col width="16%">
   1031  <tr>
   1032     <th>CVE</th>
   1033     <th>Android </th>
   1034     <th></th>
   1035     <th> Nexus </th>
   1036     <th> AOSP </th>
   1037     <th></th>
   1038  </tr>
   1039  <tr>
   1040     <td>CVE-2016-2457</td>
   1041     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/12332e05f632794e18ea8c4ac52c98e82532e5db">
   1042         27411179</a></td>
   1043     <td></td>
   1044     <td><a href="#nexus_devices"> Nexus </a></td>
   1045     <td>5.0.25.1.16.06.0.1</td>
   1046     <td>2016  2  29 </td>
   1047  </tr>
   1048 </table>
   1049 
   1050 
   1051 <h3 id="information_disclosure_vulnerability_in_aosp_mail">
   1052 AOSP Mail </h3>
   1053 
   1054 
   1055 <p>AOSP Mail </p>
   1056 <table>
   1057   <col width="19%">
   1058   <col width="16%">
   1059   <col width="10%">
   1060   <col width="19%">
   1061   <col width="18%">
   1062   <col width="16%">
   1063  <tr>
   1064     <th>CVE</th>
   1065     <th>Android </th>
   1066     <th></th>
   1067     <th> Nexus </th>
   1068     <th> AOSP </th>
   1069     <th></th>
   1070  </tr>
   1071  <tr>
   1072     <td>CVE-2016-2458</td>
   1073     <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/a55168330d9326ff2120285763c818733590266a">
   1074         27335139</a>
   1075         [<a href="https://android.googlesource.com/platform/packages/apps/Email/+/2791f0b33b610247ef87278862e66c6045f89693">2</a>]
   1076     </td>
   1077     <td></td>
   1078     <td><a href="#nexus_devices"> Nexus </a></td>
   1079     <td>5.0.25.1.16.06.0.1</td>
   1080     <td>2016  2  23 </td>
   1081  </tr>
   1082 </table>
   1083 
   1084 
   1085 <h3 id="information_disclosure_vulnerability_in_mediaserver">
   1086 </h3>
   1087 
   1088 
   1089 <p></p>
   1090 <table>
   1091   <col width="19%">
   1092   <col width="16%">
   1093   <col width="10%">
   1094   <col width="19%">
   1095   <col width="18%">
   1096   <col width="16%">
   1097  <tr>
   1098     <th>CVE</th>
   1099     <th>Android </th>
   1100     <th></th>
   1101     <th> Nexus </th>
   1102     <th> AOSP </th>
   1103     <th></th>
   1104  </tr>
   1105  <tr>
   1106     <td>CVE-2016-2459</td>
   1107     <td><a href="https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73">
   1108         27556038</a></td>
   1109     <td></td>
   1110     <td><a href="#nexus_devices"> Nexus </a></td>
   1111     <td>4.4.45.0.25.1.16.06.0.1</td>
   1112     <td>2016  3  7 </td>
   1113  </tr>
   1114  <tr>
   1115     <td>CVE-2016-2460</td>
   1116     <td><a href="https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73">
   1117         27555981</a></td>
   1118     <td></td>
   1119     <td><a href="#nexus_devices"> Nexus </a></td>
   1120     <td>4.4.45.0.25.1.16.06.0.1</td>
   1121     <td>2016  3  7 </td>
   1122  </tr>
   1123 </table>
   1124 
   1125 
   1126 <h3 id="denial_of_service_vulnerability_in_kernel">
   1127 </h3>
   1128 
   1129 
   1130 <p></p>
   1131 <table>
   1132   <col width="19%">
   1133   <col width="16%">
   1134   <col width="10%">
   1135   <col width="27%">
   1136   <col width="16%">
   1137  <tr>
   1138     <th>CVE</th>
   1139     <th>Android </th>
   1140     <th></th>
   1141     <th> Nexus </th>
   1142     <th></th>
   1143  </tr>
   1144  <tr>
   1145     <td>CVE-2016-0774</td>
   1146     <td>27721803*</td>
   1147     <td></td>
   1148     <td><a href="#nexus_devices"> Nexus </a></td>
   1149     <td>2016  3  17 </td>
   1150  </tr>
   1151 </table>
   1152 <p>*  <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/fs/pipe.c?id=b381fbc509052d07ccf8641fd7560a25d46aaf1e">Linux </a></p>
   1153 
   1154 <h2 id="common_questions_and_answers"></h2>
   1155 
   1156 
   1157 <p></p>
   1158 
   1159 <p><strong>1. </strong></p>
   1160 
   1161 <p>2016  5  1  ( <a href="https://support.google.com/nexus/answer/4457705">Nexus </a>)[ro.build.version.security_patch]:[2016-05-01]</p>
   1162 
   1163 <p id="nexus_devices"><strong>2.  Nexus </strong></p>
   1164 
   1165 <p><a href="security_vulnerability_details"></a> Nexus  Nexus </p>
   1166 
   1167 <ul>
   1168   <li> <strong> Nexus </strong> Nexus  Nexus <em></em> Nexus  Nexus <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus Player  Pixel C
   1169   <li> <strong> Nexus </strong> Nexus Nexus <em></em> Nexus </li>
   1170   <li> <strong> Nexus </strong> Nexus  Nexus <em></em></li>
   1171 </li></ul>
   1172 
   1173 <p><strong>3.  CVE-2015-1805 </strong></p>
   1174 <p><a href="/security/advisory/2016-03-18.html">Android 2016-03-18</a>  CVE-2015-1805 2016  4  1  <a href="2016-04-02.html">Nexus 2016  4 </a> CVE-2015-1805  2016  5  1 </p>
   1175 <h2 id="revisions"></h2>
   1176 
   1177 
   1178 <ul>
   1179   <li>2016  5  2 </li>
   1180   <li>2016  5  4 
   1181     <ul>
   1182       <li> AOSP 
   1183       <li> Nexus  ( Nexus Player  Pixel C)
   1184       <li> MITRE  CVE-2016-2447  CVE-2016-4477
   1185     </li></li></li></ul>
   1186   </li>
   1187 </ul>
   1188 
   1189   </body>
   1190 </html>
   1191