1 <html devsite> 2 <head> 3 <title>Android 2016 7 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2016 7 6 | 2016 7 14 </em></p> 27 <p>Android Android Google OTA Nexus Nexus <a href="https://developers.google.com/android/nexus/images">Google </a>2016 7 5 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a></p> 28 <p> 2016 6 6 () Android (AOSP) AOSP </p> 29 30 <p></p> 31 <p> <a href="/security/enhancements/index.html">Android </a> ( SafetyNet) Android <a href="">Android Google </a></p> 32 <p></p> 33 <h2 id="announcements"></h2> 34 <ul> 35 <li> Android Android <a href="#common-questions-and-answers"></a> 36 <ul> 37 <li><strong>2016-07-01</strong> 2016-07-01 38 <li><strong>2016-07-05</strong> 2016-07-01 2016-07-05 </li> 39 </li></ul> 40 </li> 41 <li> Nexus 2016 7 5 OTA </li> 42 </ul> 43 <h2 id="security_vulnerability_summary"></h2> 44 <p> ID (CVE) Nexus <a href="/security/overview/updates-resources.html#severity"></a></p> 45 46 <h3 id="2016-07-01_summary">2016-07-01 </h3> 47 <p>2016-07-01 </p> 48 49 <table> 50 <col width="55%"> 51 <col width="20%"> 52 <col width="13%"> 53 <col width="12%"> 54 <tr> 55 <th></th> 56 <th>CVE</th> 57 <th></th> 58 <th> Nexus </th> 59 </tr> 60 <tr> 61 <td></td> 62 <td>CVE-2016-2506CVE-2016-2505CVE-2016-2507CVE-2016-2508CVE-2016-3741CVE-2016-3742CVE-2016-3743</td> 63 <td></td> 64 <td></td> 65 </tr> 66 <tr> 67 <td>OpenSSL BoringSSL </td> 68 <td>CVE-2016-2108</td> 69 <td></td> 70 <td></td> 71 </tr> 72 <tr> 73 <td></td> 74 <td>CVE-2016-3744</td> 75 <td></td> 76 <td></td> 77 </tr> 78 <tr> 79 <td>libpng </td> 80 <td>CVE-2016-3751</td> 81 <td></td> 82 <td></td> 83 </tr> 84 <tr> 85 <td></td> 86 <td>CVE-2016-3745CVE-2016-3746CVE-2016-3747</td> 87 <td></td> 88 <td></td> 89 </tr> 90 <tr> 91 <td></td> 92 <td>CVE-2016-3748</td> 93 <td></td> 94 <td></td> 95 </tr> 96 <tr> 97 <td></td> 98 <td>CVE-2016-3749</td> 99 <td></td> 100 <td></td> 101 </tr> 102 <tr> 103 <td>Framework API </td> 104 <td>CVE-2016-3750</td> 105 <td></td> 106 <td></td> 107 </tr> 108 <tr> 109 <td>ChooserTarget </td> 110 <td>CVE-2016-3752</td> 111 <td></td> 112 <td></td> 113 </tr> 114 <tr> 115 <td></td> 116 <td>CVE-2016-3753</td> 117 <td></td> 118 <td>*</td> 119 </tr> 120 <tr> 121 <td>OpenSSL </td> 122 <td>CVE-2016-2107</td> 123 <td></td> 124 <td>*</td> 125 </tr> 126 <tr> 127 <td></td> 128 <td>CVE-2016-3754CVE-2016-3755, CVE-2016-3756</td> 129 <td></td> 130 <td></td> 131 </tr> 132 <tr> 133 <td>libc </td> 134 <td>CVE-2016-3818</td> 135 <td></td> 136 <td>*</td> 137 </tr> 138 <tr> 139 <td>lsof </td> 140 <td>CVE-2016-3757</td> 141 <td></td> 142 <td></td> 143 </tr> 144 <tr> 145 <td>DexClassLoader </td> 146 <td>CVE-2016-3758</td> 147 <td></td> 148 <td></td> 149 </tr> 150 <tr> 151 <td>Framework API </td> 152 <td>CVE-2016-3759</td> 153 <td></td> 154 <td></td> 155 </tr> 156 <tr> 157 <td></td> 158 <td>CVE-2016-3760</td> 159 <td></td> 160 <td></td> 161 </tr> 162 <tr> 163 <td>NFC </td> 164 <td>CVE-2016-3761</td> 165 <td></td> 166 <td></td> 167 </tr> 168 <tr> 169 <td></td> 170 <td>CVE-2016-3762</td> 171 <td></td> 172 <td></td> 173 </tr> 174 <tr> 175 <td>Proxy </td> 176 <td>CVE-2016-3763</td> 177 <td></td> 178 <td></td> 179 </tr> 180 <tr> 181 <td></td> 182 <td>CVE-2016-3764CVE-2016-3765</td> 183 <td></td> 184 <td></td> 185 </tr> 186 <tr> 187 <td></td> 188 <td>CVE-2016-3766</td> 189 <td></td> 190 <td></td> 191 </tr> 192 </table> 193 <p>* Nexus </p> 194 195 196 <h3 id="2016-07-05_summary">2016-07-05 </h3> 197 <p>2016-07-05 2016-07-01 </p> 198 199 <table> 200 <col width="55%"> 201 <col width="20%"> 202 <col width="13%"> 203 <col width="12%"> 204 <tr> 205 <th></th> 206 <th>CVE</th> 207 <th></th> 208 <th> Nexus </th> 209 </tr> 210 <tr> 211 <td>Qualcomm GPU 212 ()</td> 213 <td>CVE-2016-2503CVE-2016-2067</td> 214 <td></td> 215 <td></td> 216 </tr> 217 <tr> 218 <td>MediaTek Wi-Fi 219 ()</td> 220 <td>CVE-2016-3767</td> 221 <td></td> 222 <td></td> 223 </tr> 224 <tr> 225 <td>Qualcomm 226 ()</td> 227 <td>CVE-2016-3768</td> 228 <td></td> 229 <td></td> 230 </tr> 231 <tr> 232 <td>NVIDIA 233 ()</td> 234 <td>CVE-2016-3769</td> 235 <td></td> 236 <td></td> 237 </tr> 238 <tr> 239 <td>MediaTek 240 ()</td> 241 <td>CVE-2016-3770CVE-2016-3771CVE-2016-3772CVE-2016-3773CVE-2016-3774</td> 242 <td></td> 243 <td></td> 244 </tr> 245 <tr> 246 <td> 247 ()</td> 248 <td>CVE-2016-3775</td> 249 <td></td> 250 <td></td> 251 </tr> 252 <tr> 253 <td>USB ()</td> 254 <td>CVE-2015-8816</td> 255 <td></td> 256 <td></td> 257 </tr> 258 <tr> 259 <td>Qualcomm 260 ()</td> 261 <td>CVE-2014-9794CVE-2014-9795CVE-2015-8892CVE-2013-7457CVE-2014-9781CVE-2014-9786CVE-2014-9788CVE-2014-9779CVE-2014-9780CVE-2014-9789CVE-2014-9793CVE-2014-9782CVE-2014-9783CVE-2014-9785CVE-2014-9787CVE-2014-9784CVE-2014-9777CVE-2014-9778CVE-2014-9790CVE-2014-9792CVE-2014-9797CVE-2014-9791CVE-2014-9796CVE-2014-9800CVE-2014-9799CVE-2014-9801CVE-2014-9802CVE-2015-8891CVE-2015-8888CVE-2015-8889CVE-2015-8890</td> 262 <td></td> 263 <td></td> 264 </tr> 265 <tr> 266 <td>Qualcomm USB 267 ()</td> 268 <td>CVE-2016-2502</td> 269 <td></td> 270 <td></td> 271 </tr> 272 <tr> 273 <td>Qualcomm Wi-Fi 274 ()</td> 275 <td>CVE-2016-3792</td> 276 <td></td> 277 <td></td> 278 </tr> 279 <tr> 280 <td>Qualcomm 281 ()</td> 282 <td>CVE-2016-2501</td> 283 <td></td> 284 <td></td> 285 </tr> 286 <tr> 287 <td>NVIDIA 288 ()</td> 289 <td>CVE-2016-3793</td> 290 <td></td> 291 <td></td> 292 </tr> 293 <tr> 294 <td>MediaTek 295 ()</td> 296 <td>CVE-2016-3795CVE-2016-3796</td> 297 <td></td> 298 <td></td> 299 </tr> 300 <tr> 301 <td>Qualcomm Wi-Fi 302 ()</td> 303 <td>CVE-2016-3797</td> 304 <td></td> 305 <td></td> 306 </tr> 307 <tr> 308 <td>MediaTek 309 ()</td> 310 <td>CVE-2016-3798</td> 311 <td></td> 312 <td></td> 313 </tr> 314 <tr> 315 <td>MediaTek 316 ()</td> 317 <td>CVE-2016-3799CVE-2016-3800</td> 318 <td></td> 319 <td></td> 320 </tr> 321 <tr> 322 <td>MediaTek GPS 323 ()</td> 324 <td>CVE-2016-3801</td> 325 <td></td> 326 <td></td> 327 </tr> 328 <tr> 329 <td> 330 ()</td> 331 <td>CVE-2016-3802CVE-2016-3803</td> 332 <td></td> 333 <td></td> 334 </tr> 335 <tr> 336 <td>MediaTek 337 ()</td> 338 <td>CVE-2016-3804CVE-2016-3805</td> 339 <td></td> 340 <td></td> 341 </tr> 342 <tr> 343 <td>MediaTek 344 ()</td> 345 <td>CVE-2016-3806</td> 346 <td></td> 347 <td></td> 348 </tr> 349 <tr> 350 <td> 351 ()</td> 352 <td>CVE-2016-3807CVE-2016-3808</td> 353 <td></td> 354 <td></td> 355 </tr> 356 <tr> 357 <td>Qualcomm 358 ()</td> 359 <td>CVE-2016-2068</td> 360 <td></td> 361 <td></td> 362 </tr> 363 <tr> 364 <td> ()</td> 365 <td>CVE-2014-9803</td> 366 <td></td> 367 <td></td> 368 </tr> 369 <tr> 370 <td> 371 ()</td> 372 <td>CVE-2016-3809</td> 373 <td></td> 374 <td></td> 375 </tr> 376 <tr> 377 <td>MediaTek Wi-Fi 378 ()</td> 379 <td>CVE-2016-3810</td> 380 <td></td> 381 <td></td> 382 </tr> 383 <tr> 384 <td> 385 ()</td> 386 <td>CVE-2016-3811</td> 387 <td></td> 388 <td></td> 389 </tr> 390 <tr> 391 <td>MediaTek 392 ()</td> 393 <td>CVE-2016-3812</td> 394 <td></td> 395 <td></td> 396 </tr> 397 <tr> 398 <td>Qualcomm USB 399 ()</td> 400 <td>CVE-2016-3813</td> 401 <td></td> 402 <td></td> 403 </tr> 404 <tr> 405 <td>NVIDIA 406 ()</td> 407 <td>CVE-2016-3814CVE-2016-3815</td> 408 <td></td> 409 <td></td> 410 </tr> 411 <tr> 412 <td>MediaTek 413 ()</td> 414 <td>CVE-2016-3816</td> 415 <td></td> 416 <td></td> 417 </tr> 418 <tr> 419 <td> 420 ()</td> 421 <td>CVE-2016-0723</td> 422 <td></td> 423 <td></td> 424 </tr> 425 <tr> 426 <td>Qualcomm 427 ()</td> 428 <td>CVE-2014-9798CVE-2015-8893</td> 429 <td></td> 430 <td></td> 431 </tr> 432 </table> 433 434 <h2 id="mitigations">Android Google </h2> 435 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 436 <ul> 437 <li>Android Android Android</li> 438 <li>Android <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 439 <li>Google Hangouts Messenger </li> 440 </ul> 441 442 <h2 id="acknowledgements"></h2> 443 <p></p> 444 <ul> 445 <li>Google Chrome Abhishek AryaOliver Chang Martin Barbella 446 CVE-2016-3756CVE-2016-3741CVE-2016-3743CVE-2016-3742 447 <li>Check Point Software Technologies Ltd. Adam Donenfeld et al.CVE-2016-2503 448 <li>Google Adam PowellCVE-2016-3752 449 <li>Context Information Security Alex Chapman Paul StoneCVE-2016-3763 450 <li><a href="https://www.e2e-assure.com/">e2e-assure</a> Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>)CVE-2016-2457 451 <li>Google Project Zero CVE-2016-3775 452 <li><a href="http://c0reteam.org">C0RE </a> Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)Yuan-Tsung Lo (<a href="mailto:computernik (a] gmail.com">computernik (a] gmail.com</a>) Xuxian JiangCVE-2016-3770CVE-2016-3771CVE-2016-3772CVE-2016-3773CVE-2016-3774 453 <li>Google Christopher TateCVE-2016-3759 454 <li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-3762 455 <li><a href="http://www.360.com"> 360</a> IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) pjf (<a href="http://weibo.com/jfpan ">weibo.com/jfpan</a>)CVE-2016-3806CVE-2016-3816CVE-2016-3805CVE-2016-3804CVE-2016-3767CVE-2016-3810CVE-2016-3795CVE-2016-3796 456 <li>Google Android Greg KaiserCVE-2016-3758 457 <li><a href="http://www.360.com"> 360 </a> Guang Gong () (<a href="https://twitter.com/oldfresher">@oldfresher</a>) 458 CVE-2016-3764 459 <li><a href="http://www.360.com"> 360 </a> Hao Chen Guang GongCVE-2016-3792CVE-2016-3768 460 <li><a href="http://www.cmcm.com"></a> Hao Qin 461 CVE-2016-3754CVE-2016-3766 462 <li><a href="http://www.360.com"> 360</a> IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) pjf (<a href="http://weibo.com/jfpan ">weibo.com/jfpan</a>)CVE-2016-3814CVE-2016-3802CVE-2016-3769CVE-2016-3807CVE-2016-3808 463 <li>Google Marco NelissenCVE-2016-3818 464 <li>Google Project Zero Mark BrandCVE-2016-3757 465 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2016-3750 466 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3747CVE-2016-3746CVE-2016-3765 467 <li> Peng XiaoChengming YangNing YouChao Yang Yang SsongCVE-2016-3800CVE-2016-3799CVE-2016-3801CVE-2016-3812CVE-2016-3798 468 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>) 469 CVE-2016-3793 470 <li>Google Ricky WaiCVE-2016-3749 471 <li>Roeland KrakCVE-2016-3753 472 <li>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>) 473 CVE-2016-3797CVE-2016-3813CVE-2016-3815CVE-2016-2501CVE-2016-2502 474 <li>Vasily VasilevCVE-2016-2507 475 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>) 476 CVE-2016-2508CVE-2016-3755 477 <li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>)CVE-2016-3809 478 <li> Xiling GongCVE-2016-3745 479 <li> TCA Yacong Gu 480 CVE-2016-3761 481 <li> Xuanwu Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>)CVE-2016-2505 482 <li> Xuanwu Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>)CVE-2016-2506 483 <li> X- Yulong Zhang Tao (Lenx) WeiCVE-2016-3744 484 </li> 485 </li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 486 487 <h2 id="2016-07-01_details">2016-07-01 </h2> 488 <p> <a href="#2016-07-01_summary">2016-07-01 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 489 490 <h3 id="remote-code-execution-vulnerability-in-mediaserver"> 491 </h3> 492 <p></p> 493 <p></p> 494 495 <table> 496 <col width="19%"> 497 <col width="19%"> 498 <col width="10%"> 499 <col width="16%"> 500 <col width="17%"> 501 <col width="17%"> 502 <tr> 503 <th>CVE</th> 504 <th></th> 505 <th></th> 506 <th> Nexus </th> 507 <th> AOSP </th> 508 <th></th> 509 </tr> 510 <tr> 511 <td>CVE-2016-2506</td> 512 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/e248db02fbab2ee9162940bc19f087fd7d96cb9d"> 513 A-28175045</a></td> 514 <td></td> 515 <td><a href="#all_nexus"> Nexus </a></td> 516 <td>4.4.45.0.25.1.16.06.0.1</td> 517 <td>2016 4 11 </td> 518 </tr> 519 <tr> 520 <td>CVE-2016-2505</td> 521 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/4f236c532039a61f0cf681d2e3c6e022911bbb5c"> 522 A-28333006</a></td> 523 <td></td> 524 <td><a href="#all_nexus"> Nexus </a></td> 525 <td>6.06.0.1</td> 526 <td>2016 4 21 </td> 527 </tr> 528 <tr> 529 <td>CVE-2016-2507</td> 530 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/60547808ca4e9cfac50028c00c58a6ceb2319301"> 531 A-28532266</a></td> 532 <td></td> 533 <td><a href="#all_nexus"> Nexus </a></td> 534 <td>4.4.45.0.25.1.16.06.0.1</td> 535 <td>2016 5 2 </td> 536 </tr> 537 <tr> 538 <td>CVE-2016-2508</td> 539 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f"> 540 A-28799341</a> 541 [<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>] 542 </td> 543 <td></td> 544 <td><a href="#all_nexus"> Nexus </a></td> 545 <td>4.4.45.0.25.1.16.06.0.1</td> 546 <td>2016 5 16 </td> 547 </tr> 548 <tr> 549 <td>CVE-2016-3741</td> 550 <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795"> 551 A-28165661</a> 552 [<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>] 553 </td> 554 <td></td> 555 <td><a href="#all_nexus"> Nexus </a></td> 556 <td>6.06.0.1</td> 557 <td>Google </td> 558 </tr> 559 <tr> 560 <td>CVE-2016-3742</td> 561 <td><a href="https://android.googlesource.com/platform/external/libavc/+/a583270e1c96d307469c83dc42bd3c5f1b9ef63f"> 562 A-28165659</a> 563 </td> 564 <td></td> 565 <td><a href="#all_nexus"> Nexus </a></td> 566 <td>6.06.0.1</td> 567 <td>Google </td> 568 </tr> 569 <tr> 570 <td>CVE-2016-3743</td> 571 <td><a href="https://android.googlesource.com/platform/external/libavc/+/ecf6c7ce6d5a22d52160698aab44fc234c63291a"> 572 A-27907656</a> 573 </td> 574 <td></td> 575 <td><a href="#all_nexus"> Nexus </a></td> 576 <td>6.06.0.1</td> 577 <td>Google </td> 578 </tr> 579 </table> 580 581 582 <h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> 583 OpenSSL BoringSSL </h3> 584 <p>OpenSSL BoringSSL </p> 585 586 <table> 587 <col width="19%"> 588 <col width="16%"> 589 <col width="10%"> 590 <col width="19%"> 591 <col width="18%"> 592 <col width="16%"> 593 <tr> 594 <th>CVE</th> 595 <th></th> 596 <th></th> 597 <th> Nexus </th> 598 <th> AOSP </th> 599 <th></th> 600 </tr> 601 <tr> 602 <td>CVE-2016-2108</td> 603 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/74750e1fb24149043a533497f79c577b704d6e30"> 604 A-28175332</a> 605 </td> 606 <td></td> 607 <td><a href="#all_nexus"> Nexus </a></td> 608 <td>4.4.45.0.25.1.16.06.0.1</td> 609 <td>2016 5 3 </td> 610 </tr> 611 </table> 612 613 <h3 id="remote-code-execution-vulnerability-in-bluetooth"> 614 </h3> 615 <p></p> 616 617 <table> 618 <col width="19%"> 619 <col width="16%"> 620 <col width="10%"> 621 <col width="19%"> 622 <col width="18%"> 623 <col width="16%"> 624 <tr> 625 <th>CVE</th> 626 <th></th> 627 <th></th> 628 <th> Nexus </th> 629 <th> AOSP </th> 630 <th></th> 631 </tr> 632 <tr> 633 <td>CVE-2016-3744</td> 634 <td><a href="https://android.googlesource.com/platform/system/bt/+/514139f4b40cbb035bb92f3e24d5a389d75db9e6"> 635 A-27930580</a></td> 636 <td></td> 637 <td><a href="#all_nexus"> Nexus </a></td> 638 <td>4.4.45.0.25.1.16.06.0.1</td> 639 <td>2016 3 30 </td> 640 </tr> 641 </table> 642 643 <h3 id="elevation-of-privilege-vulnerability-in-libpng"> 644 libpng </h3> 645 <p>libpng ( <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ) </p> 646 647 <table> 648 <col width="19%"> 649 <col width="16%"> 650 <col width="10%"> 651 <col width="19%"> 652 <col width="18%"> 653 <col width="16%"> 654 <tr> 655 <th>CVE</th> 656 <th></th> 657 <th></th> 658 <th> Nexus </th> 659 <th> AOSP </th> 660 <th></th> 661 </tr> 662 <tr> 663 <td>CVE-2016-3751</td> 664 <td><a href="https://android.googlesource.com/platform/external/libpng/+/9d4853418ab2f754c2b63e091c29c5529b8b86ca"> 665 A-23265085</a> 666 </td> 667 <td></td> 668 <td><a href="#all_nexus"> Nexus </a></td> 669 <td>4.4.45.0.25.1.16.06.0.1</td> 670 <td>2015 12 3 </td> 671 </tr> 672 </table> 673 674 <h3 id="elevation-of-privilege-vulnerability-in-mediaserver"> 675 </h3> 676 <p> ( <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ) </p> 677 678 <table> 679 <col width="19%"> 680 <col width="16%"> 681 <col width="10%"> 682 <col width="19%"> 683 <col width="18%"> 684 <col width="16%"> 685 <tr> 686 <th>CVE</th> 687 <th></th> 688 <th></th> 689 <th> Nexus </th> 690 <th> AOSP </th> 691 <th></th> 692 </tr> 693 <tr> 694 <td>CVE-2016-3745</td> 695 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/073a80800f341325932c66818ce4302b312909a4"> 696 A-28173666</a> 697 </td> 698 <td></td> 699 <td><a href="#all_nexus"> Nexus </a></td> 700 <td>4.4.45.0.25.1.16.06.0.1</td> 701 <td>2016 4 10 </td> 702 </tr> 703 <tr> 704 <td>CVE-2016-3746</td> 705 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/5b82f4f90c3d531313714df4b936f92fb0ff15cf"> 706 A-27890802</a> 707 </td> 708 <td></td> 709 <td><a href="#all_nexus"> Nexus </a></td> 710 <td>4.4.45.0.25.1.16.06.0.1</td> 711 <td>2016 3 27 </td> 712 </tr> 713 <tr> 714 <td>CVE-2016-3747</td> 715 <td><a href="https://android.googlesource.com/platform/hardware/qcom/media/+/4ed06d14080d8667d5be14eed200e378cba78345"> 716 A-27903498</a> 717 </td> 718 <td></td> 719 <td><a href="#all_nexus"> Nexus </a></td> 720 <td>4.4.45.0.25.1.16.06.0.1</td> 721 <td>2016 3 28 </td> 722 </tr> 723 </table> 724 725 <h3 id="elevation-of-privilege-vulnerability-in-sockets"> 726 </h3> 727 <p></p> 728 729 <table> 730 <col width="19%"> 731 <col width="16%"> 732 <col width="10%"> 733 <col width="19%"> 734 <col width="18%"> 735 <col width="16%"> 736 <tr> 737 <th>CVE</th> 738 <th></th> 739 <th></th> 740 <th> Nexus </th> 741 <th> AOSP </th> 742 <th></th> 743 </tr> 744 <tr> 745 <td>CVE-2016-3748</td> 746 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/556bb0f55324e8839d7b735a0de9bc31028e839e"> 747 A-28171804</a> 748 </td> 749 <td></td> 750 <td><a href="#all_nexus"> Nexus </a></td> 751 <td>6.06.0.1</td> 752 <td>2016 4 13 </td> 753 </tr> 754 </table> 755 756 <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice"> 757 </h3> 758 <p></p> 759 760 <table> 761 <col width="19%"> 762 <col width="16%"> 763 <col width="10%"> 764 <col width="19%"> 765 <col width="17%"> 766 <col width="17%"> 767 <tr> 768 <th>CVE</th> 769 <th></th> 770 <th></th> 771 <th> Nexus </th> 772 <th> AOSP </th> 773 <th></th> 774 </tr> 775 <tr> 776 <td>CVE-2016-3749</td> 777 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e83f0f6a5a6f35323f5367f99c8e287c440f33f5"> 778 A-28163930</a> 779 </td> 780 <td></td> 781 <td><a href="#all_nexus"> Nexus </a></td> 782 <td>6.06.0.1</td> 783 <td>Google </td> 784 </tr> 785 </table> 786 787 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis"> 788 Framework API </h3> 789 <p>Parcels Framework API </p> 790 791 <table> 792 <col width="19%"> 793 <col width="16%"> 794 <col width="10%"> 795 <col width="19%"> 796 <col width="17%"> 797 <col width="17%"> 798 <tr> 799 <th>CVE</th> 800 <th></th> 801 <th></th> 802 <th> Nexus </th> 803 <th> AOSP </th> 804 <th></th> 805 </tr> 806 <tr> 807 <td>CVE-2016-3750</td> 808 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/54cb02ad733fb71b1bdf78590428817fb780aff8"> 809 A-28395952</a> 810 </td> 811 <td></td> 812 <td><a href="#all_nexus"> Nexus </a></td> 813 <td>4.4.45.0.25.1.16.06.0.1</td> 814 <td>2015 12 16 </td> 815 </tr> 816 </table> 817 818 <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service"> 819 ChooserTarget </h3> 820 <p>ChooserTarget </p> 821 822 <table> 823 <col width="19%"> 824 <col width="16%"> 825 <col width="10%"> 826 <col width="19%"> 827 <col width="17%"> 828 <col width="17%"> 829 <tr> 830 <th>CVE</th> 831 <th></th> 832 <th></th> 833 <th> Nexus </th> 834 <th> AOSP </th> 835 <th></th> 836 </tr> 837 <tr> 838 <td>CVE-2016-3752</td> 839 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ddbf2db5b946be8fdc45c7b0327bf560b2a06988"> 840 A-28384423</a> 841 </td> 842 <td></td> 843 <td><a href="#all_nexus"> Nexus </a></td> 844 <td>6.06.0.1</td> 845 <td>Google </td> 846 </tr> 847 </table> 848 849 <h3 id="information-disclosure-vulnerability-in-mediaserver"> 850 </h3> 851 <p></p> 852 853 <table> 854 <col width="19%"> 855 <col width="16%"> 856 <col width="10%"> 857 <col width="19%"> 858 <col width="18%"> 859 <col width="16%"> 860 <tr> 861 <th>CVE</th> 862 <th></th> 863 <th></th> 864 <th> Nexus </th> 865 <th> AOSP </th> 866 <th></th> 867 </tr> 868 <tr> 869 <td>CVE-2016-3753</td> 870 <td>A-27210135</td> 871 <td></td> 872 <td>*</td> 873 <td>4.4.4</td> 874 <td>2016 2 15 </td> 875 </tr> 876 </table> 877 <p>* Nexus </p> 878 879 <h3 id="information-disclosure-vulnerability-in-openssl"> 880 OpenSSL </h3> 881 <p>OpenSSL </p> 882 883 <table> 884 <col width="19%"> 885 <col width="16%"> 886 <col width="10%"> 887 <col width="19%"> 888 <col width="18%"> 889 <col width="16%"> 890 <tr> 891 <th>CVE</th> 892 <th></th> 893 <th></th> 894 <th> Nexus </th> 895 <th> AOSP </th> 896 <th></th> 897 </tr> 898 <tr> 899 <td>CVE-2016-2107</td> 900 <td>A-28550804</td> 901 <td></td> 902 <td>*</td> 903 <td>4.4.45.0.25.1.1</td> 904 <td>2016 4 13 </td> 905 </tr> 906 </table> 907 <p>* Nexus </p> 908 909 <h3 id="denial-of-service-vulnerability-in-mediaserver"> 910 </h3> 911 <p></p> 912 913 <table> 914 <col width="19%"> 915 <col width="19%"> 916 <col width="10%"> 917 <col width="16%"> 918 <col width="17%"> 919 <col width="17%"> 920 <tr> 921 <th>CVE</th> 922 <th></th> 923 <th></th> 924 <th> Nexus </th> 925 <th> AOSP </th> 926 <th></th> 927 </tr> 928 <tr> 929 <td>CVE-2016-3754</td> 930 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> 931 A-28615448</a> 932 [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] 933 </td> 934 <td></td> 935 <td><a href="#all_nexus"> Nexus </a></td> 936 <td>4.4.45.0.25.1.16.06.0.1</td> 937 <td>2016 5 5 </td> 938 </tr> 939 <tr> 940 <td>CVE-2016-3755</td> 941 <td><a href="https://android.googlesource.com/platform/external/libavc/+/d4841f1161bdb5e13cb19e81af42437a634dd6ef"> 942 A-28470138</a> 943 </td> 944 <td></td> 945 <td><a href="#all_nexus"> Nexus </a></td> 946 <td>6.06.0.1</td> 947 <td>2016 4 29 </td> 948 </tr> 949 <tr> 950 <td>CVE-2016-3756</td> 951 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/659030a2e80c38fb8da0a4eb68695349eec6778b"> 952 A-28556125</a> 953 </td> 954 <td></td> 955 <td><a href="#all_nexus"> Nexus </a></td> 956 <td>4.4.45.0.25.1.16.06.0.1</td> 957 <td>Google </td> 958 </tr> 959 </table> 960 961 <h3 id="denial-of-service-vulnerability-in-libc"> 962 libc </h3> 963 <p>libc </p> 964 965 <table> 966 <col width="19%"> 967 <col width="16%"> 968 <col width="10%"> 969 <col width="19%"> 970 <col width="17%"> 971 <col width="17%"> 972 <tr> 973 <th>CVE</th> 974 <th></th> 975 <th></th> 976 <th> Nexus </th> 977 <th> AOSP </th> 978 <th></th> 979 </tr> 980 <tr> 981 <td>CVE-2016-3818</td> 982 <td>A-28740702</td> 983 <td></td> 984 <td>*</td> 985 <td>4.4.4</td> 986 <td>Google </td> 987 </tr> 988 </table> 989 <p>* Nexus </p> 990 991 <h3 id="elevation-of-privilege-vulnerability-in-lsof"> 992 lsof </h3> 993 <p>lsof </p> 994 995 <table> 996 <col width="19%"> 997 <col width="16%"> 998 <col width="10%"> 999 <col width="19%"> 1000 <col width="18%"> 1001 <col width="16%"> 1002 <tr> 1003 <th>CVE</th> 1004 <th></th> 1005 <th></th> 1006 <th> Nexus </th> 1007 <th> AOSP </th> 1008 <th></th> 1009 </tr> 1010 <tr> 1011 <td>CVE-2016-3757</td> 1012 <td><a href="https://android.googlesource.com/platform/system/core/+/ae18eb014609948a40e22192b87b10efc680daa7"> 1013 A-28175237</a> 1014 </td> 1015 <td></td> 1016 <td><a href="#all_nexus"> Nexus </a></td> 1017 <td>4.4.45.0.25.1.16.06.0.1</td> 1018 <td>2016 4 11 </td> 1019 </tr> 1020 </table> 1021 1022 <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader"> 1023 DexClassLoader </h3> 1024 <p>DexClassLoader </p> 1025 1026 <table> 1027 <col width="19%"> 1028 <col width="16%"> 1029 <col width="10%"> 1030 <col width="19%"> 1031 <col width="17%"> 1032 <col width="17%"> 1033 <tr> 1034 <th>CVE</th> 1035 <th></th> 1036 <th></th> 1037 <th> Nexus </th> 1038 <th> AOSP </th> 1039 <th></th> 1040 </tr> 1041 <tr> 1042 <td>CVE-2016-3758</td> 1043 <td><a href="https://android.googlesource.com/platform/dalvik/+/338aeaf28e9981c15d0673b18487dba61eb5447c"> 1044 A-27840771</a> 1045 </td> 1046 <td></td> 1047 <td><a href="#all_nexus"> Nexus </a></td> 1048 <td>4.4.45.0.25.1.16.06.0.1</td> 1049 <td>Google </td> 1050 </tr> 1051 </table> 1052 1053 <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2"> 1054 Framework API </h3> 1055 <p>Framework API </p> 1056 1057 <table> 1058 <col width="19%"> 1059 <col width="16%"> 1060 <col width="10%"> 1061 <col width="19%"> 1062 <col width="17%"> 1063 <col width="17%"> 1064 <tr> 1065 <th>CVE</th> 1066 <th></th> 1067 <th></th> 1068 <th> Nexus </th> 1069 <th> AOSP </th> 1070 <th></th> 1071 </tr> 1072 <tr> 1073 <td>CVE-2016-3759</td> 1074 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/9b8c6d2df35455ce9e67907edded1e4a2ecb9e28"> 1075 A-28406080</a> 1076 </td> 1077 <td></td> 1078 <td><a href="#all_nexus"> Nexus </a></td> 1079 <td>5.0.25.1.16.06.0.1</td> 1080 <td>Google </td> 1081 </tr> 1082 </table> 1083 1084 <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"> 1085 </h3> 1086 <p></p> 1087 1088 <table> 1089 <col width="19%"> 1090 <col width="16%"> 1091 <col width="10%"> 1092 <col width="19%"> 1093 <col width="18%"> 1094 <col width="16%"> 1095 <tr> 1096 <th>CVE</th> 1097 <th></th> 1098 <th></th> 1099 <th> Nexus </th> 1100 <th> AOSP </th> 1101 <th></th> 1102 </tr> 1103 <tr> 1104 <td>CVE-2016-3760</td> 1105 <td><a href="https://android.googlesource.com/platform/hardware/libhardware/+/8b3d5a64c3c8d010ad4517f652731f09107ae9c5">A-27410683</a> 1106 [<a href="https://android.googlesource.com/platform/system/bt/+/37c88107679d36c419572732b4af6e18bb2f7dce">2</a>] 1107 [<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>] 1108 </td> 1109 <td></td> 1110 <td><a href="#all_nexus"> Nexus </a></td> 1111 <td>5.0.25.1.16.06.0.1</td> 1112 <td>2016 2 29 </td> 1113 </tr> 1114 </table> 1115 1116 <h3 id="elevation-of-privilege-vulnerability-in-nfc"> 1117 NFC </h3> 1118 <p>NFC </p> 1119 1120 <table> 1121 <col width="19%"> 1122 <col width="16%"> 1123 <col width="10%"> 1124 <col width="19%"> 1125 <col width="18%"> 1126 <col width="16%"> 1127 <tr> 1128 <th>CVE</th> 1129 <th></th> 1130 <th></th> 1131 <th> Nexus </th> 1132 <th> AOSP </th> 1133 <th></th> 1134 </tr> 1135 <tr> 1136 <td>CVE-2016-3761</td> 1137 <td><a href="https://android.googlesource.com/platform/packages/apps/Nfc/+/9ea802b5456a36f1115549b645b65c791eff3c2c"> 1138 A-28300969</a> 1139 </td> 1140 <td></td> 1141 <td><a href="#all_nexus"> Nexus </a></td> 1142 <td>4.4.45.0.25.1.16.06.0.1</td> 1143 <td>2016 4 20 </td> 1144 </tr> 1145 </table> 1146 1147 <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"> 1148 </h3> 1149 <p></p> 1150 1151 <table> 1152 <col width="19%"> 1153 <col width="16%"> 1154 <col width="10%"> 1155 <col width="19%"> 1156 <col width="18%"> 1157 <col width="16%"> 1158 <tr> 1159 <th>CVE</th> 1160 <th></th> 1161 <th></th> 1162 <th> Nexus </th> 1163 <th> AOSP </th> 1164 <th></th> 1165 </tr> 1166 <tr> 1167 <td>CVE-2016-3762</td> 1168 <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/abf0663ed884af7bc880a05e9529e6671eb58f39"> 1169 A-28612709</a> 1170 </td> 1171 <td></td> 1172 <td><a href="#all_nexus"> Nexus </a></td> 1173 <td>5.0.25.1.16.06.0.1</td> 1174 <td>2016 4 21 </td> 1175 </tr> 1176 </table> 1177 1178 <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> 1179 Proxy </h3> 1180 <p>Proxy </p> 1181 1182 <table> 1183 <col width="19%"> 1184 <col width="16%"> 1185 <col width="10%"> 1186 <col width="19%"> 1187 <col width="18%"> 1188 <col width="16%"> 1189 <tr> 1190 <th>CVE</th> 1191 <th></th> 1192 <th></th> 1193 <th> Nexus </th> 1194 <th> AOSP </th> 1195 <th></th> 1196 </tr> 1197 <tr> 1198 <td>CVE-2016-3763</td> 1199 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/ec2fc50d202d975447211012997fe425496c849c"> 1200 A-27593919</a> 1201 </td> 1202 <td></td> 1203 <td><a href="#all_nexus"> Nexus </a></td> 1204 <td>4.4.45.0.25.1.16.06.0.1</td> 1205 <td>2016 3 10 </td> 1206 </tr> 1207 </table> 1208 1209 <h3 id="information-disclosure-vulnerability-in-mediaserver-2"> 1210 </h3> 1211 <p></p> 1212 1213 <table> 1214 <col width="19%"> 1215 <col width="16%"> 1216 <col width="10%"> 1217 <col width="19%"> 1218 <col width="18%"> 1219 <col width="16%"> 1220 <tr> 1221 <th>CVE</th> 1222 <th></th> 1223 <th></th> 1224 <th> Nexus </th> 1225 <th> AOSP </th> 1226 <th></th> 1227 </tr> 1228 <tr> 1229 <td>CVE-2016-3764</td> 1230 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/daef4327fe0c75b0a90bb8627458feec7a301e1f"> 1231 A-28377502</a> 1232 </td> 1233 <td></td> 1234 <td><a href="#all_nexus"> Nexus </a></td> 1235 <td>4.4.45.0.25.1.16.06.0.1</td> 1236 <td>2016 4 25 </td> 1237 </tr> 1238 <tr> 1239 <td>CVE-2016-3765</td> 1240 <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/d1c775d1d8d2ed117d1e026719b7f9f089716597"> 1241 A-28168413</a> 1242 </td> 1243 <td></td> 1244 <td><a href="#all_nexus"> Nexus </a></td> 1245 <td>6.06.0.1</td> 1246 <td>2016 4 8 </td> 1247 </tr> 1248 </table> 1249 1250 <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> 1251 </h3> 1252 <p></p> 1253 1254 <table> 1255 <col width="19%"> 1256 <col width="16%"> 1257 <col width="10%"> 1258 <col width="19%"> 1259 <col width="18%"> 1260 <col width="16%"> 1261 <tr> 1262 <th>CVE</th> 1263 <th></th> 1264 <th></th> 1265 <th> Nexus </th> 1266 <th> AOSP </th> 1267 <th></th> 1268 </tr> 1269 <tr> 1270 <td>CVE-2016-3766</td> 1271 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> 1272 A-28471206</a> 1273 [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] 1274 </td> 1275 <td></td> 1276 <td><a href="#all_nexus"> Nexus </a></td> 1277 <td>4.4.45.0.25.1.16.06.0.1</td> 1278 <td>2016 4 29 </td> 1279 </tr> 1280 </table> 1281 1282 <h2 id="2016-07-05_details">2016-07-05 </h2> 1283 <p> <a href="2016-07-05_summary">2016-07-05 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 1284 1285 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> 1286 Qualcomm GPU </h3> 1287 <p>Qualcomm GPU (Re-flash) </p> 1288 1289 <table> 1290 <col width="19%"> 1291 <col width="16%"> 1292 <col width="10%"> 1293 <col width="27%"> 1294 <col width="16%"> 1295 <tr> 1296 <th>CVE</th> 1297 <th></th> 1298 <th></th> 1299 <th> Nexus </th> 1300 <th></th> 1301 </tr> 1302 <tr> 1303 <td>CVE-2016-2503</td> 1304 <td>A-28084795* 1305 QC-CR1006067</td> 1306 <td></td> 1307 <td>Nexus 5XNexus 6P</td> 1308 <td>2016 4 5 </td> 1309 </tr> 1310 <tr> 1311 <td>CVE-2016-2067</td> 1312 <td>A-28305757 1313 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/?id=410cfa95f0a1cf58819cbfbd896f9aa45b004ac0"> 1314 QC-CR988993</a></td> 1315 <td></td> 1316 <td>Nexus 5XNexus 6Nexus 6P</td> 1317 <td>2016 4 20 </td> 1318 </tr> 1319 </table> 1320 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1321 1322 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> 1323 MediaTek Wi-Fi </h3> 1324 <p>MediaTek Wi-Fi (Re-flash) </p> 1325 1326 <table> 1327 <col width="19%"> 1328 <col width="20%"> 1329 <col width="10%"> 1330 <col width="23%"> 1331 <col width="16%"> 1332 <tr> 1333 <th>CVE</th> 1334 <th></th> 1335 <th></th> 1336 <th> Nexus </th> 1337 <th></th> 1338 </tr> 1339 <tr> 1340 <td>CVE-2016-3767</td> 1341 <td>A-28169363* 1342 <br>M-ALPS02689526</td> 1343 <td></td> 1344 <td>Android One</td> 1345 <td>2016 4 6 </td> 1346 </tr> 1347 </table> 1348 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1349 1350 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> 1351 Qualcomm </h3> 1352 <p>Qualcomm (Re-flash) </p> 1353 1354 <table> 1355 <col width="19%"> 1356 <col width="16%"> 1357 <col width="10%"> 1358 <col width="27%"> 1359 <col width="16%"> 1360 <tr> 1361 <th>CVE</th> 1362 <th></th> 1363 <th></th> 1364 <th> Nexus </th> 1365 <th></th> 1366 </tr> 1367 <tr> 1368 <td>CVE-2016-3768</td> 1369 <td>A-28172137* 1370 QC-CR1010644</td> 1371 <td></td> 1372 <td>Nexus 5Nexus 6Nexus 5XNexus 6PNexus 7 (2013)</td> 1373 <td>2016 4 9 </td> 1374 </tr> 1375 </table> 1376 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1377 1378 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> 1379 NVIDIA </h3> 1380 <p>NVIDIA (Re-flash) </p> 1381 1382 <table> 1383 <col width="19%"> 1384 <col width="20%"> 1385 <col width="10%"> 1386 <col width="23%"> 1387 <col width="16%"> 1388 <tr> 1389 <th>CVE</th> 1390 <th></th> 1391 <th></th> 1392 <th> Nexus </th> 1393 <th></th> 1394 </tr> 1395 <tr> 1396 <td>CVE-2016-3769</td> 1397 <td>A-28376656*<br> 1398 N-CVE20163769</td> 1399 <td></td> 1400 <td>Nexus 9</td> 1401 <td>2016 4 18 </td> 1402 </tr> 1403 </table> 1404 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1405 1406 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific">MediaTek ()</h3> 1407 <p> MediaTek (Re-flash) </p> 1408 1409 <table> 1410 <col width="19%"> 1411 <col width="20%"> 1412 <col width="10%"> 1413 <col width="23%"> 1414 <col width="16%"> 1415 <tr> 1416 <th>CVE</th> 1417 <th></th> 1418 <th></th> 1419 <th> Nexus </th> 1420 <th></th> 1421 </tr> 1422 <tr> 1423 <td>CVE-2016-3770</td> 1424 <td>A-28346752*<br> 1425 M-ALPS02703102</td> 1426 <td></td> 1427 <td>Android One</td> 1428 <td>2016 4 22 </td> 1429 </tr> 1430 <tr> 1431 <td>CVE-2016-3771</td> 1432 <td>A-29007611*<br> 1433 M-ALPS02703102</td> 1434 <td></td> 1435 <td>Android One</td> 1436 <td>2016 4 22 </td> 1437 </tr> 1438 <tr> 1439 <td>CVE-2016-3772</td> 1440 <td>A-29008188*<br> 1441 M-ALPS02703102</td> 1442 <td></td> 1443 <td>Android One</td> 1444 <td>2016 4 22 </td> 1445 </tr> 1446 <tr> 1447 <td>CVE-2016-3773</td> 1448 <td>A-29008363*<br> 1449 M-ALPS02703102</td> 1450 <td></td> 1451 <td>Android One</td> 1452 <td>2016 4 22 </td> 1453 </tr> 1454 <tr> 1455 <td>CVE-2016-3774</td> 1456 <td>A-29008609*<br> 1457 M-ALPS02703102</td> 1458 <td></td> 1459 <td>Android One</td> 1460 <td>2016 4 22 </td> 1461 </tr> 1462 </table> 1463 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1464 1465 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> 1466 </h3> 1467 <p> (Re-flash) </p> 1468 1469 <table> 1470 <col width="19%"> 1471 <col width="16%"> 1472 <col width="10%"> 1473 <col width="27%"> 1474 <col width="16%"> 1475 <tr> 1476 <th>CVE</th> 1477 <th></th> 1478 <th></th> 1479 <th> Nexus </th> 1480 <th></th> 1481 </tr> 1482 <tr> 1483 <td>CVE-2016-3775</td> 1484 <td>A-28588279*</td> 1485 <td></td> 1486 <td>Nexus 5XNexus 6Nexus 6P Nexus PlayerPixel C</td> 1487 <td>2015 5 4 </td> 1488 </tr> 1489 </table> 1490 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1491 1492 <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> 1493 USB </h3> 1494 <p>USB (Re-flash) </p> 1495 1496 <table> 1497 <col width="19%"> 1498 <col width="16%"> 1499 <col width="10%"> 1500 <col width="27%"> 1501 <col width="16%"> 1502 <tr> 1503 <th>CVE</th> 1504 <th></th> 1505 <th></th> 1506 <th> Nexus </th> 1507 <th></th> 1508 </tr> 1509 <tr> 1510 <td>CVE-2015-8816</td> 1511 <td>A-28712303*</td> 1512 <td></td> 1513 <td>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Nexus PlayerPixel C</td> 1514 <td>2016 5 4 </td> 1515 </tr> 1516 </table> 1517 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1518 1519 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> 1520 Qualcomm </h3> 1521 <p> Qualcomm </p> 1522 <p> (Re-flash) </p> 1523 1524 <table> 1525 <col width="19%"> 1526 <col width="20%"> 1527 <col width="10%"> 1528 <col width="23%"> 1529 <col width="16%"> 1530 <tr> 1531 <th>CVE</th> 1532 <th></th> 1533 <th>*</th> 1534 <th> Nexus </th> 1535 <th></th> 1536 </tr> 1537 <tr> 1538 <td>CVE-2014-9795</td> 1539 <td>A-28820720<br> 1540 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> 1541 [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] 1542 </td> 1543 <td></td> 1544 <td>Nexus 5</td> 1545 <td>2014 8 8 </td> 1546 </tr> 1547 <tr> 1548 <td>CVE-2014-9794</td> 1549 <td>A-28821172<br> 1550 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> 1551 </td> 1552 <td></td> 1553 <td>Nexus 7 (2013)</td> 1554 <td>2014 8 8 </td> 1555 </tr> 1556 <tr> 1557 <td>CVE-2015-8892</td> 1558 <td>A-28822807<br> 1559 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> 1560 </td> 1561 <td></td> 1562 <td>Nexus 5XNexus 6P</td> 1563 <td>2015 12 30 </td> 1564 </tr> 1565 <tr> 1566 <td>CVE-2014-9781</td> 1567 <td>A-28410333<br> 1568 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> 1569 </td> 1570 <td></td> 1571 <td>Nexus 7 (2013)</td> 1572 <td>2014 2 6 </td> 1573 </tr> 1574 <tr> 1575 <td>CVE-2014-9786</td> 1576 <td>A-28557260<br> 1577 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> 1578 <td></td> 1579 <td>Nexus 5Nexus 7 (2013)</td> 1580 <td>2014 3 13 </td> 1581 </tr> 1582 <tr> 1583 <td>CVE-2014-9788</td> 1584 <td>A-28573112<br> 1585 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> 1586 <td></td> 1587 <td>Nexus 5</td> 1588 <td>2014 3 13 </td> 1589 </tr> 1590 <tr> 1591 <td>CVE-2014-9779</td> 1592 <td>A-28598347<br> 1593 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> 1594 <td></td> 1595 <td>Nexus 5</td> 1596 <td>2014 3 13 </td> 1597 </tr> 1598 <tr> 1599 <td>CVE-2014-9780</td> 1600 <td>A-28602014<br> 1601 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> 1602 <td></td> 1603 <td>Nexus 5Nexus 5XNexus 6P</td> 1604 <td>2014 3 13 </td> 1605 </tr> 1606 <tr> 1607 <td>CVE-2014-9789</td> 1608 <td>A-28749392<br> 1609 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> 1610 <td></td> 1611 <td>Nexus 5</td> 1612 <td>2014 3 13 </td> 1613 </tr> 1614 <tr> 1615 <td>CVE-2014-9793</td> 1616 <td>A-28821253<br> 1617 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> 1618 <td></td> 1619 <td>Nexus 7 (2013)</td> 1620 <td>2014 3 13 </td> 1621 </tr> 1622 <tr> 1623 <td>CVE-2014-9782</td> 1624 <td>A-28431531<br> 1625 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> 1626 <td></td> 1627 <td>Nexus 5Nexus 7 (2013)</td> 1628 <td>2014 3 31 </td> 1629 </tr> 1630 <tr> 1631 <td>CVE-2014-9783</td> 1632 <td>A-28441831<br> 1633 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> 1634 [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> 1635 <td></td> 1636 <td>Nexus 7 (2013)</td> 1637 <td>2014 3 31 </td> 1638 </tr> 1639 <tr> 1640 <td>CVE-2014-9785</td> 1641 <td>A-28469042<br> 1642 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> 1643 <td></td> 1644 <td>Nexus 7 (2013)</td> 1645 <td>2014 3 31 </td> 1646 </tr> 1647 <tr> 1648 <td>CVE-2014-9787</td> 1649 <td>A-28571496<br> 1650 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> 1651 <td></td> 1652 <td>Nexus 7 (2013)</td> 1653 <td>2014 3 31 </td> 1654 </tr> 1655 <tr> 1656 <td>CVE-2014-9784</td> 1657 <td>A-28442449<br> 1658 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> 1659 <td></td> 1660 <td>Nexus 5Nexus 7 (2013)</td> 1661 <td>2014 4 30 </td> 1662 </tr> 1663 <tr> 1664 <td>CVE-2014-9777</td> 1665 <td>A-28598501<br> 1666 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> 1667 <td></td> 1668 <td>Nexus 5Nexus 7 (2013)</td> 1669 <td>2014 4 30 </td> 1670 </tr> 1671 <tr> 1672 <td>CVE-2014-9778</td> 1673 <td>A-28598515<br> 1674 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> 1675 <td></td> 1676 <td>Nexus 5Nexus 7 (2013)</td> 1677 <td>2014 4 30 </td> 1678 </tr> 1679 <tr> 1680 <td>CVE-2014-9790</td> 1681 <td>A-28769136<br> 1682 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> 1683 [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> 1684 <td></td> 1685 <td>Nexus 5Nexus 7 (2013)</td> 1686 <td>2014 4 30 </td> 1687 </tr> 1688 <tr> 1689 <td>CVE-2014-9792</td> 1690 <td>A-28769399<br> 1691 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> 1692 <td></td> 1693 <td>Nexus 5</td> 1694 <td>2014 4 30 </td> 1695 </tr> 1696 <tr> 1697 <td>CVE-2014-9797</td> 1698 <td>A-28821090<br> 1699 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> 1700 <td></td> 1701 <td>Nexus 5</td> 1702 <td>2014 7 3 </td> 1703 </tr> 1704 <tr> 1705 <td>CVE-2014-9791</td> 1706 <td>A-28803396<br> 1707 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> 1708 <td></td> 1709 <td>Nexus 7 (2013)</td> 1710 <td>2014 8 29 </td> 1711 </tr> 1712 <tr> 1713 <td>CVE-2014-9796</td> 1714 <td>A-28820722<br> 1715 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> 1716 <td></td> 1717 <td>Nexus 5Nexus 7 (2013)</td> 1718 <td>2014 9 30 </td> 1719 </tr> 1720 <tr> 1721 <td>CVE-2014-9800</td> 1722 <td>A-28822150<br> 1723 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> 1724 <td></td> 1725 <td>Nexus 5Nexus 7 (2013)</td> 1726 <td>2014 10 31 </td> 1727 </tr> 1728 <tr> 1729 <td>CVE-2014-9799</td> 1730 <td>A-28821731<br> 1731 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> 1732 <td></td> 1733 <td>Nexus 5Nexus 7 (2013)</td> 1734 <td>2014 10 31 </td> 1735 </tr> 1736 <tr> 1737 <td>CVE-2014-9801</td> 1738 <td>A-28822060<br> 1739 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> 1740 <td></td> 1741 <td>Nexus 5</td> 1742 <td>2014 11 28 </td> 1743 </tr> 1744 <tr> 1745 <td>CVE-2014-9802</td> 1746 <td>A-28821965<br> 1747 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> 1748 <td></td> 1749 <td>Nexus 5Nexus 7 (2013)</td> 1750 <td>2014 12 31 </td> 1751 </tr> 1752 <tr> 1753 <td>CVE-2015-8891</td> 1754 <td>A-28842418<br> 1755 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> 1756 <td></td> 1757 <td>Nexus 5Nexus 7 (2013)</td> 1758 <td>2015 5 29 </td> 1759 </tr> 1760 <tr> 1761 <td>CVE-2015-8888</td> 1762 <td>A-28822465<br> 1763 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> 1764 <td></td> 1765 <td>Nexus 5</td> 1766 <td>2015 6 30 </td> 1767 </tr> 1768 <tr> 1769 <td>CVE-2015-8889</td> 1770 <td>A-28822677<br> 1771 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> 1772 <td></td> 1773 <td>Nexus 6P</td> 1774 <td>2015 6 30 </td> 1775 </tr> 1776 <tr> 1777 <td>CVE-2015-8890</td> 1778 <td>A-28822878<br> 1779 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> 1780 <td></td> 1781 <td>Nexus 5Nexus 7 (2013)</td> 1782 <td>2015 8 19 </td> 1783 </tr> 1784 </table> 1785 <p>* Qualcomm </p> 1786 1787 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> 1788 Qualcomm USB </h3> 1789 <p>Qualcomm USB </p> 1790 1791 <table> 1792 <col width="19%"> 1793 <col width="16%"> 1794 <col width="10%"> 1795 <col width="27%"> 1796 <col width="16%"> 1797 <tr> 1798 <th>CVE</th> 1799 <th></th> 1800 <th></th> 1801 <th> Nexus </th> 1802 <th></th> 1803 </tr> 1804 <tr> 1805 <td>CVE-2016-2502</td> 1806 <td>A-27657963 1807 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=0bc45d7712eabe315ce8299a49d16433c3801156">QC-CR997044</a></td> 1808 <td></td> 1809 <td>Nexus 5XNexus 6P</td> 1810 <td>2016 3 11 </td> 1811 </tr> 1812 </table> 1813 1814 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> 1815 Qualcomm Wi-Fi </h3> 1816 <p>Qualcomm Wi-Fi </p> 1817 1818 <table> 1819 <col width="19%"> 1820 <col width="16%"> 1821 <col width="10%"> 1822 <col width="27%"> 1823 <col width="16%"> 1824 <tr> 1825 <th>CVE</th> 1826 <th></th> 1827 <th></th> 1828 <th> Nexus </th> 1829 <th></th> 1830 </tr> 1831 <tr> 1832 <td>CVE-2016-3792</td> 1833 <td>A-27725204 1834 <a href="https://us.codeaurora.org/cgit/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=28d4f0c1f712bffb4aa5b47f06e97d5a9fa06d29">QC-CR561022</a></td> 1835 <td></td> 1836 <td>Nexus 7 (2013)</td> 1837 <td>2016 3 17 </td> 1838 </tr> 1839 </table> 1840 1841 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> 1842 Qualcomm </h3> 1843 <p>Qualcomm </p> 1844 1845 <table> 1846 <col width="19%"> 1847 <col width="16%"> 1848 <col width="10%"> 1849 <col width="27%"> 1850 <col width="16%"> 1851 <tr> 1852 <th>CVE</th> 1853 <th></th> 1854 <th></th> 1855 <th> Nexus </th> 1856 <th></th> 1857 </tr> 1858 <tr> 1859 <td>CVE-2016-2501</td> 1860 <td>A-27890772* 1861 QC-CR1001092</td> 1862 <td></td> 1863 <td>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)</td> 1864 <td>2016 3 27 </td> 1865 </tr> 1866 </table> 1867 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1868 1869 <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> 1870 NVIDIA </h3> 1871 <p>NVIDIA </p> 1872 1873 <table> 1874 <col width="19%"> 1875 <col width="20%"> 1876 <col width="10%"> 1877 <col width="23%"> 1878 <col width="16%"> 1879 <tr> 1880 <th>CVE</th> 1881 <th></th> 1882 <th></th> 1883 <th> Nexus </th> 1884 <th></th> 1885 </tr> 1886 <tr> 1887 <td>CVE-2016-3793</td> 1888 <td>A-28026625*<br> 1889 N-CVE20163793</td> 1890 <td></td> 1891 <td>Nexus 9</td> 1892 <td>2016 4 5 </td> 1893 </tr> 1894 </table> 1895 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1896 1897 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> 1898 MediaTek </h3> 1899 <p>MediaTek </p> 1900 1901 <table> 1902 <col width="19%"> 1903 <col width="20%"> 1904 <col width="10%"> 1905 <col width="23%"> 1906 <col width="16%"> 1907 <tr> 1908 <th>CVE</th> 1909 <th></th> 1910 <th></th> 1911 <th> Nexus </th> 1912 <th></th> 1913 </tr> 1914 <tr> 1915 <td>CVE-2016-3795</td> 1916 <td>A-28085222*<br> 1917 M-ALPS02677244</td> 1918 <td></td> 1919 <td>Android One</td> 1920 <td>2016 4 7 </td> 1921 </tr> 1922 <tr> 1923 <td>CVE-2016-3796</td> 1924 <td>A-29008443*<br> 1925 M-ALPS02677244</td> 1926 <td></td> 1927 <td>Android One</td> 1928 <td>2016 4 7 </td> 1929 </tr> 1930 </table> 1931 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1932 1933 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> 1934 Qualcomm Wi-Fi </h3> 1935 <p>Qualcomm Wi-Fi </p> 1936 1937 <table> 1938 <col width="19%"> 1939 <col width="16%"> 1940 <col width="10%"> 1941 <col width="27%"> 1942 <col width="16%"> 1943 <tr> 1944 <th>CVE</th> 1945 <th></th> 1946 <th></th> 1947 <th> Nexus </th> 1948 <th></th> 1949 </tr> 1950 <tr> 1951 <td>CVE-2016-3797</td> 1952 <td>A-28085680* 1953 QC-CR1001450</td> 1954 <td></td> 1955 <td>Nexus 5X</td> 1956 <td>2016 4 7 </td> 1957 </tr> 1958 </table> 1959 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1960 1961 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> 1962 MediaTek </h3> 1963 <p>MediaTek </p> 1964 1965 <table> 1966 <col width="19%"> 1967 <col width="20%"> 1968 <col width="10%"> 1969 <col width="23%"> 1970 <col width="16%"> 1971 <tr> 1972 <th>CVE</th> 1973 <th></th> 1974 <th></th> 1975 <th> Nexus </th> 1976 <th></th> 1977 </tr> 1978 <tr> 1979 <td>CVE-2016-3798</td> 1980 <td>A-28174490*<br> 1981 M-ALPS02703105</td> 1982 <td></td> 1983 <td>Android One</td> 1984 <td>2016 4 11 </td> 1985 </tr> 1986 </table> 1987 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1988 1989 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> 1990 MediaTek </h3> 1991 <p>MediaTek </p> 1992 1993 <table> 1994 <col width="19%"> 1995 <col width="20%"> 1996 <col width="10%"> 1997 <col width="23%"> 1998 <col width="16%"> 1999 <tr> 2000 <th>CVE</th> 2001 <th></th> 2002 <th></th> 2003 <th> Nexus </th> 2004 <th></th> 2005 </tr> 2006 <tr> 2007 <td>CVE-2016-3799</td> 2008 <td>A-28175025*<br> 2009 M-ALPS02693738</td> 2010 <td></td> 2011 <td>Android One</td> 2012 <td>2016 4 11 </td> 2013 </tr> 2014 <tr> 2015 <td>CVE-2016-3800</td> 2016 <td>A-28175027*<br> 2017 M-ALPS02693739</td> 2018 <td></td> 2019 <td>Android One</td> 2020 <td>2016 4 11 </td> 2021 </tr> 2022 </table> 2023 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2024 2025 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> 2026 MediaTek GPS </h3> 2027 <p>MediaTek GPS </p> 2028 2029 <table> 2030 <col width="19%"> 2031 <col width="20%"> 2032 <col width="10%"> 2033 <col width="23%"> 2034 <col width="16%"> 2035 <tr> 2036 <th>CVE</th> 2037 <th></th> 2038 <th></th> 2039 <th> Nexus </th> 2040 <th></th> 2041 </tr> 2042 <tr> 2043 <td>CVE-2016-3801</td> 2044 <td>A-28174914*<br> 2045 M-ALPS02688853</td> 2046 <td></td> 2047 <td>Android One</td> 2048 <td>2016 4 11 </td> 2049 </tr> 2050 </table> 2051 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2052 2053 <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> 2054 </h3> 2055 <p></p> 2056 2057 <table> 2058 <col width="19%"> 2059 <col width="16%"> 2060 <col width="10%"> 2061 <col width="27%"> 2062 <col width="16%"> 2063 <tr> 2064 <th>CVE</th> 2065 <th></th> 2066 <th></th> 2067 <th> Nexus </th> 2068 <th></th> 2069 </tr> 2070 <tr> 2071 <td>CVE-2016-3802</td> 2072 <td>A-28271368*</td> 2073 <td></td> 2074 <td>Nexus 9</td> 2075 <td>2016 4 19 </td> 2076 </tr> 2077 <tr> 2078 <td>CVE-2016-3803</td> 2079 <td>A-28588434*</td> 2080 <td></td> 2081 <td>Nexus 5XNexus 6P</td> 2082 <td>2016 5 4 </td> 2083 </tr> 2084 </table> 2085 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2086 2087 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> 2088 MediaTek </h3> 2089 <p>MediaTek </p> 2090 2091 <table> 2092 <col width="19%"> 2093 <col width="20%"> 2094 <col width="10%"> 2095 <col width="23%"> 2096 <col width="16%"> 2097 <tr> 2098 <th>CVE</th> 2099 <th></th> 2100 <th></th> 2101 <th> Nexus </th> 2102 <th></th> 2103 </tr> 2104 <tr> 2105 <td>CVE-2016-3804</td> 2106 <td>A-28332766*<br> 2107 M-ALPS02694410</td> 2108 <td></td> 2109 <td>Android One</td> 2110 <td>2016 4 20 </td> 2111 </tr> 2112 <tr> 2113 <td>CVE-2016-3805</td> 2114 <td>A-28333002*<br> 2115 M-ALPS02694412</td> 2116 <td></td> 2117 <td>Android One</td> 2118 <td>2016 4 21 </td> 2119 </tr> 2120 </table> 2121 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2122 2123 <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> 2124 MediaTek </h3> 2125 <p>MediaTek </p> 2126 2127 <table> 2128 <col width="19%"> 2129 <col width="20%"> 2130 <col width="10%"> 2131 <col width="23%"> 2132 <col width="16%"> 2133 <tr> 2134 <th>CVE</th> 2135 <th></th> 2136 <th></th> 2137 <th> Nexus </th> 2138 <th></th> 2139 </tr> 2140 <tr> 2141 <td>CVE-2016-3806</td> 2142 <td>A-28402341*<br> 2143 M-ALPS02715341</td> 2144 <td></td> 2145 <td>Android One</td> 2146 <td>2016 4 26 </td> 2147 </tr> 2148 </table> 2149 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2150 2151 <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> 2152 </h3> 2153 <p></p> 2154 2155 <table> 2156 <col width="19%"> 2157 <col width="16%"> 2158 <col width="10%"> 2159 <col width="27%"> 2160 <col width="16%"> 2161 <tr> 2162 <th>CVE</th> 2163 <th></th> 2164 <th></th> 2165 <th> Nexus </th> 2166 <th></th> 2167 </tr> 2168 <tr> 2169 <td>CVE-2016-3807</td> 2170 <td>A-28402196*</td> 2171 <td></td> 2172 <td>Nexus 5XNexus 6P</td> 2173 <td>2016 4 26 </td> 2174 </tr> 2175 <tr> 2176 <td>CVE-2016-3808</td> 2177 <td>A-28430009*</td> 2178 <td></td> 2179 <td>Pixel C</td> 2180 <td>2016 4 26 </td> 2181 </tr> 2182 </table> 2183 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2184 2185 <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> 2186 Qualcomm </h3> 2187 <p>Qualcomm </p> 2188 2189 <table> 2190 <col width="19%"> 2191 <col width="16%"> 2192 <col width="10%"> 2193 <col width="27%"> 2194 <col width="16%"> 2195 <tr> 2196 <th>CVE</th> 2197 <th></th> 2198 <th></th> 2199 <th> Nexus </th> 2200 <th></th> 2201 </tr> 2202 <tr> 2203 <td>CVE-2016-2068</td> 2204 <td>A-28470967 2205 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> 2206 <td></td> 2207 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 2208 <td>2016 4 28 </td> 2209 </tr> 2210 </table> 2211 2212 <h3 id="elevation-of-privilege-vulnerability-in-kernel"> 2213 </h3> 2214 <p></p> 2215 2216 <table> 2217 <col width="19%"> 2218 <col width="20%"> 2219 <col width="10%"> 2220 <col width="23%"> 2221 <col width="16%"> 2222 <tr> 2223 <th>CVE</th> 2224 <th></th> 2225 <th></th> 2226 <th> Nexus </th> 2227 <th></th> 2228 </tr> 2229 <tr> 2230 <td>CVE-2014-9803</td> 2231 <td>A-28557020<br> 2232 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> 2233 </a></td> 2234 <td></td> 2235 <td>Nexus 5XNexus 6P</td> 2236 <td>Google </td> 2237 </tr> 2238 </table> 2239 2240 <h3 id="information-disclosure-vulnerability-in-networking-component"> 2241 </h3> 2242 <p></p> 2243 2244 <table> 2245 <col width="19%"> 2246 <col width="16%"> 2247 <col width="10%"> 2248 <col width="27%"> 2249 <col width="16%"> 2250 <tr> 2251 <th>CVE</th> 2252 <th></th> 2253 <th></th> 2254 <th> Nexus </th> 2255 <th></th> 2256 </tr> 2257 <tr> 2258 <td>CVE-2016-3809</td> 2259 <td>A-27532522*</td> 2260 <td></td> 2261 <td><a href="#all_nexus"> Nexus </a></td> 2262 <td>2016 3 5 </td> 2263 </tr> 2264 </table> 2265 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2266 2267 <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver"> 2268 MediaTek Wi-Fi </h3> 2269 <p>MediaTek Wi-Fi </p> 2270 2271 <table> 2272 <col width="19%"> 2273 <col width="20%"> 2274 <col width="10%"> 2275 <col width="23%"> 2276 <col width="16%"> 2277 <tr> 2278 <th>CVE</th> 2279 <th></th> 2280 <th></th> 2281 <th> Nexus </th> 2282 <th></th> 2283 </tr> 2284 <tr> 2285 <td>CVE-2016-3810</td> 2286 <td>A-28175522*<br> 2287 M-ALPS02694389</td> 2288 <td></td> 2289 <td>Android One</td> 2290 <td>2016 4 12 </td> 2291 </tr> 2292 </table> 2293 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2294 2295 <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> 2296 </h3> 2297 <p></p> 2298 2299 <table> 2300 <col width="19%"> 2301 <col width="16%"> 2302 <col width="10%"> 2303 <col width="27%"> 2304 <col width="16%"> 2305 <tr> 2306 <th>CVE</th> 2307 <th></th> 2308 <th></th> 2309 <th> Nexus </th> 2310 <th></th> 2311 </tr> 2312 <tr> 2313 <td>CVE-2016-3811</td> 2314 <td>A-28447556*</td> 2315 <td></td> 2316 <td>Nexus 9</td> 2317 <td>Google </td> 2318 </tr> 2319 </table> 2320 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2321 2322 <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> 2323 MediaTek </h3> 2324 <p>MediaTek </p> 2325 2326 <table> 2327 <col width="19%"> 2328 <col width="20%"> 2329 <col width="10%"> 2330 <col width="23%"> 2331 <col width="16%"> 2332 <tr> 2333 <th>CVE</th> 2334 <th></th> 2335 <th></th> 2336 <th> Nexus </th> 2337 <th></th> 2338 </tr> 2339 <tr> 2340 <td>CVE-2016-3812</td> 2341 <td>A-28174833*<br> 2342 M-ALPS02688832</td> 2343 <td></td> 2344 <td>Android One</td> 2345 <td>2016 4 11 </td> 2346 </tr> 2347 </table> 2348 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2349 2350 <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> 2351 Qualcomm USB </h3> 2352 <p>Qualcomm USB </p> 2353 2354 <table> 2355 <col width="19%"> 2356 <col width="16%"> 2357 <col width="10%"> 2358 <col width="27%"> 2359 <col width="16%"> 2360 <tr> 2361 <th>CVE</th> 2362 <th></th> 2363 <th></th> 2364 <th> Nexus </th> 2365 <th></th> 2366 </tr> 2367 <tr> 2368 <td>CVE-2016-3813</td> 2369 <td>A-28172322* 2370 QC-CR1010222</td> 2371 <td></td> 2372 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 2373 <td>2016 4 11 </td> 2374 </tr> 2375 </table> 2376 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2377 2378 <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> 2379 NVIDIA </h3> 2380 <p>NVIDIA </p> 2381 2382 <table> 2383 <col width="19%"> 2384 <col width="20%"> 2385 <col width="10%"> 2386 <col width="23%"> 2387 <col width="16%"> 2388 <tr> 2389 <th>CVE</th> 2390 <th></th> 2391 <th></th> 2392 <th> Nexus </th> 2393 <th></th> 2394 </tr> 2395 <tr> 2396 <td>CVE-2016-3814</td> 2397 <td>A-28193342*<br> 2398 N-CVE20163814</td> 2399 <td></td> 2400 <td>Nexus 9</td> 2401 <td>2016 4 14 </td> 2402 </tr> 2403 <tr> 2404 <td>CVE-2016-3815</td> 2405 <td>A-28522274*<br> 2406 N-CVE20163815</td> 2407 <td></td> 2408 <td>Nexus 9</td> 2409 <td>2016 5 1 </td> 2410 </tr> 2411 </table> 2412 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2413 2414 <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> 2415 MediaTek </h3> 2416 <p>MediaTek </p> 2417 2418 <table> 2419 <col width="19%"> 2420 <col width="16%"> 2421 <col width="10%"> 2422 <col width="27%"> 2423 <col width="16%"> 2424 <tr> 2425 <th>CVE</th> 2426 <th></th> 2427 <th></th> 2428 <th> Nexus </th> 2429 <th></th> 2430 </tr> 2431 <tr> 2432 <td>CVE-2016-3816</td> 2433 <td>A-28402240*</td> 2434 <td></td> 2435 <td>Android One</td> 2436 <td>2016 4 26 </td> 2437 </tr> 2438 </table> 2439 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2440 2441 <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> 2442 </h3> 2443 <p></p> 2444 2445 <table> 2446 <col width="19%"> 2447 <col width="20%"> 2448 <col width="10%"> 2449 <col width="23%"> 2450 <col width="16%"> 2451 <tr> 2452 <th>CVE</th> 2453 <th></th> 2454 <th></th> 2455 <th> Nexus </th> 2456 <th></th> 2457 </tr> 2458 <tr> 2459 <td>CVE-2016-0723</td> 2460 <td>A-28409131<br> 2461 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439"></a></td> 2462 <td></td> 2463 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Nexus PlayerPixel C</td> 2464 <td>2016 4 26 </td> 2465 </tr> 2466 </table> 2467 2468 <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> 2469 Qualcomm </h3> 2470 <p>Qualcomm (Re-flash) </p> 2471 2472 <table> 2473 <col width="19%"> 2474 <col width="16%"> 2475 <col width="10%"> 2476 <col width="27%"> 2477 <col width="16%"> 2478 <tr> 2479 <th>CVE</th> 2480 <th></th> 2481 <th></th> 2482 <th> Nexus </th> 2483 <th></th> 2484 </tr> 2485 <tr> 2486 <td>CVE-2014-9798</td> 2487 <td>A-28821448 2488 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=b05eed2491a098bf627ac485a5b43d2f4fae2484">QC-CR681965</a></td> 2489 <td></td> 2490 <td>Nexus 5</td> 2491 <td>2014 10 31 </td> 2492 </tr> 2493 <tr> 2494 <td>CVE-2015-8893</td> 2495 <td>A-28822690 2496 <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=800255e8bfcc31a02e89460460e3811f225e7a69">QC-CR822275</a></td> 2497 <td></td> 2498 <td>Nexus 5Nexus 7 (2013)</td> 2499 <td>2015 8 19 </td> 2500 </tr> 2501 </table> 2502 <h2 id="common-questions-and-answers"></h2> 2503 <p></p> 2504 2505 <p><strong>1. </strong></p> 2506 <p>2016 7 1 2016-7-01 2016 7 5 2016-07-05 <a href="https://support.google.com/nexus/answer/4457705"></a>[ro.build.version.security_patch]:[2016-07-01] [ro.build.version.security_patch]:[2016-07-05].</p> 2507 2508 <p><strong>2. </strong></p> 2509 <p> Android Android Android </p> 2510 <p> 2016 7 5 () </p> 2511 <p> 2016 7 1 2016 7 1 2016 7 5 </p> 2512 2513 <p id="all_nexus"><strong>3. Nexus </strong></p> 2514 <p> <a href="#2016-07-01_details">2016-07-01</a> <a href="#2016-07-05_details">2016-07-05</a> Nexus Nexus </p> 2515 <ul> 2516 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus Nexus <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a> 2517 Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus Player Pixel C</li> 2518 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus </li> 2519 <li><strong> Nexus </strong> Nexus Nexus <em></em></li> 2520 </ul> 2521 2522 <p><strong>4. </strong></p> 2523 <p><em></em></p> 2524 2525 <table> 2526 <tr> 2527 <th></th> 2528 <th></th> 2529 </tr> 2530 <tr> 2531 <td>A-</td> 2532 <td>Android ID</td> 2533 </tr> 2534 <tr> 2535 <td>QC-</td> 2536 <td>Qualcomm </td> 2537 </tr> 2538 <tr> 2539 <td>M-</td> 2540 <td>MediaTek </td> 2541 </tr> 2542 <tr> 2543 <td>N-</td> 2544 <td>NVIDIA </td> 2545 </tr> 2546 </table> 2547 2548 <h2 id="revisions"></h2> 2549 <ul> 2550 <li>2016 7 6 </li> 2551 <li>2016 7 7 2552 <ul> 2553 <li> AOSP 2554 <li> CVE-2016-3794 ( CVE-2016-3814 ) 2555 <li> CVE-2016-2501 CVE-2016-2502 2556 </li></li></li></ul> 2557 </li> 2558 <li>2016 7 11 CVE-2016-3750 </li> 2559 <li>2016 7 14 CVE-2016-2503 </li> 2560 </ul> 2561 2562 </body> 2563 </html> 2564
