1 <html devsite> 2 <head> 3 <title>Android 2016 10 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 <p><em>2016 10 3 | 2016 10 4 </em> 26 </p> 27 <p>Android Android Google OTA Nexus Nexus <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2016 10 5 <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a> Nexus 2016 10 5 OTA 28 </p> 29 <p> 30 2016 9 6 () Android (AOSP) AOSP 31 </p> 32 <p> 33 (Re-flash) 34 </p> 35 <p> <a href="/security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) Android <a href="#mitigations">Android Google </a> 36 </p> 37 <p> 38 </p> 39 <h2 id="announcements"></h2> 40 <ul> 41 <li> Android Android <a href="#common-questions-and-answers"></a> 42 <ul> 43 <li><strong>2016-10-01</strong> 2016-10-01 () </li> 44 <li><strong>2016-10-05</strong> 2016-10-01 2016-10-05 () </li> 45 </ul> 46 </li> 47 <li> Nexus 2016 10 5 OTA </li> 48 </ul> 49 <h2 id="security-vulnerability-summary"></h2> 50 <p> 51 ID (CVE) Nexus <a href="/security/overview/updates-resources.html#severity"></a> 52 </p> 53 <h3 id="2016-10-01-security-patch-level-vulnerability-summary">2016-10-01 54 </h3> 55 <p> 56 2016-10-01 57 </p> 58 <table> 59 <col width="55%"> 60 <col width="20%"> 61 <col width="13%"> 62 <col width="12%"> 63 <tr> 64 <th></th> 65 <th>CVE</th> 66 <th></th> 67 <th> Nexus </th> 68 </tr> 69 <tr> 70 <td>ServiceManager </td> 71 <td>CVE-2016-3900</td> 72 <td></td> 73 <td></td> 74 </tr> 75 <tr> 76 <td></td> 77 <td>CVE-2016-3908</td> 78 <td></td> 79 <td></td> 80 </tr> 81 <tr> 82 <td></td> 83 <td>CVE-2016-3909CVE-2016-3910CVE-2016-3913</td> 84 <td></td> 85 <td></td> 86 </tr> 87 <tr> 88 <td>Zygote </td> 89 <td>CVE-2016-3911</td> 90 <td></td> 91 <td></td> 92 </tr> 93 <tr> 94 <td>Framework API </td> 95 <td>CVE-2016-3912</td> 96 <td></td> 97 <td></td> 98 </tr> 99 <tr> 100 <td></td> 101 <td>CVE-2016-3914</td> 102 <td></td> 103 <td></td> 104 </tr> 105 <tr> 106 <td></td> 107 <td>CVE-2016-3915CVE-2016-3916</td> 108 <td></td> 109 <td></td> 110 </tr> 111 <tr> 112 <td></td> 113 <td>CVE-2016-3917</td> 114 <td></td> 115 <td></td> 116 </tr> 117 <tr> 118 <td>AOSP Mail </td> 119 <td>CVE-2016-3918</td> 120 <td></td> 121 <td></td> 122 </tr> 123 <tr> 124 <td>Wi-Fi </td> 125 <td>CVE-2016-3882</td> 126 <td></td> 127 <td></td> 128 </tr> 129 <tr> 130 <td>GPS </td> 131 <td>CVE-2016-5348</td> 132 <td></td> 133 <td></td> 134 </tr> 135 <tr> 136 <td></td> 137 <td>CVE-2016-3920</td> 138 <td></td> 139 <td></td> 140 </tr> 141 <tr> 142 <td>Framework </td> 143 <td>CVE-2016-3921</td> 144 <td></td> 145 <td></td> 146 </tr> 147 <tr> 148 <td></td> 149 <td>CVE-2016-3922</td> 150 <td></td> 151 <td></td> 152 </tr> 153 <tr> 154 <td></td> 155 <td>CVE-2016-3923</td> 156 <td></td> 157 <td></td> 158 </tr> 159 <tr> 160 <td></td> 161 <td>CVE-2016-3924</td> 162 <td></td> 163 <td></td> 164 </tr> 165 <tr> 166 <td>Wi-Fi </td> 167 <td>CVE-2016-3925</td> 168 <td></td> 169 <td></td> 170 </tr> 171 </table> 172 <h3 id="2016-10-05-security-patch-level-vulnerability-summary">2016-10-05 173 </h3> 174 <p> 175 2016-10-05 2016-10-01 176 </p> 177 <table> 178 <col width="55%"> 179 <col width="20%"> 180 <col width="13%"> 181 <col width="12%"> 182 <tr> 183 <th></th> 184 <th>CVE</th> 185 <th></th> 186 <th> Nexus </th> 187 </tr> 188 <tr> 189 <td> ASN.1 </td> 190 <td>CVE-2016-0758</td> 191 <td></td> 192 <td></td> 193 </tr> 194 <tr> 195 <td></td> 196 <td>CVE-2016-7117</td> 197 <td></td> 198 <td></td> 199 </tr> 200 <tr> 201 <td>MediaTek </td> 202 <td>CVE-2016-3928</td> 203 <td></td> 204 <td></td> 205 </tr> 206 <tr> 207 <td></td> 208 <td>CVE-2016-5340</td> 209 <td></td> 210 <td></td> 211 </tr> 212 <tr> 213 <td>Qualcomm </td> 214 <td>CVE-2016-3926CVE-2016-3927CVE-2016-3929</td> 215 <td></td> 216 <td></td> 217 </tr> 218 219 <tr> 220 <td>Qualcomm </td> 221 <td>CVE-2016-2059</td> 222 <td></td> 223 <td></td> 224 </tr> 225 <tr> 226 <td>NVIDIA MMC </td> 227 <td>CVE-2016-3930</td> 228 <td></td> 229 <td></td> 230 </tr> 231 <tr> 232 <td>Qualcomm </td> 233 <td>CVE-2016-3931</td> 234 <td></td> 235 <td></td> 236 </tr> 237 <tr> 238 <td></td> 239 <td>CVE-2016-3932CVE-2016-3933</td> 240 <td></td> 241 <td></td> 242 </tr> 243 <tr> 244 <td>Qualcomm </td> 245 <td>CVE-2016-3903CVE-2016-3934</td> 246 <td></td> 247 <td></td> 248 </tr> 249 <tr> 250 <td>Qualcomm </td> 251 <td>CVE-2015-8951</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td>Qualcomm </td> 257 <td>CVE-2016-3901CVE-2016-3935</td> 258 <td></td> 259 <td></td> 260 </tr> 261 <tr> 262 <td>MediaTek </td> 263 <td>CVE-2016-3936CVE-2016-3937</td> 264 <td></td> 265 <td></td> 266 </tr> 267 <tr> 268 <td>Qualcomm </td> 269 <td>CVE-2016-3938CVE-2016-3939</td> 270 <td></td> 271 <td></td> 272 </tr> 273 <tr> 274 <td>Synaptics </td> 275 <td>CVE-2016-3940CVE-2016-6672</td> 276 <td></td> 277 <td></td> 278 </tr> 279 <tr> 280 <td>NVIDIA </td> 281 <td>CVE-2016-6673</td> 282 <td></td> 283 <td></td> 284 </tr> 285 <tr> 286 <td>System_server </td> 287 <td>CVE-2016-6674</td> 288 <td></td> 289 <td></td> 290 </tr> 291 <tr> 292 <td>Qualcomm Wi-Fi </td> 293 <td>CVE-2016-3905CVE-2016-6675CVE-2016-6676CVE-2016-5342</td> 294 <td></td> 295 <td></td> 296 </tr> 297 <tr> 298 <td></td> 299 <td>CVE-2015-8955</td> 300 <td></td> 301 <td></td> 302 </tr> 303 <tr> 304 <td> ION </td> 305 <td>CVE-2015-8950</td> 306 <td></td> 307 <td></td> 308 </tr> 309 <tr> 310 <td>NVIDIA GPU </td> 311 <td>CVE-2016-6677</td> 312 <td></td> 313 <td></td> 314 </tr> 315 <tr> 316 <td>Qualcomm </td> 317 <td>CVE-2015-0572</td> 318 <td></td> 319 <td></td> 320 </tr> 321 <tr> 322 <td>Qualcomm </td> 323 <td>CVE-2016-3860</td> 324 <td></td> 325 <td></td> 326 </tr> 327 <tr> 328 <td>Motorola USBNet </td> 329 <td>CVE-2016-6678</td> 330 <td></td> 331 <td></td> 332 </tr> 333 <tr> 334 <td>Qualcomm </td> 335 <td>CVE-2016-6679CVE-2016-3902CVE-2016-6680CVE-2016-6681CVE-2016-6682</td> 336 <td></td> 337 <td></td> 338 </tr> 339 <tr> 340 <td></td> 341 <td>CVE-2016-6683CVE-2016-6684CVE-2015-8956CVE-2016-6685</td> 342 <td></td> 343 <td></td> 344 </tr> 345 <tr> 346 <td>NVIDIA </td> 347 <td>CVE-2016-6686CVE-2016-6687CVE-2016-6688</td> 348 <td></td> 349 <td></td> 350 </tr> 351 <tr> 352 <td></td> 353 <td>CVE-2016-6689</td> 354 <td></td> 355 <td></td> 356 </tr> 357 <tr> 358 <td></td> 359 <td>CVE-2016-5696</td> 360 <td></td> 361 <td></td> 362 </tr> 363 <tr> 364 <td></td> 365 <td>CVE-2016-6690</td> 366 <td></td> 367 <td></td> 368 </tr> 369 <tr> 370 <td>Qualcomm </td> 371 <td>CVE-2016-6691CVE-2016-6692CVE-2016-6693CVE-2016-6694CVE-2016-6695CVE-2016-6696CVE-2016-5344CVE-2016-5343</td> 372 <td></td> 373 <td></td> 374 </tr> 375 </table> 376 377 <h2 id="mitigations">Android Google </h2> 378 <p> 379 <a href="/security/enhancements/index.html">Android </a> SafetyNet Android 380 </p> 381 <ul> 382 <li>Android Android Android</li> 383 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 384 <li>Google Hangouts Messenger </li> 385 </ul> 386 <h2 id="acknowledgements"></h2> 387 <p> 388 </p> 389 <ul> 390 <li>Andre Teixeira RizzoCVE-2016-3882</li> 391 <li>Andrea BiondoCVE-2016-3921</li> 392 <li>Copperhead Security Daniel MicayCVE-2016-3922</li> 393 <li>Google <a href="https://github.com/google/syzkaller">Dmitry Vyukov</a>CVE-2016-7117</li> 394 <li>dosomderCVE-2016-3931</li> 395 <li> Ecular Xu ()CVE-2016-3920</li> 396 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-6690CVE-2016-3901CVE-2016-6672CVE-2016-3940CVE-2016-3935</li> 397 <li> <a href="mailto:hzhan033 (a] ucr.edu">Hang Zhang</a><a href="mailto:dshe002 (a] ucr.edu">Dongdong She</a> <a href="mailto:zhiyunq (a] cs.ucr.edu">Zhiyun Qian</a>CVE-2015-8950</li> 398 <li> 360 Alpha Hao ChenCVE-2016-3860</li> 399 <li>Google Project Zero Jann HornCVE-2016-3900CVE-2016-3885</li> 400 <li><a href="http://keybase.io/jasonrogena">Jason Rogena</a>CVE-2016-3917</li> 401 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-6688CVE-2016-6677CVE-2016-6673CVE-2016-6687CVE-2016-6686CVE-2016-6681CVE-2016-6682CVE-2016-3930</li> 402 <li>Joshua Drake (<a href="https://twitter.com/jduck">@jduck</a>)CVE-2016-3920</li> 403 <li>Google Maciej SzawowskiCVE-2016-3905</li> 404 <li>Google Project Zero Mark BrandCVE-2016-6689</li> 405 <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2016-3914CVE-2016-6674CVE-2016-3911CVE-2016-3912</li> 406 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3933CVE-2016-3932</li> 407 <li>Nightwatch Cybersecurity Research (<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>)CVE-2016-5348</li> 408 <li>IBM X-Force Roee HayCVE-2016-6678</li> 409 <li>Google Samuel TanCVE-2016-3925</li> 410 <li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2016-3936CVE-2016-3928CVE-2016-3902CVE-2016-3937CVE-2016-6696</li> 411 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-6685CVE-2016-6683CVE-2016-6680CVE-2016-6679CVE-2016-3903CVE-2016-6693CVE-2016-6694CVE-2016-6695</li> 412 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-3909</li> 413 <li> 360 Alpha Wenlin Yang Guang Gong () (<a href="https://twitter.com/oldfresher">@oldfresher</a>)CVE-2016-3918</li> 414 <li><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/author/wishwu/"></a> Wish Wu (<a href="http://weibo.com/wishlinux"></a>) (<a href="https://twitter.com/wish_wu">@wish_wu)</a>CVE-2016-3924CVE-2016-3915CVE-2016-3916CVE-2016-3910</li> 415 <li> SCC Eagleye Yong ShiCVE-2016-3938</li> 416 <li><a href="http://www.cmcm.com"></a> Zhanpeng Zhao () (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>)CVE-2016-3908</li> 417 </ul> 418 419 <h2 id="2016-10-01-security-patch-level-vulnerability-details">2016-10-01 420 </h2> 421 <p> 422 <a href="#2016-10-01-security-patch-level-vulnerability-summary">2016-10-01 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 423 <h3 id="eopv-in-servicemanager">ServiceManager </h3> 424 <p> 425 ServiceManager ( system_server) 426 </p> 427 <table> 428 <col width="18%"> 429 <col width="16%"> 430 <col width="10%"> 431 <col width="19%"> 432 <col width="19%"> 433 <col width="17%"> 434 <tr> 435 <th>CVE</th> 436 <th></th> 437 <th></th> 438 <th> Nexus </th> 439 <th> AOSP </th> 440 <th></th> 441 </tr> 442 <tr> 443 <td>CVE-2016-3900</td> 444 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/d3c6ce463ac91ecbeb2128beb475d31d3ca6ef42">A-29431260</a> 445 [<a href="https://android.googlesource.com/platform/frameworks/native/+/047eec456943dc082e33220d28abb7df4e089f69">2</a>] 446 </td> 447 <td></td> 448 <td> Nexus </td> 449 <td>5.0.25.1.16.06.0.17.0</td> 450 <td>2016 6 15 </td> 451 </tr> 452 </table> 453 <h3 id="eopv-in-lock-settings-service"></h3> 454 <p> 455 PIN 456 </p> 457 <table> 458 <col width="18%"> 459 <col width="16%"> 460 <col width="10%"> 461 <col width="19%"> 462 <col width="19%"> 463 <col width="17%"> 464 <tr> 465 <th>CVE</th> 466 <th></th> 467 <th></th> 468 <th> Nexus </th> 469 <th> AOSP </th> 470 <th></th> 471 </tr> 472 <tr> 473 <td>CVE-2016-3908</td> 474 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/96daf7d4893f614714761af2d53dfb93214a32e4">A-30003944</a> 475 </td> 476 <td></td> 477 <td> Nexus </td> 478 <td>6.06.0.17.0</td> 479 <td>2016 7 6 </td> 480 </tr> 481 </table> 482 <h3 id="eopv-in-mediaserver"></h3> 483 <p> 484 </p> 485 <table> 486 <col width="18%"> 487 <col width="16%"> 488 <col width="10%"> 489 <col width="19%"> 490 <col width="19%"> 491 <col width="17%"> 492 <tr> 493 <th>CVE</th> 494 <th></th> 495 <th></th> 496 <th> Nexus </th> 497 <th> AOSP </th> 498 <th></th> 499 </tr> 500 <tr> 501 <td>CVE-2016-3909</td> 502 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/d4271b792bdad85a80e2b83ab34c4b30b74f53ec">A-30033990</a> 503 [<a href="https://android.googlesource.com/platform/frameworks/av/+/c48ef757cc50906e8726a3bebc3b60716292cdba">2</a>] 504 </td> 505 <td></td> 506 <td> Nexus </td> 507 <td>4.4.45.0.25.1.16.06.0.17.0</td> 508 <td>2016 7 8 </td> 509 </tr> 510 <tr> 511 <td>CVE-2016-3910</td> 512 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/035cb12f392860113dce96116a5150e2fde6f0cc">A-30148546</a> 513 </td> 514 <td></td> 515 <td> Nexus </td> 516 <td>5.0.25.1.16.06.0.17.0</td> 517 <td>2016 7 13 </td> 518 </tr> 519 <tr> 520 <td>CVE-2016-3913</td> 521 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0c3b93c8c2027e74af642967eee5c142c8fd185d">A-30204103</a> 522 </td> 523 <td></td> 524 <td> Nexus </td> 525 <td>4.4.45.0.25.1.16.06.0.17.0</td> 526 <td>2016 7 18 </td> 527 </tr> 528 </table> 529 <h3 id="eopv-in-zygote-process">Zygote </h3> 530 <p> 531 Zygote 532 </p> 533 <table> 534 <col width="18%"> 535 <col width="16%"> 536 <col width="10%"> 537 <col width="19%"> 538 <col width="19%"> 539 <col width="17%"> 540 <tr> 541 <th>CVE</th> 542 <th></th> 543 <th></th> 544 <th> Nexus </th> 545 <th> AOSP </th> 546 <th></th> 547 </tr> 548 <tr> 549 <td>CVE-2016-3911</td> 550 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c7008421cb67f5d89f16911bdbe36f6c35311ad">A-30143607</a> 551 </td> 552 <td></td> 553 <td> Nexus </td> 554 <td>4.4.45.0.25.1.16.06.0.17.0</td> 555 <td>2016 7 16 </td> 556 </tr> 557 </table> 558 <h3 id="eopv-in-framework-apis">Framework API </h3> 559 <p> 560 Framework API 561 </p> 562 <table> 563 <col width="18%"> 564 <col width="16%"> 565 <col width="10%"> 566 <col width="19%"> 567 <col width="19%"> 568 <col width="17%"> 569 <tr> 570 <th>CVE</th> 571 <th></th> 572 <th></th> 573 <th> Nexus </th> 574 <th> AOSP </th> 575 <th></th> 576 </tr> 577 <tr> 578 <td>CVE-2016-3912</td> 579 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/6c049120c2d749f0c0289d822ec7d0aa692f55c5">A-30202481</a> 580 </td> 581 <td></td> 582 <td> Nexus </td> 583 <td>4.4.45.0.25.1.16.06.0.17.0</td> 584 <td>2016 7 17 </td> 585 </tr> 586 </table> 587 <h3 id="eopv-in-telephony"></h3> 588 <p> 589 590 </p> 591 <table> 592 <col width="18%"> 593 <col width="16%"> 594 <col width="10%"> 595 <col width="19%"> 596 <col width="19%"> 597 <col width="17%"> 598 <tr> 599 <th>CVE</th> 600 <th></th> 601 <th></th> 602 <th> Nexus </th> 603 <th> AOSP </th> 604 <th></th> 605 </tr> 606 <tr> 607 <td>CVE-2016-3914</td> 608 <td><a href="https://android.googlesource.com/platform/packages/providers/TelephonyProvider/+/3a3a5d145d380deef2d5b7c3150864cd04be397f">A-30481342</a> 609 </td> 610 <td></td> 611 <td> Nexus </td> 612 <td>4.4.45.0.25.1.16.06.0.17.0</td> 613 <td>2016 7 28 </td> 614 </tr> 615 </table> 616 <h3 id="eopv-in-camera-service"></h3> 617 <p> 618 619 </p> 620 <table> 621 <col width="18%"> 622 <col width="16%"> 623 <col width="10%"> 624 <col width="19%"> 625 <col width="19%"> 626 <col width="17%"> 627 <tr> 628 <th>CVE</th> 629 <th></th> 630 <th></th> 631 <th> Nexus </th> 632 <th> AOSP </th> 633 <th></th> 634 </tr> 635 <tr> 636 <td>CVE-2016-3915</td> 637 <td><a href="https://android.googlesource.com/platform/system/media/+/e9e44f797742f52996ebf307740dad58c28fd9b5">A-30591838</a> 638 </td> 639 <td></td> 640 <td> Nexus </td> 641 <td>4.4.45.0.25.1.16.06.0.17.0</td> 642 <td>2016 8 1 </td> 643 </tr> 644 <tr> 645 <td>CVE-2016-3916</td> 646 <td><a href="https://android.googlesource.com/platform/system/media/+/8e7a2b4d13bff03973dbad2bfb88a04296140433">A-30741779</a> 647 </td> 648 <td></td> 649 <td> Nexus </td> 650 <td>4.4.45.0.25.1.16.06.0.17.0</td> 651 <td>2016 8 2 </td> 652 </tr> 653 </table> 654 <h3 id="eopv-in-fingerprint-login"></h3> 655 <p> 656 657 </p> 658 <table> 659 <col width="18%"> 660 <col width="16%"> 661 <col width="10%"> 662 <col width="19%"> 663 <col width="19%"> 664 <col width="17%"> 665 <tr> 666 <th>CVE</th> 667 <th></th> 668 <th></th> 669 <th> Nexus </th> 670 <th> AOSP </th> 671 <th></th> 672 </tr> 673 <tr> 674 <td>CVE-2016-3917</td> 675 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/f5334952131afa835dd3f08601fb3bced7b781cd">A-30744668</a> 676 </td> 677 <td></td> 678 <td> Nexus </td> 679 <td>6.0.17.0</td> 680 <td>2016 8 5 </td> 681 </tr> 682 </table> 683 <h3 id="information-disclosure-vulnerability-in-aosp-mail">AOSP Mail </h3> 684 <p> 685 AOSP Mail 686 </p> 687 <table> 688 <col width="18%"> 689 <col width="16%"> 690 <col width="10%"> 691 <col width="19%"> 692 <col width="19%"> 693 <col width="17%"> 694 <tr> 695 <th>CVE</th> 696 <th></th> 697 <th></th> 698 <th> Nexus </th> 699 <th> AOSP </th> 700 <th></th> 701 </tr> 702 <tr> 703 <td>CVE-2016-3918</td> 704 <td><a href="https://android.googlesource.com/platform/packages/apps/Email/+/6b2b0bd7c771c698f11d7be89c2c57c8722c7454">A-30745403</a> 705 </td> 706 <td></td> 707 <td> Nexus </td> 708 <td>4.4.45.0.25.1.16.06.0.17.0</td> 709 <td>2016 8 5 </td> 710 </tr> 711 </table> 712 <h3 id="dosv-in-wi-fi">Wi-Fi </h3> 713 <p> 714 Wi-Fi 715 </p> 716 <table> 717 <col width="18%"> 718 <col width="16%"> 719 <col width="10%"> 720 <col width="19%"> 721 <col width="17%"> 722 <col width="19%"> 723 <tr> 724 <th>CVE</th> 725 <th></th> 726 <th></th> 727 <th> Nexus </th> 728 <th> AOSP </th> 729 <th></th> 730 </tr> 731 <tr> 732 <td>CVE-2016-3882</td> 733 <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/35a86eef3c0eef760f7e61c52a343327ba601630">A-29464811</a> 734 </td> 735 <td></td> 736 <td> Nexus </td> 737 <td>6.06.0.17.0</td> 738 <td>2016 6 17 </td> 739 </tr> 740 </table> 741 <h3 id="dosv-in-gps">GPS </h3> 742 <p> 743 GPS 744 </p> 745 <table> 746 <col width="18%"> 747 <col width="16%"> 748 <col width="10%"> 749 <col width="19%"> 750 <col width="19%"> 751 <col width="17%"> 752 <tr> 753 <th>CVE</th> 754 <th></th> 755 <th></th> 756 <th> Nexus </th> 757 <th> AOSP </th> 758 <th></th> 759 </tr> 760 <tr> 761 <td>CVE-2016-5348</td> 762 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/218b813d5bc2d7d3952ea1861c38b4aa944ac59b">A-29555864</a> 763 </td> 764 <td></td> 765 <td> Nexus </td> 766 <td>4.4.45.0.25.1.16.06.0.17.0</td> 767 <td>2016 6 20 </td> 768 </tr> 769 </table> 770 <h3 id="dosv-in-mediaserver"></h3> 771 <p> 772 773 </p> 774 <table> 775 <col width="18%"> 776 <col width="16%"> 777 <col width="10%"> 778 <col width="19%"> 779 <col width="19%"> 780 <col width="17%"> 781 <tr> 782 <th>CVE</th> 783 <th></th> 784 <th></th> 785 <th> Nexus </th> 786 <th> AOSP </th> 787 <th></th> 788 </tr> 789 <tr> 790 <td>CVE-2016-3920</td> 791 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6d0249be2275fd4086783f259f4e2c54722a7c55">A-30744884</a> 792 </td> 793 <td></td> 794 <td> Nexus </td> 795 <td>5.0.25.1.16.06.0.17.0</td> 796 <td>2016 8 5 </td> 797 </tr> 798 </table> 799 <h3 id="eopv-in-framework-listener">Framework </h3> 800 <p> 801 Framework 802 </p> 803 <table> 804 <col width="18%"> 805 <col width="16%"> 806 <col width="10%"> 807 <col width="18%"> 808 <col width="20%"> 809 <col width="17%"> 810 <tr> 811 <th>CVE</th> 812 <th></th> 813 <th></th> 814 <th> Nexus </th> 815 <th> AOSP </th> 816 <th></th> 817 </tr> 818 <tr> 819 <td>CVE-2016-3921</td> 820 <td><a href="https://android.googlesource.com/platform/system/core/+/771ab014c24a682b32990da08e87e2f0ab765bd2">A-29831647</a> 821 </td> 822 <td></td> 823 <td> Nexus </td> 824 <td>4.4.45.0.25.1.16.06.0.17.0</td> 825 <td>2016 6 25 </td> 826 </tr> 827 </table> 828 <h3 id="eopv-in-telephony-2"></h3> 829 <p> 830 831 </p> 832 <table> 833 <col width="18%"> 834 <col width="16%"> 835 <col width="10%"> 836 <col width="19%"> 837 <col width="19%"> 838 <col width="17%"> 839 <tr> 840 <th>CVE</th> 841 <th></th> 842 <th></th> 843 <th> Nexus </th> 844 <th> AOSP </th> 845 <th></th> 846 </tr> 847 <tr> 848 <td>CVE-2016-3922</td> 849 <td><a href="https://android.googlesource.com/platform/hardware/ril/+/95610818918f6f11fe7d23aca1380e6c0fac2af0">A-30202619</a> 850 </td> 851 <td></td> 852 <td> Nexus </td> 853 <td>6.06.0.17.0</td> 854 <td>2016 7 17 </td> 855 </tr> 856 </table> 857 <h3 id="eopv-in-accessibility-services"></h3> 858 <p> 859 () 860 </p> 861 <table> 862 <col width="18%"> 863 <col width="16%"> 864 <col width="10%"> 865 <col width="19%"> 866 <col width="18%"> 867 <col width="18%"> 868 <tr> 869 <th>CVE</th> 870 <th></th> 871 <th></th> 872 <th> Nexus </th> 873 <th> AOSP </th> 874 <th></th> 875 </tr> 876 <tr> 877 <td>CVE-2016-3923</td> 878 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/5f256310187b4ff2f13a7abb9afed9126facd7bc">A-30647115</a> 879 </td> 880 <td></td> 881 <td> Nexus </td> 882 <td>7.0</td> 883 <td>Google </td> 884 </tr> 885 </table> 886 <h3 id="information-disclosure-vulnerability-in-mediaserver"></h3> 887 <p> 888 889 </p> 890 <table> 891 <col width="18%"> 892 <col width="16%"> 893 <col width="10%"> 894 <col width="18%"> 895 <col width="20%"> 896 <col width="17%"> 897 <tr> 898 <th>CVE</th> 899 <th></th> 900 <th></th> 901 <th> Nexus </th> 902 <th> AOSP </th> 903 <th></th> 904 </tr> 905 <tr> 906 <td>CVE-2016-3924</td> 907 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c894aa36be535886a8e5ff02cdbcd07dd24618f6">A-30204301</a> 908 </td> 909 <td></td> 910 <td> Nexus </td> 911 <td>4.4.45.0.25.1.16.06.0.17.0</td> 912 <td>2016 7 18 </td> 913 </tr> 914 </table> 915 <h3 id="dosv-in-wi-fi-2">Wi-Fi </h3> 916 <p> 917 Wi-Fi Wi-Fi 918 </p> 919 <table> 920 <col width="18%"> 921 <col width="16%"> 922 <col width="10%"> 923 <col width="19%"> 924 <col width="17%"> 925 <col width="19%"> 926 <tr> 927 <th>CVE</th> 928 <th></th> 929 <th></th> 930 <th> Nexus </th> 931 <th> AOSP </th> 932 <th></th> 933 </tr> 934 <tr> 935 <td>CVE-2016-3925</td> 936 <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/c2905409c20c8692d4396b8531b09e7ec81fa3fb">A-30230534</a> 937 </td> 938 <td></td> 939 <td> Nexus </td> 940 <td>6.06.0.17.0</td> 941 <td>Google </td> 942 </tr> 943 </table> 944 <h2 id="2016-10-05-security-patch-level-vulnerability-details">2016-10-05 945 </h2> 946 <p> <a href="#2016-10-05-security-patch-level-vulnerability-summary">2016-10-05 </a> CVE Nexus AOSP () ID ( AOSP ) ID </p> 947 <h3 id="remote-code-execution-vulnerability-in-kernel-asn-1-decoder"> ASN.1 </h3> 948 <p> 949 ASN.1 (Re-flash) 950 </p> 951 <table> 952 <col width="19%"> 953 <col width="20%"> 954 <col width="10%"> 955 <col width="23%"> 956 <col width="17%"> 957 <tr> 958 <th>CVE</th> 959 <th></th> 960 <th></th> 961 <th> Nexus </th> 962 <th></th> 963 </tr> 964 <tr> 965 <td>CVE-2016-0758</td> 966 <td>A-29814470<br> 967 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa"> 968 </a></td> 969 <td></td> 970 <td>Nexus 5XNexus 6P</td> 971 <td>2016 5 12 </td> 972 </tr> 973 </table> 974 <h3 id="remote-code-execution-vulnerability-in-kernel-networking-subsystem"></h3> 975 <p> 976 (Re-flash) 977 </p> 978 <table> 979 <col width="19%"> 980 <col width="20%"> 981 <col width="10%"> 982 <col width="23%"> 983 <col width="17%"> 984 <tr> 985 <th>CVE</th> 986 <th></th> 987 <th></th> 988 <th> Nexus </th> 989 <th></th> 990 </tr> 991 <tr> 992 <td>CVE-2016-7117</td> 993 <td>A-30515201<br> 994 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d"></a></td> 995 <td></td> 996 <td> Nexus </td> 997 <td>Google </td> 998 </tr> 999 </table> 1000 <h3 id="eopv-in-mediatek-video-driver">MediaTek </h3> 1001 <p> 1002 MediaTek (Re-flash) 1003 </p> 1004 <table> 1005 <col width="19%"> 1006 <col width="20%"> 1007 <col width="10%"> 1008 <col width="23%"> 1009 <col width="17%"> 1010 <tr> 1011 <th>CVE</th> 1012 <th></th> 1013 <th></th> 1014 <th> Nexus </th> 1015 <th></th> 1016 </tr> 1017 <tr> 1018 <td>CVE-2016-3928</td> 1019 <td>A-30019362*<br> 1020 M-ALPS02829384</td> 1021 <td></td> 1022 <td></td> 1023 <td>2016 7 6 </td> 1024 </tr> 1025 </table> 1026 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1027 </p> 1028 <h3 id="eopv-in-kernel-shared-memory-driver"></h3> 1029 <p> 1030 (Re-flash) 1031 </p> 1032 <table> 1033 <col width="19%"> 1034 <col width="20%"> 1035 <col width="10%"> 1036 <col width="23%"> 1037 <col width="17%"> 1038 <tr> 1039 <th>CVE</th> 1040 <th></th> 1041 <th></th> 1042 <th> Nexus </th> 1043 <th></th> 1044 </tr> 1045 <tr> 1046 <td>CVE-2016-5340</td> 1047 <td>A-30652312<br> 1048 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6">QC-CR#1008948</a></td> 1049 <td></td> 1050 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1051 <td>2016 7 26 </td> 1052 </tr> 1053 </table> 1054 1055 <h3 id="vulnerabilities-in-qc-components">Qualcomm </h3> 1056 <p> 1057 Qualcomm 2016 3 4 Qualcomm AMSS 1058 </p> 1059 <table> 1060 <col width="19%"> 1061 <col width="16%"> 1062 <col width="10%"> 1063 <col width="23%"> 1064 <col width="21%"> 1065 <tr> 1066 <th>CVE</th> 1067 <th></th> 1068 <th></th> 1069 <th> Nexus </th> 1070 <th></th> 1071 </tr> 1072 <tr> 1073 <td>CVE-2016-3926</td> 1074 <td>A-28823953*</td> 1075 <td></td> 1076 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 1077 <td>Qualcomm </td> 1078 </tr> 1079 <tr> 1080 <td>CVE-2016-3927</td> 1081 <td>A-28823244*</td> 1082 <td></td> 1083 <td>Nexus 5XNexus 6P</td> 1084 <td>Qualcomm </td> 1085 </tr> 1086 <tr> 1087 <td>CVE-2016-3929</td> 1088 <td>A-28823675*</td> 1089 <td></td> 1090 <td>Nexus 5XNexus 6P</td> 1091 <td>Qualcomm </td> 1092 </tr> 1093 </table> 1094 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1095 </p> 1096 <h3 id="eopv-in-qualcomm-networking-component">Qualcomm </h3> 1097 <p> 1098 Qualcomm 1099 </p> 1100 <table> 1101 <col width="19%"> 1102 <col width="20%"> 1103 <col width="10%"> 1104 <col width="23%"> 1105 <col width="17%"> 1106 <tr> 1107 <th>CVE</th> 1108 <th></th> 1109 <th></th> 1110 <th> Nexus </th> 1111 <th></th> 1112 </tr> 1113 <tr> 1114 <td>CVE-2016-2059</td> 1115 <td>A-27045580<br> 1116 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d">QC-CR#974577</a></td> 1117 <td></td> 1118 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1119 <td>2016 2 4 </td> 1120 </tr> 1121 </table> 1122 <h3 id="eopv-in-nvidia-mmc-test-driver">NVIDIA MMC </h3> 1123 <p> 1124 NVIDIA MMC 1125 </p> 1126 <table> 1127 <col width="19%"> 1128 <col width="20%"> 1129 <col width="10%"> 1130 <col width="23%"> 1131 <col width="17%"> 1132 <tr> 1133 <th>CVE</th> 1134 <th></th> 1135 <th></th> 1136 <th> Nexus </th> 1137 <th></th> 1138 </tr> 1139 <tr> 1140 <td>CVE-2016-3930</td> 1141 <td>A-28760138*<br> 1142 N-CVE-2016-3930</td> 1143 <td></td> 1144 <td>Nexus 9</td> 1145 <td>2016 5 12 </td> 1146 </tr> 1147 </table> 1148 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1149 </p> 1150 <h3 id="eopv-in-qsee-communicator-driver">Qualcomm QSEE </h3> 1151 <p>Qualcomm QSEE 1152 </p> 1153 <table> 1154 <col width="19%"> 1155 <col width="20%"> 1156 <col width="10%"> 1157 <col width="23%"> 1158 <col width="17%"> 1159 <tr> 1160 <th>CVE</th> 1161 <th></th> 1162 <th></th> 1163 <th> Nexus </th> 1164 <th></th> 1165 </tr> 1166 <tr> 1167 <td>CVE-2016-3931</td> 1168 <td>A-29157595<br> 1169 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e80b88323f9ff0bb0e545f209eec08ec56fca816">QC-CR#1036418</a></td> 1170 <td></td> 1171 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1172 <td>2016 6 4 </td> 1173 </tr> 1174 </table> 1175 <h3 id="eopv-in-mediaserver-2"></h3> 1176 <p> 1177 </p> 1178 <table> 1179 <col width="19%"> 1180 <col width="20%"> 1181 <col width="10%"> 1182 <col width="23%"> 1183 <col width="17%"> 1184 <tr> 1185 <th>CVE</th> 1186 <th></th> 1187 <th></th> 1188 <th> Nexus </th> 1189 <th></th> 1190 </tr> 1191 <tr> 1192 <td>CVE-2016-3932</td> 1193 <td>A-29161895<br> 1194 M-ALPS02770870</td> 1195 <td></td> 1196 <td></td> 1197 <td>2016 6 6 </td> 1198 </tr> 1199 <tr> 1200 <td>CVE-2016-3933</td> 1201 <td>A-29421408*<br> 1202 N-CVE-2016-3933</td> 1203 <td></td> 1204 <td>Nexus 9Pixel C</td> 1205 <td>2016 6 14 </td> 1206 </tr> 1207 </table> 1208 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1209 </p> 1210 <h3 id="eopv-in-qualcomm-camera-driver">Qualcomm </h3> 1211 <p> 1212 Qualcomm 1213 </p> 1214 <table> 1215 <col width="19%"> 1216 <col width="20%"> 1217 <col width="10%"> 1218 <col width="23%"> 1219 <col width="17%"> 1220 <tr> 1221 <th>CVE</th> 1222 <th></th> 1223 <th></th> 1224 <th> Nexus </th> 1225 <th></th> 1226 </tr> 1227 <tr> 1228 <td>CVE-2016-3903</td> 1229 <td>A-29513227<br> 1230 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=b8874573428e8ce024f57c6242d662fcca5e5d55">QC-CR#1040857</a></td> 1231 <td></td> 1232 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1233 <td>2016 6 20 </td> 1234 </tr> 1235 <tr> 1236 <td>CVE-2016-3934</td> 1237 <td>A-30102557<br> 1238 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=27fbeb6b025d5d46ccb0497cbed4c6e78ed1c5cc">QC-CR#789704</a></td> 1239 <td></td> 1240 <td>Nexus 5Nexus 5XNexus 6Nexus 6PAndroid One</td> 1241 <td>2016 7 16 </td> 1242 </tr> 1243 </table> 1244 <h3 id="eopv-in-qualcomm-sound-driver">Qualcomm </h3> 1245 <p> 1246 Qualcomm 1247 </p> 1248 <table> 1249 <col width="19%"> 1250 <col width="20%"> 1251 <col width="10%"> 1252 <col width="23%"> 1253 <col width="17%"> 1254 <tr> 1255 <th>CVE</th> 1256 <th></th> 1257 <th></th> 1258 <th> Nexus </th> 1259 <th></th> 1260 </tr> 1261 <tr> 1262 <td>CVE-2015-8951</td> 1263 <td>A-30142668<br> 1264 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=ccff36b07bfc49efc77b9f1b55ed2bf0900b1d5b">QC-CR#948902</a><br> 1265 QC-CR#948902</td> 1266 <td></td> 1267 <td>Nexus 5XNexus 6PAndroid One</td> 1268 <td>2016 6 20 </td> 1269 </tr> 1270 </table> 1271 <h3 id="eopv-in-qualcomm-crypto-engine-driver">Qualcomm </h3> 1272 <p>Qualcomm 1273 </p> 1274 <table> 1275 <col width="19%"> 1276 <col width="20%"> 1277 <col width="10%"> 1278 <col width="23%"> 1279 <col width="17%"> 1280 <tr> 1281 <th>CVE</th> 1282 <th></th> 1283 <th></th> 1284 <th> Nexus </th> 1285 <th></th> 1286 </tr> 1287 <tr> 1288 <td>CVE-2016-3901</td> 1289 <td>A-29999161<br> 1290 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5f69ccf3b011c1d14a1b1b00dbaacf74307c9132">QC-CR#1046434</a></td> 1291 <td></td> 1292 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1293 <td>2016 7 6 </td> 1294 </tr> 1295 <tr> 1296 <td>CVE-2016-3935</td> 1297 <td>A-29999665<br> 1298 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5f69ccf3b011c1d14a1b1b00dbaacf74307c9132">QC-CR#1046507</a></td> 1299 <td></td> 1300 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1301 <td>2016 7 6 </td> 1302 </tr> 1303 </table> 1304 <h3 id="eopv-in-mediatek-video-driver-2">MediaTek </h3> 1305 <p> 1306 MediaTek 1307 </p> 1308 <table> 1309 <col width="19%"> 1310 <col width="20%"> 1311 <col width="10%"> 1312 <col width="23%"> 1313 <col width="17%"> 1314 <tr> 1315 <th>CVE</th> 1316 <th></th> 1317 <th></th> 1318 <th> Nexus </th> 1319 <th></th> 1320 </tr> 1321 <tr> 1322 <td>CVE-2016-3936</td> 1323 <td>A-30019037*<br> 1324 M-ALPS02829568</td> 1325 <td></td> 1326 <td></td> 1327 <td>2016 7 6 </td> 1328 </tr> 1329 <tr> 1330 <td>CVE-2016-3937</td> 1331 <td>A-30030994*<br> 1332 M-ALPS02834874</td> 1333 <td></td> 1334 <td></td> 1335 <td>2016 7 7 </td> 1336 </tr> 1337 </table> 1338 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1339 </p> 1340 <h3 id="eopv-in-qualcomm-video-driver">Qualcomm </h3> 1341 <p> 1342 Qualcomm 1343 </p> 1344 <table> 1345 <col width="19%"> 1346 <col width="20%"> 1347 <col width="10%"> 1348 <col width="23%"> 1349 <col width="17%"> 1350 <tr> 1351 <th>CVE</th> 1352 <th></th> 1353 <th></th> 1354 <th> Nexus </th> 1355 <th></th> 1356 </tr> 1357 <tr> 1358 <td>CVE-2016-3938</td> 1359 <td>A-30019716<br> 1360 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=467c81f9736b1ebc8d4ba70f9221bba02425ca10">QC-CR#1049232</a></td> 1361 <td></td> 1362 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1363 <td>2016 7 7 </td> 1364 </tr> 1365 <tr> 1366 <td>CVE-2016-3939</td> 1367 <td>A-30874196<br> 1368 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e0bb18771d6ca71db2c2a61226827059be3fa424">QC-CR#1001224</a></td> 1369 <td></td> 1370 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1371 <td>2016 8 15 </td> 1372 </tr> 1373 </table> 1374 <h3 id="eopv-in-synaptics-touchscreen-driver">Synaptics </h3> 1375 <p>Synaptics 1376 </p> 1377 <table> 1378 <col width="19%"> 1379 <col width="20%"> 1380 <col width="10%"> 1381 <col width="23%"> 1382 <col width="17%"> 1383 <tr> 1384 <th>CVE</th> 1385 <th></th> 1386 <th></th> 1387 <th> Nexus </th> 1388 <th></th> 1389 </tr> 1390 <tr> 1391 <td>CVE-2016-3940</td> 1392 <td>A-30141991*</td> 1393 <td></td> 1394 <td>Nexus 6PAndroid One</td> 1395 <td>2016 7 16 </td> 1396 </tr> 1397 <tr> 1398 <td>CVE-2016-6672</td> 1399 <td>A-30537088*</td> 1400 <td></td> 1401 <td>Nexus 5X</td> 1402 <td>2016 7 31 </td> 1403 </tr> 1404 </table> 1405 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1406 </p> 1407 <h3 id="eopv-in-nvidia-camera-driver">NVIDIA </h3> 1408 <p> 1409 NVIDIA 1410 </p> 1411 <table> 1412 <col width="19%"> 1413 <col width="20%"> 1414 <col width="10%"> 1415 <col width="23%"> 1416 <col width="17%"> 1417 <tr> 1418 <th>CVE</th> 1419 <th></th> 1420 <th></th> 1421 <th> Nexus </th> 1422 <th></th> 1423 </tr> 1424 <tr> 1425 <td>CVE-2016-6673</td> 1426 <td>A-30204201*<br> 1427 N-CVE-2016-6673</td> 1428 <td></td> 1429 <td>Nexus 9</td> 1430 <td>2016 7 17 </td> 1431 </tr> 1432 </table> 1433 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1434 </p> 1435 <h3 id="eopv-in-system_server">System_server </h3> 1436 <p>System_server 1437 </p> 1438 <table> 1439 <col width="19%"> 1440 <col width="20%"> 1441 <col width="10%"> 1442 <col width="23%"> 1443 <col width="17%"> 1444 <tr> 1445 <th>CVE</th> 1446 <th></th> 1447 <th></th> 1448 <th> Nexus </th> 1449 <th></th> 1450 </tr> 1451 <tr> 1452 <td>CVE-2016-6674</td> 1453 <td>A-30445380*</td> 1454 <td></td> 1455 <td> Nexus </td> 1456 <td>2016 7 26 </td> 1457 </tr> 1458 </table> 1459 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1460 </p> 1461 <h3 id="eopv-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1462 <p> 1463 Qualcomm Wi-Fi 1464 </p> 1465 <table> 1466 <col width="19%"> 1467 <col width="20%"> 1468 <col width="10%"> 1469 <col width="23%"> 1470 <col width="17%"> 1471 <tr> 1472 <th>CVE</th> 1473 <th></th> 1474 <th></th> 1475 <th> Nexus </th> 1476 <th></th> 1477 </tr> 1478 <tr> 1479 <td>CVE-2016-3905</td> 1480 <td>A-28061823<br> 1481 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b5112838eb91b71eded4b5ee37338535784e0aef">QC-CR#1001449</a></td> 1482 <td></td> 1483 <td>Nexus 5X</td> 1484 <td>Google </td> 1485 </tr> 1486 <tr> 1487 <td>CVE-2016-6675</td> 1488 <td>A-30873776<br> 1489 <a href="https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/prima/commit/?id=1353fa0bd0c78427f3ae7d9bde7daeb75bd01d09">QC-CR#1000861</a></td> 1490 <td></td> 1491 <td>Nexus 5XAndroid One</td> 1492 <td>2016 8 15 </td> 1493 </tr> 1494 <tr> 1495 <td>CVE-2016-6676</td> 1496 <td>A-30874066<br> 1497 <a href="https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=6ba9136879232442a182996427e5c88e5a7512a8">QC-CR#1000853</a></td> 1498 <td></td> 1499 <td>Nexus 5XAndroid One</td> 1500 <td>2016 8 15 </td> 1501 </tr> 1502 <tr> 1503 <td>CVE-2016-5342</td> 1504 <td>A-30878283<br> 1505 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=579e796cb089324c55e0e689a180575ba81b23d9">QC-CR#1032174</a></td> 1506 <td></td> 1507 <td>Android One</td> 1508 <td>2016 8 15 </td> 1509 </tr> 1510 </table> 1511 <h3 id="eopv-in-kernel-performance-subsystem"></h3> 1512 <p> 1513 1514 </p> 1515 <table> 1516 <col width="19%"> 1517 <col width="20%"> 1518 <col width="10%"> 1519 <col width="23%"> 1520 <col width="17%"> 1521 <tr> 1522 <th>CVE</th> 1523 <th></th> 1524 <th></th> 1525 <th> Nexus </th> 1526 <th></th> 1527 </tr> 1528 <tr> 1529 <td>CVE-2015-8955</td> 1530 <td>A-29508816<br> 1531 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071"></a></td> 1532 <td></td> 1533 <td>Nexus 5XNexus 6PPixel CAndroid One</td> 1534 <td>Google </td> 1535 </tr> 1536 </table> 1537 <h3 id="information-disclosure-vulnerability-in-kernel-ion-subsystem"> ION </h3> 1538 <p> 1539 ION 1540 </p> 1541 <table> 1542 <col width="19%"> 1543 <col width="20%"> 1544 <col width="10%"> 1545 <col width="23%"> 1546 <col width="17%"> 1547 <tr> 1548 <th>CVE</th> 1549 <th></th> 1550 <th></th> 1551 <th> Nexus </th> 1552 <th></th> 1553 </tr> 1554 <tr> 1555 <td>CVE-2015-8950</td> 1556 <td>A-29795245<br> 1557 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8">QC-CR#1041735</a></td> 1558 <td></td> 1559 <td>Nexus 5Nexus 5XNexus 6Nexus 6P</td> 1560 <td>2016 5 12 </td> 1561 </tr> 1562 </table> 1563 <h3 id="information-disclosure-vulnerability-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1564 <p> 1565 NVIDIA GPU 1566 </p> 1567 <table> 1568 <col width="19%"> 1569 <col width="20%"> 1570 <col width="10%"> 1571 <col width="23%"> 1572 <col width="17%"> 1573 <tr> 1574 <th>CVE</th> 1575 <th></th> 1576 <th></th> 1577 <th> Nexus </th> 1578 <th></th> 1579 </tr> 1580 <tr> 1581 <td>CVE-2016-6677</td> 1582 <td>A-30259955*<br> 1583 N-CVE-2016-6677</td> 1584 <td></td> 1585 <td>Nexus 9</td> 1586 <td>2016 7 19 </td> 1587 </tr> 1588 </table> 1589 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1590 </p> 1591 <h3 id="eopv-in-qualcomm-character-driver">Qualcomm </h3> 1592 <p> 1593 Qualcomm 1594 </p> 1595 <table> 1596 <col width="19%"> 1597 <col width="20%"> 1598 <col width="10%"> 1599 <col width="23%"> 1600 <col width="17%"> 1601 <tr> 1602 <th>CVE</th> 1603 <th></th> 1604 <th></th> 1605 <th> Nexus </th> 1606 <th></th> 1607 </tr> 1608 <tr> 1609 <td>CVE-2015-0572</td> 1610 <td>A-29156684<br> 1611 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=34ad3d34fbff11b8e1210b9da0dac937fb956b61">QC-CR#848489</a></td> 1612 <td></td> 1613 <td>Nexus 5XNexus 6P</td> 1614 <td>2016 5 28 </td> 1615 </tr> 1616 </table> 1617 <h3 id="information-disclosure-vulnerability-in-qualcomm-sound-driver">Qualcomm </h3> 1618 <p> 1619 Qualcomm 1620 </p> 1621 <table> 1622 <col width="19%"> 1623 <col width="20%"> 1624 <col width="10%"> 1625 <col width="23%"> 1626 <col width="17%"> 1627 <tr> 1628 <th>CVE</th> 1629 <th></th> 1630 <th></th> 1631 <th> Nexus </th> 1632 <th></th> 1633 </tr> 1634 <tr> 1635 <td>CVE-2016-3860</td> 1636 <td>A-29323142<br> 1637 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/diff/sound/soc/msm/qdsp6v2/audio_calibration.c?id=528976f54be246ec93a71ac53aa4faf3e3791c48">QC-CR#1038127</a></td> 1638 <td></td> 1639 <td>Nexus 5XNexus 6PAndroid One</td> 1640 <td>20164 6 13 </td> 1641 </tr> 1642 </table> 1643 <h3 id="information-disclosure-vulnerability-in-motorola-usbnet-driver">Motorola USBNet </h3> 1644 <p> 1645 Motorola USBNet 1646 </p> 1647 <table> 1648 <col width="19%"> 1649 <col width="20%"> 1650 <col width="10%"> 1651 <col width="23%"> 1652 <col width="17%"> 1653 <tr> 1654 <th>CVE</th> 1655 <th></th> 1656 <th></th> 1657 <th> Nexus </th> 1658 <th></th> 1659 </tr> 1660 <tr> 1661 <td>CVE-2016-6678</td> 1662 <td>A-29914434*</td> 1663 <td></td> 1664 <td>Nexus 6</td> 1665 <td>2016 6 30 </td> 1666 </tr> 1667 </table> 1668 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1669 </p> 1670 <h3 id="information-disclosure-vulnerability-in-qualcomm-components">Qualcomm </h3> 1671 <p> 1672 Qualcomm (IPA Wi-Fi ) 1673 </p> 1674 <table> 1675 <col width="19%"> 1676 <col width="20%"> 1677 <col width="10%"> 1678 <col width="23%"> 1679 <col width="17%"> 1680 <tr> 1681 <th>CVE</th> 1682 <th></th> 1683 <th></th> 1684 <th> Nexus </th> 1685 <th></th> 1686 </tr> 1687 <tr> 1688 <td>CVE-2016-6679</td> 1689 <td>A-29915601<br> 1690 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=d39345f0abc309959d831d09fcbf1619cc0ae0f5">QC-CR#1000913</a> 1691 [<a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=f081695446679aa44baa0d00940ea18455eeb4c5">2</a>]</td> 1692 <td></td> 1693 <td>Nexus 5XAndroid One</td> 1694 <td>2016 6 30 </td> 1695 </tr> 1696 <tr> 1697 <td>CVE-2016-3902</td> 1698 <td>A-29953313*<br> 1699 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2fca425d781572393fbe51abe2e27a932d24a768">QC-CR#1044072</a></td> 1700 <td></td> 1701 <td>Nexus 5XNexus 6P</td> 1702 <td>2016 7 2 </td> 1703 </tr> 1704 <tr> 1705 <td>CVE-2016-6680</td> 1706 <td>A-29982678*<br> 1707 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=2f2fa073b95d4700de88c0f7558b4a18c13ac552">QC-CR#1048052</a></td> 1708 <td></td> 1709 <td>Nexus 5XAndroid One</td> 1710 <td>2016 7 3 </td> 1711 </tr> 1712 <tr> 1713 <td>CVE-2016-6681</td> 1714 <td>A-30152182<br> 1715 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=0950fbd39ff189497f1b6115825c210e3eeaf395">QC-CR#1049521</a></td> 1716 <td></td> 1717 <td>Nexus 5XNexus 6PAndroid One</td> 1718 <td>2016 7 14 </td> 1719 </tr> 1720 <tr> 1721 <td>CVE-2016-6682</td> 1722 <td>A-30152501<br> 1723 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=0950fbd39ff189497f1b6115825c210e3eeaf395">QC-CR#1049615</a></td> 1724 <td></td> 1725 <td>Nexus 5XNexus 6PAndroid One</td> 1726 <td>2016 7 14 </td> 1727 </tr> 1728 </table> 1729 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1730 </p> 1731 <h3 id="information-disclosure-vulnerability-in-kernel-components"></h3> 1732 <p> 1733 () 1734 </p> 1735 <table> 1736 <col width="19%"> 1737 <col width="18%"> 1738 <col width="10%"> 1739 <col width="25%"> 1740 <col width="17%"> 1741 <tr> 1742 <th>CVE</th> 1743 <th></th> 1744 <th></th> 1745 <th> Nexus </th> 1746 <th></th> 1747 </tr> 1748 <tr> 1749 <td>CVE-2016-6683</td> 1750 <td>A-30143283*</td> 1751 <td></td> 1752 <td> Nexus </td> 1753 <td>2016 7 13 </td> 1754 </tr> 1755 <tr> 1756 <td>CVE-2016-6684</td> 1757 <td>A-30148243*</td> 1758 <td></td> 1759 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerAndroid One</td> 1760 <td>2016 7 13 </td> 1761 </tr> 1762 <tr> 1763 <td>CVE-2015-8956</td> 1764 <td>A-30149612*</td> 1765 <td></td> 1766 <td>Nexus 5Nexus 6PAndroid One</td> 1767 <td>2016 7 14 </td> 1768 </tr> 1769 <tr> 1770 <td>CVE-2016-6685</td> 1771 <td>A-30402628*</td> 1772 <td></td> 1773 <td>Nexus 6P</td> 1774 <td>2016 7 25 </td> 1775 </tr> 1776 </table> 1777 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1778 </p> 1779 <h3 id="information-disclosure-vulnerability-in-nvidia-profiler">NVIDIA </h3> 1780 <p> 1781 NVIDIA 1782 </p> 1783 <table> 1784 <col width="19%"> 1785 <col width="20%"> 1786 <col width="10%"> 1787 <col width="23%"> 1788 <col width="17%"> 1789 <tr> 1790 <th>CVE</th> 1791 <th></th> 1792 <th></th> 1793 <th> Nexus </th> 1794 <th></th> 1795 </tr> 1796 <tr> 1797 <td>CVE-2016-6686</td> 1798 <td>A-30163101*<br> 1799 N-CVE-2016-6686</td> 1800 <td></td> 1801 <td>Nexus 9</td> 1802 <td>2016 7 15 </td> 1803 </tr> 1804 <tr> 1805 <td>CVE-2016-6687</td> 1806 <td>A-30162222*<br> 1807 N-CVE-2016-6687</td> 1808 <td></td> 1809 <td>Nexus 9</td> 1810 <td>2016 7 15 </td> 1811 </tr> 1812 <tr> 1813 <td>CVE-2016-6688</td> 1814 <td>A-30593080*<br> 1815 N-CVE-2016-6688</td> 1816 <td></td> 1817 <td>Nexus 9</td> 1818 <td>2016 8 2 </td> 1819 </tr> 1820 </table> 1821 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1822 </p> 1823 <h3 id="information-disclosure-vulnerability-in-kernel"></h3> 1824 <p> 1825 1826 </p> 1827 <table> 1828 <col width="19%"> 1829 <col width="20%"> 1830 <col width="10%"> 1831 <col width="23%"> 1832 <col width="17%"> 1833 <tr> 1834 <th>CVE</th> 1835 <th></th> 1836 <th></th> 1837 <th> Nexus </th> 1838 <th></th> 1839 </tr> 1840 <tr> 1841 <td>CVE-2016-6689</td> 1842 <td>A-30768347*</td> 1843 <td></td> 1844 <td> Nexus </td> 1845 <td>2016 8 9 </td> 1846 </tr> 1847 </table> 1848 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1849 </p> 1850 <h3 id="dosv-in-kernel-networking-subsystem"></h3> 1851 <p> 1852 TCP 1853 </p> 1854 <table> 1855 <col width="19%"> 1856 <col width="18%"> 1857 <col width="10%"> 1858 <col width="25%"> 1859 <col width="17%"> 1860 <tr> 1861 <th>CVE</th> 1862 <th></th> 1863 <th></th> 1864 <th> Nexus </th> 1865 <th></th> 1866 </tr> 1867 <tr> 1868 <td>CVE-2016-5696</td> 1869 <td>A-30809774<br> 1870 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758"></a></td> 1871 <td></td> 1872 <td>Nexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CAndroid One</td> 1873 <td>2016 7 16 </td> 1874 </tr> 1875 </table> 1876 <h3 id="dosv-in-kernel-sound-driver"></h3> 1877 <p> 1878 1879 </p> 1880 <table> 1881 <col width="19%"> 1882 <col width="18%"> 1883 <col width="10%"> 1884 <col width="25%"> 1885 <col width="17%"> 1886 <tr> 1887 <th>CVE</th> 1888 <th></th> 1889 <th></th> 1890 <th> Nexus </th> 1891 <th></th> 1892 </tr> 1893 <tr> 1894 <td>CVE-2016-6690</td> 1895 <td>A-28838221*</td> 1896 <td></td> 1897 <td>Nexus 5Nexus 5XNexus 6Nexus 6PNexus Player</td> 1898 <td>2016 5 18 </td> 1899 </tr> 1900 </table> 1901 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1902 </p> 1903 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1904 <p> 1905 Qualcomm 1906 </p> 1907 <table> 1908 <col width="19%"> 1909 <col width="20%"> 1910 <col width="10%"> 1911 <col width="23%"> 1912 <col width="17%"> 1913 <tr> 1914 <th>CVE</th> 1915 <th></th> 1916 <th></th> 1917 <th> Nexus </th> 1918 <th></th> 1919 </tr> 1920 <tr> 1921 <td>CVE-2016-6691</td> 1922 <td><a href="https://source.codeaurora.org/quic/la//platform/frameworks/opt/net/wifi/commit/?id=343f123c396b2a97fc7cce396cd5d99365cb9131">QC-CR#978452</a></td> 1923 <td></td> 1924 <td></td> 1925 <td>2016 7 </td> 1926 </tr> 1927 <tr> 1928 <td>CVE-2016-6692</td> 1929 <td><a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3">QC-CR#1004933</a></td> 1930 <td></td> 1931 <td></td> 1932 <td>2016 8 </td> 1933 </tr> 1934 <tr> 1935 <td>CVE-2016-6693</td> 1936 <td><a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=ac328eb631fa74a63d5d2583e6bfeeb5a7a2df65">QC-CR#1027585</a></td> 1937 <td></td> 1938 <td></td> 1939 <td>2016 8 </td> 1940 </tr> 1941 <tr> 1942 <td>CVE-2016-6694</td> 1943 <td><a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=961e38553aae8ba9b1af77c7a49acfbb7b0b6f62">QC-CR#1033525</a></td> 1944 <td></td> 1945 <td></td> 1946 <td>2016 8 </td> 1947 </tr> 1948 <tr> 1949 <td>CVE-2016-6695</td> 1950 <td><a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=c319c2b0926d1ea5edb4d0778d88bd3ce37c4b95">QC-CR#1033540</a></td> 1951 <td></td> 1952 <td></td> 1953 <td>2016 8 </td> 1954 </tr> 1955 <tr> 1956 <td>CVE-2016-6696</td> 1957 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=c3c9341bfdf93606983f893a086cb33a487306e5">QC-CR#1041130</a></td> 1958 <td></td> 1959 <td></td> 1960 <td>2016 8 </td> 1961 </tr> 1962 <tr> 1963 <td>CVE-2016-5344</td> 1964 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=64e15c36d6c1c57dc2d95a3f163bc830a469fc20">QC-CR#993650</a></td> 1965 <td></td> 1966 <td></td> 1967 <td>2016 8 </td> 1968 </tr> 1969 <tr> 1970 <td>CVE-2016-5343</td> 1971 <td><a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6927e2e0af4dcac357be86ba563c9ae12354bb08">QC-CR#1010081</a></td> 1972 <td></td> 1973 <td></td> 1974 <td>2016 8 </td> 1975 </tr> 1976 </table> 1977 <h2 id="common-questions-and-answers"></h2> 1978 <p> 1979 </p> 1980 <p> 1981 <strong>1. 1982 </strong> 1983 </p> 1984 <p> 1985 2016 10 1 2016-10-01 2016 10 5 2016-10-05 <a href="https://support.google.com/nexus/answer/4457705"></a>[ro.build.version.security_patch]:[2016-10-01] [ro.build.version.security_patch]:[2016-10-05] 1986 </p> 1987 <p> 1988 <strong>2. </strong> 1989 </p> 1990 <p> 1991 Android Android Android 1992 </p> 1993 <p> 1994 2016 10 5 () 1995 </p> 1996 <p> 1997 2016 10 1 1998 </p> 1999 <p> 2000 <strong>3. Nexus </strong> 2001 </p> 2002 <p> 2003 <a href="#2016-10-01-security-patch-level-vulnerability-details">2016-10-01</a> <a href="#2016-10-05-security-patch-level-vulnerability-details">2016-10-05</a> Nexus <em></em> Nexus </p> 2004 <ul> 2005 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus Nexus <a href="https://support.google.com/nexus/answer/4457705#nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus Player Pixel C</li> 2006 <li><strong> Nexus </strong> Nexus Nexus <em></em> Nexus </li> 2007 <li><strong> Nexus </strong> Android 7.0 Nexus Nexus <em></em></li> 2008 </ul> 2009 <p> 2010 <strong>4. </strong> 2011 </p> 2012 <p><em></em> 2013 </p> 2014 <table> 2015 <tr> 2016 <th></th> 2017 <th></th> 2018 </tr> 2019 <tr> 2020 <td>A-</td> 2021 <td>Android ID</td> 2022 </tr> 2023 <tr> 2024 <td>QC-</td> 2025 <td>Qualcomm </td> 2026 </tr> 2027 <tr> 2028 <td>M-</td> 2029 <td>MediaTek </td> 2030 </tr> 2031 <tr> 2032 <td>N-</td> 2033 <td>NVIDIA </td> 2034 </tr> 2035 <tr> 2036 <td>B-</td> 2037 <td>Broadcom </td> 2038 </tr> 2039 </table> 2040 2041 <h2 id="revisions"></h2> 2042 <ul> 2043 <li>2016 10 3 </li> 2044 <li>2016 10 4 AOSP CVE-2016-3920CVE-2016-6693CVE-2016-6694CVE-2016-6695 CVE-2016-6696 </li> 2045 </ul> 2046 2047 </body> 2048 </html> 2049
