Home | History | Annotate | Download | only in bulletin
      1 <html devsite>
      2   <head>
      3     <title>Android   2016  12 </title>
      4     <meta name="project_path" value="/_project.yaml" />
      5     <meta name="book_path" value="/_book.yaml" />
      6   </head>
      7   <body>
      8   <!--
      9       Copyright 2017 The Android Open Source Project
     10 
     11       Licensed under the Apache License, Version 2.0 (the "License");
     12       you may not use this file except in compliance with the License.
     13       You may obtain a copy of the License at
     14 
     15           http://www.apache.org/licenses/LICENSE-2.0
     16 
     17       Unless required by applicable law or agreed to in writing, software
     18       distributed under the License is distributed on an "AS IS" BASIS,
     19       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     20       See the License for the specific language governing permissions and
     21       limitations under the License.
     22   -->
     23 
     24 
     25 
     26 <p><em>2016  12  5  | 2016  12  7 </em></p>
     27 <p>Android  Android Google  OTA  Google Google  <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2016  12  5  <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus </a>
     28 </p>
     29 <p>
     30  2016  11  7  Android  (AOSP)  AOSP 
     31 </p>
     32 <p>
     33  (Re-flash) 
     34 </p>
     35 <p> <a href="/security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>)  Android  <a href="#mitigations">Android  Google </a>
     36 </p>
     37 <p>
     38 </p>
     39 <h2 id="announcements"></h2>
     40 <ul>
     41   <li> Android  Android <a href="#common-questions-and-answers"></a>
     42   <ul>
     43      <li><strong>2016-12-01</strong> 2016-12-01  () </li>
     44      <li><strong>2016-12-05</strong> 2016-12-01  2016-12-05  () </li>
     45     </ul>
     46   </li>
     47   <li> Google  2016  12  5  OTA </li>
     48 </ul>
     49 <h2 id="security-vulnerability-summary"></h2>
     50 <p>
     51  ID (CVE) Google <a href="/security/overview/updates-resources.html#severity"></a>
     52 </p>
     53 <h3 id="2016-12-01-summary">2016-12-01   </h3>
     54 <p>
     55 2016-12-01 
     56 </p>
     57 <table>
     58   <col width="55%">
     59   <col width="20%">
     60   <col width="13%">
     61   <col width="12%">
     62   <tr>
     63    <th></th>
     64    <th>CVE</th>
     65    <th></th>
     66    <th> Google </th>
     67   </tr>
     68   <tr>
     69    <td>CURL/LIBCURL </td>
     70    <td>CVE-2016-5419CVE-2016-5420CVE-2016-5421</td>
     71    <td></td>
     72    <td></td>
     73   </tr>
     74   <tr>
     75    <td>libziparchive </td>
     76    <td>CVE-2016-6762</td>
     77    <td></td>
     78    <td></td>
     79   </tr>
     80   <tr>
     81    <td></td>
     82    <td>CVE-2016-6763</td>
     83    <td></td>
     84    <td></td>
     85   </tr>
     86   <tr>
     87    <td></td>
     88    <td>CVE-2016-6766CVE-2016-6765CVE-2016-6764CVE-2016-6767</td>
     89    <td></td>
     90    <td></td>
     91   </tr>
     92   <tr>
     93    <td>Framesequence </td>
     94    <td>CVE-2016-6768</td>
     95    <td></td>
     96    <td></td>
     97   </tr>
     98   <tr>
     99    <td>Smart Lock </td>
    100    <td>CVE-2016-6769</td>
    101    <td></td>
    102    <td>*</td>
    103   </tr>
    104   <tr>
    105    <td>Framework API </td>
    106    <td>CVE-2016-6770</td>
    107    <td></td>
    108    <td></td>
    109   </tr>
    110   <tr>
    111    <td></td>
    112    <td>CVE-2016-6771</td>
    113    <td></td>
    114    <td></td>
    115   </tr>
    116   <tr>
    117    <td>Wi-Fi </td>
    118    <td>CVE-2016-6772</td>
    119    <td></td>
    120    <td></td>
    121   </tr>
    122   <tr>
    123    <td></td>
    124    <td>CVE-2016-6773</td>
    125    <td></td>
    126    <td></td>
    127   </tr>
    128   <tr>
    129    <td></td>
    130    <td>CVE-2016-6774</td>
    131    <td></td>
    132    <td></td>
    133   </tr>
    134 </table>
    135 <p>
    136 *  Android 7.0  Google  ()
    137 </p>
    138 <h3 id="2016-12-05-summary">2016-12-05   </h3>
    139 <p>
    140 2016-12-05  2016-12-01 
    141 </p>
    142 <table>
    143   <col width="55%">
    144   <col width="20%">
    145   <col width="13%">
    146   <col width="12%">
    147   <tr>
    148    <th></th>
    149    <th>CVE</th>
    150    <th></th>
    151    <th> Google </th>
    152   </tr>
    153   <tr>
    154    <td></td>
    155    <td>CVE-2016-4794CVE-2016-5195</td>
    156    <td></td>
    157    <td></td>
    158   </tr>
    159   <tr>
    160    <td>NVIDIA GPU </td>
    161    <td>CVE-2016-6775CVE-2016-6776CVE-2016-6777</td>
    162    <td></td>
    163    <td></td>
    164   </tr>
    165   <tr>
    166    <td></td>
    167    <td>CVE-2015-8966</td>
    168    <td></td>
    169    <td>*</td>
    170   </tr>
    171   <tr>
    172    <td>NVIDIA </td>
    173    <td>CVE-2016-6915CVE-2016-6916CVE-2016-6917</td>
    174    <td></td>
    175    <td></td>
    176   </tr>
    177   <tr>
    178    <td> ION </td>
    179    <td>CVE-2016-9120</td>
    180    <td></td>
    181    <td></td>
    182   </tr>
    183   <tr>
    184    <td>Qualcomm </td>
    185    <td>CVE-2016-8411</td>
    186    <td></td>
    187    <td></td>
    188   </tr>
    189   <tr>
    190    <td></td>
    191    <td>CVE-2014-4014</td>
    192    <td></td>
    193    <td></td>
    194   </tr>
    195   <tr>
    196    <td></td>
    197    <td>CVE-2015-8967</td>
    198    <td></td>
    199    <td></td>
    200   </tr>
    201   <tr>
    202    <td>HTC </td>
    203    <td>CVE-2016-6778CVE-2016-6779CVE-2016-6780</td>
    204    <td></td>
    205    <td></td>
    206   </tr>
    207   <tr>
    208    <td>MediaTek </td>
    209    <td>CVE-2016-6492CVE-2016-6781CVE-2016-6782CVE-2016-6783CVE-2016-6784CVE-2016-6785</td>
    210    <td></td>
    211    <td>*</td>
    212   </tr>
    213   <tr>
    214    <td>Qualcomm </td>
    215    <td>CVE-2016-6761CVE-2016-6760CVE-2016-6759CVE-2016-6758</td>
    216    <td></td>
    217    <td></td>
    218   </tr>
    219   <tr>
    220    <td>Qualcomm </td>
    221    <td>CVE-2016-6755</td>
    222    <td></td>
    223    <td></td>
    224   </tr>
    225   <tr>
    226    <td></td>
    227    <td>CVE-2016-6786CVE-2016-6787</td>
    228    <td></td>
    229    <td></td>
    230   </tr>
    231   <tr>
    232    <td>MediaTek I2C </td>
    233    <td>CVE-2016-6788</td>
    234    <td></td>
    235    <td>*</td>
    236   </tr>
    237   <tr>
    238    <td>NVIDIA libomx </td>
    239    <td>CVE-2016-6789CVE-2016-6790</td>
    240    <td></td>
    241    <td></td>
    242   </tr>
    243   <tr>
    244    <td>Qualcomm </td>
    245    <td>CVE-2016-6791CVE-2016-8391CVE-2016-8392</td>
    246    <td></td>
    247    <td></td>
    248   </tr>
    249   <tr>
    250    <td></td>
    251    <td>CVE-2015-7872</td>
    252    <td></td>
    253    <td></td>
    254   </tr>
    255   <tr>
    256    <td>Synaptics </td>
    257    <td>CVE-2016-8393CVE-2016-8394</td>
    258    <td></td>
    259    <td></td>
    260   </tr>
    261   <tr>
    262    <td>Broadcom Wi-Fi </td>
    263    <td>CVE-2014-9909CVE-2014-9910</td>
    264    <td></td>
    265    <td>*</td>
    266   </tr>
    267   <tr>
    268    <td>MediaTek </td>
    269    <td>CVE-2016-8396</td>
    270    <td></td>
    271    <td>*</td>
    272   </tr>
    273   <tr>
    274    <td>NVIDIA </td>
    275    <td>CVE-2016-8397</td>
    276    <td></td>
    277    <td></td>
    278   </tr>
    279   <tr>
    280    <td>GPS </td>
    281    <td>CVE-2016-5341</td>
    282    <td></td>
    283    <td></td>
    284   </tr>
    285   <tr>
    286    <td>NVIDIA </td>
    287    <td>CVE-2016-8395</td>
    288    <td></td>
    289    <td></td>
    290   </tr>
    291   <tr>
    292    <td></td>
    293    <td>CVE-2016-8399</td>
    294    <td></td>
    295    <td></td>
    296   </tr>
    297   <tr>
    298    <td>Qualcomm </td>
    299    <td>CVE-2016-6756CVE-2016-6757</td>
    300    <td></td>
    301    <td></td>
    302   </tr>
    303   <tr>
    304    <td>NVIDIA librm </td>
    305    <td>CVE-2016-8400</td>
    306    <td></td>
    307    <td></td>
    308   </tr>
    309   <tr>
    310    <td></td>
    311    <td>CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8404CVE-2016-8405CVE-2016-8406CVE-2016-8407</td>
    312    <td></td>
    313    <td></td>
    314   </tr>
    315   <tr>
    316    <td>NVIDIA </td>
    317    <td>CVE-2016-8408CVE-2016-8409</td>
    318    <td></td>
    319    <td></td>
    320   </tr>
    321   <tr>
    322    <td>Qualcomm </td>
    323    <td>CVE-2016-8410</td>
    324    <td></td>
    325    <td></td>
    326   </tr>
    327 </table>
    328 <p>
    329 *  Android 7.0  Google  ()
    330 </p>
    331 <h2 id="mitigations">Android  Google </h2>
    332 <p>
    333  <a href="/security/enhancements/index.html">Android </a> SafetyNet  Android 
    334 </p>
    335 <ul>
    336 <li>Android  Android  Android</li>
    337 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play  Root  Root  () </li>
    338 <li>Google Hangouts  Messenger </li>
    339 </ul>
    340 
    341 <h2 id="acknowledgements"></h2>
    342 <p>
    343 </p>
    344 
    345 <ul>
    346   <li> Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi Zhang  Yang SongCVE-2016-6783CVE-2016-6784CVE-2016-6785</li>
    347   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6789CVE-2016-6790</li>
    348   <li>Christian SeelCVE-2016-6769</li>
    349   <li>Google  David Benjamin  Kenny RootCVE-2016-6767</li>
    350   <li> KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>)  Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-6776CVE-2016-6787</li>
    351   <li><a href="http://www.ms509.com">MS509Team</a>  En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)CVE-2016-6763</li>
    352   <li> 360 IceSword  Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)  <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-6779CVE-2016-6778CVE-2016-8401CVE-2016-8402CVE-2016-8403CVE-2016-8409CVE-2016-8408CVE-2016-8404</li>
    353   <li> 360 IceSword  Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>)  <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-6788CVE-2016-6781CVE-2016-6782CVE-2016-8396</li>
    354   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6791CVE-2016-8391CVE-2016-8392</li>
    355   <li>Google Project Zero  Mark BrandCVE-2016-6772</li>
    356   <li><a href="https://github.com/michalbednarski">Micha Bednarski</a>CVE-2016-6770CVE-2016-6774</li>
    357   <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6761CVE-2016-6759CVE-2016-8400</li>
    358   <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6760</li>
    359   <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6759</li>
    360   <li>Tesla Motors Product  Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2016-6915CVE-2016-6916CVE-2016-6917</li>
    361   <li>Nightwatch Cybersecurity Research (<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>)CVE-2016-5341</li>
    362   <li> X- Pengfei Ding ()Chenfu Bao ()  Lenx Wei ()CVE-2016-6755CVE-2016-6756</li>
    363   <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-8397CVE-2016-8405CVE-2016-8406CVE-2016-8407</li>
    364   <li> KeenLab ()  Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2016-8399CVE-2016-8395</li>
    365   <li> KeenLab ()  Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)  Marco Grassi (<a href="https://twitter.com/marcograss">@marcograss</a>)CVE-2016-6768</li>
    366   <li>Richard ShupakCVE-2016-5341</li>
    367   <li>IBM X-Force Research  Sagi KedmiCVE-2016-8393CVE-2016-8394</li>
    368   <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-6757</li>
    369   <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2016-6773</li>
    370   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:zc1991 (a] mail.ustc.edu.cn">Chi Zhang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6765</li>
    371   <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/"></a> Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://weibo.com/wishlinux"></a>)CVE-2016-6704</li>
    372   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6786CVE-2016-6780CVE-2016-6775</li>
    373   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-6777</li>
    374   <li> Yuxiang LiCVE-2016-6771</li>
    375   <li> 360  Zhe Jin ()CVE-2016-6764CVE-2016-6766</li>
    376   <li> 360  <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>CVE-2016-6762</li>
    377 </ul>
    378 <p>
    379  MengLuo Gou (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)Yong Wang () (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)  Google  Zubin Mithra 
    380 </p>
    381 
    382 <h2 id="2016-12-01-details">2016-12-01   </h2>
    383 <p>
    384  <a href="#2016-12-01-summary">2016-12-01   </a> CVE Google  AOSP  ()  ID  ( AOSP ) ID </p>
    385 
    386 
    387 <h3 id="rce-in-curl-libcurl">CURL/LIBCURL </h3>
    388 <p>
    389  CURL  LIBCURL 
    390 </p>
    391 
    392 <table>
    393   <col width="18%">
    394   <col width="18%">
    395   <col width="10%">
    396   <col width="19%">
    397   <col width="17%">
    398   <col width="17%">
    399   <tr>
    400     <th>CVE</th>
    401     <th></th>
    402     <th></th>
    403     <th> Google </th>
    404     <th> AOSP </th>
    405     <th></th>
    406   </tr>
    407   <tr>
    408     <td>CVE-2016-5419</td>
    409     <td>A-31271247</td>
    410     <td></td>
    411     <td></td>
    412     <td>7.0</td>
    413     <td>2016  8  3 </td>
    414   </tr>
    415   <tr>
    416     <td>CVE-2016-5420</td>
    417     <td>A-31271247</td>
    418     <td></td>
    419     <td></td>
    420     <td>7.0</td>
    421     <td>2016  8  3 </td>
    422   </tr>
    423   <tr>
    424     <td>CVE-2016-5421</td>
    425     <td>A-31271247</td>
    426     <td></td>
    427     <td></td>
    428     <td>7.0</td>
    429     <td>2016  8  3 </td>
    430   </tr>
    431 </table>
    432 
    433 
    434 <h3 id="eop-in-libziparchive">libziparchive </h3>
    435 <p>
    436 libziparchive 
    437 </p>
    438 
    439 <table>
    440   <col width="18%">
    441   <col width="18%">
    442   <col width="10%">
    443   <col width="19%">
    444   <col width="17%">
    445   <col width="17%">
    446   <tr>
    447     <th>CVE</th>
    448     <th></th>
    449     <th></th>
    450     <th> Google </th>
    451     <th> AOSP </th>
    452     <th></th>
    453   </tr>
    454   <tr>
    455     <td>CVE-2016-6762</td>
    456    <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c">
    457        A-31251826</a>
    458       [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>]
    459    </td>
    460     <td></td>
    461     <td></td>
    462     <td>5.0.25.1.16.06.0.17.0</td>
    463     <td>2016  8  28 </td>
    464   </tr>
    465 </table>
    466 
    467 
    468 <h3 id="dos-in-telephony"></h3>
    469 <p>
    470 
    471 </p>
    472 
    473 <table>
    474   <col width="18%">
    475   <col width="18%">
    476   <col width="10%">
    477   <col width="19%">
    478   <col width="17%">
    479   <col width="17%">
    480   <tr>
    481     <th>CVE</th>
    482     <th></th>
    483     <th></th>
    484     <th> Google </th>
    485     <th> AOSP </th>
    486     <th></th>
    487   </tr>
    488   <tr>
    489     <td>CVE-2016-6763</td>
    490     <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1294620627b1e9afdf4bd0ad51c25ed3daf80d84">
    491         A-31530456</a></td>
    492     <td></td>
    493     <td></td>
    494     <td>4.4.45.0.25.1.16.06.0.17.0</td>
    495     <td>2016  9  12 </td>
    496   </tr>
    497 </table>
    498 
    499 
    500 <h3 id="dos-in-mediaserver"></h3>
    501 <p>
    502 
    503 </p>
    504 
    505 <table>
    506   <col width="18%">
    507   <col width="18%">
    508   <col width="10%">
    509   <col width="19%">
    510   <col width="17%">
    511   <col width="17%">
    512   <tr>
    513     <th>CVE</th>
    514     <th></th>
    515     <th></th>
    516     <th> Google </th>
    517     <th> AOSP </th>
    518     <th></th>
    519   </tr>
    520   <tr>
    521    <td>CVE-2016-6766</td>
    522    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20">
    523        A-31318219</a></td>
    524    <td></td>
    525    <td></td>
    526    <td>4.4.45.0.25.1.16.06.0.17.0</td>
    527    <td>2016  9  5 </td>
    528   </tr>
    529   <tr>
    530    <td>CVE-2016-6765</td>
    531    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/fd9cc97d4dfe2a2fbce2c0f1704d7a27ce7cbc44">
    532        A-31449945</a></td>
    533    <td></td>
    534    <td></td>
    535    <td>4.4.45.0.25.1.17.0</td>
    536    <td>2016  9  13 </td>
    537   </tr>
    538   <tr>
    539    <td>CVE-2016-6764</td>
    540    <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20">
    541        A-31681434</a></td>
    542    <td></td>
    543    <td></td>
    544    <td>4.4.45.0.25.1.16.06.0.17.0</td>
    545    <td>2016  9  22 </td>
    546   </tr>
    547   <tr>
    548    <td>CVE-2016-6767</td>
    549    <td>A-31833604</td>
    550    <td></td>
    551    <td>*</td>
    552    <td>4.4.4</td>
    553    <td>Google </td>
    554   </tr>
    555 </table>
    556 
    557 <p>
    558 *  Android 7.0  Google  ()
    559 </p>
    560 
    561 
    562 <h3 id="rce-in-framesequence-library">Framesequence </h3>
    563 <p>
    564 Framesequence  Framesequence 
    565 </p>
    566 
    567 <table>
    568   <col width="18%">
    569   <col width="18%">
    570   <col width="10%">
    571   <col width="19%">
    572   <col width="17%">
    573   <col width="17%">
    574   <tr>
    575     <th>CVE</th>
    576     <th></th>
    577     <th></th>
    578     <th> Google </th>
    579     <th> AOSP </th>
    580     <th></th>
    581   </tr>
    582   <tr>
    583     <td>CVE-2016-6768</td>
    584     <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/0ada9456d0270cb0e357a43d9187a6418d770760">
    585         A-31631842</a></td>
    586     <td></td>
    587     <td></td>
    588     <td>5.0.25.1.16.06.0.17.0</td>
    589     <td>2016  9  19 </td>
    590   </tr>
    591 </table>
    592 
    593 
    594 <h3 id="eop-in-smart-lock">Smart Lock </h3>
    595 <p>
    596 Smart Lock  PIN  Smart Lock  ( Smart Lock) 
    597 </p>
    598 
    599 <table>
    600   <col width="18%">
    601   <col width="18%">
    602   <col width="10%">
    603   <col width="19%">
    604   <col width="17%">
    605   <col width="17%">
    606   <tr>
    607     <th>CVE</th>
    608     <th></th>
    609     <th></th>
    610     <th> Google </th>
    611     <th> AOSP </th>
    612     <th></th>
    613   </tr>
    614   <tr>
    615     <td>CVE-2016-6769</td>
    616     <td>A-29055171</td>
    617     <td></td>
    618     <td>*</td>
    619     <td>5.0.25.1.16.06.0.1</td>
    620     <td>2016  5  27 </td>
    621   </tr>
    622 </table>
    623 <p>
    624 *  Android 7.0  Google  ()
    625 </p>
    626 
    627 
    628 <h3 id="eop-in-framework-apis">Framework API </h3>
    629 <p>
    630 Framework API 
    631 </p>
    632 
    633 <table>
    634   <col width="18%">
    635   <col width="18%">
    636   <col width="10%">
    637   <col width="19%">
    638   <col width="17%">
    639   <col width="17%">
    640   <tr>
    641     <th>CVE</th>
    642     <th></th>
    643     <th></th>
    644     <th> Google </th>
    645     <th> AOSP </th>
    646     <th></th>
    647   </tr>
    648   <tr>
    649     <td>CVE-2016-6770</td>
    650     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc">
    651         A-30202228</a></td>
    652     <td></td>
    653     <td></td>
    654     <td>4.4.45.0.25.1.16.06.0.17.0</td>
    655     <td>2016  7  16 </td>
    656   </tr>
    657 </table>
    658 
    659 
    660 <h3 id="eop-in-telephony"></h3>
    661 <p>
    662 
    663 </p>
    664 
    665 <table>
    666   <col width="18%">
    667   <col width="18%">
    668   <col width="10%">
    669   <col width="19%">
    670   <col width="17%">
    671   <col width="17%">
    672   <tr>
    673     <th>CVE</th>
    674     <th></th>
    675     <th></th>
    676     <th> Google </th>
    677     <th> AOSP </th>
    678     <th></th>
    679   </tr>
    680   <tr>
    681     <td>CVE-2016-6771</td>
    682     <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a39ff9526aee6f2ea4f6e02412db7b33d486fd7d">
    683         A-31566390</a></td>
    684     <td></td>
    685     <td></td>
    686     <td>6.06.0.17.0</td>
    687     <td>2016  9  17 </td>
    688   </tr>
    689 </table>
    690 
    691 
    692 <h3 id="eop-in-wi-fi">Wi-Fi </h3>
    693 <p>
    694 Wi-Fi 
    695 </p>
    696 
    697 <table>
    698   <col width="18%">
    699   <col width="18%">
    700   <col width="10%">
    701   <col width="19%">
    702   <col width="17%">
    703   <col width="17%">
    704   <tr>
    705     <th>CVE</th>
    706     <th></th>
    707     <th></th>
    708     <th> Google </th>
    709     <th> AOSP </th>
    710     <th></th>
    711   </tr>
    712   <tr>
    713     <td>CVE-2016-6772</td>
    714     <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484">
    715         A-31856351</a>
    716        [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td>
    717     <td></td>
    718     <td></td>
    719     <td>5.0.25.1.16.06.0.17.0</td>
    720     <td>2016  9  30 </td>
    721   </tr>
    722 </table>
    723 
    724 
    725 <h3 id="id-in-mediaserver"></h3>
    726 <p>
    727 
    728 </p>
    729 
    730 <table>
    731   <col width="18%">
    732   <col width="18%">
    733   <col width="10%">
    734   <col width="19%">
    735   <col width="17%">
    736   <col width="17%">
    737   <tr>
    738     <th>CVE</th>
    739     <th></th>
    740     <th></th>
    741     <th> Google </th>
    742     <th> AOSP </th>
    743     <th></th>
    744   </tr>
    745   <tr>
    746     <td>CVE-2016-6773</td>
    747     <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0">
    748         A-30481714</a>
    749        [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td>
    750     <td></td>
    751     <td></td>
    752     <td>6.06.0.17.0</td>
    753     <td>2016  7  27 </td>
    754   </tr>
    755 </table>
    756 
    757 
    758 <h3 id="id-in-package-manager"></h3>
    759 <p>
    760 
    761 </p>
    762 
    763 <table>
    764   <col width="18%">
    765   <col width="18%">
    766   <col width="10%">
    767   <col width="19%">
    768   <col width="17%">
    769   <col width="17%">
    770   <tr>
    771     <th>CVE</th>
    772     <th></th>
    773     <th></th>
    774     <th> Google </th>
    775     <th> AOSP </th>
    776     <th></th>
    777   </tr>
    778   <tr>
    779     <td>CVE-2016-6774</td>
    780     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e2d4f5fc313ecb4ba587b20fff6d346f8cd51775">
    781         A-31251489</a></td>
    782     <td></td>
    783     <td></td>
    784     <td>7.0</td>
    785     <td>2016  8  29 </td>
    786   </tr>
    787 </table>
    788 
    789 
    790 <h2 id="2016-12-05-details">2016-12-05   </h2>
    791 <p>
    792  <a href="#2016-12-05-summary">2016-12-05   </a> CVE Google  AOSP  ()  ID  ( AOSP ) ID </p>
    793 
    794 <h3 id="eop-in-kernel-memory-subsystem"></h3>
    795 <p>
    796  (Re-flash) 
    797 </p>
    798 
    799 <table>
    800   <col width="19%">
    801   <col width="20%">
    802   <col width="10%">
    803   <col width="23%">
    804   <col width="17%">
    805   <tr>
    806     <th>CVE</th>
    807     <th></th>
    808     <th></th>
    809     <th> Google </th>
    810     <th></th>
    811   </tr>
    812   <tr>
    813     <td>CVE-2016-4794</td>
    814     <td>A-31596597<br>
    815        <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"></a>
    816 [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td>
    817     <td></td>
    818     <td>Pixel CPixelPixel XL</td>
    819     <td>2016  4  17 </td>
    820   </tr>
    821   <tr>
    822     <td>CVE-2016-5195</td>
    823     <td>A-32141528<br>
    824        <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"></a>
    825 [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td>
    826     <td></td>
    827     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
    828     <td>2016  10  12 </td>
    829   </tr>
    830 </table>
    831 
    832 
    833 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3>
    834 <p>
    835 NVIDIA GPU  (Re-flash) 
    836 </p>
    837 
    838 <table>
    839   <col width="19%">
    840   <col width="20%">
    841   <col width="10%">
    842   <col width="23%">
    843   <col width="17%">
    844   <tr>
    845     <th>CVE</th>
    846     <th></th>
    847     <th></th>
    848     <th> Google </th>
    849     <th></th>
    850   </tr>
    851   <tr>
    852     <td>CVE-2016-6775</td>
    853     <td>A-31222873*<br>N-CVE-2016-6775</td>
    854     <td></td>
    855     <td>Nexus 9</td>
    856     <td>2016  8  25 </td>
    857   </tr>
    858   <tr>
    859     <td>CVE-2016-6776</td>
    860     <td>A-31680980*<br>N-CVE-2016-6776</td>
    861     <td></td>
    862     <td>Nexus 9</td>
    863     <td>2016  9  22 </td>
    864   </tr>
    865   <tr>
    866     <td>CVE-2016-6777</td>
    867     <td>A-31910462*<br>N-CVE-2016-6777</td>
    868     <td></td>
    869     <td>Nexus 9</td>
    870     <td>2016  10  3 </td>
    871   </tr>
    872 </table>
    873 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
    874 </p>
    875 
    876 <h3 id="eop-in-kernel"></h3>
    877 <p> (Re-flash) 
    878 </p>
    879 
    880 <table>
    881   <col width="19%">
    882   <col width="20%">
    883   <col width="10%">
    884   <col width="23%">
    885   <col width="17%">
    886   <tr>
    887     <th>CVE</th>
    888     <th></th>
    889     <th></th>
    890     <th> Google </th>
    891     <th></th>
    892   </tr>
    893   <tr>
    894     <td>CVE-2015-8966</td>
    895     <td>A-31435731<br>
    896         <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42">
    897 </a></td>
    898     <td></td>
    899     <td>*</td>
    900     <td>2016  9  10 </td>
    901   </tr>
    902 </table>
    903 <p>
    904 *  Android 7.0  Google  ()
    905 </p>
    906 
    907 
    908 <h3 id="eop-in-nvidia-video-driver">NVIDIA </h3>
    909 <p>
    910 NVIDIA  (Re-flash) 
    911 </p>
    912 
    913 <table>
    914   <col width="19%">
    915   <col width="20%">
    916   <col width="10%">
    917   <col width="23%">
    918   <col width="17%">
    919   <tr>
    920     <th>CVE</th>
    921     <th></th>
    922     <th></th>
    923     <th> Google </th>
    924     <th></th>
    925   </tr>
    926   <tr>
    927     <td>CVE-2016-6915</td>
    928     <td>A-31471161*
    929     <br>N-CVE-2016-6915</td>
    930     <td></td>
    931     <td>Nexus 9</td>
    932     <td>2016  9  13 </td>
    933   </tr>
    934   <tr>
    935     <td>CVE-2016-6916</td>
    936     <td>A-32072350*
    937     <br>N-CVE-2016-6916</td>
    938     <td></td>
    939     <td>Nexus 9Pixel C</td>
    940     <td>2016  9  13 </td>
    941   </tr>
    942   <tr>
    943     <td>CVE-2016-6917</td>
    944     <td>A-32072253*
    945     <br>N-CVE-2016-6917</td>
    946     <td></td>
    947     <td>Nexus 9</td>
    948     <td>2016  9  13 </td>
    949   </tr>
    950 </table>
    951 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
    952 </p>
    953 
    954 <h3 id="eop-in-kernel-ion-driver"> ION </h3>
    955 <p>
    956  ION  (Re-flash) 
    957 </p>
    958 
    959 <table>
    960   <col width="19%">
    961   <col width="20%">
    962   <col width="10%">
    963   <col width="23%">
    964   <col width="17%">
    965   <tr>
    966     <th>CVE</th>
    967     <th></th>
    968     <th></th>
    969     <th> Google </th>
    970     <th></th>
    971   </tr>
    972   <tr>
    973     <td>CVE-2016-9120</td>
    974     <td>A-31568617<br>
    975         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7">
    976 </a></td>
    977     <td></td>
    978     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus Player</td>
    979     <td>2016  9  16 </td>
    980   </tr>
    981 </table>
    982 
    983 <h3>Qualcomm </h3>
    984 <p>
    985  Qualcomm  2015  11  Qualcomm AMSS 
    986 </p>
    987 <table>
    988   <col width="19%">
    989   <col width="20%">
    990   <col width="10%">
    991   <col width="23%">
    992   <col width="17%">
    993   <tr>
    994    <th>CVE</th>
    995    <th></th>
    996    <th>*</th>
    997    <th> Google </th>
    998    <th></th>
    999   </tr>
   1000   <tr>
   1001    <td>CVE-2016-8411</td>
   1002    <td>A-31805216**</td>
   1003    <td></td>
   1004    <td>Nexus 6Nexus 6PAndroid One</td>
   1005    <td>Qualcomm </td>
   1006   </tr>
   1007 </table>
   1008 <p>* </p>
   1009 <p>**  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1010 </p>
   1011 
   1012 <h3 id="eop-in-kernel-file-system"></h3>
   1013 <p>
   1014 
   1015 </p>
   1016 
   1017 <table>
   1018   <col width="19%">
   1019   <col width="20%">
   1020   <col width="10%">
   1021   <col width="23%">
   1022   <col width="17%">
   1023   <tr>
   1024     <th>CVE</th>
   1025     <th></th>
   1026     <th></th>
   1027     <th> Google </th>
   1028     <th></th>
   1029   </tr>
   1030   <tr>
   1031     <td>CVE-2014-4014</td>
   1032     <td>A-31252187<br>
   1033         <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03">
   1034 </a></td>
   1035     <td></td>
   1036     <td>Nexus 6Nexus Player</td>
   1037     <td>2014  6  10 </td>
   1038   </tr>
   1039 </table>
   1040 
   1041 
   1042 <h3 id="eop-in-kernel-2"></h3>
   1043 <p>
   1044 
   1045 </p>
   1046 
   1047 <table>
   1048   <col width="19%">
   1049   <col width="20%">
   1050   <col width="10%">
   1051   <col width="23%">
   1052   <col width="17%">
   1053   <tr>
   1054     <th>CVE</th>
   1055     <th></th>
   1056     <th></th>
   1057     <th> Google </th>
   1058     <th></th>
   1059   </tr>
   1060   <tr>
   1061     <td>CVE-2015-8967</td>
   1062     <td>A-31703084<br>
   1063         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04">
   1064 </a></td>
   1065     <td></td>
   1066     <td>Nexus 5XNexus 6PNexus 9Pixel CPixelPixel XL</td>
   1067     <td>2015  1  8 </td>
   1068   </tr>
   1069 </table>
   1070 
   1071 
   1072 <h3 id="eop-in-htc-sound-codec-driver">HTC </h3>
   1073 <p>
   1074 HTC 
   1075 </p>
   1076 
   1077 <table>
   1078   <col width="19%">
   1079   <col width="20%">
   1080   <col width="10%">
   1081   <col width="23%">
   1082   <col width="17%">
   1083   <tr>
   1084     <th>CVE</th>
   1085     <th></th>
   1086     <th></th>
   1087     <th> Google </th>
   1088     <th></th>
   1089   </tr>
   1090   <tr>
   1091     <td>CVE-2016-6778</td>
   1092     <td>A-31384646*</td>
   1093     <td></td>
   1094     <td>Nexus 9</td>
   1095     <td>2016  2  25 </td>
   1096   </tr>
   1097   <tr>
   1098     <td>CVE-2016-6779</td>
   1099     <td>A-31386004*</td>
   1100     <td></td>
   1101     <td>Nexus 9</td>
   1102     <td>2016  2  25 </td>
   1103   </tr>
   1104   <tr>
   1105     <td>CVE-2016-6780</td>
   1106     <td>A-31251496*</td>
   1107     <td></td>
   1108     <td>Nexus 9</td>
   1109     <td>2016  8  30 </td>
   1110   </tr>
   1111 </table>
   1112 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1113 </p>
   1114 
   1115 <h3 id="eop-in-mediatek-driver">MediaTek </h3>
   1116 <p>
   1117 MediaTek 
   1118 </p>
   1119 
   1120 <table>
   1121   <col width="19%">
   1122   <col width="20%">
   1123   <col width="10%">
   1124   <col width="23%">
   1125   <col width="17%">
   1126   <tr>
   1127     <th>CVE</th>
   1128     <th></th>
   1129     <th></th>
   1130     <th> Google </th>
   1131     <th></th>
   1132   </tr>
   1133   <tr>
   1134     <td>CVE-2016-6492</td>
   1135     <td>A-28175122<br>MT-ALPS02696413</td>
   1136     <td></td>
   1137     <td>*</td>
   1138     <td>2016  4  11 </td>
   1139   </tr>
   1140   <tr>
   1141     <td>CVE-2016-6781</td>
   1142     <td>A-31095175<br>MT-ALPS02943455</td>
   1143     <td></td>
   1144     <td>*</td>
   1145     <td>2016  8  22 </td>
   1146   </tr>
   1147   <tr>
   1148     <td>CVE-2016-6782</td>
   1149     <td>A-31224389<br>MT-ALPS02943506</td>
   1150     <td></td>
   1151     <td>*</td>
   1152     <td>2016  8  24 </td>
   1153   </tr>
   1154   <tr>
   1155     <td>CVE-2016-6783</td>
   1156     <td>A-31350044<br>MT-ALPS02943437</td>
   1157     <td></td>
   1158     <td>*</td>
   1159     <td>2016  9  6 </td>
   1160   </tr>
   1161   <tr>
   1162     <td>CVE-2016-6784</td>
   1163     <td>A-31350755<br>MT-ALPS02961424</td>
   1164     <td></td>
   1165     <td>*</td>
   1166     <td>2016  9  6 </td>
   1167   </tr>
   1168   <tr>
   1169     <td>CVE-2016-6785</td>
   1170     <td>A-31748056<br>MT-ALPS02961400</td>
   1171     <td></td>
   1172     <td>*</td>
   1173     <td>2016  9  25 </td>
   1174   </tr>
   1175 </table>
   1176 <p>
   1177 *  Android 7.0  Google  ()
   1178 </p>
   1179 
   1180 
   1181 <h3 id="eop-in-qualcomm-media-codecs">Qualcomm </h3>
   1182 <p>Qualcomm 
   1183 </p>
   1184 
   1185 <table>
   1186   <col width="19%">
   1187   <col width="20%">
   1188   <col width="10%">
   1189   <col width="23%">
   1190   <col width="17%">
   1191   <tr>
   1192     <th>CVE</th>
   1193     <th></th>
   1194     <th></th>
   1195     <th> Google </th>
   1196     <th></th>
   1197   </tr>
   1198   <tr>
   1199     <td>CVE-2016-6761</td>
   1200     <td>A-29421682*
   1201     <br>QC-CR#1055792</td>
   1202     <td></td>
   1203     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td>
   1204     <td>2016  6  16 </td>
   1205   </tr>
   1206   <tr>
   1207     <td>CVE-2016-6760</td>
   1208     <td>A-29617572*
   1209     <br>QC-CR#1055783</td>
   1210     <td></td>
   1211     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td>
   1212     <td>2016  6  23 </td>
   1213   </tr>
   1214   <tr>
   1215     <td>CVE-2016-6759</td>
   1216     <td>A-29982686*
   1217     <br>QC-CR#1055766</td>
   1218     <td></td>
   1219     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td>
   1220     <td>2016  7  4 </td>
   1221   </tr>
   1222   <tr>
   1223     <td>CVE-2016-6758</td>
   1224     <td>A-30148882*
   1225     <br>QC-CR#1071731</td>
   1226     <td></td>
   1227     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td>
   1228     <td>2016  7  13 </td>
   1229   </tr>
   1230 </table>
   1231 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1232 </p>
   1233 
   1234 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3>
   1235 <p>
   1236 Qualcomm 
   1237 </p>
   1238 
   1239 <table>
   1240   <col width="19%">
   1241   <col width="20%">
   1242   <col width="10%">
   1243   <col width="23%">
   1244   <col width="17%">
   1245   <tr>
   1246     <th>CVE</th>
   1247     <th></th>
   1248     <th></th>
   1249     <th> Google </th>
   1250     <th></th>
   1251   </tr>
   1252   <tr>
   1253     <td>CVE-2016-6755</td>
   1254     <td>A-30740545<br>
   1255         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0">
   1256 QC-CR#1065916</a></td>
   1257     <td></td>
   1258     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td>
   1259     <td>2016  8  3 </td>
   1260   </tr>
   1261 </table>
   1262 
   1263 
   1264 <h3 id="eop-in-kernel-performance-subsystem"></h3>
   1265 <p>
   1266 
   1267 </p>
   1268 
   1269 <table>
   1270   <col width="19%">
   1271   <col width="20%">
   1272   <col width="10%">
   1273   <col width="23%">
   1274   <col width="17%">
   1275   <tr>
   1276     <th>CVE</th>
   1277     <th></th>
   1278     <th></th>
   1279     <th> Google </th>
   1280     <th></th>
   1281   </tr>
   1282   <tr>
   1283     <td>CVE-2016-6786</td>
   1284     <td>A-30955111
   1285        <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"></a></td>
   1286     <td></td>
   1287     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1288     <td>2016  8  18 </td>
   1289   </tr>
   1290   <tr>
   1291     <td>CVE-2016-6787</td>
   1292     <td>A-31095224
   1293        <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b"></a></td>
   1294     <td></td>
   1295     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1296     <td>2016  8  22 </td>
   1297   </tr>
   1298 </table>
   1299 
   1300 
   1301 <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C </h3>
   1302 <p>
   1303 MediaTek I2C 
   1304 </p>
   1305 
   1306 <table>
   1307   <col width="19%">
   1308   <col width="20%">
   1309   <col width="10%">
   1310   <col width="23%">
   1311   <col width="17%">
   1312   <tr>
   1313     <th>CVE</th>
   1314     <th></th>
   1315     <th></th>
   1316     <th> Google </th>
   1317     <th></th>
   1318   </tr>
   1319   <tr>
   1320     <td>CVE-2016-6788</td>
   1321     <td>A-31224428<br>MT-ALPS02943467</td>
   1322     <td></td>
   1323     <td>*</td>
   1324     <td>2016  8  24 </td>
   1325   </tr>
   1326 </table>
   1327 <p>
   1328 *  Android 7.0  Google  ()
   1329 </p>
   1330 
   1331 
   1332 <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx </h3>
   1333 <p>
   1334 NVIDIA libomx 
   1335 </p>
   1336 
   1337 <table>
   1338   <col width="19%">
   1339   <col width="20%">
   1340   <col width="10%">
   1341   <col width="23%">
   1342   <col width="17%">
   1343   <tr>
   1344     <th>CVE</th>
   1345     <th></th>
   1346     <th></th>
   1347     <th> Google </th>
   1348     <th></th>
   1349   </tr>
   1350   <tr>
   1351     <td>CVE-2016-6789</td>
   1352     <td>A-31251973*
   1353     <br>N-CVE-2016-6789</td>
   1354     <td></td>
   1355     <td>Pixel C</td>
   1356     <td>2016  8  29 </td>
   1357   </tr>
   1358   <tr>
   1359     <td>CVE-2016-6790</td>
   1360     <td>A-31251628*
   1361     <br>N-CVE-2016-6790</td>
   1362     <td></td>
   1363     <td>Pixel C</td>
   1364     <td>2016  8  28 </td>
   1365   </tr>
   1366 </table>
   1367 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1368 </p>
   1369 
   1370 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3>
   1371 <p>
   1372 Qualcomm 
   1373 </p>
   1374 
   1375 <table>
   1376   <col width="19%">
   1377   <col width="20%">
   1378   <col width="10%">
   1379   <col width="23%">
   1380   <col width="17%">
   1381   <tr>
   1382     <th>CVE</th>
   1383     <th></th>
   1384     <th></th>
   1385     <th> Google </th>
   1386     <th></th>
   1387   </tr>
   1388   <tr>
   1389     <td>CVE-2016-6791</td>
   1390     <td>A-31252384<br>
   1391         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79">
   1392 QC-CR#1071809</a></td>
   1393     <td></td>
   1394     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td>
   1395     <td>2016  8  31 </td>
   1396   </tr>
   1397   <tr>
   1398     <td>CVE-2016-8391</td>
   1399     <td>A-31253255<br>
   1400         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79">
   1401 QC-CR#1072166</a></td>
   1402     <td></td>
   1403     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td>
   1404     <td>2016  8  31 </td>
   1405   </tr>
   1406   <tr>
   1407     <td>CVE-2016-8392</td>
   1408     <td>A-31385862<br>
   1409         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79">
   1410 QC-CR#1073136</a></td>
   1411     <td></td>
   1412     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td>
   1413     <td>2016  9  8 </td>
   1414   </tr>
   1415 </table>
   1416 
   1417 
   1418 <h3 id="eop-in-kernel-security-subsystem"></h3>
   1419 <p>
   1420 
   1421 </p>
   1422 
   1423 <table>
   1424   <col width="19%">
   1425   <col width="20%">
   1426   <col width="10%">
   1427   <col width="23%">
   1428   <col width="17%">
   1429   <tr>
   1430     <th>CVE</th>
   1431     <th></th>
   1432     <th></th>
   1433     <th> Google </th>
   1434     <th></th>
   1435   </tr>
   1436   <tr>
   1437     <td>CVE-2015-7872</td>
   1438     <td>A-31253168<br>
   1439         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61">
   1440 </a></td>
   1441     <td></td>
   1442     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OneNexus PlayerPixelPixel XL</td>
   1443     <td>2016  8  31 </td>
   1444   </tr>
   1445 </table>
   1446 
   1447 
   1448 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3>
   1449 <p>Synaptics 
   1450 </p>
   1451 
   1452 <table>
   1453   <col width="19%">
   1454   <col width="20%">
   1455   <col width="10%">
   1456   <col width="23%">
   1457   <col width="17%">
   1458   <tr>
   1459     <th>CVE</th>
   1460     <th></th>
   1461     <th></th>
   1462     <th> Google </th>
   1463     <th></th>
   1464   </tr>
   1465   <tr>
   1466     <td>CVE-2016-8393</td>
   1467     <td>A-31911920*</td>
   1468     <td></td>
   1469     <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td>
   1470     <td>2016  9  8 </td>
   1471   </tr>
   1472   <tr>
   1473     <td>CVE-2016-8394</td>
   1474     <td>A-31913197*</td>
   1475     <td></td>
   1476     <td>Nexus 9Android One</td>
   1477     <td>2016  9  8 </td>
   1478   </tr>
   1479 </table>
   1480 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1481 </p>
   1482 
   1483 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3>
   1484 <p>
   1485 Broadcom Wi-Fi 
   1486 </p>
   1487 
   1488 <table>
   1489   <col width="19%">
   1490   <col width="20%">
   1491   <col width="10%">
   1492   <col width="23%">
   1493   <col width="17%">
   1494   <tr>
   1495     <th>CVE</th>
   1496     <th></th>
   1497     <th></th>
   1498     <th> Google </th>
   1499     <th></th>
   1500   </tr>
   1501   <tr>
   1502     <td>CVE-2014-9909</td>
   1503     <td>A-31676542<br>B-RB#26684</td>
   1504     <td></td>
   1505     <td>*</td>
   1506     <td>2016  9  21 </td>
   1507   </tr>
   1508   <tr>
   1509     <td>CVE-2014-9910</td>
   1510     <td>A-31746399<br>B-RB#26710</td>
   1511     <td></td>
   1512     <td>*</td>
   1513     <td>2016  9  26 </td>
   1514   </tr>
   1515 </table>
   1516 <p>
   1517 *  Android 7.0  Google  ()
   1518 </p>
   1519 
   1520 
   1521 <h3 id="id-in-mediatek-video-driver">MediaTek </h3>
   1522 <p>
   1523 MediaTek 
   1524 </p>
   1525 
   1526 <table>
   1527   <col width="19%">
   1528   <col width="20%">
   1529   <col width="10%">
   1530   <col width="23%">
   1531   <col width="17%">
   1532   <tr>
   1533     <th>CVE</th>
   1534     <th></th>
   1535     <th></th>
   1536     <th> Google </th>
   1537     <th></th>
   1538   </tr>
   1539   <tr>
   1540     <td>CVE-2016-8396</td>
   1541     <td>A-31249105</td>
   1542     <td></td>
   1543     <td>*</td>
   1544     <td>2016  8  26 </td>
   1545   </tr>
   1546 </table>
   1547 <p>
   1548 *  Android 7.0  Google  ()
   1549 </p>
   1550 
   1551 
   1552 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3>
   1553 <p>
   1554 NVIDIA 
   1555 </p>
   1556 
   1557 <table>
   1558   <col width="19%">
   1559   <col width="20%">
   1560   <col width="10%">
   1561   <col width="23%">
   1562   <col width="17%">
   1563   <tr>
   1564     <th>CVE</th>
   1565     <th></th>
   1566     <th></th>
   1567     <th> Google </th>
   1568     <th></th>
   1569   </tr>
   1570   <tr>
   1571     <td>CVE-2016-8397</td>
   1572     <td>A-31385953*<br>
   1573     N-CVE-2016-8397</td>
   1574     <td></td>
   1575     <td>Nexus 9</td>
   1576     <td>2016  9  8 </td>
   1577   </tr>
   1578 </table>
   1579 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1580 </p>
   1581 
   1582 <h3 id="dos-in-gps">GPS </h3>
   1583 <p>
   1584 Qualcomm GPS 
   1585 </p>
   1586 
   1587 <table>
   1588   <col width="19%">
   1589   <col width="20%">
   1590   <col width="10%">
   1591   <col width="23%">
   1592   <col width="17%">
   1593   <tr>
   1594     <th>CVE</th>
   1595     <th></th>
   1596     <th></th>
   1597     <th> Google </th>
   1598     <th></th>
   1599   </tr>
   1600   <tr>
   1601     <td>CVE-2016-5341</td>
   1602     <td>A-31470303*</td>
   1603     <td></td>
   1604     <td>Nexus 6Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td>
   1605     <td>2016  6  21 </td>
   1606   </tr>
   1607 </table>
   1608 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1609 </p>
   1610 
   1611 <h3 id="dos-in-nvidia-camera-driver">NVIDIA </h3>
   1612 <p>
   1613 NVIDIA  (Re-flash) 
   1614 </p>
   1615 
   1616 <table>
   1617   <col width="19%">
   1618   <col width="20%">
   1619   <col width="10%">
   1620   <col width="23%">
   1621   <col width="17%">
   1622   <tr>
   1623     <th>CVE</th>
   1624     <th></th>
   1625     <th></th>
   1626     <th> Google </th>
   1627     <th></th>
   1628   </tr>
   1629   <tr>
   1630     <td>CVE-2016-8395</td>
   1631     <td>A-31403040*
   1632     <br>N-CVE-2016-8395</td>
   1633     <td></td>
   1634     <td>Pixel C</td>
   1635     <td>2016  9  9 </td>
   1636   </tr>
   1637 </table>
   1638 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1639 </p>
   1640 
   1641 <h3 id="eop-in-kernel-networking-subsystem"></h3>
   1642 <p>
   1643 
   1644 </p>
   1645 
   1646 <table>
   1647   <col width="19%">
   1648   <col width="20%">
   1649   <col width="10%">
   1650   <col width="23%">
   1651   <col width="17%">
   1652   <tr>
   1653     <th>CVE</th>
   1654     <th></th>
   1655     <th></th>
   1656     <th> Google </th>
   1657     <th></th>
   1658   </tr>
   1659   <tr>
   1660     <td>CVE-2016-8399</td>
   1661     <td>A-31349935*</td>
   1662     <td></td>
   1663     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1664     <td>2016  9  5 </td>
   1665   </tr>
   1666 </table>
   1667 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1668 </p>
   1669 
   1670 <h3 id="id-in-qualcomm-components">Qualcomm </h3>
   1671 <p>
   1672 Qualcomm  () 
   1673 </p>
   1674 
   1675 <table>
   1676   <col width="19%">
   1677   <col width="20%">
   1678   <col width="10%">
   1679   <col width="23%">
   1680   <col width="17%">
   1681   <tr>
   1682     <th>CVE</th>
   1683     <th></th>
   1684     <th></th>
   1685     <th> Google </th>
   1686     <th></th>
   1687   </tr>
   1688   <tr>
   1689     <td>CVE-2016-6756</td>
   1690     <td>A-29464815<br>
   1691         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5">
   1692         QC-CR#1042068</a>
   1693        [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td>
   1694     <td></td>
   1695     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td>
   1696     <td>2016  6  17 </td>
   1697   </tr>
   1698   <tr>
   1699     <td>CVE-2016-6757</td>
   1700     <td>A-30148242<br>
   1701         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245">
   1702 QC-CR#1052821</a></td>
   1703     <td></td>
   1704     <td>Nexus 5XNexus 6Nexus 6PPixelPixel XL</td>
   1705     <td>2016  7  13 </td>
   1706   </tr>
   1707 </table>
   1708 
   1709 
   1710 <h3 id="id-in-nvidia-librm-library">NVIDIA librm </h3>
   1711 <p>
   1712 NVIDIA librm  (libnvrm) 
   1713 </p>
   1714 
   1715 <table>
   1716   <col width="19%">
   1717   <col width="20%">
   1718   <col width="10%">
   1719   <col width="23%">
   1720   <col width="17%">
   1721   <tr>
   1722     <th>CVE</th>
   1723     <th></th>
   1724     <th></th>
   1725     <th> Google </th>
   1726     <th></th>
   1727   </tr>
   1728   <tr>
   1729     <td>CVE-2016-8400</td>
   1730     <td>A-31251599*
   1731     <br>N-CVE-2016-8400</td>
   1732     <td></td>
   1733     <td>Pixel C</td>
   1734     <td>2016  8  29 </td>
   1735   </tr>
   1736 </table>
   1737 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1738 </p>
   1739 
   1740 <h3 id="id-in-kernel-components"></h3>
   1741 <p>
   1742  ( ION USB ) 
   1743 </p>
   1744 
   1745 <table>
   1746   <col width="19%">
   1747   <col width="20%">
   1748   <col width="10%">
   1749   <col width="23%">
   1750   <col width="17%">
   1751   <tr>
   1752     <th>CVE</th>
   1753     <th></th>
   1754     <th></th>
   1755     <th> Google </th>
   1756     <th></th>
   1757   </tr>
   1758   <tr>
   1759     <td>CVE-2016-8401</td>
   1760     <td>A-31494725*</td>
   1761     <td></td>
   1762     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1763     <td>2016  9  13 </td>
   1764   </tr>
   1765   <tr>
   1766     <td>CVE-2016-8402</td>
   1767     <td>A-31495231*</td>
   1768     <td></td>
   1769     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1770     <td>2016  9  13 </td>
   1771   </tr>
   1772   <tr>
   1773     <td>CVE-2016-8403</td>
   1774     <td>A-31495348*</td>
   1775     <td></td>
   1776     <td>Nexus 9</td>
   1777     <td>2016  9  13 </td>
   1778   </tr>
   1779   <tr>
   1780     <td>CVE-2016-8404</td>
   1781     <td>A-31496950*</td>
   1782     <td></td>
   1783     <td>Nexus 9</td>
   1784     <td>2016  9  13 </td>
   1785   </tr>
   1786   <tr>
   1787     <td>CVE-2016-8405</td>
   1788     <td>A-31651010*</td>
   1789     <td></td>
   1790     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1791     <td>2016  9  21 </td>
   1792   </tr>
   1793   <tr>
   1794     <td>CVE-2016-8406</td>
   1795     <td>A-31796940*</td>
   1796     <td></td>
   1797     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1798     <td>2016  9  27 </td>
   1799   </tr>
   1800   <tr>
   1801     <td>CVE-2016-8407</td>
   1802     <td>A-31802656*</td>
   1803     <td></td>
   1804     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td>
   1805     <td>2016  9  28 </td>
   1806   </tr>
   1807 </table>
   1808 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1809 </p>
   1810 
   1811 <h3 id="id-in-nvidia-video-driver-2">NVIDIA </h3>
   1812 <p>
   1813 NVIDIA 
   1814 </p>
   1815 
   1816 <table>
   1817   <col width="19%">
   1818   <col width="20%">
   1819   <col width="10%">
   1820   <col width="23%">
   1821   <col width="17%">
   1822   <tr>
   1823     <th>CVE</th>
   1824     <th></th>
   1825     <th></th>
   1826     <th> Google </th>
   1827     <th></th>
   1828   </tr>
   1829   <tr>
   1830     <td>CVE-2016-8408</td>
   1831     <td>A-31496571*
   1832     <br>N-CVE-2016-8408</td>
   1833     <td></td>
   1834     <td>Nexus 9</td>
   1835     <td>2016  9  13 </td>
   1836   </tr>
   1837   <tr>
   1838     <td>CVE-2016-8409</td>
   1839     <td>A-31495687*
   1840     <br>N-CVE-2016-8409</td>
   1841     <td></td>
   1842     <td>Nexus 9</td>
   1843     <td>2016  9  13 </td>
   1844   </tr>
   1845 </table>
   1846 <p>*  Google  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1847 </p>
   1848 
   1849 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3>
   1850 <p>
   1851 Qualcomm 
   1852 </p>
   1853 
   1854 <table>
   1855   <col width="19%">
   1856   <col width="20%">
   1857   <col width="10%">
   1858   <col width="23%">
   1859   <col width="17%">
   1860   <tr>
   1861     <th>CVE</th>
   1862     <th></th>
   1863     <th></th>
   1864     <th> Google </th>
   1865     <th></th>
   1866   </tr>
   1867   <tr>
   1868     <td>CVE-2016-8410</td>
   1869     <td>A-31498403<br>
   1870         <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9">
   1871 QC-CR#987010</a></td>
   1872     <td></td>
   1873     <td>Nexus 5XNexus 6Nexus 6PAndroid One</td>
   1874     <td>Google </td>
   1875   </tr>
   1876 </table>
   1877 
   1878 <h2 id="common-questions-and-answers"></h2>
   1879 <p>
   1880 </p>
   1881 <p>
   1882 <strong>1. 
   1883 </strong>
   1884 </p>
   1885 <p>
   1886  <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus </a>
   1887 </p>
   1888 <ul>
   1889   <li>2016  12  1  2016-12-01 </li>
   1890   <li>2016  12  5  2016-12-05 </li>
   1891 </ul>
   1892 <p>
   1893 
   1894 </p>
   1895 <ul>
   1896   <li>[ro.build.version.security_patch]:[2016-12-01]</li>
   1897   <li>[ro.build.version.security_patch]:[2016-12-05]</li>
   1898 </ul>
   1899 <p>
   1900 <strong>2. </strong>
   1901 </p>
   1902 <p>
   1903  Android  Android  Android 
   1904 </p>
   1905 <ul>
   1906   <li> 2016  12  1 </li>
   1907   <li> 2016  12  5  () </li>
   1908 </ul>
   1909 <p>
   1910 
   1911 </p>
   1912 <p>
   1913 <strong>3.  Google </strong>
   1914 </p>
   1915 <p> <a href="#2016-12-01-details">2016-12-01</a>  <a href="#2016-12-05-details">2016-12-05</a>  Google <em></em> Google </p>
   1916 <ul>
   1917   <li><strong> Google </strong> Pixel  Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices"></a>Nexus 5Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel  Pixel XL</li>
   1918   <li><strong> Google </strong> Google  Google <em></em> Google </li>
   1919   <li><strong> Google </strong> Android 7.0  Google  Google <em></em></li>
   1920 </ul>
   1921 <p>
   1922 <strong>4. </strong>
   1923 </p>
   1924 <p><em></em>
   1925 </p>
   1926 <table>
   1927   <tr>
   1928    <th></th>
   1929    <th></th>
   1930   </tr>
   1931   <tr>
   1932    <td>A-</td>
   1933    <td>Android  ID</td>
   1934   </tr>
   1935   <tr>
   1936    <td>QC-</td>
   1937    <td>Qualcomm </td>
   1938   </tr>
   1939   <tr>
   1940    <td>M-</td>
   1941    <td>MediaTek </td>
   1942   </tr>
   1943   <tr>
   1944    <td>N-</td>
   1945    <td>NVIDIA </td>
   1946   </tr>
   1947   <tr>
   1948    <td>B-</td>
   1949    <td>Broadcom </td>
   1950   </tr>
   1951 </table>
   1952 <h2 id="revisions"></h2>
   1953 <ul>
   1954   <li>2016  12  5 </li>
   1955   <li>2016  12  7  AOSP  CVE-2016-6915CVE-2016-6916  CVE-2016-6917 </li>
   1956 </ul>
   1957 
   1958   </body>
   1959 </html>
   1960