1 <html devsite> 2 <head> 3 <title>Android 2017 1 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 <p><em>2017 1 3 | 2017 1 5 </em></p> 26 27 <p>Android Android Google OTA Google Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2017 1 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 28 29 <p> 2016 12 5 Android (AOSP) AOSP </p> 30 31 <p></p> 32 33 <p> <a href="/security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) Android <a href="#mitigations">Android Google </a></p> 34 35 <p></p> 36 37 <h2 id="announcements"></h2> 38 <ul> 39 <li> Android Android <a href="#common-questions-and-answers"></a> 40 <ul> 41 <li><strong>2017-01-01</strong> 2017-01-01 () </li> 42 <li><strong>2017-01-05</strong> 2017-01-01 2017-01-05 () </li> 43 </ul> 44 </li> 45 <li> Google OTA 2017 1 5 </li> 46 </ul> 47 <h2 id="security-vulnerability-summary"></h2> 48 <p> ID (CVE) Google <a href="/security/overview/updates-resources.html#severity"></a></p> 49 50 <h3 id="2017-01-01-summary">2017-01-01 </h3> 51 <p>2017-01-01 </p> 52 53 <table> 54 <col width="55%"> 55 <col width="20%"> 56 <col width="13%"> 57 <col width="12%"> 58 <tr> 59 <th></th> 60 <th>CVE</th> 61 <th></th> 62 <th> Google </th> 63 </tr> 64 <tr> 65 <td>c-ares </td> 66 <td>CVE-2016-5180</td> 67 <td></td> 68 <td></td> 69 </tr> 70 <tr> 71 <td>Framesequence </td> 72 <td>CVE-2017-0382</td> 73 <td></td> 74 <td></td> 75 </tr> 76 <tr> 77 <td>Framework API </td> 78 <td>CVE-2017-0383</td> 79 <td></td> 80 <td></td> 81 </tr> 82 <tr> 83 <td></td> 84 <td>CVE-2017-0384CVE-2017-0385</td> 85 <td></td> 86 <td></td> 87 </tr> 88 <tr> 89 <td>libnl </td> 90 <td>CVE-2017-0386</td> 91 <td></td> 92 <td></td> 93 </tr> 94 <tr> 95 <td></td> 96 <td>CVE-2017-0387</td> 97 <td></td> 98 <td></td> 99 </tr> 100 <tr> 101 <td></td> 102 <td>CVE-2017-0388</td> 103 <td></td> 104 <td></td> 105 </tr> 106 <tr> 107 <td></td> 108 <td>CVE-2017-0389</td> 109 <td></td> 110 <td></td> 111 </tr> 112 <tr> 113 <td></td> 114 <td>CVE-2017-0390CVE-2017-0391CVE-2017-0392CVE-2017-0393</td> 115 <td></td> 116 <td></td> 117 </tr> 118 <tr> 119 <td></td> 120 <td>CVE-2017-0394</td> 121 <td></td> 122 <td></td> 123 </tr> 124 <tr> 125 <td></td> 126 <td>CVE-2017-0395</td> 127 <td></td> 128 <td></td> 129 </tr> 130 <tr> 131 <td></td> 132 <td>CVE-2017-0396CVE-2017-0397CVE-2017-0381</td> 133 <td></td> 134 <td></td> 135 </tr> 136 <tr> 137 <td></td> 138 <td>CVE-2017-0398CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 139 <td></td> 140 <td></td> 141 </tr> 142 </table> 143 144 <h3 id="2017-01-05-summary">2017-01-05 </h3> 145 <p>2017-01-05 2017-01-01 </p> 146 147 <table> 148 <col width="55%"> 149 <col width="20%"> 150 <col width="13%"> 151 <col width="12%"> 152 <tr> 153 <th></th> 154 <th>CVE</th> 155 <th></th> 156 <th> Google </th> 157 </tr> 158 <tr> 159 <td></td> 160 <td>CVE-2015-3288</td> 161 <td></td> 162 <td></td> 163 </tr> 164 <tr> 165 <td>Qualcomm </td> 166 <td>CVE-2016-8422CVE-2016-8423</td> 167 <td></td> 168 <td></td> 169 </tr> 170 <tr> 171 <td></td> 172 <td>CVE-2015-5706</td> 173 <td></td> 174 <td>*</td> 175 </tr> 176 <tr> 177 <td>NVIDIA GPU </td> 178 <td>CVE-2016-8424CVE-2016-8425CVE-2016-8426CVE-2016-8482CVE-2016-8427CVE-2016-8428CVE-2016-8429CVE-2016-8430CVE-2016-8431CVE-2016-8432</td> 179 <td></td> 180 <td></td> 181 </tr> 182 <tr> 183 <td>MediaTek </td> 184 <td>CVE-2016-8433</td> 185 <td></td> 186 <td>*</td> 187 </tr> 188 <tr> 189 <td>Qualcomm GPU </td> 190 <td>CVE-2016-8434</td> 191 <td></td> 192 <td></td> 193 </tr> 194 <tr> 195 <td>NVIDIA GPU </td> 196 <td>CVE-2016-8435</td> 197 <td></td> 198 <td></td> 199 </tr> 200 <tr> 201 <td>Qualcomm </td> 202 <td>CVE-2016-8436</td> 203 <td></td> 204 <td>*</td> 205 </tr> 206 <tr> 207 <td>Qualcomm </td> 208 <td>CVE-2016-5080CVE-2016-8398CVE-2016-8437CVE-2016-8438CVE-2016-8439CVE-2016-8440CVE-2016-8441CVE-2016-8442CVE-2016-8443CVE-2016-8459</td> 209 <td></td> 210 <td>*</td> 211 </tr> 212 <tr> 213 <td>Qualcomm </td> 214 <td>CVE-2016-8412CVE-2016-8444</td> 215 <td></td> 216 <td></td> 217 </tr> 218 <tr> 219 <td>MediaTek </td> 220 <td>CVE-2016-8445CVE-2016-8446CVE-2016-8447CVE-2016-8448</td> 221 <td></td> 222 <td>*</td> 223 </tr> 224 <tr> 225 <td>Qualcomm Wi-Fi </td> 226 <td>CVE-2016-8415</td> 227 <td></td> 228 <td></td> 229 </tr> 230 <tr> 231 <td>NVIDIA GPU </td> 232 <td>CVE-2016-8449</td> 233 <td></td> 234 <td></td> 235 </tr> 236 <tr> 237 <td>Qualcomm </td> 238 <td>CVE-2016-8450</td> 239 <td></td> 240 <td></td> 241 </tr> 242 <tr> 243 <td>Synaptics </td> 244 <td>CVE-2016-8451</td> 245 <td></td> 246 <td>*</td> 247 </tr> 248 <tr> 249 <td></td> 250 <td>CVE-2016-7042</td> 251 <td></td> 252 <td></td> 253 </tr> 254 <tr> 255 <td></td> 256 <td>CVE-2017-0403</td> 257 <td></td> 258 <td></td> 259 </tr> 260 <tr> 261 <td></td> 262 <td>CVE-2017-0404</td> 263 <td></td> 264 <td></td> 265 </tr> 266 <tr> 267 <td>Qualcomm Wi-Fi </td> 268 <td>CVE-2016-8452</td> 269 <td></td> 270 <td></td> 271 </tr> 272 <tr> 273 <td>Qualcomm </td> 274 <td>CVE-2016-5345</td> 275 <td></td> 276 <td></td> 277 </tr> 278 <tr> 279 <td></td> 280 <td>CVE-2016-9754</td> 281 <td></td> 282 <td></td> 283 </tr> 284 <tr> 285 <td>Broadcom Wi-Fi </td> 286 <td>CVE-2016-8453CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457</td> 287 <td></td> 288 <td></td> 289 </tr> 290 <tr> 291 <td>Synaptics </td> 292 <td>CVE-2016-8458</td> 293 <td></td> 294 <td></td> 295 </tr> 296 <tr> 297 <td>NVIDIA </td> 298 <td>CVE-2016-8460</td> 299 <td></td> 300 <td></td> 301 </tr> 302 <tr> 303 <td></td> 304 <td>CVE-2016-8461CVE-2016-8462</td> 305 <td></td> 306 <td></td> 307 </tr> 308 <tr> 309 <td>Qualcomm FUSE </td> 310 <td>CVE-2016-8463</td> 311 <td></td> 312 <td>*</td> 313 </tr> 314 <tr> 315 <td></td> 316 <td>CVE-2016-8467</td> 317 <td></td> 318 <td></td> 319 </tr> 320 <tr> 321 <td>Broadcom Wi-Fi </td> 322 <td>CVE-2016-8464CVE-2016-8465CVE-2016-8466</td> 323 <td></td> 324 <td></td> 325 </tr> 326 <tr> 327 <td></td> 328 <td>CVE-2016-8467</td> 329 <td></td> 330 <td></td> 331 </tr> 332 <tr> 333 <td></td> 334 <td>CVE-2016-8468</td> 335 <td></td> 336 <td></td> 337 </tr> 338 <tr> 339 <td>NVIDIA </td> 340 <td>CVE-2016-8469</td> 341 <td></td> 342 <td></td> 343 </tr> 344 <tr> 345 <td>MediaTek </td> 346 <td>CVE-2016-8470CVE-2016-8471CVE-2016-8472</td> 347 <td></td> 348 <td>*</td> 349 </tr> 350 <tr> 351 <td>STMicroelectronics </td> 352 <td>CVE-2016-8473CVE-2016-8474</td> 353 <td></td> 354 <td></td> 355 </tr> 356 <tr> 357 <td>Qualcomm </td> 358 <td>CVE-2017-0399CVE-2017-0400CVE-2017-0401CVE-2017-0402</td> 359 <td></td> 360 <td></td> 361 </tr> 362 <tr> 363 <td>HTC </td> 364 <td>CVE-2016-8475</td> 365 <td></td> 366 <td></td> 367 </tr> 368 <tr> 369 <td></td> 370 <td>CVE-2014-9420</td> 371 <td></td> 372 <td></td> 373 </tr> 374 </table> 375 <p>* Android 7.0 Google ()</p> 376 377 <h2 id="mitigations">Android Google </h2> 378 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 379 <ul> 380 <li> Android Android Android</li> 381 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 382 <li>Google Hangouts Messenger </li> 383 </ul> 384 <h2 id="acknowledgements"></h2> 385 <p></p> 386 <ul> 387 <li>Alexandru BlandaCVE-2017-0390</li> 388 <li>Copperhead Security Daniel MicayCVE-2017-0397</li> 389 <li> Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>)CVE-2017-0386</li> 390 <li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>)CVE-2017-0392</li> 391 <li> (<a href="https://twitter.com/keen_lab">@keen_lab</a>) Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2016-8412CVE-2016-8444CVE-2016-8427CVE-2017-0403</li> 392 <li> Shellphish Grill donfos (Aravind Machiry)CVE-2016-8448CVE-2016-8470CVE-2016-8471CVE-2016-8472</li> 393 <li><a href="http://www.ms509.com">MS509Team</a> En He (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>)CVE-2017-0394</li> 394 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-8464</li> 395 <li>Google WebM CVE-2017-0393</li> 396 <li><a href="http://www.360.com"> 360 </a> Alpha Guang Gong () (<a href="http://twitter.com/oldfresher">@oldfresher</a>)CVE-2017-0387</li> 397 <li> 360 Alpha Hao Chen Guang GongCVE-2016-8415CVE-2016-8454CVE-2016-8455CVE-2016-8456CVE-2016-8457CVE-2016-8465</li> 398 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2016-8475</li> 399 <li>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>) Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>)CVE-2016-8462</li> 400 <li>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>)Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>) Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)CVE-2016-8461</li> 401 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0383</li> 402 <li>Monk AvelCVE-2017-0396CVE-2017-0399</li> 403 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)CVE-2016-8469CVE-2016-8424CVE-2016-8428CVE-2016-8429CVE-2016-8460CVE-2016-8473CVE-2016-8474</li> 404 <li> Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2017-0382</li> 405 <li>IBM X-Force Roee Hay Michael GobermanCVE-2016-8467</li> 406 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2016-8466</li> 407 <li>Stephen MorrowCVE-2017-0389</li> 408 <li><a href="http://www.trendmicro.com"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0381</li> 409 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2017-0391</li> 410 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0402CVE-2017-0398</li> 411 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0400</li> 412 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0384CVE-2017-0385</li> 413 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0401</li> 414 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8431CVE-2016-8432CVE-2016-8435</li> 415 <li> Yong Wang () (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) Jun ChengCVE-2017-0404</li> 416 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8425CVE-2016-8426CVE-2016-8449</li> 417 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:bigwyfone (a] gmail.com">Yanfeng Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8430CVE-2016-8482</li> 418 <li> Yuxiang Li (<a href="https://twitter.com/xbalien29">@Xbalien29</a>)CVE-2017-0395</li> 419 <li><a href="http://www.cmcm.com/"></a> Zhanpeng Zhao () (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>)CVE-2016-8451</li> 420 </ul> 421 <p></p> 422 <ul> 423 <li> Baozeng DingChengming YangPeng XiaoNing YouYang DongChao YangYi Zhang Yang Song</li> 424 <li> Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)</li> 425 <li>Google Zubin Mithra</li> 426 </ul> 427 428 <h2 id="2017-01-01-details">2017-01-01 </h2> 429 <p> 430 <a href="#2017-01-01-summary">2017-01-01 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 431 432 433 <h3 id="rce-in-c-ares">c-ares </h3> 434 <p> 435 c-ares 436 </p> 437 438 <table> 439 <col width="18%"> 440 <col width="17%"> 441 <col width="10%"> 442 <col width="19%"> 443 <col width="18%"> 444 <col width="17%"> 445 <tr> 446 <th>CVE</th> 447 <th></th> 448 <th></th> 449 <th> Google </th> 450 <th> AOSP </th> 451 <th></th> 452 </tr> 453 <tr> 454 <td>CVE-2016-5180</td> 455 <td><a href="https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677"> 456 A-32205736</a></td> 457 <td></td> 458 <td></td> 459 <td>7.0</td> 460 <td>2016 9 29 </td> 461 </tr> 462 </table> 463 464 465 <h3 id="rce-vulnerability-in-framesequence">Framesequence </h3> 466 <p> 467 Framesequence Framesequence 468 </p> 469 <table> 470 <col width="18%"> 471 <col width="17%"> 472 <col width="10%"> 473 <col width="19%"> 474 <col width="18%"> 475 <col width="17%"> 476 <tr> 477 <th>CVE</th> 478 <th></th> 479 <th></th> 480 <th> Google </th> 481 <th> AOSP </th> 482 <th></th> 483 </tr> 484 <tr> 485 <td>CVE-2017-0382</td> 486 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7"> 487 A-32338390</a></td> 488 <td></td> 489 <td></td> 490 <td>5.0.25.1.16.06.0.17.07.1.1</td> 491 <td>2016 10 21 </td> 492 </tr> 493 </table> 494 <h3 id="eop-in-framework-apis">Framework API </h3> 495 <p> 496 Framework API 497 </p> 498 <table> 499 <col width="18%"> 500 <col width="17%"> 501 <col width="10%"> 502 <col width="19%"> 503 <col width="18%"> 504 <col width="17%"> 505 <tr> 506 <th>CVE</th> 507 <th></th> 508 <th></th> 509 <th> Google </th> 510 <th> AOSP </th> 511 <th></th> 512 </tr> 513 <tr> 514 <td>CVE-2017-0383</td> 515 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266"> 516 A-31677614</a></td> 517 <td></td> 518 <td></td> 519 <td>7.07.1.1</td> 520 <td>2016 9 21 </td> 521 </tr> 522 </table> 523 <h3 id="eop-in-audioserver"></h3> 524 <p> 525 </p> 526 <table> 527 <col width="18%"> 528 <col width="17%"> 529 <col width="10%"> 530 <col width="19%"> 531 <col width="18%"> 532 <col width="17%"> 533 <tr> 534 <th>CVE</th> 535 <th></th> 536 <th></th> 537 <th> Google </th> 538 <th> AOSP </th> 539 <th></th> 540 </tr> 541 <tr> 542 <td>CVE-2017-0384</td> 543 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 544 A-32095626</a></td> 545 <td></td> 546 <td></td> 547 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 548 <td>2016 10 11 </td> 549 </tr> 550 <tr> 551 <td>CVE-2017-0385</td> 552 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 553 A-32585400</a></td> 554 <td></td> 555 <td></td> 556 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 557 <td>2016 10 11 </td> 558 </tr> 559 </table> 560 <h3 id="eop-in-libnl">libnl </h3> 561 <p> 562 libnl 563 </p> 564 <table> 565 <col width="18%"> 566 <col width="17%"> 567 <col width="10%"> 568 <col width="19%"> 569 <col width="18%"> 570 <col width="17%"> 571 <tr> 572 <th>CVE</th> 573 <th></th> 574 <th></th> 575 <th> Google </th> 576 <th> AOSP </th> 577 <th></th> 578 </tr> 579 <tr> 580 <td>CVE-2017-0386</td> 581 <td><a href="https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a"> 582 A-32255299</a></td> 583 <td></td> 584 <td></td> 585 <td>5.0.25.1.16.06.0.17.07.1.1</td> 586 <td>2016 10 18 </td> 587 </tr> 588 </table> 589 <h3 id="eop-in-mediaserver"></h3> 590 <p> 591 592 </p> 593 <table> 594 <col width="18%"> 595 <col width="17%"> 596 <col width="10%"> 597 <col width="19%"> 598 <col width="18%"> 599 <col width="17%"> 600 <tr> 601 <th>CVE</th> 602 <th></th> 603 <th></th> 604 <th> Google </th> 605 <th> AOSP </th> 606 <th></th> 607 </tr> 608 <tr> 609 <td>CVE-2017-0387</td> 610 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f"> 611 A-32660278</a></td> 612 <td></td> 613 <td></td> 614 <td>5.0.25.1.16.06.0.17.07.1.1</td> 615 <td>2016 11 4 </td> 616 </tr> 617 </table> 618 <h3 id="id-in-external-storage-provider"></h3> 619 <p> 620 SD 621 </p> 622 <table> 623 <col width="18%"> 624 <col width="17%"> 625 <col width="10%"> 626 <col width="19%"> 627 <col width="18%"> 628 <col width="17%"> 629 <tr> 630 <th>CVE</th> 631 <th></th> 632 <th></th> 633 <th> Google </th> 634 <th> AOSP </th> 635 <th></th> 636 </tr> 637 <tr> 638 <td>CVE-2017-0388</td> 639 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9"> 640 A-32523490</a></td> 641 <td></td> 642 <td></td> 643 <td>6.06.0.17.07.1.1</td> 644 <td>Google </td> 645 </tr> 646 </table> 647 <h3 id="dos-in-core-networking"></h3> 648 <p> 649 650 </p> 651 <table> 652 <col width="18%"> 653 <col width="17%"> 654 <col width="10%"> 655 <col width="19%"> 656 <col width="18%"> 657 <col width="17%"> 658 <tr> 659 <th>CVE</th> 660 <th></th> 661 <th></th> 662 <th> Google </th> 663 <th> AOSP </th> 664 <th></th> 665 </tr> 666 <tr> 667 <td>CVE-2017-0389</td> 668 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7"> 669 A-31850211</a> 670 [<a href="https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29">2</a>] 671 [<a href="https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba#">3</a>]</td> 672 <td></td> 673 <td></td> 674 <td>6.06.0.17.07.1.1</td> 675 <td>2016 7 20 </td> 676 </tr> 677 </table> 678 <h3 id="dos-in-mediaserver"></h3> 679 <p> 680 681 </p> 682 <table> 683 <col width="18%"> 684 <col width="17%"> 685 <col width="10%"> 686 <col width="19%"> 687 <col width="18%"> 688 <col width="17%"> 689 <tr> 690 <th>CVE</th> 691 <th></th> 692 <th></th> 693 <th> Google </th> 694 <th> AOSP </th> 695 <th></th> 696 </tr> 697 <tr> 698 <td>CVE-2017-0390</td> 699 <td><a href="https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0"> 700 A-31647370</a></td> 701 <td></td> 702 <td></td> 703 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 704 <td>2016 9 19 </td> 705 </tr> 706 <tr> 707 <td>CVE-2017-0391</td> 708 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f"> 709 A-32322258</a></td> 710 <td></td> 711 <td></td> 712 <td>6.06.0.17.07.1.1</td> 713 <td>2016 10 20 </td> 714 </tr> 715 <tr> 716 <td>CVE-2017-0392</td> 717 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c"> 718 A-32577290</a></td> 719 <td></td> 720 <td></td> 721 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 722 <td>2016 10 29 </td> 723 </tr> 724 <tr> 725 <td>CVE-2017-0393</td> 726 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc"> 727 A-30436808</a></td> 728 <td></td> 729 <td></td> 730 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 731 <td>Google </td> 732 </tr> 733 </table> 734 <h3 id="dos-in-telephony"></h3> 735 <p> 736 737 </p> 738 <table> 739 <col width="18%"> 740 <col width="17%"> 741 <col width="10%"> 742 <col width="19%"> 743 <col width="18%"> 744 <col width="17%"> 745 <tr> 746 <th>CVE</th> 747 <th></th> 748 <th></th> 749 <th> Google </th> 750 <th> AOSP </th> 751 <th></th> 752 </tr> 753 <tr> 754 <td>CVE-2017-0394</td> 755 <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d"> 756 A-31752213</a></td> 757 <td></td> 758 <td></td> 759 <td>5.0.25.1.16.06.0.17.07.1.1</td> 760 <td>2016 9 23 </td> 761 </tr> 762 </table> 763 <h3 id="eop-in-contacts"></h3> 764 <p> 765 () 766 </p> 767 <table> 768 <col width="18%"> 769 <col width="17%"> 770 <col width="10%"> 771 <col width="19%"> 772 <col width="18%"> 773 <col width="17%"> 774 <tr> 775 <th>CVE</th> 776 <th></th> 777 <th></th> 778 <th> Google </th> 779 <th> AOSP </th> 780 <th></th> 781 </tr> 782 <tr> 783 <td>CVE-2017-0395</td> 784 <td><a href="https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b"> 785 A-32219099</a></td> 786 <td></td> 787 <td></td> 788 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 789 <td>2016 10 15 </td> 790 </tr> 791 </table> 792 <h3 id="id-in-mediaserver"></h3> 793 <p> 794 795 </p> 796 <table> 797 <col width="18%"> 798 <col width="17%"> 799 <col width="10%"> 800 <col width="19%"> 801 <col width="18%"> 802 <col width="17%"> 803 <tr> 804 <th>CVE</th> 805 <th></th> 806 <th></th> 807 <th> Google </th> 808 <th> AOSP </th> 809 <th></th> 810 </tr> 811 <tr> 812 <td>CVE-2017-0381</td> 813 <td><a href="https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7"> 814 A-31607432</a></td> 815 <td></td> 816 <td></td> 817 <td>5.0.25.1.16.06.0.17.07.1.1</td> 818 <td>2016 9 18 </td> 819 </tr> 820 <tr> 821 <td>CVE-2017-0396</td> 822 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7"> 823 A-31781965</a></td> 824 <td></td> 825 <td></td> 826 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 827 <td>2016 9 27 </td> 828 </tr> 829 <tr> 830 <td>CVE-2017-0397</td> 831 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c"> 832 A-32377688</a></td> 833 <td></td> 834 <td></td> 835 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 836 <td>2016 10 21 </td> 837 </tr> 838 </table> 839 <h3 id="id-in-audioserver"></h3> 840 <p> 841 842 </p> 843 <table> 844 <col width="18%"> 845 <col width="17%"> 846 <col width="10%"> 847 <col width="19%"> 848 <col width="18%"> 849 <col width="17%"> 850 <tr> 851 <th>CVE</th> 852 <th></th> 853 <th></th> 854 <th> Google </th> 855 <th> AOSP </th> 856 <th></th> 857 </tr> 858 <tr> 859 <td>CVE-2017-0398</td> 860 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 861 A-32438594</a></td> 862 <td></td> 863 <td></td> 864 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 865 <td>2016 10 25 </td> 866 </tr> 867 <tr> 868 <td>CVE-2017-0398</td> 869 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 870 A-32635664</a></td> 871 <td></td> 872 <td></td> 873 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 874 <td>2016 10 25 </td> 875 </tr> 876 <tr> 877 <td>CVE-2017-0398</td> 878 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c"> 879 A-32624850</a></td> 880 <td></td> 881 <td></td> 882 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 883 <td>2016 10 25 </td> 884 </tr> 885 <tr> 886 <td>CVE-2017-0399</td> 887 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 888 A-32247948</a> 889 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 890 <td></td> 891 <td></td> 892 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 893 <td>2016 10 18 </td> 894 </tr> 895 <tr> 896 <td>CVE-2017-0400</td> 897 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 898 A-32584034</a> 899 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 900 <td></td> 901 <td></td> 902 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 903 <td>2016 10 25 </td> 904 </tr> 905 <tr> 906 <td>CVE-2017-0401</td> 907 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe"> 908 A-32448258</a></td> 909 <td></td> 910 <td></td> 911 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 912 <td>2016 10 26 </td> 913 </tr> 914 <tr> 915 <td>CVE-2017-0402</td> 916 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 917 A-32436341</a> 918 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 919 <td></td> 920 <td></td> 921 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 922 <td>2016 10 25 </td> 923 </tr> 924 </table> 925 926 <h2 id="2017-01-05-details">2017-01-05 </h2> 927 <p> 928 <a href="#2017-01-05-summary">2017-01-05 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 929 930 931 <h3 id="eop-in-kernel-memory-subsystem"></h3> 932 <p> 933 (Re-flash) 934 </p> 935 936 <table> 937 <col width="19%"> 938 <col width="20%"> 939 <col width="10%"> 940 <col width="23%"> 941 <col width="17%"> 942 <tr> 943 <th>CVE</th> 944 <th></th> 945 <th></th> 946 <th> Google </th> 947 <th></th> 948 </tr> 949 <tr> 950 <td>CVE-2015-3288</td> 951 <td>A-32460277<br> 952 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d"> 953 </a></td> 954 <td></td> 955 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixel CNexus PlayerPixelPixel XL</td> 956 <td>2015 7 9 </td> 957 </tr> 958 </table> 959 960 961 <h3 id="eop-in-qualcomm-bootloader">Qualcomm </h3> 962 <p>Qualcomm (Re-flash) 963 </p> 964 965 <table> 966 <col width="19%"> 967 <col width="20%"> 968 <col width="10%"> 969 <col width="23%"> 970 <col width="17%"> 971 <tr> 972 <th>CVE</th> 973 <th></th> 974 <th></th> 975 <th> Google </th> 976 <th></th> 977 </tr> 978 <tr> 979 <td>CVE-2016-8422</td> 980 <td>A-31471220<br> 981 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213"> 982 QC-CR#979426</a></td> 983 <td></td> 984 <td>Nexus 6Nexus 6PPixelPixel XL</td> 985 <td>2016 7 22 </td> 986 </tr> 987 <tr> 988 <td>CVE-2016-8423</td> 989 <td>A-31399736<br> 990 <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867"> 991 QC-CR#1000546</a></td> 992 <td></td> 993 <td>Nexus 6PPixelPixel XL</td> 994 <td>2016 8 24 </td> 995 </tr> 996 </table> 997 998 999 <h3 id="eop-in-kernel-file-system"></h3> 1000 <p> 1001 (Re-flash) 1002 </p> 1003 1004 <table> 1005 <col width="19%"> 1006 <col width="20%"> 1007 <col width="10%"> 1008 <col width="23%"> 1009 <col width="17%"> 1010 <tr> 1011 <th>CVE</th> 1012 <th></th> 1013 <th></th> 1014 <th> Google </th> 1015 <th></th> 1016 </tr> 1017 <tr> 1018 <td>CVE-2015-5706</td> 1019 <td>A-32289301<br> 1020 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0"> 1021 </a></td> 1022 <td></td> 1023 <td>*</td> 1024 <td>2016 8 1 </td> 1025 </tr> 1026 </table> 1027 <p> 1028 * Android 7.0 Google () 1029 </p> 1030 1031 1032 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1033 <p> 1034 NVIDIA GPU (Re-flash) 1035 </p> 1036 1037 <table> 1038 <col width="19%"> 1039 <col width="20%"> 1040 <col width="10%"> 1041 <col width="23%"> 1042 <col width="17%"> 1043 <tr> 1044 <th>CVE</th> 1045 <th></th> 1046 <th></th> 1047 <th> Google </th> 1048 <th></th> 1049 </tr> 1050 <tr> 1051 <td>CVE-2016-8424</td> 1052 <td>A-31606947*<br> 1053 N-CVE-2016-8424</td> 1054 <td></td> 1055 <td>Nexus 9</td> 1056 <td>2016 9 17 </td> 1057 </tr> 1058 <tr> 1059 <td>CVE-2016-8425</td> 1060 <td>A-31797770*<br> 1061 N-CVE-2016-8425</td> 1062 <td></td> 1063 <td>Nexus 9</td> 1064 <td>2016 9 28 </td> 1065 </tr> 1066 <tr> 1067 <td>CVE-2016-8426</td> 1068 <td>A-31799206*<br> 1069 N-CVE-2016-8426</td> 1070 <td></td> 1071 <td>Nexus 9</td> 1072 <td>2016 9 28 </td> 1073 </tr> 1074 <tr> 1075 <td>CVE-2016-8482</td> 1076 <td>A-31799863*<br> 1077 N-CVE-2016-8482</td> 1078 <td></td> 1079 <td>Nexus 9</td> 1080 <td>2016 9 28 </td> 1081 </tr> 1082 <tr> 1083 <td>CVE-2016-8427</td> 1084 <td>A-31799885*<br> 1085 N-CVE-2016-8427</td> 1086 <td></td> 1087 <td>Nexus 9</td> 1088 <td>2016 9 28 </td> 1089 </tr> 1090 <tr> 1091 <td>CVE-2016-8428</td> 1092 <td>A-31993456*<br> 1093 N-CVE-2016-8428</td> 1094 <td></td> 1095 <td>Nexus 9</td> 1096 <td>2016 10 6 </td> 1097 </tr> 1098 <tr> 1099 <td>CVE-2016-8429</td> 1100 <td>A-32160775*<br> 1101 N-CVE-2016-8429</td> 1102 <td></td> 1103 <td>Nexus 9</td> 1104 <td>2016 10 13 </td> 1105 </tr> 1106 <tr> 1107 <td>CVE-2016-8430</td> 1108 <td>A-32225180*<br> 1109 N-CVE-2016-8430</td> 1110 <td></td> 1111 <td>Nexus 9</td> 1112 <td>2016 10 17 </td> 1113 </tr> 1114 <tr> 1115 <td>CVE-2016-8431</td> 1116 <td>A-32402179*<br> 1117 N-CVE-2016-8431</td> 1118 <td></td> 1119 <td>Pixel C</td> 1120 <td>2016 10 25 </td> 1121 </tr> 1122 <tr> 1123 <td>CVE-2016-8432</td> 1124 <td>A-32447738*<br> 1125 N-CVE-2016-8432</td> 1126 <td></td> 1127 <td>Pixel C</td> 1128 <td>2016 10 26 </td> 1129 </tr> 1130 </table> 1131 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1132 </p> 1133 1134 1135 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1136 <p> 1137 MediaTek (Re-flash) 1138 </p> 1139 1140 <table> 1141 <col width="19%"> 1142 <col width="20%"> 1143 <col width="10%"> 1144 <col width="23%"> 1145 <col width="17%"> 1146 <tr> 1147 <th>CVE</th> 1148 <th></th> 1149 <th></th> 1150 <th> Google </th> 1151 <th></th> 1152 </tr> 1153 <tr> 1154 <td>CVE-2016-8433</td> 1155 <td>A-31750190*<br> 1156 MT-ALPS02974192</td> 1157 <td></td> 1158 <td>**</td> 1159 <td>2016 9 24 </td> 1160 </tr> 1161 </table> 1162 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1163 </p> 1164 <p> 1165 ** Android 7.0 Google () 1166 </p> 1167 1168 1169 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU </h3> 1170 <p>Qualcomm GPU (Re-flash) 1171 </p> 1172 1173 <table> 1174 <col width="19%"> 1175 <col width="20%"> 1176 <col width="10%"> 1177 <col width="23%"> 1178 <col width="17%"> 1179 <tr> 1180 <th>CVE</th> 1181 <th></th> 1182 <th></th> 1183 <th> Google </th> 1184 <th></th> 1185 </tr> 1186 <tr> 1187 <td>CVE-2016-8434</td> 1188 <td>A-32125137<br> 1189 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9"> 1190 QC-CR#1081855</a></td> 1191 <td></td> 1192 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1193 <td>2016 10 12 </td> 1194 </tr> 1195 </table> 1196 1197 1198 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU </h3> 1199 <p> 1200 NVIDIA GPU (Re-flash) 1201 </p> 1202 1203 <table> 1204 <col width="19%"> 1205 <col width="20%"> 1206 <col width="10%"> 1207 <col width="23%"> 1208 <col width="17%"> 1209 <tr> 1210 <th>CVE</th> 1211 <th></th> 1212 <th></th> 1213 <th> Google </th> 1214 <th></th> 1215 </tr> 1216 <tr> 1217 <td>CVE-2016-8435</td> 1218 <td>A-32700935*<br> 1219 N-CVE-2016-8435</td> 1220 <td></td> 1221 <td>Pixel C</td> 1222 <td>2016 11 7 </td> 1223 </tr> 1224 </table> 1225 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1226 </p> 1227 1228 1229 <h3 id="eop-in-qualcomm-video-driver">Qualcomm </h3> 1230 <p> 1231 Qualcomm (Re-flash) 1232 </p> 1233 1234 <table> 1235 <col width="19%"> 1236 <col width="20%"> 1237 <col width="10%"> 1238 <col width="23%"> 1239 <col width="17%"> 1240 <tr> 1241 <th>CVE</th> 1242 <th></th> 1243 <th></th> 1244 <th> Google </th> 1245 <th></th> 1246 </tr> 1247 <tr> 1248 <td>CVE-2016-8436</td> 1249 <td>A-32450261<br> 1250 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced"> 1251 QC-CR#1007860</a></td> 1252 <td></td> 1253 <td>*</td> 1254 <td>2016 10 13 </td> 1255 </tr> 1256 </table> 1257 <p> 1258 * Android 7.0 Google () 1259 </p> 1260 1261 1262 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1263 <p> 1264 Qualcomm 2015 11 2016 8 2016 9 2016 10 Qualcomm AMSS 1265 </p> 1266 1267 <table> 1268 <col width="19%"> 1269 <col width="20%"> 1270 <col width="10%"> 1271 <col width="23%"> 1272 <col width="17%"> 1273 <tr> 1274 <th>CVE</th> 1275 <th></th> 1276 <th>*</th> 1277 <th> Google </th> 1278 <th></th> 1279 </tr> 1280 <tr> 1281 <td>CVE-2016-8438</td> 1282 <td>A-31624565**</td> 1283 <td></td> 1284 <td>***</td> 1285 <td>Qualcomm </td> 1286 </tr> 1287 <tr> 1288 <td>CVE-2016-8442</td> 1289 <td>A-31625910**</td> 1290 <td></td> 1291 <td>***</td> 1292 <td>Qualcomm </td> 1293 </tr> 1294 <tr> 1295 <td>CVE-2016-8443</td> 1296 <td>A-32576499**</td> 1297 <td></td> 1298 <td>***</td> 1299 <td>Qualcomm </td> 1300 </tr> 1301 <tr> 1302 <td>CVE-2016-8437</td> 1303 <td>A-31623057**</td> 1304 <td></td> 1305 <td>***</td> 1306 <td>Qualcomm </td> 1307 </tr> 1308 <tr> 1309 <td>CVE-2016-8439</td> 1310 <td>A-31625204**</td> 1311 <td></td> 1312 <td>***</td> 1313 <td>Qualcomm </td> 1314 </tr> 1315 <tr> 1316 <td>CVE-2016-8440</td> 1317 <td>A-31625306**</td> 1318 <td></td> 1319 <td>***</td> 1320 <td>Qualcomm </td> 1321 </tr> 1322 <tr> 1323 <td>CVE-2016-8441</td> 1324 <td>A-31625904**</td> 1325 <td></td> 1326 <td>***</td> 1327 <td>Qualcomm </td> 1328 </tr> 1329 <tr> 1330 <td>CVE-2016-8398</td> 1331 <td>A-31548486**</td> 1332 <td></td> 1333 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1334 <td>Qualcomm </td> 1335 </tr> 1336 <tr> 1337 <td>CVE-2016-8459</td> 1338 <td>A-32577972**</td> 1339 <td></td> 1340 <td>***</td> 1341 <td>Qualcomm </td> 1342 </tr> 1343 <tr> 1344 <td>CVE-2016-5080</td> 1345 <td>A-31115235**</td> 1346 <td></td> 1347 <td>Nexus 5X</td> 1348 <td>Qualcomm </td> 1349 </tr> 1350 </table> 1351 <p> 1352 * 1353 </p> 1354 <p>** Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1355 </p> 1356 <p> 1357 *** Android 7.0 Google () 1358 </p> 1359 1360 1361 <h3 id="eop-in-qualcomm-camera">Qualcomm </h3> 1362 <p> 1363 Qualcomm 1364 </p> 1365 1366 <table> 1367 <col width="19%"> 1368 <col width="20%"> 1369 <col width="10%"> 1370 <col width="23%"> 1371 <col width="17%"> 1372 <tr> 1373 <th>CVE</th> 1374 <th></th> 1375 <th></th> 1376 <th> Google </th> 1377 <th></th> 1378 </tr> 1379 <tr> 1380 <td>CVE-2016-8412</td> 1381 <td>A-31225246<br> 1382 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786"> 1383 QC-CR#1071891</a></td> 1384 <td></td> 1385 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1386 <td>2016 8 26 </td> 1387 </tr> 1388 <tr> 1389 <td>CVE-2016-8444</td> 1390 <td>A-31243641*<br> 1391 QC-CR#1074310</td> 1392 <td></td> 1393 <td>Nexus 5XNexus 6Nexus 6P</td> 1394 <td>2016 8 26 </td> 1395 </tr> 1396 </table> 1397 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1398 </p> 1399 1400 1401 <h3 id="eop-in-mediatek-components">MediaTek </h3> 1402 <p> 1403 MediaTek () 1404 </p> 1405 1406 <table> 1407 <col width="19%"> 1408 <col width="20%"> 1409 <col width="10%"> 1410 <col width="23%"> 1411 <col width="17%"> 1412 <tr> 1413 <th>CVE</th> 1414 <th></th> 1415 <th></th> 1416 <th> Google </th> 1417 <th></th> 1418 </tr> 1419 <tr> 1420 <td>CVE-2016-8445</td> 1421 <td>A-31747590*<br> 1422 MT-ALPS02968983</td> 1423 <td></td> 1424 <td>**</td> 1425 <td>2016 9 25 </td> 1426 </tr> 1427 <tr> 1428 <td>CVE-2016-8446</td> 1429 <td>A-31747749*<br> 1430 MT-ALPS02968909</td> 1431 <td></td> 1432 <td>**</td> 1433 <td>2016 9 25 </td> 1434 </tr> 1435 <tr> 1436 <td>CVE-2016-8447</td> 1437 <td>A-31749463*<br> 1438 MT-ALPS02968886</td> 1439 <td></td> 1440 <td>**</td> 1441 <td>2016 9 25 </td> 1442 </tr> 1443 <tr> 1444 <td>CVE-2016-8448</td> 1445 <td>A-31791148*<br> 1446 MT-ALPS02982181</td> 1447 <td></td> 1448 <td>**</td> 1449 <td>2016 9 28 </td> 1450 </tr> 1451 </table> 1452 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1453 </p> 1454 <p> 1455 ** Android 7.0 Google () 1456 </p> 1457 1458 1459 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1460 <p> 1461 Qualcomm Wi-Fi 1462 </p> 1463 1464 <table> 1465 <col width="19%"> 1466 <col width="20%"> 1467 <col width="10%"> 1468 <col width="23%"> 1469 <col width="17%"> 1470 <tr> 1471 <th>CVE</th> 1472 <th></th> 1473 <th></th> 1474 <th> Google </th> 1475 <th></th> 1476 </tr> 1477 <tr> 1478 <td>CVE-2016-8415</td> 1479 <td>A-31750554<br> 1480 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394"> 1481 QC-CR#1079596</a></td> 1482 <td></td> 1483 <td>Nexus 5XPixelPixel XL</td> 1484 <td>2016 9 26 </td> 1485 </tr> 1486 </table> 1487 1488 1489 <h3 id="eop-in-nvidia-gpu-driver-3">NVIDIA GPU </h3> 1490 <p> 1491 NVIDIA GPU 1492 </p> 1493 1494 <table> 1495 <col width="19%"> 1496 <col width="20%"> 1497 <col width="10%"> 1498 <col width="23%"> 1499 <col width="17%"> 1500 <tr> 1501 <th>CVE</th> 1502 <th></th> 1503 <th></th> 1504 <th> Google </th> 1505 <th></th> 1506 </tr> 1507 <tr> 1508 <td>CVE-2016-8449</td> 1509 <td>A-31798848*<br> 1510 N-CVE-2016-8449</td> 1511 <td></td> 1512 <td>Nexus 9</td> 1513 <td>2016 9 28 </td> 1514 </tr> 1515 </table> 1516 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1517 </p> 1518 1519 1520 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1521 <p> 1522 Qualcomm 1523 </p> 1524 1525 <table> 1526 <col width="19%"> 1527 <col width="20%"> 1528 <col width="10%"> 1529 <col width="23%"> 1530 <col width="17%"> 1531 <tr> 1532 <th>CVE</th> 1533 <th></th> 1534 <th></th> 1535 <th> Google </th> 1536 <th></th> 1537 </tr> 1538 <tr> 1539 <td>CVE-2016-8450</td> 1540 <td>A-32450563<br> 1541 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb"> 1542 QC-CR#880388</a></td> 1543 <td></td> 1544 <td>Nexus 5XNexus 6Nexus 6PAndroid One</td> 1545 <td>2016 10 13 </td> 1546 </tr> 1547 </table> 1548 1549 1550 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1551 <p>Synaptics 1552 </p> 1553 1554 <table> 1555 <col width="19%"> 1556 <col width="20%"> 1557 <col width="10%"> 1558 <col width="23%"> 1559 <col width="17%"> 1560 <tr> 1561 <th>CVE</th> 1562 <th></th> 1563 <th></th> 1564 <th> Google </th> 1565 <th></th> 1566 </tr> 1567 <tr> 1568 <td>CVE-2016-8451</td> 1569 <td>A-32178033*</td> 1570 <td></td> 1571 <td>**</td> 1572 <td>2016 10 13 </td> 1573 </tr> 1574 </table> 1575 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1576 </p> 1577 <p> 1578 ** Android 7.0 Google () 1579 </p> 1580 1581 1582 <h3 id="eop-in-kernel-security-subsystem"></h3> 1583 <p> 1584 1585 </p> 1586 1587 <table> 1588 <col width="19%"> 1589 <col width="20%"> 1590 <col width="10%"> 1591 <col width="23%"> 1592 <col width="17%"> 1593 <tr> 1594 <th>CVE</th> 1595 <th></th> 1596 <th></th> 1597 <th> Google </th> 1598 <th></th> 1599 </tr> 1600 <tr> 1601 <td>CVE-2016-7042</td> 1602 <td>A-32178986<br> 1603 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc"> 1604 </a></td> 1605 <td></td> 1606 <td>Pixel C</td> 1607 <td>2016 10 14 </td> 1608 </tr> 1609 </table> 1610 1611 1612 <h3 id="eop-in-kernel-performance-subsystem"></h3> 1613 <p> 1614 1615 </p> 1616 1617 <table> 1618 <col width="19%"> 1619 <col width="20%"> 1620 <col width="10%"> 1621 <col width="23%"> 1622 <col width="17%"> 1623 <tr> 1624 <th>CVE</th> 1625 <th></th> 1626 <th></th> 1627 <th> Google </th> 1628 <th></th> 1629 </tr> 1630 <tr> 1631 <td>CVE-2017-0403</td> 1632 <td>A-32402548*</td> 1633 <td></td> 1634 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1635 <td>2016 10 25 </td> 1636 </tr> 1637 </table> 1638 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1639 </p> 1640 1641 1642 <h3 id="eop-in-kernel-sound-subsystem"></h3> 1643 <p> 1644 1645 </p> 1646 1647 <table> 1648 <col width="19%"> 1649 <col width="20%"> 1650 <col width="10%"> 1651 <col width="23%"> 1652 <col width="17%"> 1653 <tr> 1654 <th>CVE</th> 1655 <th></th> 1656 <th></th> 1657 <th> Google </th> 1658 <th></th> 1659 </tr> 1660 <tr> 1661 <td>CVE-2017-0404</td> 1662 <td>A-32510733*</td> 1663 <td></td> 1664 <td>Nexus 5XNexus 6PNexus 9Pixel CNexus PlayerPixelPixel XL</td> 1665 <td>2016 10 27 </td> 1666 </tr> 1667 </table> 1668 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1669 </p> 1670 1671 1672 <h3 id="eop-in-qualcomm-wi-fi-driver-2">Qualcomm Wi-Fi </h3> 1673 <p> 1674 Qualcomm Wi-Fi 1675 </p> 1676 1677 <table> 1678 <col width="19%"> 1679 <col width="20%"> 1680 <col width="10%"> 1681 <col width="23%"> 1682 <col width="17%"> 1683 <tr> 1684 <th>CVE</th> 1685 <th></th> 1686 <th></th> 1687 <th> Google </th> 1688 <th></th> 1689 </tr> 1690 <tr> 1691 <td>CVE-2016-8452</td> 1692 <td>A-32506396<br> 1693 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526"> 1694 QC-CR#1050323</a></td> 1695 <td></td> 1696 <td>Nexus 5XAndroid OnePixelPixel XL</td> 1697 <td>2016 10 28 </td> 1698 </tr> 1699 </table> 1700 1701 1702 <h3 id="eop-in-qualcomm-radio-driver">Qualcomm </h3> 1703 <p> 1704 Qualcomm 1705 </p> 1706 1707 <table> 1708 <col width="19%"> 1709 <col width="20%"> 1710 <col width="10%"> 1711 <col width="23%"> 1712 <col width="17%"> 1713 <tr> 1714 <th>CVE</th> 1715 <th></th> 1716 <th></th> 1717 <th> Google </th> 1718 <th></th> 1719 </tr> 1720 <tr> 1721 <td>CVE-2016-5345</td> 1722 <td>A-32639452<br> 1723 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6"> 1724 QC-CR#1079713</a></td> 1725 <td></td> 1726 <td>Android One</td> 1727 <td>2016 11 3 </td> 1728 </tr> 1729 </table> 1730 1731 1732 <h3 id="eop-in-kernel-profiling-subsystem"></h3> 1733 <p> 1734 1735 </p> 1736 1737 <table> 1738 <col width="19%"> 1739 <col width="20%"> 1740 <col width="10%"> 1741 <col width="23%"> 1742 <col width="17%"> 1743 <tr> 1744 <th>CVE</th> 1745 <th></th> 1746 <th></th> 1747 <th> Google </th> 1748 <th></th> 1749 </tr> 1750 <tr> 1751 <td>CVE-2016-9754</td> 1752 <td>A-32659848<br> 1753 <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6"> 1754 </a></td> 1755 <td></td> 1756 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus Player</td> 1757 <td>2016 11 4 </td> 1758 </tr> 1759 </table> 1760 1761 1762 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1763 <p> 1764 Broadcom Wi-Fi 1765 </p> 1766 1767 <table> 1768 <col width="19%"> 1769 <col width="20%"> 1770 <col width="10%"> 1771 <col width="23%"> 1772 <col width="17%"> 1773 <tr> 1774 <th>CVE</th> 1775 <th></th> 1776 <th></th> 1777 <th> Google </th> 1778 <th></th> 1779 </tr> 1780 <tr> 1781 <td>CVE-2016-8453 1782 </td> 1783 <td>A-24739315*<br> 1784 B-RB#73392</td> 1785 <td></td> 1786 <td>Nexus 6</td> 1787 <td>Google </td> 1788 </tr> 1789 <tr> 1790 <td>CVE-2016-8454</td> 1791 <td>A-32174590*<br> 1792 B-RB#107142</td> 1793 <td></td> 1794 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1795 <td>2016 10 14 </td> 1796 </tr> 1797 <tr> 1798 <td>CVE-2016-8455</td> 1799 <td>A-32219121*<br> 1800 B-RB#106311</td> 1801 <td></td> 1802 <td>Nexus 6P</td> 1803 <td>2016 10 15 </td> 1804 </tr> 1805 <tr> 1806 <td>CVE-2016-8456</td> 1807 <td>A-32219255*<br> 1808 B-RB#105580</td> 1809 <td></td> 1810 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1811 <td>2016 10 15 </td> 1812 </tr> 1813 <tr> 1814 <td>CVE-2016-8457</td> 1815 <td>A-32219453*<br> 1816 B-RB#106116</td> 1817 <td></td> 1818 <td>Nexus 6Nexus 6PNexus 9Pixel C</td> 1819 <td>2016 10 15 </td> 1820 </tr> 1821 </table> 1822 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1823 </p> 1824 1825 1826 <h3 id="eop-in-synaptics-touchscreen-driver-2">Synaptics </h3> 1827 <p>Synaptics 1828 </p> 1829 1830 <table> 1831 <col width="19%"> 1832 <col width="20%"> 1833 <col width="10%"> 1834 <col width="23%"> 1835 <col width="17%"> 1836 <tr> 1837 <th>CVE</th> 1838 <th></th> 1839 <th></th> 1840 <th> Google </th> 1841 <th></th> 1842 </tr> 1843 <tr> 1844 <td>CVE-2016-8458</td> 1845 <td>A-31968442*</td> 1846 <td></td> 1847 <td>Nexus 5XNexus 6PNexus 9Android OnePixelPixel XL</td> 1848 <td>Google </td> 1849 </tr> 1850 </table> 1851 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1852 </p> 1853 1854 1855 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1856 <p> 1857 NVIDIA 1858 </p> 1859 1860 <table> 1861 <col width="19%"> 1862 <col width="20%"> 1863 <col width="10%"> 1864 <col width="23%"> 1865 <col width="17%"> 1866 <tr> 1867 <th>CVE</th> 1868 <th></th> 1869 <th></th> 1870 <th> Google </th> 1871 <th></th> 1872 </tr> 1873 <tr> 1874 <td>CVE-2016-8460</td> 1875 <td>A-31668540*<br> 1876 N-CVE-2016-8460</td> 1877 <td></td> 1878 <td>Nexus 9</td> 1879 <td>2016 9 21 </td> 1880 </tr> 1881 </table> 1882 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1883 </p> 1884 1885 1886 <h3 id="id-in-bootloader"></h3> 1887 <p> 1888 1889 </p> 1890 1891 <table> 1892 <col width="19%"> 1893 <col width="20%"> 1894 <col width="10%"> 1895 <col width="23%"> 1896 <col width="17%"> 1897 <tr> 1898 <th>CVE</th> 1899 <th></th> 1900 <th></th> 1901 <th> Google </th> 1902 <th></th> 1903 </tr> 1904 <tr> 1905 <td>CVE-2016-8461</td> 1906 <td>A-32369621*</td> 1907 <td></td> 1908 <td>Nexus 9PixelPixel XL</td> 1909 <td>2016 10 21 </td> 1910 </tr> 1911 <tr> 1912 <td>CVE-2016-8462</td> 1913 <td>A-32510383*</td> 1914 <td></td> 1915 <td>PixelPixel XL</td> 1916 <td>2016 10 27 </td> 1917 </tr> 1918 </table> 1919 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1920 </p> 1921 1922 1923 <h3 id="dos-in-qualcomm-fuse-file-system">Qualcomm FUSE </h3> 1924 <p> 1925 Qualcomm FUSE 1926 </p> 1927 1928 <table> 1929 <col width="19%"> 1930 <col width="20%"> 1931 <col width="10%"> 1932 <col width="23%"> 1933 <col width="17%"> 1934 <tr> 1935 <th>CVE</th> 1936 <th></th> 1937 <th></th> 1938 <th> Google </th> 1939 <th></th> 1940 </tr> 1941 <tr> 1942 <td>CVE-2016-8463</td> 1943 <td>A-30786860<br> 1944 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10"> 1945 QC-CR#586855</a></td> 1946 <td></td> 1947 <td>*</td> 1948 <td>2014 1 3 </td> 1949 </tr> 1950 </table> 1951 <p> 1952 * Android 7.0 Google () 1953 </p> 1954 1955 1956 <h3 id="dos-in-bootloader"></h3> 1957 <p> 1958 (Re-flash) 1959 </p> 1960 1961 <table> 1962 <col width="19%"> 1963 <col width="20%"> 1964 <col width="10%"> 1965 <col width="23%"> 1966 <col width="17%"> 1967 <tr> 1968 <th>CVE</th> 1969 <th></th> 1970 <th></th> 1971 <th> Google </th> 1972 <th></th> 1973 </tr> 1974 <tr> 1975 <td>CVE-2016-8467</td> 1976 <td>A-30308784*</td> 1977 <td></td> 1978 <td>Nexus 6Nexus 6P</td> 1979 <td>2016 6 29 </td> 1980 </tr> 1981 </table> 1982 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1983 </p> 1984 1985 1986 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi </h3> 1987 <p> 1988 Broadcom Wi-Fi 1989 </p> 1990 1991 <table> 1992 <col width="19%"> 1993 <col width="20%"> 1994 <col width="10%"> 1995 <col width="23%"> 1996 <col width="17%"> 1997 <tr> 1998 <th>CVE</th> 1999 <th></th> 2000 <th></th> 2001 <th> Google </th> 2002 <th></th> 2003 </tr> 2004 <tr> 2005 <td>CVE-2016-8464</td> 2006 <td>A-29000183*<br> 2007 B-RB#106314</td> 2008 <td></td> 2009 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2010 <td>2016 5 26 </td> 2011 </tr> 2012 <tr> 2013 <td>CVE-2016-8466</td> 2014 <td>A-31822524*<br> 2015 B-RB#105268</td> 2016 <td></td> 2017 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2018 <td>2016 9 28 </td> 2019 </tr> 2020 <tr> 2021 <td>CVE-2016-8465</td> 2022 <td>A-32474971*<br> 2023 B-RB#106053</td> 2024 <td></td> 2025 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 2026 <td>2016 10 27 </td> 2027 </tr> 2028 </table> 2029 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2030 </p> 2031 2032 2033 <h3 id="eop-in-bootloader"></h3> 2034 <p> 2035 () 2036 </p> 2037 2038 <table> 2039 <col width="19%"> 2040 <col width="20%"> 2041 <col width="10%"> 2042 <col width="23%"> 2043 <col width="17%"> 2044 <tr> 2045 <th>CVE</th> 2046 <th></th> 2047 <th></th> 2048 <th> Google </th> 2049 <th></th> 2050 </tr> 2051 <tr> 2052 <td>CVE-2016-8467</td> 2053 <td>A-30308784*</td> 2054 <td></td> 2055 <td>Nexus 6Nexus 6P</td> 2056 <td>2016 6 29 </td> 2057 </tr> 2058 </table> 2059 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2060 </p> 2061 2062 2063 <h3 id="eop-in-binder"></h3> 2064 <p> 2065 </p> 2066 2067 <table> 2068 <col width="19%"> 2069 <col width="20%"> 2070 <col width="10%"> 2071 <col width="23%"> 2072 <col width="17%"> 2073 <tr> 2074 <th>CVE</th> 2075 <th></th> 2076 <th></th> 2077 <th> Google </th> 2078 <th></th> 2079 </tr> 2080 <tr> 2081 <td>CVE-2016-8468</td> 2082 <td>A-32394425*</td> 2083 <td></td> 2084 <td>Pixel CPixelPixel XL</td> 2085 <td>Google </td> 2086 </tr> 2087 </table> 2088 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2089 </p> 2090 2091 2092 <h3 id="id-in-nvidia-camera-driver">NVIDIA </h3> 2093 <p> 2094 2095 </p> 2096 2097 <table> 2098 <col width="19%"> 2099 <col width="20%"> 2100 <col width="10%"> 2101 <col width="23%"> 2102 <col width="17%"> 2103 <tr> 2104 <th>CVE</th> 2105 <th></th> 2106 <th></th> 2107 <th> Google </th> 2108 <th></th> 2109 </tr> 2110 <tr> 2111 <td>CVE-2016-8469</td> 2112 <td>A-31351206*<br> 2113 N-CVE-2016-8469</td> 2114 <td></td> 2115 <td>Nexus 9</td> 2116 <td>2016 9 7 </td> 2117 </tr> 2118 </table> 2119 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2120 </p> 2121 2122 2123 <h3 id="id-in-mediatek-driver">MediaTek </h3> 2124 <p> 2125 MediaTek 2126 </p> 2127 2128 <table> 2129 <col width="19%"> 2130 <col width="20%"> 2131 <col width="10%"> 2132 <col width="23%"> 2133 <col width="17%"> 2134 <tr> 2135 <th>CVE</th> 2136 <th></th> 2137 <th></th> 2138 <th> Google </th> 2139 <th></th> 2140 </tr> 2141 <tr> 2142 <td>CVE-2016-8470</td> 2143 <td>A-31528889*<br> 2144 MT-ALPS02961395</td> 2145 <td></td> 2146 <td>**</td> 2147 <td>2016 9 15 </td> 2148 </tr> 2149 <tr> 2150 <td>CVE-2016-8471</td> 2151 <td>A-31528890*<br> 2152 MT-ALPS02961380</td> 2153 <td></td> 2154 <td>**</td> 2155 <td>2016 9 15 </td> 2156 </tr> 2157 <tr> 2158 <td>CVE-2016-8472</td> 2159 <td>A-31531758*<br> 2160 MT-ALPS02961384</td> 2161 <td></td> 2162 <td>**</td> 2163 <td>2016 9 15 </td> 2164 </tr> 2165 </table> 2166 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2167 </p> 2168 <p> 2169 ** Android 7.0 Google () 2170 </p> 2171 2172 2173 <h3 id="id-in-stmicroelectronics-driver">STMicroelectronics </h3> 2174 <p>STMicroelectronics 2175 </p> 2176 2177 <table> 2178 <col width="19%"> 2179 <col width="20%"> 2180 <col width="10%"> 2181 <col width="23%"> 2182 <col width="17%"> 2183 <tr> 2184 <th>CVE</th> 2185 <th></th> 2186 <th></th> 2187 <th> Google </th> 2188 <th></th> 2189 </tr> 2190 <tr> 2191 <td>CVE-2016-8473</td> 2192 <td>A-31795790*</td> 2193 <td></td> 2194 <td>Nexus 5XNexus 6P</td> 2195 <td>2016 9 28 </td> 2196 </tr> 2197 <tr> 2198 <td>CVE-2016-8474</td> 2199 <td>A-31799972*</td> 2200 <td></td> 2201 <td>Nexus 5XNexus 6P</td> 2202 <td>2016 9 28 </td> 2203 </tr> 2204 </table> 2205 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2206 </p> 2207 2208 2209 <h3 id="id-in-qualcomm-audio-post-processor-">Qualcomm </h3> 2210 <p> 2211 Qualcomm 2212 </p> 2213 2214 <table> 2215 <col width="18%"> 2216 <col width="17%"> 2217 <col width="10%"> 2218 <col width="19%"> 2219 <col width="18%"> 2220 <col width="17%"> 2221 <tr> 2222 <th>CVE</th> 2223 <th></th> 2224 <th></th> 2225 <th> Google </th> 2226 <th> AOSP </th> 2227 <th></th> 2228 </tr> 2229 <tr> 2230 <td>CVE-2017-0399 2231 </td> 2232 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2233 A-32588756</a> 2234 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>]</td> 2235 <td></td> 2236 <td></td> 2237 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2238 <td>2016 10 18 </td> 2239 </tr> 2240 <tr> 2241 <td>CVE-2017-0400</td> 2242 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2243 A-32438598</a> 2244 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2245 </td> 2246 <td></td> 2247 <td></td> 2248 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2249 <td>2016 10 25 </td> 2250 </tr> 2251 <tr> 2252 <td>CVE-2017-0401</td> 2253 <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358"> 2254 A-32588016</a> 2255 </td> 2256 <td></td> 2257 <td></td> 2258 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2259 <td>2016 10 26 </td> 2260 </tr> 2261 <tr> 2262 <td>CVE-2017-0402</td> 2263 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac"> 2264 A-32588352</a> 2265 [<a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57">2</a>] 2266 </td> 2267 <td></td> 2268 <td></td> 2269 <td>5.0.25.1.16.06.0.17.07.1.1</td> 2270 <td>2016 10 25 </td> 2271 </tr> 2272 </table> 2273 2274 2275 <h3 id="id-in-htc-input-driver">HTC </h3> 2276 <p> 2277 HTC 2278 </p> 2279 2280 <table> 2281 <col width="19%"> 2282 <col width="20%"> 2283 <col width="10%"> 2284 <col width="23%"> 2285 <col width="17%"> 2286 <tr> 2287 <th>CVE</th> 2288 <th></th> 2289 <th></th> 2290 <th> Google </th> 2291 <th></th> 2292 </tr> 2293 <tr> 2294 <td>CVE-2016-8475</td> 2295 <td>A-32591129*</td> 2296 <td></td> 2297 <td>PixelPixel XL</td> 2298 <td>2016 10 30 </td> 2299 </tr> 2300 </table> 2301 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 2302 </p> 2303 2304 2305 <h3 id="dos-in-kernel-file-system"></h3> 2306 <p> 2307 2308 </p> 2309 2310 <table> 2311 <col width="19%"> 2312 <col width="20%"> 2313 <col width="10%"> 2314 <col width="23%"> 2315 <col width="17%"> 2316 <tr> 2317 <th>CVE</th> 2318 <th></th> 2319 <th></th> 2320 <th> Google </th> 2321 <th></th> 2322 </tr> 2323 <tr> 2324 <td>CVE-2014-9420</td> 2325 <td>A-32477499<br> 2326 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d"> 2327 </a></td> 2328 <td></td> 2329 <td>Pixel C</td> 2330 <td>2014 12 25 </td> 2331 </tr> 2332 </table> 2333 2334 <h2 id="common-questions-and-answers"></h2> 2335 <p></p> 2336 2337 <p><strong>1. 2338 </strong></p> 2339 2340 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 2341 <ul> 2342 <li>2017 1 1 2017-01-01 </li> 2343 <li>2017 1 5 2017-01-05 </li> 2344 </ul> 2345 <p></p> 2346 <ul> 2347 <li>[ro.build.version.security_patch]:[2017-01-01]</li> 2348 <li>[ro.build.version.security_patch]:[2017-01-05]</li> 2349 </ul> 2350 <p><strong>2. </strong></p> 2351 2352 <p> Android Android Android </p> 2353 <ul> 2354 <li> 2017 1 1 </li> 2355 <li> 2017 1 5 () </li> 2356 </ul> 2357 <p></p> 2358 2359 <p><strong>3. Google </strong></p> 2360 2361 <p> <a href="#2017-01-01-details">2017-01-01</a> <a href="#2017-01-05-details">2017-01-05</a> Google <em></em> Google </p> 2362 <ul> 2363 <li><strong> Google </strong> Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 2364 <li><strong> Google </strong> Google Google <em></em> Google </li> 2365 <li><strong> Google </strong> Android Google Google <em></em></li> 2366 </ul> 2367 <p><strong>4. </strong></p> 2368 2369 <p><em></em></p> 2370 2371 <table> 2372 <tr> 2373 <th></th> 2374 <th></th> 2375 </tr> 2376 <tr> 2377 <td>A-</td> 2378 <td>Android ID</td> 2379 </tr> 2380 <tr> 2381 <td>QC-</td> 2382 <td>Qualcomm </td> 2383 </tr> 2384 <tr> 2385 <td>M-</td> 2386 <td>MediaTek </td> 2387 </tr> 2388 <tr> 2389 <td>N-</td> 2390 <td>NVIDIA </td> 2391 </tr> 2392 <tr> 2393 <td>B-</td> 2394 <td>Broadcom </td> 2395 </tr> 2396 </table> 2397 <h2 id="revisions"></h2> 2398 <ul> 2399 <li>2017 1 3 </li> 2400 <li>2017 1 4 AOSP </li> 2401 <li>2017 1 5 AOSP 7.1 7.1.1</li> 2402 </ul> 2403 2404 </body> 2405 </html> 2406
