Home | History | Annotate | Download | only in bulletin
      1 <html devsite>
      2   <head>
      3     <title>Android   2017  2 </title>
      4     <meta name="project_path" value="/_project.yaml" />
      5     <meta name="book_path" value="/_book.yaml" />
      6   </head>
      7   <body>
      8   <!--
      9       Copyright 2017 The Android Open Source Project
     10 
     11       Licensed under the Apache License, Version 2.0 (the "License");
     12       you may not use this file except in compliance with the License.
     13       You may obtain a copy of the License at
     14 
     15           http://www.apache.org/licenses/LICENSE-2.0
     16 
     17       Unless required by applicable law or agreed to in writing, software
     18       distributed under the License is distributed on an "AS IS" BASIS,
     19       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     20       See the License for the specific language governing permissions and
     21       limitations under the License.
     22   -->
     23 
     24 
     25 
     26 <p><em>2017  2  6  | 2017  2  8 </em></p>
     27 <p>Android  Android Google  OTA  Google Google  <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2017  2  5  <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus </a>
     28 </p>
     29 <p>
     30  2017  1  3  Android  (AOSP)  AOSP 
     31 </p>
     32 <p>
     33 </p>
     34 <p> <a href="/security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>)  Android  <a href="#mitigations">Android  Google </a>
     35 </p>
     36 <p>
     37 </p>
     38 <h2 id="announcements"></h2>
     39 <ul>
     40 <li> Android  Android <a href="#common-questions-and-answers"></a>
     41   <ul>
     42    <li><strong>2017-02-01</strong> 2017-02-01  () </li>
     43    <li><strong>2017-02-05</strong> 2017-02-01  2017-02-05  () </li>
     44   </ul>
     45 </li>
     46 <li> Google  OTA  2017  2  5 </li>
     47 </ul>
     48 <h2 id="security-vulnerability-summary"></h2>
     49 <p>
     50  ID (CVE) Google <a href="/security/overview/updates-resources.html#severity"></a>
     51 </p>
     52 <h3 id="2017-02-01-summary">2017-02-01   </h3>
     53 <p>
     54 2017-02-01 
     55 </p>
     56 <table>
     57   <col width="55%">
     58   <col width="20%">
     59   <col width="13%">
     60   <col width="12%">
     61   <tr>
     62    <th></th>
     63    <th>CVE</th>
     64    <th></th>
     65    <th> Google </th>
     66   </tr>
     67   <tr>
     68    <td>Surfaceflinger </td>
     69    <td>CVE-2017-0405</td>
     70    <td></td>
     71    <td></td>
     72   </tr>
     73   <tr>
     74    <td></td>
     75    <td>CVE-2017-0406CVE-2017-0407</td>
     76    <td></td>
     77    <td></td>
     78   </tr>
     79   <tr>
     80    <td>libgdx </td>
     81    <td>CVE-2017-0408</td>
     82    <td></td>
     83    <td></td>
     84   </tr>
     85   <tr>
     86    <td>libstagefright </td>
     87    <td>CVE-2017-0409</td>
     88    <td></td>
     89    <td></td>
     90   </tr>
     91   <tr>
     92    <td>Java.Net </td>
     93    <td>CVE-2016-5552</td>
     94    <td></td>
     95    <td></td>
     96   </tr>
     97   <tr>
     98    <td>Framework API </td>
     99    <td>CVE-2017-0410CVE-2017-0411CVE-2017-0412</td>
    100    <td></td>
    101    <td></td>
    102   </tr>
    103   <tr>
    104    <td></td>
    105    <td>CVE-2017-0415</td>
    106    <td></td>
    107    <td></td>
    108   </tr>
    109   <tr>
    110    <td></td>
    111    <td>CVE-2017-0416CVE-2017-0417CVE-2017-0418CVE-2017-0419</td>
    112    <td></td>
    113    <td></td>
    114   </tr>
    115   <tr>
    116    <td>AOSP Mail </td>
    117    <td>CVE-2017-0420</td>
    118    <td></td>
    119    <td></td>
    120   </tr>
    121   <tr>
    122    <td>AOSP Messaging </td>
    123    <td>CVE-2017-0413CVE-2017-0414</td>
    124    <td></td>
    125    <td></td>
    126   </tr>
    127   <tr>
    128    <td>Framework API </td>
    129    <td>CVE-2017-0421</td>
    130    <td></td>
    131    <td></td>
    132   </tr>
    133   <tr>
    134    <td>Bionic DNS </td>
    135    <td>CVE-2017-0422</td>
    136    <td></td>
    137    <td></td>
    138   </tr>
    139   <tr>
    140    <td></td>
    141    <td>CVE-2017-0423</td>
    142    <td></td>
    143    <td></td>
    144   </tr>
    145   <tr>
    146    <td>AOSP Messaging </td>
    147    <td>CVE-2017-0424</td>
    148    <td></td>
    149    <td></td>
    150   </tr>
    151   <tr>
    152    <td></td>
    153    <td>CVE-2017-0425</td>
    154    <td></td>
    155    <td></td>
    156   </tr>
    157   <tr>
    158    <td></td>
    159    <td>CVE-2017-0426</td>
    160    <td></td>
    161    <td></td>
    162   </tr>
    163 </table>
    164 <h3 id="2017-02-05-summary">2017-02-05   </h3>
    165 <p>2017-02-05  2017-02-01 </p>
    166 <table>
    167   <col width="55%">
    168   <col width="20%">
    169   <col width="13%">
    170   <col width="12%">
    171   <tr>
    172    <th></th>
    173    <th>CVE</th>
    174    <th></th>
    175    <th> Google </th>
    176   </tr>
    177   <tr>
    178    <td>Qualcomm </td>
    179    <td>CVE-2016-8418</td>
    180    <td></td>
    181    <td>*</td>
    182   </tr>
    183   <tr>
    184    <td></td>
    185    <td>CVE-2017-0427</td>
    186    <td></td>
    187    <td></td>
    188   </tr>
    189   <tr>
    190    <td>NVIDIA GPU </td>
    191    <td>CVE-2017-0428CVE-2017-0429</td>
    192    <td></td>
    193    <td></td>
    194   </tr>
    195   <tr>
    196    <td></td>
    197    <td>CVE-2014-9914</td>
    198    <td></td>
    199    <td></td>
    200   </tr>
    201   <tr>
    202    <td>Broadcom Wi-Fi </td>
    203    <td>CVE-2017-0430</td>
    204    <td></td>
    205    <td></td>
    206   </tr>
    207   <tr>
    208    <td>Qualcomm </td>
    209    <td>CVE-2017-0431</td>
    210    <td></td>
    211    <td>*</td>
    212   </tr>
    213   <tr>
    214    <td>MediaTek </td>
    215    <td>CVE-2017-0432</td>
    216    <td></td>
    217    <td>*</td>
    218   </tr>
    219   <tr>
    220    <td>Synaptics </td>
    221    <td>CVE-2017-0433CVE-2017-0434</td>
    222    <td></td>
    223    <td></td>
    224   </tr>
    225   <tr>
    226    <td>Qualcomm </td>
    227    <td>CVE-2016-8480</td>
    228    <td></td>
    229    <td></td>
    230   </tr>
    231   <tr>
    232    <td>Qualcomm </td>
    233    <td>CVE-2016-8481CVE-2017-0435CVE-2017-0436</td>
    234    <td></td>
    235    <td></td>
    236   </tr>
    237   <tr>
    238    <td>Qualcomm Wi-Fi </td>
    239    <td>CVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0440CVE-2017-0441CVE-2017-0442CVE-2017-0443CVE-2016-8476</td>
    240    <td></td>
    241    <td></td>
    242   </tr>
    243   <tr>
    244    <td>Realtek </td>
    245    <td>CVE-2017-0444</td>
    246    <td></td>
    247    <td></td>
    248   </tr>
    249   <tr>
    250    <td>HTC </td>
    251    <td>CVE-2017-0445CVE-2017-0446CVE-2017-0447</td>
    252    <td></td>
    253    <td></td>
    254   </tr>
    255   <tr>
    256    <td>NVIDIA </td>
    257    <td>CVE-2017-0448</td>
    258    <td></td>
    259    <td></td>
    260   </tr>
    261   <tr>
    262    <td>Broadcom Wi-Fi </td>
    263    <td>CVE-2017-0449</td>
    264    <td></td>
    265    <td></td>
    266   </tr>
    267   <tr>
    268    <td></td>
    269    <td>CVE-2017-0450</td>
    270    <td></td>
    271    <td></td>
    272   </tr>
    273   <tr>
    274    <td></td>
    275    <td>CVE-2016-10044</td>
    276    <td></td>
    277    <td></td>
    278   </tr>
    279   <tr>
    280    <td>Qualcomm </td>
    281    <td>CVE-2016-8414</td>
    282    <td></td>
    283    <td></td>
    284   </tr>
    285   <tr>
    286    <td>Qualcomm </td>
    287    <td>CVE-2017-0451</td>
    288    <td></td>
    289    <td></td>
    290   </tr>
    291 </table>
    292 
    293 <p>*  Android 7.0  Google  ()</p>
    294 
    295 <h2 id="mitigations">Android  Google </h2>
    296 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet  Android </p>
    297 <ul>
    298   <li> Android  Android  Android</li>
    299   <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play  Root  Root  () </li>
    300   <li>Google Hangouts  Messenger </li>
    301 </ul>
    302 <h2 id="acknowledgements"></h2>
    303 <p>
    304 </p>
    305 <ul>
    306   <li>Daniel DakhnoCVE-2017-0420</li>
    307   <li>Copperhead Security  Daniel MicayCVE-2017-0410</li>
    308   <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>CVE-2017-0414</li>
    309   <li>Google Chrome  Frank LiberatoCVE-2017-0409</li>
    310   <li>Google Project Zero  Gal BeniaminiCVE-2017-0411CVE-2017-0412</li>
    311   <li> 360 IceSword  Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)  <a href="http://weibo.com/jfpan">pjf</a>CVE-2017-0434CVE-2017-0446CVE-2017-0447CVE-2017-0432</li>
    312   <li><a href="http://www.360.com"> 360 </a> Alpha  Guang Gong () (<a href="https://twitter.com/oldfresher">@oldfresher</a>)CVE-2017-0415</li>
    313   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a><a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)  Xuxian JiangCVE-2017-0418</li>
    314   <li> 360  Alpha  Hao Chen  Guang GongCVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0441CVE-2017-0442CVE-2016-8476CVE-2017-0443</li>
    315   <li>Google  Jeff SharkeyCVE-2017-0421CVE-2017-0423</li>
    316   <li>Jeff TrimCVE-2017-0422</li>
    317   <li> 360 IceSword  Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)  <a href="http://weibo.com/jfpan ">pjf</a>CVE-2017-0445</li>
    318   <li>LINE Corporation  ma.la  Nikolay ElenkovCVE-2016-5552</li>
    319   <li>Google  Max SpectorCVE-2017-0416</li>
    320   <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)  Xuxian JiangCVE-2017-0425</li>
    321   <li> Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)  Di Shen () (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2017-0427</li>
    322   <li>IBM X-Force Research  Sagi KedmiCVE-2017-0433</li>
    323   <li>Copperhead Security  Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>)  Daniel MicayCVE-2017-0405</li>
    324   <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2017-0449CVE-2016-8418</li>
    325   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2017-0436CVE-2016-8481CVE-2017-0435</li>
    326   <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0424</li>
    327   <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2017-0407</li>
    328   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)  Xuxian JiangCVE-2017-0450</li>
    329   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)  Xuxian JiangCVE-2017-0417</li>
    330   <li> Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://www.weibo.com/wishlinux"></a> )CVE-2017-0408</li>
    331   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2016-8480</li>
    332   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2017-0444</li>
    333   <li><a href="http://c0reteam.org">C0RE </a><a href="mailto:computernik (a] gmail.com"> Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2017-0428</li>
    334   <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)  Xuxian JiangCVE-2017-0448CVE-2017-0429</li>
    335   <li><a href="http://www.nsfocus.com"></a> <a href="mailto:zhouzhenster (a] gmail.com">Zhen Zhou</a> (<a href="https://twitter.com/henices">@henices</a>)  <a href="mailto:sundaywind2004 (a] gmail.com">Zhixin Li</a>CVE-2017-0406</li>
    336 </ul>
    337 <p>
    338 </p><ul>
    339 <li> Pengfei Ding ()Chenfu Bao ()  Lenx Wei ()</li>
    340 </ul>
    341 
    342 <h2 id="2017-02-01-details">2017-02-01   </h2>
    343 <p>
    344  <a href="#2017-02-01-summary">2017-02-01   </a> CVE Google  AOSP  ()  ID  ( AOSP ) ID </p>
    345 
    346 
    347 <h3 id="rce-in-surfaceflinger">Surfaceflinger </h3>
    348 <p>Surfaceflinger  Surfaceflinger 
    349 </p>
    350 
    351 <table>
    352   <col width="18%">
    353   <col width="17%">
    354   <col width="10%">
    355   <col width="19%">
    356   <col width="18%">
    357   <col width="17%">
    358   <tr>
    359     <th>CVE</th>
    360     <th></th>
    361     <th></th>
    362     <th> Google </th>
    363     <th> AOSP </th>
    364     <th></th>
    365   </tr>
    366   <tr>
    367     <td>CVE-2017-0405</td>
    368     <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979">
    369     A-31960359</a></td>
    370     <td></td>
    371     <td></td>
    372     <td>7.07.1.1</td>
    373     <td>2016  10  4 </td>
    374   </tr>
    375 </table>
    376 
    377 
    378 <h3 id="rce-in-mediaserver"></h3>
    379 <p>
    380 </p>
    381 
    382 <table>
    383   <col width="18%">
    384   <col width="17%">
    385   <col width="10%">
    386   <col width="19%">
    387   <col width="18%">
    388   <col width="17%">
    389   <tr>
    390     <th>CVE</th>
    391     <th></th>
    392     <th></th>
    393     <th> Google </th>
    394     <th> AOSP </th>
    395     <th></th>
    396   </tr>
    397   <tr>
    398     <td>CVE-2017-0406</td>
    399     <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575">
    400     A-32915871</a>
    401 [<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td>
    402     <td></td>
    403     <td></td>
    404     <td>6.06.0.17.07.1.1</td>
    405     <td>2016  11  14 </td>
    406   </tr>
    407   <tr>
    408     <td>CVE-2017-0407</td>
    409     <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7">
    410     A-32873375</a></td>
    411     <td></td>
    412     <td></td>
    413     <td>6.06.0.17.07.1.1</td>
    414     <td>2016  11  12 </td>
    415   </tr>
    416 </table>
    417 
    418 
    419 <h3 id="rce-in-libgdx">libgdx </h3>
    420 <p>
    421 libgdx 
    422 </p>
    423 
    424 <table>
    425   <col width="18%">
    426   <col width="17%">
    427   <col width="10%">
    428   <col width="19%">
    429   <col width="18%">
    430   <col width="17%">
    431   <tr>
    432     <th>CVE</th>
    433     <th></th>
    434     <th></th>
    435     <th> Google </th>
    436     <th> AOSP </th>
    437     <th></th>
    438   </tr>
    439   <tr>
    440     <td>CVE-2017-0408</td>
    441     <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b">
    442     A-32769670</a></td>
    443     <td></td>
    444     <td></td>
    445     <td>7.1.1</td>
    446     <td>2016  11  9 </td>
    447   </tr>
    448 </table>
    449 
    450 
    451 <h3 id="rce-in-libstagefright">libstagefright </h3>
    452 <p>
    453 libstagefright 
    454 </p>
    455 
    456 <table>
    457   <col width="18%">
    458   <col width="17%">
    459   <col width="10%">
    460   <col width="19%">
    461   <col width="18%">
    462   <col width="17%">
    463   <tr>
    464     <th>CVE</th>
    465     <th></th>
    466     <th></th>
    467     <th> Google </th>
    468     <th> AOSP </th>
    469     <th></th>
    470   </tr>
    471   <tr>
    472     <td>CVE-2017-0409</td>
    473     <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b">
    474     A-31999646</a></td>
    475     <td></td>
    476     <td></td>
    477     <td>6.06.0.17.07.1.1</td>
    478     <td>Google </td>
    479   </tr>
    480 </table>
    481 
    482 
    483 <h3 id="eop-in-java.net">Java.Net </h3>
    484 <p>
    485 Java.Net 
    486 </p>
    487 
    488 <table>
    489   <col width="18%">
    490   <col width="17%">
    491   <col width="10%">
    492   <col width="19%">
    493   <col width="18%">
    494   <col width="17%">
    495   <tr>
    496     <th>CVE</th>
    497     <th></th>
    498     <th></th>
    499     <th> Google </th>
    500     <th> AOSP </th>
    501     <th></th>
    502   </tr>
    503   <tr>
    504     <td>CVE-2016-5552</td>
    505     <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea">
    506     A-31858037</a></td>
    507     <td></td>
    508     <td></td>
    509     <td>7.07.1.1</td>
    510     <td>2016  9  30 </td>
    511   </tr>
    512 </table>
    513 
    514 
    515 <h3 id="eop-in-framework-apis">Framework API </h3>
    516 <p>
    517 Framework API 
    518 </p>
    519 
    520 <table>
    521   <col width="18%">
    522   <col width="17%">
    523   <col width="10%">
    524   <col width="19%">
    525   <col width="18%">
    526   <col width="17%">
    527   <tr>
    528     <th>CVE</th>
    529     <th></th>
    530     <th></th>
    531     <th> Google </th>
    532     <th> AOSP </th>
    533     <th></th>
    534   </tr>
    535   <tr>
    536     <td>CVE-2017-0410</td>
    537     <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa">
    538     A-31929765</a></td>
    539     <td></td>
    540     <td></td>
    541     <td>5.0.25.1.16.06.0.17.07.1.1</td>
    542     <td>2016  10  2 </td>
    543   </tr>
    544   <tr>
    545     <td>CVE-2017-0411</td>
    546     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
    547     A-33042690</a>
    548 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
    549     <td></td>
    550     <td></td>
    551     <td>7.07.1.1</td>
    552     <td>2016  11  21 </td>
    553   </tr>
    554   <tr>
    555     <td>CVE-2017-0412</td>
    556     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
    557     A-33039926</a>
    558 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
    559     <td></td>
    560     <td></td>
    561     <td>7.07.1.1</td>
    562     <td>2016  11  21 </td>
    563   </tr>
    564 </table>
    565 
    566 <h3 id="eop-in-mediaserver"></h3>
    567 <p>
    568 
    569 </p>
    570 
    571 <table>
    572   <col width="18%">
    573   <col width="17%">
    574   <col width="10%">
    575   <col width="19%">
    576   <col width="18%">
    577   <col width="17%">
    578   <tr>
    579     <th>CVE</th>
    580     <th></th>
    581     <th></th>
    582     <th> Google </th>
    583     <th> AOSP </th>
    584     <th></th>
    585   </tr>
    586   <tr>
    587     <td>CVE-2017-0415</td>
    588     <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34">
    589     A-32706020</a></td>
    590     <td></td>
    591     <td></td>
    592     <td>6.06.0.17.07.1.1</td>
    593     <td>2016  11  4 </td>
    594   </tr>
    595 </table>
    596 
    597 
    598 <h3 id="eop-in-audioserver"></h3>
    599 <p>
    600 </p>
    601 
    602 <table>
    603   <col width="18%">
    604   <col width="17%">
    605   <col width="10%">
    606   <col width="19%">
    607   <col width="18%">
    608   <col width="17%">
    609   <tr>
    610     <th>CVE</th>
    611     <th></th>
    612     <th></th>
    613     <th> Google </th>
    614     <th> AOSP </th>
    615     <th></th>
    616   </tr>
    617   <tr>
    618     <td>CVE-2017-0416</td>
    619     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
    620     A-32886609</a>
    621  [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td>
    622     <td></td>
    623     <td></td>
    624     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    625     <td>Google </td>
    626   </tr>
    627   <tr>
    628     <td>CVE-2017-0417</td>
    629     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
    630     A-32705438</a></td>
    631     <td></td>
    632     <td></td>
    633     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    634     <td>2016  11  7 </td>
    635   </tr>
    636   <tr>
    637     <td>CVE-2017-0418</td>
    638     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
    639     A-32703959</a>
    640 [<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td>
    641     <td></td>
    642     <td></td>
    643     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    644     <td>2016  11  7 </td>
    645   </tr>
    646   <tr>
    647     <td>CVE-2017-0419</td>
    648     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
    649     A-32220769</a></td>
    650     <td></td>
    651     <td></td>
    652     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    653     <td>2016  10  15 </td>
    654   </tr>
    655 </table>
    656 
    657 <h3 id="id-in-aosp-mail">AOSP Mail </h3>
    658 <p>
    659 AOSP Mail 
    660 </p>
    661 
    662 <table>
    663   <col width="18%">
    664   <col width="17%">
    665   <col width="10%">
    666   <col width="19%">
    667   <col width="18%">
    668   <col width="17%">
    669   <tr>
    670     <th>CVE</th>
    671     <th></th>
    672     <th></th>
    673     <th> Google </th>
    674     <th> AOSP </th>
    675     <th></th>
    676   </tr>
    677   <tr>
    678     <td>CVE-2017-0420</td>
    679     <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909">
    680     A-32615212</a></td>
    681     <td></td>
    682     <td></td>
    683     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    684     <td>2016  9  12 </td>
    685   </tr>
    686 </table>
    687 
    688 
    689 <h3 id="id-in-aosp-messaging">AOSP Messaging </h3>
    690 <p>
    691 AOSP Messaging 
    692 </p>
    693 
    694 <table>
    695   <col width="18%">
    696   <col width="17%">
    697   <col width="10%">
    698   <col width="19%">
    699   <col width="18%">
    700   <col width="17%">
    701   <tr>
    702     <th>CVE</th>
    703     <th></th>
    704     <th></th>
    705     <th> Google </th>
    706     <th> AOSP </th>
    707     <th></th>
    708   </tr>
    709   <tr>
    710     <td>CVE-2017-0413</td>
    711     <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e">
    712     A-32161610</a></td>
    713     <td></td>
    714     <td></td>
    715     <td>6.06.0.17.07.1.1</td>
    716     <td>2016  10  13 </td>
    717   </tr>
    718   <tr>
    719     <td>CVE-2017-0414</td>
    720     <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd">
    721     A-32807795</a></td>
    722     <td></td>
    723     <td></td>
    724     <td>6.06.0.17.07.1.1</td>
    725     <td>2016  11  10 </td>
    726   </tr>
    727 </table>
    728 
    729 
    730 <h3 id="id-in-framework-apis">Framework API </h3>
    731 <p>
    732 Framework API 
    733 </p>
    734 
    735 <table>
    736   <col width="18%">
    737   <col width="17%">
    738   <col width="10%">
    739   <col width="19%">
    740   <col width="18%">
    741   <col width="17%">
    742   <tr>
    743     <th>CVE</th>
    744     <th></th>
    745     <th></th>
    746     <th> Google </th>
    747     <th> AOSP </th>
    748     <th></th>
    749   </tr>
    750   <tr>
    751     <td>CVE-2017-0421</td>
    752     <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336">
    753     A-32555637</a></td>
    754     <td></td>
    755     <td></td>
    756     <td>5.0.25.1.16.06.0.17.07.1.1</td>
    757     <td>Google </td>
    758   </tr>
    759 </table>
    760 
    761 
    762 <h3 id="dos-in-bionic-dns">Bionic DNS </h3>
    763 <p>
    764 Bionic DNS 
    765 
    766 </p>
    767 
    768 <table>
    769   <col width="18%">
    770   <col width="17%">
    771   <col width="10%">
    772   <col width="19%">
    773   <col width="18%">
    774   <col width="17%">
    775   <tr>
    776     <th>CVE</th>
    777     <th></th>
    778     <th></th>
    779     <th> Google </th>
    780     <th> AOSP </th>
    781     <th></th>
    782   </tr>
    783   <tr>
    784     <td>CVE-2017-0422</td>
    785     <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d">
    786     A-32322088</a></td>
    787     <td></td>
    788     <td></td>
    789     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    790     <td>2016  10  20 </td>
    791   </tr>
    792 </table>
    793 
    794 
    795 <h3 id="eop-in-bluetooth"></h3>
    796 <p>
    797 
    798 </p>
    799 
    800 <table>
    801   <col width="18%">
    802   <col width="17%">
    803   <col width="10%">
    804   <col width="19%">
    805   <col width="18%">
    806   <col width="17%">
    807   <tr>
    808     <th>CVE</th>
    809     <th></th>
    810     <th></th>
    811     <th> Google </th>
    812     <th> AOSP </th>
    813     <th></th>
    814   </tr>
    815   <tr>
    816     <td>CVE-2017-0423</td>
    817     <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083">
    818     A-32612586</a></td>
    819     <td></td>
    820     <td></td>
    821     <td>5.0.25.1.16.06.0.17.07.1.1</td>
    822     <td>2016  11  2 </td>
    823   </tr>
    824 </table>
    825 
    826 
    827 <h3 id="id-in-aosp-messaging-2">AOSP Messaging </h3>
    828 <p>
    829 AOSP Messaging 
    830 </p>
    831 
    832 <table>
    833   <col width="18%">
    834   <col width="17%">
    835   <col width="10%">
    836   <col width="19%">
    837   <col width="18%">
    838   <col width="17%">
    839   <tr>
    840     <th>CVE</th>
    841     <th></th>
    842     <th></th>
    843     <th> Google </th>
    844     <th> AOSP </th>
    845     <th></th>
    846   </tr>
    847   <tr>
    848     <td>CVE-2017-0424</td>
    849     <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc">
    850     A-32322450</a></td>
    851     <td></td>
    852     <td></td>
    853     <td>6.06.0.17.07.1.1</td>
    854     <td>2016  10  20 </td>
    855   </tr>
    856 </table>
    857 
    858 
    859 <h3 id="id-in-audioserver"></h3>
    860 <p>
    861 
    862 </p>
    863 
    864 <table>
    865   <col width="18%">
    866   <col width="17%">
    867   <col width="10%">
    868   <col width="19%">
    869   <col width="18%">
    870   <col width="17%">
    871   <tr>
    872     <th>CVE</th>
    873     <th></th>
    874     <th></th>
    875     <th> Google </th>
    876     <th> AOSP </th>
    877     <th></th>
    878   </tr>
    879   <tr>
    880     <td>CVE-2017-0425</td>
    881     <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
    882     A-32720785</a></td>
    883     <td></td>
    884     <td></td>
    885     <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td>
    886     <td>2016  11  7 </td>
    887   </tr>
    888 </table>
    889 
    890 
    891 <h3 id="id-in-filesystem"></h3>
    892 <p>
    893 
    894 </p>
    895 
    896 <table>
    897   <col width="18%">
    898   <col width="17%">
    899   <col width="10%">
    900   <col width="19%">
    901   <col width="18%">
    902   <col width="17%">
    903   <tr>
    904     <th>CVE</th>
    905     <th></th>
    906     <th></th>
    907     <th> Google </th>
    908     <th> AOSP </th>
    909     <th></th>
    910   </tr>
    911   <tr>
    912     <td>CVE-2017-0426</td>
    913     <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a">
    914     A-32799236</a>
    915 [<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td>
    916     <td></td>
    917     <td></td>
    918     <td>7.07.1.1</td>
    919     <td>Google </td>
    920   </tr>
    921 </table>
    922 
    923 
    924 <h2 id="2017-02-05-details">2017-02-05   </h2>
    925 <p>
    926  <a href="#2017-02-05-summary">2017-02-05   </a> CVE Google  AOSP  ()  ID  ( AOSP ) ID </p>
    927 
    928 
    929 <h3 id="rce-in-qualcomm-crypto-driver">Qualcomm </h3>
    930 <p>
    931 Qualcomm 
    932 </p>
    933 
    934 <table>
    935   <col width="19%">
    936   <col width="20%">
    937   <col width="10%">
    938   <col width="23%">
    939   <col width="17%">
    940   <tr>
    941     <th>CVE</th>
    942     <th></th>
    943     <th></th>
    944     <th> Google </th>
    945     <th></th>
    946   </tr>
    947   <tr>
    948     <td>CVE-2016-8418</td>
    949     <td>A-32652894<br>
    950         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f">
    951 QC-CR#1077457</a></td>
    952     <td></td>
    953     <td>*</td>
    954     <td>2016  10  10 </td>
    955   </tr>
    956 </table>
    957 <p>
    958 *  Android 7.0  Google  ()
    959 </p>
    960 
    961 
    962 <h3 id="eop-in-kernel-file-system"></h3>
    963 <p>
    964  (Re-flash) 
    965 </p>
    966 
    967 <table>
    968   <col width="19%">
    969   <col width="20%">
    970   <col width="10%">
    971   <col width="23%">
    972   <col width="17%">
    973   <tr>
    974     <th>CVE</th>
    975     <th></th>
    976     <th></th>
    977     <th> Google </th>
    978     <th></th>
    979   </tr>
    980   <tr>
    981     <td>CVE-2017-0427</td>
    982     <td>A-31495866*</td>
    983     <td></td>
    984     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
    985     <td>2016  9  13 </td>
    986   </tr>
    987 </table>
    988 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
    989 </p>
    990 
    991 
    992 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3>
    993 <p>
    994 NVIDIA GPU  (Re-flash) 
    995 </p>
    996 
    997 <table>
    998   <col width="19%">
    999   <col width="20%">
   1000   <col width="10%">
   1001   <col width="23%">
   1002   <col width="17%">
   1003   <tr>
   1004     <th>CVE</th>
   1005     <th></th>
   1006     <th></th>
   1007     <th> Google </th>
   1008     <th></th>
   1009   </tr>
   1010   <tr>
   1011     <td>CVE-2017-0428</td>
   1012     <td>A-32401526*<br>
   1013         N-CVE-2017-0428</td>
   1014     <td></td>
   1015     <td>Nexus 9</td>
   1016     <td>2016  10  25 </td>
   1017   </tr>
   1018   <tr>
   1019     <td>CVE-2017-0429</td>
   1020     <td>A-32636619*<br>
   1021         N-CVE-2017-0429</td>
   1022     <td></td>
   1023     <td>Nexus 9</td>
   1024     <td>2016  11  3 </td>
   1025   </tr>
   1026 </table>
   1027 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1028 </p>
   1029 
   1030 
   1031 <h3 id="eop-in-kernel-networking-subsystem"></h3>
   1032 <p>
   1033  (Re-flash) 
   1034 </p>
   1035 
   1036 <table>
   1037   <col width="19%">
   1038   <col width="20%">
   1039   <col width="10%">
   1040   <col width="23%">
   1041   <col width="17%">
   1042   <tr>
   1043     <th>CVE</th>
   1044     <th></th>
   1045     <th></th>
   1046     <th> Google </th>
   1047     <th></th>
   1048   </tr>
   1049   <tr>
   1050     <td>CVE-2014-9914</td>
   1051     <td>A-32882659<br>
   1052         <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a">
   1053 </a></td>
   1054     <td></td>
   1055     <td>Nexus 6Nexus Player</td>
   1056     <td>2016  11  9 </td>
   1057   </tr>
   1058 </table>
   1059 
   1060 
   1061 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3>
   1062 <p>
   1063 Broadcom Wi-Fi  (Re-flash) 
   1064 </p>
   1065 
   1066 <table>
   1067   <col width="19%">
   1068   <col width="20%">
   1069   <col width="10%">
   1070   <col width="23%">
   1071   <col width="17%">
   1072   <tr>
   1073     <th>CVE</th>
   1074     <th></th>
   1075     <th></th>
   1076     <th> Google </th>
   1077     <th></th>
   1078   </tr>
   1079   <tr>
   1080     <td>CVE-2017-0430</td>
   1081     <td>A-32838767*<br>
   1082         B-RB#107459</td>
   1083     <td></td>
   1084     <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td>
   1085     <td>Google </td>
   1086   </tr>
   1087 </table>
   1088 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1089 </p>
   1090 
   1091 
   1092 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3>
   1093 <p>
   1094  Qualcomm  2016  9  Qualcomm AMSS 
   1095 </p>
   1096 
   1097 <table>
   1098   <col width="19%">
   1099   <col width="20%">
   1100   <col width="10%">
   1101   <col width="23%">
   1102   <col width="17%">
   1103   <tr>
   1104     <th>CVE</th>
   1105     <th></th>
   1106     <th>*</th>
   1107     <th> Google </th>
   1108     <th></th>
   1109   </tr>
   1110   <tr>
   1111     <td>CVE-2017-0431</td>
   1112     <td>A-32573899**</td>
   1113     <td></td>
   1114     <td>***</td>
   1115     <td>Qualcomm </td>
   1116   </tr>
   1117 </table>
   1118 <p>
   1119 * 
   1120 </p>
   1121 <p>
   1122 **  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1123 </p>
   1124 <p>
   1125 ***  Android 7.0  Google  ()
   1126 </p>
   1127 
   1128 
   1129 <h3 id="eop-in-mediatek-driver">MediaTek </h3>
   1130 <p>
   1131 MediaTek 
   1132 </p>
   1133 
   1134 <table>
   1135   <col width="19%">
   1136   <col width="20%">
   1137   <col width="10%">
   1138   <col width="23%">
   1139   <col width="17%">
   1140   <tr>
   1141     <th>CVE</th>
   1142     <th></th>
   1143     <th></th>
   1144     <th> Google </th>
   1145     <th></th>
   1146   </tr>
   1147   <tr>
   1148     <td>CVE-2017-0432</td>
   1149     <td>A-28332719*<br>
   1150         M-ALPS02708925</td>
   1151     <td></td>
   1152     <td>**</td>
   1153     <td>2016  4  21 </td>
   1154   </tr>
   1155 </table>
   1156 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1157 </p>
   1158 <p>
   1159 **  Android 7.0  Google  ()
   1160 </p>
   1161 
   1162 
   1163 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3>
   1164 <p>
   1165 Synaptics 
   1166 </p>
   1167 
   1168 <table>
   1169   <col width="19%">
   1170   <col width="20%">
   1171   <col width="10%">
   1172   <col width="23%">
   1173   <col width="17%">
   1174   <tr>
   1175     <th>CVE</th>
   1176     <th></th>
   1177     <th></th>
   1178     <th> Google </th>
   1179     <th></th>
   1180   </tr>
   1181   <tr>
   1182     <td>CVE-2017-0433</td>
   1183     <td>A-31913571*</td>
   1184     <td></td>
   1185     <td>Nexus 6PNexus 9Android OnePixelPixel XL</td>
   1186     <td>2016  9  8 </td>
   1187   </tr>
   1188   <tr>
   1189     <td>CVE-2017-0434</td>
   1190     <td>A-33001936*</td>
   1191     <td></td>
   1192     <td>PixelPixel XL</td>
   1193     <td>2016  11  18 </td>
   1194   </tr>
   1195 </table>
   1196 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1197 </p>
   1198 
   1199 
   1200 <h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm </h3>
   1201 <p>
   1202 Qualcomm 
   1203 </p>
   1204 
   1205 <table>
   1206   <col width="19%">
   1207   <col width="20%">
   1208   <col width="10%">
   1209   <col width="23%">
   1210   <col width="17%">
   1211   <tr>
   1212     <th>CVE</th>
   1213     <th></th>
   1214     <th></th>
   1215     <th> Google </th>
   1216     <th></th>
   1217   </tr>
   1218   <tr>
   1219     <td>CVE-2016-8480</td>
   1220     <td>A-31804432<br>
   1221         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471">
   1222 QC-CR#1086186</a>
   1223 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td>
   1224     <td></td>
   1225     <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td>
   1226     <td>2016  9  28 </td>
   1227   </tr>
   1228 </table>
   1229 
   1230 
   1231 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3>
   1232 <p>
   1233 Qualcomm 
   1234 </p>
   1235 
   1236 <table>
   1237   <col width="19%">
   1238   <col width="20%">
   1239   <col width="10%">
   1240   <col width="23%">
   1241   <col width="17%">
   1242   <tr>
   1243     <th>CVE</th>
   1244     <th></th>
   1245     <th></th>
   1246     <th> Google </th>
   1247     <th></th>
   1248   </tr>
   1249   <tr>
   1250     <td>CVE-2016-8481</td>
   1251     <td>A-31906415*<br>
   1252         QC-CR#1078000</td>
   1253     <td></td>
   1254     <td>Nexus 5XNexus 6PPixelPixel XL</td>
   1255     <td>2016  10  1 </td>
   1256   </tr>
   1257   <tr>
   1258     <td>CVE-2017-0435</td>
   1259     <td>A-31906657*<br>
   1260         QC-CR#1078000</td>
   1261     <td></td>
   1262     <td>Nexus 5XNexus 6PPixelPixel XL</td>
   1263     <td>2016  10  1 </td>
   1264   </tr>
   1265   <tr>
   1266     <td>CVE-2017-0436</td>
   1267     <td>A-32624661*<br>
   1268         QC-CR#1078000</td>
   1269     <td></td>
   1270     <td>Nexus 5XNexus 6PPixelPixel XL</td>
   1271     <td>2016  11  2 </td>
   1272   </tr>
   1273 </table>
   1274 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1275 </p>
   1276 
   1277 
   1278 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3>
   1279 <p>
   1280 Qualcomm Wi-Fi 
   1281 </p>
   1282 
   1283 <table>
   1284   <col width="19%">
   1285   <col width="20%">
   1286   <col width="10%">
   1287   <col width="23%">
   1288   <col width="17%">
   1289   <tr>
   1290     <th>CVE</th>
   1291     <th></th>
   1292     <th></th>
   1293     <th> Google </th>
   1294     <th></th>
   1295   </tr>
   1296   <tr>
   1297     <td>CVE-2017-0437</td>
   1298     <td>A-32402310<br>
   1299         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
   1300 QC-CR#1092497</a></td>
   1301     <td></td>
   1302     <td>Nexus 5XPixelPixel XL</td>
   1303     <td>2016  10  25 </td>
   1304   </tr>
   1305   <tr>
   1306     <td>CVE-2017-0438</td>
   1307     <td>A-32402604<br>
   1308         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
   1309 QC-CR#1092497</a></td>
   1310     <td></td>
   1311     <td>Nexus 5XPixelPixel XL</td>
   1312     <td>2016  10  25 </td>
   1313   </tr>
   1314   <tr>
   1315     <td>CVE-2017-0439</td>
   1316     <td>A-32450647<br>
   1317         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61">
   1318 QC-CR#1092059</a></td>
   1319     <td></td>
   1320     <td>Nexus 5XPixelPixel XL</td>
   1321     <td>2016  10  25 </td>
   1322   </tr>
   1323   <tr>
   1324     <td>CVE-2016-8419</td>
   1325     <td>A-32454494<br>
   1326         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488">
   1327 QC-CR#1087209</a></td>
   1328     <td></td>
   1329     <td>Nexus 5XPixelPixel XL</td>
   1330     <td>2016  10  26 </td>
   1331   </tr>
   1332   <tr>
   1333     <td>CVE-2016-8420</td>
   1334     <td>A-32451171<br>
   1335         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e">
   1336 QC-CR#1087807</a></td>
   1337     <td></td>
   1338     <td>Nexus 5XPixelPixel XL</td>
   1339     <td>2016  10  26 </td>
   1340   </tr>
   1341   <tr>
   1342     <td>CVE-2016-8421</td>
   1343     <td>A-32451104<br>
   1344         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb">
   1345 QC-CR#1087797</a></td>
   1346     <td></td>
   1347     <td>Nexus 5XPixelPixel XL</td>
   1348     <td>2016  10  26 </td>
   1349   </tr>
   1350   <tr>
   1351     <td>CVE-2017-0440</td>
   1352     <td>A-33252788<br>
   1353         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268">
   1354 QC-CR#1095770</a></td>
   1355     <td></td>
   1356     <td>Nexus 5XPixelPixel XL</td>
   1357     <td>2016  11  11 </td>
   1358   </tr>
   1359   <tr>
   1360     <td>CVE-2017-0441</td>
   1361     <td>A-32872662<br>
   1362         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684">
   1363 QC-CR#1095009</a></td>
   1364     <td></td>
   1365     <td>Nexus 5XPixelPixel XL</td>
   1366     <td>2016  11  11 </td>
   1367   </tr>
   1368   <tr>
   1369     <td>CVE-2017-0442</td>
   1370     <td>A-32871330<br>
   1371         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
   1372 QC-CR#1092497</a></td>
   1373     <td></td>
   1374     <td>Nexus 5XPixelPixel XL</td>
   1375     <td>2016  11  13 </td>
   1376   </tr>
   1377   <tr>
   1378     <td>CVE-2017-0443</td>
   1379     <td>A-32877494<br>
   1380         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
   1381 QC-CR#1092497</a></td>
   1382     <td></td>
   1383     <td>Nexus 5XPixelPixel XL</td>
   1384     <td>2016  11  13 </td>
   1385   </tr>
   1386   <tr>
   1387     <td>CVE-2016-8476</td>
   1388     <td>A-32879283<br>
   1389         <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799">
   1390 QC-CR#1091940</a></td>
   1391     <td></td>
   1392     <td>Nexus 5XPixelPixel XL</td>
   1393     <td>2016  11  14 </td>
   1394   </tr>
   1395 </table>
   1396 
   1397 
   1398 <h3 id="eop-in-realtek-sound-driver">Realtek </h3>
   1399 <p>
   1400 Realtek 
   1401 </p>
   1402 
   1403 <table>
   1404   <col width="19%">
   1405   <col width="20%">
   1406   <col width="10%">
   1407   <col width="23%">
   1408   <col width="17%">
   1409   <tr>
   1410     <th>CVE</th>
   1411     <th></th>
   1412     <th></th>
   1413     <th> Google </th>
   1414     <th></th>
   1415   </tr>
   1416   <tr>
   1417     <td>CVE-2017-0444</td>
   1418     <td>A-32705232*</td>
   1419     <td></td>
   1420     <td>Nexus 9</td>
   1421     <td>2016  11  7 </td>
   1422   </tr>
   1423 </table>
   1424 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1425 </p>
   1426 
   1427 
   1428 <h3 id="eop-in-htc-touchscreen-driver">HTC </h3>
   1429 <p>
   1430 HTC 
   1431 </p>
   1432 
   1433 <table>
   1434   <col width="19%">
   1435   <col width="20%">
   1436   <col width="10%">
   1437   <col width="23%">
   1438   <col width="17%">
   1439   <tr>
   1440     <th>CVE</th>
   1441     <th></th>
   1442     <th></th>
   1443     <th> Google </th>
   1444     <th></th>
   1445   </tr>
   1446   <tr>
   1447     <td>CVE-2017-0445</td>
   1448     <td>A-32769717*</td>
   1449     <td></td>
   1450     <td>PixelPixel XL</td>
   1451     <td>2016  11  9 </td>
   1452   </tr>
   1453   <tr>
   1454     <td>CVE-2017-0446</td>
   1455     <td>A-32917445*</td>
   1456     <td></td>
   1457     <td>PixelPixel XL</td>
   1458     <td>2016  11  15 </td>
   1459   </tr>
   1460   <tr>
   1461     <td>CVE-2017-0447</td>
   1462     <td>A-32919560*</td>
   1463     <td></td>
   1464     <td>PixelPixel XL</td>
   1465     <td>2016  11  15 </td>
   1466   </tr>
   1467 </table>
   1468 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1469 </p>
   1470 
   1471 
   1472 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3>
   1473 <p>
   1474 NVIDIA 
   1475 </p>
   1476 
   1477 <table>
   1478   <col width="19%">
   1479   <col width="20%">
   1480   <col width="10%">
   1481   <col width="23%">
   1482   <col width="17%">
   1483   <tr>
   1484     <th>CVE</th>
   1485     <th></th>
   1486     <th></th>
   1487     <th> Google </th>
   1488     <th></th>
   1489   </tr>
   1490   <tr>
   1491     <td>CVE-2017-0448</td>
   1492     <td>A-32721029*<br>
   1493         N-CVE-2017-0448</td>
   1494     <td></td>
   1495     <td>Nexus 9</td>
   1496     <td>2016  11  7 </td>
   1497   </tr>
   1498 </table>
   1499 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1500 </p>
   1501 
   1502 
   1503 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi </h3>
   1504 <p>
   1505 Broadcom Wi-Fi 
   1506 </p>
   1507 
   1508 <table>
   1509   <col width="19%">
   1510   <col width="20%">
   1511   <col width="10%">
   1512   <col width="23%">
   1513   <col width="17%">
   1514   <tr>
   1515     <th>CVE</th>
   1516     <th></th>
   1517     <th></th>
   1518     <th> Google </th>
   1519     <th></th>
   1520   </tr>
   1521   <tr>
   1522     <td>CVE-2017-0449</td>
   1523     <td>A-31707909*<br>
   1524         B-RB#32094</td>
   1525     <td></td>
   1526     <td>Nexus 6Nexus 6P</td>
   1527     <td>2016  9  23 </td>
   1528   </tr>
   1529 </table>
   1530 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1531 </p>
   1532 
   1533 
   1534 <h3 id="eop-in-audioserver-2"></h3>
   1535 <p>
   1536 </p>
   1537 
   1538 <table>
   1539   <col width="19%">
   1540   <col width="20%">
   1541   <col width="10%">
   1542   <col width="23%">
   1543   <col width="17%">
   1544   <tr>
   1545     <th>CVE</th>
   1546     <th></th>
   1547     <th></th>
   1548     <th> Google </th>
   1549     <th></th>
   1550   </tr>
   1551   <tr>
   1552     <td>CVE-2017-0450</td>
   1553     <td>A-32917432*</td>
   1554     <td></td>
   1555     <td>Nexus 9</td>
   1556     <td>2016  11  15 </td>
   1557   </tr>
   1558 </table>
   1559 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1560 </p>
   1561 
   1562 
   1563 <h3 id="eop-in-kernel-file-system-2"></h3>
   1564 <p>
   1565 
   1566 </p>
   1567 
   1568 <table>
   1569   <col width="19%">
   1570   <col width="20%">
   1571   <col width="10%">
   1572   <col width="23%">
   1573   <col width="17%">
   1574   <tr>
   1575     <th>CVE</th>
   1576     <th></th>
   1577     <th></th>
   1578     <th> Google </th>
   1579     <th></th>
   1580   </tr>
   1581   <tr>
   1582     <td>CVE-2016-10044</td>
   1583     <td>A-31711619*</td>
   1584     <td></td>
   1585     <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td>
   1586     <td>Google </td>
   1587   </tr>
   1588 </table>
   1589 <p>*  Nexus  <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a>
   1590 </p>
   1591 
   1592 
   1593 <h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm </h3>
   1594 <p>
   1595 Qualcomm 
   1596 </p>
   1597 
   1598 <table>
   1599   <col width="19%">
   1600   <col width="20%">
   1601   <col width="10%">
   1602   <col width="23%">
   1603   <col width="17%">
   1604   <tr>
   1605     <th>CVE</th>
   1606     <th></th>
   1607     <th></th>
   1608     <th> Google </th>
   1609     <th></th>
   1610   </tr>
   1611   <tr>
   1612     <td>CVE-2016-8414</td>
   1613     <td>A-31704078<br>
   1614         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846">
   1615 QC-CR#1076407</a></td>
   1616     <td></td>
   1617     <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td>
   1618     <td>2016  9  23 </td>
   1619   </tr>
   1620 </table>
   1621 
   1622 
   1623 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3>
   1624 <p>
   1625 Qualcomm 
   1626 </p>
   1627 
   1628 <table>
   1629   <col width="19%">
   1630   <col width="20%">
   1631   <col width="10%">
   1632   <col width="23%">
   1633   <col width="17%">
   1634   <tr>
   1635     <th>CVE</th>
   1636     <th></th>
   1637     <th></th>
   1638     <th> Google </th>
   1639     <th></th>
   1640   </tr>
   1641   <tr>
   1642     <td>CVE-2017-0451</td>
   1643     <td>A-31796345<br>
   1644         <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e">
   1645 QC-CR#1073129</a>
   1646 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td>
   1647     <td></td>
   1648     <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td>
   1649     <td>2016  9  27 </td>
   1650   </tr>
   1651 </table>
   1652 
   1653 <h2 id="common-questions-and-answers"></h2>
   1654 <p></p>
   1655 <p><strong>1. </strong></p>
   1656 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices">Pixel  Nexus </a></p>
   1657 <ul>
   1658   <li>2017  2  1  2017-02-01 </li>
   1659   <li>2017  2  5  2017-02-05 
   1660   </li>
   1661 </ul>
   1662 <p></p>
   1663 <ul>
   1664 <li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li>
   1665 <li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li>
   1666 </ul>
   1667 
   1668 <p><strong>2. </strong></p>
   1669 
   1670 <p> Android  Android  Android </p>
   1671 <ul>
   1672   <li> 2017  1  1 </li>
   1673   <li> 2017  1  5  () </li>
   1674 </ul>
   1675 <p></p>
   1676 <p><strong>3.  Google </strong></p>
   1677 <p> <a href="#2017-02-01-details">2017-02-01</a>  <a href="#2017-02-05-details">2017-02-05</a>  Google <em></em> Google </p>
   1678 <ul>
   1679   <li><strong> Google </strong> Pixel  Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&amp;nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel  Pixel XL</li>
   1680   <li><strong> Google </strong> Google  Google <em></em> Google </li>
   1681   <li><strong> Google </strong> Android 7.0  Google  Google <em></em></li>
   1682 </ul>
   1683 <p><strong>4. </strong></p>
   1684 <p><em></em></p>
   1685 <table>
   1686   <tr>
   1687    <th></th>
   1688    <th></th>
   1689   </tr>
   1690   <tr>
   1691    <td>A-</td>
   1692    <td>Android  ID</td>
   1693   </tr>
   1694   <tr>
   1695    <td>QC-</td>
   1696    <td>Qualcomm </td>
   1697   </tr>
   1698   <tr>
   1699    <td>M-</td>
   1700    <td>MediaTek </td>
   1701   </tr>
   1702   <tr>
   1703    <td>N-</td>
   1704    <td>NVIDIA </td>
   1705   </tr>
   1706   <tr>
   1707    <td>B-</td>
   1708    <td>Broadcom </td>
   1709   </tr>
   1710 </table>
   1711 
   1712 <h2 id="revisions"></h2>
   1713 <ul>
   1714   <li>2017  2  6 </li>
   1715   <li>2017  2  8  AOSP </li>
   1716 </ul>
   1717 
   1718   </body>
   1719 </html>
   1720