1 <html devsite> 2 <head> 3 <title>Android 2017 2 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p><em>2017 2 6 | 2017 2 8 </em></p> 27 <p>Android Android Google OTA Google Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2017 2 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a> 28 </p> 29 <p> 30 2017 1 3 Android (AOSP) AOSP 31 </p> 32 <p> 33 </p> 34 <p> <a href="/security/enhancements/index.html">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) Android <a href="#mitigations">Android Google </a> 35 </p> 36 <p> 37 </p> 38 <h2 id="announcements"></h2> 39 <ul> 40 <li> Android Android <a href="#common-questions-and-answers"></a> 41 <ul> 42 <li><strong>2017-02-01</strong> 2017-02-01 () </li> 43 <li><strong>2017-02-05</strong> 2017-02-01 2017-02-05 () </li> 44 </ul> 45 </li> 46 <li> Google OTA 2017 2 5 </li> 47 </ul> 48 <h2 id="security-vulnerability-summary"></h2> 49 <p> 50 ID (CVE) Google <a href="/security/overview/updates-resources.html#severity"></a> 51 </p> 52 <h3 id="2017-02-01-summary">2017-02-01 </h3> 53 <p> 54 2017-02-01 55 </p> 56 <table> 57 <col width="55%"> 58 <col width="20%"> 59 <col width="13%"> 60 <col width="12%"> 61 <tr> 62 <th></th> 63 <th>CVE</th> 64 <th></th> 65 <th> Google </th> 66 </tr> 67 <tr> 68 <td>Surfaceflinger </td> 69 <td>CVE-2017-0405</td> 70 <td></td> 71 <td></td> 72 </tr> 73 <tr> 74 <td></td> 75 <td>CVE-2017-0406CVE-2017-0407</td> 76 <td></td> 77 <td></td> 78 </tr> 79 <tr> 80 <td>libgdx </td> 81 <td>CVE-2017-0408</td> 82 <td></td> 83 <td></td> 84 </tr> 85 <tr> 86 <td>libstagefright </td> 87 <td>CVE-2017-0409</td> 88 <td></td> 89 <td></td> 90 </tr> 91 <tr> 92 <td>Java.Net </td> 93 <td>CVE-2016-5552</td> 94 <td></td> 95 <td></td> 96 </tr> 97 <tr> 98 <td>Framework API </td> 99 <td>CVE-2017-0410CVE-2017-0411CVE-2017-0412</td> 100 <td></td> 101 <td></td> 102 </tr> 103 <tr> 104 <td></td> 105 <td>CVE-2017-0415</td> 106 <td></td> 107 <td></td> 108 </tr> 109 <tr> 110 <td></td> 111 <td>CVE-2017-0416CVE-2017-0417CVE-2017-0418CVE-2017-0419</td> 112 <td></td> 113 <td></td> 114 </tr> 115 <tr> 116 <td>AOSP Mail </td> 117 <td>CVE-2017-0420</td> 118 <td></td> 119 <td></td> 120 </tr> 121 <tr> 122 <td>AOSP Messaging </td> 123 <td>CVE-2017-0413CVE-2017-0414</td> 124 <td></td> 125 <td></td> 126 </tr> 127 <tr> 128 <td>Framework API </td> 129 <td>CVE-2017-0421</td> 130 <td></td> 131 <td></td> 132 </tr> 133 <tr> 134 <td>Bionic DNS </td> 135 <td>CVE-2017-0422</td> 136 <td></td> 137 <td></td> 138 </tr> 139 <tr> 140 <td></td> 141 <td>CVE-2017-0423</td> 142 <td></td> 143 <td></td> 144 </tr> 145 <tr> 146 <td>AOSP Messaging </td> 147 <td>CVE-2017-0424</td> 148 <td></td> 149 <td></td> 150 </tr> 151 <tr> 152 <td></td> 153 <td>CVE-2017-0425</td> 154 <td></td> 155 <td></td> 156 </tr> 157 <tr> 158 <td></td> 159 <td>CVE-2017-0426</td> 160 <td></td> 161 <td></td> 162 </tr> 163 </table> 164 <h3 id="2017-02-05-summary">2017-02-05 </h3> 165 <p>2017-02-05 2017-02-01 </p> 166 <table> 167 <col width="55%"> 168 <col width="20%"> 169 <col width="13%"> 170 <col width="12%"> 171 <tr> 172 <th></th> 173 <th>CVE</th> 174 <th></th> 175 <th> Google </th> 176 </tr> 177 <tr> 178 <td>Qualcomm </td> 179 <td>CVE-2016-8418</td> 180 <td></td> 181 <td>*</td> 182 </tr> 183 <tr> 184 <td></td> 185 <td>CVE-2017-0427</td> 186 <td></td> 187 <td></td> 188 </tr> 189 <tr> 190 <td>NVIDIA GPU </td> 191 <td>CVE-2017-0428CVE-2017-0429</td> 192 <td></td> 193 <td></td> 194 </tr> 195 <tr> 196 <td></td> 197 <td>CVE-2014-9914</td> 198 <td></td> 199 <td></td> 200 </tr> 201 <tr> 202 <td>Broadcom Wi-Fi </td> 203 <td>CVE-2017-0430</td> 204 <td></td> 205 <td></td> 206 </tr> 207 <tr> 208 <td>Qualcomm </td> 209 <td>CVE-2017-0431</td> 210 <td></td> 211 <td>*</td> 212 </tr> 213 <tr> 214 <td>MediaTek </td> 215 <td>CVE-2017-0432</td> 216 <td></td> 217 <td>*</td> 218 </tr> 219 <tr> 220 <td>Synaptics </td> 221 <td>CVE-2017-0433CVE-2017-0434</td> 222 <td></td> 223 <td></td> 224 </tr> 225 <tr> 226 <td>Qualcomm </td> 227 <td>CVE-2016-8480</td> 228 <td></td> 229 <td></td> 230 </tr> 231 <tr> 232 <td>Qualcomm </td> 233 <td>CVE-2016-8481CVE-2017-0435CVE-2017-0436</td> 234 <td></td> 235 <td></td> 236 </tr> 237 <tr> 238 <td>Qualcomm Wi-Fi </td> 239 <td>CVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0440CVE-2017-0441CVE-2017-0442CVE-2017-0443CVE-2016-8476</td> 240 <td></td> 241 <td></td> 242 </tr> 243 <tr> 244 <td>Realtek </td> 245 <td>CVE-2017-0444</td> 246 <td></td> 247 <td></td> 248 </tr> 249 <tr> 250 <td>HTC </td> 251 <td>CVE-2017-0445CVE-2017-0446CVE-2017-0447</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td>NVIDIA </td> 257 <td>CVE-2017-0448</td> 258 <td></td> 259 <td></td> 260 </tr> 261 <tr> 262 <td>Broadcom Wi-Fi </td> 263 <td>CVE-2017-0449</td> 264 <td></td> 265 <td></td> 266 </tr> 267 <tr> 268 <td></td> 269 <td>CVE-2017-0450</td> 270 <td></td> 271 <td></td> 272 </tr> 273 <tr> 274 <td></td> 275 <td>CVE-2016-10044</td> 276 <td></td> 277 <td></td> 278 </tr> 279 <tr> 280 <td>Qualcomm </td> 281 <td>CVE-2016-8414</td> 282 <td></td> 283 <td></td> 284 </tr> 285 <tr> 286 <td>Qualcomm </td> 287 <td>CVE-2017-0451</td> 288 <td></td> 289 <td></td> 290 </tr> 291 </table> 292 293 <p>* Android 7.0 Google ()</p> 294 295 <h2 id="mitigations">Android Google </h2> 296 <p> <a href="/security/enhancements/index.html">Android </a> SafetyNet Android </p> 297 <ul> 298 <li> Android Android Android</li> 299 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 300 <li>Google Hangouts Messenger </li> 301 </ul> 302 <h2 id="acknowledgements"></h2> 303 <p> 304 </p> 305 <ul> 306 <li>Daniel DakhnoCVE-2017-0420</li> 307 <li>Copperhead Security Daniel MicayCVE-2017-0410</li> 308 <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>CVE-2017-0414</li> 309 <li>Google Chrome Frank LiberatoCVE-2017-0409</li> 310 <li>Google Project Zero Gal BeniaminiCVE-2017-0411CVE-2017-0412</li> 311 <li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2017-0434CVE-2017-0446CVE-2017-0447CVE-2017-0432</li> 312 <li><a href="http://www.360.com"> 360 </a> Alpha Guang Gong () (<a href="https://twitter.com/oldfresher">@oldfresher</a>)CVE-2017-0415</li> 313 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a><a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0418</li> 314 <li> 360 Alpha Hao Chen Guang GongCVE-2017-0437CVE-2017-0438CVE-2017-0439CVE-2016-8419CVE-2016-8420CVE-2016-8421CVE-2017-0441CVE-2017-0442CVE-2016-8476CVE-2017-0443</li> 315 <li>Google Jeff SharkeyCVE-2017-0421CVE-2017-0423</li> 316 <li>Jeff TrimCVE-2017-0422</li> 317 <li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2017-0445</li> 318 <li>LINE Corporation ma.la Nikolay ElenkovCVE-2016-5552</li> 319 <li>Google Max SpectorCVE-2017-0416</li> 320 <li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>) Xuxian JiangCVE-2017-0425</li> 321 <li> Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) Di Shen () (<a href="https://twitter.com/returnsme">@returnsme</a>)CVE-2017-0427</li> 322 <li>IBM X-Force Research Sagi KedmiCVE-2017-0433</li> 323 <li>Copperhead Security Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>) Daniel MicayCVE-2017-0405</li> 324 <li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2017-0449CVE-2016-8418</li> 325 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0436CVE-2016-8481CVE-2017-0435</li> 326 <li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0424</li> 327 <li> Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)CVE-2017-0407</li> 328 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:hlhan (a] bupt.edu.cn">Hongli Han</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0450</li> 329 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0417</li> 330 <li> Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://www.weibo.com/wishlinux"></a> )CVE-2017-0408</li> 331 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:yaojun8558363 (a] gmail.com">Yao Jun</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2016-8480</li> 332 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0444</li> 333 <li><a href="http://c0reteam.org">C0RE </a><a href="mailto:computernik (a] gmail.com"> Yuan-Tsung Lo</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0428</li> 334 <li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a><a href="mailto:wisedd (a] gmail.com">Xiaodong Wang</a>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) Xuxian JiangCVE-2017-0448CVE-2017-0429</li> 335 <li><a href="http://www.nsfocus.com"></a> <a href="mailto:zhouzhenster (a] gmail.com">Zhen Zhou</a> (<a href="https://twitter.com/henices">@henices</a>) <a href="mailto:sundaywind2004 (a] gmail.com">Zhixin Li</a>CVE-2017-0406</li> 336 </ul> 337 <p> 338 </p><ul> 339 <li> Pengfei Ding ()Chenfu Bao () Lenx Wei ()</li> 340 </ul> 341 342 <h2 id="2017-02-01-details">2017-02-01 </h2> 343 <p> 344 <a href="#2017-02-01-summary">2017-02-01 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 345 346 347 <h3 id="rce-in-surfaceflinger">Surfaceflinger </h3> 348 <p>Surfaceflinger Surfaceflinger 349 </p> 350 351 <table> 352 <col width="18%"> 353 <col width="17%"> 354 <col width="10%"> 355 <col width="19%"> 356 <col width="18%"> 357 <col width="17%"> 358 <tr> 359 <th>CVE</th> 360 <th></th> 361 <th></th> 362 <th> Google </th> 363 <th> AOSP </th> 364 <th></th> 365 </tr> 366 <tr> 367 <td>CVE-2017-0405</td> 368 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979"> 369 A-31960359</a></td> 370 <td></td> 371 <td></td> 372 <td>7.07.1.1</td> 373 <td>2016 10 4 </td> 374 </tr> 375 </table> 376 377 378 <h3 id="rce-in-mediaserver"></h3> 379 <p> 380 </p> 381 382 <table> 383 <col width="18%"> 384 <col width="17%"> 385 <col width="10%"> 386 <col width="19%"> 387 <col width="18%"> 388 <col width="17%"> 389 <tr> 390 <th>CVE</th> 391 <th></th> 392 <th></th> 393 <th> Google </th> 394 <th> AOSP </th> 395 <th></th> 396 </tr> 397 <tr> 398 <td>CVE-2017-0406</td> 399 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575"> 400 A-32915871</a> 401 [<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td> 402 <td></td> 403 <td></td> 404 <td>6.06.0.17.07.1.1</td> 405 <td>2016 11 14 </td> 406 </tr> 407 <tr> 408 <td>CVE-2017-0407</td> 409 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7"> 410 A-32873375</a></td> 411 <td></td> 412 <td></td> 413 <td>6.06.0.17.07.1.1</td> 414 <td>2016 11 12 </td> 415 </tr> 416 </table> 417 418 419 <h3 id="rce-in-libgdx">libgdx </h3> 420 <p> 421 libgdx 422 </p> 423 424 <table> 425 <col width="18%"> 426 <col width="17%"> 427 <col width="10%"> 428 <col width="19%"> 429 <col width="18%"> 430 <col width="17%"> 431 <tr> 432 <th>CVE</th> 433 <th></th> 434 <th></th> 435 <th> Google </th> 436 <th> AOSP </th> 437 <th></th> 438 </tr> 439 <tr> 440 <td>CVE-2017-0408</td> 441 <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b"> 442 A-32769670</a></td> 443 <td></td> 444 <td></td> 445 <td>7.1.1</td> 446 <td>2016 11 9 </td> 447 </tr> 448 </table> 449 450 451 <h3 id="rce-in-libstagefright">libstagefright </h3> 452 <p> 453 libstagefright 454 </p> 455 456 <table> 457 <col width="18%"> 458 <col width="17%"> 459 <col width="10%"> 460 <col width="19%"> 461 <col width="18%"> 462 <col width="17%"> 463 <tr> 464 <th>CVE</th> 465 <th></th> 466 <th></th> 467 <th> Google </th> 468 <th> AOSP </th> 469 <th></th> 470 </tr> 471 <tr> 472 <td>CVE-2017-0409</td> 473 <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b"> 474 A-31999646</a></td> 475 <td></td> 476 <td></td> 477 <td>6.06.0.17.07.1.1</td> 478 <td>Google </td> 479 </tr> 480 </table> 481 482 483 <h3 id="eop-in-java.net">Java.Net </h3> 484 <p> 485 Java.Net 486 </p> 487 488 <table> 489 <col width="18%"> 490 <col width="17%"> 491 <col width="10%"> 492 <col width="19%"> 493 <col width="18%"> 494 <col width="17%"> 495 <tr> 496 <th>CVE</th> 497 <th></th> 498 <th></th> 499 <th> Google </th> 500 <th> AOSP </th> 501 <th></th> 502 </tr> 503 <tr> 504 <td>CVE-2016-5552</td> 505 <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea"> 506 A-31858037</a></td> 507 <td></td> 508 <td></td> 509 <td>7.07.1.1</td> 510 <td>2016 9 30 </td> 511 </tr> 512 </table> 513 514 515 <h3 id="eop-in-framework-apis">Framework API </h3> 516 <p> 517 Framework API 518 </p> 519 520 <table> 521 <col width="18%"> 522 <col width="17%"> 523 <col width="10%"> 524 <col width="19%"> 525 <col width="18%"> 526 <col width="17%"> 527 <tr> 528 <th>CVE</th> 529 <th></th> 530 <th></th> 531 <th> Google </th> 532 <th> AOSP </th> 533 <th></th> 534 </tr> 535 <tr> 536 <td>CVE-2017-0410</td> 537 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa"> 538 A-31929765</a></td> 539 <td></td> 540 <td></td> 541 <td>5.0.25.1.16.06.0.17.07.1.1</td> 542 <td>2016 10 2 </td> 543 </tr> 544 <tr> 545 <td>CVE-2017-0411</td> 546 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f"> 547 A-33042690</a> 548 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 549 <td></td> 550 <td></td> 551 <td>7.07.1.1</td> 552 <td>2016 11 21 </td> 553 </tr> 554 <tr> 555 <td>CVE-2017-0412</td> 556 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f"> 557 A-33039926</a> 558 [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td> 559 <td></td> 560 <td></td> 561 <td>7.07.1.1</td> 562 <td>2016 11 21 </td> 563 </tr> 564 </table> 565 566 <h3 id="eop-in-mediaserver"></h3> 567 <p> 568 569 </p> 570 571 <table> 572 <col width="18%"> 573 <col width="17%"> 574 <col width="10%"> 575 <col width="19%"> 576 <col width="18%"> 577 <col width="17%"> 578 <tr> 579 <th>CVE</th> 580 <th></th> 581 <th></th> 582 <th> Google </th> 583 <th> AOSP </th> 584 <th></th> 585 </tr> 586 <tr> 587 <td>CVE-2017-0415</td> 588 <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34"> 589 A-32706020</a></td> 590 <td></td> 591 <td></td> 592 <td>6.06.0.17.07.1.1</td> 593 <td>2016 11 4 </td> 594 </tr> 595 </table> 596 597 598 <h3 id="eop-in-audioserver"></h3> 599 <p> 600 </p> 601 602 <table> 603 <col width="18%"> 604 <col width="17%"> 605 <col width="10%"> 606 <col width="19%"> 607 <col width="18%"> 608 <col width="17%"> 609 <tr> 610 <th>CVE</th> 611 <th></th> 612 <th></th> 613 <th> Google </th> 614 <th> AOSP </th> 615 <th></th> 616 </tr> 617 <tr> 618 <td>CVE-2017-0416</td> 619 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 620 A-32886609</a> 621 [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td> 622 <td></td> 623 <td></td> 624 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 625 <td>Google </td> 626 </tr> 627 <tr> 628 <td>CVE-2017-0417</td> 629 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 630 A-32705438</a></td> 631 <td></td> 632 <td></td> 633 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 634 <td>2016 11 7 </td> 635 </tr> 636 <tr> 637 <td>CVE-2017-0418</td> 638 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34"> 639 A-32703959</a> 640 [<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td> 641 <td></td> 642 <td></td> 643 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 644 <td>2016 11 7 </td> 645 </tr> 646 <tr> 647 <td>CVE-2017-0419</td> 648 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff"> 649 A-32220769</a></td> 650 <td></td> 651 <td></td> 652 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 653 <td>2016 10 15 </td> 654 </tr> 655 </table> 656 657 <h3 id="id-in-aosp-mail">AOSP Mail </h3> 658 <p> 659 AOSP Mail 660 </p> 661 662 <table> 663 <col width="18%"> 664 <col width="17%"> 665 <col width="10%"> 666 <col width="19%"> 667 <col width="18%"> 668 <col width="17%"> 669 <tr> 670 <th>CVE</th> 671 <th></th> 672 <th></th> 673 <th> Google </th> 674 <th> AOSP </th> 675 <th></th> 676 </tr> 677 <tr> 678 <td>CVE-2017-0420</td> 679 <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909"> 680 A-32615212</a></td> 681 <td></td> 682 <td></td> 683 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 684 <td>2016 9 12 </td> 685 </tr> 686 </table> 687 688 689 <h3 id="id-in-aosp-messaging">AOSP Messaging </h3> 690 <p> 691 AOSP Messaging 692 </p> 693 694 <table> 695 <col width="18%"> 696 <col width="17%"> 697 <col width="10%"> 698 <col width="19%"> 699 <col width="18%"> 700 <col width="17%"> 701 <tr> 702 <th>CVE</th> 703 <th></th> 704 <th></th> 705 <th> Google </th> 706 <th> AOSP </th> 707 <th></th> 708 </tr> 709 <tr> 710 <td>CVE-2017-0413</td> 711 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e"> 712 A-32161610</a></td> 713 <td></td> 714 <td></td> 715 <td>6.06.0.17.07.1.1</td> 716 <td>2016 10 13 </td> 717 </tr> 718 <tr> 719 <td>CVE-2017-0414</td> 720 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd"> 721 A-32807795</a></td> 722 <td></td> 723 <td></td> 724 <td>6.06.0.17.07.1.1</td> 725 <td>2016 11 10 </td> 726 </tr> 727 </table> 728 729 730 <h3 id="id-in-framework-apis">Framework API </h3> 731 <p> 732 Framework API 733 </p> 734 735 <table> 736 <col width="18%"> 737 <col width="17%"> 738 <col width="10%"> 739 <col width="19%"> 740 <col width="18%"> 741 <col width="17%"> 742 <tr> 743 <th>CVE</th> 744 <th></th> 745 <th></th> 746 <th> Google </th> 747 <th> AOSP </th> 748 <th></th> 749 </tr> 750 <tr> 751 <td>CVE-2017-0421</td> 752 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336"> 753 A-32555637</a></td> 754 <td></td> 755 <td></td> 756 <td>5.0.25.1.16.06.0.17.07.1.1</td> 757 <td>Google </td> 758 </tr> 759 </table> 760 761 762 <h3 id="dos-in-bionic-dns">Bionic DNS </h3> 763 <p> 764 Bionic DNS 765 766 </p> 767 768 <table> 769 <col width="18%"> 770 <col width="17%"> 771 <col width="10%"> 772 <col width="19%"> 773 <col width="18%"> 774 <col width="17%"> 775 <tr> 776 <th>CVE</th> 777 <th></th> 778 <th></th> 779 <th> Google </th> 780 <th> AOSP </th> 781 <th></th> 782 </tr> 783 <tr> 784 <td>CVE-2017-0422</td> 785 <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d"> 786 A-32322088</a></td> 787 <td></td> 788 <td></td> 789 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 790 <td>2016 10 20 </td> 791 </tr> 792 </table> 793 794 795 <h3 id="eop-in-bluetooth"></h3> 796 <p> 797 798 </p> 799 800 <table> 801 <col width="18%"> 802 <col width="17%"> 803 <col width="10%"> 804 <col width="19%"> 805 <col width="18%"> 806 <col width="17%"> 807 <tr> 808 <th>CVE</th> 809 <th></th> 810 <th></th> 811 <th> Google </th> 812 <th> AOSP </th> 813 <th></th> 814 </tr> 815 <tr> 816 <td>CVE-2017-0423</td> 817 <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083"> 818 A-32612586</a></td> 819 <td></td> 820 <td></td> 821 <td>5.0.25.1.16.06.0.17.07.1.1</td> 822 <td>2016 11 2 </td> 823 </tr> 824 </table> 825 826 827 <h3 id="id-in-aosp-messaging-2">AOSP Messaging </h3> 828 <p> 829 AOSP Messaging 830 </p> 831 832 <table> 833 <col width="18%"> 834 <col width="17%"> 835 <col width="10%"> 836 <col width="19%"> 837 <col width="18%"> 838 <col width="17%"> 839 <tr> 840 <th>CVE</th> 841 <th></th> 842 <th></th> 843 <th> Google </th> 844 <th> AOSP </th> 845 <th></th> 846 </tr> 847 <tr> 848 <td>CVE-2017-0424</td> 849 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc"> 850 A-32322450</a></td> 851 <td></td> 852 <td></td> 853 <td>6.06.0.17.07.1.1</td> 854 <td>2016 10 20 </td> 855 </tr> 856 </table> 857 858 859 <h3 id="id-in-audioserver"></h3> 860 <p> 861 862 </p> 863 864 <table> 865 <col width="18%"> 866 <col width="17%"> 867 <col width="10%"> 868 <col width="19%"> 869 <col width="18%"> 870 <col width="17%"> 871 <tr> 872 <th>CVE</th> 873 <th></th> 874 <th></th> 875 <th> Google </th> 876 <th> AOSP </th> 877 <th></th> 878 </tr> 879 <tr> 880 <td>CVE-2017-0425</td> 881 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff"> 882 A-32720785</a></td> 883 <td></td> 884 <td></td> 885 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 886 <td>2016 11 7 </td> 887 </tr> 888 </table> 889 890 891 <h3 id="id-in-filesystem"></h3> 892 <p> 893 894 </p> 895 896 <table> 897 <col width="18%"> 898 <col width="17%"> 899 <col width="10%"> 900 <col width="19%"> 901 <col width="18%"> 902 <col width="17%"> 903 <tr> 904 <th>CVE</th> 905 <th></th> 906 <th></th> 907 <th> Google </th> 908 <th> AOSP </th> 909 <th></th> 910 </tr> 911 <tr> 912 <td>CVE-2017-0426</td> 913 <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a"> 914 A-32799236</a> 915 [<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td> 916 <td></td> 917 <td></td> 918 <td>7.07.1.1</td> 919 <td>Google </td> 920 </tr> 921 </table> 922 923 924 <h2 id="2017-02-05-details">2017-02-05 </h2> 925 <p> 926 <a href="#2017-02-05-summary">2017-02-05 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 927 928 929 <h3 id="rce-in-qualcomm-crypto-driver">Qualcomm </h3> 930 <p> 931 Qualcomm 932 </p> 933 934 <table> 935 <col width="19%"> 936 <col width="20%"> 937 <col width="10%"> 938 <col width="23%"> 939 <col width="17%"> 940 <tr> 941 <th>CVE</th> 942 <th></th> 943 <th></th> 944 <th> Google </th> 945 <th></th> 946 </tr> 947 <tr> 948 <td>CVE-2016-8418</td> 949 <td>A-32652894<br> 950 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f"> 951 QC-CR#1077457</a></td> 952 <td></td> 953 <td>*</td> 954 <td>2016 10 10 </td> 955 </tr> 956 </table> 957 <p> 958 * Android 7.0 Google () 959 </p> 960 961 962 <h3 id="eop-in-kernel-file-system"></h3> 963 <p> 964 (Re-flash) 965 </p> 966 967 <table> 968 <col width="19%"> 969 <col width="20%"> 970 <col width="10%"> 971 <col width="23%"> 972 <col width="17%"> 973 <tr> 974 <th>CVE</th> 975 <th></th> 976 <th></th> 977 <th> Google </th> 978 <th></th> 979 </tr> 980 <tr> 981 <td>CVE-2017-0427</td> 982 <td>A-31495866*</td> 983 <td></td> 984 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 985 <td>2016 9 13 </td> 986 </tr> 987 </table> 988 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 989 </p> 990 991 992 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 993 <p> 994 NVIDIA GPU (Re-flash) 995 </p> 996 997 <table> 998 <col width="19%"> 999 <col width="20%"> 1000 <col width="10%"> 1001 <col width="23%"> 1002 <col width="17%"> 1003 <tr> 1004 <th>CVE</th> 1005 <th></th> 1006 <th></th> 1007 <th> Google </th> 1008 <th></th> 1009 </tr> 1010 <tr> 1011 <td>CVE-2017-0428</td> 1012 <td>A-32401526*<br> 1013 N-CVE-2017-0428</td> 1014 <td></td> 1015 <td>Nexus 9</td> 1016 <td>2016 10 25 </td> 1017 </tr> 1018 <tr> 1019 <td>CVE-2017-0429</td> 1020 <td>A-32636619*<br> 1021 N-CVE-2017-0429</td> 1022 <td></td> 1023 <td>Nexus 9</td> 1024 <td>2016 11 3 </td> 1025 </tr> 1026 </table> 1027 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1028 </p> 1029 1030 1031 <h3 id="eop-in-kernel-networking-subsystem"></h3> 1032 <p> 1033 (Re-flash) 1034 </p> 1035 1036 <table> 1037 <col width="19%"> 1038 <col width="20%"> 1039 <col width="10%"> 1040 <col width="23%"> 1041 <col width="17%"> 1042 <tr> 1043 <th>CVE</th> 1044 <th></th> 1045 <th></th> 1046 <th> Google </th> 1047 <th></th> 1048 </tr> 1049 <tr> 1050 <td>CVE-2014-9914</td> 1051 <td>A-32882659<br> 1052 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a"> 1053 </a></td> 1054 <td></td> 1055 <td>Nexus 6Nexus Player</td> 1056 <td>2016 11 9 </td> 1057 </tr> 1058 </table> 1059 1060 1061 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1062 <p> 1063 Broadcom Wi-Fi (Re-flash) 1064 </p> 1065 1066 <table> 1067 <col width="19%"> 1068 <col width="20%"> 1069 <col width="10%"> 1070 <col width="23%"> 1071 <col width="17%"> 1072 <tr> 1073 <th>CVE</th> 1074 <th></th> 1075 <th></th> 1076 <th> Google </th> 1077 <th></th> 1078 </tr> 1079 <tr> 1080 <td>CVE-2017-0430</td> 1081 <td>A-32838767*<br> 1082 B-RB#107459</td> 1083 <td></td> 1084 <td>Nexus 6Nexus 6PNexus 9Pixel CNexus Player</td> 1085 <td>Google </td> 1086 </tr> 1087 </table> 1088 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1089 </p> 1090 1091 1092 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1093 <p> 1094 Qualcomm 2016 9 Qualcomm AMSS 1095 </p> 1096 1097 <table> 1098 <col width="19%"> 1099 <col width="20%"> 1100 <col width="10%"> 1101 <col width="23%"> 1102 <col width="17%"> 1103 <tr> 1104 <th>CVE</th> 1105 <th></th> 1106 <th>*</th> 1107 <th> Google </th> 1108 <th></th> 1109 </tr> 1110 <tr> 1111 <td>CVE-2017-0431</td> 1112 <td>A-32573899**</td> 1113 <td></td> 1114 <td>***</td> 1115 <td>Qualcomm </td> 1116 </tr> 1117 </table> 1118 <p> 1119 * 1120 </p> 1121 <p> 1122 ** Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1123 </p> 1124 <p> 1125 *** Android 7.0 Google () 1126 </p> 1127 1128 1129 <h3 id="eop-in-mediatek-driver">MediaTek </h3> 1130 <p> 1131 MediaTek 1132 </p> 1133 1134 <table> 1135 <col width="19%"> 1136 <col width="20%"> 1137 <col width="10%"> 1138 <col width="23%"> 1139 <col width="17%"> 1140 <tr> 1141 <th>CVE</th> 1142 <th></th> 1143 <th></th> 1144 <th> Google </th> 1145 <th></th> 1146 </tr> 1147 <tr> 1148 <td>CVE-2017-0432</td> 1149 <td>A-28332719*<br> 1150 M-ALPS02708925</td> 1151 <td></td> 1152 <td>**</td> 1153 <td>2016 4 21 </td> 1154 </tr> 1155 </table> 1156 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1157 </p> 1158 <p> 1159 ** Android 7.0 Google () 1160 </p> 1161 1162 1163 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1164 <p> 1165 Synaptics 1166 </p> 1167 1168 <table> 1169 <col width="19%"> 1170 <col width="20%"> 1171 <col width="10%"> 1172 <col width="23%"> 1173 <col width="17%"> 1174 <tr> 1175 <th>CVE</th> 1176 <th></th> 1177 <th></th> 1178 <th> Google </th> 1179 <th></th> 1180 </tr> 1181 <tr> 1182 <td>CVE-2017-0433</td> 1183 <td>A-31913571*</td> 1184 <td></td> 1185 <td>Nexus 6PNexus 9Android OnePixelPixel XL</td> 1186 <td>2016 9 8 </td> 1187 </tr> 1188 <tr> 1189 <td>CVE-2017-0434</td> 1190 <td>A-33001936*</td> 1191 <td></td> 1192 <td>PixelPixel XL</td> 1193 <td>2016 11 18 </td> 1194 </tr> 1195 </table> 1196 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1197 </p> 1198 1199 1200 <h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm </h3> 1201 <p> 1202 Qualcomm 1203 </p> 1204 1205 <table> 1206 <col width="19%"> 1207 <col width="20%"> 1208 <col width="10%"> 1209 <col width="23%"> 1210 <col width="17%"> 1211 <tr> 1212 <th>CVE</th> 1213 <th></th> 1214 <th></th> 1215 <th> Google </th> 1216 <th></th> 1217 </tr> 1218 <tr> 1219 <td>CVE-2016-8480</td> 1220 <td>A-31804432<br> 1221 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471"> 1222 QC-CR#1086186</a> 1223 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td> 1224 <td></td> 1225 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1226 <td>2016 9 28 </td> 1227 </tr> 1228 </table> 1229 1230 1231 <h3 id="eop-in-qualcomm-sound-driver">Qualcomm </h3> 1232 <p> 1233 Qualcomm 1234 </p> 1235 1236 <table> 1237 <col width="19%"> 1238 <col width="20%"> 1239 <col width="10%"> 1240 <col width="23%"> 1241 <col width="17%"> 1242 <tr> 1243 <th>CVE</th> 1244 <th></th> 1245 <th></th> 1246 <th> Google </th> 1247 <th></th> 1248 </tr> 1249 <tr> 1250 <td>CVE-2016-8481</td> 1251 <td>A-31906415*<br> 1252 QC-CR#1078000</td> 1253 <td></td> 1254 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1255 <td>2016 10 1 </td> 1256 </tr> 1257 <tr> 1258 <td>CVE-2017-0435</td> 1259 <td>A-31906657*<br> 1260 QC-CR#1078000</td> 1261 <td></td> 1262 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1263 <td>2016 10 1 </td> 1264 </tr> 1265 <tr> 1266 <td>CVE-2017-0436</td> 1267 <td>A-32624661*<br> 1268 QC-CR#1078000</td> 1269 <td></td> 1270 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1271 <td>2016 11 2 </td> 1272 </tr> 1273 </table> 1274 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1275 </p> 1276 1277 1278 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1279 <p> 1280 Qualcomm Wi-Fi 1281 </p> 1282 1283 <table> 1284 <col width="19%"> 1285 <col width="20%"> 1286 <col width="10%"> 1287 <col width="23%"> 1288 <col width="17%"> 1289 <tr> 1290 <th>CVE</th> 1291 <th></th> 1292 <th></th> 1293 <th> Google </th> 1294 <th></th> 1295 </tr> 1296 <tr> 1297 <td>CVE-2017-0437</td> 1298 <td>A-32402310<br> 1299 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1300 QC-CR#1092497</a></td> 1301 <td></td> 1302 <td>Nexus 5XPixelPixel XL</td> 1303 <td>2016 10 25 </td> 1304 </tr> 1305 <tr> 1306 <td>CVE-2017-0438</td> 1307 <td>A-32402604<br> 1308 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1309 QC-CR#1092497</a></td> 1310 <td></td> 1311 <td>Nexus 5XPixelPixel XL</td> 1312 <td>2016 10 25 </td> 1313 </tr> 1314 <tr> 1315 <td>CVE-2017-0439</td> 1316 <td>A-32450647<br> 1317 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61"> 1318 QC-CR#1092059</a></td> 1319 <td></td> 1320 <td>Nexus 5XPixelPixel XL</td> 1321 <td>2016 10 25 </td> 1322 </tr> 1323 <tr> 1324 <td>CVE-2016-8419</td> 1325 <td>A-32454494<br> 1326 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488"> 1327 QC-CR#1087209</a></td> 1328 <td></td> 1329 <td>Nexus 5XPixelPixel XL</td> 1330 <td>2016 10 26 </td> 1331 </tr> 1332 <tr> 1333 <td>CVE-2016-8420</td> 1334 <td>A-32451171<br> 1335 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e"> 1336 QC-CR#1087807</a></td> 1337 <td></td> 1338 <td>Nexus 5XPixelPixel XL</td> 1339 <td>2016 10 26 </td> 1340 </tr> 1341 <tr> 1342 <td>CVE-2016-8421</td> 1343 <td>A-32451104<br> 1344 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb"> 1345 QC-CR#1087797</a></td> 1346 <td></td> 1347 <td>Nexus 5XPixelPixel XL</td> 1348 <td>2016 10 26 </td> 1349 </tr> 1350 <tr> 1351 <td>CVE-2017-0440</td> 1352 <td>A-33252788<br> 1353 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268"> 1354 QC-CR#1095770</a></td> 1355 <td></td> 1356 <td>Nexus 5XPixelPixel XL</td> 1357 <td>2016 11 11 </td> 1358 </tr> 1359 <tr> 1360 <td>CVE-2017-0441</td> 1361 <td>A-32872662<br> 1362 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684"> 1363 QC-CR#1095009</a></td> 1364 <td></td> 1365 <td>Nexus 5XPixelPixel XL</td> 1366 <td>2016 11 11 </td> 1367 </tr> 1368 <tr> 1369 <td>CVE-2017-0442</td> 1370 <td>A-32871330<br> 1371 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1372 QC-CR#1092497</a></td> 1373 <td></td> 1374 <td>Nexus 5XPixelPixel XL</td> 1375 <td>2016 11 13 </td> 1376 </tr> 1377 <tr> 1378 <td>CVE-2017-0443</td> 1379 <td>A-32877494<br> 1380 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77"> 1381 QC-CR#1092497</a></td> 1382 <td></td> 1383 <td>Nexus 5XPixelPixel XL</td> 1384 <td>2016 11 13 </td> 1385 </tr> 1386 <tr> 1387 <td>CVE-2016-8476</td> 1388 <td>A-32879283<br> 1389 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799"> 1390 QC-CR#1091940</a></td> 1391 <td></td> 1392 <td>Nexus 5XPixelPixel XL</td> 1393 <td>2016 11 14 </td> 1394 </tr> 1395 </table> 1396 1397 1398 <h3 id="eop-in-realtek-sound-driver">Realtek </h3> 1399 <p> 1400 Realtek 1401 </p> 1402 1403 <table> 1404 <col width="19%"> 1405 <col width="20%"> 1406 <col width="10%"> 1407 <col width="23%"> 1408 <col width="17%"> 1409 <tr> 1410 <th>CVE</th> 1411 <th></th> 1412 <th></th> 1413 <th> Google </th> 1414 <th></th> 1415 </tr> 1416 <tr> 1417 <td>CVE-2017-0444</td> 1418 <td>A-32705232*</td> 1419 <td></td> 1420 <td>Nexus 9</td> 1421 <td>2016 11 7 </td> 1422 </tr> 1423 </table> 1424 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1425 </p> 1426 1427 1428 <h3 id="eop-in-htc-touchscreen-driver">HTC </h3> 1429 <p> 1430 HTC 1431 </p> 1432 1433 <table> 1434 <col width="19%"> 1435 <col width="20%"> 1436 <col width="10%"> 1437 <col width="23%"> 1438 <col width="17%"> 1439 <tr> 1440 <th>CVE</th> 1441 <th></th> 1442 <th></th> 1443 <th> Google </th> 1444 <th></th> 1445 </tr> 1446 <tr> 1447 <td>CVE-2017-0445</td> 1448 <td>A-32769717*</td> 1449 <td></td> 1450 <td>PixelPixel XL</td> 1451 <td>2016 11 9 </td> 1452 </tr> 1453 <tr> 1454 <td>CVE-2017-0446</td> 1455 <td>A-32917445*</td> 1456 <td></td> 1457 <td>PixelPixel XL</td> 1458 <td>2016 11 15 </td> 1459 </tr> 1460 <tr> 1461 <td>CVE-2017-0447</td> 1462 <td>A-32919560*</td> 1463 <td></td> 1464 <td>PixelPixel XL</td> 1465 <td>2016 11 15 </td> 1466 </tr> 1467 </table> 1468 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1469 </p> 1470 1471 1472 <h3 id="id-in-nvidia-video-driver">NVIDIA </h3> 1473 <p> 1474 NVIDIA 1475 </p> 1476 1477 <table> 1478 <col width="19%"> 1479 <col width="20%"> 1480 <col width="10%"> 1481 <col width="23%"> 1482 <col width="17%"> 1483 <tr> 1484 <th>CVE</th> 1485 <th></th> 1486 <th></th> 1487 <th> Google </th> 1488 <th></th> 1489 </tr> 1490 <tr> 1491 <td>CVE-2017-0448</td> 1492 <td>A-32721029*<br> 1493 N-CVE-2017-0448</td> 1494 <td></td> 1495 <td>Nexus 9</td> 1496 <td>2016 11 7 </td> 1497 </tr> 1498 </table> 1499 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1500 </p> 1501 1502 1503 <h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi </h3> 1504 <p> 1505 Broadcom Wi-Fi 1506 </p> 1507 1508 <table> 1509 <col width="19%"> 1510 <col width="20%"> 1511 <col width="10%"> 1512 <col width="23%"> 1513 <col width="17%"> 1514 <tr> 1515 <th>CVE</th> 1516 <th></th> 1517 <th></th> 1518 <th> Google </th> 1519 <th></th> 1520 </tr> 1521 <tr> 1522 <td>CVE-2017-0449</td> 1523 <td>A-31707909*<br> 1524 B-RB#32094</td> 1525 <td></td> 1526 <td>Nexus 6Nexus 6P</td> 1527 <td>2016 9 23 </td> 1528 </tr> 1529 </table> 1530 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1531 </p> 1532 1533 1534 <h3 id="eop-in-audioserver-2"></h3> 1535 <p> 1536 </p> 1537 1538 <table> 1539 <col width="19%"> 1540 <col width="20%"> 1541 <col width="10%"> 1542 <col width="23%"> 1543 <col width="17%"> 1544 <tr> 1545 <th>CVE</th> 1546 <th></th> 1547 <th></th> 1548 <th> Google </th> 1549 <th></th> 1550 </tr> 1551 <tr> 1552 <td>CVE-2017-0450</td> 1553 <td>A-32917432*</td> 1554 <td></td> 1555 <td>Nexus 9</td> 1556 <td>2016 11 15 </td> 1557 </tr> 1558 </table> 1559 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1560 </p> 1561 1562 1563 <h3 id="eop-in-kernel-file-system-2"></h3> 1564 <p> 1565 1566 </p> 1567 1568 <table> 1569 <col width="19%"> 1570 <col width="20%"> 1571 <col width="10%"> 1572 <col width="23%"> 1573 <col width="17%"> 1574 <tr> 1575 <th>CVE</th> 1576 <th></th> 1577 <th></th> 1578 <th> Google </th> 1579 <th></th> 1580 </tr> 1581 <tr> 1582 <td>CVE-2016-10044</td> 1583 <td>A-31711619*</td> 1584 <td></td> 1585 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixel CNexus PlayerPixelPixel XL</td> 1586 <td>Google </td> 1587 </tr> 1588 </table> 1589 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a> 1590 </p> 1591 1592 1593 <h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm </h3> 1594 <p> 1595 Qualcomm 1596 </p> 1597 1598 <table> 1599 <col width="19%"> 1600 <col width="20%"> 1601 <col width="10%"> 1602 <col width="23%"> 1603 <col width="17%"> 1604 <tr> 1605 <th>CVE</th> 1606 <th></th> 1607 <th></th> 1608 <th> Google </th> 1609 <th></th> 1610 </tr> 1611 <tr> 1612 <td>CVE-2016-8414</td> 1613 <td>A-31704078<br> 1614 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846"> 1615 QC-CR#1076407</a></td> 1616 <td></td> 1617 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1618 <td>2016 9 23 </td> 1619 </tr> 1620 </table> 1621 1622 1623 <h3 id="id-in-qualcomm-sound-driver">Qualcomm </h3> 1624 <p> 1625 Qualcomm 1626 </p> 1627 1628 <table> 1629 <col width="19%"> 1630 <col width="20%"> 1631 <col width="10%"> 1632 <col width="23%"> 1633 <col width="17%"> 1634 <tr> 1635 <th>CVE</th> 1636 <th></th> 1637 <th></th> 1638 <th> Google </th> 1639 <th></th> 1640 </tr> 1641 <tr> 1642 <td>CVE-2017-0451</td> 1643 <td>A-31796345<br> 1644 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e"> 1645 QC-CR#1073129</a> 1646 [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td> 1647 <td></td> 1648 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1649 <td>2016 9 27 </td> 1650 </tr> 1651 </table> 1652 1653 <h2 id="common-questions-and-answers"></h2> 1654 <p></p> 1655 <p><strong>1. </strong></p> 1656 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 1657 <ul> 1658 <li>2017 2 1 2017-02-01 </li> 1659 <li>2017 2 5 2017-02-05 1660 </li> 1661 </ul> 1662 <p></p> 1663 <ul> 1664 <li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li> 1665 <li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li> 1666 </ul> 1667 1668 <p><strong>2. </strong></p> 1669 1670 <p> Android Android Android </p> 1671 <ul> 1672 <li> 2017 1 1 </li> 1673 <li> 2017 1 5 () </li> 1674 </ul> 1675 <p></p> 1676 <p><strong>3. Google </strong></p> 1677 <p> <a href="#2017-02-01-details">2017-02-01</a> <a href="#2017-02-05-details">2017-02-05</a> Google <em></em> Google </p> 1678 <ul> 1679 <li><strong> Google </strong> Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 1680 <li><strong> Google </strong> Google Google <em></em> Google </li> 1681 <li><strong> Google </strong> Android 7.0 Google Google <em></em></li> 1682 </ul> 1683 <p><strong>4. </strong></p> 1684 <p><em></em></p> 1685 <table> 1686 <tr> 1687 <th></th> 1688 <th></th> 1689 </tr> 1690 <tr> 1691 <td>A-</td> 1692 <td>Android ID</td> 1693 </tr> 1694 <tr> 1695 <td>QC-</td> 1696 <td>Qualcomm </td> 1697 </tr> 1698 <tr> 1699 <td>M-</td> 1700 <td>MediaTek </td> 1701 </tr> 1702 <tr> 1703 <td>N-</td> 1704 <td>NVIDIA </td> 1705 </tr> 1706 <tr> 1707 <td>B-</td> 1708 <td>Broadcom </td> 1709 </tr> 1710 </table> 1711 1712 <h2 id="revisions"></h2> 1713 <ul> 1714 <li>2017 2 6 </li> 1715 <li>2017 2 8 AOSP </li> 1716 </ul> 1717 1718 </body> 1719 </html> 1720