1 <html devsite> 2 <head> 3 <title>Android 2017 3 </title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 <p><em>2017 3 6 | 2017 3 7 </em></p> 24 <p>Android Android Google OTA Google Google <a href="https://developers.google.com/android/nexus/images">Google Developers </a>2017 3 5 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 25 <p> 2017 2 6 Android (AOSP) AOSP </p> 26 <p></p> 27 <p> <a href="#mitigations">Android </a> ( <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) Android <a href="{@docRoot}security/enhancements/index.html">Android Google </a></p> 28 <p></p> 29 <h2 id="announcements"></h2> 30 <ul> 31 <li> Android Android <a href="#common-questions-and-answers"></a> 32 <ul> 33 <li><strong>2017-03-01</strong> 2017-03-01 () </li> 34 <li><strong>2017-03-05</strong> 2017-03-01 2017-03-05 () </li> 35 </ul> 36 </li> 37 <li> Google OTA 2017-03-05</li> 38 </ul> 39 <h2 id="security-vulnerability-summary"></h2> 40 <p> ID (CVE) Google <a href="{@docRoot}security/overview/updates-resources.html#severity"></a></p> 41 <h3 id="2017-03-01-summary">2017-03-01 </h3> 42 <p>2017-03-01 </p> 43 <table> 44 <col width="55%"> 45 <col width="20%"> 46 <col width="13%"> 47 <col width="12%"> 48 <tr> 49 <th></th> 50 <th>CVE</th> 51 <th></th> 52 <th> Google </th> 53 </tr> 54 <tr> 55 <td>OpenSSL BoringSSL </td> 56 <td>CVE-2016-2182</td> 57 <td></td> 58 <td></td> 59 </tr> 60 <tr> 61 <td></td> 62 <td>CVE-2017-0466CVE-2017-0467CVE-2017-0468CVE-2017-0469CVE-2017-0470CVE-2017-0471CVE-2017-0472CVE-2017-0473CVE-2017-0474</td> 63 <td></td> 64 <td></td> 65 </tr> 66 <tr> 67 <td></td> 68 <td>CVE-2017-0475</td> 69 <td></td> 70 <td></td> 71 </tr> 72 <tr> 73 <td>AOSP Messaging </td> 74 <td>CVE-2017-0476</td> 75 <td></td> 76 <td></td> 77 </tr> 78 <tr> 79 <td>libgdx </td> 80 <td>CVE-2017-0477</td> 81 <td></td> 82 <td></td> 83 </tr> 84 <tr> 85 <td>Framesequence </td> 86 <td>CVE-2017-0478</td> 87 <td></td> 88 <td></td> 89 </tr> 90 <tr> 91 <td>NFC </td> 92 <td>CVE-2017-0481</td> 93 <td></td> 94 <td></td> 95 </tr> 96 <tr> 97 <td></td> 98 <td>CVE-2017-0479CVE-2017-0480</td> 99 <td></td> 100 <td></td> 101 </tr> 102 <tr> 103 <td></td> 104 <td>CVE-2017-0482CVE-2017-0483CVE-2017-0484CVE-2017-0485CVE-2017-0486CVE-2017-0487CVE-2017-0488</td> 105 <td></td> 106 <td></td> 107 </tr> 108 <tr> 109 <td></td> 110 <td>CVE-2017-0489</td> 111 <td></td> 112 <td></td> 113 </tr> 114 <tr> 115 <td>Wi-Fi </td> 116 <td>CVE-2017-0490</td> 117 <td></td> 118 <td></td> 119 </tr> 120 <tr> 121 <td></td> 122 <td>CVE-2017-0491</td> 123 <td></td> 124 <td></td> 125 </tr> 126 <tr> 127 <td></td> 128 <td>CVE-2017-0492</td> 129 <td></td> 130 <td></td> 131 </tr> 132 <tr> 133 <td>AOSP Messaging </td> 134 <td>CVE-2017-0494</td> 135 <td></td> 136 <td></td> 137 </tr> 138 <tr> 139 <td></td> 140 <td>CVE-2017-0495</td> 141 <td></td> 142 <td></td> 143 </tr> 144 <tr> 145 <td></td> 146 <td>CVE-2017-0496</td> 147 <td></td> 148 <td></td> 149 </tr> 150 <tr> 151 <td></td> 152 <td>CVE-2017-0497</td> 153 <td></td> 154 <td></td> 155 </tr> 156 <tr> 157 <td></td> 158 <td>CVE-2017-0498</td> 159 <td></td> 160 <td>*</td> 161 </tr> 162 <tr> 163 <td></td> 164 <td>CVE-2017-0499</td> 165 <td></td> 166 <td></td> 167 </tr> 168 </table> 169 <p>* Android 7.0 Google ()</p> 170 <h3 id="2017-03-05-summary">2017-03-05 </h3> 171 <p>2017-03-05 2017-03-01 </p> 172 <table> 173 <col width="55%"> 174 <col width="20%"> 175 <col width="13%"> 176 <col width="12%"> 177 <tr> 178 <th></th> 179 <th>CVE</th> 180 <th></th> 181 <th> Google </th> 182 </tr> 183 <tr> 184 <td>MediaTek </td> 185 <td>CVE-2017-0500CVE-2017-0501CVE-2017-0502CVE-2017-0503CVE-2017-0504CVE-2017-0505CVE-2017-0506</td> 186 <td></td> 187 <td>*</td> 188 </tr> 189 <tr> 190 <td>NVIDIA GPU </td> 191 <td>CVE-2017-0337CVE-2017-0338CVE-2017-0333CVE-2017-0306CVE-2017-0335</td> 192 <td></td> 193 <td></td> 194 </tr> 195 <tr> 196 <td> ION </td> 197 <td>CVE-2017-0507CVE-2017-0508</td> 198 <td></td> 199 <td></td> 200 </tr> 201 <tr> 202 <td>Broadcom Wi-Fi </td> 203 <td>CVE-2017-0509</td> 204 <td></td> 205 <td>*</td> 206 </tr> 207 <tr> 208 <td> FIQ </td> 209 <td>CVE-2017-0510</td> 210 <td></td> 211 <td></td> 212 </tr> 213 <tr> 214 <td>Qualcomm GPU </td> 215 <td>CVE-2016-8479</td> 216 <td></td> 217 <td></td> 218 </tr> 219 <tr> 220 <td></td> 221 <td>CVE-2016-9806CVE-2016-10200</td> 222 <td></td> 223 <td></td> 224 </tr> 225 <tr> 226 <td>Qualcomm </td> 227 <td>CVE-2016-8484CVE-2016-8485CVE-2016-8486CVE-2016-8487CVE-2016-8488</td> 228 <td></td> 229 <td>*</td> 230 </tr> 231 <tr> 232 <td></td> 233 <td>CVE-2016-8655CVE-2016-9793</td> 234 <td></td> 235 <td></td> 236 </tr> 237 <tr> 238 <td>Qualcomm </td> 239 <td>CVE-2017-0516</td> 240 <td></td> 241 <td></td> 242 </tr> 243 <tr> 244 <td>MediaTek </td> 245 <td>CVE-2017-0517</td> 246 <td></td> 247 <td>*</td> 248 </tr> 249 <tr> 250 <td>Qualcomm ADSPRPC </td> 251 <td>CVE-2017-0457</td> 252 <td></td> 253 <td></td> 254 </tr> 255 <tr> 256 <td>Qualcomm </td> 257 <td>CVE-2017-0518CVE-2017-0519</td> 258 <td></td> 259 <td></td> 260 </tr> 261 <tr> 262 <td>Qualcomm </td> 263 <td>CVE-2017-0520</td> 264 <td></td> 265 <td></td> 266 </tr> 267 <tr> 268 <td>Qualcomm </td> 269 <td>CVE-2017-0458CVE-2017-0521</td> 270 <td></td> 271 <td></td> 272 </tr> 273 <tr> 274 <td>MediaTek APK </td> 275 <td>CVE-2017-0522</td> 276 <td></td> 277 <td>*</td> 278 </tr> 279 <tr> 280 <td>Qualcomm Wi-Fi </td> 281 <td>CVE-2017-0464CVE-2017-0453CVE-2017-0523</td> 282 <td></td> 283 <td></td> 284 </tr> 285 <tr> 286 <td>Synaptics </td> 287 <td>CVE-2017-0524</td> 288 <td></td> 289 <td></td> 290 </tr> 291 <tr> 292 <td>Qualcomm IPA </td> 293 <td>CVE-2017-0456CVE-2017-0525</td> 294 <td></td> 295 <td></td> 296 </tr> 297 <tr> 298 <td>HTC </td> 299 <td>CVE-2017-0526CVE-2017-0527</td> 300 <td></td> 301 <td></td> 302 </tr> 303 <tr> 304 <td>NVIDIA GPU </td> 305 <td>CVE-2017-0307</td> 306 <td></td> 307 <td>*</td> 308 </tr> 309 <tr> 310 <td>Qualcomm </td> 311 <td>CVE-2017-0463CVE-2017-0460</td> 312 <td></td> 313 <td></td> 314 </tr> 315 <tr> 316 <td></td> 317 <td>CVE-2017-0528</td> 318 <td></td> 319 <td></td> 320 </tr> 321 <tr> 322 <td>Qualcomm SPCom </td> 323 <td>CVE-2016-5856CVE-2016-5857</td> 324 <td></td> 325 <td>*</td> 326 </tr> 327 <tr> 328 <td></td> 329 <td>CVE-2014-8709</td> 330 <td></td> 331 <td></td> 332 </tr> 333 <tr> 334 <td>MediaTek </td> 335 <td>CVE-2017-0529</td> 336 <td></td> 337 <td>*</td> 338 </tr> 339 <tr> 340 <td>Qualcomm </td> 341 <td>CVE-2017-0455</td> 342 <td></td> 343 <td></td> 344 </tr> 345 <tr> 346 <td>Qualcomm </td> 347 <td>CVE-2016-8483</td> 348 <td></td> 349 <td></td> 350 </tr> 351 <tr> 352 <td>NVIDIA GPU </td> 353 <td>CVE-2017-0334CVE-2017-0336</td> 354 <td></td> 355 <td></td> 356 </tr> 357 <tr> 358 <td></td> 359 <td>CVE-2016-8650</td> 360 <td></td> 361 <td></td> 362 </tr> 363 <tr> 364 <td>Qualcomm ()</td> 365 <td>CVE-2016-8417</td> 366 <td></td> 367 <td></td> 368 </tr> 369 <tr> 370 <td>Qualcomm Wi-Fi </td> 371 <td>CVE-2017-0461CVE-2017-0459CVE-2017-0531</td> 372 <td></td> 373 <td></td> 374 </tr> 375 <tr> 376 <td>MediaTek </td> 377 <td>CVE-2017-0532</td> 378 <td></td> 379 <td>*</td> 380 </tr> 381 <tr> 382 <td>Qualcomm </td> 383 <td>CVE-2017-0533CVE-2017-0534CVE-2016-8416CVE-2016-8478</td> 384 <td></td> 385 <td></td> 386 </tr> 387 <tr> 388 <td>Qualcomm </td> 389 <td>CVE-2016-8413CVE-2016-8477</td> 390 <td></td> 391 <td></td> 392 </tr> 393 <tr> 394 <td>HTC </td> 395 <td>CVE-2017-0535</td> 396 <td></td> 397 <td></td> 398 </tr> 399 <tr> 400 <td>Synaptics </td> 401 <td>CVE-2017-0536</td> 402 <td></td> 403 <td></td> 404 </tr> 405 <tr> 406 <td> USB </td> 407 <td>CVE-2017-0537</td> 408 <td></td> 409 <td></td> 410 </tr> 411 <tr> 412 <td>Qualcomm </td> 413 <td>CVE-2017-0452</td> 414 <td></td> 415 <td></td> 416 </tr> 417 </table> 418 <p>* Android 7.0 Google ()</p> 419 <h2 id="mitigations">Android Google </h2> 420 <p> <a href="{@docRoot}security/enhancements/index.html">Android </a> SafetyNet Android </p> 421 <ul> 422 <li>Android Android Android</li> 423 <li>Android <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf"> SafetyNet</a> <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf"></a> <a href="http://www.android.com/gms">Google </a> Google Play Google Play Root Root () </li> 424 <li>Google Hangouts Messenger </li> 425 </ul> 426 <h2 id="acknowledgements"></h2> 427 <p></p> 428 <ul> 429 <li>Google Alexander PotapenkoCVE-2017-0537<li> Baozeng DingChengming YangPeng Xiao Yang SongCVE-2017-0506<li> Baozeng DingNing YouChengming YangPeng Xiao Yang SongCVE-2017-0463<li>Android Billy LauCVE-2017-0335CVE-2017-0336CVE-2017-0338CVE-2017-0460<li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>)CVE-2016-8413CVE-2016-8477CVE-2017-0531<li><a href="mailto:derrek.haxx (a] gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) <a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2017-0521<li> (<a href="https://twitter.com/returnsme">@keen_lab</a>) Di Shen (<a href="https://twitter.com/keen_lab">@returnsme</a>)CVE-2017-0334CVE-2017-0456CVE-2017-0457CVE-2017-0525<li><a href="http://www.ms509.com">MS509Team</a> En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) Bo LiuCVE-2017-0490<li> 360 IceSword Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) <a href="http://weibo.com/jfpan">pjf</a>CVE-2017-0500CVE-2017-0501CVE-2017-0502CVE-2017-0503CVE-2017-0509CVE-2017-0524CVE-2017-0529CVE-2017-0536<li> 360 Alpha Hao Chen Guang GongCVE-2017-0453CVE-2017-0461CVE-2017-0464<li>Sony Mobile Communications Inc. Hiroki Yamamoto Fang ChenCVE-2017-0481<li>IBM X-Force Sagi Kedmi Roee HayCVE-2017-0510<li><a href="https://skyeye.360safe.com"> 360 Skyeye </a> Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>)CVE-2017-0478<li> 360 IceSword Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) <a href="http://weibo.com/jfpan ">pjf</a>CVE-2016-8416CVE-2016-8478CVE-2017-0458CVE-2017-0459CVE-2017-0518CVE-2017-0519CVE-2017-0533CVE-2017-0534<li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:zlbzlb815 (a] 163.com">Lubo Zhang</a><a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a> Xuxian JiangCVE-2016-8479<li>Google Makoto OnukiCVE-2017-0491<li><a href="http://c0reteam.org">C0RE </a> Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)<a href="mailto:arnow117 (a] gmail.com">Hanxiang Wen</a> Xuxian JiangCVE-2017-0479CVE-2017-0480<li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2017-0535<li>Tesla Motors Product Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)CVE-2017-0306<li> Pengfei Ding ()Chenfu Bao () Lenx Wei ()CVE-2016-8417<li> Qidan He () (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)CVE-2017-0337CVE-2017-0476<li> 360 Qing Zhang (SIT) Guangdong BaiCVE-2017-0496<li> Quhe wanchouchouCVE-2017-0522<li>DarkMatter <a href="mailto:keun-o.park (a] darkmatter.ae">Sahara</a>CVE-2017-0528<li> Shellphish Grill salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>)CVE-2017-0505<li><a href="mailto:sbauer (a] plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)CVE-2017-0504CVE-2017-0516<li>Sean Beaupre (beaups)CVE-2017-0455<li> Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)CVE-2017-0452<li> Shinichi MatsumotoCVE-2017-0498<li><a href="http://www.byterev.com">ByteRev</a> <a href="mailto:smarques84 (a] gmail.com">Stphane Marques</a>CVE-2017-0489<li>Google Svetoslav GanovCVE-2017-0492<li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:segfault5514 (a] gmail.com">Tong Lin</a><a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a> Xuxian JiangCVE-2017-0333<li><a href="http://www.trendmicro.com"></a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile"></a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)CVE-2017-0466CVE-2017-0467CVE-2017-0468CVE-2017-0469CVE-2017-0470CVE-2017-0471CVE-2017-0472CVE-2017-0473CVE-2017-0482CVE-2017-0485CVE-2017-0486CVE-2017-0487CVE-2017-0494CVE-2017-0495<li> Wish Wu ( ) (<a href="https://twitter.com/wish_wu">@wish_wu</a>)CVE-2017-0477<li> 360 Vulpecker Yu PanCVE-2017-0517CVE-2017-0532<li><a href="http://c0reteam.org">C0RE </a> <a href="mailto:computernik (a] gmail.com">Yuan-Tsung Lo</a> Xuxian JiangCVE-2017-0526CVE-2017-0527<li><a href="http://c0reteam.org">C0RE </a> Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)<a href="mailto:vancouverdou (a] gmail.com">Wenke Dou</a><a href="mailto:shaodacheng2016 (a] gmail.com">Dacheng Shao</a>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) Xuxian JiangCVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> 430 431 <h2 id="2017-03-01-details">2017-03-01 </h2> 432 <p> <a href="#2017-03-01-summary">2017-03-01 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 433 434 435 <h3 id="rce-in-openssl-&-boringssl">OpenSSL BoringSSL </h3> 436 <p>OpenSSL BoringSSL </p> 437 438 <table> 439 <col width="18%"> 440 <col width="17%"> 441 <col width="10%"> 442 <col width="19%"> 443 <col width="18%"> 444 <col width="17%"> 445 <tr> 446 <th>CVE</th> 447 <th></th> 448 <th></th> 449 <th> Google </th> 450 <th> AOSP </th> 451 <th></th> 452 </tr> 453 <tr> 454 <td>CVE-2016-2182</td> 455 <td><a href="https://android.googlesource.com/platform/external/boringssl/+/54bf62a81586d99d0a951ca3342d569b59e69b80"> 456 A-32096880</a></td> 457 <td></td> 458 <td></td> 459 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 460 <td>2016 8 5 </td> 461 </tr> 462 </table> 463 464 465 <h3 id="rce-in-mediaserver-"></h3> 466 <p></p> 467 468 <table> 469 <col width="18%"> 470 <col width="17%"> 471 <col width="10%"> 472 <col width="19%"> 473 <col width="18%"> 474 <col width="17%"> 475 <tr> 476 <th>CVE</th> 477 <th></th> 478 <th></th> 479 <th> Google </th> 480 <th> AOSP </th> 481 <th></th> 482 </tr> 483 <tr> 484 <td>CVE-2017-0466</td> 485 <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a> 486 [<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>] 487 </td> 488 <td></td> 489 <td></td> 490 <td>6.06.0.17.07.1.1</td> 491 <td>2016 11 25 </td> 492 </tr> 493 <tr> 494 <td>CVE-2017-0467</td> 495 <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a> 496 [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] 497 </td> 498 <td></td> 499 <td></td> 500 <td>6.06.0.17.07.1.1</td> 501 <td>2016 11 30 </td> 502 </tr> 503 <tr> 504 <td>CVE-2017-0468</td> 505 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a> 506 [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] 507 </td> 508 <td></td> 509 <td></td> 510 <td>6.06.0.17.07.1.1</td> 511 <td>2016 12 5 </td> 512 </tr> 513 <tr> 514 <td>CVE-2017-0469</td> 515 <td><a href="https://android.googlesource.com/platform/external/libavc/+/21851eaecc814be709cb0c20f732cb858cfe1440"> 516 A-33450635</a></td> 517 <td></td> 518 <td></td> 519 <td>6.06.0.17.07.1.1</td> 520 <td>2016 12 8 </td> 521 </tr> 522 <tr> 523 <td>CVE-2017-0470</td> 524 <td><a href="https://android.googlesource.com/platform/external/libavc/+/6aac82003d665708b4e21e9b91693b642e2fa64f"> 525 A-33818500</a></td> 526 <td></td> 527 <td></td> 528 <td>6.06.0.17.07.1.1</td> 529 <td>2016 12 21 </td> 530 </tr> 531 <tr> 532 <td>CVE-2017-0471</td> 533 <td><a href="https://android.googlesource.com/platform/external/libavc/+/4a61d15e7b0ab979ba7e80db8ddbde025c1ce6cc"> 534 A-33816782</a></td> 535 <td></td> 536 <td></td> 537 <td>6.06.0.17.07.1.1</td> 538 <td>2016 12 21 </td> 539 </tr> 540 <tr> 541 <td>CVE-2017-0472</td> 542 <td><a href="https://android.googlesource.com/platform/external/libhevc/+/dfa7251ff270ae7e12a019e6735542e36b2a47e0"> 543 A-33862021</a></td> 544 <td></td> 545 <td></td> 546 <td>6.06.0.17.07.1.1</td> 547 <td>2016 12 23 </td> 548 </tr> 549 <tr> 550 <td>CVE-2017-0473</td> 551 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0a4463e2beddb8290e05ad552e48b17686f854ce"> 552 A-33982658</a></td> 553 <td></td> 554 <td></td> 555 <td>6.06.0.17.07.1.1</td> 556 <td>2016 12 30 </td> 557 </tr> 558 <tr> 559 <td>CVE-2017-0474</td> 560 <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6f5927de29337fa532c64d0ef8c7cb68f7c89889"> 561 A-32589224</a></td> 562 <td></td> 563 <td></td> 564 <td>7.07.1.1</td> 565 <td>Google </td> 566 </tr> 567 </table> 568 569 <h3 id="eop-in-recovery-verifier"></h3> 570 <p> (Re-flash) </p> 571 572 <table> 573 <col width="18%"> 574 <col width="17%"> 575 <col width="10%"> 576 <col width="19%"> 577 <col width="18%"> 578 <col width="17%"> 579 <tr> 580 <th>CVE</th> 581 <th></th> 582 <th></th> 583 <th> Google </th> 584 <th> AOSP </th> 585 <th></th> 586 </tr> 587 <tr> 588 <td>CVE-2017-0475</td> 589 <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/2c6c23f651abb3d215134dfba463eb72a5e9f8eb"> 590 A-31914369</a></td> 591 <td></td> 592 <td></td> 593 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 594 <td>2016 10 2 </td> 595 </tr> 596 </table> 597 598 599 <h3 id="rce-in-aosp-messaging">AOSP Messaging </h3> 600 <p>AOSP Messaging </p> 601 602 <table> 603 <col width="18%"> 604 <col width="17%"> 605 <col width="10%"> 606 <col width="19%"> 607 <col width="18%"> 608 <col width="17%"> 609 <tr> 610 <th>CVE</th> 611 <th></th> 612 <th></th> 613 <th> Google </th> 614 <th> AOSP </th> 615 <th></th> 616 </tr> 617 <tr> 618 <td>CVE-2017-0476</td> 619 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/8ba22b48ebff50311d7eaa8d512f9d507f0bdd0d"> 620 A-33388925</a></td> 621 <td></td> 622 <td></td> 623 <td>6.06.0.17.07.1.1</td> 624 <td>2016 12 6 </td> 625 </tr> 626 </table> 627 628 629 <h3 id="rce-in-libgdx">libgdx </h3> 630 <p>libgdx </p> 631 632 <table> 633 <col width="18%"> 634 <col width="17%"> 635 <col width="10%"> 636 <col width="19%"> 637 <col width="18%"> 638 <col width="17%"> 639 <tr> 640 <th>CVE</th> 641 <th></th> 642 <th></th> 643 <th> Google </th> 644 <th> AOSP </th> 645 <th></th> 646 </tr> 647 <tr> 648 <td>CVE-2017-0477</td> 649 <td><a href="https://android.googlesource.com/platform/external/libgdx/+/fba04a52f43315cdb7dd38766822af0324eab7c5"> 650 A-33621647</a></td> 651 <td></td> 652 <td></td> 653 <td>7.1.1</td> 654 <td>2016 12 14 </td> 655 </tr> 656 </table> 657 658 659 <h3 id="rce-in-framesequence-library">Framesequence </h3> 660 <p>Framesequence Framesequence </p> 661 662 <table> 663 <col width="18%"> 664 <col width="17%"> 665 <col width="10%"> 666 <col width="19%"> 667 <col width="18%"> 668 <col width="17%"> 669 <tr> 670 <th>CVE</th> 671 <th></th> 672 <th></th> 673 <th> Google </th> 674 <th> AOSP </th> 675 <th></th> 676 </tr> 677 <tr> 678 <td>CVE-2017-0478</td> 679 <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7c824f17b3eea976ca58be7ea097cb807126f73b"> 680 A-33718716</a></td> 681 <td></td> 682 <td></td> 683 <td>5.0.25.1.16.06.0.17.07.1.1</td> 684 <td>2016 12 16 </td> 685 </tr> 686 </table> 687 688 <h3 id="eop-in-nfc">NFC </h3> 689 <p>NFC </p> 690 691 <table> 692 <col width="18%"> 693 <col width="17%"> 694 <col width="10%"> 695 <col width="19%"> 696 <col width="18%"> 697 <col width="17%"> 698 <tr> 699 <th>CVE</th> 700 <th></th> 701 <th></th> 702 <th> Google </th> 703 <th> AOSP </th> 704 <th></th> 705 </tr> 706 <tr> 707 <td>CVE-2017-0481</td> 708 <td><a href="https://android.googlesource.com/platform/external/libnfc-nci/+/c67cc6ad2addddcb7185a33b08d27290ce54e350"> 709 A-33434992</a></td> 710 <td></td> 711 <td></td> 712 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 713 <td>2016 11 6 </td> 714 </tr> 715 </table> 716 717 <h3 id="eop-in-audioserver"></h3> 718 <p></p> 719 720 <table> 721 <col width="18%"> 722 <col width="17%"> 723 <col width="10%"> 724 <col width="19%"> 725 <col width="18%"> 726 <col width="17%"> 727 <tr> 728 <th>CVE</th> 729 <th></th> 730 <th></th> 731 <th> Google </th> 732 <th> AOSP </th> 733 <th></th> 734 </tr> 735 <tr> 736 <td>CVE-2017-0479</td> 737 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> 738 A-32707507</a> 739 [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] 740 </td> 741 <td></td> 742 <td></td> 743 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 744 <td>2016 11 7 </td> 745 </tr> 746 <tr> 747 <td>CVE-2017-0480</td> 748 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> 749 A-32705429</a> 750 [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] 751 </td> 752 <td></td> 753 <td></td> 754 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 755 <td>2016 11 7 </td> 756 </tr> 757 </table> 758 759 760 <h3 id="dos-in-mediaserver"></h3> 761 <p></p> 762 763 <table> 764 <col width="18%"> 765 <col width="17%"> 766 <col width="10%"> 767 <col width="19%"> 768 <col width="18%"> 769 <col width="17%"> 770 <tr> 771 <th>CVE</th> 772 <th></th> 773 <th></th> 774 <th> Google </th> 775 <th> AOSP </th> 776 <th></th> 777 </tr> 778 <tr> 779 <td>CVE-2017-0482</td> 780 <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c"> 781 A-33090864</a> 782 [<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>] 783 [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>] 784 [<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>] 785 [<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>] 786 [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td> 787 <td></td> 788 <td></td> 789 <td>6.06.0.17.07.1.1</td> 790 <td>2016 11 22 </td> 791 </tr> 792 <tr> 793 <td>CVE-2017-0483</td> 794 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976"> 795 A-33137046</a> 796 [<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td> 797 <td></td> 798 <td></td> 799 <td>5.0.25.1.16.06.0.17.07.1.1</td> 800 <td>2016 11 24 </td> 801 </tr> 802 <tr> 803 <td>CVE-2017-0484</td> 804 <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7"> 805 A-33298089</a> 806 [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a>]</td> 807 <td></td> 808 <td></td> 809 <td>6.06.0.17.07.1.1</td> 810 <td>2016 12 1 </td> 811 </tr> 812 <tr> 813 <td>CVE-2017-0485</td> 814 <td><a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36"> 815 A-33387820</a></td> 816 <td></td> 817 <td></td> 818 <td>6.06.0.17.07.1.1</td> 819 <td>2016 12 6 </td> 820 </tr> 821 <tr> 822 <td>CVE-2017-0486</td> 823 <td><a href="https://android.googlesource.com/platform/external/libavc/+/19814b7ad4ea6f0cc4cab34e50ebab2e180fc269"> 824 A-33621215</a></td> 825 <td></td> 826 <td></td> 827 <td>6.06.0.17.07.1.1</td> 828 <td>2016 12 14 </td> 829 </tr> 830 <tr> 831 <td>CVE-2017-0487</td> 832 <td><a href="https://android.googlesource.com/platform/external/libavc/+/aa78b96e842fc1fb70a18acff22be35c7a715b23"> 833 A-33751193</a></td> 834 <td></td> 835 <td></td> 836 <td>6.06.0.17.07.1.1</td> 837 <td>2016 12 19 </td> 838 </tr> 839 <tr> 840 <td>CVE-2017-0488</td> 841 <td><a href="https://android.googlesource.com/platform/external/libavc/+/0340381cd8c220311fd4fe2e8b23e1534657e399"> 842 A-34097213</a></td> 843 <td></td> 844 <td></td> 845 <td>6.06.0.17.07.1.1</td> 846 <td>Google </td> 847 </tr> 848 </table> 849 850 <h3 id="eop-in-location-manager"></h3> 851 <p></p> 852 853 <table> 854 <col width="18%"> 855 <col width="17%"> 856 <col width="10%"> 857 <col width="19%"> 858 <col width="18%"> 859 <col width="17%"> 860 <tr> 861 <th>CVE</th> 862 <th></th> 863 <th></th> 864 <th> Google </th> 865 <th> AOSP </th> 866 <th></th> 867 </tr> 868 <tr> 869 <td>CVE-2017-0489</td> 870 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d22261fef84481651e12995062105239d551cbc6"> 871 A-33091107</a></td> 872 <td></td> 873 <td></td> 874 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 875 <td>2016 11 20 </td> 876 </tr> 877 </table> 878 879 880 <h3 id="eop-in-wi-fi">Wi-Fi </h3> 881 <p>Wi-Fi ()</p> 882 883 <table> 884 <col width="18%"> 885 <col width="17%"> 886 <col width="10%"> 887 <col width="19%"> 888 <col width="18%"> 889 <col width="17%"> 890 <tr> 891 <th>CVE</th> 892 <th></th> 893 <th></th> 894 <th> Google </th> 895 <th> AOSP </th> 896 <th></th> 897 </tr> 898 <tr> 899 <td>CVE-2017-0490</td> 900 <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95"> 901 A-33178389</a> 902 [<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>] 903 [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>] 904 </td> 905 <td></td> 906 <td></td> 907 <td>6.06.0.17.07.1.1</td> 908 <td>2016 11 25 </td> 909 </tr> 910 </table> 911 912 913 <h3 id="eop-in-package-manager"></h3> 914 <p></p> 915 916 <table> 917 <col width="18%"> 918 <col width="17%"> 919 <col width="10%"> 920 <col width="19%"> 921 <col width="18%"> 922 <col width="17%"> 923 <tr> 924 <th>CVE</th> 925 <th></th> 926 <th></th> 927 <th> Google </th> 928 <th> AOSP </th> 929 <th></th> 930 </tr> 931 <tr> 932 <td>CVE-2017-0491</td> 933 <td><a href="https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/5c49b6bf732c88481466dea341917b8604ce53fa"> 934 A-32553261</a> 935 </td> 936 <td></td> 937 <td></td> 938 <td>4.4.45.0.25.1.16.06.0.17.07.1.1</td> 939 <td>Google </td> 940 </tr> 941 </table> 942 943 944 <h3 id="eop-in-system-ui"></h3> 945 <p> ()</p> 946 947 <table> 948 <col width="18%"> 949 <col width="17%"> 950 <col width="10%"> 951 <col width="19%"> 952 <col width="18%"> 953 <col width="17%"> 954 <tr> 955 <th>CVE</th> 956 <th></th> 957 <th></th> 958 <th> Google </th> 959 <th> AOSP </th> 960 <th></th> 961 </tr> 962 <tr> 963 <td>CVE-2017-0492</td> 964 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/f4bed684c939b0f8809ef404b8609fe4ef849263"> 965 A-30150688</a> 966 </td> 967 <td></td> 968 <td></td> 969 <td>7.1.1</td> 970 <td>Google </td> 971 </tr> 972 </table> 973 974 975 <h3 id="id-in-aosp-messaging">AOSP Messaging </h3> 976 <p>AOSP Messaging </p> 977 978 <table> 979 <col width="18%"> 980 <col width="17%"> 981 <col width="10%"> 982 <col width="19%"> 983 <col width="18%"> 984 <col width="17%"> 985 <tr> 986 <th>CVE</th> 987 <th></th> 988 <th></th> 989 <th> Google </th> 990 <th> AOSP </th> 991 <th></th> 992 </tr> 993 <tr> 994 <td>CVE-2017-0494</td> 995 <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/3f9821128abd66c4cd2f040d8243efb334bfad2d"> 996 A-32764144</a></td> 997 <td></td> 998 <td></td> 999 <td>6.06.0.17.07.1.1</td> 1000 <td>2016 11 9 </td> 1001 </tr> 1002 </table> 1003 1004 1005 <h3 id="id-in-mediaserver"></h3> 1006 <p></p> 1007 1008 <table> 1009 <col width="18%"> 1010 <col width="17%"> 1011 <col width="10%"> 1012 <col width="19%"> 1013 <col width="18%"> 1014 <col width="17%"> 1015 <tr> 1016 <th>CVE</th> 1017 <th></th> 1018 <th></th> 1019 <th> Google </th> 1020 <th> AOSP </th> 1021 <th></th> 1022 </tr> 1023 <tr> 1024 <td>CVE-2017-0495</td> 1025 <td><a href="https://android.googlesource.com/platform/external/libavc/+/85c0ec4106659a11c220cd1210f8d76c33d9e2ae"> 1026 A-33552073</a></td> 1027 <td></td> 1028 <td></td> 1029 <td>6.06.0.17.07.1.1</td> 1030 <td>2016 12 11 </td> 1031 </tr> 1032 </table> 1033 1034 1035 <h3 id="dos-in-setup-wizard"></h3> 1036 <p></p> 1037 1038 <table> 1039 <col width="18%"> 1040 <col width="17%"> 1041 <col width="10%"> 1042 <col width="19%"> 1043 <col width="18%"> 1044 <col width="17%"> 1045 <tr> 1046 <th>CVE</th> 1047 <th></th> 1048 <th></th> 1049 <th> Google </th> 1050 <th> AOSP </th> 1051 <th></th> 1052 </tr> 1053 <tr> 1054 <td>CVE-2017-0496</td> 1055 <td>A-31554152*</td> 1056 <td></td> 1057 <td>**</td> 1058 <td>5.0.25.1.16.06.0.1</td> 1059 <td>2016 9 14 </td> 1060 </tr> 1061 </table> 1062 <p>* Google <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1063 <p>** Android 7.0 Google ()</p> 1064 1065 <h3 id="dos-in-mediaserver-2"></h3> 1066 <p></p> 1067 1068 <table> 1069 <col width="18%"> 1070 <col width="17%"> 1071 <col width="10%"> 1072 <col width="19%"> 1073 <col width="18%"> 1074 <col width="17%"> 1075 <tr> 1076 <th>CVE</th> 1077 <th></th> 1078 <th></th> 1079 <th> Google </th> 1080 <th> AOSP </th> 1081 <th></th> 1082 </tr> 1083 <tr> 1084 <td>CVE-2017-0497</td> 1085 <td><a href="https://android.googlesource.com/platform/external/skia/+/8888cbf8e74671d44e9ff92ec3847cd647b8cdfb"> 1086 A-33300701</a></td> 1087 <td></td> 1088 <td></td> 1089 <td>7.07.1.1</td> 1090 <td>2016 12 2 </td> 1091 </tr> 1092 </table> 1093 1094 1095 <h3 id="dos-in-setup-wizard-2"></h3> 1096 <p> Google </p> 1097 1098 <table> 1099 <col width="18%"> 1100 <col width="17%"> 1101 <col width="10%"> 1102 <col width="19%"> 1103 <col width="18%"> 1104 <col width="17%"> 1105 <tr> 1106 <th>CVE</th> 1107 <th></th> 1108 <th></th> 1109 <th> Google </th> 1110 <th> AOSP </th> 1111 <th></th> 1112 </tr> 1113 <tr> 1114 <td>CVE-2017-0498</td> 1115 <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b"> 1116 A-30352311</a> 1117 [<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>] 1118 </td> 1119 <td></td> 1120 <td></td> 1121 <td>5.1.16.06.0.17.07.1.1</td> 1122 <td>Google </td> 1123 </tr> 1124 </table> 1125 1126 1127 <h3 id="dos-in-audioserver"></h3> 1128 <p></p> 1129 1130 <table> 1131 <col width="18%"> 1132 <col width="17%"> 1133 <col width="10%"> 1134 <col width="19%"> 1135 <col width="18%"> 1136 <col width="17%"> 1137 <tr> 1138 <th>CVE</th> 1139 <th></th> 1140 <th></th> 1141 <th> Google </th> 1142 <th> AOSP </th> 1143 <th></th> 1144 </tr> 1145 <tr> 1146 <td>CVE-2017-0499</td> 1147 <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> 1148 A-32095713</a></td> 1149 <td></td> 1150 <td></td> 1151 <td>5.1.16.06.0.17.07.1.1</td> 1152 <td>2016 10 11 </td> 1153 </tr> 1154 </table> 1155 1156 1157 <h2 id="2017-03-05-details">2017-03-05 </h2> 1158 <p> <a href="#2017-03-05-summary">2017-03-05 </a> CVE Google AOSP () ID ( AOSP ) ID </p> 1159 1160 1161 <h3 id="eop-in-mediatek-components">MediaTek </h3> 1162 <p>MediaTek ( M4U GPU ) (Re-flash) </p> 1163 1164 <table> 1165 <col width="19%"> 1166 <col width="20%"> 1167 <col width="10%"> 1168 <col width="23%"> 1169 <col width="17%"> 1170 <tr> 1171 <th>CVE</th> 1172 <th></th> 1173 <th></th> 1174 <th> Google </th> 1175 <th></th> 1176 </tr> 1177 <tr> 1178 <td>CVE-2017-0500</td> 1179 <td>A-28429685*<br> 1180 M-ALPS02710006</td> 1181 <td></td> 1182 <td>**</td> 1183 <td>2016 4 27 </td> 1184 </tr> 1185 <tr> 1186 <td>CVE-2017-0501</td> 1187 <td>A-28430015*<br> 1188 M-ALPS02708983</td> 1189 <td></td> 1190 <td>**</td> 1191 <td>2016 4 27 </td> 1192 </tr> 1193 <tr> 1194 <td>CVE-2017-0502</td> 1195 <td>A-28430164*<br> 1196 M-ALPS02710027</td> 1197 <td></td> 1198 <td>**</td> 1199 <td>2016 4 27 </td> 1200 </tr> 1201 <tr> 1202 <td>CVE-2017-0503</td> 1203 <td>A-28449045*<br> 1204 M-ALPS02710075</td> 1205 <td></td> 1206 <td>**</td> 1207 <td>2016 4 28 </td> 1208 </tr> 1209 <tr> 1210 <td>CVE-2017-0504</td> 1211 <td>A-30074628*<br> 1212 M-ALPS02829371</td> 1213 <td></td> 1214 <td>**</td> 1215 <td>2016 7 9 </td> 1216 </tr> 1217 <tr> 1218 <td>CVE-2017-0505</td> 1219 <td>A-31822282*<br> 1220 M-ALPS02992041</td> 1221 <td></td> 1222 <td>**</td> 1223 <td>2016 9 28 </td> 1224 </tr> 1225 <tr> 1226 <td>CVE-2017-0506</td> 1227 <td>A-32276718*<br> 1228 M-ALPS03006904</td> 1229 <td></td> 1230 <td>**</td> 1231 <td>2016 10 18 </td> 1232 </tr> 1233 </table> 1234 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1235 <p>** Android 7.0 Google ()</p> 1236 1237 1238 <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU </h3> 1239 <p>NVIDIA GPU (Re-flash) </p> 1240 1241 <table> 1242 <col width="19%"> 1243 <col width="20%"> 1244 <col width="10%"> 1245 <col width="23%"> 1246 <col width="17%"> 1247 <tr> 1248 <th>CVE</th> 1249 <th></th> 1250 <th></th> 1251 <th> Google </th> 1252 <th></th> 1253 </tr> 1254 <tr> 1255 <td>CVE-2017-0337</td> 1256 <td>A-31992762*<br> 1257 N-CVE-2017-0337</td> 1258 <td></td> 1259 <td>Pixel C</td> 1260 <td>2016 10 6 </td> 1261 </tr> 1262 <tr> 1263 <td>CVE-2017-0338</td> 1264 <td>A-33057977*<br> 1265 N-CVE-2017-0338</td> 1266 <td></td> 1267 <td>Pixel C</td> 1268 <td>2016 11 21 </td> 1269 </tr> 1270 <tr> 1271 <td>CVE-2017-0333</td> 1272 <td>A-33899363*<br> 1273 N-CVE-2017-0333</td> 1274 <td></td> 1275 <td>Pixel C</td> 1276 <td>2016 12 25 </td> 1277 </tr> 1278 <tr> 1279 <td>CVE-2017-0306</td> 1280 <td>A-34132950*<br> 1281 N-CVE-2017-0306</td> 1282 <td></td> 1283 <td>Nexus 9</td> 1284 <td>2017 1 6 </td> 1285 </tr> 1286 <tr> 1287 <td>CVE-2017-0335</td> 1288 <td>A-33043375*<br> 1289 N-CVE-2017-0335</td> 1290 <td></td> 1291 <td>Pixel C</td> 1292 <td>Google </td> 1293 </tr> 1294 </table> 1295 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1296 1297 1298 <h3 id="eop-in-kernel-ion-subsystem"> ION </h3> 1299 <p> ION (Re-flash) </p> 1300 1301 <table> 1302 <col width="19%"> 1303 <col width="20%"> 1304 <col width="10%"> 1305 <col width="23%"> 1306 <col width="17%"> 1307 <tr> 1308 <th>CVE</th> 1309 <th></th> 1310 <th></th> 1311 <th> Google </th> 1312 <th></th> 1313 </tr> 1314 <tr> 1315 <td>CVE-2017-0507</td> 1316 <td>A-31992382*</td> 1317 <td></td> 1318 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1319 <td>2016 10 6 </td> 1320 </tr> 1321 <tr> 1322 <td>CVE-2017-0508</td> 1323 <td>A-33940449*</td> 1324 <td></td> 1325 <td>Pixel C</td> 1326 <td>2016 12 28 </td> 1327 </tr> 1328 </table> 1329 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1330 1331 1332 <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi </h3> 1333 <p>Broadcom Wi-Fi (Re-flash) </p> 1334 1335 <table> 1336 <col width="19%"> 1337 <col width="20%"> 1338 <col width="10%"> 1339 <col width="23%"> 1340 <col width="17%"> 1341 <tr> 1342 <th>CVE</th> 1343 <th></th> 1344 <th></th> 1345 <th> Google </th> 1346 <th></th> 1347 </tr> 1348 <tr> 1349 <td>CVE-2017-0509</td> 1350 <td>A-32124445*<br> 1351 B-RB#110688</td> 1352 <td></td> 1353 <td>**</td> 1354 <td>2016 10 12 </td> 1355 </tr> 1356 </table> 1357 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1358 <p>** Android 7.0 Google ()</p> 1359 1360 1361 <h3 id="eop-in-kernel-fiq-debugger"> FIQ </h3> 1362 <p> FIQ (Re-flash) </p> 1363 1364 <table> 1365 <col width="19%"> 1366 <col width="20%"> 1367 <col width="10%"> 1368 <col width="23%"> 1369 <col width="17%"> 1370 <tr> 1371 <th>CVE</th> 1372 <th></th> 1373 <th></th> 1374 <th> Google </th> 1375 <th></th> 1376 </tr> 1377 <tr> 1378 <td>CVE-2017-0510</td> 1379 <td>A-32402555*</td> 1380 <td></td> 1381 <td>Nexus 9</td> 1382 <td>2016 10 25 </td> 1383 </tr> 1384 </table> 1385 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1386 1387 1388 <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU </h3> 1389 <p>Qualcomm GPU (Re-flash) </p> 1390 1391 <table> 1392 <col width="19%"> 1393 <col width="20%"> 1394 <col width="10%"> 1395 <col width="23%"> 1396 <col width="17%"> 1397 <tr> 1398 <th>CVE</th> 1399 <th></th> 1400 <th></th> 1401 <th> Google </th> 1402 <th></th> 1403 </tr> 1404 <tr> 1405 <td>CVE-2016-8479</td> 1406 <td>A-31824853*<br> 1407 QC-CR#1093687</td> 1408 <td></td> 1409 <td>Android OneNexus 5XNexus 6Nexus 6PPixelPixel XL</td> 1410 <td>2016 9 29 </td> 1411 </tr> 1412 </table> 1413 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1414 1415 1416 <h3 id="eop-in-kernel-networking-subsystem"></h3> 1417 <p> (Re-flash) </p> 1418 1419 <table> 1420 <col width="19%"> 1421 <col width="20%"> 1422 <col width="10%"> 1423 <col width="23%"> 1424 <col width="17%"> 1425 <tr> 1426 <th>CVE</th> 1427 <th></th> 1428 <th></th> 1429 <th> Google </th> 1430 <th></th> 1431 </tr> 1432 <tr> 1433 <td>CVE-2016-9806</td> 1434 <td>A-33393474<br> 1435 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520"> 1436 </a></td> 1437 <td></td> 1438 <td>Pixel CPixelPixel XL</td> 1439 <td>2016 12 4 </td> 1440 </tr> 1441 <tr> 1442 <td>CVE-2016-10200</td> 1443 <td>A-33753815<br> 1444 <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"> 1445 </a></td> 1446 <td></td> 1447 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1448 <td>2016 12 19 </td> 1449 </tr> 1450 </table> 1451 1452 1453 <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm </h3> 1454 <p> Qualcomm 2016 9 Qualcomm AMSS </p> 1455 1456 <table> 1457 <col width="19%"> 1458 <col width="20%"> 1459 <col width="10%"> 1460 <col width="23%"> 1461 <col width="17%"> 1462 <tr> 1463 <th>CVE</th> 1464 <th></th> 1465 <th></th> 1466 <th> Google </th> 1467 <th></th> 1468 </tr> 1469 <tr> 1470 <td>CVE-2016-8484</td> 1471 <td>A-28823575**</td> 1472 <td></td> 1473 <td>***</td> 1474 <td>Qualcomm </td> 1475 </tr> 1476 <tr> 1477 <td>CVE-2016-8485</td> 1478 <td>A-28823681**</td> 1479 <td></td> 1480 <td>***</td> 1481 <td>Qualcomm </td> 1482 </tr> 1483 <tr> 1484 <td>CVE-2016-8486</td> 1485 <td>A-28823691**</td> 1486 <td></td> 1487 <td>***</td> 1488 <td>Qualcomm </td> 1489 </tr> 1490 <tr> 1491 <td>CVE-2016-8487</td> 1492 <td>A-28823724**</td> 1493 <td></td> 1494 <td>***</td> 1495 <td>Qualcomm </td> 1496 </tr> 1497 <tr> 1498 <td>CVE-2016-8488</td> 1499 <td>A-31625756**</td> 1500 <td></td> 1501 <td>***</td> 1502 <td>Qualcomm </td> 1503 </tr> 1504 </table> 1505 <p>* </p> 1506 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1507 <p>*** Android 7.0 Google ()</p> 1508 1509 1510 <h3 id="eop-in-kernel-networking-subsystem-2"></h3> 1511 <p></p> 1512 1513 <table> 1514 <col width="19%"> 1515 <col width="20%"> 1516 <col width="10%"> 1517 <col width="23%"> 1518 <col width="17%"> 1519 <tr> 1520 <th>CVE</th> 1521 <th></th> 1522 <th></th> 1523 <th> Google </th> 1524 <th></th> 1525 </tr> 1526 <tr> 1527 <td>CVE-2016-8655</td> 1528 <td>A-33358926<br> 1529 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c"> 1530 </a></td> 1531 <td></td> 1532 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1533 <td>2016 10 12 </td> 1534 </tr> 1535 <tr> 1536 <td>CVE-2016-9793</td> 1537 <td>A-33363517<br> 1538 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"> 1539 </a></td> 1540 <td></td> 1541 <td>Android OneNexus 5XNexus 6Nexus 6PNexus 9Nexus PlayerPixel CPixelPixel XL</td> 1542 <td>2016 12 2 </td> 1543 </tr> 1544 </table> 1545 1546 1547 <h3 id="eop-in-qualcomm-input-hardware-driver">Qualcomm </h3> 1548 <p>Qualcomm </p> 1549 1550 <table> 1551 <col width="19%"> 1552 <col width="20%"> 1553 <col width="10%"> 1554 <col width="23%"> 1555 <col width="17%"> 1556 <tr> 1557 <th>CVE</th> 1558 <th></th> 1559 <th></th> 1560 <th> Google </th> 1561 <th></th> 1562 </tr> 1563 <tr> 1564 <td>CVE-2017-0516</td> 1565 <td>A-32341680*<br> 1566 QC-CR#1096301</td> 1567 <td></td> 1568 <td>Android OnePixelPixel XL</td> 1569 <td>2016 10 21 </td> 1570 </tr> 1571 </table> 1572 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1573 1574 1575 <h3 id="eop-in-mediatek-hardware-sensor-driver">MediaTek </h3> 1576 <p>MediaTek </p> 1577 1578 <table> 1579 <col width="19%"> 1580 <col width="20%"> 1581 <col width="10%"> 1582 <col width="23%"> 1583 <col width="17%"> 1584 <tr> 1585 <th>CVE</th> 1586 <th></th> 1587 <th></th> 1588 <th> Google </th> 1589 <th></th> 1590 </tr> 1591 <tr> 1592 <td>CVE-2017-0517</td> 1593 <td>A-32372051*<br> 1594 M-ALPS02973195</td> 1595 <td></td> 1596 <td>**</td> 1597 <td>2016 10 22 </td> 1598 </tr> 1599 </table> 1600 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1601 <p>** Android 7.0 Google ()</p> 1602 1603 1604 <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC </h3> 1605 <p>Qualcomm ADSPRPC </p> 1606 1607 <table> 1608 <col width="19%"> 1609 <col width="20%"> 1610 <col width="10%"> 1611 <col width="23%"> 1612 <col width="17%"> 1613 <tr> 1614 <th>CVE</th> 1615 <th></th> 1616 <th></th> 1617 <th> Google </th> 1618 <th></th> 1619 </tr> 1620 <tr> 1621 <td>CVE-2017-0457</td> 1622 <td>A-31695439*<br> 1623 QC-CR#1086123<br> 1624 QC-CR#1100695</td> 1625 <td></td> 1626 <td>Nexus 5XNexus 6PPixelPixel XL</td> 1627 <td>2016 9 22 </td> 1628 </tr> 1629 </table> 1630 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1631 1632 1633 <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Qualcomm </h3> 1634 <p>Qualcomm </p> 1635 1636 <table> 1637 <col width="19%"> 1638 <col width="20%"> 1639 <col width="10%"> 1640 <col width="23%"> 1641 <col width="17%"> 1642 <tr> 1643 <th>CVE</th> 1644 <th></th> 1645 <th></th> 1646 <th> Google </th> 1647 <th></th> 1648 </tr> 1649 <tr> 1650 <td>CVE-2017-0518</td> 1651 <td>A-32370896*<br> 1652 QC-CR#1086530</td> 1653 <td></td> 1654 <td>PixelPixel XL</td> 1655 <td>2016 10 24 </td> 1656 </tr> 1657 <tr> 1658 <td>CVE-2017-0519</td> 1659 <td>A-32372915*<br> 1660 QC-CR#1086530</td> 1661 <td></td> 1662 <td>PixelPixel XL</td> 1663 <td>2016 10 24 </td> 1664 </tr> 1665 </table> 1666 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1667 1668 1669 <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm </h3> 1670 <p>Qualcomm </p> 1671 1672 <table> 1673 <col width="19%"> 1674 <col width="20%"> 1675 <col width="10%"> 1676 <col width="23%"> 1677 <col width="17%"> 1678 <tr> 1679 <th>CVE</th> 1680 <th></th> 1681 <th></th> 1682 <th> Google </th> 1683 <th></th> 1684 </tr> 1685 <tr> 1686 <td>CVE-2017-0520</td> 1687 <td>A-31750232<br> 1688 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd"> 1689 QC-CR#1082636</a></td> 1690 <td></td> 1691 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1692 <td>2016 9 24 </td> 1693 </tr> 1694 </table> 1695 1696 1697 <h3 id="eop-in-qualcomm-camera-driver">Qualcomm </h3> 1698 <p>Qualcomm </p> 1699 1700 <table> 1701 <col width="19%"> 1702 <col width="20%"> 1703 <col width="10%"> 1704 <col width="23%"> 1705 <col width="17%"> 1706 <tr> 1707 <th>CVE</th> 1708 <th></th> 1709 <th></th> 1710 <th> Google </th> 1711 <th></th> 1712 </tr> 1713 <tr> 1714 <td>CVE-2017-0458</td> 1715 <td>A-32588962<br> 1716 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4"> 1717 QC-CR#1089433</a></td> 1718 <td></td> 1719 <td>PixelPixel XL</td> 1720 <td>2016 10 31 </td> 1721 </tr> 1722 <tr> 1723 <td>CVE-2017-0521</td> 1724 <td>A-32919951<br> 1725 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8"> 1726 QC-CR#1097709</a></td> 1727 <td></td> 1728 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1729 <td>2016 11 15 </td> 1730 </tr> 1731 </table> 1732 1733 1734 <h3 id="eop-in-mediatek-apk">MediaTek APK </h3> 1735 <p>MediaTek APK </p> 1736 1737 <table> 1738 <col width="19%"> 1739 <col width="20%"> 1740 <col width="10%"> 1741 <col width="23%"> 1742 <col width="17%"> 1743 <tr> 1744 <th>CVE</th> 1745 <th></th> 1746 <th></th> 1747 <th> Google </th> 1748 <th></th> 1749 </tr> 1750 <tr> 1751 <td>CVE-2017-0522</td> 1752 <td>A-32916158*<br> 1753 M-ALPS03032516</td> 1754 <td></td> 1755 <td>**</td> 1756 <td>2016 11 15 </td> 1757 </tr> 1758 </table> 1759 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1760 <p>** Android 7.0 Google ()</p> 1761 1762 1763 <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 1764 <p>Qualcomm Wi-Fi </p> 1765 1766 <table> 1767 <col width="19%"> 1768 <col width="20%"> 1769 <col width="10%"> 1770 <col width="23%"> 1771 <col width="17%"> 1772 <tr> 1773 <th>CVE</th> 1774 <th></th> 1775 <th></th> 1776 <th> Google </th> 1777 <th></th> 1778 </tr> 1779 <tr> 1780 <td>CVE-2017-0464</td> 1781 <td>A-32940193<br> 1782 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f"> 1783 QC-CR#1102593</a></td> 1784 <td></td> 1785 <td>Nexus 5XPixelPixel XL</td> 1786 <td>2016 11 15 </td> 1787 </tr> 1788 <tr> 1789 <td>CVE-2017-0453</td> 1790 <td>A-33979145<br> 1791 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513"> 1792 QC-CR#1105085</a></td> 1793 <td></td> 1794 <td>Nexus 5XAndroid One</td> 1795 <td>2016 12 30 </td> 1796 </tr> 1797 <tr> 1798 <td>CVE-2017-0523</td> 1799 <td>A-32835279<br> 1800 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582"> 1801 QC-CR#1096945</a></td> 1802 <td></td> 1803 <td>*</td> 1804 <td>Google </td> 1805 </tr> 1806 </table> 1807 <p>* Android 7.0 Google ()</p> 1808 1809 1810 <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics </h3> 1811 <p>Synaptics </p> 1812 1813 <table> 1814 <col width="19%"> 1815 <col width="20%"> 1816 <col width="10%"> 1817 <col width="23%"> 1818 <col width="17%"> 1819 <tr> 1820 <th>CVE</th> 1821 <th></th> 1822 <th></th> 1823 <th> Google </th> 1824 <th></th> 1825 </tr> 1826 <tr> 1827 <td>CVE-2017-0524</td> 1828 <td>A-33002026</td> 1829 <td></td> 1830 <td>Android OneNexus 5XNexus 6PNexus 9PixelPixel XL</td> 1831 <td>2016 11 18 </td> 1832 </tr> 1833 </table> 1834 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1835 1836 1837 <h3 id="eop-in-qualcomm-ipa-driver">Qualcomm IPA </h3> 1838 <p>Qualcomm IPA </p> 1839 1840 <table> 1841 <col width="19%"> 1842 <col width="20%"> 1843 <col width="10%"> 1844 <col width="23%"> 1845 <col width="17%"> 1846 <tr> 1847 <th>CVE</th> 1848 <th></th> 1849 <th></th> 1850 <th> Google </th> 1851 <th></th> 1852 </tr> 1853 <tr> 1854 <td>CVE-2017-0456</td> 1855 <td>A-33106520*<br> 1856 QC-CR#1099598</td> 1857 <td></td> 1858 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1859 <td>2016 11 23 </td> 1860 </tr> 1861 <tr> 1862 <td>CVE-2017-0525</td> 1863 <td>A-33139056*<br> 1864 QC-CR#1097714</td> 1865 <td></td> 1866 <td>Nexus 5XNexus 6PAndroid OnePixelPixel XL</td> 1867 <td>2016 11 25 </td> 1868 </tr> 1869 </table> 1870 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1871 1872 1873 <h3 id="eop-in-htc-sensor-hub-driver">HTC </h3> 1874 <p>HTC </p> 1875 1876 <table> 1877 <col width="19%"> 1878 <col width="20%"> 1879 <col width="10%"> 1880 <col width="23%"> 1881 <col width="17%"> 1882 <tr> 1883 <th>CVE</th> 1884 <th></th> 1885 <th></th> 1886 <th> Google </th> 1887 <th></th> 1888 </tr> 1889 <tr> 1890 <td>CVE-2017-0526</td> 1891 <td>A-33897738*</td> 1892 <td></td> 1893 <td>Nexus 9</td> 1894 <td>2016 12 25 </td> 1895 </tr> 1896 <tr> 1897 <td>CVE-2017-0527</td> 1898 <td>A-33899318*</td> 1899 <td></td> 1900 <td>Nexus 9PixelPixel XL</td> 1901 <td>2016 12 25 </td> 1902 </tr> 1903 </table> 1904 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1905 1906 1907 <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU </h3> 1908 <p>NVIDIA GPU (Re-flash) </p> 1909 1910 <table> 1911 <col width="19%"> 1912 <col width="20%"> 1913 <col width="10%"> 1914 <col width="23%"> 1915 <col width="17%"> 1916 <tr> 1917 <th>CVE</th> 1918 <th></th> 1919 <th></th> 1920 <th> Google </th> 1921 <th></th> 1922 </tr> 1923 <tr> 1924 <td>CVE-2017-0307</td> 1925 <td>A-33177895*<br> 1926 N-CVE-2017-0307</td> 1927 <td></td> 1928 <td>**</td> 1929 <td>2016 11 28 </td> 1930 </tr> 1931 </table> 1932 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1933 <p>** Android 7.0 Google ()</p> 1934 1935 1936 <h3 id="eop-in-qualcomm-networking-driver">Qualcomm </h3> 1937 <p>Qualcomm </p> 1938 1939 <table> 1940 <col width="19%"> 1941 <col width="20%"> 1942 <col width="10%"> 1943 <col width="23%"> 1944 <col width="17%"> 1945 <tr> 1946 <th>CVE</th> 1947 <th></th> 1948 <th></th> 1949 <th> Google </th> 1950 <th></th> 1951 </tr> 1952 <tr> 1953 <td>CVE-2017-0463</td> 1954 <td>A-33277611<br> 1955 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2"> 1956 QC-CR#1101792</a></td> 1957 <td></td> 1958 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 1959 <td>2016 11 30 </td> 1960 </tr> 1961 <tr> 1962 <td>CVE-2017-0460</td> 1963 <td>A-31252965*<br> 1964 QC-CR#1098801</td> 1965 <td></td> 1966 <td>Nexus 5XNexus 6Nexus 6PNexus 9Android OnePixelPixel XL</td> 1967 <td>Google </td> 1968 </tr> 1969 </table> 1970 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1971 1972 1973 <h3 id="eop-in-kernel-security-subsystem"></h3> 1974 <p></p> 1975 1976 <table> 1977 <col width="19%"> 1978 <col width="20%"> 1979 <col width="10%"> 1980 <col width="23%"> 1981 <col width="17%"> 1982 <tr> 1983 <th>CVE</th> 1984 <th></th> 1985 <th></th> 1986 <th> Google </th> 1987 <th></th> 1988 </tr> 1989 <tr> 1990 <td>CVE-2017-0528</td> 1991 <td>A-33351919*</td> 1992 <td></td> 1993 <td>PixelPixel XL</td> 1994 <td>2016 12 4 </td> 1995 </tr> 1996 </table> 1997 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 1998 1999 2000 <h3 id="eop-in-qualcomm-spcom-driver">Qualcomm SPCom </h3> 2001 <p>Qualcomm SPCom </p> 2002 2003 <table> 2004 <col width="19%"> 2005 <col width="20%"> 2006 <col width="10%"> 2007 <col width="23%"> 2008 <col width="17%"> 2009 <tr> 2010 <th>CVE</th> 2011 <th></th> 2012 <th></th> 2013 <th> Google </th> 2014 <th></th> 2015 </tr> 2016 <tr> 2017 <td>CVE-2016-5856</td> 2018 <td>A-32610665<br> 2019 <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368"> 2020 QC-CR#1094078</a></td> 2021 <td></td> 2022 <td>*</td> 2023 <td>Google </td> 2024 </tr> 2025 <tr> 2026 <td>CVE-2016-5857</td> 2027 <td>A-34386529<br> 2028 <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5"> 2029 QC-CR#1094140</a></td> 2030 <td></td> 2031 <td>*</td> 2032 <td>Google </td> 2033 </tr> 2034 </table> 2035 <p>* Android 7.0 Google ()</p> 2036 2037 2038 <h3 id="id-in-kernel-networking-subsystem"></h3> 2039 <p></p> 2040 2041 <table> 2042 <col width="19%"> 2043 <col width="20%"> 2044 <col width="10%"> 2045 <col width="23%"> 2046 <col width="17%"> 2047 <tr> 2048 <th>CVE</th> 2049 <th></th> 2050 <th></th> 2051 <th> Google </th> 2052 <th></th> 2053 </tr> 2054 <tr> 2055 <td>CVE-2014-8709</td> 2056 <td>A-34077221<br> 2057 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f"> 2058 </a></td> 2059 <td></td> 2060 <td>Nexus Player</td> 2061 <td>2014 11 9 </td> 2062 </tr> 2063 </table> 2064 2065 2066 <h3 id="id-in-mediatek-driver">MediaTek </h3> 2067 <p>MediaTek </p> 2068 2069 <table> 2070 <col width="19%"> 2071 <col width="20%"> 2072 <col width="10%"> 2073 <col width="23%"> 2074 <col width="17%"> 2075 <tr> 2076 <th>CVE</th> 2077 <th></th> 2078 <th></th> 2079 <th> Google </th> 2080 <th></th> 2081 </tr> 2082 <tr> 2083 <td>CVE-2017-0529</td> 2084 <td>A-28449427*<br> 2085 M-ALPS02710042</td> 2086 <td></td> 2087 <td>**</td> 2088 <td>2016 4 27 </td> 2089 </tr> 2090 </table> 2091 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2092 <p>** Android 7.0 Google ()</p> 2093 2094 2095 <h3 id="id-in-qualcomm-bootloader">Qualcomm </h3> 2096 <p>Qualcomm </p> 2097 2098 <table> 2099 <col width="19%"> 2100 <col width="20%"> 2101 <col width="10%"> 2102 <col width="23%"> 2103 <col width="17%"> 2104 <tr> 2105 <th>CVE</th> 2106 <th></th> 2107 <th></th> 2108 <th> Google </th> 2109 <th></th> 2110 </tr> 2111 <tr> 2112 <td>CVE-2017-0455</td> 2113 <td>A-32370952<br> 2114 <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"> 2115 QC-CR#1082755</a></td> 2116 <td></td> 2117 <td>PixelPixel XL</td> 2118 <td>2016 10 21 </td> 2119 </tr> 2120 </table> 2121 2122 2123 <h3 id="id-in-qualcomm-power-driver">Qualcomm </h3> 2124 <p>Qualcomm </p> 2125 2126 <table> 2127 <col width="19%"> 2128 <col width="20%"> 2129 <col width="10%"> 2130 <col width="23%"> 2131 <col width="17%"> 2132 <tr> 2133 <th>CVE</th> 2134 <th></th> 2135 <th></th> 2136 <th> Google </th> 2137 <th></th> 2138 </tr> 2139 <tr> 2140 <td>CVE-2016-8483</td> 2141 <td>A-33745862<br> 2142 <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a"> 2143 QC-CR#1035099</a></td> 2144 <td></td> 2145 <td>Nexus 5XNexus 6P</td> 2146 <td>2016 12 19 </td> 2147 </tr> 2148 </table> 2149 2150 2151 <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU </h3> 2152 <p>NVIDIA GPU </p> 2153 2154 <table> 2155 <col width="19%"> 2156 <col width="20%"> 2157 <col width="10%"> 2158 <col width="23%"> 2159 <col width="17%"> 2160 <tr> 2161 <th>CVE</th> 2162 <th></th> 2163 <th></th> 2164 <th> Google </th> 2165 <th></th> 2166 </tr> 2167 <tr> 2168 <td>CVE-2017-0334</td> 2169 <td>A-33245849*<br> 2170 N-CVE-2017-0334</td> 2171 <td></td> 2172 <td>Pixel C</td> 2173 <td>2016 11 30 </td> 2174 </tr> 2175 <tr> 2176 <td>CVE-2017-0336</td> 2177 <td>A-33042679*<br> 2178 N-CVE-2017-0336</td> 2179 <td></td> 2180 <td>Pixel C</td> 2181 <td>Google </td> 2182 </tr> 2183 </table> 2184 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2185 2186 2187 <h3 id="dos-in-kernel-cryptographic-subsystem"></h3> 2188 <p></p> 2189 2190 <table> 2191 <col width="19%"> 2192 <col width="20%"> 2193 <col width="10%"> 2194 <col width="23%"> 2195 <col width="17%"> 2196 <tr> 2197 <th>CVE</th> 2198 <th></th> 2199 <th></th> 2200 <th> Google </th> 2201 <th></th> 2202 </tr> 2203 <tr> 2204 <td>CVE-2016-8650</td> 2205 <td>A-33401771<br> 2206 <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"> 2207 </a></td> 2208 <td></td> 2209 <td>Nexus 5XNexus 6PPixelPixel XL</td> 2210 <td>2016 10 12 </td> 2211 </tr> 2212 </table> 2213 2214 2215 <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Qualcomm ()</h3> 2216 <p>Qualcomm </p> 2217 2218 <table> 2219 <col width="19%"> 2220 <col width="20%"> 2221 <col width="10%"> 2222 <col width="23%"> 2223 <col width="17%"> 2224 <tr> 2225 <th>CVE</th> 2226 <th></th> 2227 <th></th> 2228 <th> Google </th> 2229 <th></th> 2230 </tr> 2231 <tr> 2232 <td>CVE-2016-8417</td> 2233 <td>A-32342399<br> 2234 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0"> 2235 QC-CR#1088824</a></td> 2236 <td></td> 2237 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2238 <td>2016 10 21 </td> 2239 </tr> 2240 </table> 2241 2242 2243 <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi </h3> 2244 <p>Qualcomm Wi-Fi </p> 2245 2246 <table> 2247 <col width="19%"> 2248 <col width="20%"> 2249 <col width="10%"> 2250 <col width="23%"> 2251 <col width="17%"> 2252 <tr> 2253 <th>CVE</th> 2254 <th></th> 2255 <th></th> 2256 <th> Google </th> 2257 <th></th> 2258 </tr> 2259 <tr> 2260 <td>CVE-2017-0461</td> 2261 <td>A-32073794<br> 2262 <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65"> 2263 QC-CR#1100132</a></td> 2264 <td></td> 2265 <td>Android OneNexus 5XPixelPixel XL</td> 2266 <td>2016 10 9 </td> 2267 </tr> 2268 <tr> 2269 <td>CVE-2017-0459</td> 2270 <td>A-32644895<br> 2271 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> 2272 QC-CR#1091939</a></td> 2273 <td></td> 2274 <td>PixelPixel XL</td> 2275 <td>2016 11 3 </td> 2276 </tr> 2277 <tr> 2278 <td>CVE-2017-0531</td> 2279 <td>A-32877245<br> 2280 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302"> 2281 QC-CR#1087469</a></td> 2282 <td></td> 2283 <td>Android OneNexus 5XNexus 6PPixelPixel XL</td> 2284 <td>2016 11 13 </td> 2285 </tr> 2286 </table> 2287 2288 2289 <h3 id="id-in-mediatek-video-codec-driver">MediaTek </h3> 2290 <p>MediaTek </p> 2291 2292 <table> 2293 <col width="19%"> 2294 <col width="20%"> 2295 <col width="10%"> 2296 <col width="23%"> 2297 <col width="17%"> 2298 <tr> 2299 <th>CVE</th> 2300 <th></th> 2301 <th></th> 2302 <th> Google </th> 2303 <th></th> 2304 </tr> 2305 <tr> 2306 <td>CVE-2017-0532</td> 2307 <td>A-32370398*<br> 2308 M-ALPS03069985</td> 2309 <td></td> 2310 <td>**</td> 2311 <td>2016 10 22 </td> 2312 </tr> 2313 </table> 2314 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2315 <p>** Android 7.0 Google ()</p> 2316 2317 2318 <h3 id="id-in-qualcomm-video-driver">Qualcomm </h3> 2319 <p>Qualcomm </p> 2320 2321 <table> 2322 <col width="19%"> 2323 <col width="20%"> 2324 <col width="10%"> 2325 <col width="23%"> 2326 <col width="17%"> 2327 <tr> 2328 <th>CVE</th> 2329 <th></th> 2330 <th></th> 2331 <th> Google </th> 2332 <th></th> 2333 </tr> 2334 <tr> 2335 <td>CVE-2017-0533</td> 2336 <td>A-32509422<br> 2337 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2338 QC-CR#1088206</a></td> 2339 <td></td> 2340 <td>PixelPixel XL</td> 2341 <td>2016 10 27 </td> 2342 </tr> 2343 <tr> 2344 <td>CVE-2017-0534</td> 2345 <td>A-32508732<br> 2346 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2347 QC-CR#1088206</a></td> 2348 <td></td> 2349 <td>PixelPixel XL</td> 2350 <td>2016 10 28 </td> 2351 </tr> 2352 <tr> 2353 <td>CVE-2016-8416</td> 2354 <td>A-32510746<br> 2355 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2356 QC-CR#1088206</a></td> 2357 <td></td> 2358 <td>PixelPixel XL</td> 2359 <td>2016 10 28 </td> 2360 </tr> 2361 <tr> 2362 <td>CVE-2016-8478</td> 2363 <td>A-32511270<br> 2364 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> 2365 QC-CR#1088206</a></td> 2366 <td></td> 2367 <td>PixelPixel XL</td> 2368 <td>2016 10 28 </td> 2369 </tr> 2370 </table> 2371 2372 2373 <h3 id="id-in-qualcomm-camera-driver">Qualcomm </h3> 2374 <p>Qualcomm </p> 2375 2376 <table> 2377 <col width="19%"> 2378 <col width="20%"> 2379 <col width="10%"> 2380 <col width="23%"> 2381 <col width="17%"> 2382 <tr> 2383 <th>CVE</th> 2384 <th></th> 2385 <th></th> 2386 <th> Google </th> 2387 <th></th> 2388 </tr> 2389 <tr> 2390 <td>CVE-2016-8413</td> 2391 <td>A-32709702<br> 2392 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d"> 2393 QC-CR#518731</a></td> 2394 <td></td> 2395 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2396 <td>2016 11 4 </td> 2397 </tr> 2398 <tr> 2399 <td>CVE-2016-8477</td> 2400 <td>A-32720522<br> 2401 <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"> 2402 QC-CR#1090007</a> 2403 [<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> 2404 <td></td> 2405 <td>Nexus 5XNexus 6Nexus 6PAndroid OnePixelPixel XL</td> 2406 <td>2016 11 7 </td> 2407 </tr> 2408 </table> 2409 2410 2411 <h3 id="id-in-htc-sound-codec-driver">HTC </h3> 2412 <p>HTC </p> 2413 2414 <table> 2415 <col width="19%"> 2416 <col width="20%"> 2417 <col width="10%"> 2418 <col width="23%"> 2419 <col width="17%"> 2420 <tr> 2421 <th>CVE</th> 2422 <th></th> 2423 <th></th> 2424 <th> Google </th> 2425 <th></th> 2426 </tr> 2427 <tr> 2428 <td>CVE-2017-0535</td> 2429 <td>A-33547247*</td> 2430 <td></td> 2431 <td>Nexus 9</td> 2432 <td>2016 12 11 </td> 2433 </tr> 2434 </table> 2435 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2436 2437 2438 <h3 id="id-in-synaptics-touchscreen-driver">Synaptics </h3> 2439 <p>Synaptics </p> 2440 2441 <table> 2442 <col width="19%"> 2443 <col width="20%"> 2444 <col width="10%"> 2445 <col width="23%"> 2446 <col width="17%"> 2447 <tr> 2448 <th>CVE</th> 2449 <th></th> 2450 <th></th> 2451 <th> Google </th> 2452 <th></th> 2453 </tr> 2454 <tr> 2455 <td>CVE-2017-0536</td> 2456 <td>A-33555878*</td> 2457 <td></td> 2458 <td>Android OneNexus 5XNexus 6PNexus 9PixelPixel XL</td> 2459 <td>2016 12 12 </td> 2460 </tr> 2461 </table> 2462 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2463 2464 2465 <h3 id="id-in-kernel-usb-gadget-driver"> USB </h3> 2466 <p> USB </p> 2467 2468 <table> 2469 <col width="19%"> 2470 <col width="20%"> 2471 <col width="10%"> 2472 <col width="23%"> 2473 <col width="17%"> 2474 <tr> 2475 <th>CVE</th> 2476 <th></th> 2477 <th></th> 2478 <th> Google </th> 2479 <th></th> 2480 </tr> 2481 <tr> 2482 <td>CVE-2017-0537</td> 2483 <td>A-31614969*</td> 2484 <td></td> 2485 <td>Pixel C</td> 2486 <td>Google </td> 2487 </tr> 2488 </table> 2489 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2490 2491 2492 <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm </h3> 2493 <p>Qualcomm </p> 2494 2495 <table> 2496 <col width="19%"> 2497 <col width="20%"> 2498 <col width="10%"> 2499 <col width="23%"> 2500 <col width="17%"> 2501 <tr> 2502 <th>CVE</th> 2503 <th></th> 2504 <th></th> 2505 <th> Google </th> 2506 <th></th> 2507 </tr> 2508 <tr> 2509 <td>CVE-2017-0452</td> 2510 <td>A-32873615*<br> 2511 QC-CR#1093693</td> 2512 <td></td> 2513 <td>Nexus 5XNexus 6PAndroid One</td> 2514 <td>2016 11 10 </td> 2515 </tr> 2516 </table> 2517 <p>* Nexus <a href="https://developers.google.com/android/nexus/drivers">Google Developers </a></p> 2518 <h2 id="common-questions-and-answers"></h2> 2519 <p></p> 2520 <p><strong>1. 2521 </strong></p> 2522 <p> <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel Nexus </a></p> 2523 <ul> 2524 <li>2017 3 1 2017-03-01 </li> 2525 <li>2017 3 5 2017-03-05 2526 </li> 2527 </ul> 2528 <p></p> 2529 <ul> 2530 <li>[ro.build.version.security_patch]:[2017-03-01]</li> 2531 <li>[ro.build.version.security_patch]:[2017-03-05]</li> 2532 </ul> 2533 <p><strong>2. </strong></p> 2534 <p> Android Android Android </p> 2535 <ul> 2536 <li> 2017 3 1 </li> 2537 <li> 2017 3 5 () </li> 2538 </ul> 2539 <p></p> 2540 <p><strong>3. Google </strong></p> 2541 <p> <a href="#2017-03-01-details">2017-03-01</a> <a href="#2017-03-05-details">2017-03-05</a> Google <em></em> Google </p> 2542 <ul> 2543 <li><strong> Google </strong> Pixel Google <em></em><a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices"></a>Nexus 5XNexus 6Nexus 6PNexus 7 (2013)Nexus 9Android OneNexus PlayerPixel CPixel Pixel XL</li> 2544 <li><strong> Google </strong> Google Google <em></em> Google </li> 2545 <li><strong> Google </strong> Android 7.0 Google Google <em></em></li> 2546 </ul> 2547 <p><strong>4. </strong></p> 2548 <p><em></em></p> 2549 <table> 2550 <tr> 2551 <th></th> 2552 <th></th> 2553 </tr> 2554 <tr> 2555 <td>A-</td> 2556 <td>Android ID</td> 2557 </tr> 2558 <tr> 2559 <td>QC-</td> 2560 <td>Qualcomm </td> 2561 </tr> 2562 <tr> 2563 <td>M-</td> 2564 <td>MediaTek </td> 2565 </tr> 2566 <tr> 2567 <td>N-</td> 2568 <td>NVIDIA </td> 2569 </tr> 2570 <tr> 2571 <td>B-</td> 2572 <td>Broadcom </td> 2573 </tr> 2574 </table> 2575 <h2 id="revisions"></h2> 2576 <ul> 2577 <li>2017 3 6 </li> 2578 <li>2017 3 7 AOSP </li> 2579 </ul> 2580 </body> 2581 </html> 2582
