Merge "Docs: Publish 7.1 errata"
diff --git a/src-intl/ja_ALL/security/bulletin/2017-02-01.jd b/src-intl/ja_ALL/security/bulletin/2017-02-01.jd
new file mode 100644
index 0000000..1bd68bf
--- /dev/null
+++ b/src-intl/ja_ALL/security/bulletin/2017-02-01.jd
@@ -0,0 +1,1727 @@
+page.title=Android のセキュリティに関する公開情報 - 2017 年 2 月
+@jd:body
+<!--
+ Copyright 2017 The Android Open Source Project
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<p><em>2017 年 2 月 6 日公開 | 2017 年 2 月 8 日更新</em></p>
+<p>
+Android のセキュリティに関する公開情報には、Android 搭載端末に影響を与えるセキュリティの脆弱性の詳細を掲載しています。情報の公開に伴い、Google 端末に対するセキュリティ アップデートを無線(OTA)アップデートで配信しました。Google 端末のファームウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベロッパー サイト</a>でリリースしています。2017 年 2 月 5 日以降のセキュリティ パッチ レベルでは、下記のすべての問題に対処しています。端末のセキュリティ パッチ レベルを確認する方法については、<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel と Nexus のアップデート スケジュール</a>をご覧ください。
+</p>
+<p>
+パートナーには、この公開情報に記載の問題について 2017 年 1 月 3 日までに通知済みです。Android オープンソース プロジェクト(AOSP)レポジトリに、下記の問題に対するソースコードのパッチをリリースしています。この公開情報には AOSP 以外のパッチへのリンクも掲載しています。
+</p>
+<p>
+下記の問題のうち最も重大度の高いものは、多様な方法(メール、ウェブの閲覧、MMS など)により、攻撃対象の端末でメディア ファイルを処理する際にリモートでのコード実行が可能になるおそれのある重大なセキュリティの脆弱性です。
+</p>
+<p>
+この新たに報告された問題によって実際のユーザー端末が不正使用された報告はありません。<a href="{@docRoot}security/enhancements/index.html">Android セキュリティ プラットフォームの保護</a>や <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> のようなサービスの保護について詳しくは、<a href="#mitigations">Android と Google サービスでのリスク軽減策</a>をご覧ください。こうした保護により、Android プラットフォームのセキュリティが改善されます。
+</p>
+<p>
+すべてのユーザーに対し、ご利用の端末で上記の更新を行うことをおすすめします。
+</p>
+<h2 id="announcements">お知らせ</h2>
+<ul>
+<li>この公開情報では、2 つのセキュリティ パッチ レベル文字列を定義しています。これは、すべての Android 搭載端末で同様の問題が発生する一部の脆弱性をサブセットとし、Android パートナーが迅速かつ柔軟に修正できるようにするためです。詳しくは、<a href="#common-questions-and-answers">一般的な質問と回答</a>をご覧ください。
+ <ul>
+ <li><strong>2017-02-01</strong>: 部分的に対処したセキュリティ パッチ レベル文字列。このセキュリティ パッチ レベル文字列は、2017-02-01(およびそれ以前のすべてのセキュリティ パッチ レベル文字列)に関連するすべての問題に対処していることを示します。</li>
+ <li><strong>2017-02-05</strong>: 完全に対処したセキュリティ パッチ レベル文字列。このセキュリティ パッチ レベル文字列は、2017-02-01 と 2017-02-05(およびそれ以前のすべてのセキュリティ パッチ レベル文字列)に関連するすべての問題に対処していることを示します。</li>
+ </ul>
+</li>
+<li>サポート対象の Google 端末には、2017 年 2 月 5 日のセキュリティ パッチ レベルのアップデート 1 件が OTA で配信されます。</li>
+</ul>
+<h2 id="security-vulnerability-summary">セキュリティの脆弱性の概要</h2>
+<p>
+下記の表に、セキュリティの脆弱性、その共通脆弱性識別子(CVE)、重大度の判定、Google 端末への影響があるかどうかの一覧を示します。<a href="{@docRoot}security/overview/updates-resources.html#severity">重大度の判定</a>は、攻撃を受けた端末でその脆弱性が悪用された場合の影響に基づくもので、プラットフォームやサービスでのリスク軽減策が開発目的で無効にされるか不正に回避された場合を前提としています。
+</p>
+<h3 id="2017-02-01-summary">セキュリティ パッチ レベル 2017-02-01 の脆弱性の概要</h3>
+<p>
+セキュリティ パッチ レベル 2017-02-01 以降では、下記の問題に対処する必要があります。
+</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>問題</th>
+ <th>CVE</th>
+ <th>重大度</th>
+ <th>Google 端末への影響</th>
+ </tr>
+ <tr>
+ <td>Surfaceflinger でのリモートコード実行の脆弱性</td>
+ <td>CVE-2017-0405</td>
+ <td>重大</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>メディアサーバーでのリモートコード実行の脆弱性</td>
+ <td>CVE-2017-0406、CVE-2017-0407</td>
+ <td>重大</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>libgdx でのリモートコード実行の脆弱性</td>
+ <td>CVE-2017-0408</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>libstagefright でのリモートコード実行の脆弱性</td>
+ <td>CVE-2017-0409</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Java.Net での権限昇格の脆弱性</td>
+ <td>CVE-2016-5552</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>フレームワーク API での権限昇格の脆弱性</td>
+ <td>CVE-2017-0410、CVE-2017-0411、CVE-2017-0412</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>メディアサーバーでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0415</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>オーディオサーバーでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0416、CVE-2017-0417、CVE-2017-0418、CVE-2017-0419</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>AOSP メールでの情報開示の脆弱性</td>
+ <td>CVE-2017-0420</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>AOSP メッセージでの情報開示の脆弱性</td>
+ <td>CVE-2017-0413、CVE-2017-0414</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>フレームワーク API での情報開示の脆弱性</td>
+ <td>CVE-2017-0421</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Bionic DNS でのサービス拒否の脆弱性</td>
+ <td>CVE-2017-0422</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Bluetooth での権限昇格の脆弱性</td>
+ <td>CVE-2017-0423</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>AOSP メッセージでの情報開示の脆弱性</td>
+ <td>CVE-2017-0424</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>オーディオサーバーでの情報開示の脆弱性</td>
+ <td>CVE-2017-0425</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>ファイル システムでの情報開示の脆弱性</td>
+ <td>CVE-2017-0426</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+</table>
+<h3 id="2017-02-05-summary">セキュリティ パッチ レベル 2017-02-05 の脆弱性の概要</h3>
+<p>セキュリティ パッチ レベル 2017-02-05 以降では、2017-02-01 に関連するすべての問題に加えて、下記の問題に対処する必要があります。</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>問題</th>
+ <th>CVE</th>
+ <th>重大度</th>
+ <th>Google 端末への影響</th>
+ </tr>
+ <tr>
+ <td>Qualcomm crypto ドライバでのリモートコード実行の脆弱性</td>
+ <td>CVE-2016-8418</td>
+ <td>重大</td>
+ <td>なし*</td>
+ </tr>
+ <tr>
+ <td>カーネル ファイル システムでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0427</td>
+ <td>重大</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>NVIDIA GPU ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0428、CVE-2017-0429</td>
+ <td>重大</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>カーネル ネットワーク サブシステムでの権限昇格の脆弱性</td>
+ <td>CVE-2014-9914</td>
+ <td>重大</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Broadcom Wi-Fi ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0430</td>
+ <td>重大</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Qualcomm コンポーネントでの脆弱性</td>
+ <td>CVE-2017-0431</td>
+ <td>重大</td>
+ <td>なし*</td>
+ </tr>
+ <tr>
+ <td>MediaTek ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0432</td>
+ <td>高</td>
+ <td>なし*</td>
+ </tr>
+ <tr>
+ <td>Synaptics タッチスクリーン ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0433、CVE-2017-0434</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Qualcomm Secure Execution Environment Communicator ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2016-8480</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Qualcomm サウンド ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2016-8481、CVE-2017-0435、CVE-2017-0436</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Qualcomm Wi-Fi ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0437、CVE-2017-0438、CVE-2017-0439、CVE-2016-8419、
+CVE-2016-8420、CVE-2016-8421、CVE-2017-0440、CVE-2017-0441、
+CVE-2017-0442、CVE-2017-0443、CVE-2016-8476</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Realtek サウンド ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0444</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>HTC タッチスクリーン ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0445、CVE-2017-0446、CVE-2017-0447</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>NVIDIA ビデオドライバでの情報開示の脆弱性</td>
+ <td>CVE-2017-0448</td>
+ <td>高</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Broadcom Wi-Fi ドライバでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0449</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>オーディオサーバーでの権限昇格の脆弱性</td>
+ <td>CVE-2017-0450</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>カーネル ファイル システムでの権限昇格の脆弱性</td>
+ <td>CVE-2016-10044</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Qualcomm Secure Execution Environment Communicator での情報開示の脆弱性</td>
+ <td>CVE-2016-8414</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+ <tr>
+ <td>Qualcomm サウンド ドライバでの情報開示の脆弱性</td>
+ <td>CVE-2017-0451</td>
+ <td>中</td>
+ <td>あり</td>
+ </tr>
+</table>
+
+<p>* Android 7.0 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p>
+
+<h2 id="mitigations">Android と Google サービスでのリスク軽減策</h2>
+<p>ここでは、<a href="{@docRoot}security/enhancements/index.html">Android セキュリティ プラットフォームの保護</a>と SafetyNet のようなサービスの保護によるリスクの軽減について概説します。こうした機能は、Android でセキュリティの脆弱性が悪用される可能性を減らします。</p>
+<ul>
+ <li>Android プラットフォームの最新版での機能強化により、Android にある多くの問題の悪用が困難になります。Google では、すべてのユーザーに対し、できる限り最新バージョンの Android に更新することをおすすめしています。</li>
+ <li>Android セキュリティ チームは、<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">「アプリの確認」や SafetyNet</a> によって脆弱性の悪用を積極的に監視しており、<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">有害なおそれのあるアプリ</a>についてユーザーに警告しています。「アプリの確認」は、<a href="http://www.android.com/gms">Google モバイル サービス</a>を搭載した端末ではデフォルトで有効になっており、Google Play 以外からアプリをインストールするユーザーにとっては特に重要です。端末のルート権限を取得するツールは Google Play では禁止されていますが、「アプリの確認」では、アプリの入手元に関係なく、検出されたルート権限取得アプリをインストールしようとするユーザーに警告します。また、「アプリの確認」では、悪意のある既知のアプリで権限昇格の脆弱性が悪用されないように、そのようなアプリのインストールを見つけて阻止します。こうしたアプリが既にインストールされている場合は、ユーザーに通知して、検出されたアプリの削除を試みます。</li>
+ <li>Google ハングアウトやメッセンジャーのアプリでは状況を判断し、メディアサーバーなどのプロセスに自動的にメディアを渡すことはありません。</li>
+</ul>
+<h2 id="acknowledgements">謝辞</h2>
+<p>
+調査にご協力くださった下記の皆様方に感謝いたします(敬称略)。
+</p>
+<ul>
+ <li>Daniel Dakhno: CVE-2017-0420</li>
+ <li>Copperhead Security の Daniel Micay: CVE-2017-0410</li>
+ <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>: CVE-2017-0414</li>
+ <li>Chrome の Frank Liberato: CVE-2017-0409</li>
+ <li>Project Zero の Gal Beniamini: CVE-2017-0411、CVE-2017-0412</li>
+ <li>Qihoo 360 Technology Co. Ltd.、IceSword Lab の Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)と <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0434、CVE-2017-0446、CVE-2017-0447、CVE-2017-0432</li>
+ <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a>、Alpha Team の Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2017-0415</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>、<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)、Xuxian Jiang: CVE-2017-0418</li>
+ <li>Qihoo 360 Technology Co. Ltd.、Alpha Team の Hao Chen と Guang Gong: CVE-2017-0437、CVE-2017-0438、CVE-2017-0439、CVE-2016-8419、CVE-2016-8420、CVE-2016-8421、CVE-2017-0441、CVE-2017-0442、CVE-2016-8476、CVE-2017-0443</li>
+ <li>Google の Jeff Sharkey: CVE-2017-0421、CVE-2017-0423</li>
+ <li>Jeff Trim: CVE-2017-0422</li>
+ <li>Qihoo 360、IceSword Lab の Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)と <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0445</li>
+ <li>LINE Corporation の ma.la と Nikolay Elenkov: CVE-2016-5552</li>
+ <li>Google の Max Spector: CVE-2017-0416</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)、Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>)、Xuxian Jiang: CVE-2017-0425</li>
+ <li>Tencent、KeenLab(腾讯科恩实验室)の Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)と Di Shen(申迪)(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2017-0427</li>
+ <li>IBM X-Force Research の Sagi Kedmi: CVE-2017-0433</li>
+ <li>Copperhead Security の Scott Bauer(<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>)と Daniel Micay: CVE-2017-0405</li>
+ <li>Trend Micro Mobile Threat Research Team の Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2017-0449、CVE-2016-8418</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:segfault5514@gmail.com">Tong Lin</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)、Xuxian Jiang: CVE-2017-0436、CVE-2016-8481、CVE-2017-0435</li>
+ <li><a href="http://www.trendmicro.com">Trend Micro</a>、<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a> の V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): CVE-2017-0424</li>
+ <li>Alibaba Inc. の Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2017-0407</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、<a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a>、Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)、Xuxian Jiang: CVE-2017-0450</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>)、Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)、Xuxian Jiang: CVE-2017-0417</li>
+ <li>Ant-financial Light-Year Security Lab の Wish Wu(<a href="https://twitter.com/wish_wu">@wish_wu</a>)(<a href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼): CVE-2017-0408</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:yaojun8558363@gmail.com">Yao Jun</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)、Xuxian Jiang: CVE-2016-8480</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)、Xuxian Jiang: CVE-2017-0444</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、<a href="mailto:segfault5514@gmail.com">Tong Lin</a>、Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)、Xuxian Jiang: CVE-2017-0428</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、<a href="mailto:wisedd@gmail.com">Xiaodong Wang</a>、Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)、Xuxian Jiang: CVE-2017-0448、CVE-2017-0429</li>
+ <li><a href="http://www.nsfocus.com">NSFocus</a> の <a href="mailto:zhouzhenster@gmail.com">Zhen Zhou</a>(<a href="https://twitter.com/henices">@henices</a>)と <a href="mailto:sundaywind2004@gmail.com">Zhixin Li</a>: CVE-2017-0406</li>
+</ul>
+<p>
+また、この公開情報にご協力くださった下記の皆様方にも感謝いたします(敬称略)。</p><ul>
+<li>Baidu X-Lab(百度安全实验室)の Pengfei Ding(丁鹏飞)、Chenfu Bao(包沉浮)、Lenx Wei(韦韬)</li>
+</ul>
+
+<h2 id="2017-02-01-details">セキュリティ パッチ レベル 2017-02-01 の脆弱性の詳細</h2>
+<p>
+上記の<a href="#2017-02-01-summary">セキュリティ パッチ レベル 2017-02-01 の脆弱性の概要</a>で一覧に挙げた各項目について、下記に詳細を説明します。問題の内容とその重大度の根拠について説明し、CVE、関連する参照先、重大度、更新対象の Google 端末、更新対象の AOSP バージョン(該当する場合)、報告日を表にまとめています。その問題に対処した、一般公開されている変更(AOSP の変更の一覧など)がある場合は、そのバグ ID にリンクを設定しています。複数の変更が同じバグに関係する場合は、バグ ID の後に記載した番号に、追加の参照へのリンクを設定しています。</p>
+
+
+<h3 id="rce-in-surfaceflinger">Surfaceflinger でのリモートコード実行の脆弱性</h3>
+<p>
+Surfaceflinger にリモートコード実行の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、メディア ファイルやデータの処理中にメモリ破壊を引き起こすおそれがあります。Surfaceflinger のプロセス内でリモートコードが実行される可能性があるため、この問題は「重大」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0405</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979">
+ A-31960359</a></td>
+ <td>重大</td>
+ <td>すべて</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 10 月 4 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-mediaserver">メディアサーバーでのリモートコード実行の脆弱性</h3>
+<p>
+メディアサーバーにリモートコード実行の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、メディア ファイルやデータの処理中にメモリ破壊を引き起こすおそれがあります。メディアサーバーのプロセスにおいてリモートでコードが実行されるおそれがあるため、この問題は重大と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0406</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575">
+ A-32915871</a>
+[<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td>
+ <td>重大</td>
+ <td>すべて</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 14 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0407</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7">
+ A-32873375</a></td>
+ <td>重大</td>
+ <td>すべて</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 12 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libgdx">libgdx でのリモートコード実行の脆弱性</h3>
+<p>
+libgdx にリモートコード実行の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、権限のないプロセス内で任意のコードを実行するおそれがあります。このライブラリを使用するアプリでリモートコードが実行される可能性があるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0408</td>
+ <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b">
+ A-32769670</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>7.1.1</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libstagefright">libstagefright でのリモートコード実行の脆弱性</h3>
+<p>
+libstagefright にリモートコード実行の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、権限のないプロセス内で任意のコードを実行するおそれがあります。このライブラリを使用するアプリでリモートコードが実行される可能性があるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0409</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b">
+ A-31999646</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 社内</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-java.net">Java.Net での権限昇格の脆弱性</h3>
+<p>
+Java.Net ライブラリに権限昇格の脆弱性があるため、悪意のあるウェブ コンテンツが明示的な許可を得ずにユーザーを別のウェブサイトにリダイレクトするおそれがあります。ユーザー操作の要件がリモートで回避されるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-5552</td>
+ <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea">
+ A-31858037</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 9 月 30 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-framework-apis">フレームワーク API での権限昇格の脆弱性</h3>
+<p>
+フレームワーク API に権限昇格の脆弱性があるため、悪意のあるローカルアプリによって特権プロセス内で任意のコードが実行されるおそれがあります。サードパーティのアプリが通常はアクセスできない権限に昇格してローカルにアクセスするのに利用されるおそれがあるので、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0410</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa">
+ A-31929765</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 2 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0411</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+ A-33042690</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 11 月 21 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0412</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+ A-33039926</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 11 月 21 日</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-mediaserver">メディアサーバーでの権限昇格の脆弱性</h3>
+<p>
+メディアサーバーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによって特権プロセス内で任意のコードが実行されるおそれがあります。サードパーティのアプリが通常はアクセスできない権限に昇格してローカルにアクセスするのに利用されるおそれがあるので、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0415</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34">
+ A-32706020</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 4 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-audioserver">オーディオサーバーでの権限昇格の脆弱性</h3>
+<p>
+オーディオサーバーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによって特権プロセス内で任意のコードが実行されるおそれがあります。サードパーティのアプリが通常はアクセスできない権限に昇格してローカルにアクセスするのに利用されるおそれがあるので、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0416</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32886609</a>
+ [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 社内</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0417</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32705438</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0418</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32703959</a>
+[<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0419</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32220769</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 15 日</td>
+ </tr>
+</table>
+
+<h3 id="id-in-aosp-mail">AOSP メールでの情報開示の脆弱性</h3>
+<p>
+AOSP メールに情報開示の脆弱性があるため、悪意のあるローカルアプリが、アプリデータを他のアプリから分離するオペレーティング システムの保護を回避するおそれがあります。アプリがアクセス権限のないデータにアクセスするのに利用されるおそれがあるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0420</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909">
+ A-32615212</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 9 月 12 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging">AOSP メッセージでの情報開示の脆弱性</h3>
+<p>
+AOSP メッセージに情報開示の脆弱性があるため、悪意のあるローカルアプリが、アプリデータを他のアプリから分離するオペレーティング システムの保護を回避するおそれがあります。アプリがアクセス権限のないデータにアクセスするのに利用されるおそれがあるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0413</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e">
+ A-32161610</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0414</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd">
+ A-32807795</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 10 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-framework-apis">フレームワーク API での情報開示の脆弱性</h3>
+<p>
+フレームワーク API に情報開示の脆弱性があるため、悪意のあるローカルアプリが、アプリデータを他のアプリから分離するオペレーティング システムの保護を回避するおそれがあります。アプリがアクセス権限のないデータにアクセスするのに利用されるおそれがあるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0421</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336">
+ A-32555637</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Google 社内</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-bionic-dns">Bionic DNS でのサービス拒否の脆弱性</h3>
+<p>
+Bionic DNS にサービス拒否の脆弱性があるため、リモートの攻撃者が特別に細工したネットワーク パケットを使用して、端末のハングや再起動を引き起こすおそれがあります。リモートでのサービス拒否のおそれがあるため、この問題の重大度は「高」と判断されています。
+
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0422</td>
+ <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d">
+ A-32322088</a></td>
+ <td>高</td>
+ <td>すべて</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 20 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-bluetooth">Bluetooth での権限昇格の脆弱性</h3>
+<p>
+Bluetooth に権限昇格の脆弱性があるため、近くにいる攻撃者が端末上のドキュメントへのアクセスを管理するおそれがあります。最初に Bluetooth スタックの別の脆弱性を悪用する必要があるため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0423</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083">
+ A-32612586</a></td>
+ <td>中</td>
+ <td>すべて</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 2 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging-2">AOSP メッセージでの情報開示の脆弱性</h3>
+<p>
+AOSP メッセージに情報開示の脆弱性があるため、リモートの攻撃者が特別に細工したファイルを使用して、権限レベルの範囲外のデータにアクセスするおそれがあります。ユーザーレベルの多重防御または悪用対策技術を特権プロセス内で迂回する一般的な方法であるため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0424</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc">
+ A-32322450</a></td>
+ <td>中</td>
+ <td>すべて</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 20 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-audioserver">オーディオサーバーでの情報開示の脆弱性</h3>
+<p>
+オーディオサーバーに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。許可を得ずに機密データにアクセスするのに利用されるおそれがあるため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0425</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32720785</a></td>
+ <td>中</td>
+ <td>すべて</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-filesystem">ファイル システムでの情報開示の脆弱性</h3>
+<p>
+ファイル システムに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。許可を得ずに機密データにアクセスするのに利用されるおそれがあるため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>更新対象の AOSP バージョン</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0426</td>
+ <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a">
+ A-32799236</a>
+[<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td>
+ <td>中</td>
+ <td>すべて</td>
+ <td>7.0、7.1.1</td>
+ <td>Google 社内</td>
+ </tr>
+</table>
+
+
+<h2 id="2017-02-05-details">セキュリティ パッチ レベル 2017-02-05 の脆弱性の詳細</h2>
+<p>
+上記の<a href="#2017-02-05-summary">セキュリティ パッチ レベル 2017-02-05 の脆弱性の概要</a>で一覧に挙げた各項目について、下記に詳細を説明します。問題の内容とその重大度の根拠について説明し、CVE、関連する参照先、重大度、更新対象の Google 端末、更新対象の AOSP バージョン(該当する場合)、報告日を表にまとめています。その問題に対処した、一般公開されている変更(AOSP の変更の一覧など)がある場合は、そのバグ ID にリンクを設定しています。複数の変更が同じバグに関係する場合は、バグ ID の後に記載した番号に、追加の参照へのリンクを設定しています。</p>
+
+
+<h3 id="rce-in-qualcomm-crypto-driver">Qualcomm crypto ドライバでのリモートコード実行の脆弱性</h3>
+<p>
+Qualcomm crypto ドライバにリモートコード実行の脆弱性があるため、リモートの攻撃者がカーネル内で任意のコードを実行するおそれがあります。カーネル内でリモートコードが実行される可能性があるため、この問題は「重大」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8418</td>
+ <td>A-32652894<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f">
+QC-CR#1077457</a></td>
+ <td>重大</td>
+ <td>なし*</td>
+ <td>2016 年 10 月 10 日</td>
+ </tr>
+</table>
+<p>
+* Android 7.0 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。
+</p>
+
+
+<h3 id="eop-in-kernel-file-system">カーネル ファイル システムでの権限昇格の脆弱性</h3>
+<p>カーネル ファイル システムに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0427</td>
+ <td>A-31495866*</td>
+ <td>重大</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Pixel C、Nexus Player、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 13 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU ドライバでの権限昇格の脆弱性</h3>
+<p>
+NVIDIA GPU ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0428</td>
+ <td>A-32401526*<br>
+ N-CVE-2017-0428</td>
+ <td>重大</td>
+ <td>Nexus 9</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0429</td>
+ <td>A-32636619*<br>
+ N-CVE-2017-0429</td>
+ <td>重大</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 3 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-kernel-networking-subsystem">カーネル ネットワーク サブシステムでの権限昇格の脆弱性</h3>
+<p>
+カーネル ネットワーク サブシステムに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2014-9914</td>
+ <td>A-32882659<br>
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a">
+アップストリーム カーネル</a></td>
+ <td>重大</td>
+ <td>Nexus 6、Nexus Player</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi ドライバでの権限昇格の脆弱性</h3>
+<p>
+Broadcom Wi-Fi ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0430</td>
+ <td>A-32838767*<br>
+ B-RB#107459</td>
+ <td>重大</td>
+ <td>Nexus 6、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td>
+ <td>Google 社内</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm コンポーネントでの脆弱性</h3>
+<p>
+下記の表に Qualcomm コンポーネントに影響する脆弱性を示します。詳細については、Qualcomm AMSS の 2016 年 9 月のセキュリティに関する公開情報をご覧ください。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度*</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0431</td>
+ <td>A-32573899**</td>
+ <td>重大</td>
+ <td>なし***</td>
+ <td>Qualcomm 社内</td>
+ </tr>
+</table>
+<p>
+* この一連の問題の重大度はベンダーが決定したものです。
+</p>
+<p>
+** この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+<p>*** Android 7.0 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。
+</p>
+
+
+<h3 id="eop-in-mediatek-driver">MediaTek ドライバでの権限昇格の脆弱性</h3>
+<p>
+MediaTek ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0432</td>
+ <td>A-28332719*<br>
+ M-ALPS02708925</td>
+ <td>高</td>
+ <td>なし**</td>
+ <td>2016 年 4 月 21 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+<p>** Android 7.0 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。
+</p>
+
+
+<h3 id="eop-in-synaptics-touchscreen-driver">Synaptics タッチスクリーン ドライバでの権限昇格の脆弱性</h3>
+<p>
+Synaptics タッチスクリーン ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってタッチスクリーン チップセット内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0433</td>
+ <td>A-31913571*</td>
+ <td>高</td>
+ <td>Nexus 6P、Nexus 9、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 8 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0434</td>
+ <td>A-33001936*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 18 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm Secure Execution Environment Communicator ドライバでの権限昇格の脆弱性</h3>
+<p>
+Qualcomm Secure Execution Environment Communicator ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8480</td>
+ <td>A-31804432<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471">
+QC-CR#1086186</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 28 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-sound-driver">Qualcomm サウンド ドライバでの権限昇格の脆弱性</h3>
+<p>
+Qualcomm サウンド ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8481</td>
+ <td>A-31906415*<br>
+ QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 1 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0435</td>
+ <td>A-31906657*<br>
+ QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 1 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0436</td>
+ <td>A-32624661*<br>
+ QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 2 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ドライバでの権限昇格の脆弱性</h3>
+<p>
+Qualcomm Wi-Fi ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0437</td>
+ <td>A-32402310<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0438</td>
+ <td>A-32402604<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0439</td>
+ <td>A-32450647<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61">
+QC-CR#1092059</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8419</td>
+ <td>A-32454494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488">
+QC-CR#1087209</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8420</td>
+ <td>A-32451171<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e">
+QC-CR#1087807</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8421</td>
+ <td>A-32451104<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb">
+QC-CR#1087797</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0440</td>
+ <td>A-33252788<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268">
+QC-CR#1095770</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 11 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0441</td>
+ <td>A-32872662<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684">
+QC-CR#1095009</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 11 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0442</td>
+ <td>A-32871330<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0443</td>
+ <td>A-32877494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8476</td>
+ <td>A-32879283<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799">
+QC-CR#1091940</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 14 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-realtek-sound-driver">Realtek サウンド ドライバでの権限昇格の脆弱性</h3>
+<p>
+Realtek サウンド ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0444</td>
+ <td>A-32705232*</td>
+ <td>高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-htc-touchscreen-driver">HTC タッチスクリーン ドライバでの権限昇格の脆弱性</h3>
+<p>
+HTC タッチスクリーン ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0445</td>
+ <td>A-32769717*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0446</td>
+ <td>A-32917445*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0447</td>
+ <td>A-32919560*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="id-in-nvidia-video-driver">NVIDIA ビデオドライバでの情報開示の脆弱性</h3>
+<p>
+NVIDIA ビデオドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。ユーザーの明示的な許可を得ずに、機密データにアクセスするのに利用されるおそれがあるため、この問題の重大度は「高」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0448</td>
+ <td>A-32721029*<br>
+ N-CVE-2017-0448</td>
+ <td>高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi ドライバでの権限昇格の脆弱性</h3>
+<p>
+Broadcom Wi-Fi ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であり、現在のプラットフォーム構成によってリスクが軽減されているため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0449</td>
+ <td>A-31707909*<br>
+ B-RB#32094</td>
+ <td>中</td>
+ <td>Nexus 6、Nexus 6P</td>
+ <td>2016 年 9 月 23 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-audioserver-2">オーディオサーバーでの権限昇格の脆弱性 </h3>
+<p>
+オーディオサーバーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによって特権プロセス内で任意のコードが実行されるおそれがあります。現在のプラットフォーム構成によってリスクが軽減されているため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0450</td>
+ <td>A-32917432*</td>
+ <td>中</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="eop-in-kernel-file-system-2">カーネル ファイル システムでの権限昇格の脆弱性</h3>
+<p>
+カーネル ファイル システムに権限昇格の脆弱性があるため、悪意のあるローカルアプリが権限昇格を回避する保護を回避するおそれがあります。ユーザーレベルの多重防御または悪用対策技術を迂回する一般的な方法であるため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-10044</td>
+ <td>A-31711619*</td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Pixel C、Nexus Player、Pixel、Pixel XL</td>
+ <td>Google 社内</td>
+ </tr>
+</table>
+<p>
+* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。
+</p>
+
+
+<h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm Secure Execution Environment Communicator での情報開示の脆弱性</h3>
+<p>
+Qualcomm Secure Execution Environment Communicator に情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8414</td>
+ <td>A-31704078<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846">
+QC-CR#1076407</a></td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 23 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-sound-driver">Qualcomm サウンド ドライバでの情報開示の脆弱性</h3>
+<p>
+Qualcomm サウンド ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参照</th>
+ <th>重大度</th>
+ <th>更新対象の Google 端末</th>
+ <th>報告日</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0451</td>
+ <td>A-31796345<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e">
+QC-CR#1073129</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 27 日</td>
+ </tr>
+</table>
+
+<h2 id="common-questions-and-answers">一般的な質問と回答</h2>
+<p>上記の公開情報に対する一般的な質問について、以下で回答します。</p>
+<p><strong>1. 上記の問題に対処するように端末が更新されているかどうかをどのように判断すればよいですか?</strong></p>
+<p>端末のセキュリティ パッチ レベルを確認する方法については、<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel および Nexus のアップデート スケジュール</a>に記載されている手順をご覧ください。</p>
+<ul>
+ <li>セキュリティ パッチ レベル 2017-02-01 以降では、セキュリティ パッチ レベル 2017-02-01 に関連するすべての問題に対処しています。</li>
+ <li>セキュリティ パッチ レベル 2017-02-05 以降では、セキュリティ パッチ レベル 2017-02-05、およびそれ以前のすべてのパッチレベルに関連するすべての問題に対処しています。
+ </li>
+</ul>
+<p>このアップデートを組み込んだ端末メーカーは、パッチレベル文字列を以下に設定する必要があります。</p>
+<ul>
+<li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li>
+<li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li>
+</ul>
+
+<p><strong>2. この公開情報に 2 つのセキュリティ パッチ レベルがあるのはなぜですか?</strong></p>
+
+<p>この公開情報では、2 つのセキュリティ パッチ レベルを定義しています。これは、すべての Android 搭載端末で同様の問題が発生する一部の脆弱性をサブセットとし、Android パートナーが迅速かつ柔軟に修正できるようにするためです。Android パートナーには、この公開情報に掲載されている問題をすべて修正し、最新のセキュリティ パッチ レベルを使用することが推奨されています。</p>
+<ul>
+ <li>2017 年 1 月 1 日のセキュリティ パッチ レベルを使用する端末には、そのセキュリティ パッチ レベルに関連するすべての問題と、それ以前のセキュリティに関する公開情報で報告されたすべての問題の修正を組み込む必要があります。</li>
+ <li>2017 年 1 月 5 日以降のセキュリティ パッチ レベルを使用する端末には、今回(およびそれ以前)のセキュリティに関する公開情報に掲載された、該当するすべてのパッチを組み込む必要があります。</li>
+</ul>
+<p>パートナーには、対処するすべての問題の修正を 1 つのアップデートにまとめて提供することが推奨されています。</p>
+<p><strong>3. 各問題の影響を受ける Google 端末を判断するにはどうすればよいですか?</strong></p>
+<p><a href="#2017-02-01-details">2017-02-01</a> と <a href="#2017-02-05-details">2017-02-05</a> のセキュリティの脆弱性の詳細に関するセクションで、各表中の「更新対象の Google 端末<em></em>」列に、その問題の影響を受ける、更新対象の Google 端末の種類が記載されています。この列の記載は次のいずれかです。
+</p>
+<ul>
+ <li><strong>すべての Google 端末</strong>: 問題がすべての端末と Pixel 端末に影響を与える場合、表の「更新対象の Google 端末<em></em>」列には「すべて」と記載されています。「すべて」には<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サポート対象の端末</a>(Nexus 5X、Nexus 6、Nexus 6P、Nexus 7(2013)、Nexus 9、Android One、Nexus Player、Pixel C、Pixel、Pixel XL)が含まれます。</li>
+ <li><strong>一部の Google 端末</strong>: 問題が一部の Google 端末のみに影響する場合、「更新対象の Google 端末<em></em>」列には影響を受ける Google 端末が記載されています。</li>
+ <li><strong>影響を受ける Google 端末がない</strong>: Android 7.0 を搭載した Google 端末が問題の影響を受けない場合、表の「更新対象の Google 端末<em></em>」列には「なし」と記載されています。</li>
+</ul>
+<p><strong>4.
+「参照」列の項目はどのような情報に関連付けられていますか?</strong></p>
+<p>脆弱性の詳細の表で「参照」列に記載した内容には、その参照番号が属す組織を示す接頭辞を含めている場合があります。<em></em>各接頭辞の意味は以下のとおりです。</p>
+<table>
+ <tr>
+ <th>接頭辞</th>
+ <th>参照</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Android バグ ID</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Qualcomm の参照番号</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>MediaTek の参照番号</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>NVIDIA の参照番号</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Broadcom の参照番号</td>
+ </tr>
+</table>
+
+<h2 id="revisions">改訂</h2>
+<ul>
+ <li>2017 年 2 月 6 日: 情報公開</li>
+ <li>2017 年 2 月 8 日: 公開情報を改訂し AOSP リンクを追加</li>
+</ul>
diff --git a/src-intl/ko_ALL/security/bulletin/2017-02-01.jd b/src-intl/ko_ALL/security/bulletin/2017-02-01.jd
new file mode 100644
index 0000000..028b2a3
--- /dev/null
+++ b/src-intl/ko_ALL/security/bulletin/2017-02-01.jd
@@ -0,0 +1,2076 @@
+page.title=Android 보안 게시판 - 2017년 2월
+@jd:body
+<!--
+ Copyright 2017 The Android Open Source Project
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<p><em>2017년 2월 6일 게시됨 | 2017년 2월 8일 업데이트됨</em></p>
+<p>
+Android 보안 게시판은 Android 기기에 영향을 미치는 보안 취약성
+세부정보를 다룹니다. 게시판과 함께 무선(OTA) 업데이트를 통해
+Google 기기 보안 업데이트가 출시되었습니다. Google 기기 펌웨어 이미지도
+<a href="https://developers.google.com/android/nexus/images">Google 개발자 사이트</a>에 게시되었습니다. 아래 목록의 문제는 2017년 2월 5일
+보안 패치 수준 이상에서 모두 해결됩니다. <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 및 Nexus 업데이트 일정</a>을
+참조하여 기기 보안 패치 수준을 확인하는 방법을 알아보세요.
+</p>
+<p>
+파트너에게는 게시판에 설명된 문제에 관한 알림을
+2017년 1월 3일 이전에 전달했습니다. 이러한 문제를 해결하기 위한 소스 코드 패치는
+Android 오픈소스 프로젝트(AOSP) 저장소에 배포되었으며 이 게시판에도 링크되어 있습니다.
+이 게시판에는 AOSP 외부의 패치 링크도 포함되어 있습니다.
+</p>
+<p>
+이 중 가장 심각한 문제는 미디어 파일을 처리할 때
+이메일과 웹 탐색, MMS 등 여러 방법을 통해 대상 기기에서
+원격으로 코드를 실행할 수 있게 하는 심각한 보안 취약성입니다.
+</p>
+<p>
+실제 고객이 새로 보고된 이러한 문제로 인해 악용당했다는 신고는
+접수되지 않았습니다. <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>과 같이 Android 플랫폼의 보안을 개선하는
+<a href="{@docRoot}security/enhancements/index.html">Android 보안 플랫폼 보호</a> 및 서비스 보호 기능에 관해
+자세히 알아보려면 <a href="#mitigations">Android 및 Google 서비스 완화</a>
+섹션을 참조하세요.
+</p>
+<p>
+모든 고객은 기기에서 이 업데이트를 수락하는 것이 좋습니다.
+</p>
+<h2 id="announcements">공지사항</h2>
+<ul>
+<li>이 게시판에는 Android 파트너가 모든 Android 기기에서 유사하게 발생하는
+취약성 문제의 일부를 더욱 빠르고 유연하게 해결하기 위한
+두 가지 보안 패치 수준 문자열이 포함되어 있습니다. 자세한 내용은 <a href="#common-questions-and-answers">일반적인
+질문 및 답변</a>을 참조하세요.
+ <ul>
+ <li><strong>2017-02-01</strong>: 부분 보안 패치 수준 문자열입니다. 이
+ 보안 패치 수준 문자열은 2017-02-01 및 이전의 모든 보안 패치 수준 문자열과
+ 관련된 문제가 모두 해결되었음을 나타냅니다.</li>
+ <li><strong>2017-02-05</strong>: 전체 보안 패치 수준 문자열입니다. 이
+ 보안 패치 수준 문자열은 2017-02-01과 2017-02-05 및 이전의 모든 보안 패치 수준
+ 문자열과 관련된 문제가 모두 해결되었음을 나타냅니다.</li>
+ </ul>
+</li>
+<li>지원되는 Google 기기는 2017년 2월 5일 보안 패치 수준의 단일 OTA
+업데이트를 받게 됩니다.</li>
+</ul>
+<h2 id="security-vulnerability-summary">보안 취약성 요약</h2>
+<p>
+아래 표에는 보안 취약성 목록, 일반적인 취약성 및 노출 ID(CVE),
+심각도 평가 및 Google 기기가 영향을 받는지 여부가
+포함되어 있습니다. <a href="{@docRoot}security/overview/updates-resources.html#severity">심각도 평가</a>는
+개발 목적으로 플랫폼 및 서비스 완화를 사용할 수 없거나
+우회에 성공한 경우 취약성 악용으로 인해 대상 기기가 받는 영향을
+기준으로 내려집니다.
+</p>
+<h3 id="2017-02-01-summary">2017-02-01 보안 패치 수준—취약성 요약</h3>
+<p>
+다음 문제는 2017-02-01 보안 패치 수준 이상에서 해결됩니다.
+</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>문제</th>
+ <th>CVE</th>
+ <th>심각도</th>
+ <th>Google 기기에 영향 여부</th>
+ </tr>
+ <tr>
+ <td>Surfaceflinger의 원격 코드 실행 취약성</td>
+ <td>CVE-2017-0405</td>
+ <td>심각</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>미디어 서버의 원격 코드 실행 취약성</td>
+ <td>CVE-2017-0406, CVE-2017-0407</td>
+ <td>심각</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>libgdx의 원격 코드 실행 취약성</td>
+ <td>CVE-2017-0408</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>libstagefright의 원격 코드 실행 취약성</td>
+ <td>CVE-2017-0409</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Java.Net의 권한 승격 취약성</td>
+ <td>CVE-2016-5552</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>프레임워크 API의 권한 승격 취약성</td>
+ <td>CVE-2017-0410, CVE-2017-0411, CVE-2017-0412</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>미디어 서버의 권한 승격 취약성</td>
+ <td>CVE-2017-0415</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>오디오 서버의 권한 승격 취약성</td>
+ <td>CVE-2017-0416, CVE-2017-0417, CVE-2017-0418, CVE-2017-0419</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>AOSP 메일의 정보 공개 취약성</td>
+ <td>CVE-2017-0420</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>AOSP 메시지의 정보 공개 취약성</td>
+ <td>CVE-2017-0413, CVE-2017-0414</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>프레임워크 API의 정보 공개 취약성</td>
+ <td>CVE-2017-0421</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Bionic DNS의 서비스 거부(DoS) 취약성</td>
+ <td>CVE-2017-0422</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>블루투스의 권한 승격 취약성</td>
+ <td>CVE-2017-0423</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>AOSP 메시지의 정보 공개 취약성</td>
+ <td>CVE-2017-0424</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>오디오 서버의 정보 공개 취약성</td>
+ <td>CVE-2017-0425</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>파일 시스템의 정보 공개 취약성</td>
+ <td>CVE-2017-0426</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+</table>
+<h3 id="2017-02-05-summary">2017-02-05
+보안 패치 수준—취약성 요약</h3>
+<p>2017-02-01의 모든 문제와 다음 문제는 2017-02-05
+보안 패치 수준 이상에서 해결됩니다.</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>문제</th>
+ <th>CVE</th>
+ <th>심각도</th>
+ <th>Google 기기에 영향 여부</th>
+ </tr>
+ <tr>
+ <td>Qualcomm 암호화 드라이버의 원격 코드 실행 취약성</td>
+ <td>CVE-2016-8418</td>
+ <td>심각</td>
+ <td>아니요*</td>
+ </tr>
+ <tr>
+ <td>커널 파일 시스템의 권한 승격 취약성</td>
+ <td>CVE-2017-0427</td>
+ <td>심각</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>NVIDIA GPU 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0428, CVE-2017-0429</td>
+ <td>심각</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>커널 네트워크 하위 시스템의 권한 승격 취약성</td>
+ <td>CVE-2014-9914</td>
+ <td>심각</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Broadcom Wi-Fi 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0430</td>
+ <td>심각</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 구성요소의 취약성</td>
+ <td>CVE-2017-0431</td>
+ <td>심각</td>
+ <td>아니요*</td>
+ </tr>
+ <tr>
+ <td>MediaTek 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0432</td>
+ <td>높음</td>
+ <td>아니요*</td>
+ </tr>
+ <tr>
+ <td>Synaptics 터치스크린 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0433, CVE-2017-0434</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Qualcomm Secure Execution Environment
+Communicator 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2016-8480</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 사운드 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2016-8481, CVE-2017-0435, CVE-2017-0436</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Qualcomm Wi-Fi 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2016-8419,
+CVE-2016-8420, CVE-2016-8421, CVE-2017-0440, CVE-2017-0441, CVE-2017-0442,
+CVE-2017-0443, CVE-2016-8476</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Realtek 사운드 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0444</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>HTC 터치스크린 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0445, CVE-2017-0446, CVE-2017-0447</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>NVIDIA 동영상 드라이버의 정보 공개 취약성</td>
+ <td>CVE-2017-0448</td>
+ <td>높음</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Broadcom Wi-Fi 드라이버의 권한 승격 취약성</td>
+ <td>CVE-2017-0449</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>오디오 서버의 권한 승격 취약성</td>
+ <td>CVE-2017-0450</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>커널 파일 시스템의 권한 승격 취약성</td>
+ <td>CVE-2016-10044</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Qualcomm Secure Execution
+Environment Communicator의 정보 공개 취약성</td>
+ <td>CVE-2016-8414</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 사운드 드라이버의 정보 공개 취약성</td>
+ <td>CVE-2017-0451</td>
+ <td>보통</td>
+ <td>예</td>
+ </tr>
+</table>
+
+<p>* 지원되는 Android 7.0 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한
+취약성의 영향을 받지 않습니다.</p>
+
+<h2 id="mitigations">Android 및 Google 서비스 완화</h2>
+<p>다음은 SafetyNet과 같은 <a href="{@docRoot}security/enhancements/index.html">Android 보안 플랫폼</a> 및
+서비스 보호 기능에서 제공되는 완화를 요약한 내용입니다.
+이러한 기능을 통해 Android에서 보안 취약성이 악용될
+가능성을 줄일 수 있습니다.</p>
+<ul>
+ <li>Android 플랫폼 최신 버전의 향상된 기능으로 Android의 여러 문제를
+ 악용하기 더욱 어려워졌습니다. 가능하다면 모든 사용자는 최신 버전의 Android로
+ 업데이트하는 것이 좋습니다.</li>
+ <li>Android 보안팀에서는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">잠재적으로 위험한 애플리케이션</a>에 관해
+
+ 경고를 보내는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">앱 인증 및 SafetyNet</a>을 사용하여
+
+ 악용사례를 적극적으로 모니터링합니다. 앱 인증은 <a href="http://www.android.com/gms">Google 모바일 서비스</a>가 적용된
+ 기기에서 기본적으로 사용 설정되어 있으며
+ Google Play 외부에서 애플리케이션을 설치하는 사용자에게 특히 중요합니다. Google
+ Play 내에서 기기 루팅 도구는 금지되어 있지만
+ 사용자가 감지된 루팅 애플리케이션을 설치하려 하면
+ 출처에 상관없이 앱 인증이 경고를 표시합니다. 또한 앱 인증은
+ 권한 승격 취약성을 악용하는 것으로 알려진 악성 애플리케이션을
+ 식별하고 차단합니다. 이러한 애플리케이션이 이미 설치된 경우 앱 인증에서 사용자에게
+ 이를 알리고 감지된 애플리케이션을 삭제하려고 시도합니다.</li>
+ <li>가능한 경우 Google 행아웃과 메신저 애플리케이션은 미디어 서버와 같은 프로세스에
+ 미디어를 자동으로 전달하지 않습니다.</li>
+</ul>
+<h2 id="acknowledgements">감사의 말씀</h2>
+<p>
+참여해 주신 다음 연구원에게 감사드립니다.
+</p>
+<ul>
+ <li>Daniel Dakhno: CVE-2017-0420</li>
+ <li>Copperhead Security의 Daniel Micay: CVE-2017-0410</li>
+ <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>:
+ CVE-2017-0414</li>
+ <li>Chrome의 Frank Liberato: CVE-2017-0409</li>
+ <li>Project Zero의 Gal Beniamini: CVE-2017-0411, CVE-2017-0412</li>
+ <li>Qihoo 360 Technology Co. Ltd.
+ IceSword Lab의 Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>),
+ <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0434, CVE-2017-0446, CVE-2017-0447, CVE-2017-0432</li>
+ <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. Alpha Team의
+ Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>):
+ CVE-2017-0415</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>, <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>,
+ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Xuxian Jiang:
+ CVE-2017-0418</li>
+ <li>Qihoo 360 Technology Co. Ltd. Alpha Team의 Hao Chen, Guang Gong:
+ CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2016-8419, CVE-2016-8420,
+ CVE-2016-8421, CVE-2017-0441, CVE-2017-0442, CVE-2016-8476, CVE-2017-0443</li>
+ <li>Google의 Jeff Sharkey: CVE-2017-0421, CVE-2017-0423</li>
+ <li>Jeff Trim: CVE-2017-0422</li>
+ <li>Qihoo 360
+ IceSword Lab의
+ Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0445</li>
+ <li>LINE Corporation의 ma.la, Nikolay Elenkov: CVE-2016-5552</li>
+ <li>Google의 Max Spector: CVE-2017-0416</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>),
+ Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>),
+ Xuxian Jiang: CVE-2017-0425</li>
+ <li>Tencent KeenLab(腾讯科恩实验室)의
+ Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>),
+ Di Shen(申迪)(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2017-0427</li>
+ <li>IBM X-Force Research의 Sagi Kedmi: CVE-2017-0433</li>
+ <li>Copperhead Security의
+ Scott Bauer(<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>), Daniel Micay: CVE-2017-0405</li>
+ <li>Trend Micro Mobile Threat Research Team의
+ Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2017-0449, CVE-2016-8418</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>,
+ Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>),
+ Xuxian Jiang: CVE-2017-0436, CVE-2016-8481, CVE-2017-0435</li>
+ <li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat
+ Response Team</a>의
+ V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>):
+ CVE-2017-0424</li>
+ <li>Alibaba Inc.의 Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>):
+ CVE-2017-0407</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>, <a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a>,
+ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>),
+ Xuxian Jiang: CVE-2017-0450</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>, Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>),
+ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>),
+ Xuxian Jiang: CVE-2017-0417</li>
+ <li>Ant-financial Light-Year
+ Security Lab의 Wish Wu(<a href="https://twitter.com/wish_wu">@wish_wu</a>)
+ (<a href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼): CVE-2017-0408</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:yaojun8558363@gmail.com">Yao Jun</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>,
+ Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>),
+ Xuxian Jiang: CVE-2016-8480</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>),
+ Xuxian Jiang: CVE-2017-0444</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:segfault5514@gmail.com">Tong Lin</a>,
+ Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>),
+ Xuxian Jiang: CVE-2017-0428</li>
+ <li><a href="http://c0reteam.org">C0RE Team</a>의
+ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:wisedd@gmail.com">Xiaodong Wang</a>,
+ Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>),
+ Xuxian Jiang: CVE-2017-0448, CVE-2017-0429</li>
+ <li><a href="http://www.nsfocus.com">NSFocus</a>의
+ <a href="mailto:zhouzhenster@gmail.com">Zhen Zhou</a>(
+ <a href="https://twitter.com/henices">@henices</a>),
+ <a href="mailto:sundaywind2004@gmail.com">Zhixin Li</a>: CVE-2017-0406</li>
+</ul>
+<p>
+이 게시판 제작에 참여해 주신 다음 연구원분들께도
+감사드립니다.
+</p><ul>
+<li>Baidu X-Lab(百度安全实验室)의 Pengfei Ding(丁鹏飞), Chenfu Bao(包沉浮),
+Lenx Wei(韦韬)</li>
+</ul>
+
+<h2 id="2017-02-01-details">2017-02-01 보안 패치 수준—취약성
+세부정보</h2>
+<p>
+다음 섹션에서는 위의 <a href="#2017-02-01-summary">2017-02-01 보안 패치 수준—
+취약성 요약</a>에 나열된 각 보안 취약성에 관해
+자세히 알아볼 수 있습니다.
+ 여기에는 문제 설명, 심각도 근거 및
+CVE, 관련 참조, 심각도, 업데이트된 Google 기기,
+업데이트된 AOSP 버전(해당하는 경우), 신고된 날짜 등이 포함된 표가 제시됩니다. 가능한 경우
+AOSP 변경사항 목록과 같이 문제를 해결한 공개 변경사항을 버그 ID에
+연결합니다. 하나의 버그와 관련된 변경사항이 여러 개인 경우 추가
+참조가 버그 ID 다음에 오는 번호에 연결되어 있습니다.</p>
+
+
+<h3 id="rce-in-surfaceflinger">Surfaceflinger의 원격 코드 실행
+취약성</h3>
+<p>
+Surfaceflinger의 원격 코드 실행 취약성으로 인해 특별히 제작된 파일을 사용하는
+공격자가 미디어 파일 및 데이터 처리 중에 메모리 손상을 일으킬 수
+있습니다. 이 문제는 Surfaceflinger 프로세스의 컨텍스트 내에서 원격 코드를
+실행할 가능성이 있으므로 심각도 심각으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0405</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979">
+ A-31960359</a></td>
+ <td>심각</td>
+ <td>모두</td>
+ <td>7.0, 7.1.1</td>
+ <td>2016년 10월 4일</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-mediaserver">미디어 서버의
+원격 코드 실행 취약성</h3>
+<p>
+미디어 서버의 원격 코드 실행 취약성으로 인해 특별히 제작된 파일을 사용하는
+공격자가 미디어 파일 및 데이터 처리 중에 메모리 손상을 일으킬 수
+있습니다. 이 문제는 미디어 서버 프로세스 내에서 원격 코드를 실행할 가능성이 있으므로
+심각도 심각으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0406</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575">
+ A-32915871</a>
+[<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td>
+ <td>심각</td>
+ <td>모두</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 14일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0407</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7">
+ A-32873375</a></td>
+ <td>심각</td>
+ <td>모두</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 12일</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libgdx">libgdx의 원격 코드 실행 취약성</h3>
+<p>
+libgdx의 원격 코드 실행 취약성으로 인해 특별히 제작된 파일을 사용하는
+공격자가 권한이 설정되지 않은 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 해당 라이브러리를
+사용하는 애플리케이션에서 원격 코드를 실행할 가능성이 있으므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0408</td>
+ <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b">
+ A-32769670</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>7.1.1</td>
+ <td>2016년 11월 9일</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libstagefright">libstagefright의 원격 코드 실행
+취약성</h3>
+<p>
+libstagefright의 원격 코드 실행 취약성으로 인해 특별히 제작된 파일을 사용하는
+공격자가 권한이 설정되지 않은 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수 있습니다. 이 문제는 해당 라이브러리를 사용하는 애플리케이션에서
+원격 코드를 실행할 가능성이 있으므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0409</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b">
+ A-31999646</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Google 사내용</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-java.net">Java.Net의 권한 승격 취약성</h3>
+<p>
+Java.Net 라이브러리의 권한 승격 취약성으로 인해 악성 웹 콘텐츠가 명시적인
+허가 없이 사용자를 다른 웹사이트로 리디렉션할 수 있습니다. 이 문제는
+사용자의 상호작용을 원격으로 우회할 가능성이 있으므로 심각도 높음으로
+평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-5552</td>
+ <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea">
+ A-31858037</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>7.0, 7.1.1</td>
+ <td>2016년 9월 30일</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-framework-apis">프레임워크 API의 권한 승격
+취약성</h3>
+<p>
+프레임워크 API의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이
+권한이 설정된 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 보통 타사 애플리케이션이 액세스할 수 없는 승격된
+권한으로의 로컬 액세스 권한을 확보하는 데 사용될 수 있으므로 심각도 높음으로
+평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0410</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa">
+ A-31929765</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 10월 2일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0411</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+ A-33042690</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>7.0, 7.1.1</td>
+ <td>2016년 11월 21일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0412</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+ A-33039926</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>7.0, 7.1.1</td>
+ <td>2016년 11월 21일</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-mediaserver">미디어 서버의 권한 승격
+취약성</h3>
+<p>
+미디어 서버의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이
+권한이 설정된 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 보통 타사 애플리케이션이 액세스할 수 없는 승격된
+권한으로의 로컬 액세스 권한을 확보하는 데 사용될 수 있으므로 심각도 높음으로
+평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0415</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34">
+ A-32706020</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 4일</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-audioserver">오디오 서버의 권한 승격
+취약성</h3>
+<p>
+오디오 서버의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이
+권한이 설정된 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 보통 타사 애플리케이션이 액세스할 수 없는 승격된
+권한으로의 로컬 액세스 권한을 확보하는 데 사용될 수 있으므로 심각도 높음으로
+평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0416</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32886609</a>
+ [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Google 사내용</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0417</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32705438</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 7일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0418</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32703959</a>
+[<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 7일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0419</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32220769</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 10월 15일</td>
+ </tr>
+</table>
+
+<h3 id="id-in-aosp-mail">AOSP 메일의 정보 공개 취약성</h3>
+<p>
+AOSP 메일의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+애플리케이션 데이터를 다른 애플리케이션으로부터 분리하는 운영체제 보호를
+우회할 수 있습니다. 이 문제는 애플리케이션이 액세스할 수 없는
+데이터의 액세스 권한을 확보하는 데 사용될 수 있으므로 심각도 높음으로
+평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0420</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909">
+ A-32615212</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 9월 12일</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging">AOSP 메시지의 정보 공개
+취약성</h3>
+<p>
+AOSP 메시지의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+애플리케이션 데이터를 다른 애플리케이션으로부터 분리하는 운영체제 보호를
+우회할 수 있습니다. 이 문제는 애플리케이션이 액세스할 수 없는 데이터의
+액세스 권한을 확보하는 데 사용될 수 있으므로
+심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0413</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e">
+ A-32161610</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 10월 13일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0414</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd">
+ A-32807795</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 10일</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-framework-apis">프레임워크 API의 정보 공개
+취약성</h3>
+<p>
+프레임워크 API의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+애플리케이션 데이터를 다른 애플리케이션으로부터 분리하는 운영체제 보호를
+우회할 수 있습니다. 이 문제는 애플리케이션이 액세스할 수 없는 데이터의
+액세스 권한을 확보하는 데 사용될 수 있으므로 심각도
+높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0421</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336">
+ A-32555637</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Google 사내용</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-bionic-dns">Bionic DNS의 서비스 거부(DoS) 취약성</h3>
+<p>
+Bionic DNS의 서비스 거부 취약성으로 인해 원격 공격자가 특별히 제작된
+네트워크 패킷을 사용하여 기기 지연이나 재부팅을 유발할 수 있습니다.
+이 문제는 원격 서비스 거부를 유발할 가능성이 있으므로 심각도 높음으로 평가됩니다.
+
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0422</td>
+ <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d">
+ A-32322088</a></td>
+ <td>높음</td>
+ <td>모두</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 10월 20일</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-bluetooth">블루투스의 권한 승격
+취약성</h3>
+<p>
+블루투스의 권한 승격 취약성으로 인해 근접한 공격자가
+기기상의 문서에 대한 액세스 권한을 관리할 수 있습니다. 이 문제는
+블루투스 스택에 있는 별도의 취약성을 먼저 악용해야 하므로
+심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0423</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083">
+ A-32612586</a></td>
+ <td>보통</td>
+ <td>모두</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 2일</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging-2">AOSP 메시지의 정보 공개
+취약성</h3>
+<p>
+AOSP 메시지의 정보 공개 취약성으로 인해 특별히 제작된 파일을
+사용하는 원격 공격자가 권한 수준을 벗어난 데이터에 액세스할 수
+있습니다. 이 문제는 사용자 수준 심층 보호를 일반적으로 우회하거나
+권한이 설정된 프로세스의 완화 기술을 악용할 수 있으므로
+심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0424</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc">
+ A-32322450</a></td>
+ <td>보통</td>
+ <td>모두</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 10월 20일</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-audioserver">오디오 서버의 정보 공개
+취약성</h3>
+<p>
+오디오 서버의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+권한 수준을 벗어난 데이터에 액세스할 수 있습니다. 이 문제는
+권한 없이 민감한 데이터에 액세스하는 데 사용될 수
+있으므로 심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0425</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32720785</a></td>
+ <td>보통</td>
+ <td>모두</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2016년 11월 7일</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-filesystem">파일 시스템의 정보 공개
+취약성</h3>
+<p>
+파일 시스템의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+권한 수준을 벗어난 데이터에 액세스할 수 있습니다. 이 문제는
+권한 없이 민감한 데이터에 액세스하는 데 사용될 수
+있으므로 심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>업데이트된 AOSP 버전</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0426</td>
+ <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a">
+ A-32799236</a>
+[<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td>
+ <td>보통</td>
+ <td>모두</td>
+ <td>7.0, 7.1.1</td>
+ <td>Google 사내용</td>
+ </tr>
+</table>
+
+
+<h2 id="2017-02-05-details">2017-02-05 보안 패치 수준—취약성
+세부정보</h2>
+<p>
+다음 섹션에서는 위의
+<a href="#2017-02-05-summary">2017-02-05
+보안 패치 수준— 취약성 요약</a>에 나열된 각 보안 취약성에 관해
+자세히 알아볼 수 있습니다. 여기에는 문제 설명, 심각도 근거 및
+CVE, 관련 참조, 심각도, 업데이트된 Google 기기,
+업데이트된 AOSP 버전(해당하는 경우), 신고된 날짜 등이 포함된 표가 제시됩니다.
+ 가능한 경우
+AOSP 변경사항 목록과 같이 문제를 해결한 공개 변경사항을 버그 ID에
+연결합니다. 하나의 버그와 관련된 변경사항이 여러 개인 경우 추가
+참조가 버그 ID 다음에 오는 번호에 연결되어 있습니다.</p>
+
+
+<h3 id="rce-in-qualcomm-crypto-driver">Qualcomm 암호화 드라이버의
+원격 코드 실행 취약성</h3>
+<p>
+Qualcomm 암호화 드라이버의 원격 코드 실행 취약성으로 인해 원격 공격자가
+커널 컨텍스트 내에서 임의의 코드를 실행할 수 있습니다. 이 문제는 커널 컨텍스트 내에서
+원격 코드를 실행할 가능성이 있으므로
+심각도 심각으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8418</td>
+ <td>A-32652894<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f">
+QC-CR#1077457</a></td>
+ <td>심각</td>
+ <td>없음*</td>
+ <td>2016년 10월 10일</td>
+ </tr>
+</table>
+<p>
+* 지원되는 Android 7.0 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한
+취약성의 영향을 받지 않습니다.
+</p>
+
+
+<h3 id="eop-in-kernel-file-system">커널 파일 시스템의
+권한 승격 취약성</h3>
+<p>
+커널 파일 시스템의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이
+커널 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 영구적인
+로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며,
+기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0427</td>
+ <td>A-31495866*</td>
+ <td>심각</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
+Player, Pixel, Pixel XL</td>
+ <td>2016년 9월 13일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 드라이버의
+권한 승격 취약성</h3>
+<p>
+NVIDIA GPU 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널의 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 영구적인
+로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며,
+기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0428</td>
+ <td>A-32401526*<br>
+ N-CVE-2017-0428</td>
+ <td>심각</td>
+ <td>Nexus 9</td>
+ <td>2016년 10월 25일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0429</td>
+ <td>A-32636619*<br>
+ N-CVE-2017-0429</td>
+ <td>심각</td>
+ <td>Nexus 9</td>
+ <td>2016년 11월 3일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-kernel-networking-subsystem">커널 네트워크
+하위 시스템의 권한 승격 취약성</h3>
+<p>
+커널 네트워크 하위 시스템의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 영구적인
+로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며,
+기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2014-9914</td>
+ <td>A-32882659<br>
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a">
+업스트림 커널</a></td>
+ <td>심각</td>
+ <td>Nexus 6, Nexus Player</td>
+ <td>2016년 11월 9일</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 드라이버의
+권한 승격 취약성</h3>
+<p>
+Broadcom Wi-Fi 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 영구적인
+로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며,
+기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0430</td>
+ <td>A-32838767*<br>
+ B-RB#107459</td>
+ <td>심각</td>
+ <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
+ <td>Google 사내용</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 구성요소의
+취약성</h3>
+<p>
+다음 취약성은 Qualcomm 구성요소에 영향을 주며 Qualcomm AMSS
+2016년 9월 보안 게시판에 자세히 설명되어 있습니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도*</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0431</td>
+ <td>A-32573899**</td>
+ <td>심각</td>
+ <td>없음***</td>
+ <td>Qualcomm 사내용</td>
+ </tr>
+</table>
+<p>
+* 이 취약성의 심각도 등급은 공급업체에서 결정한 것입니다.
+</p>
+<p>
+** 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+<p>
+*** 지원되는 Android 7.0 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한
+취약성의 영향을 받지 않습니다.
+</p>
+
+
+<h3 id="eop-in-mediatek-driver">MediaTek 드라이버의
+권한 승격 취약성</h3>
+<p>
+MediaTek 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만 실행
+가능하므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0432</td>
+ <td>A-28332719*<br>
+ M-ALPS02708925</td>
+ <td>높음</td>
+ <td>없음**</td>
+ <td>2016년 4월 21일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+<p>
+** 지원되는 Android 7.0 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한
+취약성의 영향을 받지 않습니다.
+</p>
+
+
+<h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 터치스크린 드라이버의
+권한 승격 취약성</h3>
+<p>
+Synaptics 터치스크린 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 터치스크린 칩셋의 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행
+가능하므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0433</td>
+ <td>A-31913571*</td>
+ <td>높음</td>
+ <td>Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td>
+ <td>2016년 9월 8일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0434</td>
+ <td>A-33001936*</td>
+ <td>높음</td>
+ <td>Pixel, Pixel XL</td>
+ <td>2016년 11월 18일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm Secure Execution Environment
+Communicator 드라이버의 권한 승격 취약성</h3>
+<p>
+Qualcomm Secure Execution Environment Communicator 드라이브의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 먼저 권한이 설정된
+프로세스에 침투해야만 실행 가능하므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8480</td>
+ <td>A-31804432<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471">
+QC-CR#1086186</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td>
+ <td>높음</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>2016년 9월 28일</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-sound-driver">Qualcomm 사운드 드라이버의
+권한 승격 취약성</h3>
+<p>
+Qualcomm 사운드 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만 실행
+가능하므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8481</td>
+ <td>A-31906415*<br>
+ QC-CR#1078000</td>
+ <td>높음</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>2016년 10월 1일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0435</td>
+ <td>A-31906657*<br>
+ QC-CR#1078000</td>
+ <td>높음</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>2016년 10월 1일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0436</td>
+ <td>A-32624661*<br>
+ QC-CR#1078000</td>
+ <td>높음</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>2016년 11월 2일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 드라이버의
+권한 승격 취약성</h3>
+<p>
+Qualcomm Wi-Fi 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만 실행
+가능하므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0437</td>
+ <td>A-32402310<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 10월 25일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0438</td>
+ <td>A-32402604<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 10월 25일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0439</td>
+ <td>A-32450647<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61">
+QC-CR#1092059</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 10월 25일</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8419</td>
+ <td>A-32454494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488">
+QC-CR#1087209</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 10월 26일</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8420</td>
+ <td>A-32451171<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e">
+QC-CR#1087807</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 10월 26일</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8421</td>
+ <td>A-32451104<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb">
+QC-CR#1087797</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 10월 26일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0440</td>
+ <td>A-33252788<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268">
+QC-CR#1095770</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 11월 11일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0441</td>
+ <td>A-32872662<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684">
+QC-CR#1095009</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 11월 11일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0442</td>
+ <td>A-32871330<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 11월 13일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0443</td>
+ <td>A-32877494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 11월 13일</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8476</td>
+ <td>A-32879283<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799">
+QC-CR#1091940</a></td>
+ <td>높음</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>2016년 11월 14일</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-realtek-sound-driver">Realtek 사운드 드라이버의
+권한 승격 취약성</h3>
+<p>
+Realtek 사운드 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행
+가능하므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0444</td>
+ <td>A-32705232*</td>
+ <td>높음</td>
+ <td>Nexus 9</td>
+ <td>2016년 11월 7일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-htc-touchscreen-driver">HTC 터치스크린 드라이버의
+권한 승격 취약성</h3>
+<p>
+HTC 터치스크린 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널의 컨텍스트 내에서 임의의 코드를
+실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행
+가능하므로 심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0445</td>
+ <td>A-32769717*</td>
+ <td>높음</td>
+ <td>Pixel, Pixel XL</td>
+ <td>2016년 11월 9일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0446</td>
+ <td>A-32917445*</td>
+ <td>높음</td>
+ <td>Pixel, Pixel XL</td>
+ <td>2016년 11월 15일</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0447</td>
+ <td>A-32919560*</td>
+ <td>높음</td>
+ <td>Pixel, Pixel XL</td>
+ <td>2016년 11월 15일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="id-in-nvidia-video-driver">NVIDIA 동영상 드라이버의
+정보 공개 취약성</h3>
+<p>
+NVIDIA 동영상 드라이버의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+권한 수준을 벗어난 데이터에 액세스할 수 있습니다.
+이 문제는 명시적인 사용자 권한 없이 민감한 데이터에 액세스하는 데 사용될 수 있으므로
+심각도 높음으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0448</td>
+ <td>A-32721029*<br>
+ N-CVE-2017-0448</td>
+ <td>높음</td>
+ <td>Nexus 9</td>
+ <td>2016년 11월 7일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi 드라이버의
+권한 승격 취약성</h3>
+<p>
+Broadcom Wi-Fi 드라이버의 권한 승격 취약성으로 인해
+로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만
+실행 가능하며 현재 플랫폼 구성으로 완화할 수 있으므로
+심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0449</td>
+ <td>A-31707909*<br>
+ B-RB#32094</td>
+ <td>보통</td>
+ <td>Nexus 6, Nexus 6P</td>
+ <td>2016년 9월 23일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-audioserver-2">오디오 서버의 권한 승격
+취약성</h3>
+<p>
+오디오 서버의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이
+권한이 설정된 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수
+있습니다. 이 문제는 현재 플랫폼 구성으로 완화할 수 있으므로
+심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0450</td>
+ <td>A-32917432*</td>
+ <td>보통</td>
+ <td>Nexus 9</td>
+ <td>2016년 11월 15일</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="eop-in-kernel-file-system-2">커널 파일 시스템의
+권한 승격 취약성</h3>
+<p>
+커널 파일 시스템의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이
+권한 승격을 차단하는 보호를 우회할 수 있습니다. 이 문제는 사용자 수준
+심층 보호를 일반적으로 우회하거나 완화 기술을 악용할 수 있으므로
+심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-10044</td>
+ <td>A-31711619*</td>
+ <td>보통</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
+Player, Pixel, Pixel XL</td>
+ <td>Google 사내용</td>
+ </tr>
+</table>
+<p>
+* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는
+<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용
+최신 바이너리 드라이버에
+
+포함되어 있습니다.
+</p>
+
+
+<h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm Secure Execution
+Environment Communicator의 정보 공개 취약성</h3>
+<p>
+Qualcomm Secure Execution Environment Communicator의
+정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+권한 수준을 벗어난 데이터에 액세스할 수 있습니다. 이 문제는 먼저
+권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8414</td>
+ <td>A-31704078<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846">
+QC-CR#1076407</a></td>
+ <td>보통</td>
+ <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>2016년 9월 23일</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-sound-driver">Qualcomm 사운드 드라이버의
+정보 공개 취약성</h3>
+<p>
+Qualcomm 사운드 드라이버의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이
+권한 수준을 벗어난 데이터에 액세스할 수 있습니다. 이 문제는 먼저
+권한이 설정된 절차에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>참조</th>
+ <th>심각도</th>
+ <th>업데이트된 Google 기기</th>
+ <th>신고된 날짜</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0451</td>
+ <td>A-31796345<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e">
+QC-CR#1073129</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td>
+ <td>보통</td>
+ <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>2016년 9월 27일</td>
+ </tr>
+</table>
+
+<h2 id="common-questions-and-answers">일반적인 질문 및 답변</h2>
+<p>이 섹션에서는 게시판을 읽은 뒤 제기될 수 있는 일반적인 질문에 답변을 제시합니다.</p>
+<p><strong>1. 내 기기가 업데이트되어 이 문제가 해결되었는지 어떻게 알 수
+있나요?</strong></p>
+<p>기기의 보안 패치 수준을 확인하는 방법을 알아보려면
+<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 및 Nexus 업데이트 일정</a>의
+안내를 읽어 보세요.</p>
+<ul>
+ <li>2017-02-01 보안 패치 수준과 관련된 모든 문제는 2017-02-01
+ 보안 패치 수준 이상에서 해결됩니다.</li>
+ <li>2017-02-05 보안 패치 수준 및 그 이전의 모든 패치 수준과 관련된
+ 모든 문제는 2017-02-05 보안 패치 수준 이상에서 해결됩니다.
+ </li>
+</ul>
+<p>이러한 업데이트를 포함하는 기기 제조업체는 패치 문자열 수준을
+다음과 같이 설정해야 합니다.</p>
+<ul>
+<li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li>
+<li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li>
+</ul>
+
+<p><strong>2 이 게시판에 두 가지 보안 패치 수준이 있는 이유가 무엇인가요?</strong></p>
+
+<p>이 게시판에서는 Android 파트너가 모든 Android 기기에서 유사하게 발생하는
+취약성 문제의 일부를 더욱 빠르고 유연하게 해결하기 위한 두 가지 보안 패치 수준이
+포함되어 있습니다. Android 파트너는 이 게시판에 언급된 문제를 모두 수정하고
+최신 보안 패치 수준을 사용하는 것이 좋습니다.</p>
+<ul>
+ <li>2017년 1월 1일 보안 패치 수준을 사용하는 기기는 이 보안 패치 수준과
+ 관련된 모든 문제와 이전 보안 게시판에서 보고된 모든 문제의 수정사항을
+ 포함해야 합니다.</li>
+ <li>2017년 1월 5일 이후의 보안 패치 수준을 사용하는 기기는
+ 이 보안 게시판과 이전 게시판에 언급된 모든 관련 패치를
+ 포함해야 합니다.</li>
+</ul>
+<p>파트너는 해결하는 모든 문제의 수정사항을 단 한 번의 업데이트에서 번들로 묶는 것이 좋습니다.</p>
+<p><strong>3. 문제별로 영향을 받는 Google 기기는 어떻게 알 수 있나요?</strong></p>
+<p><a href="#2017-02-01-details">2017-02-01</a> 및
+<a href="#2017-02-05-details">2017-02-05</a>
+보안 취약성 세부정보 섹션에 있는 각 테이블의 <em>업데이트된 Google
+기기</em> 열을 확인하면 됩니다. 이 열에는 각 문제와 관련해 업데이트된
+영향 받는 Google 기기의 범위가 표시됩니다. 이 열에는 다음과 같은 옵션이 있습니다.
+</p>
+<ul>
+ <li><strong>모든 Google 기기</strong>: 문제가 모든 Google 기기 및 Pixel 기기에
+ 영향을 미치는 경우, 표의 <em>업데이트된 Google 기기</em> 열에
+ '모두'라고 표시됩니다. '모두'에는 다음과 같은 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">지원되는 기기</a>가
+ 포함됩니다. Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9,
+ Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li>
+ <li><strong>일부 Google 기기</strong>: 문제가 모든 Google 기기에 영향을 미치는 것이
+ 아닌 경우, 영향을 받는 Google 기기가 <em>업데이트된 Google 기기</em> 열에
+ 표시됩니다.</li>
+ <li><strong>Google 기기 해당 없음</strong>: 문제가 Android 7.0을 실행하는 Google 기기에
+ 영향을 미치지 않는 경우, 표의 <em>업데이트된 Google 기기</em> 열에 '없음'이라고
+ 표시됩니다.</li>
+</ul>
+<p><strong>4. 참조 열의 항목이 매핑하는 대상은 무엇인가요?</strong></p>
+<p>취약성 세부정보 표의 <em>참조</em> 열에 있는 항목은 참조 값이 속한
+조직을 나타내는 접두어를 포함할 수 있습니다. 이러한 접두어는
+다음과 같이 매핑됩니다.</p>
+<table>
+ <tr>
+ <th>접두어</th>
+ <th>참조 문서</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Android 버그 ID</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Qualcomm 참조 번호</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>MediaTek 참조 번호</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>NVIDIA 참조 번호</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Broadcom 참조 번호</td>
+ </tr>
+</table>
+
+<h2 id="revisions">수정 내역</h2>
+<ul>
+ <li>2017년 2월 6일 게시판이 게시됨</li>
+ <li>2017년 2월 8일: 게시판이 수정되어 AOSP 링크가 추가됨</li>
+</ul>
diff --git a/src-intl/ru_ALL/security/bulletin/2017-02-01.jd b/src-intl/ru_ALL/security/bulletin/2017-02-01.jd
new file mode 100644
index 0000000..1121685
--- /dev/null
+++ b/src-intl/ru_ALL/security/bulletin/2017-02-01.jd
@@ -0,0 +1,1736 @@
+page.title=Бюллетень по безопасности Android – февраль 2017 г.
+@jd:body
+<!--
+ Copyright 2017 The Android Open Source Project
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<p><em>Опубликовано 6 февраля 2017 г. | Обновлено 8 февраля 2017 г.</em></p>
+<p>
+В этом бюллетене содержится информация об уязвимостях в защите устройств Android. К его выходу мы выпустили автоматическое обновление системы безопасности для устройств Google и опубликовали образы прошивок <a href="https://developers.google.com/android/nexus/images">на сайте для разработчиков</a>. Все актуальные проблемы, перечисленные здесь, устранены в исправлении от 5 февраля 2017 года или более новом. Информацию о том, как проверить обновления системы безопасности, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.
+</p>
+<p>
+Мы сообщили партнерам об уязвимостях 3 января 2017 года или ранее. Исправления уязвимостей доступны в хранилище Android Open Source Project (AOSP).
+В этом бюллетене также приведены ссылки на исправления вне AOSP.
+</p>
+<p>
+Наиболее серьезная из уязвимостей имеет критический уровень и позволяет удаленно выполнять код на пораженном устройстве (например, при работе с электронной почтой, просмотре сайтов в Интернете или обработке медиафайлов MMS).
+</p>
+<p>
+Обнаруженные уязвимости не эксплуатировались. В разделе <a href="#mitigations">Предотвращение атак</a> рассказывается, как <a href="{@docRoot}security/enhancements/index.html">платформа безопасности</a> и средства защиты сервисов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают снизить вероятность атак на Android.
+</p>
+<p>
+Мы рекомендуем всем пользователям установить перечисленные в разделе обновления.
+</p>
+<h2 id="announcements">Объявления</h2>
+<ul>
+<li>Мы включили в этот бюллетень сведения о двух обновлениях, чтобы помочь нашим партнерам как можно скорее устранить уязвимости, затрагивающие все устройства Android. Дополнительную информацию вы найдете в разделе <a href="#common-questions-and-answers">Часто задаваемые вопросы</a>.
+ <ul>
+ <li><strong>2017-02-01</strong>: частичное обновление системы безопасности, в котором исправлены все уязвимости уровня 2017-02-01 и более ранние.</li>
+ <li><strong>2017-02-05</strong>: полное обновление системы безопасности, в котором исправлены все уязвимости уровней 2017-02-01 и 2017-02-05, а также более ранние.</li>
+ </ul>
+</li>
+<li>На поддерживаемые устройства Google будет установлено единое автоматическое обновление системы безопасности от 5 февраля 2017 года.</li>
+</ul>
+<h2 id="security-vulnerability-summary">Перечень уязвимостей</h2>
+<p>
+В таблице ниже перечислены уязвимости, их идентификаторы (CVE) и уровни серьезности, а также указано, затрагивает ли проблема устройства Google. <a href="{@docRoot}security/overview/updates-resources.html#severity">Уровень серьезности</a> зависит от того, какой ущерб будет нанесен устройству при атаке с использованием уязвимости, если средства защиты будут отключены разработчиком или взломаны.
+</p>
+<h3 id="2017-02-01-summary">Перечень уязвимостей (обновление системы безопасности 2017-02-01)</h3>
+<p>
+Перечисленные проблемы должны быть устранены в исправлении от 1 февраля 2017 года или более новом.
+</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>Уязвимость</th>
+ <th>CVE</th>
+ <th>Уровень серьезности</th>
+ <th>Затрагивает устройства Google?</th>
+ </tr>
+ <tr>
+ <td>Удаленное выполнение кода через surfaceflinger</td>
+ <td>CVE-2017-0405</td>
+ <td>Критический</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Удаленное выполнение кода через mediaserver</td>
+ <td>CVE-2017-0406, CVE-2017-0407</td>
+ <td>Критический</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Удаленное выполнение кода через libgdx</td>
+ <td>CVE-2017-0408</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Удаленное выполнение кода через libstagefright</td>
+ <td>CVE-2017-0409</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через Java.Net</td>
+ <td>CVE-2016-5552</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через Framework API</td>
+ <td>CVE-2017-0410, CVE-2017-0411, CVE-2017-0412</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через mediaserver</td>
+ <td>CVE-2017-0415</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через audioserver</td>
+ <td>CVE-2017-0416, CVE-2017-0417, CVE-2017-0418, CVE-2017-0419</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через почтовый клиент AOSP</td>
+ <td>CVE-2017-0420</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через клиент для обмена сообщениями AOSP</td>
+ <td>CVE-2017-0413, CVE-2017-0414</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через Framework API</td>
+ <td>CVE-2017-0421</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Отказ в обслуживании через Bionic DNS</td>
+ <td>CVE-2017-0422</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через Bluetooth</td>
+ <td>CVE-2017-0423</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через клиент для обмена сообщениями AOSP</td>
+ <td>CVE-2017-0424</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через audioserver</td>
+ <td>CVE-2017-0425</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через файловую систему</td>
+ <td>CVE-2017-0426</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+</table>
+<h3 id="2017-02-05-summary">Перечень уязвимостей (обновление системы безопасности 2017-02-05)</h3>
+<p>В исправлении от 5 февраля 2017 года или более новом устранены все проблемы, упомянутые в обновлении 2017-02-01, а также уязвимости, перечисленные ниже.</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>Уязвимость</th>
+ <th>CVE</th>
+ <th>Уровень серьезности</th>
+ <th>Затрагивает устройства Google?</th>
+ </tr>
+ <tr>
+ <td>Удаленное выполнение кода через драйвер шифрования Qualcomm</td>
+ <td>CVE-2016-8418</td>
+ <td>Критический</td>
+ <td>Нет*</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через файловую систему ядра</td>
+ <td>CVE-2017-0427</td>
+ <td>Критический</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через драйвер NVIDIA для графического процессора</td>
+ <td>CVE-2017-0428, CVE-2017-0429</td>
+ <td>Критический</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через сетевую подсистему ядра</td>
+ <td>CVE-2014-9914</td>
+ <td>Критический</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через Wi-Fi-драйвер Broadcom</td>
+ <td>CVE-2017-0430</td>
+ <td>Критический</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Уязвимости в компонентах Qualcomm</td>
+ <td>CVE-2017-0431</td>
+ <td>Критический</td>
+ <td>Нет*</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через драйвер MediaTek</td>
+ <td>CVE-2017-0432</td>
+ <td>Высокий</td>
+ <td>Нет*</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через драйвер сенсорного экрана Synaptics</td>
+ <td>CVE-2017-0433, CVE-2017-0434</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через драйвер Qualcomm для QSEE Communicator</td>
+ <td>CVE-2016-8480</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через аудиодрайвер Qualcomm</td>
+ <td>CVE-2016-8481, CVE-2017-0435, CVE-2017-0436</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через Wi-Fi-драйвер Qualcomm</td>
+ <td>CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421, CVE-2017-0440, CVE-2017-0441, CVE-2017-0442, CVE-2017-0443, CVE-2016-8476</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через аудиодрайвер Realtek</td>
+ <td>CVE-2017-0444</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через драйвер сенсорного экрана HTC</td>
+ <td>CVE-2017-0445, CVE-2017-0446, CVE-2017-0447</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через видеодрайвер NVIDIA</td>
+ <td>CVE-2017-0448</td>
+ <td>Высокий</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через Wi-Fi-драйвер Broadcom</td>
+ <td>CVE-2017-0449</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через audioserver</td>
+ <td>CVE-2017-0450</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Повышение привилегий через файловую систему ядра</td>
+ <td>CVE-2016-10044</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через QSEE Communicator</td>
+ <td>CVE-2016-8414</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+ <tr>
+ <td>Раскрытие информации через аудиодрайвер Qualcomm</td>
+ <td>CVE-2017-0451</td>
+ <td>Средний</td>
+ <td>Да</td>
+ </tr>
+</table>
+
+<p>*Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.0, на которых установлены все доступные обновления.</p>
+
+<h2 id="mitigations">Предотвращение атак</h2>
+<p>Ниже рассказывается, как <a href="{@docRoot}security/enhancements/index.html">платформа безопасности</a> и средства защиты сервисов, например SafetyNet, позволяют снизить вероятность атак на Android.</p>
+<ul>
+ <li>Использование многих уязвимостей затрудняется в новых версиях Android, поэтому мы рекомендуем всем пользователям
+ своевременно обновлять систему.</li>
+ <li>Команда, отвечающая за безопасность Android, активно отслеживает злоупотребления с помощью <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_2015_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Эти сервисы предупреждают пользователя об установке <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоносных приложений</a>. Проверка приложений включена по умолчанию на всех устройствах с <a href="http://www.android.com/gms">мобильными сервисами Google</a>. Она особенно важна, если пользователь устанавливает ПО из сторонних источников. Хотя в Google Play инструменты для рутинга запрещены, они могут встречаться в других магазинах. Если пользователь решает установить такое приложение, проверка предупреждает об этом. Кроме того, она пытается идентифицировать известное вредоносное ПО, использующее уязвимость для повышения привилегий, и блокировать его установку. Если подобное ПО уже есть на устройстве, система уведомит об этом пользователя и попытается удалить приложение.</li>
+ <li>Приложения Google Hangouts и Messenger не передают медиафайлы таким процессам, как mediaserver, автоматически.</li>
+</ul>
+<h2 id="acknowledgements">Благодарности</h2>
+<p>
+Благодарим всех, кто помог обнаружить уязвимости:
+</p>
+<ul>
+ <li>Дэниел Дахно: CVE-2017-0420</li>
+ <li>Дэниел Микей из Copperhead Security: CVE-2017-0410</li>
+ <li><a href="http://www.linkedin.com/in/dzima">Дзмитрий Лукьяненка</a>: CVE-2017-0414</li>
+ <li>Фрэнк Либерато из Chrome: CVE-2017-0409</li>
+ <li>Гэл Бениамини из Project Zero: CVE-2017-0411, CVE-2017-0412</li>
+ <li>Гэнцзя Чэнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2017-0434, CVE-2017-0446, CVE-2017-0447, CVE-2017-0432</li>
+ <li>Гуан Гун (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>) из Alpha Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>.: CVE-2017-0415</li>
+ <li><a href="mailto:arnow117@gmail.com">Ханьсян Вэнь</a>, <a href="mailto:vancouverdou@gmail.com">Вэнькэ Доу</a>, Минцзянь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0418</li>
+ <li>Хао Чэнь и Гуан Гун из Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421, CVE-2017-0441, CVE-2017-0442, CVE-2016-8476, CVE-2017-0443</li>
+ <li>Джефф Шарки из Google: CVE-2017-0421, CVE-2017-0423</li>
+ <li>Джефф Трим: CVE-2017-0422</li>
+ <li>Цзяньцян Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360: CVE-2017-0445</li>
+ <li>ma.la и Николай Еленков из LINE Corporation: CVE-2016-5552</li>
+ <li>Макс Спектор из Google: CVE-2017-0416</li>
+ <li>Минцзянь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Юйци Лу (<a href="https://twitter.com/nikos233__">@nikos233</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0425</li>
+ <li>Цидань Хэ (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) и Ди Шэнь (申迪) (<a href="https://twitter.com/returnsme">@returnsme</a>) из KeenLab, Tencent (腾讯科恩实验室): CVE-2017-0427</li>
+ <li>Саги Кедми из IBM X-Force Research: CVE-2017-0433</li>
+ <li>Скотт Бауэр (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>) и Дэниел Микей из Copperhead Security: CVE-2017-0405</li>
+ <li>Севен Шэнь (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) из команды по изучению угроз для мобильных устройств, Trend Micro: CVE-2017-0449, CVE-2016-8418</li>
+ <li><a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0436, CVE-2016-8481, CVE-2017-0435</li>
+ <li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">команды по изучению угроз для мобильных устройств</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0424</li>
+ <li>Вэйчао Сунь (<a href="https://twitter.com/sunblate">@sunblate</a>) из Alibaba Inc.: CVE-2017-0407</li>
+ <li><a href="mailto:vancouverdou@gmail.com">Вэнькэ Доу</a>, <a href="mailto:hlhan@bupt.edu.cn">Хунли Хань</a>, Минцзянь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0450</li>
+ <li><a href="mailto:vancouverdou@gmail.com">Вэнькэ Доу</a>, Юйци Лу (<a href="https://twitter.com/nikos233__">@nikos233</a>), Минцзянь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0417</li>
+ <li>Виш Ву (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼) из Ant-financial Light-Year Security Lab: CVE-2017-0408</li>
+ <li><a href="mailto:yaojun8558363@gmail.com">Яо Цзюнь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8480</li>
+ <li><a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0444</li>
+ <li><a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, <a href="mailto:segfault5514@gmail.com">Тун Линь</a>, Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0428</li>
+ <li><a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, <a href="mailto:wisedd@gmail.com">Сяодун Ван</a>, Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0448, CVE-2017-0429</li>
+ <li><a href="mailto:zhouzhenster@gmail.com">Чжэнь Чжоу</a> (<a href="https://twitter.com/henices">@henices</a>) и <a href="mailto:sundaywind2004@gmail.com">Чжисинь Ли</a> из <a href="http://www.nsfocus.com">NSFocus</a>: CVE-2017-0406</li>
+</ul>
+<p>
+Также благодарим всех, кто помог в составлении этого бюллетеня:
+</p><ul>
+<li>Пэнфэй Дин (丁鹏飞), Чэньфу Бао (包沉浮), Ленкс Вэй (韦韬) из Baidu X-Lab (百度安全实验室)</li>
+</ul>
+
+<h2 id="2017-02-01-details">Описание уязвимостей (обновление системы безопасности 2017-02-01)</h2>
+<p>
+В этом разделе вы найдете подробную информацию обо всех уязвимостях, обозначенных в разделе <a href="#2017-02-01-summary">Перечень уязвимостей (обновление системы безопасности 2017-02-01)</a>: описание и обоснование серьезности, таблицу с CVE, ссылками, уровнем серьезности, уязвимыми устройствами Google и версиями AOSP (при наличии), а также датой сообщения об ошибке. Где возможно, мы приведем основную ссылку на опубликованное изменение, связанное с идентификатором ошибки (например, список AOSP), и дополнительные ссылки в квадратных скобках.</p>
+
+
+<h3 id="rce-in-surfaceflinger">Удаленное выполнение кода через surfaceflinger</h3>
+<p>
+Уязвимость позволяет злоумышленнику нарушить целостность информации в памяти при обработке медиафайлов и данных в специально созданном файле. Проблеме присвоен критический уровень серьезности из-за возможности удаленного выполнения кода в контексте процесса surfaceflinger.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0405</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979">
+ A-31960359</a></td>
+ <td>Критический</td>
+ <td>Все</td>
+ <td>7.0, 7.1.1</td>
+ <td>4 октября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-mediaserver">Удаленное выполнение кода через mediaserver</h3>
+<p>
+Уязвимость позволяет злоумышленнику нарушить целостность информации в памяти при обработке медиафайлов и данных в специально созданном файле. Проблеме присвоен критический уровень серьезности из-за возможности удаленного выполнения кода в контексте процесса mediaserver.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0406</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575">
+A-32915871</a>
+[<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td>
+ <td>Критический</td>
+ <td>Все</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>14 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0407</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7">
+ A-32873375</a></td>
+ <td>Критический</td>
+ <td>Все</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>12 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libgdx">Удаленное выполнение кода через libgdx</h3>
+<p>
+Уязвимость позволяет злоумышленнику выполнять произвольный код в контексте непривилегированного процесса с помощью специально созданного файла. Проблеме присвоен высокий уровень серьезности из-за возможности удаленного выполнения кода в ПО, которое использует эту библиотеку.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0408</td>
+ <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b">
+ A-32769670</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>7.1.1</td>
+ <td>9 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libstagefright">Удаленное выполнение кода через libstagefright</h3>
+<p>
+Уязвимость позволяет злоумышленнику выполнять произвольный код в контексте непривилегированного процесса с помощью специально созданного файла. Проблеме присвоен высокий уровень серьезности из-за возможности удаленного выполнения кода в ПО, которое использует эту библиотеку.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0409</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b">
+ A-31999646</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Доступно только сотрудникам Google</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-java.net">Повышение привилегий через Java.Net</h3>
+<p>
+Уязвимость позволяет вредоносному веб-контенту несанкционированно перенаправлять пользователя на другой сайт. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость позволяет удаленно обойти требования к взаимодействию с пользователем.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-5552</td>
+ <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea">
+ A-31858037</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>7.0, 7.1.1</td>
+ <td>30 сентября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-framework-apis">Повышение привилегий через Framework API</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте привилегированного процесса. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить привилегии, недоступные сторонним приложениям.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0410</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa">
+ A-31929765</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0411</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+A-33042690</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>7.0, 7.1.1</td>
+ <td>21 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0412</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+A-33039926</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>7.0, 7.1.1</td>
+ <td>21 ноября 2016 г.</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-mediaserver">Повышение привилегий через mediaserver</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте привилегированного процесса. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить привилегии, недоступные сторонним приложениям.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0415</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34">
+ A-32706020</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>4 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-audioserver">Повышение привилегий через audioserver</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте привилегированного процесса. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить привилегии, недоступные сторонним приложениям.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0416</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+A-32886609</a>
+ [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Доступно только сотрудникам Google</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0417</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32705438</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>7 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0418</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+A-32703959</a>
+[<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>7 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0419</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32220769</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>15 октября 2016 г.</td>
+ </tr>
+</table>
+
+<h3 id="id-in-aosp-mail">Раскрытие информации через почтовый клиент AOSP</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО обходить защиту ОС, обеспечивающую раздельное хранение данных приложений. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить несанкционированный доступ к данным.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0420</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909">
+ A-32615212</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>12 сентября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging">Раскрытие информации через клиент для обмена сообщениями AOSP</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО обходить защиту ОС, обеспечивающую раздельное хранение данных приложений. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить несанкционированный доступ к данным.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0413</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e">
+ A-32161610</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>13 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0414</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd">
+ A-32807795</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>10 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-framework-apis">Раскрытие информации через Framework API</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО обходить защиту ОС, обеспечивающую раздельное хранение данных приложений. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить несанкционированный доступ к данным.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0421</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336">
+ A-32555637</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Доступно только сотрудникам Google</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-bionic-dns">Отказ в обслуживании через Bionic DNS</h3>
+<p>
+Уязвимость позволяет злоумышленнику выполнять перезагрузку или вызывать зависание устройства с помощью специально созданного сетевого пакета.
+Проблеме присвоен высокий уровень серьезности, поскольку она приводит к отказу в обслуживании.
+
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0422</td>
+ <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d">
+ A-32322088</a></td>
+ <td>Высокий</td>
+ <td>Все</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>20 октября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-bluetooth">Повышение привилегий через Bluetooth</h3>
+<p>
+Уязвимость позволяет злоумышленнику получить доступ к файлам, хранящимся на устройстве, по протоколу Bluetooth. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует эксплуатации другой уязвимости Bluetooth-стека.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0423</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083">
+ A-32612586</a></td>
+ <td>Средний</td>
+ <td>Все</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>2 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging-2">Раскрытие информации через клиент для обмена сообщениями AOSP</h3>
+<p>
+Уязвимость позволяет злоумышленнику получить несанкционированный доступ к данным с помощью специально созданного файла. Проблеме присвоен средний уровень серьезности, поскольку уязвимость позволяет обойти защиту уровня пользователя и аналогичные технологии защиты.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0424</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc">
+ A-32322450</a></td>
+ <td>Средний</td>
+ <td>Все</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>20 октября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-audioserver">Раскрытие информации через audioserver</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Из-за этого проблеме присвоен средний уровень серьезности.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0425</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32720785</a></td>
+ <td>Средний</td>
+ <td>Все</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>7 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-filesystem">Раскрытие информации через файловую систему</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Из-за этого проблеме присвоен средний уровень серьезности.
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Обновленные версии AOSP</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0426</td>
+ <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a">
+A-32799236</a>
+[<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td>
+ <td>Средний</td>
+ <td>Все</td>
+ <td>7.0, 7.1.1</td>
+ <td>Доступно только сотрудникам Google</td>
+ </tr>
+</table>
+
+
+<h2 id="2017-02-05-details">Описание уязвимостей (обновление системы безопасности 2017-02-05)</h2>
+<p>
+В этом разделе вы найдете подробную информацию обо всех уязвимостях, обозначенных в разделе <a href="#2017-02-05-summary">Перечень уязвимостей (обновление системы безопасности 2017-02-05)</a>: описание и обоснование серьезности, таблицу с CVE, ссылками, уровнем серьезности, уязвимыми устройствами Google и версиями AOSP (при наличии), а также датой сообщения об ошибке. Где возможно, мы приведем основную ссылку на опубликованное изменение, связанное с идентификатором ошибки (например, список AOSP), и дополнительные ссылки в квадратных скобках.</p>
+
+
+<h3 id="rce-in-qualcomm-crypto-driver">Удаленное выполнение кода через драйвер шифрования Qualcomm</h3>
+<p>
+Уязвимость позволяет злоумышленнику выполнять произвольный код в контексте ядра. Из-за этого проблеме присвоен критический уровень серьезности.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8418</td>
+ <td>A-32652894<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f">
+QC-CR#1077457</a></td>
+ <td>Критический</td>
+ <td>Нет*</td>
+ <td>10 октября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.0, на которых установлены все доступные обновления.
+</p>
+
+
+<h3 id="eop-in-kernel-file-system">Повышение привилегий через файловую систему ядра</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0427</td>
+ <td>A-31495866*</td>
+ <td>Критический</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL</td>
+ <td>13 сентября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-nvidia-gpu-driver">Повышение привилегий через драйвер NVIDIA для графического процессора</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0428</td>
+ <td>A-32401526*<br>
+ N-CVE-2017-0428</td>
+ <td>Критический</td>
+ <td>Nexus 9</td>
+ <td>25 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0429</td>
+ <td>A-32636619*<br>
+ N-CVE-2017-0429</td>
+ <td>Критический</td>
+ <td>Nexus 9</td>
+ <td>3 ноября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-kernel-networking-subsystem">Повышение привилегий через сетевую подсистему ядра</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2014-9914</td>
+ <td>A-32882659<br>
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a">
+Upstream kernel</a></td>
+ <td>Критический</td>
+ <td>Nexus 6, Nexus Player</td>
+ <td>9 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver">Повышение привилегий через Wi-Fi-драйвер Broadcom</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0430</td>
+ <td>A-32838767*<br>
+ B-RB#107459</td>
+ <td>Критический</td>
+ <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td>
+ <td>Доступно только сотрудникам Google</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="vulnerabilities-in-qualcomm-components">Уязвимости в компонентах Qualcomm</h3>
+<p>
+Следующие уязвимости затрагивают компоненты Qualcomm и описаны в бюллетенях по безопасности Qualcomm AMSS за сентябрь 2016 года.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности*</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0431</td>
+ <td>A-32573899**</td>
+ <td>Критический</td>
+ <td>Нет***</td>
+ <td>Доступно только сотрудникам Qualcomm</td>
+ </tr>
+</table>
+<p>
+*Уровень серьезности этих уязвимостей определяется непосредственно компанией Qualcomm.
+</p>
+<p>
+**Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+<p>
+***Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.0, на которых установлены все доступные обновления.
+</p>
+
+
+<h3 id="eop-in-mediatek-driver">Повышение привилегий через драйвер MediaTek</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0432</td>
+ <td>A-28332719*<br>
+ M-ALPS02708925</td>
+ <td>Высокий</td>
+ <td>Нет**</td>
+ <td>21 апреля 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+<p>
+**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.0, на которых установлены все доступные обновления.
+</p>
+
+
+<h3 id="eop-in-synaptics-touchscreen-driver">Повышение привилегий через драйвер сенсорного экрана Synaptics</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте чипсета сенсорного экрана. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0433</td>
+ <td>A-31913571*</td>
+ <td>Высокий</td>
+ <td>Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td>
+ <td>8 сентября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0434</td>
+ <td>A-33001936*</td>
+ <td>Высокий</td>
+ <td>Pixel, Pixel XL</td>
+ <td>18 ноября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Повышение привилегий через драйвер Qualcomm для QSEE Communicator</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8480</td>
+ <td>A-31804432<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471">
+QC-CR#1086186</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>28 сентября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-sound-driver">Повышение привилегий через аудиодрайвер Qualcomm</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8481</td>
+ <td>A-31906415*<br>
+ QC-CR#1078000</td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>1 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0435</td>
+ <td>A-31906657*<br>
+ QC-CR#1078000</td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>1 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0436</td>
+ <td>A-32624661*<br>
+ QC-CR#1078000</td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>2 ноября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-qualcomm-wi-fi-driver">Повышение привилегий через Wi-Fi-драйвер Qualcomm</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0437</td>
+ <td>A-32402310<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>25 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0438</td>
+ <td>A-32402604<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>25 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0439</td>
+ <td>A-32450647<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61">
+QC-CR#1092059</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>25 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8419</td>
+ <td>A-32454494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488">
+QC-CR#1087209</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>26 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8420</td>
+ <td>A-32451171<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e">
+QC-CR#1087807</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>26 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8421</td>
+ <td>A-32451104<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb">
+QC-CR#1087797</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>26 октября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0440</td>
+ <td>A-33252788<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268">
+QC-CR#1095770</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>11 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0441</td>
+ <td>A-32872662<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684">
+QC-CR#1095009</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>11 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0442</td>
+ <td>A-32871330<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>13 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0443</td>
+ <td>A-32877494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>13 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8476</td>
+ <td>A-32879283<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799">
+QC-CR#1091940</a></td>
+ <td>Высокий</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>14 ноября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-realtek-sound-driver">Повышение привилегий через аудиодрайвер Realtek</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0444</td>
+ <td>A-32705232*</td>
+ <td>Высокий</td>
+ <td>Nexus 9</td>
+ <td>7 ноября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-htc-touchscreen-driver">Повышение привилегий через драйвер сенсорного экрана HTC</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0445</td>
+ <td>A-32769717*</td>
+ <td>Высокий</td>
+ <td>Pixel, Pixel XL</td>
+ <td>9 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0446</td>
+ <td>A-32917445*</td>
+ <td>Высокий</td>
+ <td>Pixel, Pixel XL</td>
+ <td>15 ноября 2016 г.</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0447</td>
+ <td>A-32919560*</td>
+ <td>Высокий</td>
+ <td>Pixel, Pixel XL</td>
+ <td>15 ноября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="id-in-nvidia-video-driver">Раскрытие информации через видеодрайвер NVIDIA</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным.
+Из-за этого проблеме присвоен высокий уровень серьезности.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0448</td>
+ <td>A-32721029*<br>
+ N-CVE-2017-0448</td>
+ <td>Высокий</td>
+ <td>Nexus 9</td>
+ <td>7 ноября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver-2">Повышение привилегий через Wi-Fi-драйвер Broadcom</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса, а также предотвращается текущими настройками платформы.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0449</td>
+ <td>A-31707909*<br>
+ B-RB#32094</td>
+ <td>Средний</td>
+ <td>Nexus 6, Nexus 6P</td>
+ <td>23 сентября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-audioserver-2">Повышение привилегий через audioserver</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте привилегированного процесса. Проблеме присвоен средний уровень серьезности, поскольку она предотвращается текущими настройками платформы.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0450</td>
+ <td>A-32917432*</td>
+ <td>Средний</td>
+ <td>Nexus 9</td>
+ <td>15 ноября 2016 г.</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="eop-in-kernel-file-system-2">Повышение привилегий через файловую систему ядра</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО обходить системы защиты, которые предотвращают повышение привилегий. Проблеме присвоен средний уровень серьезности, поскольку уязвимость позволяет обойти защиту уровня пользователя и аналогичные технологии защиты.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-10044</td>
+ <td>A-31711619*</td>
+ <td>Средний</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL</td>
+ <td>Доступно только сотрудникам Google</td>
+ </tr>
+</table>
+<p>
+*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.
+</p>
+
+
+<h3 id="id-in-qualcomm-secure-execution-environment-communicator">Раскрытие информации через QSEE Communicator</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8414</td>
+ <td>A-31704078<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846">
+QC-CR#1076407</a></td>
+ <td>Средний</td>
+ <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>23 сентября 2016 г.</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-sound-driver">Раскрытие информации через аудиодрайвер Qualcomm</h3>
+<p>
+Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>Ссылки</th>
+ <th>Уровень серьезности</th>
+ <th>Обновленные устройства Google</th>
+ <th>Дата сообщения об ошибке</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0451</td>
+ <td>A-31796345<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e">
+QC-CR#1073129</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td>
+ <td>Средний</td>
+ <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>27 сентября 2016 г.</td>
+ </tr>
+</table>
+
+<h2 id="common-questions-and-answers">Часто задаваемые вопросы</h2>
+<p>В этом разделе мы отвечаем на вопросы, которые могут возникнуть
+после прочтения бюллетеня.</p>
+<p><strong>1) Как определить, установлено ли на устройство обновление, в котором устранены перечисленные проблемы?</strong></p>
+<p>Информацию о том, как проверить обновления системы безопасности, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p>
+<ul>
+ <li>В исправлении от 1 февраля 2017 года или более новом устранены все проблемы, связанные с обновлением 2017-02-01.</li>
+ <li>В исправлении от 5 февраля 2017 года или более новом устранены все проблемы, связанные с обновлением 2017-02-05.
+ </li>
+</ul>
+<p>Производители устройств, позволяющие установить эти обновления, должны присвоить им один из этих уровней:</p>
+<ul>
+<li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li>
+<li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li>
+</ul>
+
+<p><strong>2. Почему в этом бюллетене говорится о двух обновлениях системы безопасности?</strong></p>
+
+<p>Мы включили в этот бюллетень сведения о двух обновлениях, чтобы помочь нашим партнерам как можно скорее устранить уязвимости, затрагивающие все устройства Android. Рекомендуем партнерам Android исправить все вышеперечисленные проблемы и установить последнее обновление системы безопасности.</p>
+<ul>
+ <li>На устройствах с установленным обновлением от 1 января 2017 года должны быть исправлены все проблемы, упомянутые в соответствующем разделе этого бюллетеня, а также в предыдущих выпусках.</li>
+ <li>На устройствах с установленным обновлением от 5 января 2017 года или более новым должны быть исправлены все проблемы, упомянутые в этом бюллетене и предыдущих выпусках.</li>
+</ul>
+<p>Рекомендуем партнерам объединить все исправления проблем в одно обновление.</p>
+<p><strong>3. Как определить, на каких устройствах Google присутствует уязвимость?</strong></p>
+<p>В каждой таблице разделов с описанием уязвимостей <a href="#2017-02-01-details">2017-02-01</a> и <a href="#2017-02-05-details">2017-02-05</a> есть столбец <em>Обновленные устройства Google</em>. В нем указано, на каких устройствах присутствует уязвимость.
+</p>
+<ul>
+ <li><strong>Все устройства.</strong> Проблема возникает на<em></em> следующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых устройствах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li>
+ <li><strong>Некоторые устройства.</strong> <em></em>Перечислены устройства, на которых присутствует уязвимость.</li>
+ <li><strong>Нет.</strong> Проблема не возникает ни на одном устройстве Google.<em></em></li>
+</ul>
+<p><strong>4. На что указывают записи в столбце "Ссылки"?</strong></p>
+<p>В таблицах с описанием уязвимостей есть столбец <em>Ссылки</em>.
+Каждая запись в нем может содержать префикс, указывающий на
+источник ссылки, а именно:</p>
+<table>
+ <tr>
+ <th>Префикс</th>
+ <th>Значение</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Идентификатор ошибки Android</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Ссылочный номер Qualcomm</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>Ссылочный номер MediaTek</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>Ссылочный номер NVIDIA</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Ссылочный номер Broadcom</td>
+ </tr>
+</table>
+
+<h2 id="revisions">Версии</h2>
+<ul>
+ <li>6 февраля 2017 года. Бюллетень опубликован.</li>
+ <li>8 февраля 2017 года. Добавлены ссылки на AOSP.</li>
+</ul>
diff --git a/src-intl/zh-CN_ALL/security/bulletin/2017-02-01.jd b/src-intl/zh-CN_ALL/security/bulletin/2017-02-01.jd
new file mode 100644
index 0000000..57420de
--- /dev/null
+++ b/src-intl/zh-CN_ALL/security/bulletin/2017-02-01.jd
@@ -0,0 +1,1673 @@
+page.title=Android 安全公告 - 2017 年 2 月
+@jd:body
+<!--
+ Copyright 2017 The Android Open Source Project
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<p><em>发布时间:2017 年 2 月 6 日 | 更新时间:2017 年 2 月 8 日</em></p>
+<p>
+Android 安全公告详细介绍了会影响 Android 设备的安全漏洞。除了公告之外,我们还通过无线下载 (OTA) 方式发布了针对 Google 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上发布了 Google 设备固件映像。2017 年 2 月 5 日(或之后)的安全补丁程序级别均已解决所有这些问题。请参阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 和 Nexus 更新时间表</a>,了解如何检查设备的安全补丁程序级别。
+</p>
+<p>
+我们的合作伙伴在 2017 年 1 月 3 日(或之前)就已收到本公告中说明的这些问题的相关通知。我们已在 Android 开放源代码项目 (AOSP) 代码库中发布了针对相关问题的源代码补丁程序,并在本公告中提供了相应链接。
+本公告还提供了 AOSP 之外的补丁程序的链接。
+</p>
+<p>
+这些问题中危险性最高的是一个严重程度为“严重”的安全漏洞,它可能会导致在处理媒体文件的过程中,可通过电子邮件、网页和彩信等多种方式在受影响的设备上执行远程代码。
+</p>
+<p>
+我们尚未收到用户因这些新报告的问题而遭到主动攻击或这些问题遭到滥用的报告。请参阅 <a href="#mitigations">Android 和 Google 服务缓解措施</a>部分,详细了解 <a href="{@docRoot}security/enhancements/index.html">Android 安全平台防护</a>和服务防护功能(如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能可提高 Android 平台的安全性。
+</p>
+<p>
+我们建议所有用户都在自己的设备上接受这些更新。
+</p>
+<h2 id="announcements">公告</h2>
+<ul>
+<li>本公告有两个安全补丁程序级别字符串,目的是让 Android 合作伙伴能够灵活地、更快速地修复所有 Android 设备上类似的一系列漏洞。如需了解详情,请参阅<a href="#common-questions-and-answers">常见问题和解答</a>:
+ <ul>
+ <li><strong>2017-02-01</strong>:部分安全补丁程序级别字符串。此安全补丁程序级别字符串表明与 2017-02-01(以及之前的所有安全补丁程序级别字符串)相关的所有问题均已得到解决。</li>
+ <li><strong>2017-02-05</strong>:完整的安全补丁程序级别字符串。此安全补丁程序级别字符串表明与 2017-02-01 和 2017-02-05(以及之前的所有安全补丁程序级别字符串)相关的所有问题均已得到解决。</li>
+ </ul>
+</li>
+<li>受支持的 Google 设备将收到一项安全补丁程序级别为 2017 年 2 月 5 日的 OTA 更新。</li>
+</ul>
+<h2 id="security-vulnerability-summary">安全漏洞摘要</h2>
+<p>
+下表列出了安全漏洞、对应的 CVE(通用漏洞和风险识别码)、评估得出的严重程度以及是否会影响 Google 设备。<a href="{@docRoot}security/overview/updates-resources.html#severity">严重程度评估</a>的依据是漏洞被利用后可能会对受影响设备造成的影响大小(假设相关平台和服务缓解措施被成功规避或出于开发目的而被停用)。
+</p>
+<h3 id="2017-02-01-summary">2017-02-01 安全补丁程序级别 - 漏洞摘要</h3>
+<p>
+2017-02-01(或之后)的安全补丁程序级别都必须解决下列问题。
+</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>问题</th>
+ <th>CVE</th>
+ <th>严重程度</th>
+ <th>是否会影响 Google 设备?</th>
+ </tr>
+ <tr>
+ <td>Surfaceflinger 中的远程代码执行漏洞</td>
+ <td>CVE-2017-0405</td>
+ <td>严重</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Mediaserver 中的远程代码执行漏洞</td>
+ <td>CVE-2017-0406、CVE-2017-0407</td>
+ <td>严重</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>libgdx 中的远程代码执行漏洞</td>
+ <td>CVE-2017-0408</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>libstagefright 中的远程代码执行漏洞</td>
+ <td>CVE-2017-0409</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Java.Net 中的提权漏洞</td>
+ <td>CVE-2016-5552</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Framework API 中的提权漏洞</td>
+ <td>CVE-2017-0410、CVE-2017-0411、CVE-2017-0412</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Mediaserver 中的提权漏洞</td>
+ <td>CVE-2017-0415</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Audioserver 中的提权漏洞</td>
+ <td>CVE-2017-0416、CVE-2017-0417、CVE-2017-0418、CVE-2017-0419</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>AOSP 邮件中的信息披露漏洞</td>
+ <td>CVE-2017-0420</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>AOSP 短信中的信息披露漏洞</td>
+ <td>CVE-2017-0413、CVE-2017-0414</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Framework API 中的信息披露漏洞</td>
+ <td>CVE-2017-0421</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Bionic DNS 中的拒绝服务漏洞</td>
+ <td>CVE-2017-0422</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>蓝牙中的提权漏洞</td>
+ <td>CVE-2017-0423</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>AOSP 短信中的信息披露漏洞</td>
+ <td>CVE-2017-0424</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Audioserver 中的信息披露漏洞</td>
+ <td>CVE-2017-0425</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>文件系统中的信息披露漏洞</td>
+ <td>CVE-2017-0426</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+</table>
+<h3 id="2017-02-05-summary">2017-02-05 安全补丁程序级别 - 漏洞摘要</h3>
+<p>2017-02-05(或之后)的安全补丁程序级别都必须解决 2017-02-01 的所有问题以及下列问题。</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>问题</th>
+ <th>CVE</th>
+ <th>严重程度</th>
+ <th>是否会影响 Google 设备?</th>
+ </tr>
+ <tr>
+ <td>Qualcomm 加密驱动程序中的远程代码执行漏洞</td>
+ <td>CVE-2016-8418</td>
+ <td>严重</td>
+ <td>否*</td>
+ </tr>
+ <tr>
+ <td>内核文件系统中的提权漏洞</td>
+ <td>CVE-2017-0427</td>
+ <td>严重</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>NVIDIA GPU 驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0428、CVE-2017-0429</td>
+ <td>严重</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>内核网络子系统中的提权漏洞</td>
+ <td>CVE-2014-9914</td>
+ <td>严重</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Broadcom WLAN 驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0430</td>
+ <td>严重</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 组件中的漏洞</td>
+ <td>CVE-2017-0431</td>
+ <td>严重</td>
+ <td>否*</td>
+ </tr>
+ <tr>
+ <td>MediaTek 驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0432</td>
+ <td>高</td>
+ <td>否*</td>
+ </tr>
+ <tr>
+ <td>Synaptics 触摸屏驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0433、CVE-2017-0434</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 安全执行环境通讯器驱动程序中的提权漏洞</td>
+ <td>CVE-2016-8480</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 声音驱动程序中的提权漏洞</td>
+ <td>CVE-2016-8481、CVE-2017-0435、CVE-2017-0436</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm WLAN 驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0437、CVE-2017-0438、CVE-2017-0439、CVE-2016-8419、CVE-2016-8420、CVE-2016-8421、CVE-2017-0440、CVE-2017-0441、CVE-2017-0442、CVE-2017-0443、CVE-2016-8476</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Realtek 声音驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0444</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>HTC 触摸屏驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0445、CVE-2017-0446、CVE-2017-0447</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>NVIDIA 视频驱动程序中的信息披露漏洞</td>
+ <td>CVE-2017-0448</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Broadcom WLAN 驱动程序中的提权漏洞</td>
+ <td>CVE-2017-0449</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Audioserver 中的提权漏洞</td>
+ <td>CVE-2017-0450</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>内核文件系统中的提权漏洞</td>
+ <td>CVE-2016-10044</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 安全执行环境通讯器中的信息披露漏洞</td>
+ <td>CVE-2016-8414</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 声音驱动程序中的信息披露漏洞</td>
+ <td>CVE-2017-0451</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+</table>
+
+<p>* 搭载 Android 7.0(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p>
+
+<h2 id="mitigations">Android 和 Google 服务缓解措施</h2>
+<p>本部分总结了 <a href="{@docRoot}security/enhancements/index.html">Android 安全平台</a>和服务防护功能(如 SafetyNet)提供的缓解措施。这些功能可降低 Android 上的安全漏洞被成功利用的可能性。</p>
+<ul>
+ <li>新版 Android 平台中的增强功能让攻击者更加难以利用 Android 上存在的许多问题。我们建议所有用户都尽可能更新到最新版 Android。</li>
+ <li>Android 安全团队会积极利用<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">“验证应用”和 SafetyNet</a> 来监控滥用行为,这些功能会在发现<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">可能有害的应用</a>时向用户发出警告。在预装有 <a href="http://www.android.com/gms">Google 移动服务</a>的设备上,“验证应用”在默认情况下处于启用状态。对于安装来自 Google Play 以外的应用的用户来说,这项功能尤为重要。虽然 Google Play 中禁止提供设备 Root 应用,但用户可能会尝试安装 Root 应用,而“验证应用”会在检测到这类应用(无论应用来自何处)时向用户发出警告。另外,“验证应用”会尝试识别并阻止用户安装会利用提权漏洞的已知恶意应用。如果用户已安装此类应用,那么“验证应用”将会通知用户并尝试移除所检测到的应用。</li>
+ <li>由于已做了适当更新,因此 Google 环聊和 Messenger 应用不会自动将媒体内容传递给 mediaserver 这类进程。</li>
+</ul>
+<h2 id="acknowledgements">致谢</h2>
+<p>
+非常感谢以下研究人员做出的贡献:</p>
+<ul>
+ <li>Daniel Dakhno:CVE-2017-0420</li>
+ <li>Copperhead Security 的 Daniel Micay:CVE-2017-0410</li>
+ <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>:CVE-2017-0414</li>
+ <li>Chrome 的 Frank Liberato:CVE-2017-0409</li>
+ <li>Project Zero 的 Gal Beniamini:CVE-2017-0411、CVE-2017-0412</li>
+ <li>奇虎 360 科技有限公司 IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 和 <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-0434、CVE-2017-0446、CVE-2017-0447、CVE-2017-0432</li>
+ <li><a href="http://www.360.com">奇虎 360 科技有限公司</a> Alpha 团队的龚广 (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2017-0415</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>、<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) 和 Xuxian Jiang:CVE-2017-0418</li>
+ <li>奇虎 360 科技有限公司 Alpha 团队的 Hao Chen 和 Guang Gong:CVE-2017-0437、CVE-2017-0438、CVE-2017-0439、CVE-2016-8419、CVE-2016-8420、CVE-2016-8421、CVE-2017-0441、CVE-2017-0442、CVE-2016-8476、CVE-2017-0443</li>
+ <li>Google 的 Jeff Sharkey:CVE-2017-0421、CVE-2017-0423</li>
+ <li>Jeff Trim:CVE-2017-0422</li>
+ <li>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) 和 <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-0445</li>
+ <li>LINE Corporation 的 ma.la 和 Nikolay Elenkov:CVE-2016-5552</li>
+ <li>Google 的 Max Spector:CVE-2017-0416</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)、Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>) 和 Xuxian Jiang:CVE-2017-0425</li>
+ <li>腾讯科恩实验室的何淇丹 (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) 和申迪 (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2017-0427</li>
+ <li>IBM X-Force 研发团队的 Sagi Kedmi:CVE-2017-0433</li>
+ <li>Copperhead Security 的 Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>) 和 Daniel Micay:CVE-2017-0405</li>
+ <li>趋势科技移动威胁研究团队的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0449、CVE-2016-8418</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:segfault5514@gmail.com">Tong Lin</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0436、CVE-2016-8481、CVE-2017-0435</li>
+ <li><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">移动威胁响应团队</a>的 V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0424</li>
+ <li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2017-0407</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、<a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a>、Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) 和 Xuxian Jiang:CVE-2017-0450</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)、Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) 和 Xuxian Jiang:CVE-2017-0417</li>
+ <li>蚂蚁金服巴斯光年安全实验室的<a href="http://www.weibo.com/wishlinux">吴潍浠</a> (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2017-0408</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:yaojun8558363@gmail.com">Yao Jun</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2016-8480</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0444</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、<a href="mailto:segfault5514@gmail.com">Tong Lin</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0428</li>
+ <li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、<a href="mailto:wisedd@gmail.com">Xiaodong Wang</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0448、CVE-2017-0429</li>
+ <li><a href="http://www.nsfocus.com">NSFocus</a> 的 <a href="mailto:zhouzhenster@gmail.com">Zhen Zhou</a> (<a href="https://twitter.com/henices">@henices</a>) 和 <a href="mailto:sundaywind2004@gmail.com">Zhixin Li</a>:CVE-2017-0406</li>
+</ul>
+<p>
+此外,还要感谢以下研究人员对本公告做出的贡献:
+</p><ul>
+<li>百度安全实验室的丁鹏飞、包沉浮和韦韬</li>
+</ul>
+
+<h2 id="2017-02-01-details">2017-02-01 安全补丁程序级别 - 漏洞详情</h2>
+<p>
+我们在下面提供了上述 <a href="#2017-02-01-summary">2017-02-01 安全补丁程序级别 - 漏洞摘要</a>中列出的每个安全漏洞的详细信息。其中包括问题描述、严重程度阐述以及一个包含 CVE、相关参考信息、严重程度、已更新的 Google 设备、已更新的 AOSP 版本(如果适用)及报告日期的表格。在适用的情况下,我们会将 Bug ID 链接到解决问题的公开更改记录(如 AOSP 代码更改列表)。如果某个 Bug 有多条相关的更改记录,我们还通过 Bug ID 后面的数字链接到了更多参考信息。</p>
+
+
+<h3 id="rce-in-surfaceflinger">Surfaceflinger 中的远程代码执行漏洞</h3>
+<p>
+系统在处理媒体文件和数据时,Surfaceflinger 中的远程代码执行漏洞可让攻击者使用特制文件破坏内存。由于该漏洞可用于通过 Surfaceflinger 进程执行远程代码,因此我们将其严重程度评为“严重”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0405</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979">A-31960359</a></td>
+ <td>严重</td>
+ <td>所有</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 10 月 4 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-mediaserver">Mediaserver 中的远程代码执行漏洞</h3>
+<p>
+系统在处理媒体文件和数据时,Mediaserver 中的远程代码执行漏洞可让攻击者使用特制文件破坏内存。由于该漏洞可用于通过 Mediaserver 进程执行远程代码,因此我们将其严重程度评为“严重”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0406</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575">A-32915871</a> [<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td>
+ <td>严重</td>
+ <td>所有</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 14 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0407</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7">A-32873375</a></td>
+ <td>严重</td>
+ <td>所有</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 12 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libgdx">libgdx 中的远程代码执行漏洞</h3>
+<p>
+libgdx 中的远程代码执行漏洞可让攻击者使用特制文件通过非特许进程执行任意代码。由于该漏洞可用于在使用此库的应用中执行远程代码,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0408</td>
+ <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b">A-32769670</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>7.1.1</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libstagefright">libstagefright 中的远程代码执行漏洞</h3>
+<p>
+libstagefright 中的远程代码执行漏洞可让攻击者使用特制文件通过非特许进程执行任意代码。由于该漏洞可用于在使用此库的应用中执行远程代码,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0409</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b">A-31999646</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 内部</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-java.net">Java.Net 中的提权漏洞</h3>
+<p>
+Java.Net 库中的提权漏洞可让恶意网页内容在未获取用户明确许可的情况下将用户重定向到其他网站。由于该漏洞允许远程绕过用户互动要求,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-5552</td>
+ <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea">A-31858037</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 9 月 30 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-framework-apis">Framework API 中的提权漏洞</h3>
+<p>
+Framework API 中的提权漏洞可让本地恶意应用通过特许进程执行任意代码。由于该漏洞可用于获取第三方应用通常无法获取的本地特权,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0410</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa">A-31929765</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 2 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0411</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">A-33042690</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>高</td>
+ <td>所有</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 11 月 21 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0412</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">A-33039926</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>高</td>
+ <td>所有</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 11 月 21 日</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-mediaserver">Mediaserver 中的提权漏洞</h3>
+<p>
+Mediaserver 中的提权漏洞可让本地恶意应用通过特许进程执行任意代码。由于该漏洞可用于获取第三方应用通常无法获取的本地特权,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0415</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34">A-32706020</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 4 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-audioserver">Audioserver 中的提权漏洞</h3>
+<p>
+Audioserver 中的提权漏洞可让本地恶意应用通过特许进程执行任意代码。由于该漏洞可用于获取第三方应用通常无法获取的本地特权,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0416</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">A-32886609</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td>
+ <td>高</td>
+ <td>所有</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 内部</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0417</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">A-32705438</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0418</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">A-32703959</a> [<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td>
+ <td>高</td>
+ <td>所有</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0419</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">A-32220769</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 15 日</td>
+ </tr>
+</table>
+
+<h3 id="id-in-aosp-mail">AOSP 邮件中的信息披露漏洞</h3>
+<p>
+AOSP 邮件中的信息披露漏洞可让本地恶意应用绕过将应用数据与其他应用隔离开的操作系统防护功能。由于该漏洞可用于获取相应应用无法获取的数据,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0420</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909">A-32615212</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 9 月 12 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging">AOSP 短信中的信息披露漏洞</h3>
+<p>
+AOSP 短信中的信息披露漏洞可让本地恶意应用绕过将应用数据与其他应用隔离开的操作系统防护功能。由于该漏洞可用于获取相应应用无法获取的数据,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0413</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e">A-32161610</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0414</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd">A-32807795</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 10 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-framework-apis">Framework API 中的信息披露漏洞</h3>
+<p>
+Framework API 中的信息披露漏洞可让本地恶意应用绕过将应用数据与其他应用隔离开的操作系统防护功能。由于该漏洞可用于获取相应应用无法获取的数据,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0421</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336">A-32555637</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 内部</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-bionic-dns">Bionic DNS 中的拒绝服务漏洞</h3>
+<p>
+Bionic DNS 中的拒绝服务漏洞可让远程攻击者使用特制网络数据包挂起或重启设备。
+由于该漏洞可用于远程发起拒绝服务攻击,因此我们将其严重程度评为“高”。
+
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0422</td>
+ <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d">A-32322088</a></td>
+ <td>高</td>
+ <td>所有</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 20 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-bluetooth">蓝牙中的提权漏洞</h3>
+<p>
+蓝牙中的提权漏洞可让邻近区域内的攻击者管理对设备上文档的访问权限。由于该漏洞的攻击行为必须发生在另一个漏洞攻击行为之后,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0423</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083">A-32612586</a></td>
+ <td>中</td>
+ <td>所有</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 2 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging-2">AOSP 短信中的信息披露漏洞</h3>
+<p>
+AOSP 短信中的信息披露漏洞可让远程攻击者使用特制文件获取超出其权限范围的数据。由于该漏洞允许全面深入地绕过用户级防护或利用特许进程中的缓解技术,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0424</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc">A-32322450</a></td>
+ <td>中</td>
+ <td>所有</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 20 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-audioserver">Audioserver 中的信息披露漏洞</h3>
+<p>
+Audioserver 中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞可用于在未经许可的情况下获取敏感数据,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0425</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">A-32720785</a></td>
+ <td>中</td>
+ <td>所有</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-filesystem">文件系统中的信息披露漏洞</h3>
+<p>
+文件系统中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞可用于在未经许可的情况下获取敏感数据,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>已更新的 AOSP 版本</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0426</td>
+ <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a">A-32799236</a> [<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td>
+ <td>中</td>
+ <td>所有</td>
+ <td>7.0、7.1.1</td>
+ <td>Google 内部</td>
+ </tr>
+</table>
+
+
+<h2 id="2017-02-05-details">2017-02-05 安全补丁程序级别 - 漏洞详情</h2>
+<p>
+我们在下面提供了上述 <a href="#2017-02-05-summary">2017-02-05 安全补丁程序级别 - 漏洞摘要</a>中列出的每个安全漏洞的详细信息。其中包括问题描述、严重程度阐述以及一个包含 CVE、相关参考信息、严重程度、已更新的 Google 设备、已更新的 AOSP 版本(如果适用)及报告日期的表格。在适用的情况下,我们会将 Bug ID 链接到解决问题的公开更改记录(如 AOSP 代码更改列表)。如果某个 Bug 有多条相关的更改记录,我们还通过 Bug ID 后面的数字链接到了更多参考信息。</p>
+
+
+<h3 id="rce-in-qualcomm-crypto-driver">Qualcomm 加密驱动程序中的远程代码执行漏洞</h3>
+<p>
+Qualcomm 加密驱动程序中的远程代码执行漏洞可让远程攻击者通过内核执行任意代码。由于该漏洞可用于通过内核执行远程代码,因此我们将其严重程度评为“严重”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8418</td>
+ <td>A-32652894<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f">QC-CR#1077457</a></td>
+ <td>严重</td>
+ <td>无*</td>
+ <td>2016 年 10 月 10 日</td>
+ </tr>
+</table>
+<p>
+* 搭载 Android 7.0(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。
+</p>
+
+
+<h3 id="eop-in-kernel-file-system">内核文件系统中的提权漏洞</h3>
+<p>
+内核文件系统中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会造成本地设备永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0427</td>
+ <td>A-31495866*</td>
+ <td>严重</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Pixel C、Nexus Player、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 13 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 驱动程序中的提权漏洞</h3>
+<p>
+NVIDIA GPU 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0428</td>
+ <td>A-32401526*<br>N-CVE-2017-0428</td>
+ <td>严重</td>
+ <td>Nexus 9</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0429</td>
+ <td>A-32636619*<br>N-CVE-2017-0429</td>
+ <td>严重</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 3 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-kernel-networking-subsystem">内核网络子系统中的提权漏洞</h3>
+<p>
+内核网络子系统中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2014-9914</td>
+ <td>A-32882659<br>
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a">上游内核</a></td>
+ <td>严重</td>
+ <td>Nexus 6、Nexus Player</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver">Broadcom WLAN 驱动程序中的提权漏洞</h3>
+<p>
+Broadcom WLAN 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0430</td>
+ <td>A-32838767*<br>B-RB#107459</td>
+ <td>严重</td>
+ <td>Nexus 6、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td>
+ <td>Google 内部</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 组件中的漏洞</h3>
+<p>
+下列漏洞会影响 Qualcomm 组件;此外,2016 年 9 月的 Qualcomm AMSS 安全公告也对这些安全漏洞进行了详细说明。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度*</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0431</td>
+ <td>A-32573899**</td>
+ <td>严重</td>
+ <td>无***</td>
+ <td>Qualcomm 内部</td>
+ </tr>
+</table>
+<p>
+* 这些漏洞的严重程度评级由供应商决定。
+</p>
+<p>
+** 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+<p>
+*** 搭载 Android 7.0(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。
+</p>
+
+
+<h3 id="eop-in-mediatek-driver">MediaTek 驱动程序中的提权漏洞</h3>
+<p>
+MediaTek 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0432</td>
+ <td>A-28332719*<br>M-ALPS02708925</td>
+ <td>高</td>
+ <td>无**</td>
+ <td>2016 年 4 月 21 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+<p>
+** 搭载 Android 7.0(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。
+</p>
+
+
+<h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 触摸屏驱动程序中的提权漏洞</h3>
+<p>
+Synaptics 触摸屏驱动程序中的提权漏洞可让本地恶意应用通过触摸屏芯片组执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0433</td>
+ <td>A-31913571*</td>
+ <td>高</td>
+ <td>Nexus 6P、Nexus 9、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 8 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0434</td>
+ <td>A-33001936*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 18 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm 安全执行环境通讯器驱动程序中的提权漏洞</h3>
+<p>
+Qualcomm 安全执行环境通讯器驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8480</td>
+ <td>A-31804432<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471">QC-CR#1086186</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 28 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-sound-driver">Qualcomm 声音驱动程序中的提权漏洞</h3>
+<p>
+Qualcomm 声音驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8481</td>
+ <td>A-31906415*<br>QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 1 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0435</td>
+ <td>A-31906657*<br>QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 1 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0436</td>
+ <td>A-32624661*<br>QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 2 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm WLAN 驱动程序中的提权漏洞</h3>
+<p>
+Qualcomm WLAN 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0437</td>
+ <td>A-32402310<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0438</td>
+ <td>A-32402604<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0439</td>
+ <td>A-32450647<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61">QC-CR#1092059</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8419</td>
+ <td>A-32454494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488">QC-CR#1087209</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8420</td>
+ <td>A-32451171<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e">QC-CR#1087807</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8421</td>
+ <td>A-32451104<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb">QC-CR#1087797</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0440</td>
+ <td>A-33252788<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268">QC-CR#1095770</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 11 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0441</td>
+ <td>A-32872662<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684">QC-CR#1095009</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 11 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0442</td>
+ <td>A-32871330<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0443</td>
+ <td>A-32877494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8476</td>
+ <td>A-32879283<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799">QC-CR#1091940</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 14 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-realtek-sound-driver">Realtek 声音驱动程序中的提权漏洞</h3>
+<p>
+Realtek 声音驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0444</td>
+ <td>A-32705232*</td>
+ <td>高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-htc-touchscreen-driver">HTC 触摸屏驱动程序中的提权漏洞</h3>
+<p>
+HTC 触摸屏驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0445</td>
+ <td>A-32769717*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0446</td>
+ <td>A-32917445*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0447</td>
+ <td>A-32919560*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="id-in-nvidia-video-driver">NVIDIA 视频驱动程序中的信息披露漏洞</h3>
+<p>
+NVIDIA 视频驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞可用于在未经用户明确许可的情况下获取敏感数据,因此我们将其严重程度评为“高”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0448</td>
+ <td>A-32721029*<br>N-CVE-2017-0448</td>
+ <td>高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom WLAN 驱动程序中的提权漏洞</h3>
+<p>
+Broadcom WLAN 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,而且可由当前平台配置缓解,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0449</td>
+ <td>A-31707909*<br>B-RB#32094</td>
+ <td>中</td>
+ <td>Nexus 6、Nexus 6P</td>
+ <td>2016 年 9 月 23 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-audioserver-2">Audioserver 中的提权漏洞</h3>
+<p>
+Audioserver 中的提权漏洞可让本地恶意应用通过特许进程执行任意代码。由于该漏洞可由当前平台配置缓解,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0450</td>
+ <td>A-32917432*</td>
+ <td>中</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="eop-in-kernel-file-system-2">内核文件系统中的提权漏洞</h3>
+<p>
+内核文件系统中的提权漏洞可让本地恶意应用绕过可防止提权的防护功能。由于该漏洞允许全面深入地绕过用户级防护或利用缓解技术,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-10044</td>
+ <td>A-31711619*</td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Pixel C、Nexus Player、Pixel、Pixel XL</td>
+ <td>Google 内部</td>
+ </tr>
+</table>
+<p>
+* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。
+</p>
+
+
+<h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm 安全执行环境通讯器中的信息披露漏洞</h3>
+<p>
+Qualcomm 安全执行环境通讯器中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8414</td>
+ <td>A-31704078<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846">QC-CR#1076407</a></td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 23 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-sound-driver">Qualcomm 声音驱动程序中的信息披露漏洞</h3>
+<p>
+Qualcomm 声音驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>参考信息</th>
+ <th>严重程度</th>
+ <th>已更新的 Google 设备</th>
+ <th>报告日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0451</td>
+ <td>A-31796345<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e">QC-CR#1073129</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 27 日</td>
+ </tr>
+</table>
+
+<h2 id="common-questions-and-answers">常见问题和解答</h2>
+<p>本部分针对阅读本公告后可能产生的常见问题提供了相应的解答。</p>
+<p><strong>1. 如何确定我的设备是否已更新到解决了这些问题的版本?</strong></p>
+<p>要了解如何检查设备的安全补丁程序级别,请阅读 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 和 Nexus 更新时间表</a>中的说明。</p>
+<ul>
+ <li>2017-02-01(或之后)的安全补丁程序级别解决了与 2017-02-01 安全补丁程序级别相关的所有问题。</li>
+ <li>2017-02-05(或之后)的安全补丁程序级别解决了与 2017-02-05 安全补丁程序级别以及之前的所有补丁程序级别相关的所有问题。
+ </li>
+</ul>
+<p>提供这些更新的设备制造商应将补丁程序字符串级别设为:</p>
+<ul>
+<li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li>
+<li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li>
+</ul>
+
+<p><strong>2. 为何此公告有 2 个安全补丁程序级别?</strong></p>
+
+<p>本公告有 2 个安全补丁程序级别,目的是让 Android 合作伙伴能够灵活地、更快速地修复所有 Android 设备上类似的一系列漏洞。我们建议 Android 合作伙伴修复本公告中的所有问题并使用最新的安全补丁程序级别。</p>
+<ul>
+ <li>使用 2017 年 1 月 1 日安全补丁程序级别的设备必须包含该安全补丁程序级别对应的所有问题的修复方案,以及针对之前的安全公告中报告的所有问题的修复方案。</li>
+ <li>使用 2017 年 1 月 5 日或更新的安全补丁程序级别的设备必须包含此(以及之前的)安全公告中的所有适用补丁程序。</li>
+</ul>
+<p>我们建议合作伙伴在一次更新中汇总要解决的所有问题的修复方案。</p>
+<p><strong>3. 如何确定各个问题都会影响哪些 Google 设备?</strong></p>
+<p>在 <a href="#2017-02-01-details">2017-02-01</a> 和 <a href="#2017-02-05-details">2017-02-05</a> 安全漏洞详情部分,每个表均包含“已更新的 Google 设备”列,其中列出了已针对每个问题更新过的受影响的 Google 设备系列。<em></em>此列有以下几种情形:
+</p>
+<ul>
+ <li><strong>所有 Google 设备</strong>:如果某个问题会影响所有 Nexus 和 Pixel 设备,则相应表的“已更新的 Google 设备”列中会显示“所有”。<em></em>“所有”包含下列<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">受支持的设备</a>:Nexus 5X、Nexus 6、Nexus 6P、Nexus 7 (2013)、Nexus 9、Android One、Nexus Player、Pixel C、Pixel 和 Pixel XL。</li>
+ <li><strong>部分 Google 设备</strong>:如果某个问题仅会影响部分 Google 设备,则“已更新的 Google 设备”列中会列出受影响的 Google 设备。<em></em></li>
+ <li><strong>无 Google 设备</strong>:如果某个问题不会影响任何运行 Android 7.0 的 Google 设备,则相应表的“已更新的 Google 设备”列中会显示“无”。<em></em></li>
+</ul>
+<p><strong>4. “参考信息”列中的条目对应的是什么内容?</strong></p>
+<p>漏洞详情表的“参考信息”列中的条目可能包含用于标识参考值所属组织的前缀。<em></em>这些前缀的含义如下:</p>
+<table>
+ <tr>
+ <th>前缀</th>
+ <th>参考信息</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Android Bug ID</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Qualcomm 参考编号</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>MediaTek 参考编号</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>NVIDIA 参考编号</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Broadcom 参考编号</td>
+ </tr>
+</table>
+
+<h2 id="revisions">修订版本</h2>
+<ul>
+ <li>2017 年 2 月 6 日:发布了本公告。</li>
+ <li>2017 年 2 月 8 日:修订了本公告,添加了 AOSP 链接。</li>
+</ul>
diff --git a/src-intl/zh-TW_ALL/security/bulletin/2017-02-01.jd b/src-intl/zh-TW_ALL/security/bulletin/2017-02-01.jd
new file mode 100644
index 0000000..a025303
--- /dev/null
+++ b/src-intl/zh-TW_ALL/security/bulletin/2017-02-01.jd
@@ -0,0 +1,1706 @@
+page.title=Android 安全性公告 — 2017 年 2 月
+@jd:body
+<!--
+ Copyright 2017 The Android Open Source Project
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<p><em>發佈日期:2017 年 2 月 6 日 | 更新日期:2017 年 2 月 8 日</em></p>
+<p>Android 安全性公告羅列了會對 Android 裝置造成影響的安全性漏洞,並說明各項相關細節。在這篇公告發佈的同時,Google 已透過 OTA 更新機制發佈了 Google 裝置的安全性更新。此外,Google 韌體映像檔也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2017 年 2 月 5 日之後的安全修補等級已解決了這些已提及的所有問題。要瞭解如何查看裝置的安全修補等級,請參閱 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>。
+</p>
+<p>
+我們的合作夥伴在 2017 年 1 月 3 日當天或更早之前已收到公告中所述問題的相關通知。這些問題的原始碼修補程式已發佈到 Android 開放原始碼計劃 (AOSP) 存放區中,且公告中亦提供相關連結。此外,本公告也提供 AOSP 以外的修補程式連結。
+</p>
+<p>在這些問題中,最嚴重的就是「最高」等級的安全性漏洞。當系統執行媒體檔案時,遠端程式碼可利用這類漏洞,透過電子郵件、網頁瀏覽活動和多媒體訊息等方法,自動在受影響的裝置上執行。
+</p>
+<p>針對這些新發現的漏洞,我們目前尚未收到任何客戶回報相關的漏洞濫用案例。如果您想進一步瞭解 <a href="{@docRoot}security/enhancements/index.html">Android 安全性平台防護措施</a>和服務防護措施 (例如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) 如何加強 Android 平台的安全性,請參閱 <a href="#mitigations">Android 和 Google 服務因應措施</a>一節。
+</p>
+<p>我們建議所有客戶接受這些裝置更新。
+</p>
+<h2 id="announcements">公告</h2>
+<ul>
+<li>本公告有兩個安全修補等級字串,讓 Android 合作夥伴能夠靈活運用,以快速修正某些發生在所有 Android 裝置上的類似漏洞。如需查詢其他相關資訊,請參閱<a href="#common-questions-and-answers">常見問題與解答</a>:
+ <ul>
+ <li><strong>2017-02-01</strong>:部分安全修補等級字串。這個安全修補等級字串表示所有與 2017-02-01 相關的問題 (以及所有先前的安全修補等級字串) 都已獲得解決。</li>
+ <li><strong>2017-02-05</strong>:完整安全修補等級字串。這個安全修補等級字串表示所有與 2017-02-01 和 2017-02-05 相關的問題 (以及所有先前的安全修補等級字串) 都已獲得解決。</li>
+ </ul>
+</li>
+<li>支援的 Google 裝置會收到一項 OTA 更新,安全修補等級為 2017 年 2 月 5 日。</li>
+</ul>
+<h2 id="security-vulnerability-summary">安全性漏洞摘要</h2>
+<p>
+下表列出各項安全性漏洞、常見弱點與漏洞 ID (CVE)、評定的嚴重程度及 Google 裝置是否會受到影響。<a href="{@docRoot}security/overview/updates-resources.html#severity">嚴重程度評定標準</a>是假設平台與服務的因應防護措施基於開發作業的需求而被停用,或是遭到有心人士破解,然後推算當有人惡意運用漏洞時,裝置會受到多大的影響,據此評定漏洞的嚴重程度。
+</p>
+<h3 id="2017-02-01-summary">2017-02-01 安全修補等級 — 資安漏洞摘要</h3>
+<p>
+2017-02-01 之後的安全修補等級必須解決下列問題。
+</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>問題</th>
+ <th>CVE</th>
+ <th>嚴重程度</th>
+ <th>是否影響 Google 裝置?</th>
+ </tr>
+ <tr>
+ <td>Surfaceflinger 中的遠端程式碼執行漏洞</td>
+ <td>CVE-2017-0405</td>
+ <td>最高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>媒體伺服器中的遠端程式碼執行漏洞</td>
+ <td>CVE-2017-0406、CVE-2017-0407</td>
+ <td>最高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>libgdx 中的遠端程式碼執行漏洞</td>
+ <td>CVE-2017-0408</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>libstagefright 中的遠端程式碼執行漏洞</td>
+ <td>CVE-2017-0409</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Java.Net 中的權限升級漏洞</td>
+ <td>CVE-2016-5552</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Framework API 中的權限升級漏洞</td>
+ <td>CVE-2017-0410、CVE-2017-0411、CVE-2017-0412</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>媒體伺服器中的權限升級漏洞</td>
+ <td>CVE-2017-0415</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>音訊伺服器中的權限升級漏洞</td>
+ <td>CVE-2017-0416、CVE-2017-0417、CVE-2017-0418、CVE-2017-0419</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>AOSP Mail 中的資訊外洩漏洞</td>
+ <td>CVE-2017-0420</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>AOSP Messaging 中的資訊外洩漏洞</td>
+ <td>CVE-2017-0413、CVE-2017-0414</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Framework API 中的資訊外洩漏洞</td>
+ <td>CVE-2017-0421</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Bionic DNS 中的拒絕服務漏洞</td>
+ <td>CVE-2017-0422</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>藍牙中的權限升級漏洞</td>
+ <td>CVE-2017-0423</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>AOSP Messaging 中的資訊外洩漏洞</td>
+ <td>CVE-2017-0424</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>音訊伺服器中的資訊外洩漏洞</td>
+ <td>CVE-2017-0425</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>檔案系統中的資訊外洩漏洞</td>
+ <td>CVE-2017-0426</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+</table>
+<h3 id="2017-02-05-summary">2017-02-05 安全修補等級 — 資安漏洞摘要</h3>
+<p>2017-02-05 以後的安全修補等級必須解決 2017-02-01 的所有問題以及下列問題。</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>問題</th>
+ <th>CVE</th>
+ <th>嚴重程度</th>
+ <th>是否影響 Google 裝置?</th>
+ </tr>
+ <tr>
+ <td>Qualcomm 加密驅動程式中的遠端程式碼執行漏洞</td>
+ <td>CVE-2016-8418</td>
+ <td>最高</td>
+ <td>否*</td>
+ </tr>
+ <tr>
+ <td>核心檔案系統中的權限升級漏洞</td>
+ <td>CVE-2017-0427</td>
+ <td>最高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>NVIDIA GPU 驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0428、CVE-2017-0429</td>
+ <td>最高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>核心網路子系統中的權限升級漏洞</td>
+ <td>CVE-2014-9914</td>
+ <td>最高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Broadcom Wi-Fi 驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0430</td>
+ <td>最高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 元件中的漏洞</td>
+ <td>CVE-2017-0431</td>
+ <td>最高</td>
+ <td>否*</td>
+ </tr>
+ <tr>
+ <td>MediaTek 驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0432</td>
+ <td>高</td>
+ <td>否*</td>
+ </tr>
+ <tr>
+ <td>Synaptics 觸控螢幕驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0433、CVE-2017-0434</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 安全執行環境通訊工具驅動程式中的權限升級漏洞</td>
+ <td>CVE-2016-8480</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 音效驅動程式中的權限升級漏洞</td>
+ <td>CVE-2016-8481、CVE-2017-0435、CVE-2017-0436</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm Wi-Fi 驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0437、CVE-2017-0438、CVE-2017-0439、CVE-2016-8419、CVE-2016-8420、CVE-2016-8421、CVE-2017-0440、CVE-2017-0441、CVE-2017-0442、CVE-2017-0443、CVE-2016-8476</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Realtek 音效驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0444</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>HTC 觸控螢幕驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0445、CVE-2017-0446、CVE-2017-0447</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>NVIDIA 視訊驅動程式中的資訊外洩漏洞</td>
+ <td>CVE-2017-0448</td>
+ <td>高</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Broadcom Wi-Fi 驅動程式中的權限升級漏洞</td>
+ <td>CVE-2017-0449</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>音訊伺服器中的權限升級漏洞</td>
+ <td>CVE-2017-0450</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>核心檔案系統中的權限升級漏洞</td>
+ <td>CVE-2016-10044</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 安全執行環境通訊工具中的資訊外洩漏洞</td>
+ <td>CVE-2016-8414</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+ <tr>
+ <td>Qualcomm 音效驅動程式中的資訊外洩漏洞</td>
+ <td>CVE-2017-0451</td>
+ <td>中</td>
+ <td>是</td>
+ </tr>
+</table>
+
+<p>* 如果是搭載 Android 7.0 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p>
+
+<h2 id="mitigations">Android 和 Google 服務問題因應措施</h2>
+<p>本節概述 <a href="{@docRoot}security/enhancements/index.html">Android 安全性平台</a>和 SafetyNet 等服務防護方案針對資安漏洞所提供的因應措施。這些措施可有效防範有心人士在 Android 系統上惡意運用安全性漏洞來達到特定目的。</p>
+<ul>
+ <li>由於 Android 平台藉由持續更新升級來強化安全性,因此有心人士越來越難找出 Android 系統的漏洞加以利用。我們建議所有使用者盡可能更新至最新版的 Android。</li>
+ <li>Android 安全性小組採用<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">「驗證應用程式」和 SafetyNet</a> 主動監控濫用情形;這些功能的用途是在發現<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">可能有害的應用程式</a>時警告使用者。「驗證應用程式」在搭載 <a href="http://www.android.com/gms">Google 行動服務</a>的裝置上都會預設啟用,且對於要從 Google Play 以外來源安裝應用程式的使用者來說格外重要。Google Play 禁止發佈任何可用於獲取裝置 Root 權限的工具,但「驗證應用程式」會在使用者嘗試安裝已偵測到的 Root 權限獲取應用程式 (無論其來源為何) 時發出警告。此外,「驗證應用程式」會設法找出已知會利用權限升級漏洞的惡意應用程式,並封鎖這類應用程式的安裝作業。如果使用者已安裝這類應用程式,「驗證應用程式」會通知使用者並嘗試移除偵測到的應用程式。</li>
+ <li>在適用情況下,Google Hangouts 和 Messenger 應用程式不會自動將媒體內容傳送給媒體伺服器這類的處理程序。</li>
+</ul>
+<h2 id="acknowledgements">特別銘謝</h2>
+<p>感謝以下研究人員做出的貢獻:
+</p>
+<ul>
+ <li>Daniel Dakhno:CVE-2017-0420</li>
+ <li>Copperhead Security 的 Daniel Micay:CVE-2017-0410</li>
+ <li><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a>:CVE-2017-0414</li>
+ <li>Google Chrome 成員 Frank Liberato:CVE-2017-0409</li>
+ <li>Google Project Zero 成員 Gal Beniamini:CVE-2017-0411、CVE-2017-0412</li>
+ <li>奇虎 360 IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 和 <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-0434、CVE-2017-0446、CVE-2017-0447、CVE-2017-0432</li>
+ <li><a href="http://www.360.com">奇虎 360 科技有限公司</a> Alpha 小組的 Guang Gong (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2017-0415</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>、<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) 和 Xuxian Jiang:CVE-2017-0418</li>
+ <li>奇虎 360 科技有限公司 Alpha 小組的 Hao Chen 和 Guang Gong:CVE-2017-0437、CVE-2017-0438、CVE-2017-0439、CVE-2016-8419、CVE-2016-8420、CVE-2016-8421、CVE-2017-0441、CVE-2017-0442、CVE-2016-8476、CVE-2017-0443</li>
+ <li>Google 的 Jeff Sharkey:CVE-2017-0421、CVE-2017-0423</li>
+ <li>Jeff Trim:CVE-2017-0422</li>
+ <li>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) 和 <a href="http://weibo.com/jfpan ">pjf</a>:CVE-2017-0445</li>
+ <li>LINE Corporation 的 ma.la 和 Nikolay Elenkov:CVE-2016-5552</li>
+ <li>Google 的 Max Spector:CVE-2017-0416</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)、Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>) 和 Xuxian Jiang:CVE-2017-0425</li>
+ <li>騰訊科恩實驗室的 Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) 和 Di Shen (申迪) (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2017-0427</li>
+ <li>IBM X-Force Research 的 Sagi Kedmi:CVE-2017-0433</li>
+ <li>Copperhead Security 的 Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>) 和 Daniel Micay:CVE-2017-0405</li>
+ <li>趨勢科技行動威脅研究小組成員 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0449、CVE-2016-8418</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:segfault5514@gmail.com">Tong Lin</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0436、CVE-2016-8481、CVE-2017-0435</li>
+ <li><a href="http://www.trendmicro.com">趨勢科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">行動威脅研究小組成員</a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0424</li>
+ <li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2017-0407</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、<a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a>、Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) 和 Xuxian Jiang:CVE-2017-0450</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>、Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)、Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) 和 Xuxian Jiang:CVE-2017-0417</li>
+ <li>螞蟻金服光年安全實驗室 Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼):CVE-2017-0408</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:yaojun8558363@gmail.com">Yao Jun</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2016-8480</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0444</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員<a href="mailto:computernik@gmail.com"> Yuan-Tsung Lo</a>、<a href="mailto:segfault5514@gmail.com">Tong Lin</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0428</li>
+ <li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、<a href="mailto:wisedd@gmail.com">Xiaodong Wang</a>、Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) 和 Xuxian Jiang:CVE-2017-0448、CVE-2017-0429</li>
+ <li><a href="http://www.nsfocus.com">綠盟科技</a>的 <a href="mailto:zhouzhenster@gmail.com">Zhen Zhou</a> (<a href="https://twitter.com/henices">@henices</a>) 和 <a href="mailto:sundaywind2004@gmail.com">Zhixin Li</a>:CVE-2017-0406</li>
+</ul>
+<p>
+另外感謝以下人員對本公告相關問題做出的貢獻:</p><ul>
+<li>百度安全實驗室的 Pengfei Ding (丁鹏飞)、Chenfu Bao (包沉浮) 和 Lenx Wei (韦韬)</li>
+</ul>
+
+<h2 id="2017-02-01-details">2017-02-01 安全修補等級 — 資安漏洞詳情</h2>
+<p>
+下列各節針對上方 <a href="#2017-02-01-summary">2017-02-01 安全修補等級 — 資安漏洞摘要</a>中列出的各項安全性漏洞提供了詳細資訊,包括問題說明、嚴重程度評定原因,以及一份漏洞資訊表,顯示漏洞的 CVE、相關參考資料、嚴重程度、更新的 Google 裝置、更新的 AOSP 版本 (在適用情況下) 和回報日期。假如相關錯誤有公開變更,該錯誤 ID 會連結到相對應的變更 (例如 AOSP 變更清單)。如果單一錯誤有多項相關變更,其他參考資料可透過該錯誤 ID 後面的編號連結開啟。</p>
+
+
+<h3 id="rce-in-surfaceflinger">Surfaceflinger 中的遠端程式碼執行漏洞</h3>
+<p>在媒體檔案和資料的處理期間,Surfaceflinger 中的遠端程式碼執行漏洞可能會讓攻擊者能利用特製檔案造成記憶體出錯。由於這個問題可能會讓遠端程式碼在 Surfaceflinger 程序環境內執行,因此嚴重程度被評定為「最高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0405</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/16110b86db164e8d2b6864fed58f0385fe7d0979">
+ A-31960359</a></td>
+ <td>最高</td>
+ <td>全部</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 10 月 4 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-mediaserver">媒體伺服器中的遠端程式碼執行漏洞</h3>
+<p>在媒體檔案和資料的處理期間,媒體伺服器中的遠端程式碼執行漏洞可能會讓攻擊者能利用特製檔案造成記憶體出錯。由於這個問題可能會讓遠端程式碼在媒體伺服器程序環境內執行,因此嚴重程度被評定為「最高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0406</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/fed702734d86801cc86b4865a57e2f2028c4b575">
+ A-32915871</a>
+[<a href="https://android.googlesource.com/platform/external/libhevc/+/df7b56457184600e3d2b7cbac87ebe7001f7cb48">2</a>]</td>
+ <td>最高</td>
+ <td>全部</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 14 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0407</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/7546c106004910a4583b2d7d03c6498ecf383da7">
+ A-32873375</a></td>
+ <td>最高</td>
+ <td>全部</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 12 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libgdx">libgdx 中的遠端程式碼執行漏洞</h3>
+<p>
+libgdx 中的遠端程式碼執行漏洞可能會讓攻擊者能利用特製檔案在未獲授權程序的環境中執行任何指令。由於這個問題可能會讓遠端程式碼在使用這個程式庫的應用程式中執行,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0408</td>
+ <td><a href="https://android.googlesource.com/platform/external/libgdx/+/e6da772e70c9754966aabf4ddac73bb99eb1742b">
+ A-32769670</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>7.1.1</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libstagefright">libstagefright 中的遠端程式碼執行漏洞</h3>
+<p>
+libstagefright 中的遠端程式碼執行漏洞可能會讓攻擊者能利用特製檔案在未獲授權程序的環境中執行任何指令。由於這個問題可能會讓遠端程式碼在使用這個程式庫的應用程式中執行,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0409</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/72886b6964f6539908c8e127cd13c3091d2e5a8b">
+ A-31999646</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 內部</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-java.net">Java.Net 中的權限升級漏洞</h3>
+<p>
+Java.Net 程式庫中的權限升級漏洞可能會讓惡意網頁內容在未經許可的情況下,將使用者重新導向至另一個網站。由於這個問題可能會讓有心人士從遠端規避使用者互動要求,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-5552</td>
+ <td><a href="https://android.googlesource.com/platform/libcore/+/4b3f2c6c5b84f80fae8eeeb46727811e055715ea">
+ A-31858037</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 9 月 30 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-framework-apis">Framework API 中的權限升級漏洞</h3>
+<p>
+Framework API 中的權限升級漏洞可能會讓本機惡意應用程式在獲得授權的程序環境內執行任何指令。由於這個問題可用於取得某些進階功能的本機存取權,第三方應用程式通常無法存取這類功能,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0410</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/b4d6b292bce7d82c93fd454078dedf5a1302b9fa">
+ A-31929765</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 2 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0411</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+ A-33042690</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>高</td>
+ <td>全部</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 11 月 21 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0412</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/203725e4d58e16334d84998c1483c374f541ed9f">
+ A-33039926</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/31a06019d13d7b00ca35fc8512191c643acb8e84">2</a>]</td>
+ <td>高</td>
+ <td>全部</td>
+ <td>7.0、7.1.1</td>
+ <td>2016 年 11 月 21 日</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-mediaserver">媒體伺服器中的權限升級漏洞</h3>
+<p>
+媒體伺服器中的權限升級漏洞可能會讓本機惡意應用程式在獲得授權的程序環境內執行任何指令。由於這個問題可用於取得某些進階功能的本機存取權,第三方應用程式通常無法存取這類功能,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0415</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/native/+/2e16d5fac149dab3c3e8f1b2ca89f45cf55a7b34">
+ A-32706020</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 4 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-audioserver">音訊伺服器中的權限升級漏洞</h3>
+<p>音訊伺服器中的權限升級漏洞可能會讓本機惡意應用程式在獲得授權的程序環境內執行任何指令。由於這個問題可用於取得某些進階功能的本機存取權,第三方應用程式通常無法存取這類功能,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0416</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32886609</a>
+ [<a href="https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe">2</a>]</td>
+ <td>高</td>
+ <td>全部</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 內部</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0417</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32705438</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0418</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/b0bcddb44d992e74140a3f5eedc7177977ea8e34">
+ A-32703959</a>
+[<a href="https://android.googlesource.com/platform/hardware/libhardware/+/534098cb29e1e4151ba2ed83d6a911d0b6f48522">2</a>]</td>
+ <td>高</td>
+ <td>全部</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0419</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32220769</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 15 日</td>
+ </tr>
+</table>
+
+<h3 id="id-in-aosp-mail">AOSP Mail 中的資訊外洩漏洞</h3>
+<p>
+AOSP Mail 中的資訊外洩漏洞可能會讓本機惡意應用程式規避作業系統為了將應用程式資料與其他應用程式隔離而採取的防護措施。由於這個問題可用於取得某個應用程式無法存取的資料,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0420</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/2073799a165e6aa15117f8ad76bb0c7618b13909">
+ A-32615212</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 9 月 12 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging">AOSP Messaging 中的資訊外洩漏洞</h3>
+<p>
+AOSP Messaging 中的資訊外洩漏洞可能會讓本機惡意應用程式規避作業系統為了將應用程式資料與其他應用程式隔離而採取的防護措施。由於這個問題可用於取得某個應用程式無法存取的資料,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0413</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/74059eb379ea07b9c7f46bf2112a60de8e4cfc8e">
+ A-32161610</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0414</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/30ab77f42d20c33c0aa9e6ffd2b164d096db32dd">
+ A-32807795</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 10 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-framework-apis">Framework API 中的資訊外洩漏洞</h3>
+<p>
+Framework API 中的資訊外洩漏洞可能會讓本機惡意應用程式規避作業系統為了將應用程式資料與其他應用程式隔離而採取的防護措施。由於這個問題可用於取得某個應用程式無法存取的資料,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0421</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/858064e946dc8dbf76bff9387e847e211703e336">
+ A-32555637</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>Google 內部</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-bionic-dns">Bionic DNS 中的拒絕服務漏洞</h3>
+<p>
+Bionic DNS 中的拒絕服務漏洞可能會讓遠端攻擊者能利用特製網路封包造成裝置停止運作或重新開機。由於這個問題可能會造成遠端拒絕服務,因此嚴重程度被評定為「高」。
+
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0422</td>
+ <td><a href="https://android.googlesource.com/platform/bionic/+/dba3df609436d7697305735818f0a840a49f1a0d">
+ A-32322088</a></td>
+ <td>高</td>
+ <td>全部</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 20 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-bluetooth">藍牙中的權限升級漏洞</h3>
+<p>
+藍牙中的權限升級漏洞可能會讓鄰近的攻擊者管理裝置上的文件存取權。由於這種攻擊必須在發生另一個藍牙堆疊漏洞的攻擊行為後才能執行,因此這個問題的嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0423</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/4c1f39e1cf203cb9db7b85e75b5fc32ec7132083">
+ A-32612586</a></td>
+ <td>中</td>
+ <td>全部</td>
+ <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 2 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging-2">AOSP Messaging 中的資訊外洩漏洞</h3>
+<p>
+AOSP Messaging 中的資訊外洩漏洞可能會讓遠端攻擊者透過特製檔案存取其權限等級以外的資料。由於這個問題可能會讓有心人士在授權程序中規避一般的使用者層級深度防禦措施或防範攻擊技術,因此嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0424</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/e9b7e3a6b7a8886693d298401a20788816a5afdc">
+ A-32322450</a></td>
+ <td>中</td>
+ <td>全部</td>
+ <td>6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 10 月 20 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-audioserver">音訊伺服器中的資訊外洩漏洞</h3>
+<p>
+音訊伺服器中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限等級以外的資料。由於這個問題可能導致有心人士在未獲授權的情況下存取機密資料,因此嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0425</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a155de4d70e0b9ac8fc02b2bdcbb2e8e6cca46ff">
+ A-32720785</a></td>
+ <td>中</td>
+ <td>全部</td>
+ <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-filesystem">檔案系統中的資訊外洩漏洞</h3>
+<p>
+檔案系統中的資訊外洩漏洞可讓本機惡意應用程式存取其權限等級以外的資料。由於這個問題可能導致有心人士在未獲授權的情況下存取機密資料,因此嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>更新的 AOSP 版本</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0426</td>
+ <td><a href="https://android.googlesource.com/platform/system/sepolicy/+/ae46511bfa62b56938b3df824bb2ee737dceaa7a">
+ A-32799236</a>
+[<a href="https://android.googlesource.com/platform/system/core/+/0e7324e9095a209d4f06ba00812b2b2976fe2846">2</a>]</td>
+ <td>中</td>
+ <td>全部</td>
+ <td>7.0、7.1.1</td>
+ <td>Google 內部</td>
+ </tr>
+</table>
+
+
+<h2 id="2017-02-05-details">2017-02-05 安全修補等級 — 資安漏洞詳情</h2>
+<p>
+下列各節針對上方 <a href="#2017-02-05-summary">2017-02-05 安全修補等級 — 資安漏洞摘要</a>中列出的各項安全性漏洞提供了詳細資訊,包括問題說明、嚴重程度評定原因,以及一份漏洞資訊表,顯示漏洞的 CVE、相關參考資料、嚴重程度、更新的 Google 裝置、更新的 AOSP 版本 (在適用情況下) 和回報日期。假如相關錯誤有公開變更,該錯誤 ID 會連結到相對應的變更 (例如 AOSP 變更清單)。如果單一錯誤有多項相關變更,其他參考資料可透過該錯誤 ID 後面的編號連結開啟。</p>
+
+
+<h3 id="rce-in-qualcomm-crypto-driver">Qualcomm 加密驅動程式中的遠端程式碼執行漏洞</h3>
+<p>
+Qualcomm 加密驅動程式中的遠端程式碼執行漏洞可能會讓遠端攻擊者在核心環境內執行任何程式碼。由於這個問題可能會讓遠端程式碼在核心環境內執行,因此嚴重程度被評定為「最高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8418</td>
+ <td>A-32652894<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8f8066581a8e575a7d57d27f36c4db63f91ca48f">
+QC-CR#1077457</a></td>
+ <td>最高</td>
+ <td>無*</td>
+ <td>2016 年 10 月 10 日</td>
+ </tr>
+</table>
+<p>
+* 如果是搭載 Android 7.0 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。
+</p>
+
+
+<h3 id="eop-in-kernel-file-system">核心檔案系統中的權限升級漏洞</h3>
+<p>
+核心檔案系統中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0427</td>
+ <td>A-31495866*</td>
+ <td>最高</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Pixel C、Nexus Player、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 13 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 驅動程式中的權限升級漏洞</h3>
+<p>
+NVIDIA GPU 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0428</td>
+ <td>A-32401526*<br>
+ N-CVE-2017-0428</td>
+ <td>最高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0429</td>
+ <td>A-32636619*<br>
+ N-CVE-2017-0429</td>
+ <td>最高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 3 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-kernel-networking-subsystem">核心網路子系統中的權限升級漏洞</h3>
+<p>
+核心網路子系統中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2014-9914</td>
+ <td>A-32882659<br>
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a">
+上游程式庫核心</a></td>
+ <td>最高</td>
+ <td>Nexus 6、Nexus Player</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 驅動程式中的權限升級漏洞</h3>
+<p>
+Broadcom Wi-Fi 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0430</td>
+ <td>A-32838767*<br>
+ B-RB#107459</td>
+ <td>最高</td>
+ <td>Nexus 6、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td>
+ <td>Google 內部</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 元件中的漏洞</h3>
+<p>
+以下列出會影響 Qualcomm 元件的安全性漏洞,詳情請參考 2016 年 9 月的 Qualcomm AMSS 安全性公告。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度*</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0431</td>
+ <td>A-32573899**</td>
+ <td>最高</td>
+ <td>無***</td>
+ <td>Qualcomm 內部</td>
+ </tr>
+</table>
+<p>
+* 這些漏洞的嚴重程度是由廠商自行評定。
+</p>
+<p>
+** 這個問題的修補程式並未公開提供,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+<p>
+*** 如果是搭載 Android 7.0 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。
+</p>
+
+
+<h3 id="eop-in-mediatek-driver">MediaTek 驅動程式中的權限升級漏洞</h3>
+<p>
+MediaTek 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0432</td>
+ <td>A-28332719*<br>
+ M-ALPS02708925</td>
+ <td>高</td>
+ <td>無**</td>
+ <td>2016 年 4 月 21 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+<p>
+** 如果是搭載 Android 7.0 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。
+</p>
+
+
+<h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 觸控螢幕驅動程式中的權限升級漏洞</h3>
+<p>
+Synaptics 觸控螢幕驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在觸控螢幕晶片組環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0433</td>
+ <td>A-31913571*</td>
+ <td>高</td>
+ <td>Nexus 6P、Nexus 9、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 8 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0434</td>
+ <td>A-33001936*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 18 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm 安全執行環境通訊工具驅動程式中的權限升級漏洞</h3>
+<p>
+Qualcomm 安全執行環境通訊工具驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8480</td>
+ <td>A-31804432<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=0ed0f061bcd71940ed65de2ba46e37e709e31471">
+QC-CR#1086186</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd70f6025a7bbce89af7a7abf4c40a219fdea406">2</a>]</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 28 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-sound-driver">Qualcomm 音效驅動程式中的權限升級漏洞</h3>
+<p>
+Qualcomm 音效驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8481</td>
+ <td>A-31906415*<br>
+ QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 1 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0435</td>
+ <td>A-31906657*<br>
+ QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 1 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0436</td>
+ <td>A-32624661*<br>
+ QC-CR#1078000</td>
+ <td>高</td>
+ <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 2 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 驅動程式中的權限升級漏洞</h3>
+<p>
+Qualcomm Wi-Fi 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0437</td>
+ <td>A-32402310<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0438</td>
+ <td>A-32402604<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0439</td>
+ <td>A-32450647<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=81b6b5538d3227ed4b925fcceedb109abb2a4c61">
+QC-CR#1092059</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 25 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8419</td>
+ <td>A-32454494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9ba50d536227666a5b6abd51f2b122675d950488">
+QC-CR#1087209</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8420</td>
+ <td>A-32451171<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c6597e015a7ce5ee71d3725fc55e64fc50923f4e">
+QC-CR#1087807</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8421</td>
+ <td>A-32451104<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=61a5cdb9adc96645583f528ac923e6e59f3abbcb">
+QC-CR#1087797</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 10 月 26 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0440</td>
+ <td>A-33252788<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=10f0051f7b3b9a7635b0762a8cf102f595f7a268">
+QC-CR#1095770</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 11 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0441</td>
+ <td>A-32872662<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=da87131740351b833f17f05dfa859977bc1e7684">
+QC-CR#1095009</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 11 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0442</td>
+ <td>A-32871330<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0443</td>
+ <td>A-32877494<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1f0b036dc74ccb6e9f0a03a540efdb0876f5ca77">
+QC-CR#1092497</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 13 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8476</td>
+ <td>A-32879283<br>
+ <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=bfe8035bce6fec72ed1d064b94529fce8fb09799">
+QC-CR#1091940</a></td>
+ <td>高</td>
+ <td>Nexus 5X、Pixel、Pixel XL</td>
+ <td>2016 年 11 月 14 日</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-realtek-sound-driver">Realtek 音效驅動程式中的權限升級漏洞</h3>
+<p>
+Realtek 音效驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0444</td>
+ <td>A-32705232*</td>
+ <td>高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-htc-touchscreen-driver">HTC 觸控螢幕驅動程式中的權限升級漏洞</h3>
+<p>
+HTC 觸控螢幕驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0445</td>
+ <td>A-32769717*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 9 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0446</td>
+ <td>A-32917445*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0447</td>
+ <td>A-32919560*</td>
+ <td>高</td>
+ <td>Pixel、Pixel XL</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="id-in-nvidia-video-driver">NVIDIA 視訊驅動程式中的資訊外洩漏洞</h3>
+<p>
+NVIDIA 視訊驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限等級以外的資料。由於這個問題可用於在未獲使用者明確授權的情況下存取機密資料,因此嚴重程度被評定為「高」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0448</td>
+ <td>A-32721029*<br>
+ N-CVE-2017-0448</td>
+ <td>高</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 7 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver-2">Broadcom Wi-Fi 驅動程式中的權限升級漏洞</h3>
+<p>
+Broadcom Wi-Fi 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,而目前平台的設定可進行防範,因此這個問題的嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0449</td>
+ <td>A-31707909*<br>
+ B-RB#32094</td>
+ <td>中</td>
+ <td>Nexus 6、Nexus 6P</td>
+ <td>2016 年 9 月 23 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-audioserver-2">音訊伺服器中的權限升級漏洞</h3>
+<p>音訊伺服器中的權限升級漏洞可能會讓本機惡意應用程式在獲得授權的程序環境內執行任何指令。由於目前平台的設定可防範這種攻擊,因此這個問題的嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0450</td>
+ <td>A-32917432*</td>
+ <td>中</td>
+ <td>Nexus 9</td>
+ <td>2016 年 11 月 15 日</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="eop-in-kernel-file-system-2">核心檔案系統中的權限升級漏洞</h3>
+<p>
+核心檔案系統中的權限升級漏洞可能會讓本機惡意應用程式規避系統為了防止權限升級而採取的防護措施。由於這個問題可能會讓有心人士規避一般的使用者層級深度防禦措施或防範攻擊技術,因此嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-10044</td>
+ <td>A-31711619*</td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Pixel C、Nexus Player、Pixel、Pixel XL</td>
+ <td>Google 內部</td>
+ </tr>
+</table>
+<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。
+</p>
+
+
+<h3 id="id-in-qualcomm-secure-execution-environment-communicator">Qualcomm 安全執行環境通訊工具中的資訊外洩漏洞</h3>
+<p>
+Qualcomm 安全執行環境通訊工具中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限等級以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8414</td>
+ <td>A-31704078<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=320970d3da9b091e96746424c44649a91852a846">
+QC-CR#1076407</a></td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 23 日</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-sound-driver">Qualcomm 音效驅動程式中的資訊外洩漏洞</h3>
+<p>
+Qualcomm 音效驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限等級以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。
+</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>參考資料</th>
+ <th>嚴重程度</th>
+ <th>更新的 Google 裝置</th>
+ <th>回報日期</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0451</td>
+ <td>A-31796345<br>
+ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59f55cd40b5f44941afc78b78e5bf81ad3dd723e">
+QC-CR#1073129</a>
+[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=35346beb2d8882115f698ab22a96803552b5c57e">2</a>]</td>
+ <td>中</td>
+ <td>Nexus 5X、Nexus 6P、Android One、Pixel、Pixel XL</td>
+ <td>2016 年 9 月 27 日</td>
+ </tr>
+</table>
+
+<h2 id="common-questions-and-answers">常見問題與解答</h2>
+<p>如果您在閱讀這篇公告後有任何疑問,可參考本節的常見問答。</p>
+<p><strong>1. 如何判斷我目前的裝置軟體版本是否已修正這些問題?</strong></p>
+<p>要瞭解如何查看裝置的安全修補等級,請詳讀 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 和 Nexus 更新時間表</a>中的操作說明。</p>
+<ul>
+ <li>2017 年 2 月 1 日之後的安全修補等級已解決了所有與 2017-02-01 安全修補等級相關的問題。</li>
+ <li>2017 年 2 月 5 日之後的安全修補等級完全解決了與 2017-02-05 安全修補等級及所有先前修補等級相關的問題。
+ </li>
+</ul>
+<p>提供這些更新的裝置製造商應將修補程式字串等級設定為:</p>
+<ul>
+<li><code>[ro.build.version.security_patch]:[2017-02-01]</code></li>
+<li><code>[ro.build.version.security_patch]:[2017-02-05]</code></li>
+</ul>
+
+<p><strong>2. 為什麼這篇公告有兩種安全修補等級?</strong></p>
+
+<p>本公告有兩種安全修補等級,讓 Android 合作夥伴能夠靈活運用,以快速修正某些發生在所有 Android 裝置上的類似漏洞。我們建議 Android 合作夥伴修正本公告所列的所有問題,並使用最新的安全修補等級。</p>
+<ul>
+ <li>安全修補等級為 2017 年 1 月 1 日的裝置必須納入所有與該安全修補等級相關的問題,以及在之前安全性公告中回報的所有問題適用的修正程式。</li>
+ <li>如果裝置的安全修補等級在 2017 年 1 月 5 日之後,就必須加入本安全性公告 (以及之前公告) 中的所有適用修補程式。</li>
+</ul>
+<p>我們建議合作夥伴將所要解決的所有問題適用修補程式包裝在單一更新中。</p>
+<p><strong>3. 如何判斷哪些 Google 裝置會受到哪種問題的影響?</strong></p>
+<p>在 <a href="#2017-02-01-details">2017-02-01</a> 和 <a href="#2017-02-05-details">2017-02-05</a> 安全性漏洞詳情的章節中,每個表格都包含「更新的 Google 裝置」<em></em>欄,當中列出已針對各個問題進行更新的受影響 Google 裝置範圍。此欄中的選項包括:</p>
+<ul>
+ <li><strong>所有 Google 裝置</strong>:如果問題會影響到「全部」和 Pixel 裝置,表格內「更新的 Google 裝置」<em></em>欄中就會顯示「全部」字樣。「全部」包含下列<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支援的裝置</a>:Nexus 5X、Nexus 6、Nexus 6P、Nexus 7 (2013)、Nexus 9、Android One、Nexus Player、Pixel C、Pixel 和 Pixel XL。</li>
+ <li><strong>部分 Google 裝置</strong>:如果問題並未影響到所有 Google 裝置,則「更新的 Google 裝置」<em></em>欄中會列出受影響的 Google 裝置。</li>
+ <li><strong>無 Google 裝置</strong>:如果問題不會影響到任何搭載 Android 7.0 的 Google 裝置,「更新的 Google 裝置」<em></em>欄中就會顯示「無」字樣。</li>
+</ul>
+<p><strong>4. 參考資料欄中的項目會對應到什麼?</strong></p>
+<p>資安漏洞詳情表格中「參考資料」<em></em>欄底下的項目可能會包含一個前置字串,用以表示該參考資料值所屬的公司。這些前置字元代表的意義如下:</p>
+<table>
+ <tr>
+ <th>前置字元</th>
+ <th>參考資料</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Android 錯誤 ID</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Qualcomm 參考編號</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>MediaTek 參考編號</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>NVIDIA 參考編號</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Broadcom 參考編號</td>
+ </tr>
+</table>
+
+<h2 id="revisions">修訂版本</h2>
+<ul>
+ <li>2017 年 2 月 6 日:發佈公告。</li>
+ <li>2017 年 2 月 8 日:在公告中加入 AOSP 連結。</li>
+</ul>
diff --git a/src/compatibility/cts/downloads.jd b/src/compatibility/cts/downloads.jd
index eb1340f..ca1168c 100644
--- a/src/compatibility/cts/downloads.jd
+++ b/src/compatibility/cts/downloads.jd
@@ -32,77 +32,77 @@
<h2 id="android-71">Android 7.1</h2>
<p>Android 7.1 is the release of the development milestone code-named Nougat-MR1.
The source code for the following tests can be synced with the
-'android-cts-7.1_r2' tag in the open-source tree.</p>
+'android-cts-7.1_r3' tag in the open-source tree.</p>
<ul>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-7.1_r2-linux_x86-arm.zip">Android
-7.1 R2 Compatibility Test Suite (CTS) - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-7.1_r3-linux_x86-arm.zip">Android
+7.1 R3 Compatibility Test Suite (CTS) - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-7.1_r2-linux_x86-x86.zip">Android
-7.1 R2 Compatibility Test Suite (CTS) - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-7.1_r3-linux_x86-x86.zip">Android
+7.1 R3 Compatibility Test Suite (CTS) - x86</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r2-linux_x86-arm.zip">Android
-7.1 R2 CTS Verifier - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r3-linux_x86-arm.zip">Android
+7.1 R3 CTS Verifier - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r2-linux_x86-x86.zip">Android
-7.1 R2 CTS Verifier - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r3-linux_x86-x86.zip">Android
+7.1 R3 CTS Verifier - x86</a></li>
</ul>
<h2 id="android-70">Android 7.0</h2>
<p>Android 7.0 is the release of the development milestone code-named Nougat.
The source code for the following tests can be synced with the
-'android-cts-7.0_r6' tag in the open-source tree.</p>
+'android-cts-7.0_r7' tag in the open-source tree.</p>
<ul>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-7.0_r6-linux_x86-arm.zip">Android
-7.0 R6 Compatibility Test Suite (CTS) - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-7.0_r7-linux_x86-arm.zip">Android
+7.0 R7 Compatibility Test Suite (CTS) - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-7.0_r6-linux_x86-x86.zip">Android
-7.0 R6 Compatibility Test Suite (CTS) - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-7.0_r7-linux_x86-x86.zip">Android
+7.0 R7 Compatibility Test Suite (CTS) - x86</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r6-linux_x86-arm.zip">Android
-7.0 R6 CTS Verifier - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r7-linux_x86-arm.zip">Android
+7.0 R7 CTS Verifier - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r6-linux_x86-x86.zip">Android
-7.0 R6 CTS Verifier - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r7-linux_x86-x86.zip">Android
+7.0 R7 CTS Verifier - x86</a></li>
</ul>
<h2 id="android-60">Android 6.0</h2>
<p>Android 6.0 is the release of the development milestone code-named Marshmallow.
The source code for the following tests can be synced with the
-'android-cts-6.0_r15' tag in the open-source tree.</p>
+'android-cts-6.0_r16' tag in the open-source tree.</p>
<ul>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-6.0_r15-linux_x86-arm.zip">Android
-6.0 R15 Compatibility Test Suite (CTS) - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-6.0_r16-linux_x86-arm.zip">Android
+6.0 R16 Compatibility Test Suite (CTS) - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-6.0_r15-linux_x86-x86.zip">Android
-6.0 R15 Compatibility Test Suite (CTS) - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-6.0_r16-linux_x86-x86.zip">Android
+6.0 R16 Compatibility Test Suite (CTS) - x86</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r15-linux_x86-arm.zip">Android
-6.0 R15 CTS Verifier - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r16-linux_x86-arm.zip">Android
+6.0 R16 CTS Verifier - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r15-linux_x86-x86.zip">Android
-6.0 R15 CTS Verifier - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r16-linux_x86-x86.zip">Android
+6.0 R16 CTS Verifier - x86</a></li>
</ul>
<h2 id="android-51">Android 5.1</h2>
<p>Android 5.1 is the release of the development milestone code-named Lollipop-MR1.
The source code for the following tests can be synced with the
-'android-cts-5.1_r16' tag in the open source tree.</p>
+'android-cts-5.1_r17' tag in the open source tree.</p>
<ul>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-5.1_r16-linux_x86-arm.zip">Android
-5.1 R16 Compatibility Test Suite (CTS) - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-5.1_r17-linux_x86-arm.zip">Android
+5.1 R17 Compatibility Test Suite (CTS) - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-5.1_r16-linux_x86-x86.zip">Android
-5.1 R16 Compatibility Test Suite (CTS) - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-5.1_r17-linux_x86-x86.zip">Android
+5.1 R17 Compatibility Test Suite (CTS) - x86</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r16-linux_x86-arm.zip">Android
-5.1 R16 CTS Verifier - ARM</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r17-linux_x86-arm.zip">Android
+5.1 R17 CTS Verifier - ARM</a></li>
<li><a
-href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r16-linux_x86-x86.zip">Android
-5.1 R16 CTS Verifier - x86</a></li>
+href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r17-linux_x86-x86.zip">Android
+5.1 R17 CTS Verifier - x86</a></li>
</ul>
<h2 id="android-50">Android 5.0</h2>
diff --git a/src/compatibility/cts/images/verifier-preview-icon.png b/src/compatibility/cts/images/verifier-preview-icon.png
new file mode 100644
index 0000000..dbc6089
--- /dev/null
+++ b/src/compatibility/cts/images/verifier-preview-icon.png
Binary files differ
diff --git a/src/compatibility/cts/verifier.jd b/src/compatibility/cts/verifier.jd
index 9a4daed..d861612 100644
--- a/src/compatibility/cts/verifier.jd
+++ b/src/compatibility/cts/verifier.jd
@@ -175,29 +175,45 @@
degree of the calibration value.</p>
<h2 id=exporting_test_reports>Exporting test reports</h2>
<ol>
- <li>After all tests are completed, tap the <strong>Save (disk)</strong> icon.
-<br>
-<img src="images/verifier-save-icon.png" alt="CTS Verifier Save icon" id="figure6" />
-<p class="img-caption">
- <strong>Figure 6.</strong> CTS Verifier Save icon
-</p>
-
- <li>A path to the saved report will be displayed in pop-up (e.g.
-<code>/mnt/sdcard/ctsVerifierReports/ctsVerifierReport-date-time.zip</code>).
-Record the path.
-<br>
-<img src="images/path-saved-report.png" alt="CTS Verifier path to saved report " id="figure7" />
-<p class="img-caption">
- <strong>Figure 7.</strong> CTS Verifier path to saved report
-</p>
-
- <li>Connect the device via USB to a computer with the SDK installed.
- <li>From the computer’s SDK installation, run <code>adb pull
- <CTS Verifier report path>
- </code> to download the report from the device.
+ <li>
+ After all tests are completed, tap the <strong>Save (disk)</strong> icon.
+ <br>
+ <img src="images/verifier-save-icon.png" alt="CTS Verifier Save icon" id="figure6" />
+ <p class="img-caption">
+ <strong>Figure 6.</strong> CTS Verifier Save icon. <em>Note:</em> In
+ Android 7.0 and later, the preview feature is removed:
+ <img src="images/verifier-preview-icon.png" width="24" height="24">
+ </p>
+ </li>
+ <li>
+ A path to the saved report will be displayed in pop-up (e.g.
+ <code>/sdcard/verifierReports/ctsVerifierReport-date-time.zip</code>).
+ Record the path.
+ <br>
+ <img src="images/path-saved-report.png" alt="CTS Verifier path to saved report " id="figure7" />
+ <p class="img-caption">
+ <strong>Figure 7.</strong> CTS Verifier path to saved report
+ </p>
+ </li>
+ <li>
+ Connect the device via USB to a computer with the SDK installed.
+ </li>
+ <li>
+ From the computer’s SDK installation, run
+ <code>adb pull CTSVerifierReportPath</code> to download the report from the device.
<ul>
- <li>To download all reports run : <code>adb pull /mnt/sdcard/ctsVerifierReports/ .</code>
- <li>The name of the reports are time-stamped based on the DUT’s system time.
- <li>To clear results after they have been selected, select <strong>Menu > Clear</strong>. This will
- clear the Pass/Fail results.
+ <li>
+ To download all reports run: <code>adb pull /sdcard/verifierReports</code>
+ <br/>
+ For Android 6.0 and earlier, run: <code>adb pull /mnt/sdcard/ctsVerifierReports/</code>
+ </li>
+ <li>
+ The name of the reports are time-stamped based on the DUT’s system time.
+ </li>
+ <li>
+ To clear results after they have been selected, select
+ <strong>Menu > Clear</strong>. This will clear the Pass/Fail results.
+ </li>
+ </ul>
+ </li>
</ol>
diff --git a/src/devices/devices_toc.cs b/src/devices/devices_toc.cs
index bc9320b..80e2055 100644
--- a/src/devices/devices_toc.cs
+++ b/src/devices/devices_toc.cs
@@ -462,7 +462,8 @@
<li><a href="<?cs var:toroot ?>devices/tech/test_infra/tradefed/fundamentals/lifecycle.html">Test Lifecycle</a></li>
<li><a href="<?cs var:toroot ?>devices/tech/test_infra/tradefed/fundamentals/options.html">Option Handling</a></li>
<li><a href="<?cs var:toroot ?>devices/tech/test_infra/tradefed/full_example.html">An End-to-End Example</a></li>
- <li id="tradefed-tree-list" class="nav-section">
+ <li><a href="<?cs var:toroot ?>devices/tech/test_infra/tradefed/fundamentals/vts.html">Systems Testing With VTS</a></li>
+ <li id="tradefed-tree-list" class="nav-section">
<div class="nav-section-header">
<a href="<?cs var:toroot ?>reference/packages.html">
<span class="en">Package Index</span>
diff --git a/src/devices/graphics/implement.jd b/src/devices/graphics/implement.jd
index 54b4620..e1ca332 100644
--- a/src/devices/graphics/implement.jd
+++ b/src/devices/graphics/implement.jd
@@ -92,7 +92,7 @@
<p>The graphics memory allocator allocates memory requested by image producers.
You can find the interface definition of the HAL at
-<code>hardware/libhardware/modules/gralloc.h</code>.</p>
+<code>hardware/libhardware/include/hardware/gralloc.h</code>.</p>
<h3 id=protected_buffers>Protected buffers</h3>
diff --git a/src/devices/tech/config/kernel.jd b/src/devices/tech/config/kernel.jd
index 81e9e51..bc05a41 100644
--- a/src/devices/tech/config/kernel.jd
+++ b/src/devices/tech/config/kernel.jd
@@ -24,456 +24,160 @@
</div>
</div>
-<p>The kernel configuration settings in this document are meant to be used as a
-base for an Android kernel configuration. All devices should have the options
-in android-base configuration enabled. The options in
-android-recommended configuration enable advanced Android
-features. See <a href="{@docRoot}security/overview/kernel-security.html">System
-and Kernel Security</a> for controls already undertaken to strengthen the
-kernel on your devices. See the <a
-href="{@docRoot}compatibility/cdd.html">Android Compatibility Definition
-Document (CDD)</a> for required settings.</p>
+<p>Use the following configuration settings as a base for an Android kernel
+configuration. Settings are organized into <code>android-base</code> and
+<code>android-recommended</code> .cfg files:
-<p>
-Generating kernel config: Assuming you already have a minimalist defconfig for your device, a possible
-way to enable these options would be:</p>
+<ul>
+<li><code>android-base</code>. These options enable core Android features and
+should be enabled by all devices.</li>
-<pre>ARCH=<arch> scripts/kconfig/merge_config.sh <path_to>/<device>_defconfig android/configs/android-base.cfg
-android/configs/android-recommended.cfg</pre>
-<p>
-This will generate a .config that can then be used to save a new defconfig or
-compile a new kernel with Android features enabled.
-</p>
-<h2 id="base">Base Configuration</h2>
-<pre>
-CONFIG_EXPERIMENTAL=y
-CONFIG_SYSVIPC=y
-CONFIG_CGROUPS=y
-CONFIG_CGROUP_DEBUG=y
-CONFIG_CGROUP_FREEZER=y
-CONFIG_CGROUP_CPUACCT=y
-CONFIG_RESOURCE_COUNTERS=y
-CONFIG_CGROUP_SCHED=y
-CONFIG_RT_GROUP_SCHED=y
-CONFIG_BLK_DEV_INITRD=y
-CONFIG_EMBEDDED=y
-CONFIG_NO_HZ=y
-CONFIG_HIGH_RES_TIMERS=y
-CONFIG_PREEMPT=y
-CONFIG_PM_AUTOSLEEP=y
-CONFIG_PM_WAKELOCKS=y
-CONFIG_BLK_DEV_DM=y
-CONFIG_DM_CRYPT=y
-CONFIG_NET=y
-CONFIG_PACKET=y
-CONFIG_UNIX=y
-CONFIG_XFRM_USER=y
-CONFIG_NET_KEY=y
-CONFIG_INET=y
-CONFIG_IP_ADVANCED_ROUTER=y
-CONFIG_IP_MULTIPLE_TABLES=y
-CONFIG_INET_ESP=y
-# CONFIG_INET_LRO is not set
-CONFIG_IPV6_PRIVACY=y
-CONFIG_IPV6_ROUTER_PREF=y
-CONFIG_IPV6_OPTIMISTIC_DAD=y
-CONFIG_INET6_AH=y
-CONFIG_INET6_ESP=y
-CONFIG_INET6_IPCOMP=y
-CONFIG_IPV6_MIP6=y
-CONFIG_IPV6_MULTIPLE_TABLES=y
-CONFIG_NETFILTER=y
-CONFIG_NF_CONNTRACK=y
-CONFIG_NF_CONNTRACK_EVENTS=y
-CONFIG_NF_CT_PROTO_DCCP=y
-CONFIG_NF_CT_PROTO_SCTP=y
-CONFIG_NF_CT_PROTO_UDPLITE=y
-CONFIG_NF_CONNTRACK_AMANDA=y
-CONFIG_NF_CONNTRACK_FTP=y
-CONFIG_NF_CONNTRACK_H323=y
-CONFIG_NF_CONNTRACK_IRC=y
-CONFIG_NF_CONNTRACK_NETBIOS_NS=y
-CONFIG_NF_CONNTRACK_PPTP=y
-CONFIG_NF_CONNTRACK_SANE=y
-CONFIG_NF_CONNTRACK_TFTP=y
-CONFIG_NF_CT_NETLINK=y
-CONFIG_NETFILTER_TPROXY=y
-CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y
-CONFIG_NETFILTER_XT_TARGET_CONNMARK=y
-CONFIG_NETFILTER_XT_TARGET_MARK=y
-CONFIG_NETFILTER_XT_TARGET_NFLOG=y
-CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y
-CONFIG_NETFILTER_XT_TARGET_TPROXY=y
-CONFIG_NETFILTER_XT_TARGET_TRACE=y
-CONFIG_NETFILTER_XT_MATCH_COMMENT=y
-CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y
-CONFIG_NETFILTER_XT_MATCH_CONNMARK=y
-CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y
-CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y
-CONFIG_NETFILTER_XT_MATCH_HELPER=y
-CONFIG_NETFILTER_XT_MATCH_IPRANGE=y
-CONFIG_NETFILTER_XT_MATCH_LENGTH=y
-CONFIG_NETFILTER_XT_MATCH_LIMIT=y
-CONFIG_NETFILTER_XT_MATCH_MAC=y
-CONFIG_NETFILTER_XT_MATCH_MARK=y
-CONFIG_NETFILTER_XT_MATCH_POLICY=y
-CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y
-CONFIG_NETFILTER_XT_MATCH_QTAGUID=y
-CONFIG_NETFILTER_XT_MATCH_QUOTA=y
-CONFIG_NETFILTER_XT_MATCH_QUOTA2=y
-CONFIG_NETFILTER_XT_MATCH_QUOTA2_LOG=y
-CONFIG_NETFILTER_XT_MATCH_SOCKET=y
-CONFIG_NETFILTER_XT_MATCH_STATE=y
-CONFIG_NETFILTER_XT_MATCH_STATISTIC=y
-CONFIG_NETFILTER_XT_MATCH_STRING=y
-CONFIG_NETFILTER_XT_MATCH_TIME=y
-CONFIG_NETFILTER_XT_MATCH_U32=y
-CONFIG_NF_CONNTRACK_IPV4=y
-CONFIG_IP_NF_IPTABLES=y
-CONFIG_IP_NF_MATCH_AH=y
-CONFIG_IP_NF_MATCH_ECN=y
-CONFIG_IP_NF_MATCH_TTL=y
-CONFIG_IP_NF_FILTER=y
-CONFIG_IP_NF_TARGET_REJECT=y
-CONFIG_IP_NF_TARGET_REJECT_SKERR=y
-CONFIG_NF_NAT=y
-CONFIG_IP_NF_TARGET_MASQUERADE=y
-CONFIG_IP_NF_TARGET_NETMAP=y
-CONFIG_IP_NF_TARGET_REDIRECT=y
-CONFIG_IP_NF_MANGLE=y
-CONFIG_IP_NF_RAW=y
-CONFIG_IP_NF_ARPTABLES=y
-CONFIG_IP_NF_ARPFILTER=y
-CONFIG_IP_NF_ARP_MANGLE=y
-CONFIG_NF_CONNTRACK_IPV6=y
-CONFIG_IP6_NF_IPTABLES=y
-CONFIG_IP6_NF_FILTER=y
-CONFIG_IP6_NF_TARGET_REJECT=y
-CONFIG_IP6_NF_TARGET_REJECT_SKERR=y
-CONFIG_IP6_NF_MANGLE=y
-CONFIG_IP6_NF_RAW=y
-CONFIG_NET_SCHED=y
-CONFIG_NET_SCH_HTB=y
-CONFIG_NET_CLS_U32=y
-CONFIG_NET_EMATCH=y
-CONFIG_NET_EMATCH_U32=y
-CONFIG_NET_CLS_ACT=y
-CONFIG_NETDEVICES=y
-CONFIG_TUN=y
-CONFIG_PPP=y
-CONFIG_PPP_BSDCOMP=y
-CONFIG_PPP_DEFLATE=y
-CONFIG_PPP_MPPE=y
-CONFIG_PPPOLAC=y
-CONFIG_PPPOPNS=y
-CONFIG_FB=y
-CONFIG_SYNC=y
-CONFIG_USB_GADGET=y
-CONFIG_USB_G_ANDROID=y
-CONFIG_USB_OTG_WAKELOCK=y
-CONFIG_SWITCH=y
-CONFIG_RTC_CLASS=y
-CONFIG_STAGING=y
-CONFIG_ANDROID=y
-CONFIG_ANDROID_BINDER_IPC=y
-CONFIG_ASHMEM=y
-CONFIG_ANDROID_LOGGER=y
-CONFIG_ANDROID_LOW_MEMORY_KILLER=y
-CONFIG_ANDROID_INTF_ALARM_DEV=y
-</pre>
+<li><code>android-recommended</code>. These options enable advanced Android
+features and are optional for devices.</li>
+</ul>
-<h2 id="recommended">Recommended Configuration</h2>
+<p>Both the android-base.cfg and android-recommended.cfg files are located in
+the android-common kernel repo at
+<a href="https://android.googlesource.com/kernel/common/">https://android.googlesource.com/kernel/common/</a>.
+<p>In version 4.8 of the upstream Linux kernel, a new location (kernel/configs)
+was designated for kernel configuration fragments. The android base and
+recommended config fragments are located in that directory for branches based on
+4.8 or later. For kernel branches based on releases prior to 4.8, the config
+fragments are located in the android/ directory.</p>
-<pre>
-CONFIG_PANIC_TIMEOUT=5
-CONFIG_KALLSYMS_ALL=y
-CONFIG_PERF_EVENTS=y
-CONFIG_COMPACTION=y
-# CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set
-CONFIG_PM_WAKELOCKS_LIMIT=0
-# CONFIG_PM_WAKELOCKS_GC is not set
-CONFIG_PM_RUNTIME=y
-CONFIG_PM_DEBUG=y
-CONFIG_SUSPEND_TIME=y
-CONFIG_BLK_DEV_LOOP=y
-CONFIG_BLK_DEV_RAM=y
-CONFIG_BLK_DEV_RAM_SIZE=8192
-CONFIG_UID_STAT=y
-CONFIG_MD=y
-CONFIG_DM_UEVENT=y
-CONFIG_INPUT_EVDEV=y
-CONFIG_INPUT_KEYRESET=y
-# CONFIG_INPUT_MOUSE is not set
-CONFIG_INPUT_JOYSTICK=y
-CONFIG_JOYSTICK_XPAD=y
-CONFIG_JOYSTICK_XPAD_FF=y
-CONFIG_JOYSTICK_XPAD_LEDS=y
-CONFIG_INPUT_TABLET=y
-CONFIG_TABLET_USB_ACECAD=y
-CONFIG_TABLET_USB_AIPTEK=y
-CONFIG_TABLET_USB_GTCO=y
-CONFIG_TABLET_USB_HANWANG=y
-CONFIG_TABLET_USB_KBTAB=y
-CONFIG_TABLET_USB_WACOM=y
-CONFIG_INPUT_MISC=y
-CONFIG_INPUT_KEYCHORD=y
-CONFIG_INPUT_UINPUT=y
-CONFIG_INPUT_GPIO=y
-# CONFIG_VT is not set
-# CONFIG_LEGACY_PTYS is not set
-CONFIG_POWER_SUPPLY=y
-CONFIG_BATTERY_ANDROID=y
-CONFIG_MEDIA_SUPPORT=y
-CONFIG_BACKLIGHT_LCD_SUPPORT=y
-CONFIG_SOUND=y
-CONFIG_SND=y
-CONFIG_UHID=y
-CONFIG_USB_HIDDEV=y
-CONFIG_HID_A4TECH=y
-CONFIG_HID_ACRUX=y
-CONFIG_HID_ACRUX_FF=y
-CONFIG_HID_APPLE=y
-CONFIG_HID_BELKIN=y
-CONFIG_HID_CHERRY=y
-CONFIG_HID_CHICONY=y
-CONFIG_HID_PRODIKEYS=y
-CONFIG_HID_CYPRESS=y
-CONFIG_HID_DRAGONRISE=y
-CONFIG_DRAGONRISE_FF=y
-CONFIG_HID_EMS_FF=y
-CONFIG_HID_ELECOM=y
-CONFIG_HID_EZKEY=y
-CONFIG_HID_HOLTEK=y
-CONFIG_HID_KEYTOUCH=y
-CONFIG_HID_KYE=y
-CONFIG_HID_UCLOGIC=y
-CONFIG_HID_WALTOP=y
-CONFIG_HID_GYRATION=y
-CONFIG_HID_TWINHAN=y
-CONFIG_HID_KENSINGTON=y
-CONFIG_HID_LCPOWER=y
-CONFIG_HID_LOGITECH=y
-CONFIG_LOGITECH_FF=y
-CONFIG_LOGIRUMBLEPAD2_FF=y
-CONFIG_LOGIG940_FF=y
-CONFIG_HID_MAGICMOUSE=y
-CONFIG_HID_MICROSOFT=y
-CONFIG_HID_MONTEREY=y
-CONFIG_HID_MULTITOUCH=y
-CONFIG_HID_NTRIG=y
-CONFIG_HID_ORTEK=y
-CONFIG_HID_PANTHERLORD=y
-CONFIG_PANTHERLORD_FF=y
-CONFIG_HID_PETALYNX=y
-CONFIG_HID_PICOLCD=y
-CONFIG_HID_PRIMAX=y
-CONFIG_HID_ROCCAT=y
-CONFIG_HID_SAITEK=y
-CONFIG_HID_SAMSUNG=y
-CONFIG_HID_SONY=y
-CONFIG_HID_SPEEDLINK=y
-CONFIG_HID_SUNPLUS=y
-CONFIG_HID_GREENASIA=y
-CONFIG_GREENASIA_FF=y
-CONFIG_HID_SMARTJOYPLUS=y
-CONFIG_SMARTJOYPLUS_FF=y
-CONFIG_HID_TIVO=y
-CONFIG_HID_TOPSEED=y
-CONFIG_HID_THRUSTMASTER=y
-CONFIG_HID_WACOM=y
-CONFIG_HID_WIIMOTE=y
-CONFIG_HID_ZEROPLUS=y
-CONFIG_HID_ZYDACRON=y
-CONFIG_USB_USBNET=y
-CONFIG_USB_ANNOUNCE_NEW_DEVICES=y
-CONFIG_USB_EHCI_HCD=y
-CONFIG_ION=y
-CONFIG_ANDROID_RAM_CONSOLE=y
-CONFIG_ANDROID_TIMED_GPIO=y
-CONFIG_EXT4_FS=y
-CONFIG_EXT4_FS_SECURITY=y
-CONFIG_FUSE_FS=y
-CONFIG_MSDOS_FS=y
-CONFIG_VFAT_FS=y
-CONFIG_TMPFS=y
-CONFIG_TMPFS_POSIX_ACL=y
-CONFIG_SCHEDSTATS=y
-CONFIG_TIMER_STATS=y
-CONFIG_SCHED_TRACER=y
-CONFIG_CPUSETS=y
-CONFIG_PROC_PID_CPUSET=y
-</pre>
+<p>For details on controls already undertaken to strengthen the kernel on your
+devices, see <a href="{@docRoot}security/overview/kernel-security.html">System
+and Kernel Security</a>. For details on required settings, see the
+<a href="{@docRoot}compatibility/cdd.html">Android Compatibility Definition
+Document (CDD)</a>.</p>
-<h2 id="audio">For USB host mode audio</h2>
+<h2 id="generating">Generating kernel config</h2>
+<p>For devices that have a minimalist defconfig, you can use the following to
+enable options:</p>
-<pre>
-CONFIG_SND_USB=y
+<pre><code>ARCH=<em>arch</em> scripts/kconfig/merge_config.sh <em>path</em>/<em>device</em>_defconfig android/configs/android-base.cfg android/configs/android-recommended.cfg</code></pre>
+
+<p>This generates a .config file you can use to save a new defconfig or
+compile a new kernel with Android features enabled.</p>
+
+<h2 id="usb">Enabling USB host mode options</h2>
+
+<p>For USB host mode audio, enable the following options:</p>
+<pre><code>CONFIG_SND_USB=y
CONFIG_SND_USB_AUDIO=y
# CONFIG_USB_AUDIO is for a peripheral mode (gadget) driver
-</pre>
+</code></pre>
-<h2 id="midi">For USB host mode MIDI</h2>
-
-<pre>
-CONFIG_SND_USB_MIDI=y
-</pre>
+<p>For USB host mode MIDI, enable the following option:</p>
+<pre><code>CONFIG_SND_USB_MIDI=y</code></pre>
<h2 id="Seccomp-BPF-TSYNC">Seccomp-BPF with TSYNC</h2>
-<p>
-Seccomp-BPF is a kernel security technology that
-enables the creation of sandboxes to restrict the system calls a process is
-allowed to make. The TSYNC feature enables the use of Seccomp-BPF from
-multithreaded programs.
-</p>
-<p>
-This ability is limited to architectures that have seccomp support upstream:
-ARM, ARM64, x86, and x86_64.
-</p>
+<p>Seccomp-BPF is a kernel security technology that enables the creation of
+sandboxes to restrict the system calls a process is allowed to make. The TSYNC
+feature enables the use of Seccomp-BPF from multithreaded programs. This ability
+is limited to architectures that have seccomp support upstream: ARM, ARM64, x86,
+and x86_64.</p>
+
<h3 id="backport-ARM-32">Backporting for Kernel 3.10 for ARM-32, X86, X86_64</h3>
-<p>
-First, ensure that <code>CONFIG_SECCOMP_FILTER=y</code> is enabled in the
-Kconfig. This is already verified as of the Android 5.0 CTS.
+
+<p>Ensure that <code>CONFIG_SECCOMP_FILTER=y</code> is enabled in the Kconfig
+(verified as of the Android 5.0 CTS), then cherry-pick the following changes
+from the AOSP kernel/common:android-3.10 repository: <a href="https://android.
+googlesource.com/kernel/common/+log/9499cd23f9d05ba159
+fac6d55dc35a7f49f9ce76..a9ba4285aa5722a3b4d84888e78ba8adc0046b28">9499cd23f9d05ba159fac6d55dc35a7f49f9ce76..a9ba4285aa5722a3b4d84888e78ba8adc0046b28</a>
</p>
-<p>
-Next, cherry-pick the following changes from the AOSP kernel/common:android-3.10
-repository:
-</p>
-<p>
-<a
-href="https://android.googlesource.com/kernel/common/+log/9499cd23f9d05ba159fac6d55dc35a7f49f9ce76..a9ba4285aa5722a3b4d84888e78ba8adc0046b28">9499cd23f9d05ba159fac6d55dc35a7f49f9ce76..a9ba4285aa5722a3b4d84888e78ba8adc0046b28</a>
-</p>
+
<ul>
-<li><a
-href="https://android.googlesource.com/kernel/common/+/a9ba4285aa5722a3b4d84888e78ba8adc0046b28">a9ba428
- ARM: add seccomp syscall</a>
-<li><a
-href="https://android.googlesource.com/kernel/common/+/900e9fd0d5d15c596cacfb89ce007c933cea6e1c">900e9fd
- seccomp: fix syscall numbers for x86 and x86_64</a> by Lee Campbell
-<li><a
-href="https://android.googlesource.com/kernel/common/+/9ac860041db860a59bfd6ac82b31d6b6f76ebb52">9ac8600
- seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock</a> by Guenter
-Roeck
-<li><a
-href="https://android.googlesource.com/kernel/common/+/f14a5db2398afed8f416d244e6da6b23940997c6">f14a5db
- seccomp: implement SECCOMP_FILTER_FLAG_TSYNC</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/c852ef778224ecf5fe995d74ad96087038778bca">c852ef7
- seccomp: allow mode setting across threads</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/61b6b882a0abfeb627d25a069cfa1d232b84c8eb">61b6b88
- seccomp: introduce writer locking</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/b6a12bf4dd762236c7f637b19cfe10a268304b9b">b6a12bf
- seccomp: split filter prep from check and apply</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/9d0ff694bc22fb458acb763811a677696c60725b">9d0ff69
- sched: move no_new_privs into new atomic flags</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/e985fd474debedb269fba27006eda50d0b6f07ef">e985fd4
- seccomp: add "seccomp" syscall</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/8908dde5a7fdca974374b0dbe6dfb10f69df7216">8908dde
- seccomp: split mode setting routines</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/b8a9cff6dbe9cfddbb4d17e2dea496e523544687">b8a9cff
- seccomp: extract check/assign mode helpers</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/2a30a4386e4a7e1283157c4cf4cfcc0306b22ac8">2a30a43
- seccomp: create internal mode-setting function</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/987a0f1102321853565c4bfecde6a5a58ac6db11">987a0f1
- introduce for_each_thread() to replace the buggy while_each_thread()</a> by
-Oleg Nesterov
-<li><a
-href="https://android.googlesource.com/kernel/common/+/a03a2426ea9f1d9dada33cf4a824f63e8f916c9d">a03a242
- arch: Introduce smp_load_acquire(), smp_store_release()</a> by Peter Zijlstra
+<li><a href="https://android.googlesource.com/kernel/common/+/a03a2426ea9f1d9dada33cf4a824f63e8f916c9d">a03
+a242 arch: Introduce smp_load_acquire(), smp_store_release()</a> by Peter
+Zijlstra</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/987a0f1102321853565c4bfecde6a5a58ac6db11">987a0f
+1 introduce for_each_thread() to replace the buggy while_each_thread()</a> by
+ Oleg Nesterov</li>
+ <li><a href="https://android.googlesource.com/kernel/common/+/2a30a4386e4a7e1283157c4cf4cfcc0306b22ac8">2a30a43
+seccomp: create internal mode-setting function</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+
+/b8a9cff6dbe9cfddbb4d17e2dea496e523544687">b8a9cff
+seccomp: extract check/assign mode helpers</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/8908dde5a7fdca974374b0dbe6dfb10f69df7216">8908dde
+seccomp: split mode setting routines</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/e985fd474debedb269fba27006eda50d0b6f07ef">e985fd4 seccomp: add
+"seccomp" syscall</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/9d0ff
+694bc22fb458acb763811a677696c60725b">9d0ff69
+sched: move no_new_privs into new atomic flags</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/b6a12bf4dd762236c7f637b19cfe10a268304b9b">b6a12bf
+seccomp: split filter prep from check and apply</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/61b6b882a0abfeb627d25a069cfa1d232b84c8eb">61b6b88
+seccomp: introduce writer locking</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/c852ef778224ecf5fe995d74ad96087038778bca">c852ef7
+seccomp: allow mode setting across threads</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/f14a5db2398afed8f416d244e6da6b23940997c6">f14a5db
+seccomp: implement SECCOMP_FILTER_FLAG_TSYNC</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/9ac860041db
+860a59bfd6ac82b31d6b6f76ebb52">9ac8600
+seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock</a> by Guenter
+Roeck</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/900e9fd0d5d15c596cacfb89ce007c933cea6e1c">900e9fd
+seccomp: fix syscall numbers for x86 and x86_64</a> by Lee Campbell</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/a9ba4285aa5722a3b4d84888e78ba8adc0046b28">a9ba428
+ARM: add seccomp syscall</a> by Kees Cook</li>
</ul>
-<p>
-Apply these patches in the inverse order that they are
-listed (<code>a9ba428</code> should be last).
-</p>
-<p>
+
<h3 id="backport-ARM-64">Backporting for Kernel 3.10 for ARM-64</h3>
-</p>
-<p>
-First, ensure that<code> CONFIG_SECCOMP_FILTER=y </code>is enabled in the
-Kconfig. This is already verified as of the Android 5.0 CTS.
-</p>
-<p>
-Next, cherry-pick the following changes from the AOSP kernel/common:android-3.10
-repository:
-</p>
+<p>Ensure <code>CONFIG_SECCOMP_FILTER=y</code> is enabled in the Kconfig
+(verified as of the Android 5.0 CTS), then cherry-pick the following changes
+from the AOSP kernel/common:android-3.10 repository:</p>
<ul>
-<li><a
-href="https://android.googlesource.com/kernel/common/+/210957c2bb3b4d111963bb296e2c42beb8721929">210957c
- arm64: add seccomp support</a> by AKASHI Takahiro
-<li><a
-href="https://android.googlesource.com/kernel/common/+/77227239d20ac6381fb1aee7b7cc902f0d14cd85">7722723
- arm64: add SIGSYS siginfo for compat task</a> by AKASHI Takahiro
-<li><a
-href="https://android.googlesource.com/kernel/common/+/4f12b53f28a751406a27ef7501a22f9e32a9c30b">4f12b53
- add seccomp syscall for compat task</a> by AKASHI Takahiro
-<li><a
-href="https://android.googlesource.com/kernel/common/+/dab10731da65a0deba46402ca9fadf6974676cc8">dab1073
- asm-generic: add generic seccomp.h for secure computing mode 1</a> by AKASHI
-Takahiro
-<li><a
-href="https://android.googlesource.com/kernel/common/+/feb28436457d33fef9f264635291432df4b74122">feb2843
- arm64: ptrace: allow tracer to skip a system call</a> by AKASHI Takahiro
-<li><a
-href="https://android.googlesource.com/kernel/common/+/abbfed9ed1a78701ef3db74f5287958feb897035">abbfed9
- arm64: ptrace: add PTRACE_SET_SYSCALL</a> by AKASHI Takahiro
-<li><a
-href="https://android.googlesource.com/kernel/common/+/41900903483eb96602dd72e719a798c208118aad">4190090
- ARM: 8087/1: ptrace: reload syscall number after secure_computing() check</a>
-by Will Deacon
-<li><a
-href="https://android.googlesource.com/kernel/common/+/a9ba4285aa5722a3b4d84888e78ba8adc0046b28">a9ba428
- ARM: add seccomp syscall</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/900e9fd0d5d15c596cacfb89ce007c933cea6e1c">900e9fd
- seccomp: fix syscall numbers for x86 and x86_64</a> by Lee Campbell
-<li><a
-href="https://android.googlesource.com/kernel/common/+/9ac860041db860a59bfd6ac82b31d6b6f76ebb52">9ac8600
- seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock</a> by Guenter
-Roeck
-<li><a
-href="https://android.googlesource.com/kernel/common/+/f14a5db2398afed8f416d244e6da6b23940997c6">f14a5db
- seccomp: implement SECCOMP_FILTER_FLAG_TSYNC</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/c852ef778224ecf5fe995d74ad96087038778bca">c852ef7
- seccomp: allow mode setting across threads</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/61b6b882a0abfeb627d25a069cfa1d232b84c8eb">61b6b88
- seccomp: introduce writer locking</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/b6a12bf4dd762236c7f637b19cfe10a268304b9b">b6a12bf
- seccomp: split filter prep from check and apply</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/9d0ff694bc22fb458acb763811a677696c60725b">9d0ff69
- sched: move no_new_privs into new atomic flags</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/e985fd474debedb269fba27006eda50d0b6f07ef">e985fd4
- seccomp: add "seccomp" syscall</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/8908dde5a7fdca974374b0dbe6dfb10f69df7216">8908dde
- seccomp: split mode setting routines</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/b8a9cff6dbe9cfddbb4d17e2dea496e523544687">b8a9cff
- seccomp: extract check/assign mode helpers</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/2a30a4386e4a7e1283157c4cf4cfcc0306b22ac8">2a30a43
- seccomp: create internal mode-setting function</a> by Kees Cook
-<li><a
-href="https://android.googlesource.com/kernel/common/+/9499cd23f9d05ba159fac6d55dc35a7f49f9ce76">9499cd2
- syscall_get_arch: remove useless function arguments</a> by Eric Paris
-<li><a
-href="https://android.googlesource.com/kernel/common/+/3e21c0bb663a23436e0eb3f61860d4fedc233bab">3e21c0b
- arm64: audit: Add audit hook in syscall_trace_enter/exit()</a> by JP Abgrall
-<li><a
-href="https://android.googlesource.com/kernel/common/+/bf11863d45eb3dac0d0cf1f818ded11ade6e28d3">bf11863
- arm64: Add audit support</a> by AKASHI Takahiro
-<li><a
-href="https://android.googlesource.com/kernel/common/+/cfc7e99e9e3900056028a7d90072e9ea0d886f8d">cfc7e99e9
- arm64: Add __NR_* definitions for compat syscalls</a> by JP Abgrall
+<li><a href="https://android.googlesource.com/kernel/common/+/cfc7e99e9e3900056028a7d90072e9ea0d886f8d">cfc7e99e9
+arm64: Add __NR_* definitions for compat syscalls</a> by JP Abgrall</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/bf11863d45eb3dac0d0cf1f818ded11ade6e28d3">bf11863
+arm64: Add audit support</a> by AKASHI Takahiro</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/3
+e21c0bb663a23436e0eb3f61860d4fedc233bab">3e21c0b
+arm64: audit: Add audit hook in syscall_trace_enter/exit()</a> by JP Abgrall</li>
+<li><a href="https://android.googlesource.com/kernel
+/common/+/9499cd23f9d05ba159fac6d55dc35a7f49f9ce76">9499cd2
+syscall_get_arch: remove useless function arguments</a> by Eric Paris</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/2a30a4386e4a7e1283157c4cf4cfcc0306b22ac8">2a30a43
+seccomp: create internal mode-setting function</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/b8a9cff6dbe9cfddbb4d17e2dea496e523544687">b8a9
+cff seccomp: extract check/assign mode helpers</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/8908dde5a7fdca974374b0dbe6dfb10f69df7216">8908dde
+seccomp: split mode setting routines</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/e985fd474debedb269fba27006eda50d0b6f07ef">e985fd4
+seccomp: add "seccomp" syscall</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/9d0ff694bc22fb458acb763811a677696c60725b">9d0ff69
+sched: move no_new_privs into new atomic flags</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/b6a12bf4dd762236c7f637b19cfe10a268304b9b">b6a12bf
+seccomp: split filter prep from check and apply</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/61b6b882a0abfeb627d25a069cfa1d232b84c8eb">61b6b88
+seccomp: introduce writer locking</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/c852ef778224ecf5fe995d74ad96087038778bca">c852ef7
+seccomp: allow mode setting across threads</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/f14a5db2398afed8f416d244e6da6b23940997c6">f14a5db
+seccomp: implement SECCOMP_FILTER_FLAG_TSYNC</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/9ac860041db860a59bfd6ac82b31d6b6f76ebb52">9ac8600
+seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock</a> by Guenter
+Roeck</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/900e9fd0d5d15c596cacfb89ce007c933cea6e1c">900e9fd
+seccomp: fix syscall numbers for x86 and x86_64</a> by Lee Campbell</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/a9ba4285aa5722a3b4d84888e78ba8adc0046b28">a9ba428
+ARM: add seccomp syscall</a> by Kees Cook</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/41900903483eb96602dd72e719a798c208118aad">4190090
+ARM: 8087/1: ptrace: reload syscall number after secure_computing() check</a> by
+Will Deacon</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/abbfed9ed1a78701ef3db74f5287958feb897035">abbfed9
+arm64: ptrace: add PTRACE_SET_SYSCALL</a> by AKASHI Takahiro</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/feb28436457d33fef9f264635291432df4b74122">feb2843
+arm64: ptrace: allow tracer to skip a system call</a> by AKASHI Takahiro</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/dab10731da65a0deba46402ca9fadf6974676cc8">dab1073
+asm-generic: add generic seccomp.h for secure computing mode 1</a> by AKASHI
+Takahiro</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/4f12b53f28a751406a27ef7501a22f9e32a9c30b">4f1
+2b53 add seccomp syscall for compat task</a> by AKASHI Takahiro</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/77227239d20ac6381fb1aee7b7cc902f0d14cd85">7722723
+arm64: add SIGSYS siginfo for compat task</a> by AKASHI Takahiro</li>
+<li><a href="https://android.googlesource.com/kernel/common/+/210957c2bb3b4d111963bb296e2c42beb8721929">210957c
+arm64: add seccomp support</a> by AKASHI Takahiro</li>
</ul>
diff --git a/src/devices/tech/dalvik/dalvik-bytecode.jd b/src/devices/tech/dalvik/dalvik-bytecode.jd
index 5e32680..d2aef97 100644
--- a/src/devices/tech/dalvik/dalvik-bytecode.jd
+++ b/src/devices/tech/dalvik/dalvik-bytecode.jd
@@ -1060,7 +1060,66 @@
</td>
</tr>
<tr>
- <td>fc..ff 10x</td>
+ <td>fc 35c</td>
+ <td>invoke-custom {vC, vD, vE, vF, vG}, call_site@BBBB</td>
+ <td>
+ <code>A:</code> argument word count (4 bits) <br>
+ <code>B:</code> call site reference index (16 bits) <br>
+ <code>C..G:</code> argument registers (4 bits each)
+ </td>
+ <td> Resolves and invokes the indicated call site.
+ The result from the invocation (if any) may be stored with an
+ appropriate <code>move-result*</code> variant as the immediately
+ subsequent instruction.
+
+ <p> This instruction executes in two phases: call site
+ resolution and call site invocation.
+
+ <p> Call site resolution checks whether the indicated
+ call site has an associated <code>java.lang.invoke.CallSite</code> instance.
+ If not, the bootstrap linker method for the indicated call site is
+ invoked using arguments present in the DEX file
+ (see <a href="dex-format.html#call-site-item">call_site_item</a>). The
+ bootstrap linker method returns
+ a <code>java.lang.invoke.CallSite</code> instance that will then
+ be associated with the indicated call site if no association
+ exists. Another thread may have already made the association first,
+ and if so execution of the instruction continues with the
+ first associated <code>java.lang.invoke.CallSite</code> instance.
+
+ <p> Call site invocation is made on the <code>java.lang.invoke.MethodHandle</code> target of the
+ resolved <code>java.lang.invoke.CallSite</code> instance. The target is invoked as if
+ executing <code>invoke-polymorphic</code> (described above)
+ using the method handle and arguments to
+ the <code>invoke-custom</code> instruction as the arguments to an
+ exact method handle invocation.
+
+ <p> Exceptions raised by the bootstrap linker method are wrapped
+ in a <code>java.lang.BootstrapMethodError</code>. A <code>BootstrapMethodError</code> is also raised if:
+ <ul>
+ <li>the bootstrap linker method fails to return a <code>java.lang.invoke.CallSite</code> instance.</li>
+ <li>the returned <code>java.lang.invoke.CallSite</code> has a <code>null</code> method handle target.</li>
+ <li>the method handle target is not of the requested type.</li>
+ </ul>
+ <p> Present in Dex files from version <code>038</code> onwards.
+ </td>
+</tr>
+<tr>
+ <td>fd 3rc</td>
+ <td>invoke-custom/range {vCCCC .. vNNNN}, call_site@BBBB</td>
+ <td>
+ <code>A:</code> argument word count (8 bits) <br>
+ <code>B:</code> call site reference index (16 bits) <br>
+ <code>C:</code> first argument register (16-bits) <br>
+ <code>N = A + C - 1</code>
+ </td>
+ <td>
+ Resolve and invoke a call site. See the <code>invoke-custom</code> description above for details.
+ <p> Present in Dex files from version <code>038</code> onwards.
+ </td>
+</tr>
+<tr>
+ <td>fe..ff 10x</td>
<td><i>(unused)</i></td>
<td> </td>
<td><i>(unused)</i></td>
diff --git a/src/devices/tech/dalvik/dex-format.jd b/src/devices/tech/dalvik/dex-format.jd
index 8bf5081..1903f28 100644
--- a/src/devices/tech/dalvik/dex-format.jd
+++ b/src/devices/tech/dalvik/dex-format.jd
@@ -237,6 +237,21 @@
</td>
</tr>
<tr>
+ <td>call_site_ids</td>
+ <td>call_site_id_item[]</td>
+ <td>call site identifiers list. These are identifiers for all call sites
+ referred to by this file, whether defined in the file or not. This list
+ must be sorted in ascending order of <code>call_site_off</code>. This
+ list must not contain any duplicate entries.
+</tr>
+<tr>
+ <td>method_handles</td>
+ <td>method_handle_item[]</td>
+ <td>method handles list. A list of all method handles referred to by this file,
+ whether defined in the file or not. This list is not sorted and may contain
+ duplicates which will logically correspond to different method handle instances.
+</tr>
+<tr>
<td>data</td>
<td>ubyte[]</td>
<td>data area, containing all the support data for the tables listed above.
@@ -272,8 +287,8 @@
expected to increase monotonically over time as the format evolves.</p>
<pre>
-ubyte[8] DEX_FILE_MAGIC = { 0x64 0x65 0x78 0x0a 0x30 0x33 0x37 0x00 }
- = "dex\n037\0"
+ubyte[8] DEX_FILE_MAGIC = { 0x64 0x65 0x78 0x0a 0x30 0x33 0x38 0x00 }
+ = "dex\n038\0"
</pre>
<p class="note"><strong>Note:</strong> At least a couple earlier versions of the format have
@@ -285,15 +300,17 @@
versions of the format differ significantly from the version described in this
document.</p>
+<p class="note"><strong>Note:</strong> Support for version
+<code>038</code> of the format was added in the Android 8.0
+release. Version <code>038</code> added new bytecodes
+(<code>invoke-polymorphic</code> and <code>invoke-custom</code>) and
+data for method handles.
+
<p class="note"><strong>Note:</strong> Support for version <code>037</code> of
-the format was added in the Android 7.0 release. Prior to this release most
+the format was added in the Android 7.0 release. Prior to version <code>037</code> most
versions of Android have used version <code>035</code> of the format. The only
difference between versions <code>035</code> and <code>037</code> is the
-addition of default methods and the adjustment of the <code>invoke</code>
-instruction semantics to support this feature. Due to a Dalvik bug present in
-older versions of Android, Dex version <code>036</code> has been skipped.
-Dex version <code>036</code> is not valid for any version of Android and never
-will be.</p>
+addition of default methods and the adjustment of the <code>invoke</code>.
<h3 id="endian-constant">ENDIAN_CONSTANT and REVERSE_ENDIAN_CONSTANT</h3>
<h4>embedded in header_item</h4>
@@ -651,6 +668,26 @@
</td>
</tr>
<tr>
+ <td>VALUE_METHOD_TYPE</td>
+ <td>0x15</td>
+ <td>size - 1 (0…3)</td>
+ <td>ubyte[size]</td>
+ <td>unsigned (zero-extended) four-byte integer value,
+ interpreted as an index into
+ the <code>proto_ids</code> section and representing a method type value
+ </td>
+</tr>
+<tr>
+ <td>VALUE_METHOD_HANDLE</td>
+ <td>0x16</td>
+ <td>size - 1 (0…3)</td>
+ <td>ubyte[size]</td>
+ <td>unsigned (zero-extended) four-byte integer value,
+ interpreted as an index into
+ the <code>method_handles</code> section and representing a method handle value
+ </td>
+</tr>
+<tr>
<td>VALUE_STRING</td>
<td>0x17</td>
<td>size - 1 (0…3)</td>
@@ -1454,6 +1491,18 @@
<td>0x20</td>
</tr>
<tr>
+ <td>call_site_id_item</td>
+ <td>TYPE_CALL_SITE_ID_ITEM</td>
+ <td>0x0007</td>
+ <td>0x04</td>
+</tr>
+<tr>
+ <td>method_handle_item</td>
+ <td>TYPE_METHOD_HANDLE_ITEM</td>
+ <td>0x0008</td>
+ <td>0x08</td>
+</tr>
+<tr>
<td>map_list</td>
<td>TYPE_MAP_LIST</td>
<td>0x1000</td>
@@ -1835,6 +1884,135 @@
</tbody>
</table>
+<h3 id="call-site-id-item">call_site_id_item</h3>
+<h4>appears in the call_site_ids section</h4>
+<h4>alignment: 4 bytes</h4>
+
+<table class="format">
+<thead>
+<tr>
+ <th>Name</th>
+ <th>Format</th>
+ <th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+ <td>call_site_off</td>
+ <td>uint</td>
+ <td>offset from the start of the file to call site defintion. The offset should
+ be in the data section, and the data there should be in the format specified by
+ "call_site_item" below.
+ </td>
+</tr>
+</tbody>
+</table>
+
+<h3 id="call-site-item">call_site_item</h3>
+<h4>appears in the data section</h4>
+<h4>alignment: none (byte aligned)</h4>
+
+<p> The call_site_item is an encoded_array_item whose elements correspond to the arguments
+provided to a bootstrap linker method. The first three arguments are:
+<ol>
+<li>A method handle representing the bootstrap linker method (VALUE_METHOD_HANDLE).</li>
+<li>A method name that the bootstrap linker should resolve (VALUE_STRING).</li>
+<li>A method type corresponding to the type of the method name to be resolved (VALUE_METHOD_TYPE).</li>
+</ol>
+
+<p>Any additional arguments are constant values passed to the bootstrap linker method. These arguments are
+passed in order and without any type conversions.
+
+<p>The method handle representing the bootstrap linker method must have return type <code>java.lang.invoke.CallSite</code>. The first three parameter types are:
+<ol>
+<li><code>java.lang.invoke.Lookup</code></li>
+<li><code>java.lang.String</code></li>
+<li><code>java.lang.invoke.MethodType</code></li>
+</ol>
+
+<p>The parameter types of any additional arguments are determined from their constant values.
+
+<h3 id="method-handle-item">method_handle_item</h3>
+<h4>appears in the method_handles section</h4>
+<h4>alignment: 4 bytes</h4>
+
+<table class="format">
+<thead>
+<tr>
+ <th>Name</th>
+ <th>Format</th>
+ <th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+ <td>method_handle_type</td>
+ <td>ushort</td>
+ <td>type of the method handle; see table below
+ </td>
+</tr>
+<tr>
+ <td>unused</td>
+ <td>ushort</td>
+ <td><i>(unused)</i></td>
+</tr>
+<tr>
+ <td>field_or_method_id</td>
+ <td>ushort</td>
+ <td>Field or method id depending on whether the method handle type is an accessor or a method invoker</td>
+</tr>
+<tr>
+ <td>unused</td>
+ <td>ushort</td>
+ <td><i>(unused)</i></td>
+</tr>
+</tbody>
+</table>
+
+<h3 id="method-handle-type-codes">Method Handle Type Codes</h3>
+
+<table class="format">
+<thead>
+<tr>
+ <th>Constant</th>
+ <th>Value</th>
+ <th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+ <td>METHOD_HANDLE_TYPE_STATIC_PUT</td>
+ <td>0x00</td>
+ <td>Method handle is a static field setter (accessor)</td>
+</tr>
+<tr>
+ <td>METHOD_HANDLE_TYPE_STATIC_GET</td>
+ <td>0x01</td>
+ <td>Method handle is a static field getter (accessor)</td>
+</tr>
+<tr>
+ <td>METHOD_HANDLE_TYPE_INSTANCE_PUT</td>
+ <td>0x02</td>
+ <td>Method handle is an instance field setter (accessor)</td>
+</tr>
+<tr>
+ <td>METHOD_HANDLE_TYPE_INSTANCE_GET</td>
+ <td>0x03</td>
+ <td>Method handle is an instance field getter (accessor)</td>
+</tr>
+<tr>
+ <td>METHOD_HANDLE_TYPE_INVOKE_STATIC</td>
+ <td>0x04</td>
+ <td>Method handle is a static method invoker</td>
+</tr>
+<tr>
+ <td>METHOD_HANDLE_TYPE_INVOKE_INSTANCE</td>
+ <td>0x05</td>
+ <td>Method handle is an instance method invoker</td>
+</tr>
+</tbody>
+</table>
+
<h3 id="class-data-item">class_data_item</h3>
<h4>referenced from class_def_item</h4>
<h4>appears in the data section</h4>
diff --git a/src/devices/tech/dalvik/instruction-formats.jd b/src/devices/tech/dalvik/instruction-formats.jd
index d82f54c..76e61d4 100644
--- a/src/devices/tech/dalvik/instruction-formats.jd
+++ b/src/devices/tech/dalvik/instruction-formats.jd
@@ -189,10 +189,11 @@
"<code><i>kind</i>@<i>X</i></code>", where "<code><i>kind</i></code>"
indicates which constant pool is being referred to. Each opcode that
uses such a format explicitly allows only one kind of constant; see
-the opcode reference to figure out the correspondence. The four
+the opcode reference to figure out the correspondence. The
kinds of constant pool are "<code>string</code>" (string pool index),
"<code>type</code>" (type pool index), "<code>field</code>" (field
-pool index), and "<code>meth</code>" (method pool index).</p>
+pool index), "<code>meth</code>" (method pool index), and
+"<code>site</code>" (call site index).</p>
<p>Similar to the representation of constant pool indices, there are
also suggested (optional) forms that indicate prelinked offsets or
@@ -370,6 +371,8 @@
<td><i>[<code>A=5</code>] <code>op</code></i> {vC, vD, vE, vF, vG},
meth@BBBB<br/>
<i>[<code>A=5</code>] <code>op</code></i> {vC, vD, vE, vF, vG},
+ site@BBBB<br/>
+ <i>[<code>A=5</code>] <code>op</code></i> {vC, vD, vE, vF, vG},
type@BBBB<br/>
<i>[<code>A=4</code>] <code>op</code></i> {vC, vD, vE, vF},
<i><code>kind</code></i>@BBBB<br/>
@@ -431,6 +434,7 @@
<td rowspan="3">AA|<i>op</i> BBBB CCCC</td>
<td>3rc</td>
<td><i><code>op</code></i> {vCCCC .. vNNNN}, meth@BBBB<br/>
+ <i><code>op</code></i> {vCCCC .. vNNNN}, site@BBBB<br/>
<i><code>op</code></i> {vCCCC .. vNNNN}, type@BBBB<br/>
<p><i>where <code>NNNN = CCCC+AA-1</code>, that is <code>A</code>
determines the count <code>0..255</code>, and <code>C</code>
@@ -461,7 +465,7 @@
</td>
</tr>
<tr>
- <td>AG|<i>op</i> BBBB F|E|D|C HHHH
+ <td>A|G|<i>op</i> BBBB F|E|D|C HHHH
<td>45cc</td>
<td>
<i>[<code>A=5</code>] <code>op</code></i> {vC, vD, vE, vF, vG}, meth@BBBB, proto@HHHH<br>
diff --git a/src/devices/tech/test_infra/tradefed/fundamentals/vts.jd b/src/devices/tech/test_infra/tradefed/fundamentals/vts.jd
new file mode 100644
index 0000000..36ea2f3
--- /dev/null
+++ b/src/devices/tech/test_infra/tradefed/fundamentals/vts.jd
@@ -0,0 +1,90 @@
+page.title=Systems Testing With VTS
+@jd:body
+
+<!--
+ Copyright 2017 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<div id="qv-wrapper">
+ <div id="qv">
+ <h2>In this document</h2>
+ <ol id="auto-toc">
+ </ol>
+ </div>
+</div>
+
+<p>The Vendor Test Suite (VTS) automates HAL and OS kernel testing. To use VTS
+to test an Android native system implementation, set up a testing environment
+then test a patch using a VTS plan.</p>
+
+<h2 id="establish">Establishing a test environment</h2>
+<p>To set up a testing environment:</p>
+<ol>
+<li>Install Python development kit:
+<pre><code>$ sudo apt-get install python-dev</code></pre></li>
+<li>Install Protocol Buffer tools (for Python):
+<pre><code>$ sudo apt-get install python-protobuf<br>
+$ sudo apt-get install protobuf-compiler
+</code></pre></li>
+<li>Install Python virtual environment-related tools:
+<pre><code>$ sudo apt-get install python-virtualenv<br>
+$ sudo apt-get install python-pip
+</code></pre></li></ol>
+
+<h2 id="test">Testing a patch</h2>
+<p>To test a patch:</p>
+<ol>
+<li>Build a VTS host-side package:
+<pre><code>$ . build/envsetup.sh
+$ lunch aosp_arm64-userdebug
+$ make vts -j</code></pre></li>
+<li>Run the default VTS tests:
+<pre><code>$ vts-tradefed<br>
+> run vts // where vts is the test plan name
+</pre></code></li></ol>
+
+<h2 id="plans">VTS plans</h2>
+<p>Available VTS test plans include:</p>
+
+<table>
+<thead>
+<tr>
+<th>Command</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>> run vts</td>
+<td>For default VTS tests</td>
+</tr>
+<tr>
+<td>> run vts-hal</td>
+<td>For default VTS HAL (hardware abstraction layer) tests</td>
+</tr>
+<tr>
+<td>> run vts-kernel</td>
+<td>For default VTS kernel tests</td>
+</tr>
+</tbody>
+</table>
+
+<p>To view a list of all plans, refer to
+<code><a href="https://android.googlesource.com/platform/test/vts/+/master/tools/vts-tradefed/res/config/plans.md">/test/vts/tools/vts-tradefed/res/config.md</a></code>.</p>
+
+<h2 id="support">Support</h2>
+<p>You can view a user manual at
+<code><a href=" https://android.googlesource.com/platform/test/vts/+/master/README.md">/test/vts/doc</a></code>.
+For questions on VTS, please join
+<a href="https://groups.google.com/forum/#!forum/android-vts">android-vts@googlegroups.com</a>.</p>
diff --git a/src/index.jd b/src/index.jd
index c07f0b5..710c94b 100644
--- a/src/index.jd
+++ b/src/index.jd
@@ -44,8 +44,33 @@
<div class="col-8">
<h3>What's New</h3>
-<h4>Background App Compilation in A/B System Updates</h4>
+<h4>March Android Security Bulletin</h4>
+<p>The <strong><a href="{@docRoot}security/bulletin/2017-03-01.html">March
+2017 Android Security Bulletin</a></strong> has been published along with links
+to associated fixes. In addition, new
+<strong><a href="{@docRoot}source/build-numbers.html#source-code-tags-and-builds">build
+numbers</a></strong> have been published for Nexus 6 running Android 7.0 and
+7.1.1 and also Pixel, Pixel XL, Pixel C, Nexus 5X, Nexus 6P, Nexus 9, and Nexus
+Player running Android 7.1.1 to support the March Android security release.</p>
+<h4>Systems Testing With VTS</h4>
+<p>The Vendor Test Suite (VTS) automates HAL and OS kernel testing.
+<strong><a href="{@docRoot}devices/tech/test_infra/tradefed/fundamentals/vts.html">New
+documentation</a></strong> covers how to use VTS to test an Android native
+system implementation, set up a testing environment then test a patch using
+a VTS plan.</p>
+
+<h4>New Dalvik Bytecodes and Formats</h4>
+<p>Dalvik now offers new <strong><a
+href="{@docRoot}devices/tech/dalvik/dalvik-bytecode.html">bytecode formats 45cc
+and 4rcc</a></strong> and placeholder opcodes for <strong><a
+href="{@docRoot}devices/tech/dalvik/instruction-formats.html">invoke-polymorphic
+and invoke-polymorphic/range</a></strong>, which are the first dex instructions
+that use these new formats. In addition to a method_idx that gives the invoked
+method, these instructions also provide a proto_idx that gives the (static)
+type signature of the call site.</p>
+
+<h4>Background App Compilation in A/B System Updates</h4>
<p>Examples for
<strong><a href="{@docRoot}devices/tech/dalvik/configure.html#other_odex">installing</a></strong> and
<strong><a href="{@docRoot}devices/tech/ota/ab_updates.html#configuration">configuring</a></strong>
@@ -53,15 +78,6 @@
for optimizing user apps so they are ready to run after the device reboots
during an A/B system update.</p>
-<h4>February Android Security Bulletin</h4>
-<p>The <strong><a href="{@docRoot}security/bulletin/2017-02-01.html">February
-2017 Android Security Bulletin</a></strong> has been published along with links
-to associated fixes. In addition, new
-<strong><a href="{@docRoot}source/build-numbers.html#source-code-tags-and-builds">build
-numbers</a></strong> have been published for Nexus 6 running Android 7.0 and
-7.1.1 and also Pixel, Pixel XL, Pixel C, Nexus 5X, Nexus 6P, Nexus 9, and Nexus
-Player running Android 7.1.1 to support the February Android security release.</p>
-
<h4>Android 7.1 CDD</h4>
<p>The <strong><a href="{@docRoot}compatibility/7.1/android-7.1-cdd.html">7.1
version</a></strong> of the <strong><a
@@ -78,21 +94,6 @@
crashes</a></strong> expected and including the clues for finding them in
<code>debuggerd</code> output.</p>
-<h4>CTS and CTS Verifier 7.0, 6.0, and 5.1</h4>
-<p>Android Compatibility Test Suite (CTS) and CTS Verifier 7.0 R5, 6.0 R14, and
-5.1 R15 are available for <strong><a
-href="{@docRoot}compatibility/cts/downloads.html">download</a></strong>. These
-releases contain test fixes and verify security patches up to the <strong><a
-href="{@docRoot}security/bulletin/2016-12-01.html">December 2016 Public
-Security Bulletin</a></strong>.</p>
-
-<h4>dalvik.annotation.MethodParameters</h4>
-<p>A <code>dalvik.annotation.MethodParameters</code> annotation has been added
-to AOSP after Android 7.1 that is optional and can be used to provide parameter
-metadata such as parameter names and modifiers. See <strong><a
-href="devices/tech/dalvik/dex-format.html#dalvik-annotation-method-parameters">Dalvik
-Executable format</a></strong> for a complete description.</p>
-
</div>
<div class="col-8">
diff --git a/src/security/bulletin/2017-02-01.jd b/src/security/bulletin/2017-02-01.jd
index cd813e3..1ed8a4d 100644
--- a/src/security/bulletin/2017-02-01.jd
+++ b/src/security/bulletin/2017-02-01.jd
@@ -2019,10 +2019,10 @@
Android devices more quickly. Android partners are encouraged to fix all issues
in this bulletin and use the latest security patch level.</p>
<ul>
- <li>Devices that use the January 1, 2017 security patch level must include all
+ <li>Devices that use the February 1, 2017 security patch level must include all
issues associated with that security patch level, as well as fixes for all
issues reported in previous security bulletins.</li>
- <li>Devices that use the security patch level of January 5, 2017 or newer must
+ <li>Devices that use the security patch level of February 5, 2017 or newer must
include all applicable patches in this (and previous) security
bulletins.</li>
</ul>
diff --git a/src/security/bulletin/2017-03-01.jd b/src/security/bulletin/2017-03-01.jd
new file mode 100644
index 0000000..1830bb8
--- /dev/null
+++ b/src/security/bulletin/2017-03-01.jd
@@ -0,0 +1,3137 @@
+page.title=Android Security Bulletin—March 2017
+@jd:body
+
+<!--
+ Copyright 2016 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<p><em>Published March 06, 2017 | Updated March 07, 2017</em></p>
+<p>The Android Security Bulletin contains details of security vulnerabilities
+affecting Android devices. Alongside the bulletin, we have released a security
+update to Google devices through an over-the-air (OTA) update. The Google device
+firmware images have also been released to the <a
+href="https://developers.google.com/android/nexus/images">Google Developer
+site</a>. Security patch levels of March 05, 2017 or later address all of these
+issues. Refer to the <a
+href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel
+and Nexus update schedule</a> to learn how to check a device's security patch
+level.</p>
+<p>Partners were notified of the issues described in the bulletin on February 06,
+2017 or earlier. Source code patches for these issues have been released to the
+Android Open Source Project (AOSP) repository and linked from this bulletin.
+This bulletin also includes links to patches outside of AOSP.</p>
+<p>The most severe of these issues is a Critical security vulnerability that could
+enable remote code execution on an affected device through multiple methods such
+as email, web browsing, and MMS when processing media files.</p>
+<p>We have had no reports of active customer exploitation or abuse of these newly
+reported issues. Refer to the <a
+href="#mitigations">Android and Google service
+mitigations</a> section for details on the <a
+href="{@docRoot}security/enhancements/index.html">Android
+security platform protections</a> and service protections such as <a
+href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>,
+which improve the security of the Android platform.</p>
+<p>We encourage all customers to accept these updates to their devices.</p>
+<h2 id="announcements">Announcements</h2>
+<ul>
+<li>This bulletin has two security patch level strings to provide Android
+partners with the flexibility to more quickly fix a subset of vulnerabilities
+that are similar across all Android devices. See <a
+href="#common-questions-and-answers">Common questions and answers</a> for
+additional information:
+<ul>
+ <li><strong>2017-03-01</strong>: Partial security patch level string. This
+security patch level string indicates that all issues associated with 2017-03-01
+(and all previous security patch level strings) are addressed.</li>
+ <li><strong>2017-03-05</strong>: Complete security patch level string. This
+security patch level string indicates that all issues associated with 2017-03-01
+and 2017-03-05 (and all previous security patch level strings) are addressed.</li>
+</ul>
+</li>
+<li>Supported Google devices will receive a single OTA update with the March
+05, 2017 security patch level.</li>
+</ul>
+<h2 id="security-vulnerability-summary">Security vulnerability summary</h2>
+<p>The tables below contains a list of security vulnerabilities, the Common
+Vulnerability and Exposures ID (CVE), the assessed severity, and whether or not
+Google devices are affected. The <a
+href="{@docRoot}security/overview/updates-resources.html#severity">severity
+assessment</a> is based on the effect that exploiting the vulnerability would
+possibly have on an affected device, assuming the platform and service
+mitigations are disabled for development purposes or if successfully bypassed.</p>
+<h3 id="2017-03-01-summary">2017-03-01
+security patch level—Vulnerability summary</h3>
+<p>Security patch levels of 2017-03-01 or later must address the following issues.</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>Issue</th>
+ <th>CVE</th>
+ <th>Severity</th>
+ <th>Affects Google devices?</th>
+ </tr>
+ <tr>
+ <td>Remote code execution vulnerability in OpenSSL & BoringSSL</td>
+ <td>CVE-2016-2182</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Remote code execution vulnerability in Mediaserver</td>
+ <td>CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469,
+CVE-2017-0470, CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0474</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in recovery verifier</td>
+ <td>CVE-2017-0475</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Remote code execution vulnerability in AOSP Messaging</td>
+ <td>CVE-2017-0476</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Remote code execution vulnerability in libgdx</td>
+ <td>CVE-2017-0477</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Remote code execution vulnerability in Framesequence library</td>
+ <td>CVE-2017-0478</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in NFC</td>
+ <td>CVE-2017-0481</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Audioserver</td>
+ <td>CVE-2017-0479, CVE-2017-0480</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Denial of service vulnerability in Mediaserver</td>
+ <td>CVE-2017-0482, CVE-2017-0483, CVE-2017-0484, CVE-2017-0485,
+CVE-2017-0486, CVE-2017-0487, CVE-2017-0488</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Location Manager</td>
+ <td>CVE-2017-0489</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Wi-Fi</td>
+ <td>CVE-2017-0490</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Package Manager</td>
+ <td>CVE-2017-0491</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in System UI</td>
+ <td>CVE-2017-0492</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in AOSP Messaging</td>
+ <td>CVE-2017-0494</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Mediaserver</td>
+ <td>CVE-2017-0495</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Denial of service vulnerability in Setup Wizard</td>
+ <td>CVE-2017-0496</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Denial of service vulnerability in Mediaserver</td>
+ <td>CVE-2017-0497</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Denial of service vulnerability in Setup Wizard</td>
+ <td>CVE-2017-0498</td>
+ <td>Moderate</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Denial of service vulnerability in Audioserver</td>
+ <td>CVE-2017-0499</td>
+ <td>Low</td>
+ <td>Yes</td>
+ </tr>
+</table>
+<p>* Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+<h3 id="2017-03-05-summary">2017-03-05
+security patch level—Vulnerability summary</h3>
+<p>Security patch levels of 2017-03-05 or later must address all of the 2017-03-01
+issues, as well as the following issues.</p>
+<table>
+ <col width="55%">
+ <col width="20%">
+ <col width="13%">
+ <col width="12%">
+ <tr>
+ <th>Issue</th>
+ <th>CVE</th>
+ <th>Severity</th>
+ <th>Affects Google devices?</th>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in MediaTek components</td>
+ <td>CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503,
+CVE-2017-0504, CVE-2017-0505, CVE-2017-0506</td>
+ <td>Critical</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in NVIDIA GPU driver</td>
+ <td>CVE-2017-0337, CVE-2017-0338, CVE-2017-0333, CVE-2017-0306, CVE-2017-0335</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in kernel ION subsystem</td>
+ <td>CVE-2017-0507, CVE-2017-0508</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Broadcom Wi-Fi driver</td>
+ <td>CVE-2017-0509</td>
+ <td>Critical</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in kernel FIQ debugger</td>
+ <td>CVE-2017-0510</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm GPU driver</td>
+ <td>CVE-2016-8479</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in kernel networking subsystem</td>
+ <td>CVE-2016-9806, CVE-2016-10200</td>
+ <td>Critical</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Vulnerabilities in Qualcomm components</td>
+ <td>CVE-2016-8484, CVE-2016-8485, CVE-2016-8486, CVE-2016-8487, CVE-2016-8488</td>
+ <td>Critical</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in kernel networking subsystem</td>
+ <td>CVE-2016-8655, CVE-2016-9793</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm input hardware driver</td>
+ <td>CVE-2017-0516</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in MediaTek Hardware Sensor Driver</td>
+ <td>CVE-2017-0517</td>
+ <td>High</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm ADSPRPC driver</td>
+ <td>CVE-2017-0457</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm fingerprint sensor
+driver</td>
+ <td>CVE-2017-0518, CVE-2017-0519</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm crypto engine driver</td>
+ <td>CVE-2017-0520</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm camera driver</td>
+ <td>CVE-2017-0458, CVE-2017-0521</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in MediaTek APK</td>
+ <td>CVE-2017-0522</td>
+ <td>High</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm Wi-Fi driver</td>
+ <td>CVE-2017-0464, CVE-2017-0453, CVE-2017-0523</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Synaptics touchscreen driver</td>
+ <td>CVE-2017-0524</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm IPA driver</td>
+ <td>CVE-2017-0456, CVE-2017-0525</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in HTC Sensor Hub Driver</td>
+ <td>CVE-2017-0526, CVE-2017-0527</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in NVIDIA GPU driver</td>
+ <td>CVE-2017-0307</td>
+ <td>High</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm networking driver</td>
+ <td>CVE-2017-0463, CVE-2017-0460</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in kernel security subsystem</td>
+ <td>CVE-2017-0528</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm SPCom driver</td>
+ <td>CVE-2016-5856, CVE-2016-5857</td>
+ <td>High</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in kernel networking subsystem</td>
+ <td>CVE-2014-8709</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in MediaTek driver</td>
+ <td>CVE-2017-0529</td>
+ <td>High</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Qualcomm bootloader</td>
+ <td>CVE-2017-0455</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Qualcomm power driver</td>
+ <td>CVE-2016-8483</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in NVIDIA GPU driver</td>
+ <td>CVE-2017-0334, CVE-2017-0336</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Denial of service vulnerability in kernel cryptographic subsystem</td>
+ <td>CVE-2016-8650</td>
+ <td>High</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Elevation of privilege vulnerability in Qualcomm camera driver (device
+specific)</td>
+ <td>CVE-2016-8417</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Qualcomm Wi-Fi driver</td>
+ <td>CVE-2017-0461, CVE-2017-0459, CVE-2017-0531</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in MediaTek video codec driver</td>
+ <td>CVE-2017-0532</td>
+ <td>Moderate</td>
+ <td>No*</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Qualcomm video driver</td>
+ <td>CVE-2017-0533, CVE-2017-0534, CVE-2016-8416, CVE-2016-8478</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Qualcomm camera driver</td>
+ <td>CVE-2016-8413, CVE-2016-8477</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in HTC sound codec driver</td>
+ <td>CVE-2017-0535</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Synaptics touchscreen driver</td>
+ <td>CVE-2017-0536</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in kernel USB gadget driver</td>
+ <td>CVE-2017-0537</td>
+ <td>Moderate</td>
+ <td>Yes</td>
+ </tr>
+ <tr>
+ <td>Information disclosure vulnerability in Qualcomm camera driver</td>
+ <td>CVE-2017-0452</td>
+ <td>Low</td>
+ <td>Yes</td>
+ </tr>
+</table>
+<p>* Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+<h2 id="mitigations">Android and Google service
+mitigations</h2>
+<p>This is a summary of the mitigations provided by the <a
+href="{@docRoot}security/enhancements/index.html">Android
+security platform</a> and service protections, such as SafetyNet. These
+capabilities reduce the likelihood that security vulnerabilities could be
+successfully exploited on Android.</p>
+<ul>
+<li>Exploitation for many issues on Android is made more difficult by
+enhancements in newer versions of the Android platform. We encourage all users
+to update to the latest version of Android where possible.</li>
+<li>The Android Security team actively monitors for abuse with <a
+href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">Verify
+Apps and SafetyNet</a>, which are designed to warn users about <a
+href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">Potentially
+Harmful Applications</a>. Verify Apps is enabled by default on devices with <a
+href="http://www.android.com/gms">Google Mobile Services</a> and is especially
+important for users who install applications from outside of Google Play. Device
+rooting tools are prohibited within Google Play, but Verify Apps warns users
+when they attempt to install a detected rooting application—no matter where it
+comes from. Additionally, Verify Apps attempts to identify and block
+installation of known malicious applications that exploit a privilege escalation
+vulnerability. If such an application has already been installed, Verify Apps
+will notify the user and attempt to remove the detected application.</li>
+<li>As appropriate, Google Hangouts and Messenger applications do not
+automatically pass media to processes such as Mediaserver.</li>
+</ul>
+<h2 id="acknowledgements">Acknowledgements</h2>
+<p>We would like to thank these researchers for their contributions:</p>
+<ul>
+<li>Alexander Potapenko of Google Dynamic Tools team: CVE-2017-0537
+<li>Baozeng Ding, Chengming Yang, Peng Xiao, and Yang Song of Alibaba Mobile
+Security Group: CVE-2017-0506
+<li>Baozeng Ding, Ning You, Chengming Yang, Peng Xiao, and Yang Song of Alibaba
+Mobile Security Group: CVE-2017-0463
+<li>Billy Lau of Android Security: CVE-2017-0335, CVE-2017-0336, CVE-2017-0338,
+CVE-2017-0460
+<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a
+href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2016-8413,
+CVE-2016-8477, CVE-2017-0531
+<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a
+href="https://twitter.com/derrekr6">@derrekr6</a>) and <a
+href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a
+href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0521
+<li>Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>) of KeenLab
+(<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2017-0334,
+CVE-2017-0456, CVE-2017-0457, CVE-2017-0525
+<li>En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) and Bo Liu of
+<a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0490
+<li>Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)
+and <a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360
+Technology Co. Ltd.: CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503,
+CVE-2017-0509, CVE-2017-0524, CVE-2017-0529, CVE-2017-0536
+<li>Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.:
+CVE-2017-0453, CVE-2017-0461, CVE-2017-0464
+<li>Hiroki Yamamoto and Fang Chen of Sony Mobile Communications Inc.:
+CVE-2017-0481
+<li>IBM Security X-Force Researchers Sagi Kedmi and Roee Hay: CVE-2017-0510
+<li>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) of <a
+href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a>: CVE-2017-0478
+<li>Jianqiang Zhao (<a
+href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) and <a
+href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360: CVE-2016-8416,
+CVE-2016-8478, CVE-2017-0458, CVE-2017-0459, CVE-2017-0518, CVE-2017-0519,
+CVE-2017-0533, CVE-2017-0534
+<li><a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>, <a
+href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a
+href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, and Xuxian Jiang of <a
+href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8479
+<li>Makoto Onuki of Google: CVE-2017-0491
+<li>Mingjian Zhou (<a
+href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a
+href="mailto:arnow117@gmail.com">Hanxiang Wen</a>, and Xuxian Jiang of <a
+href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0479, CVE-2017-0480
+<li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):
+CVE-2017-0535
+<li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) of
+Tesla Motors Product Security Team: CVE-2017-0306
+<li>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab
+(百度安全实验室): CVE-2016-8417
+<li>Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)
+of KeenLab, Tencent: CVE-2017-0337, CVE-2017-0476
+<li>Qing Zhang of Qihoo 360 and Guangdong Bai of Singapore Institute of
+Technology (SIT): CVE-2017-0496
+<li>Quhe and wanchouchou of Ant-financial Light-Year Security Lab
+(蚂蚁金服巴斯光年安全实验室): CVE-2017-0522
+<li><a href="mailto:keun-o.park@darkmatter.ae">Sahara</a> of Secure
+Communications in DarkMatter: CVE-2017-0528
+<li>salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>) of
+Shellphish Grill Team, UC Santa Barbara: CVE-2017-0505
+<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a
+href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0504,
+CVE-2017-0516
+<li>Sean Beaupre (beaups): CVE-2017-0455
+<li>Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) of
+Trend Micro: CVE-2017-0452
+<li>Shinichi Matsumoto of Fujitsu: CVE-2017-0498
+<li><a href="mailto:smarques84@gmail.com">Stéphane Marques</a> of <a
+href="http://www.byterev.com">ByteRev</a>: CVE-2017-0489
+<li>Svetoslav Ganov of Google: CVE-2017-0492
+<li><a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a
+href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, and Xuxian Jiang of <a
+href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0333
+<li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) of <a
+href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile
+Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a>:
+CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469, CVE-2017-0470,
+CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0482, CVE-2017-0485,
+CVE-2017-0486, CVE-2017-0487, CVE-2017-0494, CVE-2017-0495
+<li>Wish Wu (吴潍浠 此彼) (<a href="https://twitter.com/wish_wu">@wish_wu</a>) of
+Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室): CVE-2017-0477
+<li>Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2017-0517,
+CVE-2017-0532
+<li><a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, and Xuxian Jiang
+of <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0526, CVE-2017-0527
+<li>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>), <a
+href="mailto:vancouverdou@gmail.com">Wenke Dou</a>, <a
+href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>, Mingjian Zhou (<a
+href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), and Xuxian Jiang
+of <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0483</li></ul>
+
+<h2 id="2017-03-01-details">2017-03-01 security patch level—Vulnerability
+details</h2>
+<p>In the sections below, we provide details for each of the security
+vulnerabilities listed in the
+<a href="#2017-03-01-summary">2017-03-01
+security patch level—Vulnerability summary</a> above. There is a description of
+the issue, a severity rationale, and a table with the CVE, associated
+references, severity, updated Google devices, updated AOSP versions (where
+applicable), and date reported. When available, we will link the public change
+that addressed the issue to the bug ID, like the AOSP change list. When multiple
+changes relate to a single bug, additional references are linked to numbers
+following the bug ID.</p>
+
+
+<h3 id="rce-in-openssl-&-boringssl">Remote code execution vulnerability in
+OpenSSL & BoringSSL</h3>
+<p>A remote code execution vulnerability in OpenSSL and BoringSSL could enable an
+attacker using a specially crafted file to cause memory corruption during file
+and data processing. This issue is rated as Critical due to the possibility of
+remote code execution within the context of a privileged process.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-2182</td>
+ <td><a href="https://android.googlesource.com/platform/external/boringssl/+/54bf62a81586d99d0a951ca3342d569b59e69b80">
+ A-32096880</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Aug 5, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-mediaserver-">Remote code execution vulnerability in Mediaserver
+</h3>
+<p>A remote code execution vulnerability in Mediaserver could enable an attacker
+using a specially crafted file to cause memory corruption during media file and
+data processing. This issue is rated as Critical due to the possibility of
+remote code execution within the context of the Mediaserver process.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0466</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a>
+[<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>]
+ </td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 25, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0467</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a>
+[<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>]
+ </td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 30, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0468</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a>
+ [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>]
+ </td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 5, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0469</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/21851eaecc814be709cb0c20f732cb858cfe1440">
+ A-33450635</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 8, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0470</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/6aac82003d665708b4e21e9b91693b642e2fa64f">
+ A-33818500</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 21, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0471</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/4a61d15e7b0ab979ba7e80db8ddbde025c1ce6cc">
+ A-33816782</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 21, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0472</td>
+ <td><a href="https://android.googlesource.com/platform/external/libhevc/+/dfa7251ff270ae7e12a019e6735542e36b2a47e0">
+ A-33862021</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 23, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0473</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/0a4463e2beddb8290e05ad552e48b17686f854ce">
+ A-33982658</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 30, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0474</td>
+ <td><a href="https://android.googlesource.com/platform/external/libvpx/+/6f5927de29337fa532c64d0ef8c7cb68f7c89889">
+ A-32589224</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>7.0, 7.1.1</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-recovery-verifier">Elevation of privilege vulnerability in
+recovery verifier</h3>
+<p>An elevation of privilege vulnerability in the recovery verifier could enable a
+local malicious application to execute arbitrary code within the context of the
+kernel. This issue is rated as Critical due to the possibility of a local
+permanent device compromise, which may require reflashing the operating system
+to repair the device.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0475</td>
+ <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/2c6c23f651abb3d215134dfba463eb72a5e9f8eb">
+ A-31914369</a></td>
+ <td>Critical</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Oct 2, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-aosp-messaging">Remote code execution vulnerability in AOSP
+Messaging</h3>
+<p>A remote code execution vulnerability in AOSP Messaging could enable an
+attacker using a specially crafted file to cause memory corruption during media
+file and data processing. This issue is rated as High due to the possibility of
+remote code execution within the context of an unprivileged process.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0476</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/8ba22b48ebff50311d7eaa8d512f9d507f0bdd0d">
+ A-33388925</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 6, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-libgdx">Remote code execution vulnerability in libgdx</h3>
+<p>A remote code execution vulnerability in libgdx could enable an attacker using
+a specially crafted file to execute arbitrary code within the context of an
+unprivileged process. This issue is rated as High due to the possibility of
+remote code execution in an application that uses this library.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0477</td>
+ <td><a href="https://android.googlesource.com/platform/external/libgdx/+/fba04a52f43315cdb7dd38766822af0324eab7c5">
+ A-33621647</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>7.1.1</td>
+ <td>Dec 14, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="rce-in-framesequence-library">Remote code execution vulnerability in
+Framesequence library</h3>
+<p>A remote code execution vulnerability in the Framesequence library could enable
+an attacker using a specially crafted file to execute arbitrary code in the
+context of an unprivileged process. This issue is rated as High due to the
+possibility of remote code execution in an application that uses the
+Framesequence library.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0478</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/7c824f17b3eea976ca58be7ea097cb807126f73b">
+ A-33718716</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 16, 2016</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-nfc">Elevation of privilege vulnerability in NFC</h3>
+<p>An elevation of privilege vulnerability in NFC could enable a proximate
+attacker to execute arbitrary code within the context of a privileged process.
+This issue is rated as High because it could be used to gain local access to
+elevated capabilities, which are not normally accessible to a third-party
+application.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0481</td>
+ <td><a href="https://android.googlesource.com/platform/external/libnfc-nci/+/c67cc6ad2addddcb7185a33b08d27290ce54e350">
+ A-33434992</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 6, 2016</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-audioserver">Elevation of privilege vulnerability in
+Audioserver</h3>
+<p>An elevation of privilege vulnerability in Audioserver could enable a local
+malicious application to execute arbitrary code within the context of a
+privileged process. This issue is rated as High because it could be used to
+gain local access to elevated capabilities, which are not normally accessible
+to a third-party application.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0479</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">
+ A-32707507</a>
+[<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>]
+ </td>
+ <td>High</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 7, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0480</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">
+ A-32705429</a>
+[<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>]
+ </td>
+ <td>High</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 7, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-mediaserver">Denial of service vulnerability in Mediaserver</h3>
+<p>A denial of service vulnerability in Mediaserver could enable an attacker to
+use a specially crafted file to cause a device hang or reboot. This issue is
+rated as High severity due to the possibility of remote denial of service.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0482</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">
+ A-33090864</a>
+[<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>]
+[<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>]
+[<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>]
+[<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>]
+[<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td>
+ <td>High</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 22, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0483</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976">
+ A-33137046</a>
+[<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td>
+ <td>High</td>
+ <td>All</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 24, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0484</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">
+ A-33298089</a>
+[<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a>]</td>
+ <td>High</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 1, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0485</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">
+ A-33387820</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 6, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0486</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/19814b7ad4ea6f0cc4cab34e50ebab2e180fc269">
+ A-33621215</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 14, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0487</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/aa78b96e842fc1fb70a18acff22be35c7a715b23">
+ A-33751193</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 19, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0488</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/0340381cd8c220311fd4fe2e8b23e1534657e399">
+ A-34097213</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+
+<h3 id="eop-in-location-manager">Elevation of privilege vulnerability in
+Location Manager</h3>
+<p>An elevation of privilege vulnerability in Location Manager could enable a
+local malicious application to bypass operating system protections for location
+data. This issue is rated as Moderate because it could be used to generate
+inaccurate data.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0489</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d22261fef84481651e12995062105239d551cbc6">
+ A-33091107</a></td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 20, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-wi-fi">Elevation of privilege vulnerability in Wi-Fi</h3>
+<p>An elevation of privilege vulnerability in Wi-Fi could enable a local malicious
+application to delete user data. This issue is rated as Moderate because it is
+a local bypass of user interaction requirements that would normally require
+either user initiation or user permission. </p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0490</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95">
+ A-33178389</a>
+[<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>]
+[<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>]
+ </td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 25, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-package-manager">Elevation of privilege vulnerability in Package
+Manager</h3>
+<p>An elevation of privilege vulnerability in Package Manager could enable a local
+malicious application to prevent users from uninstalling applications or
+removing permissions from applications. This issue is rated as Moderate because
+it is a local bypass of user interaction requirements.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0491</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/5c49b6bf732c88481466dea341917b8604ce53fa">
+ A-32553261</a>
+ </td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-system-ui">Elevation of privilege vulnerability in System
+UI</h3>
+<p>An elevation of privilege vulnerability in the System UI could enable a local
+malicious application to create a UI overlay covering the entire screen. This
+issue is rated as Moderate because it is a local bypass of user interaction
+requirements that would normally require either user initiation or user
+permission.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0492</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/f4bed684c939b0f8809ef404b8609fe4ef849263">
+ A-30150688</a>
+ </td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>7.1.1</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-aosp-messaging">Information disclosure vulnerability in AOSP
+Messaging</h3>
+<p>An information disclosure vulnerability in AOSP Messaging could enable a remote
+attacker using a special crafted file to access data outside of its permission
+levels. This issue is rated as Moderate because it could be used to access
+sensitive data without permission.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0494</td>
+ <td><a href="https://android.googlesource.com/platform/packages/apps/Messaging/+/3f9821128abd66c4cd2f040d8243efb334bfad2d">
+ A-32764144</a></td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Nov 9, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-mediaserver">Information disclosure vulnerability in
+Mediaserver</h3>
+<p>An information disclosure vulnerability in Mediaserver could enable a local
+malicious application to access data outside of its permission levels. This
+issue is rated as Moderate because it could be used to access sensitive data
+without permission.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0495</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/85c0ec4106659a11c220cd1210f8d76c33d9e2ae">
+ A-33552073</a></td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Dec 11, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-setup-wizard">Denial of service vulnerability in Setup
+Wizard</h3>
+<p>A denial of service vulnerability in Setup Wizard could allow a local malicious
+application to temporarily block access to an affected device. This issue is
+rated as Moderate because it may require a factory reset to repair the device.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0496</td>
+ <td>A-31554152*</td>
+ <td>Moderate</td>
+ <td>None**</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1</td>
+ <td>Sep 14, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained in
+the latest binary drivers for Google devices available from the <a
+href="https://developers.google.com/android/nexus/drivers">Google Developer
+site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+<h3 id="dos-in-mediaserver-2">Denial of service vulnerability in
+Mediaserver</h3>
+<p>A denial of service vulnerability in Mediaserver could enable an attacker to
+use a specially crafted file to cause a device hang or reboot. This issue is
+rated as Moderate because it requires an uncommon device configuration.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0497</td>
+ <td><a href="https://android.googlesource.com/platform/external/skia/+/8888cbf8e74671d44e9ff92ec3847cd647b8cdfb">
+ A-33300701</a></td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>7.0, 7.1.1</td>
+ <td>Dec 2, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-setup-wizard-2">Denial of service vulnerability in Setup
+Wizard</h3>
+<p>A denial of service vulnerability in Setup Wizard could allow a local attacker
+to require Google account sign-in after a factory reset. This issue is rated as
+Moderate because it may require a factory reset to repair the device. </p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0498</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b">
+ A-30352311</a>
+[<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>]
+ </td>
+ <td>Moderate</td>
+ <td>All</td>
+ <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+
+
+<h3 id="dos-in-audioserver">Denial of service vulnerability in Audioserver</h3>
+<p>A denial of service vulnerability in Audioserver could enable a local malicious
+application to cause a device hang or reboot. This issue is rated as Low due to
+the possibility of a temporary denial of service.</p>
+
+<table>
+ <col width="18%">
+ <col width="17%">
+ <col width="10%">
+ <col width="19%">
+ <col width="18%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Updated AOSP versions</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0499</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">
+ A-32095713</a></td>
+ <td>Low</td>
+ <td>All</td>
+ <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td>
+ <td>Oct 11, 2016</td>
+ </tr>
+</table>
+
+
+<h2 id="2017-03-05-details">2017-03-05 security patch level—Vulnerability
+details</h2>
+<p>In the sections below, we provide details for each of the security
+vulnerabilities listed in the
+<a href="#2017-03-05-summary">2017-03-05
+security patch level—Vulnerability summary</a> above. There is a description of
+the issue, a severity rationale, and a table with the CVE, associated
+references, severity, updated Google devices, updated AOSP versions (where
+applicable), and date reported. When available, we will link the public change
+that addressed the issue to the bug ID, like the AOSP change list. When multiple
+changes relate to a single bug, additional references are linked to numbers
+following the bug ID.</p>
+
+
+<h3 id="eop-in-mediatek-components">Elevation of privilege vulnerability in
+MediaTek components</h3>
+<p>An elevation of privilege vulnerability in MediaTek components, including the
+M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue
+driver, could enable a local malicious application to execute arbitrary code
+within the context of the kernel. This issue is rated as Critical due to the
+possibility of a local permanent device compromise, which may require
+reflashing the operating system to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0500</td>
+ <td>A-28429685*<br>
+ M-ALPS02710006</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Apr 27, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0501</td>
+ <td>A-28430015*<br>
+ M-ALPS02708983</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Apr 27, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0502</td>
+ <td>A-28430164*<br>
+ M-ALPS02710027</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Apr 27, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0503</td>
+ <td>A-28449045*<br>
+ M-ALPS02710075</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Apr 28, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0504</td>
+ <td>A-30074628*<br>
+ M-ALPS02829371</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Jul 9, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0505</td>
+ <td>A-31822282*<br>
+ M-ALPS02992041</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Sep 28, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0506</td>
+ <td>A-32276718*<br>
+ M-ALPS03006904</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Oct 18, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="eop-in-nvidia-gpu-driver">Elevation of privilege vulnerability in
+NVIDIA GPU driver</h3>
+<p>An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a
+local malicious application to execute arbitrary code within the context of the
+kernel. This issue is rated as Critical due to the possibility of a local
+permanent device compromise, which may require reflashing the operating system
+to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0337</td>
+ <td>A-31992762*<br>
+ N-CVE-2017-0337</td>
+ <td>Critical</td>
+ <td>Pixel C</td>
+ <td>Oct 6, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0338</td>
+ <td>A-33057977*<br>
+ N-CVE-2017-0338</td>
+ <td>Critical</td>
+ <td>Pixel C</td>
+ <td>Nov 21, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0333</td>
+ <td>A-33899363*<br>
+ N-CVE-2017-0333</td>
+ <td>Critical</td>
+ <td>Pixel C</td>
+ <td>Dec 25, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0306</td>
+ <td>A-34132950*<br>
+ N-CVE-2017-0306</td>
+ <td>Critical</td>
+ <td>Nexus 9</td>
+ <td>Jan 6, 2017</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0335</td>
+ <td>A-33043375*<br>
+ N-CVE-2017-0335</td>
+ <td>Critical</td>
+ <td>Pixel C</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-kernel-ion-subsystem">Elevation of privilege vulnerability in
+kernel ION subsystem</h3>
+<p>An elevation of privilege vulnerability in the kernel ION subsystem could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as Critical due to the possibility
+of a local permanent device compromise, which may require reflashing the
+operating system to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0507</td>
+ <td>A-31992382*</td>
+ <td>Critical</td>
+ <td>Android One, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, Pixel
+C, Pixel, Pixel XL</td>
+ <td>Oct 6, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0508</td>
+ <td>A-33940449*</td>
+ <td>Critical</td>
+ <td>Pixel C</td>
+ <td>Dec 28, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-broadcom-wi-fi-driver">Elevation of privilege vulnerability in
+Broadcom Wi-Fi driver</h3>
+<p>An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as Critical due to the possibility
+of a local permanent device compromise, which may require reflashing the
+operating system to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0509</td>
+ <td>A-32124445*<br>
+ B-RB#110688</td>
+ <td>Critical</td>
+ <td>None**</td>
+ <td>Oct 12, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="eop-in-kernel-fiq-debugger">Elevation of privilege vulnerability in
+kernel FIQ debugger</h3>
+<p>An elevation of privilege vulnerability in the kernel FIQ debugger could enable
+a local malicious application to execute arbitrary code within the context of
+the kernel. This issue is rated as Critical due to the possibility of a local
+permanent device compromise, which may require reflashing the operating system
+to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0510</td>
+ <td>A-32402555*</td>
+ <td>Critical</td>
+ <td>Nexus 9</td>
+ <td>Oct 25, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-qualcomm-gpu-driver">Elevation of privilege vulnerability in
+Qualcomm GPU driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm GPU driver could enable
+a local malicious application to execute arbitrary code within the context of
+the kernel. This issue is rated as Critical due to the possibility of a local
+permanent device compromise, which may require reflashing the operating system
+to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8479</td>
+ <td>A-31824853*<br>
+ QC-CR#1093687</td>
+ <td>Critical</td>
+ <td>Android One, Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td>
+ <td>Sep 29, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-kernel-networking-subsystem">Elevation of privilege
+vulnerability in kernel networking subsystem</h3>
+<p>An elevation of privilege vulnerability in the kernel networking subsystem
+could enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as Critical due to the possibility
+of a local permanent device compromise, which may require reflashing the
+operating system to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-9806</td>
+ <td>A-33393474<br>
+ <a
+href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520">
+Upstream kernel</a></td>
+ <td>Critical</td>
+ <td>Pixel C, Pixel, Pixel XL</td>
+ <td>Dec 4, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-10200</td>
+ <td>A-33753815<br>
+ <a
+href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef">
+Upstream kernel</a></td>
+ <td>Critical</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>Dec 19, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="vulnerabilities-in-qualcomm-components">Vulnerabilities in Qualcomm
+components</h3>
+<p>The following vulnerability affects Qualcomm components and is described in
+further detail in Qualcomm AMSS September 2016 security bulletin.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8484</td>
+ <td>A-28823575**</td>
+ <td>Critical</td>
+ <td>None***</td>
+ <td>Qualcomm internal</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8485</td>
+ <td>A-28823681**</td>
+ <td>Critical</td>
+ <td>None***</td>
+ <td>Qualcomm internal</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8486</td>
+ <td>A-28823691**</td>
+ <td>Critical</td>
+ <td>None***</td>
+ <td>Qualcomm internal</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8487</td>
+ <td>A-28823724**</td>
+ <td>Critical</td>
+ <td>None***</td>
+ <td>Qualcomm internal</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8488</td>
+ <td>A-31625756**</td>
+ <td>Critical</td>
+ <td>None***</td>
+ <td>Qualcomm internal</td>
+ </tr>
+</table>
+<p>* The severity rating for these vulnerabilities was determined by the vendor.</p>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>*** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="eop-in-kernel-networking-subsystem-2">Elevation of privilege
+vulnerability in kernel networking subsystem</h3>
+<p>An elevation of privilege vulnerability in the kernel networking subsystem
+could enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8655</td>
+ <td>A-33358926<br>
+ <a
+href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c">
+Upstream kernel</a></td>
+ <td>High</td>
+ <td>Android One, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, Pixel
+C, Pixel, Pixel XL</td>
+ <td>Oct 12, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-9793</td>
+ <td>A-33363517<br>
+ <a
+href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290">
+Upstream kernel</a></td>
+ <td>High</td>
+ <td>Android One, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, Pixel
+C, Pixel, Pixel XL</td>
+ <td>Dec 2, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-input-hardware-driver">Elevation of privilege
+vulnerability in Qualcomm input hardware driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm input hardware driver
+could enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0516</td>
+ <td>A-32341680*<br>
+ QC-CR#1096301</td>
+ <td>High</td>
+ <td>Android One, Pixel, Pixel XL</td>
+ <td>Oct 21, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-mediatek-hardware-sensor-driver">Elevation of privilege
+vulnerability in MediaTek Hardware Sensor Driver</h3>
+<p>An elevation of privilege vulnerability in the MediaTek hardware sensor driver
+could enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0517</td>
+ <td>A-32372051*<br>
+ M-ALPS02973195</td>
+ <td>High</td>
+ <td>None**</td>
+ <td>Oct 22, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="eop-in-qualcomm-adsprpc-driver">Elevation of privilege vulnerability in
+Qualcomm ADSPRPC driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0457</td>
+ <td>A-31695439*<br>
+ QC-CR#1086123<br>
+ QC-CR#1100695</td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>Sep 22, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Elevation of privilege
+vulnerability in Qualcomm fingerprint sensor driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm fingerprint sensor
+driver could enable a local malicious application to execute arbitrary code
+within the context of the kernel. This issue is rated as High because it first
+requires compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0518</td>
+ <td>A-32370896*<br>
+ QC-CR#1086530</td>
+ <td>High</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 24, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0519</td>
+ <td>A-32372915*<br>
+ QC-CR#1086530</td>
+ <td>High</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 24, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-qualcomm-crypto-engine-driver">Elevation of privilege
+vulnerability in Qualcomm crypto engine driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm crypto engine driver
+could enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0520</td>
+ <td>A-31750232<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd">
+QC-CR#1082636</a></td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Sep 24, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-camera-driver">Elevation of privilege vulnerability in
+Qualcomm camera driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm camera driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0458</td>
+ <td>A-32588962<br>
+ <a
+href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4">
+QC-CR#1089433</a></td>
+ <td>High</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 31, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0521</td>
+ <td>A-32919951<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8">
+QC-CR#1097709</a></td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Nov 15, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-mediatek-apk">Elevation of privilege vulnerability in MediaTek
+APK</h3>
+<p>An elevation of privilege vulnerability in a MediaTek APK could enable a local
+malicious application to execute arbitrary code within the context of a
+privileged process. This issue is rated as High due to the possibility of local
+arbitrary code execution in a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0522</td>
+ <td>A-32916158*<br>
+ M-ALPS03032516</td>
+ <td>High</td>
+ <td>None**</td>
+ <td>Nov 15, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="eop-in-qualcomm-wi-fi-driver">Elevation of privilege vulnerability in
+Qualcomm Wi-Fi driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0464</td>
+ <td>A-32940193<br>
+ <a
+href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f">
+QC-CR#1102593</a></td>
+ <td>High</td>
+ <td>Nexus 5X, Pixel, Pixel XL</td>
+ <td>Nov 15, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0453</td>
+ <td>A-33979145<br>
+ <a
+href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513">
+QC-CR#1105085</a></td>
+ <td>High</td>
+ <td>Nexus 5X, Android One</td>
+ <td>Dec 30, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0523</td>
+ <td>A-32835279<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582">
+QC-CR#1096945</a></td>
+ <td>High</td>
+ <td>None*</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+<p>* Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="eop-in-synaptics-touchscreen-driver">Elevation of privilege
+vulnerability in Synaptics touchscreen driver</h3>
+<p>An elevation of privilege vulnerability in the Synaptics touchscreen driver
+could enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0524</td>
+ <td>A-33002026</td>
+ <td>High</td>
+ <td>Android One, Nexus 5X, Nexus 6P, Nexus 9, Pixel, Pixel XL</td>
+ <td>Nov 18, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-qualcomm-ipa-driver">Elevation of privilege vulnerability in
+Qualcomm IPA driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm IPA driver could enable
+a local malicious application to execute arbitrary code within the context of
+the kernel. This issue is rated as High because it first requires compromising
+a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0456</td>
+ <td>A-33106520*<br>
+ QC-CR#1099598</td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Nov 23, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0525</td>
+ <td>A-33139056*<br>
+ QC-CR#1097714</td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Nov 25, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-htc-sensor-hub-driver">Elevation of privilege vulnerability in
+HTC Sensor Hub Driver</h3>
+<p>An elevation of privilege vulnerability in the HTC Sensor Hub Driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0526</td>
+ <td>A-33897738*</td>
+ <td>High</td>
+ <td>Nexus 9</td>
+ <td>Dec 25, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0527</td>
+ <td>A-33899318*</td>
+ <td>High</td>
+ <td>Nexus 9, Pixel, Pixel XL</td>
+ <td>Dec 25, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-nvidia-gpu-driver-2">Elevation of privilege vulnerability in
+NVIDIA GPU driver</h3>
+<p>An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a
+local malicious application to execute arbitrary code within the context of the
+kernel. This issue is rated as Critical due to the possibility of a local
+permanent device compromise, which may require reflashing the operating system
+to repair the device.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0307</td>
+ <td>A-33177895*<br>
+ N-CVE-2017-0307</td>
+ <td>High</td>
+ <td>None**</td>
+ <td>Nov 28, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="eop-in-qualcomm-networking-driver">Elevation of privilege vulnerability
+in Qualcomm networking driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm networking driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0463</td>
+ <td>A-33277611<br>
+ <a
+href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2">
+QC-CR#1101792</a></td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Nov 30, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0460 </td>
+ <td>A-31252965*<br>
+ QC-CR#1098801</td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-kernel-security-subsystem">Elevation of privilege vulnerability
+in kernel security subsystem</h3>
+<p>An elevation of privilege vulnerability in the kernel security subsystem could
+enable a local malicious application to to execute code in the context of a
+privileged process. This issue is rated as High because it is a general bypass
+for a kernel level defense in depth or exploit mitigation technology.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0528</td>
+ <td>A-33351919*</td>
+ <td>High</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Dec 4, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="eop-in-qualcomm-spcom-driver">Elevation of privilege vulnerability in
+Qualcomm SPCom driver</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm SPCom driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as High because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-5856</td>
+ <td>A-32610665<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368">
+QC-CR#1094078</a></td>
+ <td>High</td>
+ <td>None*</td>
+ <td>Google internal</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-5857</td>
+ <td>A-34386529<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5">
+QC-CR#1094140</a></td>
+ <td>High</td>
+ <td>None*</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+<p>* Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="id-in-kernel-networking-subsystem">Information disclosure vulnerability
+in kernel networking subsystem</h3>
+<p>An information disclosure vulnerability in the kernel networking subsystem
+could enable a local proximate attacker to gain access to sensitive
+information. This issue is rated as High because it could be used to access
+data without permission.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2014-8709</td>
+ <td>A-34077221<br>
+ <a
+href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f">
+Upstream kernel</a></td>
+ <td>High</td>
+ <td>Nexus Player</td>
+ <td>Nov 9, 2014</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-mediatek-driver">Information disclosure vulnerability in MediaTek
+driver</h3>
+<p>An information disclosure vulnerability in the MediaTek driver could enable a
+local malicious application to access data outside of its permission levels.
+This issue is rated as High because it could be used to access sensitive data
+without explicit user permission.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0529</td>
+ <td>A-28449427*<br>
+ M-ALPS02710042</td>
+ <td>High</td>
+ <td>None**</td>
+ <td>Apr 27, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="id-in-qualcomm-bootloader">Information disclosure vulnerability in
+Qualcomm bootloader</h3>
+<p>An information disclosure vulnerability in the Qualcomm bootloader could help
+to enable a local malicious application to to execute arbitrary code within the
+context of the bootloader. This issue is rated as High because it is a general
+bypass for a bootloader level defense in depth or exploit mitigation
+technology.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0455</td>
+ <td>A-32370952<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f">
+QC-CR#1082755</a></td>
+ <td>High</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 21, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-power-driver">Information disclosure vulnerability in
+Qualcomm power driver</h3>
+<p>An information disclosure vulnerability in the Qualcomm power driver could
+enable a local malicious application to access data outside of its permission
+levels. This issue is rated as High because it could be used to access
+sensitive data without explicit user permission.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8483</td>
+ <td>A-33745862<br>
+ <a
+href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a">
+QC-CR#1035099</a></td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6P</td>
+ <td>Dec 19, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-nvidia-gpu-driver">Information disclosure vulnerability in NVIDIA
+GPU driver</h3>
+<p>An information disclosure vulnerability in the NVIDIA GPU driver could enable a
+local malicious application to access data outside of its permission levels.
+This issue is rated as High because it could be used to access sensitive data
+without explicit user permission.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0334</td>
+ <td>A-33245849*<br>
+ N-CVE-2017-0334</td>
+ <td>High</td>
+ <td>Pixel C</td>
+ <td>Nov 30, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0336</td>
+ <td>A-33042679*<br>
+ N-CVE-2017-0336</td>
+ <td>High</td>
+ <td>Pixel C</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="dos-in-kernel-cryptographic-subsystem">Denial of service vulnerability
+in kernel cryptographic subsystem</h3>
+<p>A denial of service vulnerability in the kernel cryptographic subsystem could
+enable a remote attacker to use a specially crafted network packet to cause a
+device hang or reboot. This issue is rated as High due to the possibility of
+remote denial of service.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8650</td>
+ <td>A-33401771<br>
+ <a
+href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073">
+Upstream kernel</a></td>
+ <td>High</td>
+ <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>Oct 12, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Elevation of privilege
+vulnerability in Qualcomm camera driver (device specific)</h3>
+<p>An elevation of privilege vulnerability in the Qualcomm camera driver could
+enable a local malicious application to execute arbitrary code within the
+context of the kernel. This issue is rated as Moderate because it first
+requires compromising a privileged process and is mitigated by current platform
+configurations.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8417</td>
+ <td>A-32342399<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0">
+QC-CR#1088824</a></td>
+ <td>Moderate</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Oct 21, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-wi-fi-driver">Information disclosure vulnerability in
+Qualcomm Wi-Fi driver</h3>
+<p>An information disclosure vulnerability in the Qualcomm Wi-Fi driver could
+enable a local malicious application to access data outside of its permission
+levels. This issue is rated as Moderate because it first requires compromising
+a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0461</td>
+ <td>A-32073794<br>
+ <a
+href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65">
+QC-CR#1100132</a></td>
+ <td>Moderate</td>
+ <td>Android One, Nexus 5X, Pixel, Pixel XL</td>
+ <td>Oct 9, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0459</td>
+ <td>A-32644895<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7">
+QC-CR#1091939</a></td>
+ <td>Moderate</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Nov 3, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0531</td>
+ <td>A-32877245<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302">
+QC-CR#1087469</a></td>
+ <td>Moderate</td>
+ <td>Android One, Nexus 5X, Nexus 6P, Pixel, Pixel XL</td>
+ <td>Nov 13, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-mediatek-video-codec-driver">Information disclosure vulnerability
+in MediaTek video codec driver</h3>
+<p>An information disclosure vulnerability in the MediaTek video codec driver
+could enable a local malicious application to access data outside of its
+permission levels. This issue is rated as Moderate because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0532</td>
+ <td>A-32370398*<br>
+ M-ALPS03069985</td>
+ <td>Moderate</td>
+ <td>None**</td>
+ <td>Oct 22, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<p>** Supported Google devices on Android 7.0 or later that have installed all
+available updates are not affected by this vulnerability.</p>
+
+
+<h3 id="id-in-qualcomm-video-driver">Information disclosure vulnerability in
+Qualcomm video driver</h3>
+<p>An information disclosure vulnerability in the Qualcomm video driver could
+enable a local malicious application to access data outside of its permission
+levels. This issue is rated as Moderate because it first requires compromising
+a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0533</td>
+ <td>A-32509422<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">
+QC-CR#1088206</a></td>
+ <td>Moderate</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 27, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0534</td>
+ <td>A-32508732<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">
+QC-CR#1088206</a></td>
+ <td>Moderate</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 28, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8416</td>
+ <td>A-32510746<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">
+QC-CR#1088206</a></td>
+ <td>Moderate</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 28, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8478</td>
+ <td>A-32511270<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">
+QC-CR#1088206</a></td>
+ <td>Moderate</td>
+ <td>Pixel, Pixel XL</td>
+ <td>Oct 28, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-qualcomm-camera-driver">Information disclosure vulnerability in
+Qualcomm camera driver</h3>
+<p>An information disclosure vulnerability in the Qualcomm camera driver could
+enable a local malicious application to access data outside of its permission
+levels. This issue is rated as Moderate because it first requires compromising
+a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2016-8413</td>
+ <td>A-32709702<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d">
+QC-CR#518731</a></td>
+ <td>Moderate</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Nov 4, 2016</td>
+ </tr>
+ <tr>
+ <td>CVE-2016-8477</td>
+ <td>A-32720522<br>
+ <a
+href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508">
+QC-CR#1090007</a>
+[<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td>
+ <td>Moderate</td>
+ <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
+ <td>Nov 7, 2016</td>
+ </tr>
+</table>
+
+
+<h3 id="id-in-htc-sound-codec-driver">Information disclosure vulnerability in
+HTC sound codec driver</h3>
+<p>An information disclosure vulnerability in the HTC sound codec driver could
+enable a local malicious application to access data outside of its permission
+levels. This issue is rated as Moderate because it first requires compromising
+a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0535</td>
+ <td>A-33547247*</td>
+ <td>Moderate</td>
+ <td>Nexus 9</td>
+ <td>Dec 11, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="id-in-synaptics-touchscreen-driver">Information disclosure
+vulnerability in Synaptics touchscreen driver</h3>
+<p>An information disclosure vulnerability in the Synaptics touchscreen driver
+could enable a local malicious application to access data outside of its
+permission levels. This issue is rated as Moderate because it first requires
+compromising a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0536</td>
+ <td>A-33555878*</td>
+ <td>Moderate</td>
+ <td>Android One, Nexus 5X, Nexus 6P, Nexus 9, Pixel, Pixel XL</td>
+ <td>Dec 12, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="id-in-kernel-usb-gadget-driver">Information disclosure vulnerability in
+kernel USB gadget driver</h3>
+<p>An information disclosure vulnerability in the kernel USB gadget driver could
+enable a local malicious application to access data outside of its permission
+levels. This issue is rated as Moderate because it first requires compromising
+a privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0537</td>
+ <td>A-31614969*</td>
+ <td>Moderate</td>
+ <td>Pixel C</td>
+ <td>Google internal</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+
+
+<h3 id="id-in-qualcomm-camera-driver-2">Information disclosure vulnerability in
+Qualcomm camera driver</h3>
+<p>An information disclosure vulnerability in the Qualcomm camera driver could
+enable a local malicious application to access data outside of its permission
+levels. This issue is rated as Low because it first requires compromising a
+privileged process.</p>
+
+<table>
+ <col width="19%">
+ <col width="20%">
+ <col width="10%">
+ <col width="23%">
+ <col width="17%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Severity</th>
+ <th>Updated Google devices</th>
+ <th>Date reported</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0452</td>
+ <td>A-32873615*<br>
+ QC-CR#1093693</td>
+ <td>Low</td>
+ <td>Nexus 5X, Nexus 6P, Android One</td>
+ <td>Nov 10, 2016</td>
+ </tr>
+</table>
+<p>* The patch for this issue is not publicly available. The update is contained
+in the latest binary drivers for Nexus devices available from the
+<a href="https://developers.google.com/android/nexus/drivers">
+Google Developer site</a>.</p>
+<h2 id="common-questions-and-answers">Common Questions and Answers</h2>
+<p>This section answers common questions that may occur after reading this
+bulletin.</p>
+<p><strong>1. How do I determine if my device is updated to address these issues?
+</strong></p>
+<p>To learn how to check a device's security patch level, read the instructions on
+the <a
+href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel
+and Nexus update schedule</a>.</p>
+<ul>
+<li>Security patch levels of 2017-03-01 or later address all issues associated
+with the 2017-03-01 security patch level.</li>
+<li>Security patch levels of 2017-03-05 or later address all issues associated
+with the 2017-03-05 security patch level and all previous patch levels.
+</li>
+</ul>
+<p>Device manufacturers that include these updates should set the patch string
+level to:</p>
+<ul>
+<li>[ro.build.version.security_patch]:[2017-03-01]</li>
+<li>[ro.build.version.security_patch]:[2017-03-05]</li>
+</ul>
+<p><strong>2. Why does this bulletin have two security patch levels?</strong></p>
+<p>This bulletin has two security patch levels so that Android partners have the
+flexibility to fix a subset of vulnerabilities that are similar across all
+Android devices more quickly. Android partners are encouraged to fix all issues
+in this bulletin and use the latest security patch level.</p>
+<ul>
+<li>Devices that use the March 1, 2017 security patch level must include all
+issues associated with that security patch level, as well as fixes for all
+issues reported in previous security bulletins.</li>
+<li>Devices that use the security patch level of March 5, 2017 or newer must
+include all applicable patches in this (and previous) security
+bulletins.</li>
+</ul>
+<p>Partners are encouraged to bundle the fixes for all issues they are addressing
+in a single update.</p>
+<p><strong>3. How do I determine which Google devices are affected by each
+issue?</strong></p>
+<p>In the <a href="#2017-03-01-details">2017-03-01</a> and
+<a href="#2017-03-05-details">2017-03-05</a>
+security vulnerability details sections, each table has an <em>Updated Google
+devices</em> column that covers the range of affected Google devices updated for
+each issue. This column has a few options:</p>
+<ul>
+<li><strong>All Google devices</strong>: If an issue affects All and Pixel
+devices, the table will have "All" in the <em>Updated Google devices</em>
+column. "All" encapsulates the following <a
+href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported
+devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One,
+Nexus Player, Pixel C, Pixel, and Pixel XL.</li>
+<li><strong>Some Google devices</strong>: If an issue doesn't affect all Google
+devices, the affected Google devices are listed in the <em>Updated Google
+devices</em> column.</li>
+<li><strong>No Google devices</strong>: If no Google devices running Android 7.0
+are affected by the issue, the table will have "None" in the <em>Updated Google
+devices</em> column. </li>
+</ul>
+<p><strong>4. What do the entries in the references column map to?</strong></p>
+<p>Entries under the <em>References</em> column of the vulnerability details table
+may contain a prefix identifying the organization to which the reference value
+belongs. These prefixes map as follows:</p>
+<table>
+ <tr>
+ <th>Prefix</th>
+ <th>Reference</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Android bug ID</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Qualcomm reference number</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>MediaTek reference number</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>NVIDIA reference number</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Broadcom reference number</td>
+ </tr>
+</table>
+<h2 id="revisions">Revisions</h2>
+<ul>
+ <li>March 06, 2017: Bulletin published.</li>
+ <li>March 07, 2017: Bulletin revised to include AOSP links.</li>
+</ul>
+
diff --git a/src/security/bulletin/index.jd b/src/security/bulletin/index.jd
index 93f4f90..7f433e8 100644
--- a/src/security/bulletin/index.jd
+++ b/src/security/bulletin/index.jd
@@ -76,9 +76,22 @@
<th>Security Patch Level</th>
</tr>
<tr>
- <td><a href="2017-02-01.html">February 2017</a></td>
+ <td><a href="2017-03-01.html">March 2017</a></td>
<td>Coming soon
</td>
+ <td>March 6, 2017</td>
+ <td>2017-03-01<br>
+ 2017-03-05</td>
+ </tr>
+ <tr>
+ <td><a href="2017-02-01.html">February 2017</a></td>
+ <td><a href="2017-02-01.html">English</a> /
+ <a href="/intl/ja_ALL/security/bulletin/2017-02-01.html">日本語</a> /
+ <a href="/intl/ko_ALL/security/bulletin/2017-02-01.html">한국어</a> /
+ <a href="/intl/ru_ALL/security/bulletin/2017-02-01.html">ру́сский</a> /
+ <a href="/intl/zh-CN_ALL/security/bulletin/2017-02-01.html">中文 (中国)</a> /
+ <a href="/intl/zh-TW_ALL/security/bulletin/2017-02-01.html">中文 (台灣)</a>
+ </td>
<td>February 6, 2017</td>
<td>2017-02-01<br>
2017-02-05</td>
diff --git a/src/security/overview/acknowledgements.jd b/src/security/overview/acknowledgements.jd
index 3616b12..00623b0 100644
--- a/src/security/overview/acknowledgements.jd
+++ b/src/security/overview/acknowledgements.jd
@@ -38,13 +38,26 @@
<h2 id="2017">2017</h2>
<div style="LINE-HEIGHT:25px;">
+<p>Alexander Potapenko of Google Dynamic Tools team</p>
+
<p>Alexandru Blanda</p>
+<p>Baozeng Ding of Alibaba Mobile Security Group</p>
+
<p>Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)</p>
+<p>Billy Lau of Android Security</p>
+
+<p>Chenfu Bao (包沉浮) of Baidu X-Lab (百度安全实验室)</p>
+
+<p>Chengming Yang of Alibaba Mobile Security Group</p>
+
<p>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)
of <a href="http://c0reteam.org">C0RE Team</a></p>
+<p><a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>
+of <a href="http://c0reteam.org">C0RE Team</a></p>
+
<p>Daniel Dakhno</p>
<p>Daniel Micay of Copperhead Security</p>
@@ -65,6 +78,8 @@
<p>En He (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>) of
<a href="http://www.ms509.com">MS509Team</a></p>
+<p>Fang Chen of Sony Mobile Communications Inc.</p>
+
<p>Frank Liberato of Chrome</p>
<p>Gal Beniamini of Project Zero</p>
@@ -77,11 +92,15 @@
<p>Guang Gong (龚广) (<a href="http://twitter.com/oldfresher">@oldfresher</a>) of
Alpha Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a></p>
+<p>Guangdong Bai of Singapore Institute of Technology (SIT)</p>
+
<p><a href="mailto:arnow117@gmail.com">Hanxiang Wen</a> of <a
href="http://c0reteam.org">C0RE Team</a></p>
<p>Hao Chen of Alpha Team, Qihoo 360 Technology Co. Ltd.</p>
+<p>Hiroki Yamamoto of Sony Mobile Communications Inc.</p>
+
<p><a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a> of
<a href="http://c0reteam.org">C0RE Team</a></p>
@@ -89,6 +108,9 @@
<p>Jeff Trim</p>
+<p>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) of <a
+href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a></p>
+
<p>Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)
of IceSword Lab, Qihoo 360</p>
@@ -96,8 +118,15 @@
<p>Jun Cheng of Alibaba Inc.</p>
+<p>Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室)</p>
+
+<p><a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>
+of <a href="http://c0reteam.org">C0RE Team</a></p>
+
<p>ma.la of LINE Corporation</p>
+<p>Makoto Onuki of Google</p>
+
<p>Max Spector of Google:</p>
<p>Michael Goberman of IBM Security X-Force</p>
@@ -107,8 +136,17 @@
<p>Monk Avel</p>
+<p>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)
+of Tesla Motors Product Security Team</p>
+
<p>Nikolay Elenkov of LINE Corporation</p>
+<p>Ning You of Alibaba Mobile Security Group</p>
+
+<p>Peng Xiao of Alibaba Mobile Security Group</p>
+
+<p>Pengfei Ding (丁鹏飞) of Baidu X-Lab (百度安全实验室)</p>
+
<p>Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)
of Trend Micro</p>
@@ -117,26 +155,45 @@
<p>Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)
of KeenLab, Tencent (腾讯科恩实验室)</p>
-
+
+<p>Qing Zhang of Qihoo 360</p>
+
+<p>Quhe of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</p>
+
<p>Roee Hay of IBM Security X-Force</p>
<p>Sagi Kedmi of IBM X-Force Research</p>
+<p><a href="mailto:keun-o.park@darkmatter.ae">Sahara</a> of Secure
+Communications in DarkMatter</p>
+
+<p>salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>) of
+Shellphish Grill Team, UC Santa Barbara</p>
+
<p>Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>)</p>
<p>Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>)</p>
<p>Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) of
Trend Micro Mobile Threat Research Team</p>
-
+
+<p>Shinichi Matsumoto of Fujitsu</p>
+
+<p><a href="mailto:smarques84@gmail.com">Stéphane Marques</a> of <a
+href="http://www.byterev.com">ByteRev</a></p>
+
<p>Stephen Morrow</p>
+<p>Svetoslav Ganov of Google</p>
+
<p><a href="mailto:segfault5514@gmail.com">Tong Lin</a>
of <a href="http://c0reteam.org">C0RE Team</a></p>
<p>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) of Mobile Threat
Research Team, <a href="http://www.trendmicro.com">Trend Micro</a></p>
-
+
+<p>wanchouchou of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</p>
+
<p>Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>) of
Alibaba Inc.</p>
@@ -155,12 +212,16 @@
<p><a href="mailto:bigwyfone@gmail.com">Yanfeng Wang</a>
of <a href="http://c0reteam.org">C0RE Team</a></p>
+<p>Yang Song of Alibaba Mobile Security Group</p>
+
<p><a href="mailto:yaojun8558363@gmail.com">Yao Jun</a> of
<a href="http://c0reteam.org">C0RE Team</a></p>
<p>Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)
of Alibaba Inc.</p>
-
+
+<p>Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd</p>
+
<p><a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> of
<a href="http://c0reteam.org">C0RE Team</a></p>
@@ -380,6 +441,8 @@
<p>Michał Bednarski (<a href="https://github.com/michalbednarski">github.com/michalbednarski</a>)</p>
+<p>Mike Maarse</p>
+
<p>Min Chong of Android Security</p>
<p>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)
@@ -469,6 +532,8 @@
<p>Tao (Lenx) Wei (韦韬) of Baidu X-Lab</p>
+<p>Thom Does</p>
+
<p>Tieyan Li of Huawei</p>
<p>Tim Strazzere (<a href="https://twitter.com/timstrazz">@timstrazz</a>) of
diff --git a/src/security/security_toc.cs b/src/security/security_toc.cs
index 3b5993b..53aa8d3 100644
--- a/src/security/security_toc.cs
+++ b/src/security/security_toc.cs
@@ -62,6 +62,7 @@
<li><a href="<?cs var:toroot ?>security/advisory/2016-03-18.html">2016-03-18</a></li>
</ul>
</li>
+ <li><a href="<?cs var:toroot ?>security/bulletin/2017-03-01.html">March 2017</a></li>
<li><a href="<?cs var:toroot ?>security/bulletin/2017-02-01.html">February 2017</a></li>
<li><a href="<?cs var:toroot ?>security/bulletin/2017-01-01.html">January 2017</a></li>
<li class="nav-section">
diff --git a/src/security/verifiedboot/dm-verity.jd b/src/security/verifiedboot/dm-verity.jd
index 0b03dda..f989017 100644
--- a/src/security/verifiedboot/dm-verity.jd
+++ b/src/security/verifiedboot/dm-verity.jd
@@ -26,35 +26,35 @@
<h2 id="operation">Operation</h2>
-<p>dm-verity protection lives in the kernel. So if rooting software compromises the
-system before the kernel comes up, it will retain that access. To mitigate this
-risk, most manufacturers verify the kernel using a key burned into the device.
+<p>dm-verity protection lives in the kernel. So if rooting software compromises the
+system before the kernel comes up, it will retain that access. To mitigate this
+risk, most manufacturers verify the kernel using a key burned into the device.
That key is not changeable once the device leaves the factory.</p>
-<p>Manufacturers use that key to verify the signature on the first-level
-bootloader, which in turn verifies the signature on subsequent levels, the
-application bootloader and eventually the kernel. Each manufacturer wishing to
+<p>Manufacturers use that key to verify the signature on the first-level
+bootloader, which in turn verifies the signature on subsequent levels, the
+application bootloader and eventually the kernel. Each manufacturer wishing to
take advantage of <a href="verified-boot.html">verified boot</a> should have a
method for verifying the integrity of the kernel. Assuming the kernel has been
verified, the kernel can look at a block device and verify it as it is mounted.</p>
-<p>One way of verifying a block device is to directly hash its contents and compare
-them to a stored value. However, attempting to verify an entire block device can
-take an extended period and consume much of a device's power. Devices would take
+<p>One way of verifying a block device is to directly hash its contents and compare
+them to a stored value. However, attempting to verify an entire block device can
+take an extended period and consume much of a device's power. Devices would take
long periods to boot and then be significantly drained prior to use.</p>
-<p>Instead, dm-verity verifies blocks individually and only when each one is
-accessed. When read into memory, the block is hashed in parallel. The hash is
-then verified up the tree. And since reading the block is such an expensive
-operation, the latency introduced by this block-level verification is
+<p>Instead, dm-verity verifies blocks individually and only when each one is
+accessed. When read into memory, the block is hashed in parallel. The hash is
+then verified up the tree. And since reading the block is such an expensive
+operation, the latency introduced by this block-level verification is
comparatively nominal.</p>
-<p>If verification fails, the device generates an I/O error indicating the block
-cannot be read. It will appear as if the filesystem has been corrupted, as is
+<p>If verification fails, the device generates an I/O error indicating the block
+cannot be read. It will appear as if the filesystem has been corrupted, as is
expected.</p>
-<p>Applications may choose to proceed without the resulting data, such as when
-those results are not required to the application's primary function. However,
+<p>Applications may choose to proceed without the resulting data, such as when
+those results are not required to the application's primary function. However,
if the application cannot continue without the data, it will fail.</p>
<h2 id="implementation">Implementation</h2>
@@ -65,47 +65,47 @@
<li>Generate an ext4 system image.</li>
<li><a href="#hash-tree">Generate a hash tree</a> for that image.</li>
<li><a href="#mapping-table">Build a dm-verity table</a> for that hash tree.</li>
-<li><a href="#signing">Sign that dm-verity table</a> to produce a table
+<li><a href="#signing">Sign that dm-verity table</a> to produce a table
signature.</li>
-<li><a href="#metadata">Bundle the table signature</a> and dm-verity table
+<li><a href="#metadata">Bundle the table signature</a> and dm-verity table
into verity metadata.</li>
<li>Concatenate the system image, the verity metadata, and the hash tree.</li>
</ol>
-<p>See the <a href="http://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot">The Chromium Projects - Verified
-Boot</a>
+<p>See the <a href="http://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot">The Chromium Projects - Verified
+Boot</a>
for a detailed description of the hash tree and dm-verity table.</p>
<h3 id="hash-tree">Generating the hash tree</h3>
-<p>As described in the <a href="#introduction">Introduction</a>, the hash tree is
-integral to dm-verity. The
-<a href="https://code.google.com/p/cryptsetup/wiki/DMVerity">cryptsetup</a> tool will
+<p>As described in the <a href="#introduction">Introduction</a>, the hash tree is
+integral to dm-verity. The
+<a href="https://gitlab.com/cryptsetup/cryptsetup/wikis/DMVerity">cryptsetup</a> tool will
generate a hash tree for you. Alternatively, a compatible one is defined here:</p>
<pre>
<your block device name> <your block device name> <block size> <block size> <image size in blocks> <image size in blocks + 8> <root hash> <salt>
</pre>
-<p>To form the hash, the system image is split at layer 0 into 4k blocks, each
-assigned a SHA256 hash. Layer 1 is formed by joining only those SHA256 hashes
-into 4k blocks, resulting in a much smaller image. Layer 2 is formed
+<p>To form the hash, the system image is split at layer 0 into 4k blocks, each
+assigned a SHA256 hash. Layer 1 is formed by joining only those SHA256 hashes
+into 4k blocks, resulting in a much smaller image. Layer 2 is formed
identically, with the SHA256 hashes of Layer 1.</p>
-<p>This is done until the SHA256 hashes of the previous layer can fit in a single
+<p>This is done until the SHA256 hashes of the previous layer can fit in a single
block. When get the SHA256 of that block, you have the root hash of the tree. </p>
-<p>The size of the hash tree (and corresponding disk space usage) varies with the
-size of the verified partition. In practice, the size of hash trees tends to be
+<p>The size of the hash tree (and corresponding disk space usage) varies with the
+size of the verified partition. In practice, the size of hash trees tends to be
small, often less than 30 MB.</p>
-<p>If you have a block in a layer that isn't completely filled naturally by the
-hashes of the previous layer, you should pad it with zeroes to achieve the
-expected 4k. This allows you to know the hash tree hasn't been removed and is
+<p>If you have a block in a layer that isn't completely filled naturally by the
+hashes of the previous layer, you should pad it with zeroes to achieve the
+expected 4k. This allows you to know the hash tree hasn't been removed and is
instead completed with blank data.</p>
-<p>To generate the hash tree, concatenate the layer 2 hashes onto those for layer
-1, the layer 3 the hashes onto those of layer 2, and so on. Write all of this
+<p>To generate the hash tree, concatenate the layer 2 hashes onto those for layer
+1, the layer 3 the hashes onto those of layer 2, and so on. Write all of this
out to disk. Note that this doesn't reference layer 0 of the root hash.</p>
<p>To recap, the general algorithm to construct the hash tree is as follows:</p>
@@ -117,54 +117,54 @@
<li>Concatenate these hashes to form a level</li>
<li>Pad the level with 0s to a 4k block boundary.</li>
<li>Concatenate the level to your hash tree.</li>
-<li>Repeat steps 2-6 using the previous level as the source for the next until
+<li>Repeat steps 2-6 using the previous level as the source for the next until
you have only a single hash.</li>
</ol>
-<p>The result of this is a single hash, which is your root hash. This and your salt
-are used during the construction of your dm-verity mapping hash table.</p>
+<p>The result of this is a single hash, which is your root hash. This and your salt
+are used during the construction of your dm-verity mapping table.</p>
<h3 id="mapping-table">Building the dm-verity mapping table</h3>
-<p>Build the dm-verity mapping table, which identifies the block device (or target)
-for the kernel and the location of the hash tree (which is the same value.) This
-mapping is used for <code>fstab</code> generation and booting. The table also identifies
-the size of the blocks and the hash_start, or the offset in hash size blocks
+<p>Build the dm-verity mapping table, which identifies the block device (or target)
+for the kernel and the location of the hash tree (which is the same value.) This
+mapping is used for <code>fstab</code> generation and booting. The table also identifies
+the size of the blocks and the hash_start, or the offset in hash size blocks
(length of layer 0).</p>
-<p>See <a href="https://code.google.com/p/cryptsetup/wiki/DMVerity">cryptsetup</a> for a
+<p>See <a href="https://code.google.com/p/cryptsetup/wiki/DMVerity">cryptsetup</a> for a
detailed description of the verity target mapping table fields.</p>
<h3 id="signing">Signing the dm-verity table</h3>
-<p>Sign the dm-verity table to produce a table signature. When verifying a
-partition, the table signature is validated first. This is done against a key on
-your boot image in a fixed location. Keys are typically included in the
-manufacturers' build systems for automatic inclusion on devices in a fixed
+<p>Sign the dm-verity table to produce a table signature. When verifying a
+partition, the table signature is validated first. This is done against a key on
+your boot image in a fixed location. Keys are typically included in the
+manufacturers' build systems for automatic inclusion on devices in a fixed
location.</p>
<p>To verify the partition with this signature and key combination:</p>
<ol>
-<li>Add an RSA-2048 key in libmincrypt-compatible format to the /boot partition
-at /verity_key. Identify the location of the key used to verify the hash
+<li>Add an RSA-2048 key in libmincrypt-compatible format to the /boot partition
+at /verity_key. Identify the location of the key used to verify the hash
tree.</li>
<li>In the fstab for the relevant entry, add 'verify' to the fs_mgr flags.</li>
</ol>
<h3 id="metadata">Bundling the table signature into metadata</h3>
-<p>Bundle the table signature and dm-verity table into verity metadata. The entire
-block of metadata is versioned so it may be extended, such as to add a second
+<p>Bundle the table signature and dm-verity table into verity metadata. The entire
+block of metadata is versioned so it may be extended, such as to add a second
kind of signature or change some ordering.</p>
-<p>As a sanity check, a magic number is associated with each set of table metadata
-that helps identify the table. Since the length is included in the ext4 system
-image header, this provides a way to search for the metadata without knowing the
+<p>As a sanity check, a magic number is associated with each set of table metadata
+that helps identify the table. Since the length is included in the ext4 system
+image header, this provides a way to search for the metadata without knowing the
contents of the data itself.</p>
-<p>This makes sure you haven't elected to verify an unverified partition. If so,
-the absence of this magic number will halt the verification process. This number
+<p>This makes sure you haven't elected to verify an unverified partition. If so,
+the absence of this magic number will halt the verification process. This number
resembles:<br/>
0xb001b001</p>
diff --git a/src/source/build-numbers.jd b/src/source/build-numbers.jd
index acbe2c5..0e13240 100644
--- a/src/source/build-numbers.jd
+++ b/src/source/build-numbers.jd
@@ -195,6 +195,42 @@
</thead>
<tbody>
<tr>
+ <td>N6F26U</td>
+ <td>android-7.1.1_r28</td>
+ <td>Nougat</td>
+ <td>Nexus 6</td>
+ </tr>
+ <tr>
+ <td>NUF26N</td>
+ <td>android-7.1.1_r27</td>
+ <td>Nougat</td>
+ <td>Nexus 6P</td>
+ </tr>
+ <tr>
+ <td>NOF27C</td>
+ <td>android-7.1.1_r26</td>
+ <td>Nougat</td>
+ <td>Pixel XL, Pixel</td>
+ </tr>
+ <tr>
+ <td>NOF27B</td>
+ <td>android-7.1.1_r25</td>
+ <td>Nougat</td>
+ <td>Pixel XL, Pixel</td>
+ </tr>
+ <tr>
+ <td>N4F26T</td>
+ <td>android-7.1.1_r24</td>
+ <td>Nougat</td>
+ <td>Nexus 5X, Nexus 6P, Nexus 9 (volantis/volantisg), Pixel C</td>
+ </tr>
+ <tr>
+ <td>NMF27D</td>
+ <td>android-7.1.1_r23</td>
+ <td>Nougat</td>
+ <td>Nexus Player</td>
+ </tr>
+ <tr>
<td>NMF26X</td>
<td>android-7.1.1_r22</td>
<td>Nougat</td>
@@ -345,6 +381,17 @@
<td>Pixel XL, Pixel</td>
</tr>
<tr>
+ <td>NBD92E</td>
+ <td>android-7.0.0_r31</td>
+ <td>Nougat</td>
+ <td>Nexus 6</td>
+ <tr>
+ <tr>
+ <td>NBD92D</td>
+ <td>android-7.0.0_r30</td>
+ <td>Nougat</td>
+ <td>Nexus 6</td>
+ <tr>
<td>NBD91Z</td>
<td>android-7.0.0_r29</td>
<td>Nougat</td>
@@ -446,6 +493,12 @@
<td>Nexus 5X, Nexus 9 (volantis), Nexus Player, Pixel C</td>
</tr>
<tr>
+ <td>MOB31T</td>
+ <td>android-6.0.1_r79</td>
+ <td>Marshmallow</td>
+ <td>Nexus 6</td>
+ </tr>
+ <tr>
<td>MOB31S</td>
<td>android-6.0.1_r78</td>
<td>Marshmallow</td>
diff --git a/src/source/devices.jd b/src/source/devices.jd
index ae79adf..d39838f 100644
--- a/src/source/devices.jd
+++ b/src/source/devices.jd
@@ -106,7 +106,7 @@
User Guide</a>).</li>
<li>Connect USB to PC to get ttyUSB device (ex: <code>/dev/ttyUSB1</code>).</li>
<li>Power the board:<br>
-<pre><code>$ cd device/linaro/hikey/installer<br>
+<pre><code>$ cd device/linaro/hikey/installer/hikey<br>
$ ./flash-all.sh /dev/ttyUSB1 [4g]</code></pre></li>
<li>Remove jumper 3-4 and power the board.</li>
</ol>
@@ -125,33 +125,31 @@
<li>Run the following commands:<br>
<pre><code>$ git clone <a href="https://android.googlesource.com/kernel/hikey-linaro">https://android.googlesource.com/kernel/hikey-linaro</a><br>
$ cd hikey-linaro<br>
-$ git checkout -b android-hikey-linaro-4.4 origin/android-hikey-linaro-4.4<br>
+$ git checkout -b android-hikey-linaro-4.9 origin/android-hikey-linaro-4.9<br>
$ make ARCH=arm64 hikey_defconfig<br>
$ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-android- -j24</code></pre></li>
<li>Copy output to the hikey kernel directory
(<code>/kernel/hikey-linaro</code>):
-<ol>
+<ol style="list-style-type:lower-alpha">
<li>Copy hi6220-hikey.dtb
(<code>arch/arm64/boot/dts/hisilicon/hi6220-hikey.dtb</code>) to the
-hikey-kernel directory.</li>
+hikey-kernel directory as file hi6220-hikey.dtb-4.9.</li>
<li>Copy the Image file <code>(arch/arm64/boot/Image-dtb</code>) to the
-hikey-kernel directory.
+hikey-kernel directory as file Image-dtb-4.9.</li></ol>
<li>Make the boot image:
<pre>
$ make bootimage -j24
</pre>
</li>
</ol>
-</li>
-</ol>
<h3 id="setting-resolution">Setting monitor resolution</h3>
-<p>Edit <code>device/linaro/hikey/BoardConfig.mk</code> parameter
+<p>Edit <code>device/linaro/hikey/hikey/BoardConfig.mk</code> parameter
<code>BOARD_KERNEL_CMDLINE</code> and configure the <code>video</code> setting.
Example setting for a 24" monitor: <code>video=HDMI-A-1:1280x800@60</code>.</p>
<h3 id="configuring-output">Configuring kernel serial output (uart3)</h3>
-<p>Set the J2 low speed expansion connector to 1 - Gnd, 11 - Rx, 13 - Tx . For
+<p>Set the J2 low speed expansion connector to 1 - Gnd, 11 - Rx, 13 - Tx. For
details, refer to the
<a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey
-User Guide</a>).</p>
+User Guide</a>.</p>
diff --git a/src/source/running.jd b/src/source/running.jd
index 69d97de..45e6c9a 100644
--- a/src/source/running.jd
+++ b/src/source/running.jd
@@ -37,105 +37,131 @@
</code></pre>
<h2 id="booting-into-fastboot-mode">Booting into fastboot mode</h2>
-<p>During a cold boot of a device, use the following key combinations to boot
-into fastboot mode, which is a mode in the bootloader that can be used to flash
-the device:</p>
+<p><em>Fastboot</em> is a bootloader mode in which you can flash a device.
+During a cold boot of a device, use the following key combinations to boot into
+fastboot mode:</p>
<table>
<thead>
<tr>
+<th>Codename</th>
<th>Device</th>
<th>Keys</th>
</tr>
</thead>
<tbody>
<tr>
+<td>marlin</td><td>Pixel XL</td>
+<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
+</tr>
+<tr>
+<td>sailfish</td>
+<td>Pixel</td>
+<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
+</tr>
+<tr>
+<td>hikey</td>
<td>hikey</td>
<td>Link pins 1 - 2 and 5 - 6 of J15</td>
</tr>
<tr>
<td>angler</td>
+<td>Nexus 6P</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>bullhead</td>
+<td>Nexus 5X</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>shamu</td>
+<td>Nexus 6</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>fugu</td>
+<td>Nexus Player</td>
<td>Press and hold <em>Power</em></td>
</tr>
<tr>
<td>volantis</td>
+<td>Nexus 9</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>hammerhead</td>
+<td>Nexus 5</td>
<td>Press and hold both <em>Volume Up</em> and <em>Volume Down</em>, then press
and hold <em>Power</em></td>
</tr>
<tr>
<td>flo</td>
+<td>Nexus 7</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>deb</td>
+<td>Nexus 7 3G</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>manta</td>
+<td>Nexus 10</td>
<td>Press and hold both <em>Volume Up</em> and <em>Volume Down</em>, then press
and hold <em>Power</em></td>
</tr>
<tr>
<td>mako</td>
+<td>Nexus 4</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>grouper</td>
+<td>Nexus 7 (2012)</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>tilapia</td>
+<td>Nexus 7 3G (2012)</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>phantasm</td>
+<td>Nexus Q</td>
<td>Power the device, cover it with one hand after the LEDs light up and until
they turn red</td>
</tr>
<tr>
<td>maguro</td>
+<td>Galaxy Nexus GSM</td>
<td>Press and hold both <em>Volume Up</em> and <em>Volume Down</em>, then press
and hold <em>Power</em></td>
</tr>
<tr>
<td>toro</td>
+<td>Galaxy Nexus (Verizon)</td>
<td>Press and hold both <em>Volume Up</em> and <em>Volume Down</em>, then press
and hold <em>Power</em></td>
</tr>
<tr>
<td>toroplus</td>
+<td>Galaxy Nexus (Sprint)</td>
<td>Press and hold both <em>Volume Up</em> and <em>Volume Down</em>, then press
and hold <em>Power</em></td>
</tr>
<tr>
-<td>panda</td>
-<td>Press and hold <em>Input</em>, then press <em>Power</em></td>
-</tr>
-<tr>
<td>wingray</td>
+<td>Motorola Xoom</td>
<td>Press and hold <em>Volume Down</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>crespo</td>
+<td>Nexus S</td>
<td>Press and hold <em>Volume Up</em>, then press and hold <em>Power</em></td>
</tr>
<tr>
<td>crespo4g</td>
+<td>Nexus SG</td>
<td>Press and hold <em>Volume Up</em>, then press and hold <em>Power</em></td>
</tr>
</tbody>
@@ -145,99 +171,106 @@
<h2 id="unlocking-the-bootloader">Unlocking the bootloader</h2>
-<p>It's possible to flash a custom system only if the bootloader allows it, and
-the bootloader is locked by default. You can unlock the bootloader, but be aware
-that doing so deletes the user data for privacy reasons (the unlock operation
-needs to run only once). After unlocking, all data on the device is erased, i.e.
-both the applications' private data and the shared data that is accessible over
-USB, including photos and movies. Be sure to back up any precious files before
-unlocking the bootloader.</p>
+<p>You can flash a custom system only if the bootloader allows it, and the
+bootloader is locked by default. You can unlock the bootloader, but doing so
+deletes user data for privacy reasons. After unlocking, <em>all</em> data on the
+device is erased, i.e. both application private data and shared data accessible
+over USB (including photos and movies). Before attempting to unlock the
+bootloader, be sure to back up any important files on the device.</p>
-<p>With the device in fastboot mode, unlock the bootloader using:</p>
+<p>You need to unlock the bootloader only once, and you can re-lock it if
+necessary.</p>
-<pre>
-$ fastboot oem unlock
-</pre>
+<h3>Unlocking recent devices</h3>
+<p>All Nexus and Pixel devices released since 2014 (starting with Nexus 6 and
+Nexus 9) have factory reset protection and require a multi-step process to
+unlock the bootloader.</p>
-<p>The procedure must be confirmed on-screen.</p>
+<ol>
+<li>Enable OEM unlocking on the device:
+<ol style="list-style-type:lower-alpha">
+<li>In Settings, tap <strong>About phone</strong>, then tap <strong>Build
+number</strong> seven (7) times.</li>
+<li>When you see the message "You are a developer", tap the back button.</li>
+<li>Tap <strong>Developer options</strong> and enable
+<strong>OEM unlocking</strong> and <strong>USB debugging</strong>.
+(If OEM unlocking is disabled, connect to the Internet so the device can check
+in at least once. If it remains disabled, your device may be SIM locked by your
+carrier and the bootloader cannot be unlocked.)</li></ol></li>
+<li>Reboot into the bootloader and use fastboot to unlock it.
+<ul>
+<li>For new devices (2015 and later): <code>$ fastboot flashing unlock</code>
+</li>
+<li>For older devices (2014 and earlier): <code>$ fastboot oem
+unlock</code></li></ul>
+You must confirm the unlock onscreen.</li></ol>
-<p>On Nexus 10, after unlocking the bootloader, the internal storage remains
-unformatted. You can format the device using:</p>
-
-<pre>
-$ fastboot format cache
+<p class="note"><strong>Note</strong> On Nexus 10, after unlocking the
+bootloader, the internal storage remains unformatted. You can format the device
+using:
+<pre><code>$ fastboot format cache
$ fastboot format userdata
-</pre>
+</code></pre></p>
-<p>To re-lock the bootloader, use:</p>
+<h3 id="relocking-the-bootloader">Re-locking the bootloader</h3>
+<p>To re-lock the bootloader:</p>
+<ul>
+<li>For new devices (2015 and later): <code>$ fastboot flashing lock</code></li>
+<li>For older devices (2014 and earlier): <code>$ fastboot oem lock</code></li>
+</ul>
-<pre>$ fastboot oem lock
-</pre>
-
-<p class="note"><strong>Note</strong>: Re-locking the bootloading on a Motorola Xoom
-erases user data (including the shared USB data).</p>
+<p class="note"><strong>Note</strong>: Re-locking the bootloading on a Motorola
+Xoom erases user data (including the shared USB data).</p>
<h2 id="flash-unlock">Using Flash Unlock</h2>
-<p>
-Android 7.0 introduces a new system API, <code>getFlashLockState()</code>, to
-transmit bootloader state.
-</p>
-
-<p>
-Android 7.0 added the following system API that returns the bootloader’s lock
-status on compliant devices:
-</p>
+<p>Android 7.0 includes a new system API, <code>getFlashLockState()</code>, to
+transmit bootloader state, as well as the following system API that returns the
+bootloader’s lock status on compliant devices:</p>
<pre>
PersistentDataBlockManager.getFlashLockState()
</pre>
<table>
- <tr>
- <th>Return value</th>
- <th>Conditions</th>
- </tr>
- <tr>
- <td><code>FLASH_LOCK_UNKNOWN</code>
- </td>
- <td>Returned only by devices upgrading to Android 7.0 that have not supported
+<tr>
+<th>Return value</th>
+<th>Conditions</th>
+</tr>
+<tr>
+<td><code>FLASH_LOCK_UNKNOWN</code>
+</td>
+<td><p>Returned only by devices upgrading to Android 7.0 that have not supported
bootloader changes required to get the flash lock status if they support
-flashing lock/unlock capability.
-<p>
-New Android 7.0 devices must be in either <code>FLASH_LOCK_LOCKED</code> or <code>FLASH_LOCK_UNLOCKED</code> state.
-If a device is upgrading to Android 7.0 and does not support flashing unlock/lock
-capability, then it should simply return <code>FLASH_LOCK_LOCKED</code> state.
- </td>
- </tr>
- <tr>
- <td><code>FLASH_LOCK_LOCKED</code>
- </td>
- <td>Should be returned by any device that does not support flashing
+flashing lock/unlock capability.</p>
+<p>New Android 7.0 devices must be in either <code>FLASH_LOCK_LOCKED</code> or
+<code>FLASH_LOCK_UNLOCKED</code> state. If a device is upgrading to Android 7.0
+and does not support flashing unlock/lock capability, it should simply return
+<code>FLASH_LOCK_LOCKED</code> state.</p>
+</td>
+</tr>
+<tr>
+<td><code>FLASH_LOCK_LOCKED</code>
+</td>
+<td>Should be returned by any device that does not support flashing
lock/unlock (i.e. the device is always locked), or any device that does support
flashing lock/unlock and is in the locked state.
- </td>
- </tr>
- <tr>
- <td><code>FLASH_LOCK_UNLOCKED</code>
- </td>
- <td>Returned by any device that supports flashing lock/unlock and is
+</td>
+</tr>
+<tr>
+<td><code>FLASH_LOCK_UNLOCKED</code>
+</td>
+<td>Returned by any device that supports flashing lock/unlock and is
currently in the unlocked state.
- </td>
- </tr>
+</td>
+</tr>
</table>
<h3 id="examples-and-source">Examples and source</h3>
-<p>
-In the Android 7.0 release, the Android Open Source Project (AOSP) contains a reference
-implementation that returns a value based on the <code>ro.boot.flash.locked
-</code>boot property.
-</p>
-
-<p>
-The code lives in:
-</p>
+<p>AOSP contains a reference implementation that returns a value based on the
+<code>ro.boot.flash.locked</code> boot property. The code lives in the following
+directories:</p>
<pre>
frameworks/base/services/core/java/com/android/server/PersistentDataBlockService.java
@@ -245,149 +278,147 @@
</pre>
<h3 id="validation">Validation</h3>
-<p>
-Manufacturers should test the values returned by devices with locked and
-unlocked bootloaders.
-</p>
+<p>Manufacturers should test the values returned by devices with locked and
+unlocked bootloaders.</p>
<h2 id="selecting-device-build">Selecting a device build</h2>
<p>The recommended builds for devices are available from the lunch menu,
accessed when running the <code>lunch</code> command with no arguments. You can
-download factory images and binaries for Nexus devices from developers.google.com:</p>
+download factory images and binaries for Nexus devices from
+developers.google.com:</p>
<ul>
-<li><a href="https://developers.google.com/android/nexus/blobs-preview">Preview binaries (blobs)</a></li>
-<li><a href="https://developers.google.com/android/nexus/images">Factory images for released devices</a></li>
-<li><a href="https://developers.google.com/android/nexus/drivers">Support binaries (drivers) for release devices</a></li>
+<li><a href="https://developers.google.com/android/nexus/blobs-preview">Preview
+binaries (blobs)</a></li>
+<li><a href="https://developers.google.com/android/nexus/images">Factory images
+for released devices</a></li>
+<li><a href="https://developers.google.com/android/nexus/drivers">Support
+binaries (drivers) for release devices</a></li>
</ul>
-<p>See <a href="building.html#obtaining-proprietary-binaries">Obtaining
-proprietary binaries</a> for more details and <a
-href="requirements.html#binaries">Device binaries requirements</a> for other
-resources.</p>
+<p>For details and additional resources, see
+<a href="building.html#obtaining-proprietary-binaries">Obtaining proprietary
+binaries</a> and <a href="requirements.html#binaries">Device binaries
+requirements</a>.</p>
<table>
<thead>
<tr>
- <th>Device</th>
+<th>Device</th>
<th>Code name</th>
<th>Build configuration</th>
</tr>
</thead>
<tbody>
<tr>
- <td>Pixel XL</td>
+<td>Pixel XL</td>
<td>marlin</td>
<td>aosp_marlin-userdebug</td>
</tr>
<tr>
- <td>Pixel</td>
+<td>Pixel</td>
<td>sailfish</td>
<td>aosp_sailfish-userdebug</td>
- </tr>
+</tr>
<tr>
- <td>HiKey</td>
+<td>HiKey</td>
<td>hikey</td>
<td>hikey-userdebug</td>
</tr>
<tr>
- <td>Nexus 6P</td>
+<td>Nexus 6P</td>
<td>angler</td>
<td>aosp_angler-userdebug</td>
</tr>
<tr>
- <td>Nexus 5X</td>
+<td>Nexus 5X</td>
<td>bullhead</td>
<td>aosp_bullhead-userdebug</td>
</tr>
<tr>
- <td>Nexus 6</td>
+<td>Nexus 6</td>
<td>shamu</td>
<td>aosp_shamu-userdebug</td>
</tr>
<tr>
- <td>Nexus Player</td>
+<td>Nexus Player</td>
<td>fugu</td>
<td>aosp_fugu-userdebug</td>
</tr>
<tr>
- <td>Nexus 9</td>
+<td>Nexus 9</td>
<td>volantis (flounder)</td>
<td>aosp_flounder-userdebug</td>
</tr>
<tr>
- <td>Nexus 5 (GSM/LTE)</td>
+<td>Nexus 5 (GSM/LTE)</td>
<td>hammerhead</td>
<td>aosp_hammerhead-userdebug</td>
</tr>
<tr>
- <td>Nexus 7 (Wi-Fi)</td>
+<td>Nexus 7 (Wi-Fi)</td>
<td>razor (flo)</td>
<td>aosp_flo-userdebug</td>
</tr>
<tr>
- <td>Nexus 7 (Mobile)</td>
+<td>Nexus 7 (Mobile)</td>
<td>razorg (deb)</td>
<td>aosp_deb-userdebug</td>
</tr>
<tr>
- <td>Nexus 10</td>
+<td>Nexus 10</td>
<td>mantaray (manta)</td>
<td>full_manta-userdebug</td>
</tr>
<tr>
- <td>Nexus 4</td>
+<td>Nexus 4</td>
<td>occam (mako)</td>
<td>full_mako-userdebug</td>
</tr>
<tr>
- <td>Nexus 7 (Wi-Fi)</td>
+<td>Nexus 7 (Wi-Fi)</td>
<td>nakasi (grouper)</td>
<td>full_grouper-userdebug</td>
</tr>
<tr>
- <td>Nexus 7 (Mobile)</td>
+<td>Nexus 7 (Mobile)</td>
<td>nakasig (tilapia)</td>
<td>full_tilapia-userdebug</td>
</tr>
<tr>
- <td>Galaxy Nexus (GSM/HSPA+)</td>
+<td>Galaxy Nexus (GSM/HSPA+)</td>
<td>yakju (maguro)</td>
<td>full_maguro-userdebug</td>
</tr>
<tr>
- <td>Galaxy Nexus (Verizon)</td>
+<td>Galaxy Nexus (Verizon)</td>
<td>mysid (toro)</td>
<td>aosp_toro-userdebug</td>
</tr>
<tr>
- <td>Galaxy Nexus (Experimental)</td>
+<td>Galaxy Nexus (Experimental)</td>
<td>mysidspr (toroplus)</td>
<td>aosp_toroplus-userdebug</td>
</tr>
<tr>
- <td>PandaBoard (Archived)</td>
-<td>panda</td>
-<td>aosp_panda-userdebug</td>
-</tr>
-<tr>
- <td>Motorola Xoom (U.S. Wi-Fi)</td>
+<td>Motorola Xoom (U.S. Wi-Fi)</td>
<td>wingray</td>
<td>full_wingray-userdebug</td>
</tr>
<tr>
- <td>Nexus S</td>
+<td>Nexus S</td>
<td>soju (crespo)</td>
<td>full_crespo-userdebug</td>
</tr>
<tr>
- <td>Nexus S 4G</td>
+<td>Nexus S 4G</td>
<td>sojus (crespo4g)</td>
<td>full_crespo4g-userdebug</td>
</tr>
</tbody>
</table>
+
<p class="note"><b>Note</b>: Do not use Android 4.1.1 on a Nexus 7 originally
sold with Android 4.1.2 or newer.</p>
@@ -395,7 +426,7 @@
<p>You can flash an entire Android system in a single command; doing so verifies
the system being flashed is compatible with the installed bootloader and radio,
-writes the boot, recovery, and system partitions together, and then reboots the
+writes the boot, recovery, and system partitions together, then reboots the
system. Flashing also erases all user data, similarly to <code>fastboot oem
unlock</code>.</p>
@@ -406,7 +437,7 @@
$ adb reboot bootloader
</pre>
-<p>Once the device is in fastboot mode, run:</p>
+<p>After the device is in fastboot mode, run:</p>
<pre>
$ fastboot flashall -w
@@ -416,14 +447,15 @@
device; this is useful for your first time flashing a particular device but is
otherwise unnecessary.</p>
-<p class="note"><strong>Note</strong>: Filesystems created via fastboot on Motorola Xoom
-do not function optimally. We recommend re-creating filesystems through
-recovery, using: <code>$ adb reboot recovery</code>. While in recovery, open the
-menu (press Power + Volume Up), wipe the cache partition, then wipe data.</p>
+<p class="note"><strong>Note</strong>: Filesystems created via fastboot on
+Motorola Xoom do not function optimally. We recommend re-creating filesystems
+through recovery, using: <code>$ adb reboot recovery</code>. While in recovery,
+open the menu (press Power + Volume Up), wipe the cache partition, then wipe
+data.</p>
-<h2 id="restoring-devices-to-factory-state">Restoring devices to
-factory state</h2>
+<h2 id="restoring-devices-to-factory-state">Restoring devices to factory
+state</h2>
<p>Factory images for Nexus 5, Nexus 10, Nexus 4, Nexus Q, Nexus 7, Galaxy Nexus
(GSM/HSPA+ "yakju" and "takju", and CDMA/LTE "mysid" and "mysidspr"), Nexus S,
