diff options
author | Clay Murphy <claym@google.com> | 2017-11-13 23:58:47 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2017-11-13 23:58:47 +0000 |
commit | 6e006eba74d3c8259d3398f02b6efe13128e747a (patch) | |
tree | 21a24b7e87037c9d9364de151db069551e798d8a | |
parent | d4c2a3ebb5cd378e669f5c4db58f2c0ebffc7d43 (diff) | |
parent | 9a4762534c1ef21cc1d166716eca1a3dc4c770e1 (diff) | |
download | source.android.com-6e006eba74d3c8259d3398f02b6efe13128e747a.tar.gz |
Merge "Docs: Changes to source.android.com"
am: 9a4762534c
Change-Id: Iddef54c93c54b6d060d15428c93a6a67f54bdf93
95 files changed, 18443 insertions, 19544 deletions
diff --git a/en/_index.yaml b/en/_index.yaml index 0e214003..9c226531 100644 --- a/en/_index.yaml +++ b/en/_index.yaml @@ -72,29 +72,28 @@ landing_page: image_path: /images/android_stack.png - heading: News items: - - heading: Clang is the supported toolchain + - heading: November Security Bulletins description: > - Android 8.0 and later support only Clang/LLVM for building the Android - platform. See the new Build toolchain section of Requirements for - additional details. + The November 2017 Android and Pixel/Nexus Security Bulletins have been + published along with links to associated fixes and new build numbers + to support the November security release. buttons: - - label: October 6th, 2017 - path: /source/requirements#toolchain - - heading: Testing with KASAN+KCOV + - label: November 8th, 2017 + path: /security/bulletin/2017-11-01 + - heading: ART Faster Native Methods description: > - KASAN-sanitized and KCOV-instrumented code helps developers and testers - detect runtime memory errors and obtain code coverage information. + ART offers faster native methods that speed up JNI transitions and + replace the now deprecated <em>!bang JNI</em> notation. buttons: - - label: October 4th, 2017 - path: /devices/tech/debug/kasan-kcov - - heading: October Security Bulletin + - label: October 27th, 2017 + path: /devices/tech/dalvik/improvements#faster-native-methods + - heading: ART Concurrent Compacting GC description: > - The October 2017 Android and Pixel/Nexus Security Bulletins have been - published along with links to associated fixes and new build numbers - to support the October security release. + Android runtime (ART) features a new concurrent compacting garbage + collector (GC) that compacts the heap every time GC runs. buttons: - - label: October 3rd, 2017 - path: /security/bulletin/2017-10-01 + - label: October 16th, 2017 + path: /devices/tech/dalvik/improvements#concurrent-compacting-gc - classname: devsite-landing-row-100 tf-row-centered items: - buttons: diff --git a/en/compatibility/cts/development.html b/en/compatibility/cts/development.html index ae4c6e7e..249f1539 100644 --- a/en/compatibility/cts/development.html +++ b/en/compatibility/cts/development.html @@ -252,6 +252,16 @@ updated from time to time as CTS for the given Android version matures.</p> </thead> <tbody> <tr> + <td>8.0</td> + <td>oreo-cts-dev</td> + <td>Monthly</td> + </tr> +<tr> + <td>7.1</td> + <td>nougat-mr1-cts-dev</td> + <td>Monthly</td> + </tr> +<tr> <td>7.0</td> <td>nougat-cts-dev</td> <td>Monthly</td> @@ -306,7 +316,7 @@ Open Source Project (AOSP). branch will automatically merge as below:<br> jb-dev-> jb-mr1.1-cts-dev -> jb-mr2-cts-dev -> kitkat-cts-dev -> lollipop-cts-dev -> lollipop-mr1-cts-dev -> marshmallow-cts-dev -> -nougat-cts-dev -> <private-development-branch for Android N MR1></p> +nougat-cts-dev -> nougat-mr1-cts-dev -> oreo-cts-dev -> <private-development-branch for Android O MR1></p> <p>If a changelist (CL) fails to merge correctly, the author of the CL will get an email with instructions on how to resolve the conflict. In most of the diff --git a/en/compatibility/cts/downloads.html b/en/compatibility/cts/downloads.html index a9254de3..0c022d44 100644 --- a/en/compatibility/cts/downloads.html +++ b/en/compatibility/cts/downloads.html @@ -31,96 +31,96 @@ R<number> in the link name.</p> <h2 id="android-80">Android 8.0</h2> <p>Android 8.0 is the release of the development milestone code-named Oreo. The source code for the following tests can be synced with the -'android-cts-8.0_r2' tag in the open-source tree.</p> +'android-cts-8.0_r3' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-8.0_r2-linux_x86-arm.zip">Android -8.0 R2 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-8.0_r3-linux_x86-arm.zip">Android +8.0 R3 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-8.0_r2-linux_x86-x86.zip">Android -8.0 R2 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-8.0_r3-linux_x86-x86.zip">Android +8.0 R3 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r2-linux_x86-arm.zip">Android -8.0 R2 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r3-linux_x86-arm.zip">Android +8.0 R3 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r2-linux_x86-x86.zip">Android -8.0 R2 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r3-linux_x86-x86.zip">Android +8.0 R3 CTS Verifier - x86</a></li> </ul> <h2 id="android-71">Android 7.1</h2> <p>Android 7.1 is the release of the development milestone code-named Nougat-MR1. The source code for the following tests can be synced with the -'android-cts-7.1_r10' tag in the open-source tree.</p> +'android-cts-7.1_r11' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r10-linux_x86-arm.zip">Android -7.1 R10 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r11-linux_x86-arm.zip">Android +7.1 R11 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r10-linux_x86-x86.zip">Android -7.1 R10 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r11-linux_x86-x86.zip">Android +7.1 R11 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r10-linux_x86-arm.zip">Android -7.1 R10 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r11-linux_x86-arm.zip">Android +7.1 R11 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r10-linux_x86-x86.zip">Android -7.1 R10 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r11-linux_x86-x86.zip">Android +7.1 R11 CTS Verifier - x86</a></li> </ul> <h2 id="android-70">Android 7.0</h2> <p>Android 7.0 is the release of the development milestone code-named Nougat. The source code for the following tests can be synced with the -'android-cts-7.0_r14' tag in the open-source tree.</p> +'android-cts-7.0_r15' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r14-linux_x86-arm.zip">Android -7.0 R14 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r15-linux_x86-arm.zip">Android +7.0 R15 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r14-linux_x86-x86.zip">Android -7.0 R14 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r15-linux_x86-x86.zip">Android +7.0 R15 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r14-linux_x86-arm.zip">Android -7.0 R14 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r15-linux_x86-arm.zip">Android +7.0 R15 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r14-linux_x86-x86.zip">Android -7.0 R14 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r15-linux_x86-x86.zip">Android +7.0 R15 CTS Verifier - x86</a></li> </ul> <h2 id="android-60">Android 6.0</h2> <p>Android 6.0 is the release of the development milestone code-named Marshmallow. The source code for the following tests can be synced with the -'android-cts-6.0_r23' tag in the open-source tree.</p> +'android-cts-6.0_r24' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r23-linux_x86-arm.zip">Android -6.0 R23 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r24-linux_x86-arm.zip">Android +6.0 R24 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r23-linux_x86-x86.zip">Android -6.0 R23 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r24-linux_x86-x86.zip">Android +6.0 R24 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r23-linux_x86-arm.zip">Android -6.0 R23 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r24-linux_x86-arm.zip">Android +6.0 R24 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r23-linux_x86-x86.zip">Android -6.0 R23 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r24-linux_x86-x86.zip">Android +6.0 R24 CTS Verifier - x86</a></li> </ul> <h2 id="android-51">Android 5.1</h2> <p>Android 5.1 is the release of the development milestone code-named Lollipop-MR1. The source code for the following tests can be synced with the -'android-cts-5.1_r24' tag in the open source tree.</p> +'android-cts-5.1_r25' tag in the open source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-5.1_r24-linux_x86-arm.zip">Android -5.1 R24 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-5.1_r25-linux_x86-arm.zip">Android +5.1 R25 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-5.1_r24-linux_x86-x86.zip">Android -5.1 R24 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-5.1_r25-linux_x86-x86.zip">Android +5.1 R25 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r24-linux_x86-arm.zip">Android -5.1 R24 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r25-linux_x86-arm.zip">Android +5.1 R25 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r24-linux_x86-x86.zip">Android -5.1 R24 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r25-linux_x86-x86.zip">Android +5.1 R25 CTS Verifier - x86</a></li> </ul> <h2 id="android-50">Android 5.0</h2> diff --git a/en/devices/_toc-interfaces.yaml b/en/devices/_toc-interfaces.yaml index 5a78a719..a7958fc3 100644 --- a/en/devices/_toc-interfaces.yaml +++ b/en/devices/_toc-interfaces.yaml @@ -17,6 +17,8 @@ toc: path: /devices/architecture/kernel/ - title: Stable Releases & Updates path: /devices/architecture/kernel/releases + - title: Android Common Kernels + path: /devices/architecture/kernel/android-common - title: Modular Kernel Requirements path: /devices/architecture/kernel/modular-kernels - title: Interface Requirements diff --git a/en/devices/_toc-tech.yaml b/en/devices/_toc-tech.yaml index 22d8fa9a..dd7e48a2 100644 --- a/en/devices/_toc-tech.yaml +++ b/en/devices/_toc-tech.yaml @@ -169,20 +169,22 @@ toc: path: /devices/tech/ota/ - title: OTA Tools path: /devices/tech/ota/tools - - title: Block-Based OTA - path: /devices/tech/ota/block - - title: Inside OTA Packages - path: /devices/tech/ota/inside_packages - - title: Device-Specific Code - path: /devices/tech/ota/device_code - - title: Reducing OTA Size - path: /devices/tech/ota/reduce_size - title: Signing Builds for Release path: /devices/tech/ota/sign_builds + - title: Reducing OTA Size + path: /devices/tech/ota/reduce_size - title: A/B System Updates path: /devices/tech/ota/ab_updates - title: Implementing A/B Updates path: /devices/tech/ota/ab_implement + - title: Non-A/B System Updates + path: /devices/tech/ota/nonab_updates + - title: Block-Based OTA + path: /devices/tech/ota/block + - title: Inside OTA Packages + path: /devices/tech/ota/inside_packages + - title: Device-Specific Code + path: /devices/tech/ota/device_code - title: Performance section: - title: Overview diff --git a/en/devices/architecture/dto/partitions.html b/en/devices/architecture/dto/partitions.html index bcbea204..d18cda84 100644 --- a/en/devices/architecture/dto/partitions.html +++ b/en/devices/architecture/dto/partitions.html @@ -150,8 +150,8 @@ several commands, including <code>create</code>, <code>cfg_create</code>, and <h3 id=create>create</h3> <p>Use the <code>create</code> command to create a <code>dtb</code>/<code>dtbo</code> image:</p> -<pre class="prettyprint"> -$mkdtimg create <image_filename> (<global-option>...) \ +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal">mkdtimg create <image_filename> (<global-option>...) \</code> <ftb1_filename> (<entry1_option>...) \ <ftb2_filename> (<entry2_option>...) \ ... @@ -184,7 +184,7 @@ value of <code>page_size</code> in <code>dt_table_header</code> is 2048; use value.</p> <p>Example:</p> -<pre class="prettyprint"> +<pre class="devsite-click-to-copy"> [board1.dts] /dts-v1/; /plugin/; @@ -203,7 +203,7 @@ value.</p> }; -$mkdtimg create dtbo.img --id=/:board_id --custom0=0xabc \ +<code class="devsite-terminal">mkdtimg create dtbo.img --id=/:board_id --custom0=0xabc \</code> board1.dtbo \ board2.dtbo --id=0x6800 \ board3.dtbo --id=0x6801 --custom0=0x123 @@ -243,7 +243,7 @@ with one or more space characters (these options are the same as lines beginning with <code>#</code> are ignored.</p> <p>Example:</p> -<pre class="prettyprint"> +<pre class="devsite-click-to-copy"> [dtboimg.cfg] # global options id=/:board_id @@ -260,7 +260,7 @@ board2.dtbo custom0=0x123 # override the value of custom0 in global options -$mkdtimg cfg_create dtbo.img dtboimg.cfg +<code class="devsite-terminal">mkdtimg cfg_create dtbo.img dtboimg.cfg</code> </pre> <p><code>mkdtimg</code> does not handle alignment for @@ -278,8 +278,8 @@ useful when using different hardware with identical DTs.</p> <h3 id=dump>dump</h3> <p>For <code>dtb</code>/<code>dtbo</code> images, use the <code>dump</code> command to print the information in the image. Example:</p> -<pre class="prettyprint"> -$mkdtimg dump dtbo.img +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal">mkdtimg dump dtbo.img</code> dt_table_header: magic = d7b7ab1e total_size = 1300 diff --git a/en/devices/architecture/hidl/services.html b/en/devices/architecture/hidl/services.html index 647555b7..75933ec9 100644 --- a/en/devices/architecture/hidl/services.html +++ b/en/devices/architecture/hidl/services.html @@ -51,8 +51,12 @@ into the server.</p> version, calling <code>getService</code> on the desired HAL class:</p> <pre class="prettyprint"> +// C++ sp<V1_1::IFooService> service = V1_1::IFooService::getService(); sp<V1_1::IFooService> alternateService = 1_1::IFooService::getService("another_foo_service"); +// Java +V1_1.IFooService; service = V1_1.IFooService.getService(true /* retry */); +V1_1.IFooService; alternateService = 1_1.IFooService.getService("another", true /* retry */); </pre> <p>Each version of a HIDL interface is treated as a separate interface. Thus, @@ -69,6 +73,16 @@ returned interface. For an interface <code>IFoo</code> in package <code>android.hardware.foo</code> in the device manifest if the entry exists; and if the transport method is not available, nullptr is returned.</p> +<p> In some cases, it may be necessary to continue immediately even without +getting the service. This can happen (for instance) when a client wants to +manage service notifications itself or in a diagnostic program (such as +<code>atrace</code>) which needs to get all hwservices and retrieve them. In +this case, additional APIs are provided such as <code>tryGetService</code> in C++ or +<code>getService("instance-name", false)</code> in Java. The legacy API +<code>getService</code> provided in Java also must be used with service +notifications. Using this API does not avoid the race condition where a server +registers itself after the client requests it with one of these no-retry APIs.</p> + <h2 id=death>Service death notifications</h2> <p>Clients who want to be notified when a service dies can receive death notifications delivered by the framework. To receive notifications, the client diff --git a/en/devices/architecture/images/android-diffs.png b/en/devices/architecture/images/android-diffs.png Binary files differnew file mode 100644 index 00000000..312718cb --- /dev/null +++ b/en/devices/architecture/images/android-diffs.png diff --git a/en/devices/architecture/images/kernel_branch_hierarchy_44.png b/en/devices/architecture/images/kernel_branch_hierarchy_44.png Binary files differnew file mode 100644 index 00000000..ab749e87 --- /dev/null +++ b/en/devices/architecture/images/kernel_branch_hierarchy_44.png diff --git a/en/devices/architecture/images/kernel_lts_diff.png b/en/devices/architecture/images/kernel_lts_diff.png Binary files differnew file mode 100644 index 00000000..cbd9fafa --- /dev/null +++ b/en/devices/architecture/images/kernel_lts_diff.png diff --git a/en/devices/architecture/kernel/android-common.html b/en/devices/architecture/kernel/android-common.html new file mode 100644 index 00000000..13175576 --- /dev/null +++ b/en/devices/architecture/kernel/android-common.html @@ -0,0 +1,170 @@ +<html devsite> + <head> + <title>Android Common Kernels</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + + +<p>The +<a href="https://android.googlesource.com/kernel/common/" class="external">AOSP +common kernels</a> are downstream of Long Term Supported (LTS) kernels and +include patches of interest to the Android community that have not been merged +into LTS. These patches can include:</p> + +<ul> +<li>Features tailored for Android needs (e.g. interactive <code>cpufreq</code> +governor).</li> +<li>Features rejected by upstream due to implementation concerns (e.g. MTP/PTP, +paranoid networking).</li> +<li>Features ready for Android devices but still under development upstream +(e.g. Energy Aware Scheduling/EAS).</li> +<li>Vendor/OEM features that are useful for others (e.g. <code>sdcardfs</code>). +</li> +</ul> + +<h2 id="list-of-kernels">List of common kernels</h2> +<p>To view a list of Android common kernels, refer to +<a href="https://android.googlesource.com/kernel/common/" class=external>https://android.googlesource.com/kernel/common/</a> +(shown below).</p> +<p><img src="../images/android-diffs.png"></p> +<p class="img-caption"><strong>Figure 1.</strong> List of Android common +kernels.</p> + +<h3 id="differences-lts">Differences from LTS</h3> +<p>When compared to LTS (4.4.40), the Android common kernel has 679 changes, +56172 insertions, and 3340 deletions (as of February 2017).</p> + +<p><img src="../images/kernel_lts_diff.png"></p> +<p class="img-caption"><strong>Figure 2.</strong> Android-specific code over +time.</p> + +<p>The largest features include:</p> +<ul> +<li>13.8% SoC (arch/arm64, arch/x86)</li> +<li>9.2% USB (drivers/usb)</li> +<li>8.2% Energy Aware Scheduling (kernel/sched)</li> +<li>8.2% Atomic Display Framework (drivers/video/adf)</li> +<li>8.0% networking (net/netfilter)</li> +<li>6.2% sdcardfs (fs/sdcardfs)</li> +<li>5.0% Verity (drivers/md)</li> +<li>3.7% Input (drivers/input/misc)</li> +<li>3.3% FIQ Debugger (drivers/staging/android/fiq_debugger)</li> +<li>2.4% Cpufreq (drivers/cpufreq)</li> +<li>2.2% Goldfish Emulator (drivers/platform/goldfish)</li> +</ul> + +<h2 id="requirements">Requirements</h2> +<p>All AOSP common kernels must provide the following:</p> +<ul> +<li>Method for downstream partners to get timely updates that include all +LTS patches.</li> +<li>Mechanism to guarantee that new feature development does not interfere with +merging from AOSP common (even for previous Android releases).</li> +<li>Method for downstream partners to easily identify security patches that are +part of an <a href="/security/bulletin/">Android Security Bulletin (ASB)</a>. +This satisfies carriers who require a full requalification if OEMs attempt to +include patches beyond those listed in the bulletin.</li> +</ul> +<p>In addition, regular testing must be performed on AOSP common kernels and +branches must be tagged when passing.</p> + +<h3 id="lts-merges">LTS merges</h3> +<p>To ensure downstream partners can get timely updates that include all LTS +patches, android-<var>X</var>.<var>Y</var> gets regular merges from LTS and is +validated via automated VTS, CTS, and build/boot tests.</p> + +<h3 id="android-dessert-branches">Android-dessert branches</h3> +<p>To guarantee that new feature development does not interfere with merging +from the AOSP common kernel (even for previous Android releases), +android-<var>X</var>.<var>Y</var>-<var>androidRel</var> is cloned from +android-<var>X</var>.<var>Y</var> prior to the initial dessert release, gets regular +merges from LTS, and is tested against the associated Android release. For +example, the android-4.4-n branch gets merges from the LTS 4.4.y branch. </p> + +<h3 id="android-release-branches">Android-release branches</h3> +<p>To ensure downstream partners can easily identify security patches that are +part of an ASB, +android-<var>X</var>.<var>Y</var>-<var>androidRel</var>-<var>type</var> is +cloned from android-<var>X</var>.<var>Y</var>-<var>androidRel</var> at the time +of the Android release and gets only the patches listed in the bulletin.</p> + +<p>After the patches associated with a bulletin are confirmed to be merged +into a release branch, the branch is tagged with the ASB level. For example, the +tag <strong>ASB-2017-10-05</strong> indicates the release branch contains +patches from the Android Security Bulletin for October 5th, 2017. Parent +branches contain those security patches, so if the android-4.4-o-release branch +is tagged with <strong>ASB-2017-10-01</strong>, android-4.4-o and android-4.4 +are also up-to-date with that bulletin. Example:</p> +<ul> +<li>Before releasing Android N MR1, <strong>android-4.4-n-mr1</strong> is cloned +from <strong>android-4.4-n</strong>.</li> +<li>Only patches listed in ASBs are merged, allowing OEMs (who have strict +requirements from carriers to avoid full qualification on security updates) to +find the patches listed in the bulletin.</li> +<li><strong>android-4.4-n-mr2</strong> will be +<strong>android-4.4-n-mr1</strong> plus LTS patches that were merged between the +releases.</li> +<li>Each month when the ASB is released publicly, the release branches are +updated with any patches cited in the bulletin that are upstream +(device-specific patches cited in the bulletin are not applied to the common +kernels).</li> +</ul> + +<h3 id="regular-testing">Regular testing</h3> +<p>Regular testing is performed on all on AOSP common kernels and test results +are available to the public. Specifically:</p> +<ul> +<li>After LTS updates or other patches are merged, VTS and a subset of CTS +is run and results are made available at +<a href="https://qa-reports.linaro.org/lkft" class="external">https://qa-reports.linaro.org/lkft</a>. +</li> +<li>To continually test for build/boot breaks in a variety of architectures and +builds, <code>kernelci</code> is run and results are made available at +<a href="https://kernelci.org/job/android/" class="external">https://kernelci.org/job/android</a>. +</li> +</ul> + +<h3 id="branch-hierarchy">Branch hierarchy (android-4.4)</h3> +<p>The branch hierarchy for the android-4.4 kernel uses the following structure: +</p> + +<p><img src="../images/kernel_branch_hierarchy_44.png"></p> +<p class="img-caption"><strong>Figure 3.</strong> Branch hierarchy for the +android-4.4 kernel.</p> + +<h2 id="guidelines">Guidelines</h2> +<p>Android implementations should use the following kernel guidelines:</p> +<ul> +<li>Use the new AOSP common kernels as upstream merge sources.<ul> +<li>To get patches from LTS, merge from android-<var>X</var>.<var>Y</var>.<ul> +<li>Merge regularly during development phase.</li> +<li>When updating device to a new Android release, merge either from the +android-<var>X</var>.<var>Y</var> branch or the release branch for the target +release (e.g. for an update to Nougat MR2, merge from the android-4.4-n-mr2 +branch).</li> +</ul> +<li>When constrained by the carrier for a security release, merge from release +branches for security updates.</li> +</ul> +<li>Send fixes upstream to mainline, LTS, or AOSP common.</li> +</ul> + + </body> +</html> diff --git a/en/devices/tech/admin/enterprise-telephony.html b/en/devices/tech/admin/enterprise-telephony.html index 39a870c2..aee11f3a 100644 --- a/en/devices/tech/admin/enterprise-telephony.html +++ b/en/devices/tech/admin/enterprise-telephony.html @@ -75,19 +75,20 @@ for contacts in their Dialer Contacts and SMS/MMS Messaging apps.</p> <p> Cross profile contact search should be implemented using the Enterprise Contacts -API (<code>ContactsContract.Contacts.ENTERPRISE_CONTENT_FILTER_URI</code> etc.) -see <a -href="http://developer.android.com/preview/features/afw.html#contacts">http://developer.android.com/preview/features/afw.html#contacts</a> +API (<code>ContactsContract.Contacts.ENTERPRISE_CONTENT_FILTER_URI</code> etc.), which can be found +in the <a +href="http://developer.android.com/preview/features/afw.html#contacts">EMM developer's overview</a> +on the Android EMM Developers site. </p> <h3 id="work-profile-contact-badging">Work profile contact badging</h3> <p> Work profile contact badging can be implemented by checking -<code>ContactsContract.Directory.isEntepriseDirectoryId() </code>if available or -<a -href="http://developer.android.com/reference/android/provider/ContactsContract.Contacts.html#isEnterpriseContactId(long)">http://developer.android.com/reference/android/provider/ContactsContract.Contacts.html#isEnterpriseContactId(long)</a> -<code> </code> +<code>ContactsContract.Directory.isEntepriseDirectoryId()</code> if available or +<code><a +href="http://developer.android.com/reference/android/provider/ContactsContract.Contacts.html#isEnterpriseContactId(long)">isEnterpriseContactId</a></code> +. </p> <h3 id="managed-profile-aware-connectionservice">Managed Profile Aware diff --git a/en/devices/tech/config/perms-whitelist.html b/en/devices/tech/config/perms-whitelist.html index 79f03263..0ec1f21c 100644 --- a/en/devices/tech/config/perms-whitelist.html +++ b/en/devices/tech/config/perms-whitelist.html @@ -76,8 +76,7 @@ </p> <pre - class="prettyprint">development/tools/privapp_permissions/privapp_permissions.py - </pre> + class="prettyprint">development/tools/privapp_permissions/privapp_permissions.py</pre> <p> To generate an initial version of device-specific @@ -86,15 +85,16 @@ </p> <ol> <li>Build a system image, as follows:<br> - <pre>$ . build/envsetup.sh -$ lunch product_name -$ make -j</pre> + <pre class="devsite-click-to-copy"> +<code class="devsite-terminal">. build/envsetup.sh</code> +<code class="devsite-terminal">lunch product_name</code> +<code class="devsite-terminal">make -j</code></pre> </li> <li>Run the following tool to generate a <code>privapp-permissions.xml </code>file that lists all signature|privileged permissions that are required to - be whitelisted.<br> - <pre>$ development/tools/privapp_permissions/privapp_permissions.py</pre><br> + be whitelisted.<br /> + <pre class="devsite-terminal devsite-click-to-copy">development/tools/privapp_permissions/privapp_permissions.py</pre> This tool prints XML content that can be used as a single file or split into multiple files in <code>/etc/permissions</code>.<br><br> diff --git a/en/devices/tech/debug/index.html b/en/devices/tech/debug/index.html index 67b2fee2..1c493637 100644 --- a/en/devices/tech/debug/index.html +++ b/en/devices/tech/debug/index.html @@ -159,7 +159,7 @@ directly without taking up anywhere near as much space as an unstripped version. <p>You can also <code>stack</code> an entire tombstone. Example:</p> <pre class="devsite-terminal devsite-click-to-copy"> -stack < FS/data/tombstones/tombstone_05</code> +stack < FS/data/tombstones/tombstone_05</code> </pre> <p>This is useful if you've just unzipped a bugreport in the current directory. For more information about diagnosing native crashes and tombstones, see diff --git a/en/devices/tech/ota/ab_updates.html b/en/devices/tech/ota/ab_updates.html index c63f6714..5dc04c2a 100644 --- a/en/devices/tech/ota/ab_updates.html +++ b/en/devices/tech/ota/ab_updates.html @@ -21,730 +21,882 @@ limitations under the License. --> -<p>A/B system updates, also known as seamless updates, ensure a workable booting -system remains on the disk during an -<a href="/devices/tech/ota/index.html">over-the-air (OTA) update</a>. This -approach reduces the likelihood of an inactive device after an update, which -means fewer device replacements and device reflashes at repair and warranty -centers. Other commercial-grade operating systems such as -<a href="https://www.chromium.org/chromium-os">ChromeOS</a> also use A/B updates -successfully.</p> - -<p>A/B system updates provide the following benefits:</p> - -<ul> -<li>OTA updates can occur while the system is running, without interrupting the -user (including app optimizations that occur after a reboot). This means users -can continue to use their devices during an OTA—the only downtime during -an update is when the device reboots into the updated disk partition.</li> -<li>If an OTA fails, the device boots into the pre-OTA disk partition and -remains usable. The download of the OTA can be attempted again.</li> -<li>Any errors (such as I/O errors) affect only the <strong>unused</strong> -partition set and can be retried. Such errors also become less likely because -the I/O load is deliberately low to avoid degrading the user experience.</li> -<li>Updates can be streamed to A/B devices, removing the need to download the -package before installing it. Streaming means it's not necessary for the -user to have enough free space to store the update package on <code>/data</code> -or <code>/cache</code>. -<li>The cache partition is no longer used to store OTA update packages, so there -is no need for sizing the cache partition.</li> -<li><a href="/security/verifiedboot/dm-verity.html">dm-verity</a> guarantees a -device will boot an uncorrupted image. If a device doesn't boot due to a bad OTA -or dm-verity issue, the device can reboot into an old image. (Android -<a href="/security/verifiedboot/">Verified Boot</a> does not require A/B -updates.)</li> -</ul> - -<h2 id=overview>About A/B system updates</h2> - -<p>A/B system updates affect the following:</p> - -<ul> -<li>Partition selection (slots), the <code>update_engine</code> daemon, and -bootloader interactions (described below)</li> -<li>Build process and OTA update package generation (described in -<a href="/devices/tech/ota/ab_implement.html">Implementing A/B Updates</a>)</li> -</ul> - -<aside class="note"><strong>Note:</strong> A/B system updates implemented through -OTA are recommended for new devices only.</aside> - -<h3 id=slots>Partition selection (slots)</h3> - -<p>A/B system updates use two sets of partitions referred to as <em>slots</em> -(normally slot A and slot B). The system runs from the <em>current</em> slot -while the partitions in the <em>unused</em> slot are not accessed by the running -system during normal operation. This approach makes updates fault resistant by -keeping the unused slot as a fallback: If an error occurs during or immediately -after an update, the system can rollback to the old slot and continue to have a -working system. To achieve this goal, no partition used by the <em>current</em> -slot should be updated as part of the OTA update (including partitions for which -there is only one copy).</p> - -<p>Each slot has a <em>bootable</em> attribute that states whether the slot -contains a correct system from which the device can boot. The current slot is -bootable when the system is running, but the other slot may have an old (still -correct) version of the system, a newer version, or invalid data. Regardless of -what the <em>current</em> slot is, there is one slot that is the <em>active</em> -slot (the one the bootloader will boot form on the next boot) or the -<em>preferred</em> slot.</p> - -Each slot also has a <em>successful</em> attribute set by the user space, which -is relevant only if the slot is also bootable. A successful slot should be able -to boot, run, and update itself. A bootable slot that was not marked as -successful (after several attempts were made to boot from it) should be marked -as unbootable by the bootloader, including changing the active slot to another -bootable slot (normally to the slot running immediately before the attempt to -boot into the new, active one). The specific details of the interface are -defined in -<code><a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/boot_control.h" class="external-link">boot_control.h</a></code>. -</p> - -<h3 id="update-engine">Update engine daemon</h3> - -<p>A/B system updates use a background daemon called <code>update_engine</code> -to prepare the system to boot into a new, updated version. This daemon can -perform the following actions:</p> - -<ul> -<li>Read from the current slot A/B partitions and write any data to the unused -slot A/B partitions as instructed by the OTA package.</li> -<li>Call the <code>boot_control</code> interface in a pre-defined workflow.</li> -<li>Run a <em>post-install</em> program from the <em>new</em> partition after -writing all the unused slot partitions, as instructed by the OTA package. (For -details, see <a href="#post-installation">Post-installation</a>).</li> -</ul> - -<p>As the <code>update_engine</code> daemon is not involved in the boot process -itself, it is limited in what it can do during an update by the -<a href="/security/selinux/">SELinux</a> policies and features in the -<em>current</em> slot (such policies and features can't be updated until the -system boots into a new version). To maintain a robust system, the update -process <strong>should not</strong> modify the partition table, the contents of -partitions in the current slot, or the contents of non-A/B partitions that can't -be wiped with a factory reset.</p> - -<p>The <code>update_engine</code> source is located in -<code><a href="https://android.googlesource.com/platform/system/update_engine/" class="external">system/update_engine</a></code>. -The A/B OTA dexopt files are split between <code>installd</code> and a package -manager:</p> -<ul> -<li><code><a href="https://android.googlesource.com/platform/frameworks/native/+/master/cmds/installd/" class="external-link">frameworks/native/cmds/installd/</a></code>ota* -includes the postinstall script, the binary for chroot, the installd clone that -calls dex2oat, the post-OTA move-artifacts script, and the rc file for the move -script.</li> -<li><code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/services/core/java/com/android/server/pm/OtaDexoptService.java" class="external-link">frameworks/base/services/core/java/com/android/server/pm/OtaDexoptService.java</a></code> -(plus <code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/services/core/java/com/android/server/pm/OtaDexoptShellCommand.java" class="external-link">OtaDexoptShellCommand</a></code>) -is the package manager that prepares dex2oat commands for applications.</li> -</ul> - -<p>For a working example, refer to -<code><a href="https://android.googlesource.com/device/google/marlin/+/nougat-dr1-release/device-common.mk" class="external-link">/device/google/marlin/device-common.mk</a></code>. -</p> - -<h3 id="bootloader-interactions">Bootloader interactions</h3> - -<p>The <code>boot_control</code> HAL is used by <code>update_engine</code> (and -possibly other daemons) to instruct the bootloader what to boot from. Common -example scenarios and their associated states include the following:</p> - -<ul> - <li> - <strong>Normal case</strong>: The system is running from its current slot, - either slot A or B. No updates have been applied so far. The system's - current slot is bootable, successful, and the active slot. - </li> - <li> - <strong>Update in progress</strong>: The system is running from slot B, so - slot B is the bootable, successful, and active slot. Slot A was marked as - unbootable since the contents of slot A are being updated but not yet - completed. A reboot in this state should continue booting from slot B. - </li> - <li> - <strong>Update applied, reboot pending</strong>: The system is running from - slot B, slot B is bootable and successful, but slot A was marked as active - (and therefore is marked as bootable). Slot A is not yet marked as - successful and some number of attempts to boot from slot A should be made by - the bootloader. - </li> - <li> - <strong>System rebooted into new update</strong>: The system is running from - slot A for the first time, slot B is still bootable and successful while - slot A is only bootable, and still active but not successful. A user space - daemon should mark slot A as successful after some checks are made. - </li> -</ul> - -<h3 id="streaming-updates">Streaming update support</h3> -<p>User devices don't always have enough space on <code>/data</code> to download -the update package. As neither OEMs nor users want to waste space on a -<code>/cache</code> partition, some users go without updates because the device -has nowhere to store the update package. To address this issue, Android 8.0 -added support for streaming A/B updates that write blocks directly to the B -partition as they are downloaded, without having to store the blocks on -<code>/data</code>. Streaming A/B updates need almost no temporary storage and -require just enough storage for roughly 100 KiB of metadata.</p> - -<p>To enable streaming updates in Android 7.1, cherrypick the following -patches:</p> -<ul> -<li> -<a href="https://android-review.googlesource.com/333624" class="external">Allow -to cancel a proxy resolution request</a></li> -<li> -<a href="https://android-review.googlesource.com/333625" class="external">Fix -terminating a transfer while resolving proxies</a></li> -<li> -<a href="https://android-review.googlesource.com/333626" class="external">Add -unittest for TerminateTransfer between ranges</a></li> -<li> -<a href="https://android-review.googlesource.com/333627" class="external">Cleanup -the RetryTimeoutCallback()</a></li> -</ul> - -<p>These patches are required to support streaming A/B updates in Android 7.1 -whether using <a href="https://www.android.com/gms/">Google Mobile Services -(GMS)</a> or any other update client.</p> - -<h2 id="life-of-an-a-b-update">Life of an A/B update</h2> - -<p>The update process starts when an OTA package (referred to in code as a -<em>payload</em>) is available for downloading. Policies in the device may defer -the payload download and application based on battery level, user activity, -charging status, or other policies. In addition, because the update runs in the -background, users might not know an update is in progress. All of this means the -update process might be interrupted at any point due to policies, unexpected -reboots, or user actions.</p> - -<p>Optionally, metadata in the OTA package itself indicates the update can be -streamed; the same package can also be used for non-streaming installation. The -server may use the metadata to tell the client it's streaming so the client will -hand off the OTA to <code>update_engine</code> correctly. Device manufacturers -with their own server and client can enable streaming updates by ensuring the -server identifies the update is streaming (or assumes all updates are streaming) -and the client makes the correct call to <code>update_engine</code> for -streaming. Manufacturers can use the fact that the package is of the streaming -variant to send a flag to the client to trigger hand off to the framework side -as streaming.</p> - -<p>After a payload is available, the update process is as follows:</p> - -<table> -<tr> -<th>Step</th> -<th>Activities</th> -</tr> -<tr> -<td>1</td> -<td>The current slot (or "source slot") is marked as successful (if not already -marked) with <code>markBootSuccessful()</code>.</td> -</tr> -<tr> -<td>2</td> -<td>The unused slot (or "target slot") is marked as unbootable by calling the -function <code>setSlotAsUnbootable()</code>. The current slot is always marked -as successful at the beginning of the update to prevent the bootloader from -falling back to the unused slot, which will soon have invalid data. If the -system has reached the point where it can start applying an update, the current -slot is marked as successful even if other major components are broken (such as -the UI in a crash loop) as it is possible to push new software to fix these -problems. -<br><br> -The update payload is an opaque blob with the instructions to update to the new -version. The update payload consists of the following: -<ul> -<li><em>Metadata</em>. A relatively small portion of the update payload, the -metadata contains a list of operations to produce and verify the new version on -the target slot. For example, an operation could decompress a certain blob and -write it to specific blocks in a target partition, or read from a source -partition, apply a binary patch, and write to certain blocks in a target -partition.</li> -<li><em>Extra data</em>. As the bulk of the update payload, the extra data -associated with the operations consists of the compressed blob or binary patch -in these examples.</li> -</ul> -</td> -</tr> -<tr> -<td>3</td> -<td>The payload metadata is downloaded.</td> -</tr> -<tr> -<td>4</td> -<td>For each operation defined in the metadata, in order, the associated data -(if any) is downloaded to memory, the operation is applied, and the associated -memory is discarded.</td> -</tr> -<tr> -<td>5</td> -<td>The whole partitions are re-read and verified against the expected hash. -</td> -</tr> -<tr> -<td>6</td> -<td>The post-install step (if any) is run. In the case of an error during the -execution of any step, the update fails and is re-attempted with possibly a -different payload. If all the steps so far have succeeded, the update succeeds -and the last step is executed.</td> -</tr> -<tr> -<td>7</td> -<td>The <em>unused slot</em> is marked as active by calling -<code>setActiveBootSlot()</code>. Marking the unused slot as active doesn't mean -it will finish booting. The bootloader (or system itself) can switch the active -slot back if it doesn't read a successful state.</td> -</tr> -<tr> -<td>8</td> -<td>Post-installation (described below) involves running a program from the -"new update" version while still running in the old version. If defined in the -OTA package, this step is <strong>mandatory</strong> and the program must return -with exit code <code>0</code>; otherwise, the update fails.</td> -</tr> -</table> - -<aside class="note"><strong>Note:</strong> Steps 3 and 4 take most of the update -time as they involve writing and downloading large amounts of data, and are -likely to be interrupted for reasons of policy or reboot.</aside> - -<h3 id="post-installation">Post-installation</h3> - -<p>For every partition where a post-install step is defined, -<code>update_engine</code> mounts the new partition into a specific location and -executes the program specified in the OTA relative to the mounted partition. For -example, if the post-install program is defined as -<code>usr/bin/postinstall</code> in the system partition, this partition from -the unused slot will be mounted in a fixed location (such as -<code>/postinstall_mount</code>) and the -<code>/postinstall_mount/usr/bin/postinstall</code> command is executed.</p> - -<p>For post-installation to succeed, the old kernel must be able to:</p> - -<ul> -<li><strong>Mount the new filesystem format</strong>. The filesystem type cannot -change unless there's support for it in the old kernel, including details such -as the compression algorithm used if using a compressed filesystem (i.e. -SquashFS).</li> -<li><strong>Understand the new partition's post-install program format</strong>. -If using an Executable and Linkable Format (ELF) binary, it should be compatible -with the old kernel (e.g. a 64-bit new program running on an old 32-bit kernel -if the architecture switched from 32- to 64-bit builds). Unless the loader -(<code>ld</code>) is instructed to use other paths or build a static binary, -libraries will be loaded from the old system image and not the new one.</li> -</ul> - -<p>For example, you could use a shell script as a post-install program -(interpreted by the old system's shell binary with a <code>#!</code> marker at -the top), then set up library paths from the new environment for executing a -more complex binary post-install program. Alternatively, you could run the -post-install step from a dedicated smaller partition to enable the filesystem -format in the main system partition to be updated without incurring backward -compatibility issues or stepping-stone updates; this would allow users to update -directly to the latest version from a factory image.</p> - -<p>The new post-install program is limited by the SELinux policies defined in -the old system. As such, the post-install step is suitable for performing tasks -required by design on a given device or other best-effort tasks (i.e. updating -the A/B-capable firmware or bootloader, preparing copies of databases for the -new version, etc.). The post-install step is <strong>not suitable</strong> for -one-off bug fixes before reboot that require unforeseen permissions.</p> - -<p>The selected post-install program runs in the <code>postinstall</code> -SELinux context. All the files in the new mounted partition will be tagged with -<code>postinstall_file</code>, regardless of what their attributes are after -rebooting into that new system. Changes to the SELinux attributes in the new -system won't impact the post-install step. If the post-install program needs -extra permissions, those must be added to the post-install context.</p> - -<h2 id=faq>Frequently asked questions</h2> - -<h3>Has Google used A/B OTAs on any devices?</h3> - -<p>Yes. The marketing name for A/B updates is <em>seamless updates</em>. Pixel -and Pixel XL phones from October 2016 shipped with A/B, and all Chromebooks use -the same <code>update_engine</code> implementation of A/B. The necessary -platform code implementation is public in Android 7.1 and higher.</p> - -<h3>Why are A/B OTAs better?</h3> - -<p>A/B OTAs provide a better user experience when taking updates. Measurements -from monthly security updates show this feature has already proven a success: As -of May 2017, 95% of Pixel owners are running the latest security update after a -month compared to 87% of Nexus users, and Pixel users update sooner than Nexus -users. Failures to update blocks during an OTA no longer result in a device that -won't boot; until the new system image has successfully booted, Android retains -the ability to fall back to the previous working system image.</p> - -<h3>How did A/B affect the 2016 Pixel partition sizes?</h3> - -<p>The following table contains details on the shipping A/B configuration versus -the internally-tested non-A/B configuration:</p> - -<table> - <tbody> - <tr> - <th>Pixel partition sizes</th> - <th width="33%">A/B</th> - <th width="33%">Non-A/B</th> - </tr> - <tr> - <td>Bootloader</td> - <td>50*2</td> - <td>50</td> - </tr> - <tr> - <td>Boot</td> - <td>32*2</td> - <td>32</td> - </tr> - <tr> - <td>Recovery</td> - <td>0</td> - <td>32</td> - </tr> - <tr> - <td>Cache</td> - <td>0</td> - <td>100</td> - </tr> - <tr> - <td>Radio</td> - <td>70*2</td> - <td>70</td> - </tr> - <tr> - <td>Vendor</td> - <td>300*2</td> - <td>300</td> - </tr> - <tr> - <td>System</td> - <td>2048*2</td> - <td>4096</td> - </tr> - <tr> - <td><strong>Total</strong></td> - <td><strong>5000</strong></td> - <td><strong>4680</strong></td> - </tr> - </tbody> -</table> - -<p>A/B updates require an increase of only 320 MiB in flash, with a savings of -32MiB from removing the recovery partition and another 100MiB preserved by -removing the cache partition. This balances the cost of the B partitions for -the bootloader, the boot partition, and the radio partition. The vendor -partition doubled in size (the vast majority of the size increase). Pixel's -A/B system image is half the size of the original non-A/B system image. -</p> - -<p>For the Pixel A/B and non-A/B variants tested internally (only A/B shipped), -the space used differed by only 320MiB. On a 32GiB device, this is just under -1%. For a 16GiB device this would be less than 2%, and for an 8GiB device almost -4% (assuming all three devices had the same system image).</p> - -<h3>Why didn't you use SquashFS?</h3> - -<p>We experimented with SquashFS but weren't able to achieve the performance -desired for a high-end device. We don't use or recommend SquashFS for handheld -devices.</p> - -<p>More specifically, SquashFS provided about 50% size savings on the system -partition, but the overwhelming majority of the files that compressed well were -the precompiled .odex files. Those files had very high compression ratios -(approaching 80%), but the compression ratio for the rest of the system -partition was much lower. In addition, SquashFS in Android 7.0 raised the -following performance concerns:</p> - -<ul> - <li>Pixel has very fast flash compared to earlier devices but not a huge - number of spare CPU cycles, so reading fewer bytes from flash but needing - more CPU for I/O was a potential bottleneck.</li> - <li>I/O changes that perform well on an artificial benchmark run on an - unloaded system sometimes don't work well on real-world use cases under - real-world load (such as crypto on Nexus 6).</li> - <li>Benchmarking showed 85% regressions in some places.</li> - </ul> - -<p>As SquashFS matures and adds features to reduce CPU impact (such as a -whitelist of commonly-accessed files that shouldn't be compressed), we will -continue to evaluate it and offer recommendations to device manufacturers.</p> - -<h3>How did you halve the size of the system partition without SquashFS?</h3> - -<p>Applications are stored in .apk files, which are actually ZIP archives. Each -.apk file has inside it one or more .dex files containing portable Dalvik -bytecode. An .odex file (optimized .dex) lives separately from the .apk file -and can contain machine code specific to the device. If an .odex file is -available, Android can run applications at ahead-of-time compiled speeds -without having to wait for the code to be compiled each time the application is -launched. An .odex file isn't strictly necessary: Android can actually run the -.dex code directly via interpretation or Just-In-Time (JIT) compilation, but an -.odex file provides the best combination of launch speed and run-time speed if -space is available.</p> - -<p>Example: For the installed-files.txt from a Nexus 6P running Android 7.1 with -a total system image size of 2628MiB (2755792836 bytes), the breakdown of the -largest contributors to overall system image size by file type is as follows: -</p> - -<table> -<tbody> -<tr> -<td>.odex</td> -<td>1391770312 bytes</td> -<td>50.5%</td> -</tr> -<tr> -<td>.apk</td> -<td>846878259 bytes</td> -<td>30.7%</td> -</tr> -<tr> -<td>.so (native C/C++ code)</td> -<td>202162479 bytes</td> -<td>7.3%</td> -</tr> -<tr> -<td>.oat files/.art images</td> -<td>163892188 bytes</td> -<td>5.9%</td> -</tr> -<tr> -<td>Fonts</td> -<td>38952361 bytes</td> -<td>1.4%</td> -</tr> -<tr> -<td>icu locale data</td> -<td>27468687 bytes</td> -<td>0.9%</td> -</tr> -</tbody> -</table> - -<p>These figures are similar for other devices too, so on Nexus/Pixel -devices, .odex files take up approximately half the system partition. This meant -we could continue to use ext4 but write the .odex files to the B partition -at the factory and then copy them to <code>/data</code> on first boot. The -actual storage used with ext4 A/B is identical to SquashFS A/B, because if we -had used SquashFS we would have shipped the preopted .odex files on system_a -instead of system_b.</p> - -<h3>Doesn't copying .odex files to /data mean the space saved on /system is -lost on /data?</h3> - -<p>Not exactly. On Pixel, most of the space taken by .odex files is for apps, -which typically exist on <code>/data</code>. These apps take Google Play -updates, so the .apk and .odex files on the system image are unused for most of -the life of the device. Such files can be excluded entirely and replaced by -small, profile-driven .odex files when the user actually uses each app (thus -requiring no space for apps the user doesn't use). For details, refer to the -Google I/O 2016 talk <a href="https://www.youtube.com/watch?v=fwMM6g7wpQ8">The -Evolution of Art</a>.</p> - -<p>The comparison is difficult for a few key reasons:</p> -<ul> -<li>Apps updated by Google Play have always had their .odex files on -<code>/data</code> as soon as they receive their first update.</li> -<li>Apps the user doesn't run don't need an .odex file at all.</li> -<li>Profile-driven compilation generates smaller .odex files than ahead-of-time -compilation (because the former optimizes only performance-critical code).</li> -</ul> - -<p>For details on the tuning options available to OEMs, see -<a href="/devices/tech/dalvik/configure.html">Configuring ART</a>.</p> - -<h3>Aren't there two copies of the .odex files on /data?</h3> - -<p>It's a little more complicated ... After the new system image has been -written, the new version of dex2oat is run against the new .dex files to -generate the new .odex files. This occurs while the old system is still running, -so the old and new .odex files are both on <code>/data</code> at the same time. -</p> - -<p>The code in OtaDexoptService -(<code><a href="https://android.googlesource.com/platform/frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/OtaDexoptService.java#200" class="external">frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/OtaDexoptService.java#200</a></code>) -calls <code>getAvailableSpace</code> before optimizing each package to avoid -over-filling <code>/data</code>. Note that <em>available</em> here is still -conservative: it's the amount of space left <em>before</em> hitting the usual -system low space threshold (measured as both a percentage and a byte count). So -if <code>/data</code> is full, there won't be two copies of every .odex file. -The same code also has a BULK_DELETE_THRESHOLD: If the device gets that close -to filling the available space (as just described), the .odex files belonging to -apps that aren't used are removed. That's another case without two copies of -every .odex file.</p> - -<p>In the worst case where <code>/data</code> is completely full, the update -waits until the device has rebooted into the new system and no longer needs the -old system's .odex files. The PackageManager handles this: -(<code><a href="https://android.googlesource.com/platform/frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/PackageManagerService.java#7215" class="external">frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/PackageManagerService.java#7215</a></code>). After the new system has -successfully booted, <code>installd</code> -(<code><a href="https://android.googlesource.com/platform/frameworks/native/+/nougat-mr1-release/cmds/installd/commands.cpp#2192" class="external">frameworks/native/+/nougat-mr1-release/cmds/installd/commands.cpp#2192</a></code>) -can remove the .odex files that were used by the old system, returning the -device back to the steady state where there's only one copy.</p> - -<p>So, while it is possible that <code>/data</code> contains two copies of all -the .odex files, (a) this is temporary and (b) only occurs if you had plenty of -free space on <code>/data</code> anyway. Except during an update, there's only -one copy. And as part of ART's general robustness features, it will never fill -<code>/data</code> with .odex files anyway (because that would be a problem on a -non-A/B system too).</p> - -<h3>Doesn't all this writing/copying increase flash wear?</h3> - -<p>Only a small portion of flash is rewritten: a full Pixel system update -writes about 2.3GiB. (Apps are also recompiled, but that's true of non-A/B -too.) Traditionally, block-based full OTAs wrote a similar amount of data, so -flash wear rates should be similar.</p> - -<h3>Does flashing two system partitions increase factory flashing time?</h3> - -<p>No. Pixel didn't increase in system image size (it merely divided the space -across two partitions).</p> - -<h3>Doesn't keeping .odex files on B make rebooting after factory data reset -slow?</h3> - -<p>Yes. If you've actually used a device, taken an OTA, and performed a factory -data reset, the first reboot will be slower than it would otherwise be (1m40s vs -40s on a Pixel XL) because the .odex files will have been lost from B after the -first OTA and so can't be copied to <code>/data</code>. That's the trade-off.</p> - -<p>Factory data reset should be a rare operation when compared to regular boot -so the time taken is less important. (This doesn't affect users or reviewers who -get their device from the factory, because in that case the B partition is -available.) Use of the JIT compiler means we don't need to recompile -<em>everything</em>, so it's not as bad as you might think. It's also possible -to mark apps as requiring ahead-of-time compilation using -<code>coreApp="true"</code> in the manifest: -(<code><a href="https://android.googlesource.com/platform/frameworks/base/+/nougat-mr1-release/packages/SystemUI/AndroidManifest.xml#23" class="external">frameworks/base/+/nougat-mr1-release/packages/SystemUI/AndroidManifest.xml#23</a></code>). -This is currently used by <code>system_server</code> because it's not allowed to -JIT for security reasons.</p> - -<h3>Doesn't keeping .odex files on /data rather than /system make rebooting -after an OTA slow?</h3> - -<p>No. As explained above, the new dex2oat is run while the old system image is -still running to generate the files that will be needed by the new system. The -update isn't considered available until that work has been done.</p> - -<h3>Can (should) we ship a 32GiB A/B device? 16GiB? 8GiB?</h3> - -<p>32GiB works well as it was proven on Pixel, and 320MiB out of 16GiB means a -reduction of 2%. Similarly, 320MiB out of 8GiB a reduction of 4%. Obviously -A/B would not be the recommended choice on devices with 4GiB, as the 320MiB -overhead is almost 10% of the total available space.</p> - -<h3>Does AVB2.0 require A/B OTAs?</h3> - -<p>No. Android <a href="/security/verifiedboot/">Verified Boot</a> has always -required block-based updates, but not necessarily A/B updates.</p> - -<h3>Do A/B OTAs require AVB2.0?</h3> - -<p>No.</p> - -<h3>Do A/B OTAs break AVB2.0's rollback protection?</h3> - -<p>No. There's some confusion here because if an A/B system fails to boot into -the new system image it will (after some number of retries determined by your -bootloader) automatically revert to the "previous" system image. The key point -here though is that "previous" in the A/B sense is actually still the "current" -system image. As soon as the device successfully boots a new image, rollback -protection kicks in and ensures that you can't go back. But until you've -actually successfully booted the new image, rollback protection doesn't -consider it to be the current system image.</p> - -<h3>If you're installing an update while the system is running, isn't that -slow?</h3> - -<p>With non-A/B updates, the aim is to install the update as quickly as -possible because the user is waiting and unable to use their device while the -update is applied. With A/B updates, the opposite is true; because the user is -still using their device, as little impact as possible is the goal, so the -update is deliberately slow. Via logic in the Java system update client (which -for Google is GmsCore, the core package provided by GMS), Android also attempts -to choose a time when the users aren't using their devices at all. The platform -supports pausing/resuming the update, and the client can use that to pause the -update if the user starts to use the device and resume it when the device is -idle again.</p> - -<p>There are two phases while taking an OTA, shown clearly in the UI as -<em>Step 1 of 2</em> and <em>Step 2 of 2</em> under the progress bar. Step 1 -corresponds with writing the data blocks, while step 2 is pre-compiling the -.dex files. These two phases are quite different in terms of performance -impact. The first phase is simple I/O. This requires little in the way of -resources (RAM, CPU, I/O) because it's just slowly copying blocks around.</p> - -<p>The second phase runs dex2oat to precompile the new system image. This -obviously has less clear bounds on its requirements because it compiles actual -apps. And there's obviously much more work involved in compiling a large and -complex app than a small and simple app; whereas in phase 1 there are no disk -blocks that are larger or more complex than others.</p> - -<p>The process is similar to when Google Play installs an app update in the -background before showing the <em>5 apps updated</em> notification, as has been -done for years.</p> - -<h3>What if a user is actually waiting for the update?</h3> - -<p>The current implementation in GmsCore doesn't distinguish between background -updates and user-initiated updates but may do so in the future. In the case -where the user explicitly asked for the update to be installed or is watching -the update progress screen, we'll prioritize the update work on the assumption -that they're actively waiting for it to finish.</p> - -<h3>What happens if there's a failure to apply an update?</h3> - -<p>With non-A/B updates, if an update failed to apply, the user was usually -left with an unusable device. The only exception was if the failure occurred -before an application had even started (because the package failed to verify, -say). With A/B updates, a failure to apply an update does not affect the -currently running system. The update can simply be retried later.</p> - -<h3>What does GmsCore do?</h3> - -<p>In Google's A/B implementation, the platform APIs and -<code>update_engine</code> provide the mechanism while GmsCore provides the -policy. That is, the platform knows <em>how</em> to apply an A/B update and all -that code is in AOSP (as mentioned above); but it's GmsCore that decides -<em>what</em> and <em>when</em> to apply.</p> - -<p>If you’re not using GmsCore, you can write your own replacement using the -same platform APIs. The platform Java API for controlling -<code>update_engine</code> is <code>android.os.UpdateEngine</code>: -<code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/os/UpdateEngine.java" class="external-link">frameworks/base/core/java/android/os/UpdateEngine.java</a></code>. -Callers can provide an <code>UpdateEngineCallback</code> to be notified of status -updates: -<code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/os/UpdateEngineCallback.java" class="external-link">frameworks/base/+/master/core/java/android/os/UpdateEngineCallback.java</a></code>. -Refer to the reference files for the core classes to use the interface.</p> - -<h3>Which systems on a chip (SoCs) support A/B?</h3> - -<p>As of 2017-03-15, we have the following information:</p> -<table class="style0"> -<tbody> -<tr> -<td></td> -<td><strong>Android 7.x Release</strong></td> -<td><strong>Android 8.x Release</strong></td> -</tr> -<tr> -<td><strong>Qualcomm</strong></td> -<td>Depending on OEM requests </td> -<td>All chipsets will get support</td> -</tr> -<tr> -<td><strong>Mediatek</strong></td> -<td>Depending on OEM requests</td> -<td>All chipsets will get support</td> -</tr> -</tbody> -</table> - -<p>For details on schedules, check with your SoC contacts. For SoCs not listed -above, reach out to your SoC directly.</p> + <p>A/B system updates, also known as seamless updates, ensure a workable + booting system remains on the disk during an <a href="/devices/tech/ota/index.html"> + over-the-air (OTA) update</a>. This approach reduces the likelihood of + an inactive device after an update, which means fewer device + replacements and device reflashes at repair and warranty centers. Other + commercial-grade operating systems such as + <a href="https://www.chromium.org/chromium-os">ChromeOS</a> also use A/B + updates successfully. + </p> + + <p>A/B system updates provide the following benefits:</p> + + <ul> + <li> + OTA updates can occur while the system is running, without + interrupting the user (including app optimizations that occur after a + reboot). This means users can continue to use their devices during an + OTA—the only downtime during an update is when the device + reboots into the updated disk partition. + </li> + <li> + If an OTA fails, the device boots into the pre-OTA disk partition and + remains usable. The download of the OTA can be attempted again. + </li> + <li> + Any errors (such as I/O errors) affect only the <strong>unused</strong> + partition set and can be retried. Such errors also become less likely + because the I/O load is deliberately low to avoid degrading the user + experience. + </li> + <li> + Updates can be streamed to A/B devices, removing the need to download + the package before installing it. Streaming means it's not necessary + for the user to have enough free space to store the update package on + <code>/data</code> or <code>/cache</code>. + </li> + <li> + The cache partition is no longer used to store OTA update packages, so + there is no need for sizing the cache partition. + </li> + <li> + <a href="/security/verifiedboot/dm-verity.html">dm-verity</a> + guarantees a device will boot an uncorrupted image. If a device + doesn't boot due to a bad OTA or dm-verity issue, the device can + reboot into an old image. (Android <a href="/security/verifiedboot/"> + Verified Boot</a> does not require A/B updates.) + </li> + </ul> + + <h2 id="overview">About A/B system updates</h2> + + <p>A/B system updates affect the following:</p> + + <ul> + <li> + Partition selection (slots), the <code>update_engine</code> daemon, + and bootloader interactions (described below) + </li> + <li> + Build process and OTA update package generation (described in + <a href="/devices/tech/ota/ab_implement.html">Implementing A/B + Updates</a>) + </li> + </ul> + + <aside class="note"> + <strong>Note:</strong> A/B system updates implemented through OTA are + recommended for new devices only. + </aside> + + <h3 id="slots">Partition selection (slots)</h3> + + <p> + A/B system updates use two sets of partitions referred to as + <em>slots</em> (normally slot A and slot B). The system runs from + the <em>current</em> slot while the partitions in the <em>unused</em> + slot are not accessed by the running system during normal operation. + This approach makes updates fault resistant by keeping the unused + slot as a fallback: If an error occurs during or immediately after + an update, the system can rollback to the old slot and continue to + have a working system. To achieve this goal, no partition used by + the <em>current</em> slot should be updated as part of the OTA + update (including partitions for which there is only one copy). + </p> + + <p> + Each slot has a <em>bootable</em> attribute that states whether the + slot contains a correct system from which the device can boot. The + current slot is bootable when the system is running, but the other + slot may have an old (still correct) version of the system, a newer + version, or invalid data. Regardless of what the <em>current</em> + slot is, there is one slot that is the <em>active</em> slot (the one + the bootloader will boot form on the next boot) or the + <em>preferred</em> slot. + </p> + + <p> + Each slot also has a <em>successful</em> attribute set by the user + space, which is relevant only if the slot is also bootable. A + successful slot should be able to boot, run, and update itself. A + bootable slot that was not marked as successful (after several + attempts were made to boot from it) should be marked as unbootable + by the bootloader, including changing the active slot to another + bootable slot (normally to the slot running immediately before the + attempt to boot into the new, active one). The specific details of + the interface are defined in + <code><a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/boot_control.h" class="external-link"> + boot_control.h</a></code>. + </p> + + <h3 id="update-engine">Update engine daemon</h3> + + <p> + A/B system updates use a background daemon called + <code>update_engine</code> to prepare the system to boot into a new, + updated version. This daemon can perform the following actions: + </p> + + <ul> + <li> + Read from the current slot A/B partitions and write any data to + the unused slot A/B partitions as instructed by the OTA package. + </li> + <li> + Call the <code>boot_control</code> interface in a pre-defined + workflow. + </li> + <li> + Run a <em>post-install</em> program from the <em>new</em> + partition after writing all the unused slot partitions, as + instructed by the OTA package. (For details, see + <a href="#post-installation">Post-installation</a>). + </li> + </ul> + + <p> + As the <code>update_engine</code> daemon is not involved in the boot + process itself, it is limited in what it can do during an update by + the <a href="/security/selinux/">SELinux</a> policies and features + in the <em>current</em> slot (such policies and features can't be + updated until the system boots into a new version). To maintain a + robust system, the update process <strong>should not</strong> modify + the partition table, the contents of partitions in the current slot, + or the contents of non-A/B partitions that can't be wiped with a + factory reset. + </p> + + <p> + The <code>update_engine</code> source is located in + <code><a href="https://android.googlesource.com/platform/system/update_engine/" class="external">system/update_engine</a></code>. + The A/B OTA dexopt files are split between <code>installd</code> and + a package manager: + </p> + + <ul> + <li> + <code><a href="https://android.googlesource.com/platform/frameworks/native/+/master/cmds/installd/" class="external-link">frameworks/native/cmds/installd/</a></code>ota* + includes the postinstall script, the binary for chroot, the + installd clone that calls dex2oat, the post-OTA move-artifacts + script, and the rc file for the move script. + </li> + <li> + <code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/services/core/java/com/android/server/pm/OtaDexoptService.java" class="external-link">frameworks/base/services/core/java/com/android/server/pm/OtaDexoptService.java</a></code> + (plus <code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/services/core/java/com/android/server/pm/OtaDexoptShellCommand.java" class="external-link">OtaDexoptShellCommand</a></code>) + is the package manager that prepares dex2oat commands for + applications. + </li> + </ul> + + <p> + For a working example, refer to <code><a href="https://android.googlesource.com/device/google/marlin/+/nougat-dr1-release/device-common.mk" class="external-link">/device/google/marlin/device-common.mk</a></code>. + </p> + + <h3 id="bootloader-interactions">Bootloader interactions</h3> + + <p> + The <code>boot_control</code> HAL is used by + <code>update_engine</code> (and possibly other daemons) to instruct + the bootloader what to boot from. Common example scenarios and their + associated states include the following: + </p> + + <ul> + <li> + <strong>Normal case</strong>: The system is running from its + current slot, either slot A or B. No updates have been applied so + far. The system's current slot is bootable, successful, and the + active slot. + </li> + <li> + <strong>Update in progress</strong>: The system is running from + slot B, so slot B is the bootable, successful, and active slot. + Slot A was marked as unbootable since the contents of slot A are + being updated but not yet completed. A reboot in this state should + continue booting from slot B. + </li> + <li> + <strong>Update applied, reboot pending</strong>: The system is + running from slot B, slot B is bootable and successful, but slot A + was marked as active (and therefore is marked as bootable). Slot A + is not yet marked as successful and some number of attempts to + boot from slot A should be made by the bootloader. + </li> + <li> + <strong>System rebooted into new update</strong>: The system is + running from slot A for the first time, slot B is still bootable + and successful while slot A is only bootable, and still active but + not successful. A user space daemon, <code>update_verifier</code>, + should mark slot A as successful after some checks are made. + </li> + </ul> + + <h3 id="streaming-updates">Streaming update support</h3> + + <p> + User devices don't always have enough space on <code>/data</code> to + download the update package. As neither OEMs nor users want to waste + space on a <code>/cache</code> partition, some users go without + updates because the device has nowhere to store the update package. + To address this issue, Android 8.0 added support for streaming A/B + updates that write blocks directly to the B partition as they are + downloaded, without having to store the blocks on <code>/data</code>. + Streaming A/B updates need almost no temporary storage and require + just enough storage for roughly 100 KiB of metadata. + </p> + + <p>To enable streaming updates in Android 7.1, cherrypick the following + patches:</p> + + <ul> + <li> + <a href="https://android-review.googlesource.com/333624" class="external"> + Allow to cancel a proxy resolution request</a> + </li> + <li> + <a href="https://android-review.googlesource.com/333625" class="external"> + Fix terminating a transfer while resolving proxies</a> + </li> + <li> + <a href="https://android-review.googlesource.com/333626" class="external"> + Add unit test for TerminateTransfer between ranges</a> + </li> + <li> + <a href="https://android-review.googlesource.com/333627" class="external"> + Cleanup the RetryTimeoutCallback()</a> + </li> + </ul> + + <p> + These patches are required to support streaming A/B updates in + Android 7.1 and later whether using + <a href="https://www.android.com/gms/">Google Mobile Services + (GMS)</a> or any other update client. + </p> + + <h2 id="life-of-an-a-b-update">Life of an A/B update</h2> + + <p> + The update process starts when an OTA package (referred to in code as a + <em>payload</em>) is available for downloading. Policies in the device + may defer the payload download and application based on battery level, + user activity, charging status, or other policies. In addition, + because the update runs in the background, users might not know an + update is in progress. All of this means the update process might be + interrupted at any point due to policies, unexpected reboots, or user + actions. + </p> + + <p> + Optionally, metadata in the OTA package itself indicates the update + can be streamed; the same package can also be used for non-streaming + installation. The server may use the metadata to tell the client it's + streaming so the client will hand off the OTA to + <code>update_engine</code> correctly. Device manufacturers with their + own server and client can enable streaming updates by ensuring the + server identifies the update is streaming (or assumes all updates are + streaming) and the client makes the correct call to + <code>update_engine</code> for streaming. Manufacturers can use the + fact that the package is of the streaming variant to send a flag to + the client to trigger hand off to the framework side as streaming. + </p> + + <p>After a payload is available, the update process is as follows:</p> + + <table> + <tr> + <th>Step</th> + <th>Activities</th> + </tr> + <tr> + <td>1</td> + <td>The current slot (or "source slot") is marked as successful (if + not already marked) with <code>markBootSuccessful()</code>.</td> + </tr> + <tr> + <td>2</td> + <td> + The unused slot (or "target slot") is marked as unbootable by + calling the function <code>setSlotAsUnbootable()</code>. The + current slot is always marked as successful at the beginning of + the update to prevent the bootloader from falling back to the + unused slot, which will soon have invalid data. If the system has + reached the point where it can start applying an update, the + current slot is marked as successful even if other major + components are broken (such as the UI in a crash loop) as it is + possible to push new software to fix these problems. + <br /><br /> + The update payload is an opaque blob with the instructions to + update to the new version. The update payload consists of the + following: + <ul> + <li> + <em>Metadata</em>. A relatively small portion of the update + payload, the metadata contains a list of operations to produce + and verify the new version on the target slot. For example, an + operation could decompress a certain blob and write it to + specific blocks in a target partition, or read from a source + partition, apply a binary patch, and write to certain blocks + in a target partition. + </li> + <li> + <em>Extra data</em>. As the bulk of the update payload, the + extra data associated with the operations consists of the + compressed blob or binary patch in these examples. + </li> + </ul> + </td> + </tr> + <tr> + <td>3</td> + <td>The payload metadata is downloaded.</td> + </tr> + <tr> + <td>4</td> + <td> + For each operation defined in the metadata, in order, the + associated data (if any) is downloaded to memory, the operation is + applied, and the associated memory is discarded. + </td> + </tr> + <tr> + <td>5</td> + <td> + The whole partitions are re-read and verified against the expected + hash. + </td> + </tr> + <tr> + <td>6</td> + <td> + The post-install step (if any) is run. In the case of an error + during the execution of any step, the update fails and is + re-attempted with possibly a different payload. If all the steps + so far have succeeded, the update succeeds and the last step is + executed. + </td> + </tr> + <tr> + <td>7</td> + <td> + The <em>unused slot</em> is marked as active by calling + <code>setActiveBootSlot()</code>. Marking the unused slot as + active doesn't mean it will finish booting. The bootloader (or + system itself) can switch the active slot back if it doesn't read + a successful state. + </td> + </tr> + <tr> + <td>8</td> + <td> + Post-installation (described below) involves running a program + from the "new update" version while still running in the old + version. If defined in the OTA package, this step is + <strong>mandatory</strong> and the program must return with exit + code <code>0</code>; otherwise, the update fails. + </td> + </tr> + <td>9</td> + <td> + After the system successfully boots far enough into the new slot + and finishes the post-reboot checks, the now current slot + (formerly the "target slot") is marked as successful by calling + <code>markBootSuccessful()</code>. + </td> + <tr> + </table> + + <aside class="note"> + <strong>Note:</strong> Steps 3 and 4 take most of the update time as + they involve writing and downloading large amounts of data, and are + likely to be interrupted for reasons of policy or reboot. + </aside> + + <h3 id="post-installation">Post-installation</h3> + + <p> + For every partition where a post-install step is defined, + <code>update_engine</code> mounts the new partition into a specific + location and executes the program specified in the OTA relative to + the mounted partition. For example, if the post-install program is + defined as <code>usr/bin/postinstall</code> in the system partition, + this partition from the unused slot will be mounted in a fixed + location (such as <code>/postinstall_mount</code>) and the + <code>/postinstall_mount/usr/bin/postinstall</code> command is + executed. + </p> + + <p> + For post-installation to succeed, the old kernel must be able to: + </p> + + <ul> + <li> + <strong>Mount the new filesystem format</strong>. The filesystem + type cannot change unless there's support for it in the old + kernel, including details such as the compression algorithm used + if using a compressed filesystem (i.e. SquashFS). + </li> + <li> + <strong>Understand the new partition's post-install program format</strong>. + If using an Executable and Linkable Format (ELF) binary, it should + be compatible with the old kernel (e.g. a 64-bit new program + running on an old 32-bit kernel if the architecture switched from + 32- to 64-bit builds). Unless the loader (<code>ld</code>) is + instructed to use other paths or build a static binary, libraries + will be loaded from the old system image and not the new one. + </li> + </ul> + + <p> + For example, you could use a shell script as a post-install program + interpreted by the old system's shell binary with a <code>#!</code> + marker at the top), then set up library paths from the new + environment for executing a more complex binary post-install + program. Alternatively, you could run the post-install step from a + dedicated smaller partition to enable the filesystem format in the + main system partition to be updated without incurring backward + compatibility issues or stepping-stone updates; this would allow + users to update directly to the latest version from a factory image. + </p> + + <p> + The new post-install program is limited by the SELinux policies + defined in the old system. As such, the post-install step is + suitable for performing tasks required by design on a given device + or other best-effort tasks (i.e. updating the A/B-capable firmware + or bootloader, preparing copies of databases for the new version, + etc.). The post-install step is <strong>not suitable</strong> for + one-off bug fixes before reboot that require unforeseen permissions. + </p> + + <p> + The selected post-install program runs in the + <code>postinstall</code> SELinux context. All the files in the new + mounted partition will be tagged with <code>postinstall_file</code>, + regardless of what their attributes are after rebooting into that + new system. Changes to the SELinux attributes in the new system + won't impact the post-install step. If the post-install program + needs extra permissions, those must be added to the post-install + context. + </p> + + <h3 id="after_reboot">After reboot</h3> + + <p> + After rebooting, <code>update_verifier</code> triggers the integrity + check using dm-verity. This check starts before zygote to avoid Java + services making any irreversible changes that would prevent a safe + rollback. During this process, bootloader and kernel may also + trigger a reboot if verified boot or dm-verity detect any + corruption. After the check completes, <code>update_verifier</code> + marks the boot successful. + </p> + + <p> + <code>update_verifier</code> will read only the blocks listed in + <code>/data/ota_package/care_map.txt</code>, which is included in an + A/B OTA package when using the AOSP code. The Java system update + client, such as GmsCore, extracts <code>care_map.txt</code>, sets up + the access permission before rebooting the device, and deletes the + extracted file after the system successfully boots into the new + version. + </p> + + <h2 id="faq">Frequently asked questions</h2> + + <h3>Has Google used A/B OTAs on any devices?</h3> + + <p> + Yes. The marketing name for A/B updates is <em>seamless updates</em>. + Pixel and Pixel XL phones from October 2016 shipped with A/B, and + all Chromebooks use the same <code>update_engine</code> + implementation of A/B. The necessary platform code implementation is + public in Android 7.1 and higher. + </p> + + <h3>Why are A/B OTAs better?</h3> + + <p>A/B OTAs provide a better user experience when taking updates. Measurements + from monthly security updates show this feature has already proven a success: As + of May 2017, 95% of Pixel owners are running the latest security update after a + month compared to 87% of Nexus users, and Pixel users update sooner than Nexus + users. Failures to update blocks during an OTA no longer result in a device that + won't boot; until the new system image has successfully booted, Android retains + the ability to fall back to the previous working system image.</p> + + <h3>How did A/B affect the 2016 Pixel partition sizes?</h3> + + <p>The following table contains details on the shipping A/B configuration versus + the internally-tested non-A/B configuration:</p> + + <table> + <tbody> + <tr> + <th>Pixel partition sizes</th> + <th width="33%">A/B</th> + <th width="33%">Non-A/B</th> + </tr> + <tr> + <td>Bootloader</td> + <td>50*2</td> + <td>50</td> + </tr> + <tr> + <td>Boot</td> + <td>32*2</td> + <td>32</td> + </tr> + <tr> + <td>Recovery</td> + <td>0</td> + <td>32</td> + </tr> + <tr> + <td>Cache</td> + <td>0</td> + <td>100</td> + </tr> + <tr> + <td>Radio</td> + <td>70*2</td> + <td>70</td> + </tr> + <tr> + <td>Vendor</td> + <td>300*2</td> + <td>300</td> + </tr> + <tr> + <td>System</td> + <td>2048*2</td> + <td>4096</td> + </tr> + <tr> + <td><strong>Total</strong></td> + <td><strong>5000</strong></td> + <td><strong>4680</strong></td> + </tr> + </tbody> + </table> + + <p>A/B updates require an increase of only 320 MiB in flash, with a savings of + 32MiB from removing the recovery partition and another 100MiB preserved by + removing the cache partition. This balances the cost of the B partitions for + the bootloader, the boot partition, and the radio partition. The vendor + partition doubled in size (the vast majority of the size increase). Pixel's + A/B system image is half the size of the original non-A/B system image. + </p> + + <p>For the Pixel A/B and non-A/B variants tested internally (only A/B shipped), + the space used differed by only 320MiB. On a 32GiB device, this is just under + 1%. For a 16GiB device this would be less than 2%, and for an 8GiB device almost + 4% (assuming all three devices had the same system image).</p> + + <h3>Why didn't you use SquashFS?</h3> + + <p>We experimented with SquashFS but weren't able to achieve the performance + desired for a high-end device. We don't use or recommend SquashFS for handheld + devices.</p> + + <p>More specifically, SquashFS provided about 50% size savings on the system + partition, but the overwhelming majority of the files that compressed well were + the precompiled .odex files. Those files had very high compression ratios + (approaching 80%), but the compression ratio for the rest of the system + partition was much lower. In addition, SquashFS in Android 7.0 raised the + following performance concerns:</p> + + <ul> + <li>Pixel has very fast flash compared to earlier devices but not a huge + number of spare CPU cycles, so reading fewer bytes from flash but needing + more CPU for I/O was a potential bottleneck.</li> + <li>I/O changes that perform well on an artificial benchmark run on an + unloaded system sometimes don't work well on real-world use cases under + real-world load (such as crypto on Nexus 6).</li> + <li>Benchmarking showed 85% regressions in some places.</li> + </ul> + + <p>As SquashFS matures and adds features to reduce CPU impact (such as a + whitelist of commonly-accessed files that shouldn't be compressed), we will + continue to evaluate it and offer recommendations to device manufacturers.</p> + + <h3>How did you halve the size of the system partition without SquashFS?</h3> + + <p>Applications are stored in .apk files, which are actually ZIP archives. Each + .apk file has inside it one or more .dex files containing portable Dalvik + bytecode. An .odex file (optimized .dex) lives separately from the .apk file + and can contain machine code specific to the device. If an .odex file is + available, Android can run applications at ahead-of-time compiled speeds + without having to wait for the code to be compiled each time the application is + launched. An .odex file isn't strictly necessary: Android can actually run the + .dex code directly via interpretation or Just-In-Time (JIT) compilation, but an + .odex file provides the best combination of launch speed and run-time speed if + space is available.</p> + + <p>Example: For the installed-files.txt from a Nexus 6P running Android 7.1 with + a total system image size of 2628MiB (2755792836 bytes), the breakdown of the + largest contributors to overall system image size by file type is as follows: + </p> + + <table> + <tbody> + <tr> + <td>.odex</td> + <td>1391770312 bytes</td> + <td>50.5%</td> + </tr> + <tr> + <td>.apk</td> + <td>846878259 bytes</td> + <td>30.7%</td> + </tr> + <tr> + <td>.so (native C/C++ code)</td> + <td>202162479 bytes</td> + <td>7.3%</td> + </tr> + <tr> + <td>.oat files/.art images</td> + <td>163892188 bytes</td> + <td>5.9%</td> + </tr> + <tr> + <td>Fonts</td> + <td>38952361 bytes</td> + <td>1.4%</td> + </tr> + <tr> + <td>icu locale data</td> + <td>27468687 bytes</td> + <td>0.9%</td> + </tr> + </tbody> + </table> + + <p>These figures are similar for other devices too, so on Nexus/Pixel + devices, .odex files take up approximately half the system partition. This meant + we could continue to use ext4 but write the .odex files to the B partition + at the factory and then copy them to <code>/data</code> on first boot. The + actual storage used with ext4 A/B is identical to SquashFS A/B, because if we + had used SquashFS we would have shipped the preopted .odex files on system_a + instead of system_b.</p> + + <h3>Doesn't copying .odex files to /data mean the space saved on /system is + lost on /data?</h3> + + <p>Not exactly. On Pixel, most of the space taken by .odex files is for apps, + which typically exist on <code>/data</code>. These apps take Google Play + updates, so the .apk and .odex files on the system image are unused for most of + the life of the device. Such files can be excluded entirely and replaced by + small, profile-driven .odex files when the user actually uses each app (thus + requiring no space for apps the user doesn't use). For details, refer to the + Google I/O 2016 talk <a href="https://www.youtube.com/watch?v=fwMM6g7wpQ8">The + Evolution of Art</a>.</p> + + <p>The comparison is difficult for a few key reasons:</p> + <ul> + <li>Apps updated by Google Play have always had their .odex files on + <code>/data</code> as soon as they receive their first update.</li> + <li>Apps the user doesn't run don't need an .odex file at all.</li> + <li>Profile-driven compilation generates smaller .odex files than ahead-of-time + compilation (because the former optimizes only performance-critical code).</li> + </ul> + + <p>For details on the tuning options available to OEMs, see + <a href="/devices/tech/dalvik/configure.html">Configuring ART</a>.</p> + + <h3>Aren't there two copies of the .odex files on /data?</h3> + + <p>It's a little more complicated ... After the new system image has been + written, the new version of dex2oat is run against the new .dex files to + generate the new .odex files. This occurs while the old system is still running, + so the old and new .odex files are both on <code>/data</code> at the same time. + </p> + + <p>The code in OtaDexoptService + (<code><a href="https://android.googlesource.com/platform/frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/OtaDexoptService.java#200" class="external">frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/OtaDexoptService.java#200</a></code>) + calls <code>getAvailableSpace</code> before optimizing each package to avoid + over-filling <code>/data</code>. Note that <em>available</em> here is still + conservative: it's the amount of space left <em>before</em> hitting the usual + system low space threshold (measured as both a percentage and a byte count). So + if <code>/data</code> is full, there won't be two copies of every .odex file. + The same code also has a BULK_DELETE_THRESHOLD: If the device gets that close + to filling the available space (as just described), the .odex files belonging to + apps that aren't used are removed. That's another case without two copies of + every .odex file.</p> + + <p>In the worst case where <code>/data</code> is completely full, the update + waits until the device has rebooted into the new system and no longer needs the + old system's .odex files. The PackageManager handles this: + (<code><a href="https://android.googlesource.com/platform/frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/PackageManagerService.java#7215" class="external">frameworks/base/+/nougat-mr1-release/services/core/java/com/android/server/pm/PackageManagerService.java#7215</a></code>). After the new system has + successfully booted, <code>installd</code> + (<code><a href="https://android.googlesource.com/platform/frameworks/native/+/nougat-mr1-release/cmds/installd/commands.cpp#2192" class="external">frameworks/native/+/nougat-mr1-release/cmds/installd/commands.cpp#2192</a></code>) + can remove the .odex files that were used by the old system, returning the + device back to the steady state where there's only one copy.</p> + + <p>So, while it is possible that <code>/data</code> contains two copies of all + the .odex files, (a) this is temporary and (b) only occurs if you had plenty of + free space on <code>/data</code> anyway. Except during an update, there's only + one copy. And as part of ART's general robustness features, it will never fill + <code>/data</code> with .odex files anyway (because that would be a problem on a + non-A/B system too).</p> + + <h3>Doesn't all this writing/copying increase flash wear?</h3> + + <p>Only a small portion of flash is rewritten: a full Pixel system update + writes about 2.3GiB. (Apps are also recompiled, but that's true of non-A/B + too.) Traditionally, block-based full OTAs wrote a similar amount of data, so + flash wear rates should be similar.</p> + + <h3>Does flashing two system partitions increase factory flashing time?</h3> + + <p>No. Pixel didn't increase in system image size (it merely divided the space + across two partitions).</p> + + <h3>Doesn't keeping .odex files on B make rebooting after factory data reset + slow?</h3> + + <p>Yes. If you've actually used a device, taken an OTA, and performed a factory + data reset, the first reboot will be slower than it would otherwise be (1m40s vs + 40s on a Pixel XL) because the .odex files will have been lost from B after the + first OTA and so can't be copied to <code>/data</code>. That's the trade-off.</p> + + <p>Factory data reset should be a rare operation when compared to regular boot + so the time taken is less important. (This doesn't affect users or reviewers who + get their device from the factory, because in that case the B partition is + available.) Use of the JIT compiler means we don't need to recompile + <em>everything</em>, so it's not as bad as you might think. It's also possible + to mark apps as requiring ahead-of-time compilation using + <code>coreApp="true"</code> in the manifest: + (<code><a href="https://android.googlesource.com/platform/frameworks/base/+/nougat-mr1-release/packages/SystemUI/AndroidManifest.xml#23" class="external">frameworks/base/+/nougat-mr1-release/packages/SystemUI/AndroidManifest.xml#23</a></code>). + This is currently used by <code>system_server</code> because it's not allowed to + JIT for security reasons.</p> + + <h3>Doesn't keeping .odex files on /data rather than /system make rebooting + after an OTA slow?</h3> + + <p>No. As explained above, the new dex2oat is run while the old system image is + still running to generate the files that will be needed by the new system. The + update isn't considered available until that work has been done.</p> + + <h3>Can (should) we ship a 32GiB A/B device? 16GiB? 8GiB?</h3> + + <p>32GiB works well as it was proven on Pixel, and 320MiB out of 16GiB means a + reduction of 2%. Similarly, 320MiB out of 8GiB a reduction of 4%. Obviously + A/B would not be the recommended choice on devices with 4GiB, as the 320MiB + overhead is almost 10% of the total available space.</p> + + <h3>Does AVB2.0 require A/B OTAs?</h3> + + <p>No. Android <a href="/security/verifiedboot/">Verified Boot</a> has always + required block-based updates, but not necessarily A/B updates.</p> + + <h3>Do A/B OTAs require AVB2.0?</h3> + + <p>No.</p> + + <h3>Do A/B OTAs break AVB2.0's rollback protection?</h3> + + <p>No. There's some confusion here because if an A/B system fails to boot into + the new system image it will (after some number of retries determined by your + bootloader) automatically revert to the "previous" system image. The key point + here though is that "previous" in the A/B sense is actually still the "current" + system image. As soon as the device successfully boots a new image, rollback + protection kicks in and ensures that you can't go back. But until you've + actually successfully booted the new image, rollback protection doesn't + consider it to be the current system image.</p> + + <h3>If you're installing an update while the system is running, isn't that + slow?</h3> + + <p>With non-A/B updates, the aim is to install the update as quickly as + possible because the user is waiting and unable to use their device while the + update is applied. With A/B updates, the opposite is true; because the user is + still using their device, as little impact as possible is the goal, so the + update is deliberately slow. Via logic in the Java system update client (which + for Google is GmsCore, the core package provided by GMS), Android also attempts + to choose a time when the users aren't using their devices at all. The platform + supports pausing/resuming the update, and the client can use that to pause the + update if the user starts to use the device and resume it when the device is + idle again.</p> + + <p>There are two phases while taking an OTA, shown clearly in the UI as + <em>Step 1 of 2</em> and <em>Step 2 of 2</em> under the progress bar. Step 1 + corresponds with writing the data blocks, while step 2 is pre-compiling the + .dex files. These two phases are quite different in terms of performance + impact. The first phase is simple I/O. This requires little in the way of + resources (RAM, CPU, I/O) because it's just slowly copying blocks around.</p> + + <p>The second phase runs dex2oat to precompile the new system image. This + obviously has less clear bounds on its requirements because it compiles actual + apps. And there's obviously much more work involved in compiling a large and + complex app than a small and simple app; whereas in phase 1 there are no disk + blocks that are larger or more complex than others.</p> + + <p>The process is similar to when Google Play installs an app update in the + background before showing the <em>5 apps updated</em> notification, as has been + done for years.</p> + + <h3>What if a user is actually waiting for the update?</h3> + + <p>The current implementation in GmsCore doesn't distinguish between background + updates and user-initiated updates but may do so in the future. In the case + where the user explicitly asked for the update to be installed or is watching + the update progress screen, we'll prioritize the update work on the assumption + that they're actively waiting for it to finish.</p> + + <h3>What happens if there's a failure to apply an update?</h3> + + <p>With non-A/B updates, if an update failed to apply, the user was usually + left with an unusable device. The only exception was if the failure occurred + before an application had even started (because the package failed to verify, + say). With A/B updates, a failure to apply an update does not affect the + currently running system. The update can simply be retried later.</p> + + <h3>What does GmsCore do?</h3> + + <p>In Google's A/B implementation, the platform APIs and + <code>update_engine</code> provide the mechanism while GmsCore provides the + policy. That is, the platform knows <em>how</em> to apply an A/B update and all + that code is in AOSP (as mentioned above); but it's GmsCore that decides + <em>what</em> and <em>when</em> to apply.</p> + + <p>If you’re not using GmsCore, you can write your own replacement using the + same platform APIs. The platform Java API for controlling + <code>update_engine</code> is <code>android.os.UpdateEngine</code>: + <code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/os/UpdateEngine.java" class="external-link">frameworks/base/core/java/android/os/UpdateEngine.java</a></code>. + Callers can provide an <code>UpdateEngineCallback</code> to be notified of status + updates: + <code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/os/UpdateEngineCallback.java" class="external-link">frameworks/base/+/master/core/java/android/os/UpdateEngineCallback.java</a></code>. + Refer to the reference files for the core classes to use the interface.</p> + + <h3>Which systems on a chip (SoCs) support A/B?</h3> + + <p>As of 2017-03-15, we have the following information:</p> + <table class="style0"> + <tbody> + <tr> + <td></td> + <td><strong>Android 7.x Release</strong></td> + <td><strong>Android 8.x Release</strong></td> + </tr> + <tr> + <td><strong>Qualcomm</strong></td> + <td>Depending on OEM requests </td> + <td>All chipsets will get support</td> + </tr> + <tr> + <td><strong>Mediatek</strong></td> + <td>Depending on OEM requests</td> + <td>All chipsets will get support</td> + </tr> + </tbody> + </table> + + <p>For details on schedules, check with your SoC contacts. For SoCs not listed + above, reach out to your SoC directly.</p> </body> </html> diff --git a/en/devices/tech/ota/index.html b/en/devices/tech/ota/index.html index 234ff2de..58737b5c 100644 --- a/en/devices/tech/ota/index.html +++ b/en/devices/tech/ota/index.html @@ -23,138 +23,42 @@ -<p>Android devices in the field can receive and install over-the-air (OTA) -updates to the system and application software. Devices have a special -recovery partition with the software needed to unpack a downloaded update -package and apply it to the rest of the system.</p> -<p>This section describes the structure of these packages and the tools -provided to build them. It is intended for developers who want to -make the OTA update system work on new Android devices and those who are -building update packages for use with released devices. OTA updates are -designed to upgrade the underlying operating system and the read-only apps -installed on the system partition; these updates do <i>not</i> affect -applications installed by the user from Google Play. -</p> -<p>This section describes the OTA system as of the Android 5.x release. For -help porting OTA-related code from older releases, see <a href="#migrating"> -Migrating from previous releases</a>. -</p> + <p> + Android devices in the field can receive and install over-the-air (OTA) + updates to the system and application software. This section describes + the structure of the update packages and the tools provided to build + them. It is intended for developers who want to make the OTA update + system work on new Android devices and those who are building update + packages for use with released devices. OTA updates are designed to + upgrade the underlying operating system and the read-only apps installed + on the system partition; these updates do <em>not</em> affect + applications installed by the user from Google Play. + </p> -<h2 id="android-device-layout">Android device layout</h2> -<p>The flash space on an Android device typically contains the following -partitions.</p> + <h2 id="ab_updates">A/B updates</h2> -<dl> -<dt>boot</dt> -<dd>Contains the Linux kernel and a minimal root filesystem (loaded into a RAM -disk). It mounts system and other partitions and starts the runtime located on -the system partition.</dd> -<dt>system</dt> -<dd>Contains system applications and libraries that have source code available -on Android Open Source Project (AOSP). During normal operation, this partition -is mounted read-only; its contents change only during an OTA update.</dd> -<dt>vendor</dt> -<dd>Contains system applications and libraries that do <em>not</em> have -source code available on Android Open Source Project (AOSP). During normal -operation, this partition is mounted read-only; its contents change only -during an OTA update.</dd> -<dt>userdata</dt> -<dd>Stores the data saved by applications installed by the user, etc. This -partition is not normally touched by the OTA update process.</dd> -<dt>cache</dt> -<dd>Temporary holding area used by a few applications (accessing this -partition requires special app permissions) and for storage of downloaded OTA -update packages. Other programs use this space with the expectation that files -can disappear at any time. Some OTA package installations may result in this -partition being wiped completely.</dd> -<dt>recovery</dt> -<dd>Contains a second complete Linux system, including a kernel and the -special recovery binary that reads a package and uses its contents to update -the other partitions.</dd> -<dt>misc</dt> -<dd>Tiny partition used by recovery to stash some information away about what -it's doing in case the device is restarted while the OTA package is being -applied.</dd></dl> + <p> + Modern A/B devices have two copies of each partition, A and B. Devices + apply the update to the currently unused partition while the system is + running but idle. A/B devices do not need space to download the update + package because they can apply the update as they read it from the + network. This is called <em>streaming A/B</em>. A/B updates are also + know as <em>seamless updates</em>. For more information about OTA + updates for A/B devices, see + <a href="/devices/tech/ota/ab_updates.html">A/B (Seamless) System + Update + </a>. + </p> -<h2 id="life-ota-update">Life of an OTA update</h2> -<p>A typical OTA update contains the following steps:</p> -<ol> -<li>Device performs regular check in with OTA servers and is notified of the -availability of an update, including the URL of the update package and a -description string to show the user.</li> -<li>Update downloads to a cache or data partition, and its cryptographic -signature is verified against the certificates in -<code>/system/etc/security/otacerts.zip</code>. User is prompted to install the -update.</li> -<li>Device reboots into recovery mode, in which the kernel and system in the -recovery partition are booted instead of the kernel in the boot partition.</li> -<li>Recovery binary is started by init. It finds command-line arguments in -<code>/cache/recovery/command</code> that point it to the downloaded package. -</li> -<li>Recovery verifies the cryptographic signature of the package against the -public keys in <code>/res/keys</code> (part of the RAM disk contained in the -recovery partition).</li> -<li>Data is pulled from the package and used to update the boot, system, -and/or vendor partitions as necessary. One of the new files left on the system -partition contains the contents of the new recovery partition.</li> -<li>Device reboots normally. <ol style="list-style-type:lower-alpha"> -<li>The newly updated boot partition is loaded, and it mounts and starts -executing binaries in the newly updated system partition.</li> -<li>As part of normal startup, the system checks the contents of the recovery -partition against the desired contents (which were previously stored as a file -in <code>/system</code>). They are different, so the recovery partition is -reflashed with the desired contents. (On subsequent boots, the recovery -partition already contains the new contents, so no reflash is necessary.)</li> -</ol></li> -</ol> -<p>The system update is complete!</p> + <h2 id="nonab_updates">Non-A/B updates</h2> -<h2 id="migrating">Migrating from previous releases</h2> - -<p>When migrating from Android 2.3/3.0/4.0 release, the major change is the -conversion of all the device-specific functionality from a set of C functions -with predefined names to C++ objects. The following table lists the old -functions and the new methods that serve a roughly equivalent purpose:</p> - -<table> -<tbody> -<tr> -<th>C function</th> -<th>C++ method</th> -</tr> -<tr> -<td>device_recovery_start()</td> -<td>Device::RecoveryStart()</td> -</tr> -<tr> -<td>device_toggle_display()<br> -device_reboot_now()<br> -</td> -<td>RecoveryUI::CheckKey()<br> -(also RecoveryUI::IsKeyPressed())<br> -</td> -</tr> -<tr> -<td>device_handle_key()</td> -<td>Device::HandleMenuKey()</td> -</tr> -<tr> -<td>device_perform_action()</td> -<td>Device::InvokeMenuItem()</td> -</tr> -<tr> -<td>device_wipe_data()</td> -<td>Device::WipeData()</td> -</tr> -<tr> -<td>device_ui_init()</td> -<td>ScreenRecoveryUI::Init()</td> -</tr> -</tbody> -</table> - -<p>Conversion of old functions to new methods should be reasonably -straightforward. Don't forget to add the new <code>make_device()</code> -function to create and return an instance of your new Device subclass.</p> + <p> + Older devices have a special recovery partition containing the software + needed to unpack a downloaded update package and apply the update to + the other partitions. For more information, see + <a href="/devices/tech/ota/nonab_updates.html">Non-A/B System Updates + </a>. + </p> + </body> </html> diff --git a/en/devices/tech/ota/nonab_updates.html b/en/devices/tech/ota/nonab_updates.html new file mode 100644 index 00000000..627fa263 --- /dev/null +++ b/en/devices/tech/ota/nonab_updates.html @@ -0,0 +1,195 @@ +<html devsite> + <head> + <title>Non-A/B System Updates</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + + <p>On older Android devices without A/B partitions, the flash space + typically contains the following partitions: + </p> + + <dl> + <dt>boot</dt> + <dd> + Contains the Linux kernel and a minimal root filesystem (loaded into + a RAM disk). It mounts system and other partitions and starts the + runtime located on the system partition. + </dd> + + <dt>system</dt> + <dd> + Contains system applications and libraries that have source code + available on Android Open Source Project (AOSP). During normal + operation, this partition is mounted read-only; its contents change + only during an OTA update. + </dd> + + <dt>vendor</dt> + <dd> + Contains system applications and libraries that do <em>not</em> have + source code available on Android Open Source Project (AOSP). During + normal operation, this partition is mounted read-only; its contents + change only during an OTA update. + </dd> + + <dt>userdata</dt> + <dd> + Stores the data saved by applications installed by the user, etc. This + partition is not normally touched by the OTA update process. + </dd> + + <dt>cache</dt> + <dd> + Temporary holding area used by a few applications (accessing this + partition requires special app permissions) and for storage of + downloaded OTA update packages. Other programs use this space with the + expectation that files can disappear at any time. Some OTA package + installations may result in this partition being wiped completely. + </dd> + + <dt>recovery</dt> + <dd> + Contains a second complete Linux system, including a kernel and the + special recovery binary that reads a package and uses its contents to + update the other partitions. + </dd> + + <dt>misc</dt> + <dd> + Tiny partition used by recovery to stash some information away about + what it is doing in case the device is restarted while the OTA package + is being applied. + </dd> + </dl> + + <h2 id="life-ota-update">Life of an OTA update</h2> + + <p>A typical OTA update contains the following steps:</p> + + <ol> + <li> + Device performs regular check in with OTA servers and is notified of + the availability of an update, including the URL of the update + package and a description string to show the user. + </li> + <li> + Update downloads to a cache or data partition, and its cryptographic + signature is verified against the certificates in + <code>/system/etc/security/otacerts.zip</code>. User is prompted to + install the update. + </li> + <li> + Device reboots into recovery mode, in which the kernel and system in + the recovery partition are booted instead of the kernel in the boot + partition. + </li> + <li> + Recovery binary is started by init. It finds command-line arguments + in <code>/cache/recovery/command</code> that point it to the + downloaded package. + </li> + <li> + Recovery verifies the cryptographic signature of the package against + the public keys in <code>/res/keys</code> (part of the RAM disk + contained in the recovery partition). + </li> + <li> + Data is pulled from the package and used to update the boot, system, + and/or vendor partitions as necessary. One of the new files left on + the system partition contains the contents of the new recovery partition. + </li> + <li>Device reboots normally. + <ol style="list-style-type:lower-alpha"> + <li> + The newly updated boot partition is loaded, and it mounts and + starts executing binaries in the newly updated system partition. + </li> + <li> + As part of normal startup, the system checks the contents of the + recovery partition against the desired contents (which were + previously stored as a file in <code>/system</code>). They are + different, so the recovery partition is reflashed with the + desired contents. (On subsequent boots, the recovery partition + already contains the new contents, so no reflash is necessary.) + </li> + </ol> + </li> + </ol> + + <p>The system update is complete!</p> + + <h2 id="migrating">Migrating from previous releases</h2> + + <p> + When migrating from Android 2.3/3.0/4.0 release, the major change is + the conversion of all the device-specific functionality from a set of + C functions with predefined names to C++ objects. The following table + lists the old functions and the new methods that serve a roughly equivalent purpose: + </p> + + <table> + <tr> + <th>C function</th> + <th>C++ method</th> + </tr> + + <tr> + <td>device_recovery_start()</td> + <td>Device::RecoveryStart()</td> + </tr> + + <tr> + <td>device_toggle_display()<br /> + device_reboot_now()<br /> + </td> + <td>RecoveryUI::CheckKey()<br /> + (also RecoveryUI::IsKeyPressed())<br /> + </td> + </tr> + + <tr> + <td>device_handle_key()</td> + <td>Device::HandleMenuKey()</td> + </tr> + + <tr> + <td>device_perform_action()</td> + <td>Device::InvokeMenuItem()</td> + </tr> + + <tr> + <td>device_wipe_data()</td> + <td>Device::WipeData()</td> + </tr> + + <tr> + <td>device_ui_init()</td> + <td>ScreenRecoveryUI::Init()</td> + </tr> + </table> + + <p> + Conversion of old functions to new methods should be reasonably + straightforward. Don't forget to add the new <code>make_device()</code> + function to create and return an instance of your new Device subclass. + </p> + + </body> +</html>
\ No newline at end of file diff --git a/en/security/_toc.yaml b/en/security/_toc.yaml index f4a56068..c8e29d4a 100644 --- a/en/security/_toc.yaml +++ b/en/security/_toc.yaml @@ -34,11 +34,17 @@ toc: - title: Overview path: /security/bulletin/ - title: Advisories - path: /security/advisory/ + section: + - title: Overview + path: /security/advisory/ + - title: March 2016 + path: /security/advisory/2016-03-18 - title: Android Bulletins section: - title: 2017 Bulletins section: + - title: November + path: /security/bulletin/2017-11-01 - title: October path: /security/bulletin/2017-10-01 - title: September @@ -107,6 +113,8 @@ toc: section: - title: Overview path: /security/bulletin/pixel/index + - title: November 2017 + path: /security/bulletin/pixel/2017-11-01 - title: October 2017 path: /security/bulletin/pixel/2017-10-01 - title: Application Signing diff --git a/en/security/advisory/2016-03-18.html b/en/security/advisory/2016-03-18.html index f271b032..24484009 100644 --- a/en/security/advisory/2016-03-18.html +++ b/en/security/advisory/2016-03-18.html @@ -106,7 +106,7 @@ are available.</p> <p>Google has released a fix in the AOSP repository for multiple kernel versions. Android partners have been notified of these fixes and are encouraged to apply -them. If further updates are required, Android will publish them directly to ASOP.</p> +them. If further updates are required, Android will publish them directly to AOSP.</p> <table> <tr> diff --git a/en/security/bulletin/2017-11-01.html b/en/security/bulletin/2017-11-01.html new file mode 100644 index 00000000..52981d43 --- /dev/null +++ b/en/security/bulletin/2017-11-01.html @@ -0,0 +1,732 @@ +<html devsite> + <head> + <title>Android Security Bulletin—November 2017</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + //www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>Published November 6, 2017 | Updated November 8, 2017</em></p> +<p> +The Android Security Bulletin contains details of security vulnerabilities +affecting Android devices. Security patch levels of 2017-11-06 or later address +all of these issues. To learn how to check a device's security patch level, see +<a href="//support.google.com/pixelphone/answer/4457705">Check and update +your Android version</a>. +</p> +<p> +Android partners were notified of all issues in the 2017-11-01 and 2017-11-05 +patch levels at least a month before publication. Android partners were notified +of all issues in the 2017-11-06 patch level within the last month. Source code +patches for these issues have been released to the Android Open Source Project +(AOSP) repository and linked from this bulletin. This bulletin also includes +links to patches outside of AOSP. +</p> +<p> +The most severe of these issues is a critical security vulnerability in Media +framework that could enable a remote attacker using a specially crafted file to +execute arbitrary code within the context of a privileged process. The <a +href="/security/overview/updates-resources.html#severity">severity +assessment</a> is based on the effect that exploiting the vulnerability would +possibly have on an affected device, assuming the platform and service +mitigations are turned off for development purposes or if successfully bypassed. +</p> +<p> +We have had no reports of active customer exploitation or abuse of these newly +reported issues. Refer to the <a href="#mitigations">Android and Google Play +Protect mitigations</a> section for details on the <a +href="/security/enhancements/index.html">Android +security platform protections</a> and Google Play Protect, which improve the +security of the Android platform. +</p> +<p class="note"> +<strong>Note:</strong> Information on the latest over-the-air update (OTA) and +firmware images for Google devices is available in the +<a href="/security/bulletin/pixel/2017-11-01">November 2017 +Pixel / Nexus Security Bulletin</a>. +</p> +<h2 id="announcements">Announcements</h2> +<ul> + <li>We have launched a new + <a href="/security/bulletin/pixel/">Pixel / Nexus Security + Bulletin</a>, which contains information on additional security + vulnerabilities and functional improvements that are addressed on supported + Pixel and Nexus devices. Android device manufacturers may choose to address + these issues on their devices. See <a href="#questions">Common questions and + answers</a> for additional information.</li> + <li>Security patches for the KRACK vulnerabilities are provided under the + 2017-11-06 security patch level.</li> +</ul> +<h2 id="mitigations">Android and Google service mitigations</h2> +<p> +This is a summary of the mitigations provided by the <a +href="/security/enhancements/index.html">Android +security platform</a> and service protections such as <a +href="//www.android.com/play-protect">Google Play Protect</a>. These +capabilities reduce the likelihood that security vulnerabilities could be +successfully exploited on Android. +</p> +<ul> + <li>Exploitation for many issues on Android is made more difficult by + enhancements in newer versions of the Android platform. We encourage all users + to update to the latest version of Android where possible.</li> + <li>The Android security team actively monitors for abuse through <a + href="//www.android.com/play-protect">Google Play Protect</a> and warns + users about <a + href="/security/reports/Google_Android_Security_PHA_classifications.pdf">Potentially + Harmful Applications</a>. Google Play Protect is enabled by default on devices + with <a href="//www.android.com/gms">Google Mobile Services</a>, and is + especially important for users who install apps from outside of Google + Play.</li> +</ul> +<h2 id="2017-11-01-details">2017-11-01 security patch level—Vulnerability details</h2> +<p> +In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2017-11-01 patch level. Vulnerabilities are +grouped under the component that they affect. There is a description of the +issue and a table with the CVE, associated references, <a +href="#type">type of vulnerability</a>, <a +href="/security/overview/updates-resources.html#severity">severity</a>, +and updated AOSP versions (where applicable). When available, we link the public +change that addressed the issue to the bug ID, like the AOSP change list. When +multiple changes relate to a single bug, additional references are linked to +numbers following the bug ID. +</p> +<h3 id="framework">Framework</h3> +<p>The most severe vulnerability in this section could enable a local malicious +application to bypass user interaction requirements in order to gain access to +additional permissions.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0830</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d05d2bac845048f84eebad8060d28332b6eda259">A-62623498</a></td> + <td>EoP</td> + <td>High</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0831</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/c510ecb3ec0eeca5425f5bc96fae80ea56f85be6">A-37442941</a> + [<a href="https://android.googlesource.com/platform/packages/apps/Settings/+/94c52029653426846c50c639e7f6b5404cedd472">2</a>]</td> + <td>EoP</td> + <td>High</td> + <td>8.0</td> + </tr> +</table> + + +<h3 id="media-framework">Media framework</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file to execute arbitrary code within the context of +a privileged process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0832</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/0a2112249af3c8de52f4da9e89d740b20246d050">A-62887820</a></td> + <td>RCE</td> + <td>Critical</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0833</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/5df744afde273bc4d0f7a499581dd2fb2ae6cb45">A-62896384</a></td> + <td>RCE</td> + <td>Critical</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0834</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/89b4c1cf9e2d18c27c2d9c8c7504e5e2d79ef289">A-63125953</a></td> + <td>RCE</td> + <td>Critical</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0835</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/c07e83250dcdc3be3eca434c266472be8fddec5f">A-63316832</a></td> + <td>RCE</td> + <td>Critical</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0836</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/6921d875c1176cc79a582dd7416e020bf011b53e">A-64893226</a></td> + <td>RCE</td> + <td>Critical</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0839</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/2bec2c3b1fd778b35f45ff4f8b385ff9208fe692">A-64478003</a></td> + <td>ID</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0840</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f630233ee42214b36e6862dc99114f2c2bdda018">A-62948670</a></td> + <td>ID</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> +</table> + + +<h3 id="system">System</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file to execute arbitrary code within the context of +a privileged process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0841</td> + <td><a href="https://android.googlesource.com/platform/system/core/+/47efc676c849e3abf32001d66e2d6eb887e83c48">A-37723026</a></td> + <td>RCE</td> + <td>Critical</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0842</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/b413f1b1365af4273647727e497848f95312d0ec">A-37502513</a></td> + <td>EoP</td> + <td>High</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> +</table> + + +<h2 id="2017-11-05-details">2017-11-05 security patch level—Vulnerability details</h2> +<p> +In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2017-11-05 patch level. Vulnerabilities are +grouped under the component that they affect and include details such as the +CVE, associated references, <a +href="#type">type +of vulnerability</a>, <a +href="/security/overview/updates-resources.html#severity">severity</a>, +component (where applicable), and updated AOSP versions (where applicable). When +available, we link the public change that addressed the issue to the bug ID, +like the AOSP change list. When multiple changes relate to a single bug, +additional references are linked to numbers following the bug ID. +</p> + +<h3 id="kernel-components">Kernel components</h3> +<p>The most severe vulnerability in this section could enable a local malicious +application to execute arbitrary code within the context of a privileged +process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-9077</td> + <td>A-62265013<br /> + <a href="//git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52"> +Upstream kernel</a></td> + <td>EoP</td> + <td>High</td> + <td>Networking subsystem</td> + </tr> + <tr> + <td>CVE-2017-7541</td> + <td>A-64258073<br /> + <a href="//git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c"> +Upstream kernel</a></td> + <td>EoP</td> + <td>High</td> + <td>WLAN</td> + </tr> +</table> + + +<h3 id="mediatek-components">MediaTek components</h3> +<p>The most severe vulnerability in this section could enable a local malicious +application to execute arbitrary code within the context of a privileged +process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0843</td> + <td>A-62670819<a href="#asterisk">*</a><br /> + M-ALPS03361488</td> + <td>EoP</td> + <td>High</td> + <td>CCCI</td> + </tr> +</table> + + +<h3 id="nvidia-components">NVIDIA components</h3> +<p>The most severe vulnerability in this section could enable a local malicious +application to execute arbitrary code within the context of a privileged +process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-6264</td> + <td>A-34705430<a href="#asterisk">*</a><br /> + N-CVE-2017-6264</td> + <td>EoP</td> + <td>High</td> + <td>GPU driver</td> + </tr> +</table> + + +<h3 id="qualcomm-components">Qualcomm components</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file to execute arbitrary code within the context of +a privileged process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-11013</td> + <td>A-64453535<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=64297e4caffdf6b1a90807bbdb65a66b43582228"> +QC-CR#2058261</a> + [<a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c9f8654b11a1e693022ad7f163b3bc477fea8ce8">2</a>]</td> + <td>RCE</td> + <td>Critical</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11015</td> + <td>A-64438728<br /> + <a +href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ec58bc99e29d89f8e164954999ef8a45cec21754">QC-CR#2060959</a> +[<a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=1ef6add65a36de6c4da788f776de2b5b5c528d8e">2</a>]</td> + <td>RCE</td> + <td>Critical</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11014</td> + <td>A-64438727<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ec58bc99e29d89f8e164954999ef8a45cec21754"> +QC-CR#2060959</a></td> + <td>RCE</td> + <td>Critical</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11092</td> + <td>A-62949902<a href="#asterisk">*</a><br /> + QC-CR#2077454</td> + <td>EoP</td> + <td>High</td> + <td>GPU driver</td> + </tr> + <tr> + <td>CVE-2017-9690</td> + <td>A-36575870<a href="#asterisk">*</a><br /> + QC-CR#2045285</td> + <td>EoP</td> + <td>High</td> + <td>QBT1000 driver</td> + </tr> + <tr> + <td>CVE-2017-11017</td> + <td>A-64453575<br /> + <a href="//source.codeaurora.org/quic/la/kernel/lk/commit/?id=41423b4ef59ea8ed871ab1acc0c9cf48fd1017e4"> +QC-CR#2055629</a></td> + <td>EoP</td> + <td>High</td> + <td>Linux boot</td> + </tr> + <tr> + <td>CVE-2017-11028</td> + <td>A-64453533<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=fd70b655d901e626403f132b65fc03d993f0a09b"> +QC-CR#2008683</a> +[<a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=6724296d3f3b2821b83219768c1b9e971e380a9f">2</a>]</td> + <td>ID</td> + <td>High</td> + <td>Camera</td> + </tr> +</table> + + +<h2 id="2017-11-06-details">2017-11-06 security patch level—Vulnerability details</h2> +<p> +In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2017-11-06 patch level. Vulnerabilities are +grouped under the component that they affect and include details such as the +CVE, associated references, <a +href="#type">type of vulnerability</a>, <a +href="/security/overview/updates-resources.html#severity">severity</a>, +component (where applicable), and updated AOSP versions (where applicable). When +available, we link the public change that addressed the issue to the bug ID, +like the AOSP change list. When multiple changes relate to a single bug, +additional references are linked to numbers following the bug ID. +</p> +<h3 id="11-06-system">System</h3> +<p> +The most severe vulnerability in this section could enable a proximate attacker +to bypass user interaction requirements before joining an unsecured Wi-Fi +network. +</p> +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-13077</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/c66556ca2473620df9751e73eb97ec50a40ffd3e">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13078</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/10bfd644d0adaf334c036f8cda91a73984dbb7b9">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13079</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/10bfd644d0adaf334c036f8cda91a73984dbb7b9">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13080</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/10bfd644d0adaf334c036f8cda91a73984dbb7b9">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13081</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/10bfd644d0adaf334c036f8cda91a73984dbb7b9">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13082</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/f6e1f661b95908660c2bcf200266734c30803910">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13086</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/c580b5560810c3348335b4b284a48773ceaa2301">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13087</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/58c0e963554ac0be5628f3d2e5058e5c686c128a">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-13088</td> + <td><a +href="//android.googlesource.com/platform/external/wpa_supplicant_8/+/58c0e963554ac0be5628f3d2e5058e5c686c128a">A-67737262</a></td> + <td>EoP</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> +</table> +<p> +<strong>Note</strong>: Android partners may also need to obtain fixes from +chipset manufacturers where applicable. +</p> +<h2 id="questions">Common questions and answers</h2> +<p> +This section answers common questions that may occur after reading this +bulletin. +</p> +<p> +<strong>1. How do I determine if my device is updated to address these issues? +</strong> +</p> +<p> +To learn how to check a device's security patch level, see <a +href="//support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Check +& update your Android version</a>. +</p> +<ul> + <li>Security patch levels of 2017-11-01 or later address all issues associated + with the 2017-11-01 security patch level.</li> + <li>Security patch levels of 2017-11-05 or later address all issues associated + with the 2017-11-05 security patch level and all previous patch levels.</li> + <li>Security patch levels of 2017-11-06 or later address all issues associated + with the 2017-11-06 security patch level and all previous patch levels. + </li> +</ul> +<p> +Device manufacturers that include these updates should set the patch string +level to: +</p> +<ul> + <li>[ro.build.version.security_patch]:[2017-11-01]</li> + <li>[ro.build.version.security_patch]:[2017-11-05]</li> + <li>[ro.build.version.security_patch]:[2017-11-06]</li> +</ul> +<p> +<strong>2. Why does this bulletin have three security patch levels?</strong> +</p> +<p> +This bulletin has three security patch levels so that Android partners have the +flexibility to fix a subset of vulnerabilities that are similar across all +Android devices more quickly. Android partners are encouraged to fix all issues +in this bulletin and use the latest security patch level. +</p> +<ul> + <li>Devices that use the 2017-11-01 security patch level must include all issues + associated with that security patch level, as well as fixes for all issues + reported in previous security bulletins.</li> + <li>Devices that use the 2017-11-05 security patch level must include all issues + associated with that security patch level, the 2017-11-01 security patch level, + as well as fixes for all issues reported in previous security bulletins.</li> + <li>Devices that use the security patch level of 2017-11-06 or newer must + include all applicable patches in this (and previous) security + bulletins.</li> +</ul> +<p> +Partners are encouraged to bundle the fixes for all issues they are addressing +in a single update. +</p> +<p id="type"> +<strong>3. What do the entries in the <em>Type</em> column mean?</strong> +</p> +<p> +Entries in the <em>Type</em> column of the vulnerability details table reference +the classification of the security vulnerability. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Abbreviation</th> + <th>Definition</th> + </tr> + <tr> + <td>RCE</td> + <td>Remote code execution</td> + </tr> + <tr> + <td>EoP</td> + <td>Elevation of privilege</td> + </tr> + <tr> + <td>ID</td> + <td>Information disclosure</td> + </tr> + <tr> + <td>DoS</td> + <td>Denial of service</td> + </tr> + <tr> + <td>N/A</td> + <td>Classification not available</td> + </tr> +</table> +<p> +<strong>4. What do the entries in the <em>References</em> column mean?</strong> +</p> +<p> +Entries under the <em>References</em> column of the vulnerability details table +may contain a prefix identifying the organization to which the reference value +belongs. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Prefix</th> + <th>Reference</th> + </tr> + <tr> + <td>A-</td> + <td>Android bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm reference number</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek reference number</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA reference number</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom reference number</td> + </tr> +</table> +<p id="asterisk"> +<strong>5. What does a * next to the Android bug ID in the <em>References</em> +column mean?</strong> +</p> +<p> +Issues that are not publicly available have a * next to the Android bug ID in +the <em>References</em> column. The update for that issue is generally contained +in the latest binary drivers for Nexus devices available from the <a +href="//developers.google.com/android/nexus/drivers">Google Developer +site</a>. +</p> +<p> +<strong>6. Why are security vulnerabilities split between this bulletin and +device/partner security bulletins, such as the Pixel / Nexus bulletin?</strong> +</p> +<p> +Security vulnerabilities that are documented in this security bulletin are +required in order to declare the latest security patch level on Android devices. +Additional security vulnerabilities that are documented in the device/partner +security bulletins are not required for declaring a security patch level. +Android device and chipset manufacturers are encouraged to document the presence +of other fixes on their devices through their own security websites, such as the +<a href="//security.samsungmobile.com/securityUpdate.smsb">Samsung</a>, <a +href="//lgsecurity.lge.com/security_updates.html">LGE</a>, or <a +href="/security/bulletin/pixel/">Pixel / Nexus</a> security bulletins. +</p> +<h2 id="versions">Versions</h2> +<table> + <col width="25%"> + <col width="25%"> + <col width="50%"> + <tr> + <th>Version</th> + <th>Date</th> + <th>Notes</th> + </tr> + <tr> + <td>1.0</td> + <td>November 6, 2017</td> + <td>Bulletin published.</td> + </tr> + <tr> + <td>1.1</td> + <td>November 8, 2017</td> + <td>Bulletin revised to include AOSP links.</td> + </tr> +</table> + +</body></html> diff --git a/en/security/bulletin/index.html b/en/security/bulletin/index.html index 0703da46..1e337a14 100644 --- a/en/security/bulletin/index.html +++ b/en/security/bulletin/index.html @@ -67,6 +67,23 @@ Android Open Source Project (AOSP), the upstream Linux kernel, and system-on-chi <th>Security patch level</th> </tr> <tr> + <td><a href="/security/bulletin/2017-11-01.html">November 2017</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/2017-11-01.html">English</a> / + <a href="/security/bulletin/2017-11-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/2017-11-01.html?hl=ko">í•œêµì–´</a> / + <a href="/security/bulletin/2017-11-01.html?hl=ru">руÌÑÑкий</a> / + <a href="/security/bulletin/2017-11-01.html?hl=zh-cn">ä¸æ–‡ (ä¸å›½)</a> / + <a href="/security/bulletin/2017-11-01.html?hl=zh-tw">ä¸æ–‡ (å°ç£)</a> + --> + </td> + <td>November 6, 2017</td> + <td>2017-11-01<br> + 2017-11-05<br> + 2017-11-06</td> + </tr> + <tr> <td><a href="/security/bulletin/2017-10-01.html">October 2017</a></td> <td>Coming soon <!-- diff --git a/en/security/bulletin/pixel/2017-11-01.html b/en/security/bulletin/pixel/2017-11-01.html new file mode 100644 index 00000000..e4da8a22 --- /dev/null +++ b/en/security/bulletin/pixel/2017-11-01.html @@ -0,0 +1,885 @@ +<html devsite> + <head> + <title>Pixel / Nexus Security Bulletin—November 2017</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + //www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>Published November 6, 2017 | Updated November 8, 2017</em></p> +<p> +The Pixel / Nexus Security Bulletin contains details of security vulnerabilities +and functional improvements affecting <a +href="//support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported +Google Pixel and Nexus devices</a> (Google devices). +For Google devices, security patch levels of 2017-11-05 or later also address all +issues in this bulletin. To learn how to check a device's security patch level, see <a +href="//support.google.com/pixelphone/answer/4457705">Check and update your +Android version</a>. +</p> +<p> +All supported Google devices will receive an update to the 2017-11-05 patch +level. We encourage all customers to accept these updates to their devices. +</p> +<p class="note"> +<strong>Note:</strong> The Google device firmware images are available on the <a +href="//developers.google.com/android/nexus/images">Google Developer site</a>. +</p> +<h2 id="announcements">Announcements</h2> +<p> +In addition to the security vulnerabilities described in the <a +href="/security/bulletin/2017-11-01">November 2017 Android +Security Bulletin</a>, Pixel and Nexus devices also contain patches for the +security vulnerabilities described below. Partners were notified of these issues +at least a month ago and may choose to incorporate them as part of their device +updates. +</p> +<h2 id="security-patches">Security patches</h2> +<p> +Vulnerabilities are grouped under the component that they affect. There is a +description of the issue and a table with the CVE, associated references, <a +href="#type">type of vulnerability</a>, <a +href="/security/overview/updates-resources.html#severity">severity</a>, +and updated Android Open Source Project (AOSP) versions (where applicable). When +available, we link the public change that addressed the issue to the bug ID, +like the AOSP change list. When multiple changes relate to a single bug, +additional references are linked to numbers following the bug ID. +</p> + +<h3 id="framework">Framework</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0845</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e5787fc13164856e39690e40e81d3d46839eea16">A-35028827</a></td> + <td>DoS</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> +</table> + + +<h3 id="media-framework">Media framework</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0838</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/528c7dd7c2387ac634b23973d0c1120d0f3d7ee7">A-63522818</a></td> + <td>EoP</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0852</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/5aee2541810f19aec67a1a9ea64973eb557aae9c">A-62815506</a></td> + <td>DoS</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0</td> + </tr> + <tr> + <td>CVE-2017-0847</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/d162b02aefa4d2039f377ba9a45d753cd84d75f6">A-65540999</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>8.0</td> + </tr> + <tr> + <td>CVE-2017-0848</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/2bec2c3b1fd778b35f45ff4f8b385ff9208fe692">A-64477217</a></td> + <td>ID</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0849</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/aa11ab9fdbb63766703a6280f4fc778f2f2c91ed">A-62688399</a></td> + <td>ID</td> + <td>Moderate</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0850</td> + <td>A-64836941<a href="#asterisk">*</a></td> + <td>ID</td> + <td>Moderate</td> + <td>7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0851</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/8c5bb82f982e5949b3c2e3e0c80045cc5ff30ac8">A-35430570</a></td> + <td>ID</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0853</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libmpeg2/+/dd89269aa283dd740fd16c6d7d3cf225b3623338">A-63121644</a></td> + <td>ID</td> + <td>Moderate</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0854</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8c0289c09cddd378cd9a321ccdb1c62e7b80f626">A-63873837</a></td> + <td>ID</td> + <td>Moderate</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0857</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libavc/+/3eb692de916c3576a18990e3e4193fce93c016dc">A-65122447</a></td> + <td>NSI</td> + <td>NSI</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0858</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libavc/+/208c74d62a3e1039dc87818306e057877760fbaa">A-64836894</a></td> + <td>NSI</td> + <td>NSI</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0859</td> + <td rowspan="2">A-36075131<a href="#asterisk">*</a></td> + <td>NSI</td> + <td>NSI</td> + <td>7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> +</table> + + +<h3 id="runtime">Runtime</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2016-2105</td> + <td>A-63710022<a href="#asterisk">*</a></td> + <td>RCE</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1</td> + </tr> + <tr> + <td>CVE-2016-2106</td> + <td>A-63709511<a href="#asterisk">*</a></td> + <td>RCE</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1</td> + </tr> + <tr> + <td>CVE-2017-3731</td> + <td>A-63710076<a href="#asterisk">*</a></td> + <td>ID</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1</td> + </tr> +</table> + + +<h3 id="system">System</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0860</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/5508ca2c191f8fdf29d8898890a58bf1a3a225b3">A-31097064</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> +</table> + + +<h3 id="kernel-components">Kernel components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-6001</td> + <td>A-37901413<br /> + <a href="//android-review.googlesource.com/#/c/438399/">Upstream +kernel</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Core kernel</td> + </tr> + <tr> + <td>CVE-2017-0861</td> + <td>A-36006981<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Audio driver</td> + </tr> + <tr> + <td>CVE-2017-0862</td> + <td>A-36006779<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Kernel</td> + </tr> + <tr> + <td>CVE-2017-11600</td> + <td>A-64257838<br /> + <a href="//git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git/commit/?id=7bab09631c2a303f87a7eb7e3d69e888673b9b7e"> +Upstream kernel</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Networking subsystem</td> + </tr> + <tr> + <td>CVE-2017-0863</td> + <td>A-37950620<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> +</table> + + +<h3 id="mediatek-components">MediaTek components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0864</td> + <td>A-37277147<a href="#asterisk">*</a><br /> + M-ALPS03394571</td> + <td>EoP</td> + <td>Moderate</td> + <td>IoCtl (Flashlight)</td> + </tr> + <tr> + <td>CVE-2017-0865</td> + <td>A-65025090<a href="#asterisk">*</a><br /> + M-ALPS02973195</td> + <td>EoP</td> + <td>Moderate</td> + <td>SoC driver</td> + </tr> +</table> + + +<h3 id="nvidia-components">NVIDIA components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0866</td> + <td>A-38415808<a href="#asterisk">*</a><br /> + N-CVE-2017-0866</td> + <td>EoP</td> + <td>Moderate</td> + <td>Direct rendering infrastructure</td> + </tr> + <tr> + <td>CVE-2017-6274 </td> + <td>A-34705801<a href="#asterisk">*</a><br /> + N-CVE-2017-6274</td> + <td>EoP</td> + <td>Moderate</td> + <td>Thermal driver</td> + </tr> + <tr> + <td>CVE-2017-6275</td> + <td>A-34702397<a href="#asterisk">*</a><br /> + N-CVE-2017-6275</td> + <td>ID</td> + <td>Moderate</td> + <td>Thermal driver</td> + </tr> +</table> + + +<h3 id="qualcomm-components">Qualcomm components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-11073</td> + <td>A-62084791<a href="#asterisk">*</a><br /> + QC-CR#2064767</td> + <td>EoP</td> + <td>Moderate</td> + <td>Networking subsystem</td> + </tr> + <tr> + <td>CVE-2017-11035</td> + <td>A-64431968<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c5060da3e741577578d66dfadb7922d853da6156"> +QC-CR#2055659</a> + [<a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=cc1896424ae7a346090f601bc69c6ca51d9c3e04">2</a>]</td> + <td>EoP</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11012</td> + <td>A-64455446<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7d0e40d328fa092c36b9585516ed29fc6041be55"> +QC-CR#2054760</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11085</td> + <td>A-62952032<a href="#asterisk">*</a><br /> + QC-CR#2077909</td> + <td>EoP</td> + <td>Moderate</td> + <td>Audio</td> + </tr> + <tr> + <td>CVE-2017-11091</td> + <td>A-37478866<a href="#asterisk">*</a><br /> + QC-CR#2064235</td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> + <tr> + <td>CVE-2017-11026</td> + <td>A-64453104<br /> + <a +href="//source.codeaurora.org/quic/la/kernel/lk/commit/?id=88af13428d72d980003d99dd1dd0894ec3799a3e">QC-CR#1021460</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Linux boot</td> + </tr> + <tr> + <td>CVE-2017-11038</td> + <td>A-35888677<a href="#asterisk">*</a><br /> + QC-CR#2034087</td> + <td>EoP</td> + <td>Moderate</td> + <td>Memory subsystem</td> + </tr> + <tr> + <td>CVE-2017-11032</td> + <td>A-64431966<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=2720294757d0ad5294283c15dc837852f7b2329a"> +QC-CR#1051435</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Linux kernel</td> + </tr> + <tr> + <td>CVE-2017-9719</td> + <td>A-64438726<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a491499c3490999555b7ccf8ad1a7d6455625807"> +QC-CR#2042697</a> + [<a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d815f54f15d765b5e0035a9d208d71567bcaace0">2</a>]</td> + <td>EoP</td> + <td>Moderate</td> + <td>Display</td> + </tr> + <tr> + <td>CVE-2017-11024</td> + <td>A-64441352<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=f2a482422fefadfa0fa9b4146fc0e2b46ac04922"> +QC-CR#2031178</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Wired connectivity</td> + </tr> + <tr> + <td>CVE-2017-11025</td> + <td>A-64440043<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=95e72ae9281b77abc3ed0cc6a33c17b989241efa"> +QC-CR#2013494</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Audio</td> + </tr> + <tr> + <td>CVE-2017-11023</td> + <td>A-64434485<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=c36e61af0f770125d0061a8d988d0987cc8d116a"> +QC-CR#2029216</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Services</td> + </tr> + <tr> + <td>CVE-2017-11029</td> + <td>A-64433362<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=86f0d207d478e1681f6711b46766cfb3c6a30fb5"> +QC-CR#2025367</a> + [<a href="//source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=74ab23917b82769644a3299da47b58e080aa63f2">2</a>]</td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-11018</td> + <td>A-64441628<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm/commit/?id=1d718286c4c482502a2c4356cebef28aef2fb01f"> +QC-CR#897844</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-9721</td> + <td>A-64441353<br /> + <a href="//source.codeaurora.org/quic/la/kernel/lk/commit/?id=b40eb596bc96724a46bf00bfd9764e87775e7f1e"> +QC-CR#2039552</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Display</td> + </tr> + <tr> + <td>CVE-2017-9702</td> + <td>A-36492827<a href="#asterisk">*</a><br /> + QC-CR#2037398</td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-11089</td> + <td>A-36819059<a href="#asterisk">*</a><br /> + QC-CR#2055013</td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-8239</td> + <td>A-36251230<a href="#asterisk">*</a><br /> + QC-CR#1091603</td> + <td>ID</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-11090</td> + <td>A-36818836<a href="#asterisk">*</a><br /> + QC-CR#2061676</td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11093</td> + <td>A-37625232<a href="#asterisk">*</a><br /> + QC-CR#2077623</td> + <td>ID</td> + <td>Moderate</td> + <td>HDMI</td> + </tr> + <tr> + <td>CVE-2017-8279</td> + <td>A-62378962<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=f09aee50c2ee6b79d94cb42eafc82413968b15cb"> +QC-CR#2015227</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Services</td> + </tr> + <tr> + <td>CVE-2017-9696</td> + <td>A-36232584<a href="#asterisk">*</a><br /> + QC-CR#2029867</td> + <td>ID</td> + <td>Moderate</td> + <td>Kernel</td> + </tr> + <tr> + <td>CVE-2017-11058</td> + <td>A-37718081<br /> + <a href="//source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4d9812973e8b12700afd8c3d6f36a94506ffb6fc"> +QC-CR#2061251</a></td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11022</td> + <td>A-64440918<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1379bfb6c09ee2ad5969db45c27fb675602b4ed0">QC-CR#1086582</a> + [<a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f41e3dbc92d448d3d56cae5517e41a4bafafdf3f">2</a>]</td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-9701</td> + <td>A-63868730<br /> + <a href="//source.codeaurora.org/quic/la//kernel/lk/commit/?id=60a6821ca7723f84067faba64fb883d94357df16"> +QC-CR#2038992</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Linux boot</td> + </tr> + <tr> + <td>CVE-2017-11027</td> + <td>A-64453534<br /> + <a href="//source.codeaurora.org/quic/la/kernel/lk/commit/?id=393e5d1cc9e216e1d37bf25be6c376b395882f29"> +QC-CR#2055630</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Linux boot</td> + </tr> +</table> + +<h2 id="functional-updates">Functional updates</h2> +<p> +These updates are included for affected Pixel devices to address functionality +issues not related to the security of Pixel devices. The table includes +associated references; the affected category, such as Bluetooth or mobile data; +and a summary of the issue. +</p> +<table> + <col width="15%"> + <col width="15%"> + <col width="70%"> + <tr> + <th>References</th> + <th>Category</th> + <th>Improvements</th> + </tr> + <tr> + <td>A-65225835</td> + <td>Audio</td> + <td>Volume warning threshold adjusted in some regions.</td> + </tr> + <tr> + <td>A-37943083</td> + <td>Bluetooth</td> + <td>Improvements for Bluetooth devices only supporting AVRCP version 1.3.</td> + </tr> + <tr> + <td>A-63790458</td> + <td>Bluetooth</td> + <td>Improved headset connection pairing.</td> + </tr> + <tr> + <td>A-64142363</td> + <td>Bluetooth</td> + <td>Improved song info display on some Bluetooth carkits.</td> + </tr> + <tr> + <td>A-64991621</td> + <td>Bluetooth</td> + <td>Improved metadata in some carkits.</td> + </tr> + <tr> + <td>A-65223508</td> + <td>Bluetooth</td> + <td>Improved Bluetooth connections to some carkits.</td> + </tr> + <tr> + <td>A-65463237</td> + <td>Bluetooth</td> + <td>Improved Magic Tether on BLE.</td> + </tr> + <tr> + <td>A-64977836</td> + <td>Camera</td> + <td>Improved Autofocus during video capture.</td> + </tr> + <tr> + <td>A-65099590</td> + <td>Camera</td> + <td>Improved front camera response speed.</td> + </tr> + <tr> + <td>A-68159303</td> + <td>Display</td> + <td>Adjustments to display color mode setting.</td> + </tr> + <tr> + <td>A-68254840</td> + <td>Display</td> + <td>Adjustments to display brightness settings.</td> + </tr> + <tr> + <td>A-68279369</td> + <td>Display</td> + <td>Adjustments to navigation bar brightness.</td> + </tr> + <tr> + <td>A-64103722</td> + <td>Mobile data</td> + <td>Adjusted YouTube switching from mobile data to Wi-Fi.</td> + </tr> + <tr> + <td>A-65113738</td> + <td>Mobile data</td> + <td>Mobile data adjustments on 3 Network.</td> + </tr> + <tr> + <td>A-37187694</td> + <td>Stability</td> + <td>Improved application stability.</td> + </tr> + <tr> + <td>A-67959484</td> + <td>Stability</td> + <td>Adjustments to call quality.</td> + </tr> +</table> + +<h2 id="common-questions-and-answers">Common questions and answers</h2> +<p> +This section answers common questions that may occur after reading this +bulletin. +</p> +<p> +<strong>1. How do I determine if my device is updated to address these issues? +</strong> +</p> +<p> +Security patch levels of 2017-11-05 or later address all issues associated with +the 2017-11-05 security patch level and all previous patch levels. To learn how +to check a device's security patch level, read the instructions on the <a +href="//support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel +and Nexus update schedule</a>. +</p> +<p id="type"> +<strong>2. What do the entries in the <em>Type</em> column mean?</strong> +</p> +<p> +Entries in the <em>Type</em> column of the vulnerability details table reference +the classification of the security vulnerability. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Abbreviation</th> + <th>Definition</th> + </tr> + <tr> + <td>RCE</td> + <td>Remote code execution</td> + </tr> + <tr> + <td>EoP</td> + <td>Elevation of privilege</td> + </tr> + <tr> + <td>ID</td> + <td>Information disclosure</td> + </tr> + <tr> + <td>DoS</td> + <td>Denial of service</td> + </tr> + <tr> + <td>N/A</td> + <td>Classification not available</td> + </tr> +</table> +<p> +<strong>3. What do the entries in the <em>References</em> column mean?</strong> +</p> +<p> +Entries under the <em>References</em> column of the vulnerability details table +may contain a prefix identifying the organization to which the reference value +belongs. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Prefix</th> + <th>Reference</th> + </tr> + <tr> + <td>A-</td> + <td>Android bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm reference number</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek reference number</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA reference number</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom reference number</td> + </tr> +</table> +<p id="asterisk"> +<strong>4. What does a * next to the Android bug ID in the <em>References</em> +column mean?</strong> +</p> +<p> +Issues that are not publicly available have a * next to the Android bug ID in +the <em>References</em> column. The update for that issue is generally contained +in the latest binary drivers for Nexus devices available from the <a +href="//developers.google.com/android/nexus/drivers">Google Developer +site</a>. +</p> +<p> +<strong>5. Why are security vulnerabilities split between this bulletin and the +Android Security Bulletins?</strong> +</p> +<p> +Security vulnerabilities that are documented in the Android Security Bulletins +are required in order to declare the latest security patch level on Android +devices. Additional security vulnerabilities, such as those documented in this +bulletin, are not required for declaring a security patch level. +</p> +<h2 id="versions">Versions</h2> +<table> + <col width="25%"> + <col width="25%"> + <col width="50%"> + <tr> + <th>Version</th> + <th>Date</th> + <th>Notes</th> + </tr> + <tr> + <td>1.0</td> + <td>November 6, 2017</td> + <td>Bulletin published.</td> + </tr> + <tr> + <td>1.1</td> + <td>November 8, 2017</td> + <td>Bulletin updated with AOSP links and additional details on + functional updates.</td> + </tr> +</table> +</body></html> diff --git a/en/security/bulletin/pixel/index.html b/en/security/bulletin/pixel/index.html index ea492ea9..2df49896 100644 --- a/en/security/bulletin/pixel/index.html +++ b/en/security/bulletin/pixel/index.html @@ -59,6 +59,21 @@ AOSP 24–48 hours after the Pixel / Nexus bulletin is release <th>Security patch level</th> </tr> <tr> + <td><a href="/security/bulletin/pixel/2017-11-01.html">November 2017</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/pixel/2017-11-01.html">English</a> / + <a href="/security/bulletin/pixel/2017-11-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/pixel/2017-11-01.html?hl=ko">í•œêµì–´</a> / + <a href="/security/bulletin/pixel/2017-11-01.html?hl=ru">руÌÑÑкий</a> / + <a href="/security/bulletin/pixel/2017-11-01.html?hl=zh-cn">ä¸æ–‡ (ä¸å›½)</a> / + <a href="/security/bulletin/pixel/2017-11-01.html?hl=zh-tw">ä¸æ–‡ (å°ç£)</a> + --> + </td> + <td>November 6, 2017</td> + <td>2017-11-05</td> + </tr> + <tr> <td><a href="/security/bulletin/pixel/2017-10-01.html">October 2017</a></td> <td>Coming soon <!-- diff --git a/en/security/overview/acknowledgements.html b/en/security/overview/acknowledgements.html index 2179f646..a918dadd 100644 --- a/en/security/overview/acknowledgements.html +++ b/en/security/overview/acknowledgements.html @@ -65,6 +65,11 @@ Rewards</a> program.</p> <td>CVE-2017-0691, CVE-2017-0700</td> </tr> <tr> + <td>Aravind Machiry of Shellphish Grill Team, University of California, Santa +Barbara</td> + <td>CVE-2017-0865</td> + </tr> + <tr> <td>Dr. Asaf Shabtai of Ben Gurion University Cyber Lab</td> <td>CVE-2017-0650</td> </tr> @@ -73,7 +78,7 @@ Rewards</a> program.</p> Alibaba Mobile Security Group</td> <td>CVE-2017-0463, CVE-2017-0506, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751, CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, -CVE-2017-0827, CVE-2017-11000, CVE-2017-11059</td> +CVE-2017-0827, CVE-2017-0843, CVE-2017-0864, CVE-2017-11000, CVE-2017-11059</td> </tr> <tr> <td>Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)</td> @@ -108,13 +113,19 @@ CVE-2017-11060, CVE-2017-11061, CVE-2017-11064</td> <td>Chengming Yang of Alibaba Mobile Security Group</td> <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506, CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751, -CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-11000, -CVE-2017-11059</td> +CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-0843, +CVE-2017-0864, CVE-2017-9696, CVE-2017-9702, CVE-2017-11000, CVE-2017-11059, +CVE-2017-11089, CVE-2017-11090</td> + </tr> + <tr> + <td>Chenxiong Qian of Georgia Tech</td> + <td>CVE-2017-0860</td> </tr> <tr> <td><a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a> of <a href="https://c0reteam.org/">C0RE Team</a></td> - <td>CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0765</td> + <td>CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0765, +CVE-2017-0836, CVE-2017-0857</td> </tr> <tr> <td>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) @@ -153,11 +164,6 @@ href="http://c0reteam.org/">C0RE Team</a></td> <td>CVE-2017-0397, CVE-2017-0405, CVE-2017-0410, CVE-2017-0826</td> </tr> <tr> - <td>Dawei Peng of Alibaba Mobile Security Team - (<a href="http://weibo.com/u/5622360291">weibo: Vinc3nt4H</a>)</td> - <td>CVE-2017-0755</td> - </tr> - <tr> <td>Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>) of Xuanwu Lab, Tencent</td> <td>CVE-2017-0386, CVE-2017-0553, CVE-2017-0585, CVE-2017-0706</td> @@ -185,7 +191,7 @@ CVE-2017-0525, CVE-2017-8265</td> </tr> <tr> <td>Ecular Xu (å¾å¥) of Trend Micro</td> - <td>CVE-2017-0599, CVE-2017-0635, CVE-2017-0641, CVE-2017-0643</td> + <td>CVE-2017-0599, CVE-2017-0635, CVE-2017-0641, CVE-2017-0643, CVE-2017-0859</td> </tr> <tr> <td>Efthimios Alepis of University of Piraeus</td> @@ -216,7 +222,7 @@ CVE-2017-0645, CVE-2017-0784</td> <tr> <td>Gal Beniamini of Project Zero</td> <td>CVE-2017-0411, CVE-2017-0412, CVE-2017-0561, CVE-2017-0569 -CVE-2017-0570, CVE-2017-0571, CVE-2017-0572</td> + CVE-2017-0570, CVE-2017-0571, CVE-2017-0572</td> </tr> <tr> <td>Gengjia Chen (<a @@ -339,8 +345,8 @@ href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) of IceSword Lab, Qihoo 360</td> <td>CVE-2016-5346, CVE-2016-8416, CVE-2016-8475, CVE-2016-8478, CVE-2017-0445, CVE-2017-0458, CVE-2017-0459, CVE-2017-0518, CVE-2017-0519, -CVE-2017-0533, CVE-2017-0534, CVE-2017-6425, CVE-2017-8233, CVE-2017-8261, -CVE-2017-8268</td> +CVE-2017-0533, CVE-2017-0534, CVE-2017-0862, CVE-2017-6425, CVE-2017-8233, +CVE-2017-8261, CVE-2017-8268</td> </tr> <tr> <td>Joey Brand of Census Consulting Inc.</td> @@ -351,6 +357,12 @@ CVE-2017-8268</td> <td>CVE-2016-8461, CVE-2016-8462</td> </tr> <tr> + <td><a +href="https://www.linkedin.com/in/jose-maria-ariel-martinez-juarez-7910a189/">Jose +Martinez</a></td> + <td>CVE-2017-0841</td> + </tr> + <tr> <td>Juhu Nie of Xiaomi Inc.</td> <td>CVE-2016-10276</td> </tr> @@ -359,6 +371,10 @@ CVE-2017-8268</td> <td>CVE-2017-0404</td> </tr> <tr> + <td>Justin Paupore of Google</td> + <td>CVE-2017-0831</td> + </tr> + <tr> <td>Kevin Deus of Google</td> <td>CVE-2017-11052, CVE-2017-11054, CVE-2017-11055, CVE-2017-11062</td> </tr> @@ -366,8 +382,9 @@ CVE-2017-8268</td> <td>Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室)</td> <td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738, CVE-2017-0766, CVE-2017-0794 CVE-2017-9681, CVE-2017-9684, CVE-2017-9693, -CVE-2017-9694, CVE-2017-9720, CVE-2017-10999, CVE-2017-11001, CVE-2017-11057, -CVE-2017-11060, CVE-2017-11061, CVE-2017-11064</td> +CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9720, CVE-2017-10999, +CVE-2017-11001, CVE-2017-11057, +CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090</td> </tr> <tr> <td>Liyadong of Qex Team, Qihoo 360</td> @@ -419,7 +436,8 @@ href="http://c0reteam.org/">C0RE Team</a></td> CVE-2017-0450, CVE-2017-0479, CVE-2017-0480, CVE-2017-0483, CVE-2017-0665, CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0731, CVE-2017-0737, CVE-2017-0739, CVE-2017-0765, CVE-2017-0768, CVE-2017-0769, CVE-2017-0779, -CVE-2017-0801, CVE-2017-0812, CVE-2017-0815, CVE-2017-0816</td> +CVE-2017-0801, CVE-2017-0812, CVE-2017-0815, CVE-2017-0816, CVE-2017-0836, +CVE-2017-0840, CVE-2017-0857</td> </tr> <tr> <td>Monk Avel</td> @@ -471,19 +489,19 @@ href="https://twitter.com/jiych_guru">@jiych_guru</a>)</td> <tr> <td>Peng Xiao of Alibaba Mobile Security Group</td> <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506, -CVE-2017-0565</td> +CVE-2017-0565, CVE-2017-0842</td> </tr> <tr> <td>Pengfei Ding (ä¸é¹é£ž) of Baidu X-Lab (百度安全实验室)</td> <td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738, CVE-2017-0766, CVE-2017-0794, CVE-2017-9681, CVE-2017-9684, CVE-2017-9693, -CVE-2017-9694, CVE-2017-9715, CVE-2017-9717, +CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9715, CVE-2017-9717, CVE-2017-9720, CVE-2017-11001, CVE-2017-10999, CVE-2017-11057, -CVE-2017-11060, CVE-2017-11061, CVE-2017-11064</td> +CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090</td> </tr> <tr> <td>Peter Pi of Tencent Security Platform Department</td> - <td>CVE-2017-11046</td> + <td>CVE-2017-11046, CVE-2017-11091</td> </tr> <tr> <td>Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>) of @@ -502,16 +520,16 @@ CVE-2017-0459, CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0509, CVE-2017-0518, CVE-2017-0519, CVE-2017-0524, CVE-2017-0529, CVE-2017-0533, CVE-2017-0534, CVE-2017-0536, CVE-2017-0566, CVE-2017-0573, CVE-2017-0581, CVE-2017-0616, CVE-2017-0617, CVE-2017-0624, CVE-2017-0649, -CVE-2017-0744, CVE-2017-6425, CVE-2017-6426, CVE-2017-8233, CVE-2017-8243, -CVE-2017-8261, CVE-2017-8266, CVE-2017-8268, CVE-2017-8270, CVE-2017-9691, -CVE-2017-10997</td> +CVE-2017-0744, CVE-2017-0862, CVE-2017-6425, CVE-2017-6426, CVE-2017-8233, +CVE-2017-8243, CVE-2017-8261, CVE-2017-8266, CVE-2017-8268, CVE-2017-8270, +CVE-2017-9691, CVE-2017-10997</td> </tr> <tr> <td>Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) of KeenLab, Tencent (腾讯科æ©å®žéªŒå®¤)</td> <td>CVE-2017-0325, CVE-2017-0337, CVE-2017-0382, CVE-2017-0427, -CVE-2017-0476, CVE-2017-0544</td> +CVE-2017-0476, CVE-2017-0544, CVE-2017-0861, CVE-2017-0866</td> </tr> <tr> <td>Qing Zhang of Qihoo 360</td> @@ -526,9 +544,9 @@ CVE-2017-0476, CVE-2017-0544</td> <td>CVE-2017-0522</td> </tr> <tr> - <td>Roee Hay (<a href="https://twitter.com/roeehay">@rooehay</a>) of Aleph + <td>Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>) of Aleph Research, HCL Technologies</td> - <td>CVE-2016-10277, CVE-2017-0563, CVE-2017-0582, CVE-2017-0648</td> + <td>CVE-2016-10277, CVE-2017-0563, CVE-2017-0582, CVE-2017-0648, CVE-2017-0829</td> </tr> <tr> <td>Roee Hay of IBM Security X-Force Research</td> @@ -572,6 +590,10 @@ CVE-2017-0780, CVE-2017-6247, CVE-2017-6248, CVE-2017-6249, CVE-2017-7369</td> <td>CVE-2017-0498</td> </tr> <tr> + <td>Simon Chung of Georgia Tech</td> + <td>CVE-2017-0860</td> + </tr> + <tr> <td><a href="mailto:smarques84@gmail.com">Stéphane Marques</a> of <a href="http://www.byterev.com/">ByteRev</a></td> <td>CVE-2017-0489</td> @@ -641,6 +663,10 @@ Alibaba Inc.</td> <td>CVE-2017-0752</td> </tr> <tr> + <td>Wenke Lee of Georgia Tech</td> + <td>CVE-2017-0860</td> + </tr> + <tr> <td><a href="mailto:vancouverdou@gmail.com">Wenke Dou</a> of <a href="http://c0reteam.org/">C0RE Team</a></td> <td>CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400, @@ -657,11 +683,12 @@ of Alpha Team, Qihoo 360 Technology Co. Ltd.</td> <td>Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a href="http://www.weibo.com/wishlinux">å´æ½æµ </a> æ¤å½¼) of Ant-financial Light-Year Security Lab</td> - <td>CVE-2017-0408, CVE-2017-0477, CVE-2017-11063</td> + <td>CVE-2017-0408, CVE-2017-0477, CVE-2017-11063, CVE-2017-11092</td> </tr> <tr> <td>Wolfu (付敬贵) of Tencent Security Platform Department</td> - <td>CVE-2017-11050, CVE-2017-11051, CVE-2017-11067</td> + <td>CVE-2017-0863, CVE-2017-11050, CVE-2017-11051, CVE-2017-11067, +CVE-2017-11073, CVE-2017-11093</td> </tr> <tr> <td>Xiangqian Zhang of Alibaba Mobile Security Group</td> @@ -678,7 +705,7 @@ href="http://c0reteam.org/">C0RE Team</a></td> </tr> <tr> <td>Xiling Gong of Tencent Security Platform Department</td> - <td>CVE-2017-0597, CVE-2017-0708, CVE-2017-8236</td> + <td>CVE-2017-0597, CVE-2017-0708, CVE-2017-8236, CVE-2017-9690</td> </tr> <tr> <td>Xingyuan Lin of 360 Marvel Team</td> @@ -720,8 +747,12 @@ Qihoo 360 Technology Co. Ltd</td> <td>Yang Song of Alibaba Mobile Security Group</td> <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506, CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751, -CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-11000, -CVE-2017-11059</td> +CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-0842, +CVE-2017-0843, CVE-2017-0864, CVE-2017-11000, CVE-2017-11059</td> + </tr> + <tr> + <td>Yanick Fratantonio (UC Santa Barbara, Shellphish Grill Team, EURECOM)</td> + <td>CVE-2017-0860</td> </tr> <tr> <td>Yangkang (<a href="https://twitter.com/dnpushme">@dnpushme</a>) of Qex @@ -736,7 +767,7 @@ href="http://c0reteam.org/">C0RE Team</a></td> <tr> <td>Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) of Alibaba Inc.</td> - <td>CVE-2017-0404, CVE-2017-0588</td> + <td>CVE-2017-0404, CVE-2017-0588, CVE-2017-0842</td> </tr> <tr> <td>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of @@ -748,7 +779,7 @@ CVE-2017-8272, CVE-2017-11048, CVE-2017-12146</td> <tr> <td>Yongke Wang of <a href="http://xlab.tencent.com/">Tencent's Xuanwu Lab</a></td> - <td>CVE-2017-0729, CVE-2017-0767</td> + <td>CVE-2017-0729, CVE-2017-0767, CVE-2017-0839, CVE-2017-0848</td> </tr> <tr> <td>Dr. Yossi Oren of Ben Gurion University Cyber Lab</td> @@ -767,12 +798,13 @@ href="http://c0reteam.org/">C0RE Team</a></td> CVE-2016-8432, CVE-2016-8435, CVE-2016-8449, CVE-2016-8479, CVE-2016-8480, CVE-2016-8481, CVE-2016-8482, CVE-2016-10291, CVE-2017-0326, CVE-2017-0333, CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444, -CVE-2017-0448, CVE-2017-0526, CVE-2017-0527, CVE-2017-0651, CVE-2017-0709, -CVE-2017-0824, CVE-2017-7368, CVE-2017-8264, CVE-2017-10661</td> +CVE-2017-0448, CVE-2017-0526, CVE-2017-0527, CVE-2017-6264, CVE-2017-6274, +CVE-2017-6275, CVE-2017-0651, CVE-2017-0709, CVE-2017-0824, CVE-2017-7368, +CVE-2017-8264, CVE-2017-10661</td> </tr> <tr> <td>Yuebin Sun of <a href="http://xlab.tencent.com/">Tencent's Xuanwu Lab</a></td> - <td>CVE-2017-0767</td> + <td>CVE-2017-0767, CVE-2017-0839, CVE-2017-0848</td> </tr> <tr> <td>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>) of <a @@ -821,13 +853,15 @@ Response Center of Qihoo 360 Technology Co. Ltd.</td> CVE-2017-0691, CVE-2017-0700, CVE-2017-0714, CVE-2017-0718, CVE-2017-0719, CVE-2017-0720, CVE-2017-0722, CVE-2017-0725, CVE-2017-0745, CVE-2017-0760, CVE-2017-0761, CVE-2017-0764, CVE-2017-0776, CVE-2017-0777, CVE-2017-0778, -CVE-2017-0813, CVE-2017-0814, CVE-2017-0820, CVE-2017-0823</td> +CVE-2017-0813, CVE-2017-0814, CVE-2017-0820, CVE-2017-0823, CVE-2017-0850, +CVE-2017-0858</td> </tr> <tr> <td>Zubin Mithra of Google</td> <td>CVE-2017-0462, CVE-2017-8241</td> </tr> </table> + <h2 id="2016">2016</h2> <div style="LINE-HEIGHT:25px;"> @@ -1617,3 +1651,4 @@ alt="Patch Symbol" title="This person contributed code that improved Android sec </body> </html> + diff --git a/en/security/overview/updates-resources.html b/en/security/overview/updates-resources.html index a7a44415..ffe93fb2 100644 --- a/en/security/overview/updates-resources.html +++ b/en/security/overview/updates-resources.html @@ -40,8 +40,8 @@ media.</p> <p>Any developer, Android user, or security researcher can notify the Android security team of potential security issues through the <a -href="https://issuetracker.google.com/issues/new?component=190951"> -Android Security Issue template</a>.</p> +href="https://g.co/AndroidSecurityReport">security vulnerability reporting +form</a>.</p> <p>Bugs marked as security issues are not externally visible, but they may eventually be made visible after the issue is evaluated or resolved. If you diff --git a/en/source/build-numbers.html b/en/source/build-numbers.html index eb112273..1236ec35 100644 --- a/en/source/build-numbers.html +++ b/en/source/build-numbers.html @@ -208,6 +208,66 @@ site:</p> </thead> <tbody> <tr> + <td>OPD3.170816.023</td> + <td>android-8.0.0_r34</td> + <td>Oreo</td> + <td>Pixel 2 XL, Pixel 2</td> + </tr> + <tr> + <td>OPD1.170816.025</td> + <td>android-8.0.0_r33</td> + <td>Oreo</td> + <td>Pixel 2 XL, Pixel 2</td> + </tr> + <tr> + <td>OPR6.170623.023</td> + <td>android-8.0.0_r32</td> + <td>Oreo</td> + <td>Nexus 5X</td> + </tr> + <tr> + <td>OPR5.170623.011</td> + <td>android-8.0.0_r31</td> + <td>Oreo</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>OPR3.170623.013</td> + <td>android-8.0.0_r30</td> + <td>Oreo</td> + <td>Pixel XL, Pixel</td> + </tr> + <tr> + <td>OPR2.170623.027</td> + <td>android-8.0.0_r29</td> + <td>Oreo</td> + <td>Nexus Player</td> + </tr> + <tr> + <td>OPR1.170623.032</td> + <td>android-8.0.0_r28</td> + <td>Oreo</td> + <td>Pixel XL, Pixel, Pixel C</td> + </tr> + <tr> + <td>OPD3.170816.016</td> + <td>android-8.0.0_r27</td> + <td>Oreo</td> + <td>Pixel 2</td> + </tr> + <tr> + <td>OPD2.170816.015</td> + <td>android-8.0.0_r26</td> + <td>Oreo</td> + <td>Pixel 2</td> + </tr> + <tr> + <td>OPD1.170816.018</td> + <td>android-8.0.0_r25</td> + <td>Oreo</td> + <td>Pixel 2</td> + </tr> + <tr> <td>OPD3.170816.012</td> <td>android-8.0.0_r24</td> <td>Oreo</td> diff --git a/en/source/devices.html b/en/source/devices.html index 8ab40de2..a6fe0849 100644 --- a/en/source/devices.html +++ b/en/source/devices.html @@ -345,6 +345,12 @@ repo init -u https://android.googlesource.com/platform/manifest -b master & <code class="devsite-terminal">adb shell stm32_flash -u -d /dev/ttyAMA2 -e 0xffff -w /data/local/tmp/full.bin</code> </pre> </li> +<li>To build userspace HAL: +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal">make TARGET_SENSOR_MEZZANINE=neonkey -j24</code> +<code class="devsite-terminal">fastboot flashall</code> +</pre> +</li> </ol> </body> diff --git a/en/source/initializing.html b/en/source/initializing.html index 611d0e4c..662862be 100644 --- a/en/source/initializing.html +++ b/en/source/initializing.html @@ -270,7 +270,7 @@ To mount the image when you execute <code>mountAndroid</code>: <pre class="devsite-click-to-copy"> # mount the android file image -function mountAndroid() { hdiutil attach ~/android.dmg -mountpoint /Volumes/android; } +mountAndroid() { hdiutil attach ~/android.dmg -mountpoint /Volumes/android; } </pre> <p class="note"><strong>Note:</strong> If your system created a @@ -282,7 +282,7 @@ function mountAndroid() { hdiutil attach ~/android.dmg -mountpoint /Volumes/andr <p>To unmount it when you execute <code>umountAndroid</code>:</p> <pre class="devsite-click-to-copy"> # unmount the android file image -function umountAndroid() { hdiutil detach /Volumes/android; } +umountAndroid() { hdiutil detach /Volumes/android; } </pre> </li> </ul> diff --git a/en/source/site-updates.html b/en/source/site-updates.html index 821ced7e..8142f137 100644 --- a/en/source/site-updates.html +++ b/en/source/site-updates.html @@ -27,6 +27,14 @@ href="https://android.googlesource.com/platform/docs/source.android.com/+log/mas Open Source Project (AOSP) docs/source.android.com log</a> for the complete list of changes to this site. +<h2 id="Sept-2017">September 2017</h2> + +<p>This site has been released in China at <a + href="https://source.android.google.cn" + class="external-link">source.android.google.cn</a>. All + non-reference materials have also been translated into Simplified Chinese for + ease of use.</p> + <h2 id="August-2017">August 2017</h2> <p>Android 8.0 has been released! This section describes the major new features in the Android 8.0 platform.</p> @@ -48,6 +56,26 @@ Modular Kernel requirements</a>, and the <a href="/devices/tech/vts/index.html"> Vendor Test Suite (VTS) and Infrastructure</a>. </p> +<h4>FunctionFS support</h4> +<p> +<a class="external-link" + href="https://www.kernel.org/doc/Documentation/usb/functionfs.txt">FunctionFS</a> +(FFS) is a USB gadget function that is designed and controlled through user space. +Its support allows all of the function- and protocol-specific code to live in +user space, while all of the USB transport code lives in the kernel. Using + FFS moves Media Transfer Protocol (MTP) implementation into user space. +</p> + +<p> +On the frameworks side, most of the major changes exist in MtpServer. The +USB driver interface has been refactored into two different classes, one that +uses the old kernel driver and one that uses FFS. MtpServer is then able +to use that driver interface without needing to know the details of +implementation. The FFS driver writes the USB descriptors to a file when +the server starts up; it then writes data to endpoint files similar to the +kernel driver use. +</p> + <h4>Kernel enhancements to LLDB/C++ debugging</h4> <p> The Android 8.0 release includes kernel enhancements that help developers create diff --git a/ja/security/bulletin/2016-04-02.html b/ja/security/bulletin/2016-04-02.html index a2e81be0..12e334c4 100644 --- a/ja/security/bulletin/2016-04-02.html +++ b/ja/security/bulletin/2016-04-02.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Nexus ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ± - 2016 å¹´ 4 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,557 +20,342 @@ limitations under the License. --> +<p><em>2016 å¹´ 4 月 4 日公開 | 2016 å¹´ 12 月 19 日更新</em></p> +<p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹æœˆä¾‹æƒ…å ±å…¬é–‹ã®ä¸€ç’°ã¨ã—ã¦ã€Nexus 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Nexus ファームウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a> +ã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¦ã„ã¾ã™ã€‚2016 å¹´ 4 月 2 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ï¼ˆã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/nexus/answer/4457705">Nexus ã®ãƒ‰ã‚ュメント</a>ã‚’ã”覧ãã ã•ã„)。</p> +<p>パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2016 å¹´ 3 月 16 æ—¥ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚該当ã™ã‚‹å ´åˆã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã¯ã€Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)レãƒã‚¸ãƒˆãƒªã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã¾ãŸã¯ä¸æ£ãªå›žé¿ã«ã‚ˆã‚Šç„¡åŠ¹ã¨ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> + +<p>2016 å¹´ 3 月 18 日㮠<a href="/security/advisory/2016-03-18.html">Android ã‚»ã‚ュリティ アドãƒã‚¤ã‚¶ãƒª</a>ã§ã¯ã€<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> を利用ã—ã¦ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹ã‚¢ãƒ—リã«ã¤ã„ã¦å–り上ã’ã¾ã—ãŸã€‚<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> ã¯ã“ã®ã‚¢ãƒƒãƒ—デートã§è§£æ±ºã•ã‚Œã¦ã„ã¾ã™ã€‚æ–°ãŸã«è¦‹ã¤ã‹ã£ãŸä»–ã®å•é¡ŒãŒå®Ÿéš›ã«ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ç«¯æœ«ã§åˆ©ç”¨ã¾ãŸã¯æ‚ªç”¨ã•ã‚ŒãŸã¨ã„ㆠ+å ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã¤ã„ã¦è©³ã—ãã¯ã€ä¸‹è¨˜ã®<a href="#mitigations">リスクã®è»½æ¸›</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã«ã‚ˆã‚Šã€Android プラットフォームã®ã‚»ã‚ュリティãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚</p> -<p><em>2016 å¹´ 4 月 4 日公開 | 2016 å¹´ 4 月 6 日更新</em></p> -<p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹æœˆä¾‹æƒ…å ±å…¬é–‹ã®ä¸€ç’°ã¨ã—ã¦ã€Nexus 端末ã«å¯¾ã™ã‚‹ -ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚ -Nexus ファームウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a> -ã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¦ã„ã¾ã™ã€‚ -2016 å¹´ 4 月 2 日以é™ã® -ã‚»ã‚ュリティ パッムレベルã¯ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚‚ã®ã§ã™ï¼ˆ -ã‚»ã‚ュリティ パッムレベルを -確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/nexus/answer/4457705">Nexus ã®ãƒ‰ã‚ュメント</a>ã‚’ã”覧ãã ã•ã„)。</p> -<p>パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2016 å¹´ 3 月 16 æ—¥ã¾ã§ã« -通知済ã¿ã§ã™ã€‚該当ã™ã‚‹å ´åˆã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã¯ã€Android -オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)レãƒã‚¸ãƒˆãƒªã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> -<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€ -攻撃対象ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒ -å¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚</p> -<p> -2016 å¹´ 3 月 18 日㮠<a href="/security/advisory/2016-03-18.html">Android ã‚»ã‚ュリティ アドãƒã‚¤ã‚¶ãƒª</a>ã§ã¯ã€ -<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> を利用ã—㦠-ルート権é™ã‚’å–å¾—ã™ã‚‹ã‚¢ãƒ—リã«ã¤ã„ã¦å–り上ã’ã¾ã—ãŸã€‚<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 㯠-ã“ã®ã‚¢ãƒƒãƒ—デートã§è§£æ±ºã•ã‚Œã¦ã„ã¾ã™ã€‚ -æ–°ãŸã«è¦‹ã¤ã‹ã£ãŸä»–ã®å•é¡ŒãŒå®Ÿéš›ã«ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ç«¯æœ«ã§åˆ©ç”¨ã¾ãŸã¯æ‚ªç”¨ã•ã‚ŒãŸã¨ã„ㆠ-å ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ -SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“ス㮠-ä¿è·ï¼ˆAndroid プラットフォームã®ã‚»ã‚ュリティをå‘上ã•ã›ã‚‹ã‚‚ã®ï¼‰ã«ã¤ã„ã¦è©³ã—ãã¯ã€ -下記ã®<a href="#mitigations">リスクã®è»½æ¸›</a>ã‚’ã”覧ãã ã•ã„。</p> -<h2 id="security_vulnerability_summary">ã‚»ã‚ュリティã®è„†å¼±æ€§ã®æ¦‚è¦</h2> -<p>下記ã®è¡¨ã«ã€ã‚»ã‚ュリティã®è„†å¼±æ€§ã€å…±é€šè„†å¼±æ€§è˜åˆ¥å(CVE)〠-ãŠã‚ˆã³ãã®é‡å¤§åº¦ã®è©•ä¾¡ã®ä¸€è¦§ã‚’示ã—ã¾ã™ã€‚ -<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€ -攻撃対象ã®ç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ -プラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã¾ãŸã¯ä¸æ£ãªå›žé¿ã«ã‚ˆã‚Š -無効ã¨ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> -<table> -<tr> -<th>å•é¡Œ</th> -<th>CVE</th> -<th>é‡å¤§åº¦</th> -</tr> -<tr> -<td>DHCPCD ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> -<td>CVE-2016-1503<br/> - CVE-2014-6060</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>メディア コーデックã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> -<td>CVE-2016-0834</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>メディアサーãƒãƒ¼ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> -<td>CVE-2016-0835<br/> - CVE-2016-0836<br/> - CVE-2016-0837<br/> - CVE-2016-0838<br/> - CVE-2016-0839<br/> - CVE-2016-0840<br/> - CVE-2016-0841</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>libstagefright ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> -<td>CVE-2016-0842</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2015-1805</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>Qualcomm パフォーマンス モジュールã§ã®æ¨©é™æ˜‡æ ¼ã®<br/> - 脆弱性</td> -<td>CVE-2016-0843</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>Qualcomm RF コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-0844</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2014-9322</td> -<td>é‡å¤§</td> -</tr> -<tr> -<td>IMemory ãƒã‚¤ãƒ†ã‚£ãƒ– インターフェースã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-0846</td> -<td>高</td> -</tr> -<tr> -<td>通信コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-0847</td> -<td>高</td> -</tr> -<tr> -<td>ダウンãƒãƒ¼ãƒ‰ マãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-0848</td> -<td>高</td> -</tr> -<tr> -<td>リカãƒãƒª プãƒã‚·ãƒ¼ã‚¸ãƒ£ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-0849</td> -<td>高</td> -</tr> -<tr> -<td>Bluetooth ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-0850</td> -<td>高</td> -</tr> -<tr> -<td>Texas Instruments ãƒãƒ—ティクス ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2409</td> -<td>高</td> -</tr> -<tr> -<td>動画用カーãƒãƒ« ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2410</td> -<td>高</td> -</tr> -<tr> -<td>Qualcomm é›»æºç®¡ç†ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®<br/> -脆弱性</td> -<td>CVE-2016-2411</td> -<td>高</td> -</tr> -<tr> -<td>System_server ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2412</td> -<td>高</td> -</tr> -<tr> -<td>メディアサーãƒãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2413</td> -<td>高</td> -</tr> -<tr> -<td>Minikin ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> -<td>CVE-2016-2414</td> -<td>高</td> -</tr> -<tr> -<td>Exchange ActiveSync ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> -<td>CVE-2016-2415</td> -<td>高</td> -</tr> -<tr> -<td>メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> -<td>CVE-2016-2416<br/> - CVE-2016-2417<br/> - CVE-2016-2418<br/> - CVE-2016-2419</td> -<td>高</td> -</tr> -<tr> -<td>Debuggerd コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2420</td> -<td>ä¸</td> -</tr> -<tr> -<td>セットアップ ウィザードã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2421</td> -<td>ä¸</td> -</tr> -<tr> -<td>Wi-Fi ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2422</td> -<td>ä¸</td> -</tr> -<tr> -<td>Telephony ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> -<td>CVE-2016-2423</td> -<td>ä¸</td> -</tr> -<tr> -<td>SyncStorageEngine ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> -<td>CVE-2016-2424</td> -<td>ä¸</td> -</tr> -<tr> -<td>AOSP メールã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> -<td>CVE-2016-2425</td> -<td>ä¸</td> -</tr> -<tr> -<td>フレームワークã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> -<td>CVE-2016-2426</td> -<td>ä¸</td> -</tr> -<tr> -<td>BouncyCastle ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> -<td>CVE-2016-2427</td> -<td>ä¸</td> -</tr> -</table> <h2 id="mitigations">リスクã®è»½æ¸›</h2> -<p>ã“ã“ã§ã¯ã€<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>㨠SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã®è»½æ¸›ã«ã¤ã„ã¦æ¦‚説ã—ã¾ã™ã€‚ã“ã†ã—ãŸæ©Ÿèƒ½ã¯ã€Android ã§ã‚»ã‚ュリティã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’減らã—ã¾ã™ã€‚</p> + +<p>ã“ã“ã§ã¯ã€<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォーム</a>ã®ä¿è·ã¨ SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã®è»½æ¸›ã«ã¤ã„ã¦æ¦‚説ã—ã¾ã™ã€‚ã“ã†ã—ãŸæ©Ÿèƒ½ã¯ã€Android ã§ã‚»ã‚ュリティã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’減らã—ã¾ã™ã€‚</p> + <ul> -<li> Android プラットフォームã®æœ€æ–°ç‰ˆã§ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Android 上ã®å¤šãã®å•é¡Œã®æ‚ªç”¨ãŒå›°é›£ã«ãªã‚Šã¾ã™ã€‚Google ã§ã¯ã€ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã€ã§ãã‚‹é™ã‚Š -最新ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã® Android ã«æ›´æ–°ã™ã‚‹ã“ã¨ã‚’ãŠã™ã™ã‚ã—ã¦ã„ã¾ã™ã€‚ - </li><li> Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã‚„ SafetyNet ã«ã‚ˆã£ã¦è„†å¼±æ€§ã®æ‚ªç”¨ã‚’ç©æ¥µçš„ã« -監視ã—ã¦ãŠã‚Šã€å®³ã‚’åŠã¼ã™ãŠãã‚Œã®ã‚るアプリãŒæ¤œå‡ºã•ã‚Œã‚‹ã¨ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«å‰ã« -ユーザーã«è¦å‘Šã—ã¾ã™ã€‚端末ã®ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹ãƒ„ールã¯ã€Google Play ã§ç¦æ¢ -ã•ã‚Œã¦ã„ã¾ã™ã€‚Google Play 以外ã‹ã‚‰ã‚¢ãƒ—リをインストールã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚’ä¿è·ã™ã‚‹ãŸã‚〠-「アプリã®ç¢ºèªã€ãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ãŠã‚Šã€ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹æ—¢çŸ¥ã®ã‚¢ãƒ—リ㫠-ã¤ã„ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¾ã™ã€‚「アプリã®ç¢ºèªã€ã§ã¯ã€æ‚ªæ„ã®ã‚る既知ã®ã‚¢ãƒ—リã§æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒ -悪用ã•ã‚Œãªã„よã†ã«ã€ãã®ã‚ˆã†ãªã‚¢ãƒ—リã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã‚’見ã¤ã‘ã¦é˜»æ¢ã—ã¾ã™ã€‚ã“ã†ã—ãŸã‚¢ãƒ—リ㌠-æ—¢ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é€šçŸ¥ã—ã¦ã€ -ãã®ã‚¢ãƒ—リã®å‰Šé™¤ã‚’試ã¿ã¾ã™ã€‚ - </li><li> Google ãƒãƒ³ã‚°ã‚¢ã‚¦ãƒˆã‚„メッセンジャーã®ã‚¢ãƒ—リã§ã¯çŠ¶æ³ã‚’判æ–ã—ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ãªã©ã® -プãƒã‚»ã‚¹ã«è‡ªå‹•çš„ã«ãƒ¡ãƒ‡ã‚£ã‚¢ã‚’渡ã™ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 + <li>Android プラットフォームã®æœ€æ–°ç‰ˆã§ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Android 上ã®å¤šãã®å•é¡Œã«ã¤ã„ã¦æ‚ªç”¨ãŒå›°é›£ã«ãªã‚Šã¾ã™ã€‚Google ã§ã¯ã€ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã€ã§ãã‚‹é™ã‚Šæœ€æ–°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã® Android ã«æ›´æ–°ã™ã‚‹ã“ã¨ã‚’ãŠã™ã™ã‚ã—ã¦ã„ã¾ã™ã€‚ + </li><li> Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã‚„ SafetyNet ã«ã‚ˆã£ã¦è„†å¼±æ€§ã®æ‚ªç”¨ã‚’ç©æ¥µçš„ã«ç›£è¦–ã—ã¦ãŠã‚Šã€å®³ã‚’åŠã¼ã™ãŠãã‚Œã®ã‚るアプリãŒæ¤œå‡ºã•ã‚Œã‚‹ã¨ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«å‰ã«ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¾ã™ã€‚端末ã®ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹ãƒ„ールã¯ã€Google Play ã§ç¦æ¢ã•ã‚Œã¦ã„ã¾ã™ã€‚Google Play 以外ã‹ã‚‰ã‚¢ãƒ—リをインストールã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚’ä¿è·ã™ã‚‹ãŸã‚ã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ãŠã‚Šã€ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹æ—¢çŸ¥ã®ã‚¢ãƒ—リã«ã¤ã„ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¾ã™ã€‚「アプリã®ç¢ºèªã€ã§ã¯ã€æ‚ªæ„ã®ã‚る既知ã®ã‚¢ãƒ—リã§æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œãªã„よã†ã«ã€ãã®ã‚ˆã†ãªã‚¢ãƒ—リã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã‚’見ã¤ã‘ã¦é˜»æ¢ã—ã¾ã™ã€‚ã“ã†ã—ãŸã‚¢ãƒ—リãŒæ—¢ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é€šçŸ¥ã—ã¦ã€ãã®ã‚¢ãƒ—リã®å‰Šé™¤ã‚’試ã¿ã¾ã™ã€‚ + </li><li> Google ãƒãƒ³ã‚°ã‚¢ã‚¦ãƒˆã‚„メッセンジャーã®ã‚¢ãƒ—リã§ã¯çŠ¶æ³ã‚’判æ–ã—ã€ãƒ¡ãƒ‡ã‚£ã‚¢ サーãƒãƒ¼ãªã©ã®ãƒ—ãƒã‚»ã‚¹ã«è‡ªå‹•çš„ã«ãƒ¡ãƒ‡ã‚£ã‚¢ã‚’渡ã™ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </li></ul> + <h2 id="acknowledgements">è¬è¾ž</h2> -<p>Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€èª¿æŸ»ã«ã”å”力ãã ã•ã£ãŸä¸‹è¨˜ã®çš†æ§˜ã« -æ„Ÿè¬ã„ãŸã—ã¾ã™ï¼ˆæ•¬ç§°ç•¥ï¼‰ã€‚</p> + +<p>Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€èª¿æŸ»ã«ã”å”力ãã ã•ã£ãŸä¸‹è¨˜ã®çš†æ§˜ã«æ„Ÿè¬ã„ãŸã—ã¾ã™ï¼ˆæ•¬ç§°ç•¥ï¼‰ã€‚</p> + <ul> -<li> Google Chrome ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã® Abhishek Aryaã€Oliver Changã€Martin Barbella: + <li> Google Chrome ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã® Abhishek Aryaã€Oliver Changã€Martin Barbella: CVE-2016-0834ã€CVE-2016-0841ã€CVE-2016-0840ã€CVE-2016-0839ã€CVE-2016-0838 </li><li> CENSUS S.A. ã® Anestis Bechtsoudis (<a href="https://twitter.com/anestisb">@anestisb</a>): CVE-2016-0842ã€CVE-2016-0836ã€CVE-2016-0835 </li><li> Google Telecom ãƒãƒ¼ãƒ ã® Brad Ebingerã€Santos Cordon: CVE-2016-0847 - </li><li> ãƒ–ãƒ©ã‚¦ãƒ³ã‚·ãƒ¥ãƒ´ã‚¡ã‚¤ã‚¯å·¥ç§‘å¤§å¦ <a href="https://www.ibr.cs.tu-bs.de">Institute for - Operating Systems and Computer Networks</a> ã® Dominik Schürmann: CVE-2016-2425 - </li><li> Qihoo 360 IceSword Lab ã® - Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)〠- <a href="http://weibo.com/jfpan">pjf</a>ã€Jianqiang Zhao - (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>): CVE-2016-08444 - </li><li> <a href="https://www.epfl.ch">ã‚¹ã‚¤ã‚¹é€£é‚¦å·¥ç§‘å¤§å¦ - ãƒãƒ¼ã‚¶ãƒ³ãƒŒæ ¡</a>ã® <a href="mailto:gpiskas@gmail.com">George Piskas</a>: CVE-2016-2426 - </li><li> <a href="http://www.360.com/">Qihoo 360 Technology Co.Ltd</a> ã® - Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2016-2412ã€CVE-2016-2416 - </li><li> Google Project Zero ã® James Forshaw: CVE-2016-2417ã€CVE-2016-0846 - </li><li> Qihoo 360 IceSword Lab ã® - ianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)〠- <a href="http://weibo.com/jfpan">pjf</a>ã€Gengjia Chen - (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>): CVE-2016-2410ã€CVE-2016-2411 - </li><li> Qihoo 360 IceSword Lab ã® - Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-2409 - </li><li> Vertu Corporation LTD ã® Nancy Wang: CVE-2016-0837 + </li><li> ãƒ–ãƒ©ã‚¦ãƒ³ã‚·ãƒ¥ãƒ´ã‚¡ã‚¤ã‚¯å·¥ç§‘å¤§å¦ <a href="https://www.ibr.cs.tu-bs.de">Institute for Operating Systems and Computer Networks</a> ã® Dominik Schürmann: CVE-2016-2425 + </li><li>Qihoo 360 IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>ã€Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>): CVE-2016-0844</li><li> <a href="https://www.epfl.ch">スイス連邦工科大å¦ãƒãƒ¼ã‚¶ãƒ³ãƒŒæ ¡</a>ã® <a href="mailto:gpiskas@gmail.com">George Piskas</a>: CVE-2016-2426</li><li><a href="http://www.360.com/">Qihoo 360 Technology Co., Ltd.</a> ã® Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2016-2412ã€CVE-2016-2416</li><li> Google Project Zero ã® James Forshaw: CVE-2016-2417ã€CVE-2016-0846 + </li><li>Qihoo 360 IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>ã€Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>): CVE-2016-2410ã€CVE-2016-2411</li><li>Qihoo 360 IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-2409</li><li> Vertu Corporation LTD ã® Nancy Wang: CVE-2016-0837 </li><li> <a href="mailto:nasim@zamir.ca">Nasim Zamir</a>: CVE-2016-2409 </li><li> Qualcomm Product Security Initiative ã® Nico Golde(<a href="https://twitter.com/iamnion">@iamnion</a>): CVE-2016-2420ã€CVE-2016-0849 - </li><li> Trend Micro ã® Peter Pi - (<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-2418ã€CVE-2016-2413ã€CVE-2016-2419 - </li><li> Google æƒ…å ±ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã® Quan Nguyen: CVE-2016-2427 - </li><li> Richard Shupak: CVE-2016-2415 - </li><li> <a href="https://labs.mwrinfosecurity.com/">MWR Labs</a> ã® Romain Trouvé - (<a href="https://twitter.com/bouuntyyy">@bouuntyyy</a>): CVE-2016-0850 - </li><li> Stuart Henderson: CVE-2016-2422 - </li><li> Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã® Vishwath Mohan: CVE-2016-2424 + </li><li>Trend Micro ã® Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-2418ã€CVE-2016-2413ã€CVE-2016-2419</li><li>Richard Shupak: CVE-2016-2415</li><li><a href="https://labs.mwrinfosecurity.com/">MWR Labs</a> ã® Romain Trouvé: CVE-2016-0850</li><li>Stuart Henderson: CVE-2016-2422</li><li> Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã® Vishwath Mohan: CVE-2016-2424 </li><li>Alibaba Inc ã® Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2016-2414 </li><li> Trend Micro Inc. ã® Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>): CVE-2016-0843 - </li><li> インディアナ大å¦ãƒ–ãƒ«ãƒ¼ãƒŸãƒ³ãƒˆãƒ³æ ¡ã® - <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a> 㨠<a href="mailto:xw7@indiana.edu">Xiaofeng Wang</a>〠- 北京大å¦ã® - <a href="mailto:litongxin1991@gmail.com">Tongxin Li</a> 㨠<a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>: CVE-2016-0848 + </li><li> インディアナ大å¦ãƒ–ãƒ«ãƒ¼ãƒŸãƒ³ãƒˆãƒ³æ ¡ã® <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a> 㨠<a href="mailto:xw7@indiana.edu">Xiaofeng Wang</a>ã€åŒ—京大å¦ã® <a href="mailto:litongxin1991@gmail.com">Tongxin Li</a> 㨠<a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>: CVE-2016-0848 </li></ul> -<p>ã¾ãŸã€Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€ -CVE-2015-1805 ã«ã¤ã„㦠-ã”助力ã„ãŸã ã„㟠-<a href="http://c0reteam.org">C0RE Team</a> ãŠã‚ˆã³ <a href="https://www.zimperium.com/">Zimperium</a> ã® -<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>〠-Chiachih Wu -(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang ã®å„æ°ã«ã‚‚æ„Ÿè¬ã„ãŸã—ã¾ã™ã€‚</p> + +<p>ã¾ãŸã€Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€CVE-2015-1805 ã«ã¤ã„ã¦ã”助力ã„ãŸã ã„㟠<a href="http://c0reteam.org">C0RE Team</a> ãŠã‚ˆã³ <a href="https://www.zimperium.com/">Zimperium</a> ã® <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang ã®å„æ°ã«ã‚‚æ„Ÿè¬ã„ãŸã—ã¾ã™ã€‚</p> + <h2 id="security_vulnerability_details">ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°</h2> -<p>以下ã§ã¯ã€ä¸Šè¨˜ã®<a href="#security_vulnerability_summary">ã‚»ã‚ュリティã®è„†å¼±æ€§ã®æ¦‚è¦</a>ã§ä¸€è¦§ã«æŒ™ã’㟠-ãã‚Œãžã‚Œã®é …ç›®ã«ã¤ã„ã¦ã€è©³ã—ã„æƒ…å ±ã‚’ -æä¾›ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã€ãã®é‡å¤§åº¦ã®æ ¹æ‹ を説明ã—ã€CVEã€é–¢é€£ã™ã‚‹ãƒã‚°ã€é‡å¤§åº¦ã€ -影響をå—ã‘ã‚‹ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ -該当ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®æ¬„ã«ã€ãã®å•é¡Œã«å¯¾å‡¦ã—㟠AOSP コミットã¸ã®ãƒªãƒ³ã‚¯ãŒ -ã‚ã‚Šã¾ã™ã€‚1 ã¤ã®ãƒã‚°ã«è¤‡æ•°ã®å¤‰æ›´ãŒé–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«ç•ªå·ã‚’ä»˜åŠ ã—ã¦ã€ -è¿½åŠ ã® AOSP リファレンスã«ãƒªãƒ³ã‚¯ã—ã¦ã„ã¾ã™ã€‚</p> + +<p>パッãƒãƒ¬ãƒ™ãƒ« 2016-04-02 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹ãƒã‚°ã€é‡å¤§åº¦ã€å½±éŸ¿ã‚’å—ã‘ã‚‹ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚該当ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®æ¬„ã«ã€ãã®å•é¡Œã«å¯¾å‡¦ã—㟠AOSP コミットã¸ã®ãƒªãƒ³ã‚¯ãŒã‚ã‚Šã¾ã™ã€‚1 ã¤ã®ãƒã‚°ã«è¤‡æ•°ã®å¤‰æ›´ãŒé–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«ç•ªå·ã‚’ä»˜åŠ ã—ã¦ã€è¿½åŠ ã® AOSP リファレンスã«ãƒªãƒ³ã‚¯ã—ã¦ã„ã¾ã™ã€‚</p> + <h3 id="remote_code_execution_vulnerability_in_dhcpcd">DHCPCD ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> + <p>DHCP(Dynamic Host Configuration Protocol)サービスã«è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚〠攻撃者ãŒãƒ¡ãƒ¢ãƒªç ´æを引ãèµ·ã“ã—ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã«ã¤ãªãŒã‚‹ãŠãれ㌠ã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã¯ã€DHCP クライアントã«ãŠã„ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚DHCP サービスã¯ã€ サードパーティ製アプリãŒé€šå¸¸ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„よã†ãªæ¨©é™ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> ANDROID-15268738</a></td> -<td>é‡å¤§</td> -<td>4.4.4</td> -<td>2014 å¹´ 7 月 30 æ—¥</td> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> + <td>é‡å¤§</td> + <td>4.4.4</td> + <td>2014 å¹´ 7 月 30 æ—¥</td> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> ANDROID-16677003</a></td> -<td>é‡å¤§</td> -<td>4.4.4</td> -<td>2014 å¹´ 7 月 30 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-1503</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> + <td>é‡å¤§</td> + <td>4.4.4</td> + <td>2014 å¹´ 7 月 30 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-1503</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> ANDROID-26461634</a></td> -<td>é‡å¤§</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 4 æ—¥</td> -</tr> -</table> + <td>é‡å¤§</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 4 æ—¥</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_media_codec">メディア コーデックã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> + <p>特別ã«ç´°å·¥ã•ã‚ŒãŸãƒ•ã‚¡ã‚¤ãƒ«ã«ã¤ã„ã¦ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルやデータをメディアサーãƒãƒ¼ã§ 処ç†ã™ã‚‹éš›ã«ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ã§ä½¿ã‚れるメディア コーデックã®è„†å¼±æ€§ã‚’攻撃者ãŒåˆ©ç”¨ã—ã¦ã€ ãƒ¡ãƒ¢ãƒªç ´å£Šã‚„ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚</p> + <p>影響をå—ã‘る機能ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®ä¸æ ¸éƒ¨åˆ†ã¨ã—ã¦æä¾›ã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã§ã€ リモート コンテンツ(特㫠MMS やブラウザã§ã®ãƒ¡ãƒ‡ã‚£ã‚¢å†ç”Ÿï¼‰ã«ã‚ˆã£ã¦ã“ã†ã—ãŸè„†å¼±æ€§ã‚’ 攻撃ã§ãるよã†ã«ã™ã‚‹ã‚¢ãƒ—リãŒè¤‡æ•°ã‚ã‚Šã¾ã™ã€‚</p> + <p>ã“ã®å•é¡Œã¯ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ã®ã‚µãƒ¼ãƒ“スã«ãŠã„ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚メディアサーãƒãƒ¼ã® サービスã¯ã€éŸ³å£°ã‚„å‹•ç”»ã®ã‚¹ãƒˆãƒªãƒ¼ãƒ ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ä»–ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリ㌠通常ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„よã†ãªæ¨©é™ã«ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ã§ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0834</td> -<td>ANDROID-26220548*</td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 16 æ—¥</td> -</tr> -</table> -<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠+ <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0834</td> + <td>ANDROID-26220548*</td> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 16 æ—¥</td> + </tr> +</tbody></table> + +<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新 ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> + <h3 id="remote_code_execution_vulnerability_in_mediaserver">メディアサーãƒãƒ¼ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> + <p>特別ã«ç´°å·¥ã—ãŸãƒ¡ãƒ‡ã‚£ã‚¢ ファイルやデータã®ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ã§ã®å‡¦ç†ä¸ã«ã€ 攻撃者ãŒãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ã®è„†å¼±æ€§ã‚’悪用ã—ã¦ã€ãƒ¡ãƒ¢ãƒªç ´å£Šã‚„リモートコード 実行を行ãˆã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚</p> + <p>影響をå—ã‘る機能ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®ä¸æ ¸éƒ¨åˆ†ã¨ã—ã¦æä¾›ã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã§ã€ リモート コンテンツ(特㫠MMS やブラウザã§ã®ãƒ¡ãƒ‡ã‚£ã‚¢å†ç”Ÿï¼‰ã«ã‚ˆã£ã¦ã“ã†ã—ãŸè„†å¼±æ€§ã‚’ 攻撃ã§ãるよã†ã«ã™ã‚‹ã‚¢ãƒ—リãŒè¤‡æ•°ã‚ã‚Šã¾ã™ã€‚</p> + <p>ã“ã®å•é¡Œã¯ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ã®ã‚µãƒ¼ãƒ“スã«ãŠã„ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚メディアサーãƒãƒ¼ã® サービスã¯ã€éŸ³å£°ã‚„å‹•ç”»ã®ã‚¹ãƒˆãƒªãƒ¼ãƒ ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ä»–ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリ㌠通常ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„よã†ãªæ¨©é™ã«ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ã§ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0835</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0835</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> ANDROID-26070014</a> [<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>] </td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 6 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0836</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 6 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0836</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> ANDROID-25812590</a></td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 19 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0837</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 19 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0837</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> ANDROID-27208621</a></td> -<td>é‡å¤§</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 11 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0838</td> -<td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> + <td>é‡å¤§</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 11 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0838</td> + <td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> ANDROID-26366256</a> [<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> -<td>é‡å¤§</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -<tr> -<td>CVE-2016-0839</td> -<td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> + <td>é‡å¤§</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> + <tr> + <td>CVE-2016-0839</td> + <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> ANDROID-25753245</a></td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -<tr> -<td>CVE-2016-0840</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> + <tr> + <td>CVE-2016-0840</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> ANDROID-26399350</a></td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -<tr> -<td>CVE-2016-0841</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> + <tr> + <td>CVE-2016-0841</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> ANDROID-26040840</a></td> -<td>é‡å¤§</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -</table> + <td>é‡å¤§</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_libstagefright">libstagefright ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> + <p>特別ã«ç´°å·¥ã•ã‚ŒãŸãƒ•ã‚¡ã‚¤ãƒ«ã«ã¤ã„ã¦ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルやデータをメディアサーãƒãƒ¼ã§ 処ç†ã™ã‚‹éš›ã«ã€libstagefright ã®è„†å¼±æ€§ã‚’攻撃者ãŒåˆ©ç”¨ã—ã¦ã€ ãƒ¡ãƒ¢ãƒªç ´å£Šã‚„ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚</p> + <p>影響をå—ã‘る機能ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®ä¸æ ¸éƒ¨åˆ†ã¨ã—ã¦æä¾›ã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã§ã€ リモート コンテンツ(特㫠MMS やブラウザã§ã®ãƒ¡ãƒ‡ã‚£ã‚¢å†ç”Ÿï¼‰ã«ã‚ˆã£ã¦ã“ã†ã—ãŸè„†å¼±æ€§ã‚’ 攻撃ã§ãるよã†ã«ã™ã‚‹ã‚¢ãƒ—リãŒè¤‡æ•°ã‚ã‚Šã¾ã™ã€‚</p> + <p>ã“ã®å•é¡Œã¯ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ã®ã‚µãƒ¼ãƒ“スã«ãŠã„ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚メディアサーãƒãƒ¼ã® サービスã¯ã€éŸ³å£°ã‚„å‹•ç”»ã®ã‚¹ãƒˆãƒªãƒ¼ãƒ ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ä»–ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリ㌠通常ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„よã†ãªæ¨©é™ã«ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ã§ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0842</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0842</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> ANDROID-25818142</a></td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 23 æ—¥</td> -</tr> -</table> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 23 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_kernel">カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>カーãƒãƒ«ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ -カーãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã¯ã€ -ãƒãƒ¼ã‚«ãƒ«ã§ã®ç«¯æœ«ã®æ°¸ç¶šçš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚り〠-オペレーティング システムã®å†æ¶ˆåŽ»ã«ã‚ˆã‚‹ä¿®å¾©ãŒå¿…è¦ã¨ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚〠-é‡å¤§ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã®èª¬æ˜Žã¯ã€<a href="/security/advisory/2016-03-18.html">2016 å¹´ 3 月 18 日㮠Android ã‚»ã‚ュリティ アドãƒã‚¤ã‚¶ãƒª</a>ã‚’ã”覧ãã ã•ã„。</p> +カーãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã®èª¬æ˜Žã¯ã€<a href="/security/advisory/2016-03-18.html">2016 å¹´ 3 月 18 日㮠Android ã‚»ã‚ュリティ アドãƒã‚¤ã‚¶ãƒª</a>ã‚’ã”覧ãã ã•ã„。</p> + <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2015-1805</td> -<td>ANDROID-27275324*</td> -<td>é‡å¤§</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 19 æ—¥</td> -</tr> -</table> -<p>* 次ã®ã‚«ãƒ¼ãƒãƒ« ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã«ã¤ã„ã¦ã€ãã‚Œãžã‚Œ AOSP ã§ãƒ‘ッãƒã‚’入手å¯èƒ½ã§ã™ã€‚ -<a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>〠-<a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a>〠-<a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a></p> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2015-1805</td> + <td>ANDROID-27275324*</td> + <td>é‡å¤§</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 19 æ—¥</td> + </tr> +</tbody></table> +<p>* 次ã®ã‚«ãƒ¼ãƒãƒ« ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã«ã¤ã„ã¦ã€ãã‚Œãžã‚Œ AOSP ã§ãƒ‘ッãƒã‚’入手å¯èƒ½ã§ã™ï¼ˆ<a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>ã€<a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a>ã€<a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a>)。</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module">Qualcomm パフォーマンス モジュールã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>Qualcomm ã® ARM プãƒã‚»ãƒƒã‚µç”¨ãƒ‘フォーマンス イベント マãƒãƒ¼ã‚¸ãƒ£ + +<p>Qualcomm ã® ARM プãƒã‚»ãƒƒã‚µç”¨ãƒ‘フォーマンス イベント マãƒãƒ¼ã‚¸ãƒ£ コンãƒãƒ¼ãƒãƒ³ãƒˆã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚Šã€ã‚«ãƒ¼ãƒãƒ«å†…ã§æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リ㌠-å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã¯ã€ -ãƒãƒ¼ã‚«ãƒ«ã§ã®ç«¯æœ«ã®æ°¸ç¶šçš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システム㮠-å†æ¶ˆåŽ»ã«ã‚ˆã‚‹ä¿®å¾©ãŒå¿…è¦ã¨ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€é‡å¤§ã¨ -見ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0843</td> -<td>ANDROID-25801197*</td> -<td>é‡å¤§</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 19 æ—¥</td> -</tr> -</table> -<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠+ <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0843</td> + <td>ANDROID-25801197*</td> + <td>é‡å¤§</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 19 æ—¥</td> + </tr> +</tbody></table> + +<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新 ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> + <h3 id="elevation_of_privilege_in_qualcomm_rf_component">Qualcomm RF コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Qualcomm RF ドライãƒã«è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Š カーãƒãƒ«ã«ãŠã„ã¦å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãれ㌠-ã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã¯ã€ãƒãƒ¼ã‚«ãƒ«ã§ã®ç«¯æœ«ã®æ°¸ç¶šçš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚り〠-オペレーティング システムã®å†æ¶ˆåŽ»ã«ã‚ˆã‚‹ä¿®å¾©ãŒå¿…è¦ã¨ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚〠-é‡å¤§ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +ã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> + <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0844</td> -<td>ANDROID-26324307*</td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> -<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ã€AOSP ã§ã¯ãªã -<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa"> -Linux アップストリームã«ã‚ã‚Šã¾ã™</a>。</p> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0844</td> + <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/57531cacb40682be4b1189c721fd1e7f25bf3786"> + ANDROID-26324307</a>*</td> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> +<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹è¿½åŠ パッãƒã¯ã€<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa">Linux アップストリーム</a>ã«ã‚ã‚Šã¾ã™ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_kernel12">カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>一般的ãªã‚«ãƒ¼ãƒãƒ«ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ -カーãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã¯ã€ -ãƒãƒ¼ã‚«ãƒ«ã§ã®ç«¯æœ«ã®æ°¸ç¶šçš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚り〠-オペレーティング システムã®å†æ¶ˆåŽ»ã«ã‚ˆã‚‹ä¿®å¾©ãŒå¿…è¦ã¨ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚〠-é‡å¤§ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +カーãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>Severity</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2014-9322</td> -<td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>Severity</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2014-9322</td> + <td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> [<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>] - [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br/> + [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br /> [<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>] [<a href="https://android.googlesource.com/kernel/common/+/44d057a37868a60bc2eb6e7d1dcea701f234d56a">5</a>] [<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>] @@ -580,143 +364,138 @@ Linux アップストリームã«ã‚ã‚Šã¾ã™</a>。</p> [<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>] [<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>] [<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> -<td>é‡å¤§</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> + <td>é‡å¤§</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_imemory_native_interface"> IMemory ãƒã‚¤ãƒ†ã‚£ãƒ– インターフェースã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>IMemory ãƒã‚¤ãƒ†ã‚£ãƒ– インターフェースã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚〠悪æ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã€æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリã«ãŠã„㦠-å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ -アクセスãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> æ¨©é™ -ãªã©ã¸ã®æ˜‡æ ¼ã« -ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ãŒ -利用ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0846</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0846</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> ANDROID-26877992</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_telecom_component"> 通信コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>通信コンãƒãƒ¼ãƒãƒ³ãƒˆã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒé›»è©±ã®ç€ä¿¡ã‚’ -ä»»æ„ã®ç•ªå·ã‹ã‚‰ã®ã‚‚ã®ã§ã‚るよã†ã«è¦‹ã›ã‹ã‘ã‚‹ã“ã¨ãŒå¯èƒ½ã¨ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã« -ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã« -ã“ã®ã‚ˆã†ãª -脆弱性ãŒåˆ©ç”¨ã•ã‚Œã‚‹ -ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +ä»»æ„ã®ç•ªå·ã‹ã‚‰ã®ã‚‚ã®ã§ã‚るよã†ã«è¦‹ã›ã‹ã‘ã‚‹ã“ã¨ãŒå¯èƒ½ã¨ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>Severity</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0847</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>Severity</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0847</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> ANDROID-26864502</a> [<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>] </td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_download_manager"> ダウンãƒãƒ¼ãƒ‰ マãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>ダウンãƒãƒ¼ãƒ‰ マãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒãƒ—ライベート ストレージ内㮠-ファイルã«ä¸æ£ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ -サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã« -ã“ã®ã‚ˆã†ãª -脆弱性ãŒåˆ©ç”¨ã•ã‚Œã‚‹ -ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +ファイルã«ä¸æ£ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> + <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0848</td> -<td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0848</td> + <td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> ANDROID-26211054</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 14 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 14 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_recovery_procedure"> リカãƒãƒª プãƒã‚·ãƒ¼ã‚¸ãƒ£ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>リカãƒãƒª プãƒã‚·ãƒ¼ã‚¸ãƒ£ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã€ æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリã«ãŠã„ã¦å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒ -å¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒ -ä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã« -ã“ã®ã‚ˆã†ãª -脆弱性ãŒåˆ©ç”¨ã•ã‚Œã‚‹ -ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +å¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0849</td> -<td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0849</td> + <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> ANDROID-26960931</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 3 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 3 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_bluetooth"> Bluetooth ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Bluetooth ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æœ€åˆã®ãƒšã‚¢è¨å®šã®éš›ã« ä¿¡é ¼ã§ããªã„デãƒã‚¤ã‚¹ã¨ç«¯æœ«ã®ãƒšã‚¢è¨å®šãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã€ インターãƒãƒƒãƒˆæŽ¥ç¶šãªã©ã€ç«¯æœ«ã®ãƒªã‚½ãƒ¼ã‚¹ã®ä¸æ£ãªã‚¢ã‚¯ã‚»ã‚¹ã«ã¤ãªãŒã‚‹ å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ä¿¡é ¼ã§ããªã„デãƒã‚¤ã‚¹ã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ 権é™ã¸ã®æ˜‡æ ¼ã«ã“ã†ã—ãŸè„†å¼±æ€§ãŒåˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-0850</td> -<td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-0850</td> + <td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> ANDROID-26551752</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 13 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 13 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_texas_instruments_haptic_driver"> Texas Instruments ãƒãƒ—ティクス ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Texas Instruments ã®ãƒãƒ—ティクス カーãƒãƒ« ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚〠悪æ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã‚«ãƒ¼ãƒãƒ«ã«ãŠã„ã¦å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒ å¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚通常ã€ã“ã®ã‚ˆã†ãªã‚«ãƒ¼ãƒãƒ«ã§ã® @@ -724,26 +503,28 @@ Texas Instruments ãƒãƒ—ティクス ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§< 呼ã³å‡ºã™ã“ã¨ã®ã§ãるサービスã¸ã®æ”»æ’ƒãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨ ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2409</td> -<td>ANDROID-25981545*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> -<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠+ <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2409</td> + <td>ANDROID-25981545*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> +<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新 ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_kernel_driver"> Qualcomm 動画用カーãƒãƒ« ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Qualcomm ã®å‹•ç”»ç”¨ã‚«ãƒ¼ãƒãƒ« ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚〠悪æ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã‚«ãƒ¼ãƒãƒ«ã«ãŠã„ã¦å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒ å¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚通常ã€ã‚«ãƒ¼ãƒãƒ«ã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã® @@ -751,26 +532,28 @@ Qualcomm 動画用カーãƒãƒ« ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> 呼ã³å‡ºã™ã“ã¨ã®ã§ãるサービスã¸ã®æ”»æ’ƒãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨ ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2410</td> -<td>ANDROID-26291677*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 21 æ—¥</td> -</tr> -</table> -<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠+ <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2410</td> + <td>ANDROID-26291677*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 21 æ—¥</td> + </tr> +</tbody></table> +<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新 ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_power_management_component"> Qualcomm é›»æºç®¡ç†ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Qualcomm ã®é›»æºç®¡ç†ç”¨ã‚«ãƒ¼ãƒãƒ« ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚〠悪æ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã‚«ãƒ¼ãƒãƒ«ã«ãŠã„ã¦å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒ å¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚通常ã€ã“ã®ã‚ˆã†ãªã‚«ãƒ¼ãƒãƒ«ã§ã® @@ -778,384 +561,378 @@ Qualcomm é›»æºç®¡ç†ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> 端末ã¸ã®æ”»æ’ƒã¨ãƒ«ãƒ¼ãƒˆæ¨©é™ã¸ã®æ˜‡æ ¼ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨ ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2411</td> -<td>ANDROID-26866053*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 28 æ—¥</td> -</tr> -</table> -<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠+ <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2411</td> + <td>ANDROID-26866053*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 28 æ—¥</td> + </tr> +</tbody></table> +<p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新 ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_system_server"> System_server ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>System_server ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã€æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリã«ãŠã„ã¦å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã® -実行ãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒ -ä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ãŒåˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +実行ãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2412</td> -<td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2412</td> + <td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> ANDROID-26593930</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 15 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 15 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> メディアサーãƒãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>メディアサーãƒãƒ¼ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚Šã€æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリ内㧠悪æ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒå‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãれ㌠-ã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã« -ã“ã®ã‚ˆã†ãª -脆弱性ãŒåˆ©ç”¨ã•ã‚Œã‚‹ -ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +ã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2413</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2413</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> ANDROID-26403627</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 5 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 5 æ—¥</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_vulnerability_in_minikin">Minikin ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> + <p>Minikin ライブラリã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ãƒãƒ¼ã‚«ãƒ«ã®æ”»æ’ƒè€…ãŒæ”»æ’ƒå¯¾è±¡ã® 端末ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’一時的ã«ãƒ–ãƒãƒƒã‚¯ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚攻撃者ã«ã‚ˆã£ã¦ã€ ä¿¡é ¼ã§ããªã„フォントãŒèªã¿è¾¼ã¾ã‚Œã¦ Minikin コンãƒãƒ¼ãƒãƒ³ãƒˆå†…ã§ã‚ªãƒ¼ãƒãƒ¼ãƒ•ãƒãƒ¼ãŒç™ºç”Ÿã—〠クラッシュã«ã¤ãªãŒã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ“ス拒å¦ãŒå†èµ·å‹•ã®é€£ç¶šãƒ«ãƒ¼ãƒ—ã« ã¤ãªãŒã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>Severity</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2414</td> -<td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>Severity</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2414</td> + <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> ANDROID-26413177</a> [<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>] </td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 3 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 3 æ—¥</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_exchange_activesync"> Exchange ActiveSync ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> + <p>Exchange ActiveSync ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒãƒ¦ãƒ¼ã‚¶ãƒ¼ã®å€‹äººæƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ä¿è·ã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒªãƒ¢ãƒ¼ãƒˆ アクセスãŒå¯èƒ½ã¨ãªã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨ 見ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2415</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2415</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> ANDROID-26488455</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 11 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 11 æ—¥</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_mediaserver">メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> + <p>メディアサーãƒãƒ¼ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ã«ã‚ˆã‚‹ãƒ—ラットフォームã®æ‚ªç”¨ã‚’ 防ãã“ã¨ã‚’目的ã¨ã—ãŸã‚»ã‚ュリティ対ç–ãŒå›žé¿ã§ãるよã†ã«ãªã‚‹ãŠãれ㌠-ã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã« -ã“ã®ã‚ˆã†ãª -脆弱性ãŒåˆ©ç”¨ã•ã‚Œã‚‹ -ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œé«˜ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +ã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2416</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2416</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> ANDROID-27046057</a> [<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>] </td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 5 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2417</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 5 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2417</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> ANDROID-26914474</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 1 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2418</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 1 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2418</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> ANDROID-26324358</a></td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 24 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2419</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 24 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2419</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> ANDROID-26323455</a></td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 24 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 24 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_debuggerd_component"> Debuggerd コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Debuggerd コンãƒãƒ¼ãƒãƒ³ãƒˆã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒå‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã—ã¦ç«¯æœ«ã®æ°¸ç¶šçš„ãªä¾µå®³ã« -ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãã®çµæžœã€ç«¯æœ«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ã«ã‚ˆã‚‹ -修復ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚通常ã€ã“ã®ã‚ˆã†ãªã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã® +ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãã®çµæžœã€ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ã«ã‚ˆã‚‹ç«¯æœ«ã®ä¿®å¾©ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚通常ã€ã“ã®ã‚ˆã†ãªã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã® ãƒã‚°ã¯é‡å¤§ã¨è¦‹ãªã•ã‚Œã¾ã™ãŒã€ã“ã®è„†å¼±æ€§ã«é–¢ã—ã¦ã¯ Android ãƒãƒ¼ã‚¸ãƒ§ãƒ³ 4.4.4 ã§ã®ã¿ システムã‹ã‚‰ãƒ«ãƒ¼ãƒˆã¸ã®æ¨©é™æ˜‡æ ¼ãŒå¯èƒ½ã§ã‚ã‚‹ãŸã‚ã€é‡è¦åº¦ã¯ 「ä¸ã€ã¨ã•ã‚Œã¦ã„ã¾ã™ã€‚Android ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒ 5.0 以上ã®å ´åˆã¯ã€SELinux ã®ãƒ«ãƒ¼ãƒ«ã«ã‚ˆã‚Šã€ ã“ã†ã—ãŸæ”»æ’ƒå¯¾è±¡ã®ã‚³ãƒ¼ãƒ‰ã¸ã®ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã®ã‚¢ã‚¯ã‚»ã‚¹ãŒé˜»æ¢ã•ã‚Œã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>Severity</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2420</td> -<td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>Severity</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2420</td> + <td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> ANDROID-26403620</a> [<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>] </td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 5 æ—¥</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 5 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard"> セットアップ ウィザードã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>セットアップ ウィザードã«è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒå‡ºè·æ™‚è¨å®šã¸ã®ãƒªã‚»ãƒƒãƒˆä¿è·ã‚’ 回é¿ã—ã¦ç«¯æœ«ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ã‚’利用ã™ã‚Œã°ç«¯æœ«ã«å®Ÿéš›ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦å‡ºè·æ™‚è¨å®šã¸ã®ãƒªã‚»ãƒƒãƒˆä¿è·ã‚’ 回é¿ã§ãã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã€æ”»æ’ƒè€…ãŒç«¯æœ«ã‚’リセットã—ã¦ãƒ‡ãƒ¼ã‚¿ã‚’ã™ã¹ã¦æ¶ˆåŽ»ã§ãã‚‹ よã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œä¸ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2421</td> -<td>ANDROID-26154410*</td> -<td>ä¸</td> -<td>5.1.1ã€6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2421</td> + <td>ANDROID-26154410*</td> + <td>ä¸</td> + <td>5.1.1ã€6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> +</tbody></table> + <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰ 入手ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã« å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> + <h3 id="elevation_of_privilege_in_wi-fi">Wi-Fi ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Wi-Fi ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã€ æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリã«ãŠã„ã¦å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãれ㌠-ã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã® -æ˜‡æ ¼ã« -ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ãŒ -利用ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œä¸ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +ã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2422</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2422</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> ANDROID-26324357</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 23 æ—¥</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 23 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_telephony">Telephony ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> + <p>Telephony ã«è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒå‡ºè·æ™‚è¨å®šã¸ã®ãƒªã‚»ãƒƒãƒˆä¿è·ã‚’回é¿ã—㦠端末ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ã‚’ 利用ã™ã‚Œã°ç«¯æœ«ã«å®Ÿéš›ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦å‡ºè·æ™‚è¨å®šã¸ã®ãƒªã‚»ãƒƒãƒˆä¿è·ã‚’回é¿ã§ãã‚‹ å¯èƒ½æ€§ãŒã‚ã‚Šã€æ”»æ’ƒè€…ãŒç«¯æœ«ã‚’リセットã—ã¦ãƒ‡ãƒ¼ã‚¿ã‚’ã™ã¹ã¦æ¶ˆåŽ»ã§ãるよã†ã«ãªã‚‹ ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œä¸ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2423</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2423</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> ANDROID-26303187</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_in_syncstorageengine">SyncStorageEngine ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> + <p>SyncStorageEngine ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ å†èµ·å‹•ãƒ«ãƒ¼ãƒ—ãŒå¼•ãèµ·ã“ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ã‚’利用ã—㦠ãƒãƒ¼ã‚«ãƒ«ã§ä¸€æ™‚çš„ãªã‚µãƒ¼ãƒ“ス拒å¦ãŒå¼•ãèµ·ã“ã•ã‚Œã€åˆæœŸçŠ¶æ…‹ã¸ã®ãƒªã‚»ãƒƒãƒˆã«ã‚ˆã‚‹ä¿®å¾©ãŒå¿…è¦ã¨ãªã‚‹ ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œä¸ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2424</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2424</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> ANDROID-26513719</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 社内</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_aosp_mail">AOSP メールã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> + <p>AOSP メールã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リ㌠ユーザーã®å€‹äººæƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã® å•é¡Œã«ã¤ã„ã¦ã¯ã€ã“ã†ã—ãŸè„†å¼±æ€§ã‚’利用ã—ã¦ã€Œdangerousã€æ¨©é™ã®ä¸æ£ãªå–å¾—ãŒå¯èƒ½ã«ãªã‚‹ ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œä¸ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> ANDROID-26989185</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td>ANDROID-7154234*</td> -<td>ä¸</td> -<td>5.0.2</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td>ANDROID-7154234*</td> + <td>ä¸</td> + <td>5.0.2</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> +</tbody></table> + <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯ AOSP ã«ã¯ã‚ã‚Šã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰ 入手ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã« å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> + <h3 id="information_disclosure_vulnerability_in_framework">フレームワークã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> + <p>フレームワーク コンãƒãƒ¼ãƒãƒ³ãƒˆã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ã‚¢ãƒ—ãƒªãŒ æ©Ÿå¯†æƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã“ã†ã—ãŸè„†å¼±æ€§ã‚’ 利用ã—ã¦è¨±å¯ãªãä¸æ£ã«ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã“ã¨ãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚〠é‡å¤§åº¦ãŒã€Œä¸ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>é‡å¤§åº¦</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2426</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> + <tbody><tr> + <th>CVE</th> + <th>ãƒã‚°ã¨ AOSP リンク</th> + <th>é‡å¤§åº¦</th> + <th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> + <th>å ±å‘Šæ—¥</th> + </tr> + <tr> + <td>CVE-2016-2426</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> ANDROID-26094635</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 8 æ—¥</td> -</tr> -</table> -<h3 id="information_disclosure_vulnerability_in_bouncycastle">BouncyCastle ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> -<p>BouncyCastle ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€èªè¨¼ã‚ー㌠-æ¼ãˆã„ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã“ã†ã—ãŸè„†å¼±æ€§ã‚’利用ã—㦠-端末ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚ŒãŸã‚¢ãƒ—リã«ã‚ˆã‚Šè¨±å¯ãªã dangerous レベルã®ãƒ‡ãƒ¼ã‚¿ã‚„権é™ã®å–得㌠-å¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ãŒã€Œä¸ã€ã¨è¦‹ãªã•ã‚Œã¦ã„ã¾ã™ã€‚</p> -<table> -<tr> -<th>CVE</th> -<th>ãƒã‚°ã¨ AOSP リンク</th> -<th>Severity</th> -<th>æ›´æ–°ã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³</th> -<th>å ±å‘Šæ—¥</th> -</tr> -<tr> -<td>CVE-2016-2427</td> -<td><a href="https://android.googlesource.com/platform/libcore/+/efd369d996fd38c50a50ea0de8f20507253cb6de"> - ANDROID-26234568</a> - [<a href="https://android.googlesource.com/platform/external/bouncycastle/+/b3bddea0f33c0459293c6419569ad151b4a7b44b">2</a>] - </td> -<td>ä¸</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 社内</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 8 æ—¥</td> + </tr> +</tbody></table> + <h2 id="common_questions_and_answers">一般的ãªè³ªå•ã¨å›žç”</h2> + <p>上記ã®å…¬é–‹æƒ…å ±ã«å¯¾ã™ã‚‹ä¸€èˆ¬çš„ãªè³ªå•ã¨ãã®å›žç”ã«ã¤ã„ã¦ã€ä»¥ä¸‹ã§èª¬æ˜Žã—ã¾ã™ã€‚</p> -<p><strong>1. 使用ã—ã¦ã„る端末ãŒä¸Šè¨˜ã®å•é¡Œã«å¯¾å‡¦ã§ãるよã†æ›´æ–°æ¸ˆã¿ã‹ã©ã†ã‹ã‚’確èªã™ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> + +<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’確ã‹ã‚ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> + <p>上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚¢ãƒƒãƒ—デートã¯ã€ã‚»ã‚ュリティ パッムレベル㌠2016 å¹´ 4 月 2 日以é™ã® ã‚‚ã®ã§ã™ï¼ˆã‚»ã‚ュリティ パッムレベルを 確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/nexus/answer/4457705">Nexus ã®ãƒ‰ã‚ュメント</a>ã‚’ã”覧ãã ã•ã„)。ã“れらã®ã‚¢ãƒƒãƒ—デートを 組ã¿è¾¼ã‚€ç«¯æœ«ãƒ¡ãƒ¼ã‚«ãƒ¼ã¯ã€ãƒ‘ッãƒæ–‡å—列ã®ãƒ¬ãƒ™ãƒ«ã‚’ [ro.build.version.security_patch]:[2016-04-02] ã« è¨å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</p> + <p><strong>2. ã“ã®ã‚»ã‚ュリティ パッムレベル㌠2016 å¹´ 4 月 2 æ—¥ã§ã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> + <p>通常ã€æœˆä¾‹ã®ã‚»ã‚ュリティ アップデートã®ã‚»ã‚ュリティ パッムレベルã¯ã€æ¯Žæœˆ 1 日㫠è¨å®šã•ã‚Œã¾ã™ã€‚4 月ã®å ´åˆã€2016 å¹´ 4 月 1 æ—¥ã®ã‚»ã‚ュリティ パッムレベルã¯ã€ ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã•ã‚ŒãŸå•é¡Œã®ã†ã¡ CVE-2015-1805(<a href="/security/advisory/2016-03-18.html">2016 å¹´ 3 月 18 日㮠Android ã‚»ã‚ュリティ アドãƒã‚¤ã‚¶ãƒª</a>㧠@@ -1164,11 +941,15 @@ Debuggerd コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> å•é¡ŒãŒ CVE-2015-1805(<a href="/security/advisory/2016-03-18.html">2016 å¹´ 3 月 18 日㮠Android ã‚»ã‚ュリティ アドãƒã‚¤ã‚¶ãƒª</a>㧠説明)もå«ã‚ã¦ã™ã¹ã¦å¯¾å‡¦æ¸ˆã¿ã§ã‚ã‚‹ ã“ã¨ã‚’示ã—ã¾ã™ã€‚</p> + <h2 id="revisions">改訂</h2> + <ul> -<li> 2016 å¹´ 4 月 4 æ—¥: æƒ…å ±å…¬é–‹ - </li><li> 2016 å¹´ 4 月 6 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ + <li> 2016 å¹´ 4 月 4 æ—¥: æƒ…å ±å…¬é–‹ + </li><li>2016 å¹´ 4 月 6 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ + </li><li>2016 å¹´ 4 月 7 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ + </li><li>2016 å¹´ 7 月 11 æ—¥: CVE-2016-2427 ã®èª¬æ˜Žã‚’æ›´æ–° + </li><li>2016 å¹´ 8 月 1 æ—¥: CVE-2016-2427 ã®èª¬æ˜Žã‚’æ›´æ–°</li><li>2016 å¹´ 12 月 19 æ—¥: å…ƒã«æˆ»ã•ã‚ŒãŸ CVE-2016-2427 を削除 </li></ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ja/security/bulletin/2016-07-01.html b/ja/security/bulletin/2016-07-01.html index 635e81cc..a11fb7c0 100644 --- a/ja/security/bulletin/2016-07-01.html +++ b/ja/security/bulletin/2016-07-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ± - 2016 å¹´ 7 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,388 +20,23 @@ limitations under the License. --> - - <p><em>2016 å¹´ 7 月 6 日公開 | 2016 å¹´ 7 月 14 日更新</em></p> <p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Nexus 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Nexus ファームウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¦ã„ã¾ã™ã€‚2016 å¹´ 7 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã—ã¦ã„ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ã‚»ã‚ュリティ パッムレベルã®ç¢ºèªæ–¹æ³•ã«ã¤ã„ã¦ã¯ã€ã“ã¡ã‚‰ã®<a href="https://support.google.com/nexus/answer/4457705#nexus_devices">ドã‚ュメント</a>ã‚’ã”覧ãã ã•ã„。</p> <p> パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2016 å¹´ 6 月 6 æ—¥ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚該当ã™ã‚‹å ´åˆã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã¯ã€Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)レãƒã‚¸ãƒˆãƒªã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®å…¬é–‹æƒ…å ±ã«ã¯ AOSP 以外ã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã‚‚掲載ã—ã¦ã„ã¾ã™ã€‚</p> -<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚</p> -<p>ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="リスクã®è»½æ¸›">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã¯ã€Android プラットフォームã®ã‚»ã‚ュリティを改善ã—ã¾ã™ã€‚</p> +<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã¾ãŸã¯ä¸æ£ãªå›žé¿ã«ã‚ˆã‚Šç„¡åŠ¹ã¨ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> +<p>ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="#mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã«ã‚ˆã‚Šã€Android プラットフォームã®ã‚»ã‚ュリティãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚</p> <p>ã”利用ã®ç«¯æœ«ã§ä¸Šè¨˜ã®æ›´æ–°ã‚’è¡Œã†ã“ã¨ã‚’ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ãŠã™ã™ã‚ã—ã¾ã™ã€‚</p> <h2 id="announcements">ãŠçŸ¥ã‚‰ã›</h2> <ul> <li>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’ Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã€2 ã¤ã®ã‚»ã‚ュリティ パッムレベル文å—列を定義ã—ã¦ã„ã¾ã™ã€‚詳ã—ãã¯ã€<a href="#common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</a>ã‚’ã”覧ãã ã•ã„。<ul> <li><strong>2016-07-01</strong>: 部分的ã«å¯¾å¿œã—ãŸã‚»ã‚ュリティ パッムレベル文å—列。ã“ã®ã‚»ã‚ュリティ パッムレベル文å—列ã¯ã€2016-07-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚ - <li><strong>2016-07-05</strong>: 完全ã«å¯¾å¿œã—ãŸã‚»ã‚ュリティ パッムレベル文å—列。ã“ã®ã‚»ã‚ュリティ パッムレベル文å—列ã¯ã€2016-07-01 㨠2016-07-05 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚</li> - </li></ul> + </li><li><strong>2016-07-05</strong>: 完全ã«å¯¾å¿œã—ãŸã‚»ã‚ュリティ パッムレベル文å—列。ã“ã®ã‚»ã‚ュリティ パッムレベル文å—列ã¯ã€2016-07-01 㨠2016-07-05 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚</li> + </ul> </li> <li>サãƒãƒ¼ãƒˆã•ã‚Œã‚‹ Nexus 端末ã«ã¯ã€2016 å¹´ 7 月 5 æ—¥ã®ã‚»ã‚ュリティ パッムレベルã®ã‚¢ãƒƒãƒ—デート 1 件を OTA ã§é…ä¿¡ã—ã¾ã™ã€‚</li> </ul> -<h2 id="security_vulnerability_summary">ã‚»ã‚ュリティã®è„†å¼±æ€§ã®æ¦‚è¦</h2> -<p>下記ã®è¡¨ã«ã€ã‚»ã‚ュリティã®è„†å¼±æ€§ã€å…±é€šè„†å¼±æ€§è˜åˆ¥å(CVE)ã€ãã®é‡å¤§åº¦ã®è©•ä¾¡ã€Nexus 端末ã¸ã®å½±éŸ¿ãŒã‚ã‚‹ã‹ã©ã†ã‹ã®ä¸€è¦§ã‚’示ã—ã¾ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒã‚’å—ã‘ãŸç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒã€é–‹ç™ºç›®çš„ã‚„ä¸æ£ã«å›žé¿ã•ã‚ŒãŸãŸã‚ã«ç„¡åŠ¹ã«ã•ã‚ŒãŸå ´åˆã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> - -<h3 id="2016-07-01_summary">ã‚»ã‚ュリティ パッムレベル 2016-07-01 ã®è„†å¼±æ€§ã®æ¦‚è¦</h3> -<p> -ã‚»ã‚ュリティ パッムレベル 2016-07-01 以é™ã§ã¯ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>é‡å¤§åº¦</th> - <th>Nexus ã¸ã®å½±éŸ¿</th> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2016-2506ã€CVE-2016-2505ã€CVE-2016-2507ã€CVE-2016-2508〠- CVE-2016-3741ã€CVE-2016-3742ã€CVE-2016-3743</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>OpenSSL 㨠BoringSSL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2016-2108</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Bluetooth ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2016-3744</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>libpng ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3751</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3745ã€CVE-2016-3746ã€CVE-2016-3747</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>ソケットã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3748</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>LockSettingsService ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3749</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>フレームワーク API ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3750</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>ChooserTarget サービスã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3752</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-3753</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>OpenSSL ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-2107</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-3754ã€CVE-2016-3755ã€CVE-2016-3756</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>libc ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-3818</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>lsof ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3757</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>DexClassLoader ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3758</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>フレームワーク API ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3759</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Bluetooth ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3760</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3761</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>ソケットã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-3762</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>プãƒã‚ã‚·ã®è‡ªå‹•è¨å®šã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-3763</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-3764ã€CVE-2016-3765</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-3766</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> -</table> -<p>* サãƒãƒ¼ãƒˆã•ã‚Œã‚‹ Nexus 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ã«ã‚ˆã‚‹å½±éŸ¿ã‚’å—ã‘ã¾ã›ã‚“。</p> - - -<h3 id="2016-07-05_summary">ã‚»ã‚ュリティ パッムレベル 2016-07-05 ã®è„†å¼±æ€§ã®æ¦‚è¦</h3> -<p> -ã‚»ã‚ュリティ パッムレベル 2016-07-05 以é™ã§ã¯ã€2016-07-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«åŠ ãˆã¦ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>é‡å¤§åº¦</th> - <th>Nexus ã¸ã®å½±éŸ¿</th> - </tr> - <tr> - <td>Qualcomm GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-2503ã€CVE-2016-2067</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3767</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm パフォーマンス コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3768</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3769</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ファイル システムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3775</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>USB ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2015-8816</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2014-9794ã€CVE-2014-9795ã€CVE-2015-8892ã€CVE-2013-7457ã€CVE-2014-9781ã€CVE-2014-9786ã€CVE-2014-9788ã€CVE-2014-9779ã€CVE-2014-9780ã€CVE-2014-9789ã€CVE-2014-9793ã€CVE-2014-9782ã€CVE-2014-9783ã€CVE-2014-9785ã€CVE-2014-9787ã€CVE-2014-9784ã€CVE-2014-9777ã€CVE-2014-9778ã€CVE-2014-9790ã€CVE-2014-9792ã€CVE-2014-9797ã€CVE-2014-9791ã€CVE-2014-9796ã€CVE-2014-9800ã€CVE-2014-9799ã€CVE-2014-9801ã€CVE-2014-9802ã€CVE-2015-8891ã€CVE-2015-8888ã€CVE-2015-8889ã€CVE-2015-8890</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm USB ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-2502</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3792</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-2501</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3793</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek é›»æºãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3795ã€CVE-2016-3796</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3797</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ センサー ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3798</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3799ã€CVE-2016-3800</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek GPS ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3801</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ファイル システムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3802ã€CVE-2016-3803</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek é›»æºç®¡ç†ãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3804ã€CVE-2016-3805</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ディスプレイ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3806</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>シリアル周辺機器用インターフェース ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3807ã€CVE-2016-3808</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm サウンド ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-2068</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2014-9803</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3809</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek Wi-Fi ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3810</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3811</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ビデオ コーデック ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3812</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm USB ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3813</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3814ã€CVE-2016-3815</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ディスプレイ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-3816</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« テレタイプ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-0723</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2014-9798ã€CVE-2015-8893</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> -</table> <h2 id="mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</h2> <p>ã“ã“ã§ã¯ã€<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>㨠SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã®è»½æ¸›ã«ã¤ã„ã¦æ¦‚説ã—ã¾ã™ã€‚ã“ã†ã—ãŸæ©Ÿèƒ½ã¯ã€Android ã§ã‚»ã‚ュリティã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’減らã—ã¾ã™ã€‚</p> @@ -415,11 +49,11 @@ <h2 id="acknowledgements">è¬è¾ž</h2> <p>調査ã«é–¢ä¸Žã•ã‚ŒãŸä¸‹è¨˜ã®çš†æ§˜ã®ã”å”力ã«æ„Ÿè¬ã„ãŸã—ã¾ã™ã€‚</p> <ul> - <li>Google Chrome ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã® Abhishek Aryaã€Oliver Changã€Martin Barbella: CVE-2016-3756ã€CVE-2016-3741ã€CVE-2016-3743ã€CVE-2016-3742<li>Check Point Software Technologies Ltd. ã® Adam Donenfeld ä»–: CVE-2016-2503<li>Google ã® Adam Powell: CVE-2016-3752<li>Context Information Security ã® Alex Chapman ãŠã‚ˆã³ Paul Stone: CVE-2016-3763<li><a href="https://www.e2e-assure.com/">e2e-assure</a> ã® Andy Tyler(<a href="https://twitter.com/ticarpi">@ticarpi</a>): CVE-2016-2457<li>Google Project Zero ã® Ben Hawkes: CVE-2016-3775<li><a href="http://c0reteam.org">C0RE ãƒãƒ¼ãƒ </a>ã® Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Yuan-Tsung Lo(<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>)ã€Xuxian Jiang: CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774<li>Google ã® Christopher Tate: CVE-2016-3759<li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-3762<li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) ãŠã‚ˆã³ pjf(<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>): CVE-2016-3806ã€CVE-2016-3816ã€CVE-2016-3805ã€CVE-2016-3804ã€CVE-2016-3767ã€CVE-2016-3810ã€CVE-2016-3795ã€CVE-2016-3796<li>Google Android ãƒãƒ¼ãƒ ã® Greg Kaiser: CVE-2016-3758<li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. ã®ãƒ¢ãƒã‚¤ãƒ«å®‰å…¨ãƒãƒ¼ãƒ ã® Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2016-3764<li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. ã®ãƒ¢ãƒã‚¤ãƒ«å®‰å…¨ãƒãƒ¼ãƒ ã® Hao Chen ãŠã‚ˆã³ Guang Gong: CVE-2016-3792ã€CVE-2016-3768<li><a href="http://www.cmcm.com">Cheetah Mobile</a> Security Research Lab ã® Hao Qin: CVE-2016-3754ã€CVE-2016-3766<li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ãŠã‚ˆã³ pjf(<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>): CVE-2016-3814ã€CVE-2016-3802ã€CVE-2016-3769ã€CVE-2016-3807ã€CVE-2016-3808<li>Google ã® Marco Nelissen: CVE-2016-3818<li>Google Project Zero ã® Mark Brand: CVE-2016-3757<li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>: CVE-2016-3750<li><a href="http://c0reteam.org">C0RE ãƒãƒ¼ãƒ </a>ã® Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang: CVE-2016-3747ã€CVE-2016-3746ã€CVE-2016-3765<li>Alibaba モãƒã‚¤ãƒ« ã‚»ã‚ュリティ グループ㮠Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yangã€Yang Ssong: CVE-2016-3800ã€CVE-2016-3799ã€CVE-2016-3801ã€CVE-2016-3812ã€CVE-2016-3798<li>Trend Micro ã® Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-3793<li>Google ã® Ricky Wai: CVE-2016-3749<li>Roeland Krak: CVE-2016-3753<li>Scott Bauer(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-3797ã€CVE-2016-3813ã€CVE-2016-3815ã€CVE-2016-2501ã€CVE-2016-2502<li>Vasily Vasilev: CVE-2016-2507<li>Alibaba Inc. ã® Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2016-2508ã€CVE-2016-3755<li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Wen Niu(<a href="https://twitter.com/NWMonster">@NWMonster</a>): CVE-2016-3809<li>Tencent Security Platform Department ã® Xiling Gong: CVE-2016-3745<li>Chinese Academy of Sciencesã€Institute of Software ã® TCA Lab ã® Yacong Gu: CVE-2016-3761<li>Tencent Xuanwu LAB ã® Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>): CVE-2016-2505<li>Tencent Xuanwu LAB ã® Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>)ãŠã‚ˆã³ Wei Wei(<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>): CVE-2016-2506<li>Baidu X-Lab ã® Yulong Zhang ãŠã‚ˆã³ Tao(Lenx)Wei: CVE-2016-3744</li> -</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> + <li>Google Chrome ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã® Abhishek Aryaã€Oliver Changã€Martin Barbella: CVE-2016-3756ã€CVE-2016-3741ã€CVE-2016-3743ã€CVE-2016-3742</li><li>Check Point Software Technologies Ltd. ã® Adam Donenfeld ä»–: CVE-2016-2503</li><li>Google ã® Adam Powell: CVE-2016-3752</li><li>Context Information Security ã® Alex Chapman ãŠã‚ˆã³ Paul Stone: CVE-2016-3763</li><li><a href="https://www.e2e-assure.com/">e2e-assure</a> ã® Andy Tyler(<a href="https://twitter.com/ticarpi">@ticarpi</a>): CVE-2016-2457</li><li>Google Project Zero ã® Ben Hawkes: CVE-2016-3775</li><li><a href="http://c0reteam.org">C0RE Team</a> ã® Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Yuan-Tsung Lo(<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>)ã€Xuxian Jiang: CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774</li><li>Google ã® Christopher Tate: CVE-2016-3759</li><li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-3762</li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€pjf(<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>): CVE-2016-3806ã€CVE-2016-3816ã€CVE-2016-3805ã€CVE-2016-3804ã€CVE-2016-3767ã€CVE-2016-3810ã€CVE-2016-3795ã€CVE-2016-3796</li><li>Google Android ãƒãƒ¼ãƒ ã® Greg Kaiser: CVE-2016-3758</li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> Mobile Safe Team ã® Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2016-3764</li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> Alpha Team ã® Hao Chenã€Guang Gong: CVE-2016-3792ã€CVE-2016-3768</li><li><a href="http://www.cmcm.com">Cheetah Mobile</a> Security Research Lab ã® Hao Qin: CVE-2016-3754ã€CVE-2016-3766</li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€pjf(<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>): CVE-2016-3814ã€CVE-2016-3802ã€CVE-2016-3769ã€CVE-2016-3807ã€CVE-2016-3808</li><li>Google ã® Marco Nelissen: CVE-2016-3818</li><li>Google Project Zero ã® Mark Brand: CVE-2016-3757</li><li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>: CVE-2016-3750</li><li><a href="http://c0reteam.org">C0RE Team</a> ã® Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang: CVE-2016-3747ã€CVE-2016-3746ã€CVE-2016-3765</li><li>Alibaba モãƒã‚¤ãƒ« ã‚»ã‚ュリティ グループ㮠Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yangã€Yang Ssong: CVE-2016-3800ã€CVE-2016-3799ã€CVE-2016-3801ã€CVE-2016-3812ã€CVE-2016-3798</li><li>Trend Micro ã® Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-3793</li><li>Google ã® Ricky Wai: CVE-2016-3749</li><li>Roeland Krak: CVE-2016-3753</li><li>Scott Bauer(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-3797ã€CVE-2016-3813ã€CVE-2016-3815ã€CVE-2016-2501ã€CVE-2016-2502</li><li>Vasily Vasilev: CVE-2016-2507</li><li>Alibaba Inc. ã® Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2016-2508ã€CVE-2016-3755</li><li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Wen Niu(<a href="https://twitter.com/NWMonster">@NWMonster</a>): CVE-2016-3809</li><li>Tencent Security Platform Department ã® Xiling Gong: CVE-2016-3745</li><li>Chinese Academy of Sciencesã€Institute of Software ã® TCA Lab ã® Yacong Gu: CVE-2016-3761</li><li>Tencent Xuanwu LAB ã® Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>): CVE-2016-2505</li><li>Tencent Xuanwu LAB ã® Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>)ã€Wei Wei(<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>): CVE-2016-2506</li><li>Baidu X-Lab ã® Yulong Zhang ãŠã‚ˆã³ Tao(Lenx)Wei: CVE-2016-3744</li> +</ul> -<h2 id="2016-07-01_details">ã‚»ã‚ュリティ パッムレベル 2016-07-01 ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°</h2> -<p>上記ã®<a href="#2016-07-01_summary">ã‚»ã‚ュリティ パッムレベル 2016-07-01 ã®è„†å¼±æ€§ã®æ¦‚è¦</a>ã§ä¸€è¦§ã«æŒ™ã’ãŸå„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ を説明ã—ã€CVEã€å‚ç…§ã€é‡å¤§åº¦ã€æ›´æ–°ã•ã‚ŒãŸ Nexus 端末ã€æ›´æ–°ã•ã‚ŒãŸ AOSP ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚該当ã™ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ã¸ã®ãƒªãƒ³ã‚¯ãŒã‚ã‚Šã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«ç¶šã番å·ã§ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’示ã—ã¾ã™ã€‚</p> +<h2 id="2016-07-01-details">ã‚»ã‚ュリティ パッムレベル 2016-07-01 ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°</h2> +<p>パッãƒãƒ¬ãƒ™ãƒ« 2016-07-01 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Nexus 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«ç¶šã番å·ã§ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’示ã—ã¾ã™ã€‚</p> <h3 id="remote-code-execution-vulnerability-in-mediaserver"> メディアサーãƒãƒ¼ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> @@ -427,13 +61,13 @@ <p>影響をå—ã‘る機能ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®ä¸æ ¸éƒ¨åˆ†ã¨ã—ã¦æä¾›ã•ã‚Œã¦ãŠã‚Šã€è¤‡æ•°ã®ã‚¢ãƒ—リã«ãŠã„ã¦ã€ãƒªãƒ¢ãƒ¼ãƒˆ コンテンツ(特㫠MMS やブラウザã§ã®ãƒ¡ãƒ‡ã‚£ã‚¢ã®å†ç”Ÿï¼‰ã«ã‚ˆã£ã¦ã“ã®è„†å¼±æ€§ãŒæ”»æ’ƒã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -510,21 +144,20 @@ <td>6.0ã€6.0.1</td> <td>Google 社内</td> </tr> -</table> - +</tbody></table> -<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> +<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> OpenSSL 㨠BoringSSL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p>OpenSSL 㨠BoringSSL ã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ãƒ•ã‚¡ã‚¤ãƒ«ã‚„データã®å‡¦ç†ä¸ã«ãƒ¡ãƒ¢ãƒªç ´å£Šã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚影響をå—ã‘ãŸãƒ—ãƒã‚»ã‚¹ã«ãŠã„ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -542,20 +175,20 @@ OpenSSL 㨠BoringSSL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 5 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="remote-code-execution-vulnerability-in-bluetooth"> Bluetooth ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p>Bluetooth ã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€è¿‘ãã«ã„る攻撃者ãŒãƒšã‚¢è¨å®šã®å‡¦ç†ä¸ã«å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚Bluetooth デãƒã‚¤ã‚¹ã®åˆæœŸåŒ–ä¸ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -572,20 +205,20 @@ Bluetooth ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 30 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-libpng"> libpng ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>libpng ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚Šã€æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリ内ã§æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒå‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ãŒåˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>libpng ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚Šã€æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリ内ã§æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒå‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -603,20 +236,20 @@ libpng ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2015 å¹´ 12 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-mediaserver"> メディアサーãƒãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>メディアサーãƒãƒ¼ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚Šã€æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリ内ã§æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒå‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å•é¡Œã«ã¤ã„ã¦ã¯ã€ã‚µãƒ¼ãƒ‰ãƒ‘ーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«ã“ã®ã‚ˆã†ãªè„†å¼±æ€§ãŒåˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>メディアサーãƒãƒ¼ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚Šã€æ˜‡æ ¼ã—ãŸã‚·ã‚¹ãƒ†ãƒ アプリ内ã§æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒå‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティ製アプリã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹ãŒä¸å¯èƒ½ã¨ãªã£ã¦ã„ã‚‹ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signature</a> 権é™ã‚„ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">signatureOrSystem</a> 権é™ãªã©ã¸ã®æ˜‡æ ¼ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -654,20 +287,20 @@ libpng ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets"> ソケットã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>ソケットã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ã‚·ã‚¹ãƒ†ãƒ 呼ã³å‡ºã—ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚攻撃者ãŒã‚»ã‚ュリティ対ç–を回é¿ã—ã¦ãƒ—ラットフォームを悪用ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -685,20 +318,20 @@ libpng ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice"> LockSettingsService ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>LockSettingsService ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚るアプリã«ã‚ˆã£ã¦ç”»é¢ãƒãƒƒã‚¯ã®ãƒ‘スワードãŒãƒ¦ãƒ¼ã‚¶ãƒ¼ã®è¨±å¯ãªãå†è¨å®šã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚デベãƒãƒƒãƒ‘ーやセã‚ュリティè¨å®šã®å¤‰æ›´ã«å¯¾ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼æ“作ã®è¦ä»¶ãŒãƒãƒ¼ã‚«ãƒ«ã§å›žé¿ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -716,20 +349,20 @@ LockSettingsService ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>6.0ã€6.0.1</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis"> フレームワーク API ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Parcels ã®ãƒ•ãƒ¬ãƒ¼ãƒ ワーク API ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã€ã‚¢ãƒ—リデータを他ã®ã‚¢ãƒ—リã‹ã‚‰åˆ†é›¢ã™ã‚‹ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®ä¿è·ãŒå›žé¿ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚アプリãŒã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ã®ãªã„データã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -747,20 +380,20 @@ LockSettingsService ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2015 å¹´ 12 月 16 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service"> ChooserTarget サービスã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>ChooserTarget サービスã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒåˆ¥ã®ã‚¢ãƒ—リ内ã§ã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«åˆ¥ã®ã‚¢ãƒ—リã®ã‚¢ã‚¯ãƒ†ã‚£ãƒ“ティã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -778,20 +411,20 @@ ChooserTarget サービスã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>6.0ã€6.0.1</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver"> メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>メディアサーãƒãƒ¼ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€é€šå¸¸ã¯æ¨©é™ã‚’リクエストã—ãŸãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã®ã¿ãŒã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ä¿è·ã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã«ã€ãƒªãƒ¢ãƒ¼ãƒˆã®æ”»æ’ƒè€…ãŒã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -807,7 +440,7 @@ ChooserTarget サービスã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4</td> <td>2016 å¹´ 2 月 15 æ—¥</td> </tr> -</table> +</tbody></table> <p>* サãƒãƒ¼ãƒˆã•ã‚Œã‚‹ Nexus 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ã«ã‚ˆã‚‹å½±éŸ¿ã‚’å—ã‘ã¾ã›ã‚“。</p> <h3 id="information-disclosure-vulnerability-in-openssl"> @@ -815,13 +448,13 @@ OpenSSL ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>OpenSSL ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€é€šå¸¸ã¯æ¨©é™ã‚’リクエストã—ãŸãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã®ã¿ãŒã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ä¿è·ã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã«ã€ãƒªãƒ¢ãƒ¼ãƒˆã®æ”»æ’ƒè€…ãŒã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -837,7 +470,7 @@ OpenSSL ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1</td> <td>2016 å¹´ 4 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p>* サãƒãƒ¼ãƒˆã•ã‚Œã‚‹ Nexus 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ã«ã‚ˆã‚‹å½±éŸ¿ã‚’å—ã‘ã¾ã›ã‚“。</p> <h3 id="denial-of-service-vulnerability-in-mediaserver"> @@ -845,13 +478,13 @@ OpenSSL ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>メディアサーãƒãƒ¼ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ç«¯æœ«ã®ãƒãƒ³ã‚°ã‚„å†èµ·å‹•ã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚リモートã§ã®ä¸€æ™‚çš„ãªã‚µãƒ¼ãƒ“ス拒å¦ãŒå¯èƒ½ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -890,20 +523,20 @@ OpenSSL ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-libc"> libc ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>libc ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ç«¯æœ«ã®ãƒãƒ³ã‚°ã‚„å†èµ·å‹•ã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚リモートã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ãŒå¯èƒ½ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -919,7 +552,7 @@ libc ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <td>4.4.4</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* サãƒãƒ¼ãƒˆã•ã‚Œã‚‹ Nexus 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ã«ã‚ˆã‚‹å½±éŸ¿ã‚’å—ã‘ã¾ã›ã‚“。</p> <h3 id="elevation-of-privilege-vulnerability-in-lsof"> @@ -927,13 +560,13 @@ lsof ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>lsof ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒå‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã—ã¦ç«¯æœ«ãŒæ°¸ç¶šçš„ã«ä¾µå®³ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚一般的ã§ãªã„æ‰‹é †ã‚’æ‰‹å‹•ã§è¡Œã†å¿…è¦ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -951,20 +584,20 @@ lsof ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader"> DexClassLoader ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>DexClassLoader ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã‚’実行ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚一般的ã§ãªã„æ‰‹é †ã‚’æ‰‹å‹•ã§è¡Œã†å¿…è¦ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -982,20 +615,20 @@ DexClassLoader ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2"> フレームワーク API ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>フレームワーク API ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ã®æ¨©é™ãŒãƒªã‚¯ã‚¨ã‚¹ãƒˆã•ã‚Œã€ã™ã¹ã¦ã®ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ— データãŒå‚å—ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚アプリデータを別ã®ã‚¢ãƒ—リã‹ã‚‰åˆ†é›¢ã—ã¦ã„るオペレーティング システムã®ä¿è·æ©Ÿèƒ½ã®å›žé¿ã«ç‰¹å®šã®æ¨©é™ãŒå¿…è¦ãªãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1013,20 +646,20 @@ DexClassLoader ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"> Bluetooth ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Bluetooth コンãƒãƒ¼ãƒãƒ³ãƒˆã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ãƒãƒ¼ã‚«ãƒ«ã®æ”»æ’ƒè€…ãŒã€ãƒ¡ã‚¤ãƒ³ãƒ¦ãƒ¼ã‚¶ãƒ¼ç”¨ã«ä¿å˜ã•ã‚Œã¦ã„ã‚‹èªè¨¼æ¸ˆã¿ Bluetooth デãƒã‚¤ã‚¹ã‚’è¿½åŠ ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«æ¨©é™ã‚’æ˜‡æ ¼ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1045,20 +678,20 @@ Bluetooth ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 2 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-nfc"> NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>NFC ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒƒã‚¯ã‚°ãƒ©ã‚¦ãƒ³ãƒ‰ã®ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã‹ã‚‰ãƒ•ã‚©ã‚¢ã‚°ãƒ©ã‚¦ãƒ³ãƒ‰ã®ã‚¢ãƒ—リã®æƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«æ¨©é™ã‚’æ˜‡æ ¼ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1076,20 +709,20 @@ NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 20 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"> ソケットã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>ソケットã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒä¸€èˆ¬çš„ã§ãªã„特定ã®ã‚½ã‚±ãƒƒãƒˆã‚¿ã‚¤ãƒ—ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ã‚«ãƒ¼ãƒãƒ«å†…ã§ã®å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¼•ãèµ·ã“ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚攻撃者ãŒã‚»ã‚ュリティ対ç–を回é¿ã—ã¦ãƒ—ラットフォームを悪用ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1107,20 +740,20 @@ NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> プãƒã‚ã‚·ã®è‡ªå‹•è¨å®šã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>プãƒã‚ã‚·ã®è‡ªå‹•è¨å®šã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ã‚¢ãƒ—リãŒæ©Ÿå¯†æƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1138,20 +771,20 @@ NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver-2"> メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>メディアサーãƒãƒ¼ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ©Ÿå¯†æƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1179,20 +812,20 @@ NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>メディアサーãƒãƒ¼ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ç«¯æœ«ã®ãƒãƒ³ã‚°ã‚„å†èµ·å‹•ã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚リモートã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ãŒå¯èƒ½ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1211,22 +844,22 @@ NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 29 æ—¥</td> </tr> -</table> +</tbody></table> -<h2 id="2016-07-05_details">ã‚»ã‚ュリティ パッムレベル 2016-07-05 ã®è„†å¼±æ€§ã®è©³ç´°</h2> -<p>上記ã®<a href="2016-07-05_summary">ã‚»ã‚ュリティ パッムレベル 2016-07-05 ã®è„†å¼±æ€§ã®æ¦‚è¦</a>ã§ä¸€è¦§ã«æŒ™ã’ãŸå„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ を説明ã—ã€CVEã€å‚ç…§ã€é‡å¤§åº¦ã€æ›´æ–°ã•ã‚ŒãŸ Nexus 端末ã€æ›´æ–°ã•ã‚ŒãŸ AOSP ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚該当ã™ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ã¸ã®ãƒªãƒ³ã‚¯ãŒã‚ã‚Šã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«ç¶šã番å·ã§ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’示ã—ã¾ã™ã€‚</p> +<h2 id="2016-07-05-details">ã‚»ã‚ュリティ パッムレベル 2016-07-05 ã®è„†å¼±æ€§ã®è©³ç´°</h2> +<p>パッãƒãƒ¬ãƒ™ãƒ« 2016-07-05 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Nexus 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«ç¶šã番å·ã§ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’示ã—ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> Qualcomm GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>Qualcomm GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>Qualcomm GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1250,20 +883,20 @@ Qualcomm GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 20 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> MediaTek Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>MediaTek Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>MediaTek Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1273,25 +906,25 @@ MediaTek Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <tr> <td>CVE-2016-3767</td> <td>A-28169363* - <br>M-ALPS02689526</td> + <br />M-ALPS02689526</td> <td>é‡å¤§</td> <td>Android One</td> <td>2016 å¹´ 4 月 6 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> Qualcomm パフォーマンス コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>Qualcomm パフォーマンス コンãƒãƒ¼ãƒãƒ³ãƒˆã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>Qualcomm パフォーマンス コンãƒãƒ¼ãƒãƒ³ãƒˆã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1306,20 +939,20 @@ Qualcomm パフォーマンス コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ <td>Nexus 5ã€Nexus 6ã€Nexus 5Xã€Nexus 6Pã€Nexus 7(2013)</td> <td>2016 å¹´ 4 月 9 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> NVIDIA ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1328,26 +961,26 @@ NVIDIA ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3769</td> - <td>A-28376656*<br> + <td>A-28376656*<br /> N-CVE20163769</td> <td>é‡å¤§</td> <td>Nexus 9</td> <td>2016 å¹´ 4 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific"> MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> -<p>複数㮠MediaTek ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>複数㮠MediaTek ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1356,7 +989,7 @@ MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> </tr> <tr> <td>CVE-2016-3770</td> - <td>A-28346752*<br> + <td>A-28346752*<br /> M-ALPS02703102</td> <td>é‡å¤§</td> <td>Android One</td> @@ -1364,7 +997,7 @@ MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> </tr> <tr> <td>CVE-2016-3771</td> - <td>A-29007611*<br> + <td>A-29007611*<br /> M-ALPS02703102</td> <td>é‡å¤§</td> <td>Android One</td> @@ -1372,7 +1005,7 @@ MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> </tr> <tr> <td>CVE-2016-3772</td> - <td>A-29008188*<br> + <td>A-29008188*<br /> M-ALPS02703102</td> <td>é‡å¤§</td> <td>Android One</td> @@ -1380,7 +1013,7 @@ MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> </tr> <tr> <td>CVE-2016-3773</td> - <td>A-29008363*<br> + <td>A-29008363*<br /> M-ALPS02703102</td> <td>é‡å¤§</td> <td>Android One</td> @@ -1388,26 +1021,26 @@ MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> </tr> <tr> <td>CVE-2016-3774</td> - <td>A-29008609*<br> + <td>A-29008609*<br /> M-ALPS02703102</td> <td>é‡å¤§</td> <td>Android One</td> <td>2016 å¹´ 4 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> カーãƒãƒ« ファイル システムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>カーãƒãƒ« ファイル システムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>カーãƒãƒ« ファイル システムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1421,20 +1054,20 @@ MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus Playerã€Pixel C</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> USB ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>USB ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>USB ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1448,21 +1081,20 @@ USB ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7(2013)ã€Nexus 9ã€Nexus Playerã€Pixel C</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> -<h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> -Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> -<p>下記ã®è¡¨ã«ã€Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã‚’示ã—ã¾ã™ã€‚影響をå—ã‘るコンãƒãƒ¼ãƒãƒ³ãƒˆã«ã¯ã€ãƒ–ートãƒãƒ¼ãƒ€ãƒ¼ã€ã‚«ãƒ¡ãƒ©ãƒ‰ãƒ©ã‚¤ãƒã€ã‚ャラクタ ドライブã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã€ã‚µã‚¦ãƒ³ãƒ‰ ドライãƒã€ãƒ“デオドライãƒãŒå«ã¾ã‚Œã¾ã™ã€‚</p> -<p>ã“ã®ã†ã¡ã€å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡Œã«ã‚ˆã£ã¦ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹å•é¡Œã«ã¤ã„ã¦ã€é‡å¤§åº¦ãŒæœ€ã‚‚高ã„「é‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components">Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> +<p>下記ã®è¡¨ã«ã€Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã‚’示ã—ã¾ã™ã€‚影響をå—ã‘ã‚‹ãŠãã‚Œã®ã‚るコンãƒãƒ¼ãƒãƒ³ãƒˆã«ã¯ã€ãƒ–ートãƒãƒ¼ãƒ€ãƒ¼ã€ã‚«ãƒ¡ãƒ©ãƒ‰ãƒ©ã‚¤ãƒã€ã‚ャラクタ ドライãƒã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã€ã‚µã‚¦ãƒ³ãƒ‰ ドライãƒã€ãƒ“デオドライãƒãªã©ãŒã‚ã‚Šã¾ã™ã€‚</p> +<p>ã“ã®ã†ã¡ã€æ£æ„çš„ã«ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚Œã®ã‚ã‚‹å•é¡Œã«ã¤ã„ã¦ã€é‡å¤§åº¦ãŒæœ€ã‚‚高ã„「é‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦*</th> @@ -1471,7 +1103,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9795</td> - <td>A-28820720<br> + <td>A-28820720<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] </td> @@ -1481,7 +1113,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9794</td> - <td>A-28821172<br> + <td>A-28821172<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> </td> <td>é‡å¤§</td> @@ -1490,7 +1122,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2015-8892</td> - <td>A-28822807<br> + <td>A-28822807<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> </td> <td>é‡å¤§</td> @@ -1499,8 +1131,8 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9781</td> - <td>A-28410333<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> + <td>A-28410333<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> </td> <td>高</td> <td>Nexus 7(2013)</td> @@ -1508,7 +1140,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9786</td> - <td>A-28557260<br> + <td>A-28557260<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1516,7 +1148,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9788</td> - <td>A-28573112<br> + <td>A-28573112<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> <td>高</td> <td>Nexus 5</td> @@ -1524,15 +1156,15 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9779</td> - <td>A-28598347<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> + <td>A-28598347<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> <td>高</td> <td>Nexus 5</td> <td>2014 å¹´ 3 月 13 æ—¥</td> </tr> <tr> <td>CVE-2014-9780</td> - <td>A-28602014<br> + <td>A-28602014<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> <td>高</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6P</td> @@ -1540,7 +1172,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9789</td> - <td>A-28749392<br> + <td>A-28749392<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> <td>高</td> <td>Nexus 5</td> @@ -1548,7 +1180,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9793</td> - <td>A-28821253<br> + <td>A-28821253<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> <td>高</td> <td>Nexus 7(2013)</td> @@ -1556,7 +1188,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9782</td> - <td>A-28431531<br> + <td>A-28431531<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1564,7 +1196,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9783</td> - <td>A-28441831<br> + <td>A-28441831<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> <td>高</td> @@ -1573,7 +1205,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9785</td> - <td>A-28469042<br> + <td>A-28469042<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> <td>高</td> <td>Nexus 7(2013)</td> @@ -1581,7 +1213,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9787</td> - <td>A-28571496<br> + <td>A-28571496<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> <td>高</td> <td>Nexus 7(2013)</td> @@ -1589,7 +1221,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9784</td> - <td>A-28442449<br> + <td>A-28442449<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1597,7 +1229,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9777</td> - <td>A-28598501<br> + <td>A-28598501<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1605,7 +1237,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9778</td> - <td>A-28598515<br> + <td>A-28598515<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1613,16 +1245,16 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9790</td> - <td>A-28769136<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> - [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> + <td>A-28769136<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> + [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> <td>2014 å¹´ 4 月 30 æ—¥</td> </tr> <tr> <td>CVE-2014-9792</td> - <td>A-28769399<br> + <td>A-28769399<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> <td>高</td> <td>Nexus 5</td> @@ -1630,7 +1262,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9797</td> - <td>A-28821090<br> + <td>A-28821090<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> <td>高</td> <td>Nexus 5</td> @@ -1638,15 +1270,15 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9791</td> - <td>A-28803396<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> + <td>A-28803396<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> <td>高</td> <td>Nexus 7(2013)</td> <td>2014 å¹´ 8 月 29 æ—¥</td> </tr> <tr> <td>CVE-2014-9796</td> - <td>A-28820722<br> + <td>A-28820722<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1654,7 +1286,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9800</td> - <td>A-28822150<br> + <td>A-28822150<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1662,7 +1294,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9799</td> - <td>A-28821731<br> + <td>A-28821731<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1670,7 +1302,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9801</td> - <td>A-28822060<br> + <td>A-28822060<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> <td>高</td> <td>Nexus 5</td> @@ -1678,7 +1310,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9802</td> - <td>A-28821965<br> + <td>A-28821965<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1686,7 +1318,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2015-8891</td> - <td>A-28842418<br> + <td>A-28842418<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> @@ -1694,7 +1326,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2015-8888</td> - <td>A-28822465<br> + <td>A-28822465<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> <td>高</td> <td>Nexus 5</td> @@ -1702,7 +1334,7 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2015-8889</td> - <td>A-28822677<br> + <td>A-28822677<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> <td>高</td> <td>Nexus 6P</td> @@ -1710,13 +1342,13 @@ Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2015-8890</td> - <td>A-28822878<br> + <td>A-28822878<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7(2013)</td> <td>2015 å¹´ 8 月 19 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®ä¸€é€£ã®å•é¡Œã®é‡å¤§åº¦ã¯ Qualcomm ã‹ã‚‰ç›´æŽ¥æä¾›ã•ã‚ŒãŸã‚‚ã®ã§ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> @@ -1724,12 +1356,12 @@ Qualcomm USB ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm USB ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1744,19 +1376,19 @@ Qualcomm USB ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 3 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã€ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1771,19 +1403,19 @@ Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Nexus 7(2013)</td> <td>2016 å¹´ 3 月 17 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm カメラドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1798,7 +1430,7 @@ Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7(2013)</td> <td>2016 å¹´ 3 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> @@ -1806,12 +1438,12 @@ NVIDIA カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>NVIDIA カメラドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1820,13 +1452,13 @@ NVIDIA カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3793</td> - <td>A-28026625*<br> + <td>A-28026625*<br /> N-CVE20163793</td> <td>高</td> <td>Nexus 9</td> <td>2016 å¹´ 4 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> @@ -1834,12 +1466,12 @@ MediaTek é›»æºãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>MediaTek é›»æºãƒ‰ãƒ©ã‚¤ãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1848,7 +1480,7 @@ MediaTek é›»æºãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3795</td> - <td>A-28085222*<br> + <td>A-28085222*<br /> M-ALPS02677244</td> <td>高</td> <td>Android One</td> @@ -1856,13 +1488,13 @@ MediaTek é›»æºãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3796</td> - <td>A-29008443*<br> + <td>A-29008443*<br /> M-ALPS02677244</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 7 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> @@ -1870,12 +1502,12 @@ Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã‚Šã€ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1890,7 +1522,7 @@ Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Nexus 5X</td> <td>2016 å¹´ 4 月 7 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> @@ -1898,12 +1530,12 @@ MediaTek ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ センサー ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼± <p>MediaTek ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ センサー ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1912,13 +1544,13 @@ MediaTek ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ センサー ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼± </tr> <tr> <td>CVE-2016-3798</td> - <td>A-28174490*<br> + <td>A-28174490*<br /> M-ALPS02703105</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> @@ -1926,12 +1558,12 @@ MediaTek ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>MediaTek ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1940,7 +1572,7 @@ MediaTek ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3799</td> - <td>A-28175025*<br> + <td>A-28175025*<br /> M-ALPS02693738</td> <td>高</td> <td>Android One</td> @@ -1948,13 +1580,13 @@ MediaTek ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3800</td> - <td>A-28175027*<br> + <td>A-28175027*<br /> M-ALPS02693739</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> @@ -1962,12 +1594,12 @@ MediaTek GPS ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>MediaTek GPS ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1976,13 +1608,13 @@ MediaTek GPS ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3801</td> - <td>A-28174914*<br> + <td>A-28174914*<br /> M-ALPS02688853</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> @@ -1990,12 +1622,12 @@ MediaTek GPS ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« ファイル システムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2016,7 +1648,7 @@ MediaTek GPS ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> @@ -2024,12 +1656,12 @@ MediaTek é›»æºç®¡ç†ãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>MediaTek é›»æºç®¡ç†ãƒ‰ãƒ©ã‚¤ãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2038,7 +1670,7 @@ MediaTek é›»æºç®¡ç†ãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3804</td> - <td>A-28332766*<br> + <td>A-28332766*<br /> M-ALPS02694410</td> <td>高</td> <td>Android One</td> @@ -2046,13 +1678,13 @@ MediaTek é›»æºç®¡ç†ãƒ‰ãƒ©ã‚¤ãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3805</td> - <td>A-28333002*<br> + <td>A-28333002*<br /> M-ALPS02694412</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> @@ -2060,12 +1692,12 @@ MediaTek ディスプレイ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>MediaTek ディスプレイ ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2074,13 +1706,13 @@ MediaTek ディスプレイ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3806</td> - <td>A-28402341*<br> + <td>A-28402341*<br /> M-ALPS02715341</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> @@ -2088,12 +1720,12 @@ MediaTek ディスプレイ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>シリアル周辺機器用インターフェース ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2114,7 +1746,7 @@ MediaTek ディスプレイ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td>Pixel C</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> @@ -2122,12 +1754,12 @@ Qualcomm サウンド ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm サウンド ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2137,24 +1769,24 @@ Qualcomm サウンド ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <tr> <td>CVE-2016-2068</td> <td>A-28470967 - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> <td>高</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-kernel"> カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ«ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2163,26 +1795,26 @@ Qualcomm サウンド ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2014-9803</td> - <td>A-28557020<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> + <td>A-28557020<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6P</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-networking-component"> ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ コンãƒãƒ¼ãƒãƒ³ãƒˆã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2196,7 +1828,7 @@ Qualcomm サウンド ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <td><a href="#all_nexus">ã™ã¹ã¦ã® Nexus</a></td> <td>2016 å¹´ 3 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver"> @@ -2204,12 +1836,12 @@ MediaTek Wi-Fi ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>MediaTek Wi-Fi ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2218,13 +1850,13 @@ MediaTek Wi-Fi ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3810</td> - <td>A-28175522*<br> + <td>A-28175522*<br /> M-ALPS02694389</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> @@ -2232,12 +1864,12 @@ MediaTek Wi-Fi ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§å‹æ‰‹ãªã‚³ãƒ¼ãƒ‰ã®å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2251,7 +1883,7 @@ MediaTek Wi-Fi ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <td>Nexus 9</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> @@ -2259,12 +1891,12 @@ MediaTek ビデオ コーデック ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h <p>MediaTek ビデオ コーデック ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2273,13 +1905,13 @@ MediaTek ビデオ コーデック ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h </tr> <tr> <td>CVE-2016-3812</td> - <td>A-28174833*<br> + <td>A-28174833*<br /> M-ALPS02688832</td> <td>ä¸</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> @@ -2287,12 +1919,12 @@ Qualcomm USB ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>Qualcomm USB ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2307,7 +1939,7 @@ Qualcomm USB ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> @@ -2315,12 +1947,12 @@ NVIDIA カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>NVIDIA カメラドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2329,7 +1961,7 @@ NVIDIA カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3814</td> - <td>A-28193342*<br> + <td>A-28193342*<br /> N-CVE20163814</td> <td>ä¸</td> <td>Nexus 9</td> @@ -2337,13 +1969,13 @@ NVIDIA カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-3815</td> - <td>A-28522274*<br> + <td>A-28522274*<br /> N-CVE20163815</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 5 月 1 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> @@ -2351,12 +1983,12 @@ MediaTek ディスプレイ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>MediaTek ディスプレイ ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2370,7 +2002,7 @@ MediaTek ディスプレイ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <td>Android One</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> @@ -2378,12 +2010,12 @@ MediaTek ディスプレイ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>テレタイプ ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2392,25 +2024,25 @@ MediaTek ディスプレイ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> </tr> <tr> <td>CVE-2016-0723</td> - <td>A-28409131<br> + <td>A-28409131<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439">アップストリームカーãƒãƒ«</a></td> <td>ä¸</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7(2013)ã€Nexus 9ã€Nexus Playerã€Pixel C</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> -<p>Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ãƒãƒ¼ã‚«ãƒ«ç«¯æœ«ã®æ°¸ä¹…çš„ãªä¾µå®³ãŒå¼•ãèµ·ã“ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†æ¶ˆåŽ»ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã‚’引ãèµ·ã“ã—ã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2433,13 +2065,12 @@ Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <td>Nexus 5ã€Nexus 7(2013)</td> <td>2015 å¹´ 8 月 19 æ—¥</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</h2> -<p>上記ã®å…¬é–‹æƒ…å ±ã«å¯¾ã™ã‚‹ä¸€èˆ¬çš„ãªè³ªå•ã«ã¤ã„ã¦ã€ä»¥ä¸‹ã§å›žç”ã—ã¾ã™ã€‚</p> +<p>上記ã®å…¬é–‹æƒ…å ±ã«å¯¾ã™ã‚‹ä¸€èˆ¬çš„ãªè³ªå•ã«ã¤ã„ã¦ã®å›žç”ã¯ä»¥ä¸‹ã®ã¨ãŠã‚Šã§ã™ã€‚</p> -<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’ã©ã®ã‚ˆã†ã«åˆ¤æ–ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> -<p>ã‚»ã‚ュリティ パッムレベル 2016-07-01 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル文å—列 2016-7-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ã‚»ã‚ュリティ パッムレベル 2016-07-05 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル文å—列 2016-07-05 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/nexus/answer/4457705">ヘルプセンター</a>ã®èª¬æ˜Žã‚’ã”覧ãã ã•ã„。ã“ã®ã‚¢ãƒƒãƒ—デートを組ã¿è¾¼ã‚“ã 端末メーカーã¯ã€ãƒ‘ッãƒæ–‡å—列ã®ãƒ¬ãƒ™ãƒ«ã‚’ [ro.build.version.security_patch]:[2016-07-01] ã¾ãŸã¯ -[ro.build.version.security_patch]:[2016-07-05] ã«è¨å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</p> +<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’確ã‹ã‚ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> +<p>ã‚»ã‚ュリティ パッムレベル 2016-07-01 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル文å—列 2016-7-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ã‚»ã‚ュリティ パッムレベル 2016-07-05 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル文å—列 2016-07-05 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/nexus/answer/4457705">ヘルプセンター</a>ã®èª¬æ˜Žã‚’ã”覧ãã ã•ã„。ã“ã®ã‚¢ãƒƒãƒ—デートを組ã¿è¾¼ã‚“ã 端末メーカーã¯ã€ãƒ‘ッãƒæ–‡å—列ã®ãƒ¬ãƒ™ãƒ«ã‚’ [ro.build.version.security_patch]:[2016-07-01] ã¾ãŸã¯ [ro.build.version.security_patch]:[2016-07-05] ã«è¨å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</p> <p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッムレベル文å—列ãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> <p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’ Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã€2 ã¤ã®ã‚»ã‚ュリティ パッムレベル文å—列を定義ã—ã¦ã„ã¾ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベル文å—列を使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> @@ -2447,18 +2078,18 @@ Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>2016 å¹´ 7 月 1 æ—¥ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã§ã¯ã€ãã®ã‚»ã‚ュリティ パッムレベルã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã¨ã€ã“ã‚Œã¾ã§ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã§å ±å‘Šã•ã‚ŒãŸã™ã¹ã¦ã®å•é¡Œã®ä¿®æ£ã‚’å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚2016 å¹´ 7 月 1 æ—¥ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã€2016 å¹´ 7 月 5 æ—¥ã®ã‚»ã‚ュリティ パッムレベルã«é–¢é€£ã™ã‚‹ä¿®æ£ã®ä¸€éƒ¨ã‚’å«ã‚ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚</p> <p id="all_nexus"><strong>3. å„å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ Nexus 端末を判æ–ã™ã‚‹ã«ã¯ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> -<p><a href="#2016-07-01_details">2016-07-01</a> ãŠã‚ˆã³ <a href="#2016-07-05_details">2016-07-05</a> ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã«é–¢ã™ã‚‹å„表ã«ã¯ã€Œæ›´æ–°ã•ã‚ŒãŸ Nexus 端末ã€åˆ—ãŒã‚ã‚Šã€ãã®å•é¡Œã«å¯¾ã—ã¦æ›´æ–°ã•ã‚ŒãŸã€å½±éŸ¿ã‚’å—ã‘ã‚‹ Nexus 端末ã®ç¯„囲ãŒè¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®åˆ—ã«ã¯æ¬¡ã®ã„ãšã‚Œã‹ãŒè¡¨ç¤ºã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p><a href="#2016-07-01-details">2016-07-01</a> 㨠<a href="#2016-07-05-details">2016-07-05</a> ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã«é–¢ã™ã‚‹ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã§ã€å„表ä¸ã®ã€Œæ›´æ–°å¯¾è±¡ã® Nexus 端末ã€åˆ—ã«ã€ãã®å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ã€æ›´æ–°å¯¾è±¡ã® Nexus 端末ã®ç¨®é¡žã‚’記載ã—ã¦ã„ã¾ã™ã€‚ã“ã®åˆ—ã«ã¯æ¬¡ã®ã„ãšã‚Œã‹ãŒè¡¨ç¤ºã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <ul> - <li><strong>ã™ã¹ã¦ã® Nexus 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã® Nexus 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œæ›´æ–°ã•ã‚ŒãŸ Nexus 端末ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã® Nexusã€ã¨è¡¨ç¤ºã•ã‚Œã¾ã™ã€‚<em></em>「ã™ã¹ã¦ã® Nexusã€ã«ã¯<a href="https://support.google.com/nexus/answer/4457705#nexus_devices">サãƒãƒ¼ãƒˆã•ã‚Œã‚‹ç«¯æœ«</a>(Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7(2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel C)ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</li> - <li><strong>一部㮠Nexus 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã® Nexus 端末ã«ã¯å½±éŸ¿ã‚’与ãˆãªã„å ´åˆã€ã€Œæ›´æ–°ã•ã‚ŒãŸ Nexus 端末ã€åˆ—ã«ã¯å½±éŸ¿ã‚’å—ã‘ã‚‹ Nexus 端末ãŒè¡¨ç¤ºã•ã‚Œã¾ã™ã€‚<em></em></li> - <li><strong>影響をå—ã‘ã‚‹ Nexus 端末ãŒãªã„</strong>: å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ Nexus 端末ãŒãªã„å ´åˆã€è¡¨ã®ã€Œæ›´æ–°ã•ã‚ŒãŸ Nexus 端末ã€åˆ—ã«ã¯ã€Œãªã—ã€ã¨è¡¨ç¤ºã•ã‚Œã¾ã™ã€‚<em></em></li> + <li><strong>ã™ã¹ã¦ã® Nexus 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã® Nexus 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Nexus 端末<em></em>ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã® Nexusã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚「ã™ã¹ã¦ã® Nexusã€ã«ã¯<a href="https://support.google.com/nexus/answer/4457705#nexus_devices">サãƒãƒ¼ãƒˆã•ã‚Œã‚‹ç«¯æœ«</a>(Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7(2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel C)ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</li> + <li><strong>一部㮠Nexus 端末</strong>: å•é¡ŒãŒä¸€éƒ¨ã® Nexus 端末ã®ã¿ã«å½±éŸ¿ã™ã‚‹å ´åˆã€ã€Œæ›´æ–°å¯¾è±¡ã® Nexus 端末<em></em>ã€åˆ—ã«ã¯å½±éŸ¿ã‚’å—ã‘ã‚‹ Nexus 端末ãŒè¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> + <li><strong>影響をå—ã‘ã‚‹ Nexus 端末ãŒãªã„</strong>: å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ Nexus 端末ãŒãªã„å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Nexus 端末<em></em>ã€åˆ—ã«ã¯ã€Œãªã—ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> </ul> <p><strong>4. 「å‚ç…§ã€åˆ—ã®é …ç›®ã¯ã©ã®ã‚ˆã†ãªæƒ…å ±ã«é–¢é€£ä»˜ã‘られã¦ã„ã¾ã™ã‹ï¼Ÿ</strong></p> <p>脆弱性ã®è©³ç´°ã®è¡¨ã§ã€Œå‚ç…§ã€åˆ—ã«è¨˜è¼‰ã•ã‚Œã¦ã„る内容ã«ã¯ã€å‚ç…§ã®å€¤ãŒå±žã—ã¦ã„る組織を示ã—ãŸæŽ¥é 辞ãŒå«ã¾ã‚Œã¦ã„ã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚<em></em>å„接é 辞ã®æ„味ã¯ä»¥ä¸‹ã®ã¨ãŠã‚Šã§ã™ã€‚</p> <table> - <tr> + <tbody><tr> <th>接é 辞</th> <th>å‚ç…§</th> </tr> @@ -2478,7 +2109,7 @@ Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <td>N-</td> <td>NVIDIA ã®å‚照番å·</td> </tr> -</table> +</tbody></table> <h2 id="revisions">改訂</h2> <ul> @@ -2486,13 +2117,12 @@ Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <li>2016 å¹´ 7 月 7 æ—¥: <ul> <li>AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ - <li>CVE-2016-3794 を削除(CVE-2016-3814 ã¨é‡è¤‡ã—ã¦ã„ãŸãŸã‚) - <li>CVE-2016-2501 ãŠã‚ˆã³ CVE-2016-2502 ã®å¸°å±žã‚’è¿½åŠ - </li></li></li></ul> + </li><li>CVE-2016-3794 を削除(CVE-2016-3814 ã¨é‡è¤‡ã—ã¦ã„ãŸãŸã‚) + </li><li>CVE-2016-2501 ãŠã‚ˆã³ CVE-2016-2502 ã®å¸°å±žã‚’è¿½åŠ + </li></ul> </li> <li>2016 å¹´ 7 月 11 æ—¥: CVE-2016-3750 ã®å¸°å±žã‚’æ›´æ–°</li> <li>2016 å¹´ 7 月 14 æ—¥: CVE-2016-2503 ã®å¸°å±žã‚’æ›´æ–°</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ja/security/bulletin/2016-12-01.html b/ja/security/bulletin/2016-12-01.html index f4ca4a57..56d5b483 100644 --- a/ja/security/bulletin/2016-12-01.html +++ b/ja/security/bulletin/2016-12-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ± - 2016 å¹´ 12 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,17 +20,15 @@ limitations under the License. --> - - -<p><em>2016 å¹´ 12 月 5 日公開 | 2016 å¹´ 12 月 7 日更新</em></p> +<p><em>2016 å¹´ 12 月 5 日公開 | 2016 å¹´ 12 月 21 日更新</em></p> <p> -Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Google 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§ãƒªãƒªãƒ¼ã‚¹ã—ã¦ã„ã¾ã™ã€‚2016 å¹´ 12 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。 +Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Google 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§ãƒªãƒªãƒ¼ã‚¹ã—ã¦ã„ã¾ã™ã€‚2016 å¹´ 12 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。 </p> <p> パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2016 å¹´ 11 月 7 æ—¥ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)レãƒã‚¸ãƒˆãƒªã«ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã‚’リリースã—ã¦ã„ã¾ã™ã€‚ã“ã®å…¬é–‹æƒ…å ±ã«ã¯ AOSP 以外ã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã‚‚掲載ã—ã¦ã„ã¾ã™ã€‚ </p> <p> -ã“ã®ã†ã¡æœ€ã‚‚é‡å¤§ãªå•é¡Œã¯ã€ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚る端末固有ã®ã‚³ãƒ¼ãƒ‰ã®ã‚»ã‚ュリティ上ã®é‡å¤§ãªè„†å¼±æ€§ã§ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ +ã“ã®ã†ã¡æœ€ã‚‚é‡å¤§ãªã‚»ã‚ュリティ上ã®å•é¡Œã¯ã€ã‚«ãƒ¼ãƒãƒ«å†…ã§æ£æ„çš„ã«ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚Œã®ã‚る端末固有ã®ã‚³ãƒ¼ãƒ‰ã®è„†å¼±æ€§ã§ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã¾ãŸã¯ä¸æ£ãªå›žé¿ã«ã‚ˆã‚Šç„¡åŠ¹ã¨ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚ </p> <p> ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="#mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã«ã‚ˆã‚Šã€Android プラットフォームã®ã‚»ã‚ュリティãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚ @@ -49,288 +46,6 @@ Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端æ </li> <li>サãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ã¯ã€2016 å¹´ 12 月 5 æ—¥ã®ã‚»ã‚ュリティ パッムレベルã®ã‚¢ãƒƒãƒ—デート 1 件㌠OTA ã§é…ä¿¡ã•ã‚Œã¾ã™ã€‚</li> </ul> -<h2 id="security-vulnerability-summary">ã‚»ã‚ュリティã®è„†å¼±æ€§ã®æ¦‚è¦</h2> -<p> -下記ã®è¡¨ã«ã€ã‚»ã‚ュリティã®è„†å¼±æ€§ã€ãã®å…±é€šè„†å¼±æ€§è˜åˆ¥å(CVE)ã€é‡å¤§åº¦ã®åˆ¤å®šã€Google 端末ã¸ã®å½±éŸ¿ãŒã‚ã‚‹ã‹ã©ã†ã‹ã®ä¸€è¦§ã‚’示ã—ã¾ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒã‚’å—ã‘ãŸç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒã€é–‹ç™ºç›®çš„ã‚„ä¸æ£ã«å›žé¿ã•ã‚ŒãŸãŸã‚ã«ç„¡åŠ¹ã«ã•ã‚ŒãŸå ´åˆã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚ -</p> -<h3 id="2016-12-01-summary">ã‚»ã‚ュリティ パッムレベル 2016-12-01 ã®è„†å¼±æ€§ã®æ¦‚è¦</h3> -<p> -ã‚»ã‚ュリティ パッムレベル 2016-12-01 以é™ã§ã¯ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>é‡å¤§åº¦</th> - <th>Google 端末ã¸ã®å½±éŸ¿</th> - </tr> - <tr> - <td>CURL / LIBCURL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2016-5419ã€CVE-2016-5420ã€CVE-2016-5421</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>libziparchive ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6762</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Telephony ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-6763</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-6766ã€CVE-2016-6765ã€CVE-2016-6764ã€CVE-2016-6767</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Framesequence ライブラリã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2016-6768</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Smart Lock ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6769</td> - <td>ä¸</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>フレームワーク API ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6770</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Telephony ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6771</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Wi-Fi ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6772</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-6773</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Package Manager ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-6774</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> -</table> -<p> -* Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 -</p> -<h3 id="2016-12-05-summary">ã‚»ã‚ュリティ パッムレベル 2016-12-05 ã®è„†å¼±æ€§ã®æ¦‚è¦</h3> -<p> -ã‚»ã‚ュリティ パッムレベル 2016-12-05 以é™ã§ã¯ã€2016-12-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«åŠ ãˆã¦ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>é‡å¤§åº¦</th> - <th>Google 端末ã¸ã®å½±éŸ¿</th> - </tr> - <tr> - <td>カーãƒãƒ« メモリ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-4794ã€CVE-2016-5195</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6775ã€CVE-2016-6776ã€CVE-2016-6777</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2015-8966</td> - <td>é‡å¤§</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>NVIDIA ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6915ã€CVE-2016-6916ã€CVE-2016-6917</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ION ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-9120</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®è„†å¼±æ€§</td> - <td>CVE-2016-8411</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ファイル システムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2014-4014</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2015-8967</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>HTC サウンド コーデック ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6778ã€CVE-2016-6779ã€CVE-2016-6780</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6492ã€CVE-2016-6781ã€CVE-2016-6782ã€CVE-2016-6783ã€CVE-2016-6784ã€CVE-2016-6785</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>Qualcomm メディア コーデックã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6761ã€CVE-2016-6760ã€CVE-2016-6759ã€CVE-2016-6758</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6755</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« パフォーマンス サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6786ã€CVE-2016-6787</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek I2C ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6788</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>NVIDIA libomx ライブラリã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6789ã€CVE-2016-6790</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm サウンド ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-6791ã€CVE-2016-8391ã€CVE-2016-8392</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ã‚»ã‚ュリティ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2015-7872</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-8393ã€CVE-2016-8394</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Broadcom Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2014-9909ã€CVE-2014-9910</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>MediaTek ビデオドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8396</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>NVIDIA ビデオドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8397</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>GPS ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-5341</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA カメラドライãƒã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-8395</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-8399</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-6756ã€CVE-2016-6757</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA librm ライブラリã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8400</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8401ã€CVE-2016-8402ã€CVE-2016-8403ã€CVE-2016-8404ã€CVE-2016-8405ã€CVE-2016-8406ã€CVE-2016-8407</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA ビデオドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8408ã€CVE-2016-8409</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm サウンド ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8410</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> -</table> -<p> -* Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 -</p> <h2 id="mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</h2> <p> ã“ã“ã§ã¯ã€<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>㨠SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã®è»½æ¸›ã«ã¤ã„ã¦æ¦‚説ã—ã¾ã™ã€‚ã“ã†ã—ãŸæ©Ÿèƒ½ã¯ã€Android ã§ã‚»ã‚ュリティã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’減らã—ã¾ã™ã€‚ @@ -338,7 +53,7 @@ Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端æ <ul> <li>Android プラットフォームã®æœ€æ–°ç‰ˆã§ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Android 上ã®å¤šãã®å•é¡Œã«ã¤ã„ã¦æ‚ªç”¨ãŒå›°é›£ã«ãªã‚Šã¾ã™ã€‚Google ã§ã¯ã€ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã€ã§ãã‚‹é™ã‚Šæœ€æ–°ç‰ˆã® Android ã«æ›´æ–°ã™ã‚‹ã“ã¨ã‚’ãŠã™ã™ã‚ã—ã¦ã„ã¾ã™ã€‚</li> <li>Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">「アプリã®ç¢ºèªã€ã‚„ SafetyNet</a> ã«ã‚ˆã£ã¦è„†å¼±æ€§ã®æ‚ªç”¨ã‚’ç©æ¥µçš„ã«ç›£è¦–ã—ã¦ãŠã‚Šã€<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">有害ãªãŠãã‚Œã®ã‚るアプリ</a>ã«ã¤ã„ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¦ã„ã¾ã™ã€‚「アプリã®ç¢ºèªã€ã¯ã€<a href="http://www.android.com/gms">Google モãƒã‚¤ãƒ« サービス</a>ã‚’æ載ã—ãŸç«¯æœ«ã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ãŠã‚Šã€Google Play 以外ã‹ã‚‰ã‚¢ãƒ—リをインストールã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦ã¯ç‰¹ã«é‡è¦ã§ã™ã€‚端末ã®ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹ãƒ„ール㯠Google Play ã§ã¯ç¦æ¢ã•ã‚Œã¦ã„ã¾ã™ãŒã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€ã‚¢ãƒ—リã®å…¥æ‰‹å…ƒã«ã‹ã‹ã‚らãšã€ãƒ«ãƒ¼ãƒˆæ¨©é™å–得アプリを検出ã—ã€ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—よã†ã¨ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¾ã™ã€‚ã¾ãŸã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€æ‚ªæ„ã®ã‚る既知ã®ã‚¢ãƒ—リã§æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œãªã„よã†ã«ã€ãã®ã‚ˆã†ãªã‚¢ãƒ—リã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã‚’見ã¤ã‘ã¦é˜»æ¢ã—ã¾ã™ã€‚ã“ã†ã—ãŸã‚¢ãƒ—リãŒã™ã§ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é€šçŸ¥ã—ã¦ã€æ¤œå‡ºã•ã‚ŒãŸã‚¢ãƒ—リã®å‰Šé™¤ã‚’試ã¿ã¾ã™ã€‚</li> -<li>Google ãƒãƒ³ã‚°ã‚¢ã‚¦ãƒˆã‚„メッセンジャーã®ã‚¢ãƒ—リã§ã¯çŠ¶æ³ã‚’判æ–ã—ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ãªã©ã®ãƒ—ãƒã‚»ã‚¹ã«è‡ªå‹•çš„ã«ãƒ¡ãƒ‡ã‚£ã‚¢ã‚’渡ã™ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</li> +<li>Google ãƒãƒ³ã‚°ã‚¢ã‚¦ãƒˆã‚„メッセンジャーãªã©ã®ã‚¢ãƒ—リã§ã¯çŠ¶æ³ã‚’é©å®œåˆ¤æ–ã—ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ãªã©ã®ãƒ—ãƒã‚»ã‚¹ã«è‡ªå‹•çš„ã«ãƒ¡ãƒ‡ã‚£ã‚¢ã‚’渡ã™ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</li> </ul> <h2 id="acknowledgements">è¬è¾ž</h2> @@ -351,10 +66,10 @@ Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端æ <li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a>ã€Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang: CVE-2016-6789ã€CVE-2016-6790</li> <li>Christian Seel: CVE-2016-6769</li> <li>Google ã® David Benjaminã€Kenny Root: CVE-2016-6767</li> - <li>Tencentã€KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-6776ã€CVE-2016-6787</li> + <li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-6776ã€CVE-2016-6787</li> <li><a href="http://www.ms509.com">MS509Team</a> ã® En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>): CVE-2016-6763</li> - <li>Qihoo 360 Technology Co. Ltd.ã€IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€Qihoo 360 Technology Co. Ltd.ã€IceSword Lab ã® <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6779ã€CVE-2016-6778ã€CVE-2016-8401ã€CVE-2016-8402ã€CVE-2016-8403ã€CVE-2016-8409ã€CVE-2016-8408ã€CVE-2016-8404</li> - <li>Qihoo 360 Technology Co. Ltd.ã€IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€Qihoo 360 Technology Co. Ltd.ã€IceSword Lab ã® <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6788ã€CVE-2016-6781ã€CVE-2016-6782ã€CVE-2016-8396</li> + <li>Qihoo 360 Technology Co. Ltd. IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6779ã€CVE-2016-6778ã€CVE-2016-8401ã€CVE-2016-8402ã€CVE-2016-8403ã€CVE-2016-8409ã€CVE-2016-8408ã€CVE-2016-8404</li> + <li>Qihoo 360 Technology Co. Ltd. IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6788ã€CVE-2016-6781ã€CVE-2016-6782ã€CVE-2016-8396</li> <li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang: CVE-2016-6791ã€CVE-2016-8391ã€CVE-2016-8392</li> <li>Project Zero ã® Mark Brand: CVE-2016-6772</li> <li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>: CVE-2016-6770ã€CVE-2016-6774</li> @@ -366,13 +81,13 @@ Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端æ <li>Baidu X-Lab ã® Pengfei Ding(ä¸é¹é£žï¼‰ã€Chenfu Bao(包沉浮)ã€Lenx Wei(韦韬): CVE-2016-6755ã€CVE-2016-6756</li> <li>Trend Micro ã® Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-8397ã€CVE-2016-8405ã€CVE-2016-8406ã€CVE-2016-8407</li> <li>Tencentã€KeenLab(腾讯科æ©å®žéªŒå®¤ï¼‰ã® Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2016-8399ã€CVE-2016-8395</li> - <li>Tencentã€KeenLab(腾讯科æ©å®žéªŒå®¤ï¼‰ã® Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)ã€Marco Grassi(<a href="https://twitter.com/marcograss">@marcograss</a>): CVE-2016-6768</li> + <li>Tencent KeenLab(腾讯科æ©å®žéªŒå®¤ï¼‰ã® Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)ã€Marco Grassi(<a href="https://twitter.com/marcograss">@marcograss</a>): CVE-2016-6768</li> <li>Richard Shupak: CVE-2016-5341</li> <li>IBM X-Force Research ã® Sagi Kedmi: CVE-2016-8393ã€CVE-2016-8394</li> <li>Trend Micro Inc.ã€Mobile Threat Research Team ã® Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-6757</li> <li>Alibaba Inc ã® Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2016-6773</li> <li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a>ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang: CVE-2016-6765</li> - <li><a href="http://www.trendmicro.com">Trend Micro Inc.</a>ã€<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile Threat Response Team</a> ã® Wish Wu(<a href="https://twitter.com/wish_wu">@wish_wu</a>)(<a href="http://weibo.com/wishlinux">å´æ½æµ </a>): CVE-2016-6704</li> + <li><a href="http://www.trendmicro.com">Trend Micro Inc.</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile Threat Response Team</a> ã® Wish Wu(<a href="https://twitter.com/wish_wu">@wish_wu</a>)(<a href="http://weibo.com/wishlinux">å´æ½æµ </a>): CVE-2016-6704</li> <li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang: CVE-2016-6786ã€CVE-2016-6780ã€CVE-2016-6775</li> <li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:wisedd@gmail.com">Xiaodong Wang</a>ã€Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Xuxian Jiang: CVE-2016-6777</li> <li>Tencent Security Platform Department ã® Yuxiang Li: CVE-2016-6771</li> @@ -380,13 +95,12 @@ Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端æ <li>Qihoo 360 Technology Co. Ltd.ã€Chengdu Security Response Center ã® <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: CVE-2016-6762</li> </ul> <p> -Bottle Tech ã® MengLuo Gou(<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)æ°ã€Google ã® Yong Wang(王勇)(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)ã€Zubin Mithra ã«ã‚‚ã€ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã”å”力ã„ãŸã ãã¾ã—ãŸã€‚ã“ã“ã«è¬æ„を表ã—ã¾ã™ã€‚ +ãã®ä»–ã«ã‚‚ã€Bottle Tech ã® MengLuo Gou(<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)æ°ã€Google ã® Yong Wang(王勇)(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)ã€Zubin Mithra ã«ã‚‚ã€ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã”å”力ã„ãŸã ãã¾ã—ãŸã€‚ã“ã“ã«è¬æ„を表ã—ã¾ã™ã€‚ </p> <h2 id="2016-12-01-details">ã‚»ã‚ュリティ パッムレベル 2016-12-01 ã®è„†å¼±æ€§ã®è©³ç´°</h2> <p> -上記ã®<a href="#2016-12-01-summary">ã‚»ã‚ュリティ パッムレベル 2016-12-01 ã®è„†å¼±æ€§ã®æ¦‚è¦</a>ã§ä¸€è¦§ã«æŒ™ã’ãŸå„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> - +パッãƒãƒ¬ãƒ™ãƒ« 2016-12-01 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> <h3 id="rce-in-curl-libcurl">CURL / LIBCURL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p> @@ -394,13 +108,13 @@ Bottle Tech ã® MengLuo Gou(<a href="https://twitter.com/idhyt3r">@idhyt3r</a> </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -432,8 +146,7 @@ Bottle Tech ã® MengLuo Gou(<a href="https://twitter.com/idhyt3r">@idhyt3r</a> <td>7.0</td> <td>2016 å¹´ 8 月 3 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-libziparchive">libziparchive ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -441,13 +154,13 @@ libziparchive ライブラリã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -466,8 +179,7 @@ libziparchive ライブラリã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 8 月 28 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-telephony">Telephony ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p> @@ -475,13 +187,13 @@ Telephony ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -498,8 +210,7 @@ Telephony ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p> @@ -507,13 +218,13 @@ Telephony ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -556,26 +267,25 @@ Telephony ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã <td>4.4.4</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p> * Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </p> - <h3 id="rce-in-framesequence-library">Framesequence ライブラリã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p> Framesequence ライブラリã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€æ¨©é™ã®ãªã„プãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ã‚’実行ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚Framesequence ライブラリを使用ã™ã‚‹ã‚¢ãƒ—リã§ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -592,8 +302,7 @@ Framesequence ライブラリã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-smart-lock">Smart Lock ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -601,13 +310,13 @@ Smart Lock ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚« </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -623,25 +332,24 @@ Smart Lock ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚« <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 5 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p> * Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </p> - <h3 id="eop-in-framework-apis">フレームワーク API ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> フレームワーク API ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒã‚¢ã‚¯ã‚»ã‚¹æ¨©ã®ç¯„囲外ã®ã‚·ã‚¹ãƒ†ãƒ 機能ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚制約ã•ã‚ŒãŸãƒ—ãƒã‚»ã‚¹ã§åˆ¶é™ãŒãƒãƒ¼ã‚«ãƒ«ã§å›žé¿ã•ã‚Œã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -658,8 +366,7 @@ Smart Lock ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚« <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 7 月 16 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-telephony">Telephony ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -667,13 +374,13 @@ Telephony ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ã </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -690,8 +397,7 @@ Telephony ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ã <td>6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 17 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Wi-Fi ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -699,13 +405,13 @@ Wi-Fi ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -723,8 +429,7 @@ Wi-Fi ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 30 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p> @@ -732,13 +437,13 @@ Wi-Fi ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -756,8 +461,7 @@ Wi-Fi ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚ <td>6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 7 月 27 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-package-manager">Package Manager ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p> @@ -765,13 +469,13 @@ Package Manager ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -788,12 +492,11 @@ Package Manager ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã <td>7.0</td> <td>2016 å¹´ 8 月 29 æ—¥</td> </tr> -</table> - +</tbody></table> <h2 id="2016-12-05-details">ã‚»ã‚ュリティ パッムレベル 2016-12-05 ã®è„†å¼±æ€§ã®è©³ç´°</h2> <p> -上記ã®<a href="#2016-12-05-summary">ã‚»ã‚ュリティ パッムレベル 2016-12-05 ã®è„†å¼±æ€§ã®æ¦‚è¦</a>ã§ä¸€è¦§ã«æŒ™ã’ãŸå„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> +パッãƒãƒ¬ãƒ™ãƒ« 2016-12-05 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> <h3 id="eop-in-kernel-memory-subsystem">カーãƒãƒ« メモリ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -801,12 +504,12 @@ Package Manager ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -815,7 +518,7 @@ Package Manager ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã </tr> <tr> <td>CVE-2016-4794</td> - <td>A-31596597<br> + <td>A-31596597<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"> アップストリームカーãƒãƒ«</a> [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> @@ -825,7 +528,7 @@ Package Manager ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã </tr> <tr> <td>CVE-2016-5195</td> - <td>A-32141528<br> + <td>A-32141528<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> アップストリームカーãƒãƒ«</a> [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> @@ -833,8 +536,7 @@ Package Manager ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒã <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -842,12 +544,12 @@ NVIDIA GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -856,26 +558,26 @@ NVIDIA GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ </tr> <tr> <td>CVE-2016-6775</td> - <td>A-31222873*<br>N-CVE-2016-6775</td> + <td>A-31222873*<br />N-CVE-2016-6775</td> <td>é‡å¤§</td> <td>Nexus 9</td> <td>2016 å¹´ 8 月 25 æ—¥</td> </tr> <tr> <td>CVE-2016-6776</td> - <td>A-31680980*<br>N-CVE-2016-6776</td> + <td>A-31680980*<br />N-CVE-2016-6776</td> <td>é‡å¤§</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-6777</td> - <td>A-31910462*<br>N-CVE-2016-6777</td> + <td>A-31910462*<br />N-CVE-2016-6777</td> <td>é‡å¤§</td> <td>Nexus 9</td> <td>2016 å¹´ 10 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -886,12 +588,12 @@ NVIDIA GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -900,31 +602,30 @@ NVIDIA GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ </tr> <tr> <td>CVE-2015-8966</td> - <td>A-31435731<br> + <td>A-31435731<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> アップストリームカーãƒãƒ«</a></td> <td>é‡å¤§</td> <td>ãªã—*</td> <td>2016 å¹´ 9 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <p> * Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </p> - <h3 id="eop-in-nvidia-video-driver">NVIDIA ビデオドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -934,7 +635,7 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã <tr> <td>CVE-2016-6915</td> <td>A-31471161* - <br>N-CVE-2016-6915</td> + <br />N-CVE-2016-6915</td> <td>é‡å¤§</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> @@ -942,7 +643,7 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã <tr> <td>CVE-2016-6916</td> <td>A-32072350* - <br>N-CVE-2016-6916</td> + <br />N-CVE-2016-6916</td> <td>é‡å¤§</td> <td>Nexus 9ã€Pixel C</td> <td>2016 å¹´ 9 月 13 æ—¥</td> @@ -950,12 +651,12 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã <tr> <td>CVE-2016-6917</td> <td>A-32072253* - <br></td> + <br />N-CVE-2016-6917</td> <td>é‡å¤§</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -966,12 +667,12 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -980,25 +681,26 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </tr> <tr> <td>CVE-2016-9120</td> - <td>A-31568617<br> + <td>A-31568617<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> アップストリームカーãƒãƒ«</a></td> <td>é‡å¤§</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixel Cã€Nexus Player</td> <td>2016 å¹´ 9 月 16 æ—¥</td> </tr> -</table> +</tbody></table> -<h3>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®è„†å¼±æ€§</h3> +<h3 id="vulnerabilities-in-qc-components">Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®è„†å¼±æ€§</h3> <p> -次ã«ã€Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹è„†å¼±æ€§ã‚’示ã—ã¾ã™ã€‚詳細ã«ã¤ã„ã¦ã¯ã€Qualcomm AMSS November 2015 ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã‚’ã”å‚ç…§ãã ã•ã„。</p> +下記ã®è¡¨ã« Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹è„†å¼±æ€§ã‚’示ã—ã¾ã™ã€‚詳細ã«ã¤ã„ã¦ã¯ã€Qualcomm AMSS ã® 2015 å¹´ 11 月ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã‚’ã”覧ãã ã•ã„。 +</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦*</th> @@ -1012,7 +714,7 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã <td>Nexus 6ã€Nexus 6Pã€Android One</td> <td>Qualcomm 社内</td> </tr> -</table> +</tbody></table> <p>* ã“ã®ä¸€é€£ã®å•é¡Œã®é‡å¤§åº¦ã¯ãƒ™ãƒ³ãƒ€ãƒ¼ãŒæ±ºå®šã—ãŸã‚‚ã®ã§ã™ã€‚</p> <p>** ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1023,12 +725,12 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1037,15 +739,14 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </tr> <tr> <td>CVE-2014-4014</td> - <td>A-31252187<br> + <td>A-31252187<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Nexus 6ã€Nexus Player</td> <td>2014 å¹´ 6 月 10 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-2">カーãƒãƒ«ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -1053,12 +754,12 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1067,15 +768,14 @@ NVIDIA ビデオドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </tr> <tr> <td>CVE-2015-8967</td> - <td>A-31703084<br> + <td>A-31703084<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixel Cã€Pixelã€Pixel XL</td> <td>2015 å¹´ 1 月 8 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-htc-sound-codec-driver">HTC サウンド コーデック ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -1083,12 +783,12 @@ HTC サウンド コーデック ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1116,7 +816,7 @@ HTC サウンド コーデック ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚ <td>Nexus 9</td> <td>2016 å¹´ 8 月 30 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1127,12 +827,12 @@ MediaTek ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1141,64 +841,63 @@ MediaTek ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚ </tr> <tr> <td>CVE-2016-6492</td> - <td>A-28175122<br>MT-ALPS02696413</td> + <td>A-28175122<br />MT-ALPS02696413</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> <tr> <td>CVE-2016-6781</td> - <td>A-31095175<br>MT-ALPS02943455</td> + <td>A-31095175<br />MT-ALPS02943455</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 8 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-6782</td> - <td>A-31224389<br>MT-ALPS02943506</td> + <td>A-31224389<br />MT-ALPS02943506</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 8 月 24 æ—¥</td> </tr> <tr> <td>CVE-2016-6783</td> - <td>A-31350044<br>MT-ALPS02943437</td> + <td>A-31350044<br />MT-ALPS02943437</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 9 月 6 æ—¥</td> </tr> <tr> <td>CVE-2016-6784</td> - <td>A-31350755<br>MT-ALPS02961424</td> + <td>A-31350755<br />MT-ALPS02961424</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 9 月 6 æ—¥</td> </tr> <tr> <td>CVE-2016-6785</td> - <td>A-31748056<br>MT-ALPS02961400</td> + <td>A-31748056<br />MT-ALPS02961400</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 9 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p> * Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </p> - <h3 id="eop-in-qualcomm-media-codecs">Qualcomm メディア コーデックã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> Qualcomm メディア コーデックã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティã®ã‚¢ãƒ—リãŒé€šå¸¸ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„権é™ã«æ˜‡æ ¼ã—ã¦ãƒãƒ¼ã‚«ãƒ«ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ã®ã§ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1208,7 +907,7 @@ Qualcomm メディア コーデックã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã <tr> <td>CVE-2016-6761</td> <td>A-29421682* - <br>QC-CR#1055792</td> + <br />QC-CR#1055792</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 16 æ—¥</td> @@ -1216,7 +915,7 @@ Qualcomm メディア コーデックã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã <tr> <td>CVE-2016-6760</td> <td>A-29617572* - <br>QC-CR#1055783</td> + <br />QC-CR#1055783</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 23 æ—¥</td> @@ -1224,7 +923,7 @@ Qualcomm メディア コーデックã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã <tr> <td>CVE-2016-6759</td> <td>A-29982686* - <br>QC-CR#1055766</td> + <br />QC-CR#1055766</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 4 æ—¥</td> @@ -1232,12 +931,12 @@ Qualcomm メディア コーデックã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã <tr> <td>CVE-2016-6758</td> <td>A-30148882* - <br>QC-CR#1071731</td> + <br />QC-CR#1071731</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1248,12 +947,12 @@ Qualcomm カメラドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1262,15 +961,14 @@ Qualcomm カメラドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ </tr> <tr> <td>CVE-2016-6755</td> - <td>A-30740545<br> + <td>A-30740545<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> QC-CR#1065916</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 3 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-performance-subsystem">カーãƒãƒ« パフォーマンス サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -1278,12 +976,12 @@ QC-CR#1065916</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1306,8 +1004,7 @@ QC-CR#1065916</a></td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 22 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -1315,12 +1012,12 @@ MediaTek I2C ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1329,29 +1026,28 @@ MediaTek I2C ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã </tr> <tr> <td>CVE-2016-6788</td> - <td>A-31224428<br>MT-ALPS02943467</td> + <td>A-31224428<br />MT-ALPS02943467</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 8 月 24 æ—¥</td> </tr> -</table> +</tbody></table> <p> * Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </p> - <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx ライブラリã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> NVIDIA libomx ライブラリ(libnvomx)ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティã®ã‚¢ãƒ—リãŒé€šå¸¸ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„権é™ã«æ˜‡æ ¼ã—ã¦ãƒãƒ¼ã‚«ãƒ«ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ã®ã§ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1361,7 +1057,7 @@ NVIDIA libomx ライブラリ(libnvomx)ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ã <tr> <td>CVE-2016-6789</td> <td>A-31251973* - <br>N-CVE-2016-6789</td> + <br />N-CVE-2016-6789</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 29 æ—¥</td> @@ -1369,12 +1065,12 @@ NVIDIA libomx ライブラリ(libnvomx)ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ã <tr> <td>CVE-2016-6790</td> <td>A-31251628* - <br>N-CVE-2016-6790</td> + <br />N-CVE-2016-6790</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1385,12 +1081,12 @@ Qualcomm サウンド ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1399,7 +1095,7 @@ Qualcomm サウンド ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </tr> <tr> <td>CVE-2016-6791</td> - <td>A-31252384<br> + <td>A-31252384<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1071809</a></td> <td>高</td> @@ -1408,7 +1104,7 @@ QC-CR#1071809</a></td> </tr> <tr> <td>CVE-2016-8391</td> - <td>A-31253255<br> + <td>A-31253255<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1072166</a></td> <td>高</td> @@ -1417,15 +1113,14 @@ QC-CR#1072166</a></td> </tr> <tr> <td>CVE-2016-8392</td> - <td>A-31385862<br> + <td>A-31385862<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1073136</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-security-subsystem">カーãƒãƒ« ã‚»ã‚ュリティ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -1433,12 +1128,12 @@ QC-CR#1073136</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1447,15 +1142,14 @@ QC-CR#1073136</a></td> </tr> <tr> <td>CVE-2015-7872</td> - <td>A-31253168<br> + <td>A-31253168<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 31 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p> @@ -1463,12 +1157,12 @@ Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1489,7 +1183,7 @@ Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ <td>Nexus 9ã€Android One</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1500,12 +1194,12 @@ Broadcom Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1514,35 +1208,34 @@ Broadcom Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </tr> <tr> <td>CVE-2014-9909</td> - <td>A-31676542<br>B-RB#26684</td> + <td>A-31676542<br />B-RB#26684</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 9 月 21 æ—¥</td> </tr> <tr> <td>CVE-2014-9910</td> - <td>A-31746399<br>B-RB#26710</td> + <td>A-31746399<br />B-RB#26710</td> <td>高</td> <td>ãªã—*</td> <td>2016 å¹´ 9 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p> * Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </p> - <h3 id="id-in-mediatek-video-driver">MediaTek ビデオドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>MediaTek ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«ã€æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1556,24 +1249,23 @@ Broadcom Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã <td>ãªã—*</td> <td>2016 å¹´ 8 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p> * Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。 </p> - <h3 id="id-in-nvidia-video-driver">NVIDIA ビデオドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p> NVIDIA ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«ã€æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1582,13 +1274,13 @@ NVIDIA ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </tr> <tr> <td>CVE-2016-8397</td> - <td>A-31385953*<br> + <td>A-31385953*<br /> N-CVE-2016-8397</td> <td>高</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1599,12 +1291,12 @@ Qualcomm GPS コンãƒãƒ¼ãƒãƒ³ãƒˆã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1618,7 +1310,7 @@ Qualcomm GPS コンãƒãƒ¼ãƒãƒ³ãƒˆã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã <td>Nexus 6ã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1629,12 +1321,12 @@ NVIDIA カメラドライãƒã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1644,12 +1336,12 @@ NVIDIA カメラドライãƒã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ <tr> <td>CVE-2016-8395</td> <td>A-31403040* - <br>N-CVE-2016-8395</td> + <br />N-CVE-2016-8395</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 9 月 9 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1660,12 +1352,12 @@ NVIDIA カメラドライãƒã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1679,7 +1371,7 @@ NVIDIA カメラドライãƒã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1690,12 +1382,12 @@ NVIDIA カメラドライãƒã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1704,7 +1396,7 @@ NVIDIA カメラドライãƒã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </tr> <tr> <td>CVE-2016-6756</td> - <td>A-29464815<br> + <td>A-29464815<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> QC-CR#1042068</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> @@ -1714,15 +1406,14 @@ NVIDIA カメラドライãƒã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </tr> <tr> <td>CVE-2016-6757</td> - <td>A-30148242<br> + <td>A-30148242<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> QC-CR#1052821</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 13 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-librm-library">NVIDIA librm ライブラリã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p> @@ -1730,12 +1421,12 @@ NVIDIA librm ライブラリ(libnvrm)ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚る㟠</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1745,12 +1436,12 @@ NVIDIA librm ライブラリ(libnvrm)ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚る㟠<tr> <td>CVE-2016-8400</td> <td>A-31251599* - <br>N-CVE-2016-8400</td> + <br />N-CVE-2016-8400</td> <td>ä¸</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1761,12 +1452,12 @@ NVIDIA librm ライブラリ(libnvrm)ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚る㟠</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1822,7 +1513,7 @@ NVIDIA librm ライブラリ(libnvrm)ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚る㟠<td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1833,12 +1524,12 @@ NVIDIA ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1848,7 +1539,7 @@ NVIDIA ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã <tr> <td>CVE-2016-8408</td> <td>A-31496571* - <br>N-CVE-2016-8408</td> + <br />N-CVE-2016-8408</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> @@ -1856,12 +1547,12 @@ NVIDIA ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã <tr> <td>CVE-2016-8409</td> <td>A-31495687* - <br>N-CVE-2016-8409</td> + <br />N-CVE-2016-8409</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p> * ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ </p> @@ -1872,12 +1563,12 @@ Qualcomm サウンド ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1886,25 +1577,25 @@ Qualcomm サウンド ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ </tr> <tr> <td>CVE-2016-8410</td> - <td>A-31498403<br> + <td>A-31498403<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> QC-CR#987010</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android One</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</h2> <p> 上記ã®å…¬é–‹æƒ…å ±ã«å¯¾ã™ã‚‹ä¸€èˆ¬çš„ãªè³ªå•ã«ã¤ã„ã¦ã€ä»¥ä¸‹ã§å›žç”ã—ã¾ã™ã€‚ </p> <p> -<strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’ã©ã®ã‚ˆã†ã«åˆ¤æ–ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ +<strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’確ã‹ã‚ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ </strong> </p> <p> -端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。 +端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。 </p> <ul> <li>ã‚»ã‚ュリティ パッムレベル 2016-12-01 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル 2016-12-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚</li> @@ -1933,22 +1624,22 @@ QC-CR#987010</a></td> <strong>3. å„å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ Google 端末を判æ–ã™ã‚‹ã«ã¯ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong> </p> <p> -<a href="#2016-12-01-details">2016-12-01</a> 㨠<a href="#2016-12-05-details">2016-12-05</a> ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã«é–¢ã™ã‚‹ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã§ã€å„表ä¸ã®ã€Œ<em>更新対象㮠Google 端末</em>ã€åˆ—ã«ã€ãã®å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã®ç¨®é¡žãŒè¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®åˆ—ã®è¨˜è¼‰ã¯æ¬¡ã®ã„ãšã‚Œã‹ã§ã™ã€‚ +<a href="#2016-12-01-details">2016-12-01</a> 㨠<a href="#2016-12-05-details">2016-12-05</a> ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã«é–¢ã™ã‚‹ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã§ã€å„表ä¸ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã€ãã®å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã®ç¨®é¡žã‚’記載ã—ã¦ã„ã¾ã™ã€‚ã“ã®åˆ—ã®è¨˜è¼‰ã¯æ¬¡ã®ã„ãšã‚Œã‹ã§ã™ã€‚ </p> <ul> - <li><strong>ã™ã¹ã¦ã® Google 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã®ç«¯æœ«ã¨ Pixel 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œ<em>更新対象㮠Google 端末</em>ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚「ã™ã¹ã¦ã€ã«ã¯<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サãƒãƒ¼ãƒˆå¯¾è±¡ã®ç«¯æœ«</a>(Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL)ãŒå«ã¾ã‚Œã¾ã™ã€‚</li> - <li><strong>一部㮠Google 端末</strong>: å•é¡ŒãŒä¸€éƒ¨ã® Google 端末ã®ã¿ã«å½±éŸ¿ã™ã‚‹å ´åˆã€ã€Œ<em>更新対象㮠Google 端末</em>ã€åˆ—ã«ã¯å½±éŸ¿ã‚’å—ã‘ã‚‹ Google 端末ãŒè¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> - <li><strong>影響をå—ã‘ã‚‹ Google 端末ãŒãªã„</strong>: Android 7.0 ã‚’æ載ã—㟠Google 端末ãŒå•é¡Œã®å½±éŸ¿ã‚’å—ã‘ãªã„å ´åˆã€è¡¨ã®ã€Œ<em>更新対象㮠Google 端末</em>ã€åˆ—ã«ã¯ã€Œãªã—ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> + <li><strong>ã™ã¹ã¦ã® Google 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã®ç«¯æœ«ã¨ Pixel 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚「ã™ã¹ã¦ã€ã«ã¯<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サãƒãƒ¼ãƒˆå¯¾è±¡ã®ç«¯æœ«</a>(Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL)ãŒå«ã¾ã‚Œã¾ã™ã€‚</li> + <li><strong>一部㮠Google 端末</strong>: å•é¡ŒãŒä¸€éƒ¨ã® Google 端末ã®ã¿ã«å½±éŸ¿ã™ã‚‹å ´åˆã€ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯å½±éŸ¿ã‚’å—ã‘ã‚‹ Google 端末ãŒè¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> + <li><strong>影響をå—ã‘ã‚‹ Google 端末ãŒãªã„</strong>: Android 7.0 ã‚’æ載ã—㟠Google 端末ãŒå•é¡Œã®å½±éŸ¿ã‚’å—ã‘ãªã„å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œãªã—ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> </ul> <p> -<strong>4. +<strong>4. 「å‚ç…§ã€åˆ—ã®é …ç›®ã¯ã©ã®ã‚ˆã†ãªæƒ…å ±ã«é–¢é€£ä»˜ã‘られã¦ã„ã¾ã™ã‹ï¼Ÿ</strong> </p> <p> 脆弱性ã®è©³ç´°ã®è¡¨ã§ã€Œå‚ç…§ã€åˆ—ã«è¨˜è¼‰ã—ãŸå†…容ã«ã¯ã€ãã®å‚照番å·ãŒå±žã™çµ„織を示ã™æŽ¥é 辞をå«ã‚ã¦ã„ã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚<em></em>å„接é 辞ã®æ„味ã¯ä»¥ä¸‹ã®ã¨ãŠã‚Šã§ã™ã€‚ </p> <table> - <tr> + <tbody><tr> <th>接é 辞</th> <th>å‚ç…§</th> </tr> @@ -1972,12 +1663,12 @@ QC-CR#987010</a></td> <td>B-</td> <td>Broadcom ã®å‚照番å·</td> </tr> -</table> +</tbody></table> <h2 id="revisions">改訂</h2> <ul> <li>2016 å¹´ 12 月 5 æ—¥: æƒ…å ±å…¬é–‹</li> - <li>2016 å¹´ 12 月 7 æ—¥: æƒ…å ±å…¬é–‹ã‚’æ”¹è¨‚ã—㦠AOSP ã®ãƒªãƒ³ã‚¯ã‚’è¿½åŠ ã€CVE-2016-6915ã€CVE-2016-6916ã€CVE-2016-6917 ã®å¸°å±žã‚’æ›´æ–°</li> + <li>2016 å¹´ 12 月 7 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ã®ãƒªãƒ³ã‚¯ã‚’è¿½åŠ ã€CVE-2016-6915ã€CVE-2016-6916ã€CVE-2016-6917 ã®å¸°å±žã‚’æ›´æ–°</li> + <li>2016 å¹´ 12 月 21 æ—¥: CVE-2016-8411 ã®èª¬æ˜ŽãŠã‚ˆã³ä¸€èˆ¬çš„ãªè³ªå•ã¨å›žç”ã«ã‚ã£ãŸèª¤å—脱å—ã‚’ä¿®æ£</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ja/security/bulletin/2017-03-01.html b/ja/security/bulletin/2017-03-01.html index 811b53d4..3474442c 100644 --- a/ja/security/bulletin/2017-03-01.html +++ b/ja/security/bulletin/2017-03-01.html @@ -1,30 +1,30 @@ -<html devsite> - <head> - <title>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ± - 2017 å¹´ 3 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> +<html devsite><head> + <title>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ± - 2017 å¹´ 3 月</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- - Copyright 2017 The Android Open Source Project + Copyright 2017 The Android Open Source Project - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. --> + <p><em>2017 å¹´ 3 月 6 日公開 | 2017 å¹´ 3 月 7 日更新</em></p> -<p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Google 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§ãƒªãƒªãƒ¼ã‚¹ã—ã¦ã„ã¾ã™ã€‚2017 å¹´ 3 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。</p> -<p>パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2017 å¹´ 2 月 6 æ—¥ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)レãƒã‚¸ãƒˆãƒªã«ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã‚’リリースã—ã¦ã„ã¾ã™ã€‚ã“ã®å…¬é–‹æƒ…å ±ã«ã¯ AOSP 以外ã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã‚‚掲載ã—ã¦ã„ã¾ã™ã€‚</p> -<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚</p> -<p>ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="{@docRoot}security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="#mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã«ã‚ˆã‚Šã€Android プラットフォームã®ã‚»ã‚ュリティãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚</p> +<p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Google 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§ãƒªãƒªãƒ¼ã‚¹ã—ã¦ã„ã¾ã™ã€‚2017 å¹´ 3 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。</p> +<p>パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2017 å¹´ 2 月 6 æ—¥ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)レãƒã‚¸ãƒˆãƒªã«ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã‚’リリースã—ã¦ã„ã¾ã™ã€‚AOSP 以外ã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã‚‚掲載ã—ã¦ã„ã¾ã™ã€‚</p> +<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã¾ãŸã¯ä¸æ£ãªå›žé¿ã«ã‚ˆã‚Šç„¡åŠ¹ã¨ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> +<p>ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="#mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã«ã‚ˆã‚Šã€Android プラットフォームã®ã‚»ã‚ュリティãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚</p> <p>ã”利用ã®ç«¯æœ«ã§ä¸Šè¨˜ã®æ›´æ–°ã‚’è¡Œã†ã“ã¨ã‚’ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ãŠã™ã™ã‚ã—ã¾ã™ã€‚</p> <h2 id="announcements">ãŠçŸ¥ã‚‰ã›</h2> <ul> @@ -36,413 +36,33 @@ </li> <li>サãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ã¯ã€2017 å¹´ 3 月 5 æ—¥ã®ã‚»ã‚ュリティ パッムレベルã®ã‚¢ãƒƒãƒ—デート 1 件㌠OTA ã§é…ä¿¡ã•ã‚Œã¾ã™ã€‚</li> </ul> -<h2 id="security-vulnerability-summary">ã‚»ã‚ュリティã®è„†å¼±æ€§ã®æ¦‚è¦</h2> -<p>下記ã®è¡¨ã«ã€ã‚»ã‚ュリティã®è„†å¼±æ€§ã€ãã®å…±é€šè„†å¼±æ€§è˜åˆ¥å(CVE)ã€é‡å¤§åº¦ã®åˆ¤å®šã€Google 端末ã¸ã®å½±éŸ¿ãŒã‚ã‚‹ã‹ã©ã†ã‹ã®ä¸€è¦§ã‚’示ã—ã¾ã™ã€‚<a href="{@docRoot}security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®åˆ¤å®š</a>ã¯ã€æ”»æ’ƒã‚’å—ã‘ãŸç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã§ç„¡åŠ¹ã«ã•ã‚Œã‚‹ã‹ä¸æ£ã«å›žé¿ã•ã‚ŒãŸå ´åˆã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> -<h3 id="2017-03-01-summary">ã‚»ã‚ュリティ パッムレベル 2017-03-01 ã®è„†å¼±æ€§ã®æ¦‚è¦</h3> -<p>ã‚»ã‚ュリティ パッムレベル 2017-03-01 以é™ã§ã¯ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>é‡å¤§åº¦</th> - <th>Google 端末ã¸ã®å½±éŸ¿</th> - </tr> - <tr> - <td>OpenSSL 㨠BoringSSL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2016-2182</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0474</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>リカãƒãƒª ベリファイアã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0475</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>AOSP メッセージã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2017-0476</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>libgdx ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2017-0477</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Framesequence ライブラリã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</td> - <td>CVE-2017-0478</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0481</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>オーディオサーãƒãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0479ã€CVE-2017-0480</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2017-0482ã€CVE-2017-0483ã€CVE-2017-0484ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0488</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>ãƒã‚±ãƒ¼ã‚·ãƒ§ãƒ³ マãƒãƒ¼ã‚¸ãƒ£ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0489</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Wi-Fi ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0490</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>パッケージ マãƒãƒ¼ã‚¸ãƒ£ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0491</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>システムUI ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0492</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>AOSP メッセージã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0494</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0495</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>セットアップ ウィザードã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2017-0496</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2017-0497</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>セットアップ ウィザードã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2017-0498</td> - <td>ä¸</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>オーディオサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2017-0499</td> - <td>低</td> - <td>ã‚ã‚Š</td> - </tr> -</table> -<p>* Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> -<h3 id="2017-03-05-summary">ã‚»ã‚ュリティ パッムレベル 2017-03-05 ã®è„†å¼±æ€§ã®æ¦‚è¦</h3> -<p>ã‚»ã‚ュリティ パッムレベル 2017-03-05 以é™ã§ã¯ã€2017-03-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«åŠ ãˆã¦ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>é‡å¤§åº¦</th> - <th>Google 端末ã¸ã®å½±éŸ¿</th> - </tr> - <tr> - <td>MediaTek コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0504ã€CVE-2017-0505ã€CVE-2017-0506</td> - <td>é‡å¤§</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>NVIDIA GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0337ã€CVE-2017-0338ã€CVE-2017-0333ã€CVE-2017-0306ã€CVE-2017-0335</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ION サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0507ã€CVE-2017-0508</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Broadcom Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0509</td> - <td>é‡å¤§</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>カーãƒãƒ« FIQ デãƒãƒƒã‚¬ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0510</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-8479</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-9806ã€CVE-2016-10200</td> - <td>é‡å¤§</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®è„†å¼±æ€§</td> - <td>CVE-2016-8484ã€CVE-2016-8485ã€CVE-2016-8486ã€CVE-2016-8487ã€CVE-2016-8488</td> - <td>é‡å¤§</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-8655ã€CVE-2016-9793</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm 入力ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0516</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ センサー ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0517</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>Qualcomm ADSPRPC ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0457</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm 指紋èªè¨¼ã‚»ãƒ³ã‚µãƒ¼ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0518ã€CVE-2017-0519</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm crypto エンジン ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0520</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0458ã€CVE-2017-0521</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek APK ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0522</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0464ã€CVE-2017-0453ã€CVE-2017-0523</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0524</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm IPA ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0456ã€CVE-2017-0525</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>HTC センサーãƒãƒ– ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0526ã€CVE-2017-0527</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0307</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>Qualcomm ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0463ã€CVE-2017-0460</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« ã‚»ã‚ュリティ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2017-0528</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm SPCom ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</td> - <td>CVE-2016-5856ã€CVE-2016-5857</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2014-8709</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0529</td> - <td>高</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0455</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm é›»æºãƒ‰ãƒ©ã‚¤ãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8483</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>NVIDIA GPU ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0334ã€CVE-2017-0336</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ«æš—å·åŒ–サブシステムã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</td> - <td>CVE-2016-8650</td> - <td>高</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</td> - <td>CVE-2016-8417</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0461ã€CVE-2017-0459ã€CVE-2017-0531</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>MediaTek ビデオ コーデック ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0532</td> - <td>ä¸</td> - <td>ãªã—*</td> - </tr> - <tr> - <td>Qualcomm ビデオドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0533ã€CVE-2017-0534ã€CVE-2016-8416ã€CVE-2016-8478</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2016-8413ã€CVE-2016-8477</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>HTC サウンド コーデック ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0535</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0536</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>カーãƒãƒ« USB ガジェット ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0537</td> - <td>ä¸</td> - <td>ã‚ã‚Š</td> - </tr> - <tr> - <td>Qualcomm カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</td> - <td>CVE-2017-0452</td> - <td>低</td> - <td>ã‚ã‚Š</td> - </tr> -</table> -<p>* Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> <h2 id="mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</h2> -<p>ã“ã“ã§ã¯ã€<a href="{@docRoot}security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>㨠SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã®è»½æ¸›ã«ã¤ã„ã¦æ¦‚説ã—ã¾ã™ã€‚ã“ã†ã—ãŸæ©Ÿèƒ½ã¯ã€Android ã§ã‚»ã‚ュリティã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’減らã—ã¾ã™ã€‚</p> +<p>ã“ã“ã§ã¯ã€<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>㨠SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã®è»½æ¸›ã«ã¤ã„ã¦æ¦‚説ã—ã¾ã™ã€‚ã“ã†ã—ãŸæ©Ÿèƒ½ã¯ã€Android ã§ã‚»ã‚ュリティã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’減らã—ã¾ã™ã€‚</p> <ul> <li>Android プラットフォームã®æœ€æ–°ç‰ˆã§ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Android 上ã®å¤šãã®å•é¡Œã«ã¤ã„ã¦æ‚ªç”¨ãŒå›°é›£ã«ãªã‚Šã¾ã™ã€‚Google ã§ã¯ã€ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã€ã§ãã‚‹é™ã‚Šæœ€æ–°ç‰ˆã® Android ã«æ›´æ–°ã™ã‚‹ã“ã¨ã‚’ãŠã™ã™ã‚ã—ã¦ã„ã¾ã™ã€‚</li> <li>Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">「アプリã®ç¢ºèªã€ã‚„ SafetyNet</a> ã«ã‚ˆã£ã¦è„†å¼±æ€§ã®æ‚ªç”¨ã‚’ç©æ¥µçš„ã«ç›£è¦–ã—ã¦ãŠã‚Šã€<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">有害ãªãŠãã‚Œã®ã‚るアプリ</a>ã«ã¤ã„ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¦ã„ã¾ã™ã€‚「アプリã®ç¢ºèªã€ã¯ã€<a href="http://www.android.com/gms">Google モãƒã‚¤ãƒ« サービス</a>ã‚’æ載ã—ãŸç«¯æœ«ã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ãŠã‚Šã€Google Play 以外ã‹ã‚‰ã‚¢ãƒ—リをインストールã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦ã¯ç‰¹ã«é‡è¦ã§ã™ã€‚端末ã®ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹ãƒ„ール㯠Google Play ã§ã¯ç¦æ¢ã•ã‚Œã¦ã„ã¾ã™ãŒã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€ã‚¢ãƒ—リã®å…¥æ‰‹å…ƒã«ã‹ã‹ã‚らãšã€ãƒ«ãƒ¼ãƒˆæ¨©é™å–得アプリを検出ã—ã€ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—よã†ã¨ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¾ã™ã€‚ã¾ãŸã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€æ‚ªæ„ã®ã‚る既知ã®ã‚¢ãƒ—リã§æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œãªã„よã†ã«ã€ãã®ã‚ˆã†ãªã‚¢ãƒ—リã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã‚’見ã¤ã‘ã¦é˜»æ¢ã—ã¾ã™ã€‚ã“ã†ã—ãŸã‚¢ãƒ—リãŒã™ã§ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é€šçŸ¥ã—ã¦ã€æ¤œå‡ºã•ã‚ŒãŸã‚¢ãƒ—リã®å‰Šé™¤ã‚’試ã¿ã¾ã™ã€‚</li> -<li>Google ãƒãƒ³ã‚°ã‚¢ã‚¦ãƒˆã‚„メッセンジャーã®ã‚¢ãƒ—リã§ã¯çŠ¶æ³ã‚’判æ–ã—ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ãªã©ã®ãƒ—ãƒã‚»ã‚¹ã«è‡ªå‹•çš„ã«ãƒ¡ãƒ‡ã‚£ã‚¢ã‚’渡ã™ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</li> +<li>Google ãƒãƒ³ã‚°ã‚¢ã‚¦ãƒˆã‚„メッセンジャーãªã©ã®ã‚¢ãƒ—リã§ã¯çŠ¶æ³ã‚’é©å®œåˆ¤æ–ã—ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ãªã©ã®ãƒ—ãƒã‚»ã‚¹ã«è‡ªå‹•çš„ã«ãƒ¡ãƒ‡ã‚£ã‚¢ã‚’渡ã™ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</li> </ul> <h2 id="acknowledgements">è¬è¾ž</h2> <p>調査ã«ã”å”力ãã ã•ã£ãŸä¸‹è¨˜ã®çš†æ§˜æ–¹ã«æ„Ÿè¬ã„ãŸã—ã¾ã™ï¼ˆæ•¬ç§°ç•¥ï¼‰ã€‚</p> <ul> -<li>Google Dynamic Tools ãƒãƒ¼ãƒ ã® Alexander Potapenko: CVE-2017-0537<li>Alibaba Mobile Security Group ã® Baozeng Dingã€Chengming Yangã€Peng Xiaoã€Yang Song: CVE-2017-0506<li>Alibaba Mobile Security Group ã® Baozeng Dingã€Ning Youã€Chengming Yangã€Peng Xiaoã€Yang Song: CVE-2017-0463<li>Android Security ã® Billy Lau: CVE-2017-0335ã€CVE-2017-0336ã€CVE-2017-0338ã€CVE-2017-0460<li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2016-8413ã€CVE-2016-8477ã€CVE-2017-0531<li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>)ã€<a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0521<li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2017-0334ã€CVE-2017-0456ã€CVE-2017-0457ã€CVE-2017-0525<li><a href="http://www.ms509.com">MS509Team</a> ã® En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)ã€Bo Liu: CVE-2017-0490<li>Qihoo 360 Technology Co. Ltd. ã® IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0509ã€CVE-2017-0524ã€CVE-2017-0529ã€CVE-2017-0536<li>Qihoo 360 Technology Co. Ltd. ã® Alpha Team ã® Hao Chenã€Guang Gong: CVE-2017-0453ã€CVE-2017-0461ã€CVE-2017-0464<li>Sony Mobile Communications Inc. ã® Hiroki Yamamotoã€Fang Chen: CVE-2017-0481<li>IBM Security X-Force Researcher ã® Sagi Kedmiã€Roee Hay: CVE-2017-0510<li><a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a> ã® Jianjun Dai(<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>): CVE-2017-0478<li>Qihoo 360 IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8416ã€CVE-2016-8478ã€CVE-2017-0458ã€CVE-2017-0459ã€CVE-2017-0518ã€CVE-2017-0519ã€CVE-2017-0533ã€CVE-2017-0534<li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Xuxian Jiang: CVE-2016-8479<li>Google ã®å¤§è²«èª : CVE-2017-0491<li><a href="http://c0reteam.org">C0RE Team</a> ã® Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€<a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>ã€Xuxian Jiang: CVE-2017-0479ã€CVE-2017-0480<li>Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0535<li>Tesla Motors Product Security Team ã® Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0306<li>Baidu X-Lab(百度安全实验室)㮠Pengfei Ding(ä¸é¹é£žï¼‰ã€Chenfu Bao(包沉浮)ã€Lenx Wei(韦韬): CVE-2016-8417<li>Tencent KeenLab ã® Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2017-0337ã€CVE-2017-0476<li>Qihoo 360 ã® Qing Zhangã€Singapore Institute of Technology(SIT)㮠Guangdong Bai: CVE-2017-0496<li>Ant-financial Light-Year Security Lab(蚂èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤ï¼‰ã® Quheã€wanchouchou: CVE-2017-0522<li>DarkMatter Secure Communications ã® <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a>: CVE-2017-0528<li>UC Santa Barbara Shellphish Grill Team ã® salls(<a href="https://twitter.com/chris_salls">@chris_salls</a>): CVE-2017-0505<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0504ã€CVE-2017-0516<li>Sean Beaupre(beaups): CVE-2017-0455<li>Trend Micro ã® Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2017-0452<li>Fujitsu ã® Shinichi Matsumoto: CVE-2017-0498<li><a href="http://www.byterev.com">ByteRev</a> ã® <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>: CVE-2017-0489<li>Google ã® Svetoslav Ganov: CVE-2017-0492<li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Xuxian Jiang: CVE-2017-0333<li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a> ã® V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0482ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0494ã€CVE-2017-0495<li>Ant-financial Light-Year Security Lab(蚂èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤ï¼‰ã® Wish Wu(å´æ½æµ æ¤å½¼ï¼‰ï¼ˆ<a href="https://twitter.com/wish_wu">@wish_wu</a>): CVE-2017-0477<li>Qihoo 360 Technology Co. Ltd ã® Vulpecker Team ã® Yu Pan: CVE-2017-0517ã€CVE-2017-0532<li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Xuxian Jiang: CVE-2017-0526ã€CVE-2017-0527<li><a href="http://c0reteam.org">C0RE Team</a> ã® Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>)ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>ã€Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Xuxian Jiang: CVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> +<li>Google Dynamic Tools ãƒãƒ¼ãƒ ã® Alexander Potapenko: CVE-2017-0537</li><li>Alibaba Mobile Security Group ã® Baozeng Dingã€Chengming Yangã€Peng Xiaoã€Yang Song: CVE-2017-0506</li><li>Alibaba Mobile Security Group ã® Baozeng Dingã€Ning Youã€Chengming Yangã€Peng Xiaoã€Yang Song: CVE-2017-0463</li><li>Android Security ã® Billy Lau: CVE-2017-0335ã€CVE-2017-0336ã€CVE-2017-0338ã€CVE-2017-0460</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2016-8413ã€CVE-2016-8477ã€CVE-2017-0531</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>)ã€<a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0521</li><li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)㮠Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2017-0334ã€CVE-2017-0456ã€CVE-2017-0457ã€CVE-2017-0525</li><li><a href="http://www.ms509.com">MS509Team</a> ã® En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)ã€Bo Liu: CVE-2017-0490</li><li>Qihoo 360 Technology Co. Ltd. IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0509ã€CVE-2017-0524ã€CVE-2017-0529ã€CVE-2017-0536</li><li>Qihoo 360 Technology Co. Ltd. ã® Alpha Team ã® Hao Chenã€Guang Gong: CVE-2017-0453ã€CVE-2017-0461ã€CVE-2017-0464</li><li>Sony Mobile Communications Inc. ã® Hiroki Yamamotoã€Fang Chen: CVE-2017-0481</li><li>IBM Security X-Force Researcher ã® Sagi Kedmiã€Roee Hay: CVE-2017-0510</li><li><a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a> ã® Jianjun Dai(<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>): CVE-2017-0478</li><li>Qihoo 360 IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8416ã€CVE-2016-8478ã€CVE-2017-0458ã€CVE-2017-0459ã€CVE-2017-0518ã€CVE-2017-0519ã€CVE-2017-0533ã€CVE-2017-0534</li><li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Xuxian Jiang: CVE-2016-8479</li><li>Google ã®å¤§è²«èª : CVE-2017-0491</li><li><a href="http://c0reteam.org">C0RE Team</a> ã® Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€<a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>ã€Xuxian Jiang: CVE-2017-0479ã€CVE-2017-0480</li><li>Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0535</li><li>Tesla Motors Product Security Team ã® Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0306</li><li>Baidu X-Lab(百度安全实验室)㮠Pengfei Ding(ä¸é¹é£žï¼‰ã€Chenfu Bao(包沉浮)ã€Lenx Wei(韦韬): CVE-2016-8417</li><li>Tencent KeenLab ã® Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2017-0337ã€CVE-2017-0476</li><li>Qihoo 360 ã® Qing Zhangã€Singapore Institute of Technology(SIT)㮠Guangdong Bai: CVE-2017-0496</li><li>Ant-financial Light-Year Security Lab(蚂èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤ï¼‰ã® Quheã€wanchouchou: CVE-2017-0522</li><li>DarkMatter Secure Communications ã® <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a>: CVE-2017-0528</li><li>UC Santa Barbara Shellphish Grill Team ã® salls(<a href="https://twitter.com/chris_salls">@chris_salls</a>): CVE-2017-0505</li><li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0504ã€CVE-2017-0516</li><li>Sean Beaupre(beaups): CVE-2017-0455</li><li>Trend Micro ã® Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2017-0452</li><li>Fujitsu ã® Shinichi Matsumoto: CVE-2017-0498</li><li><a href="http://www.byterev.com">ByteRev</a> ã® <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>: CVE-2017-0489</li><li>Google ã® Svetoslav Ganov: CVE-2017-0492</li><li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Xuxian Jiang: CVE-2017-0333</li><li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a> ã® V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0482ã€CVE-2017-0484ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0494ã€CVE-2017-0495</li><li>Ant-financial Light-Year Security Lab(蚂èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤ï¼‰ã® Wish Wu(å´æ½æµ æ¤å½¼ï¼‰ï¼ˆ<a href="https://twitter.com/wish_wu">@wish_wu</a>): CVE-2017-0477</li><li>Qihoo 360 Technology Co. Ltd ã® Vulpecker Team ã® Yu Pan: CVE-2017-0517ã€CVE-2017-0532</li><li><a href="http://c0reteam.org">C0RE Team</a> ã® <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Xuxian Jiang: CVE-2017-0526ã€CVE-2017-0527</li><li><a href="http://c0reteam.org">C0RE Team</a> ã® Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>)ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>ã€Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Xuxian Jiang: CVE-2017-0483</li> +<li>Qihoo 360 Technology Co. Ltd. Chengdu Security Response Center ã® Zinuo Han(<a href="https://weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>): CVE-2017-0475ã€CVE-2017-0497</li></ul> <h2 id="2017-03-01-details">ã‚»ã‚ュリティ パッムレベル 2017-03-01 ã®è„†å¼±æ€§ã®è©³ç´°</h2> -<p>上記ã®<a href="#2017-03-01-summary">ã‚»ã‚ュリティ パッムレベル 2017-03-01 ã®è„†å¼±æ€§ã®æ¦‚è¦</a>ã§ä¸€è¦§ã«æŒ™ã’ãŸå„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> - +<p>パッãƒãƒ¬ãƒ™ãƒ« 2017-03-01 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> -<h3 id="rce-in-openssl-&-boringssl">OpenSSL 㨠BoringSSL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> +<h3 id="rce-in-openssl-&-boringssl">OpenSSL 㨠BoringSSL ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p>OpenSSL 㨠BoringSSL ã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ãƒ•ã‚¡ã‚¤ãƒ«ã‚„データã®å‡¦ç†ä¸ã«ãƒ¡ãƒ¢ãƒªç ´å£Šã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚特権プãƒã‚»ã‚¹ã«ãŠã„ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯é‡å¤§ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -459,20 +79,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 8 月 5 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-mediaserver-">メディアサーãƒãƒ¼ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p>メディアサーãƒãƒ¼ã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルやデータã®å‡¦ç†ä¸ã«ãƒ¡ãƒ¢ãƒªç ´å£Šã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚メディアサーãƒãƒ¼ã®ãƒ—ãƒã‚»ã‚¹ã«ãŠã„ã¦ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -564,19 +183,19 @@ <td>7.0ã€7.1.1</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-recovery-verifier">リカãƒãƒª ベリファイアã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>リカãƒãƒª ベリファイアã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -593,20 +212,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 10 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-aosp-messaging">AOSP メッセージã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p>AOSP メッセージã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルやデータã®å‡¦ç†ä¸ã«ãƒ¡ãƒ¢ãƒªç ´å£Šã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚権é™ã®ãªã„プãƒã‚»ã‚¹å†…ã§ãƒªãƒ¢ãƒ¼ãƒˆã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -623,20 +241,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 6 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-libgdx">libgdx ã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p>libgdx ã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€æ¨©é™ã®ãªã„プãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ã‚’実行ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ã“ã®ãƒ©ã‚¤ãƒ–ラリを使用ã™ã‚‹ã‚¢ãƒ—リã§ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -653,20 +270,19 @@ <td>7.1.1</td> <td>2016 å¹´ 12 月 14 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-framesequence-library">Framesequence ライブラリã§ã®ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§</h3> <p>Framesequence ライブラリã«ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€æ¨©é™ã®ãªã„プãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ã‚’実行ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚Framesequence ライブラリを使用ã™ã‚‹ã‚¢ãƒ—リã§ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -683,19 +299,19 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 16 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-nfc">NFC ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>NFC ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€è¿‘ãã«ã„る攻撃者ã«ã‚ˆã£ã¦ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティã®ã‚¢ãƒ—リãŒé€šå¸¸ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„権é™ã«æ˜‡æ ¼ã—ã¦ãƒãƒ¼ã‚«ãƒ«ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ã®ã§ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -712,19 +328,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 6 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-audioserver">オーディオサーãƒãƒ¼ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>オーディオサーãƒãƒ¼ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚サードパーティã®ã‚¢ãƒ—リãŒé€šå¸¸ã¯ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„権é™ã«æ˜‡æ ¼ã—ã¦ãƒãƒ¼ã‚«ãƒ«ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ã®ã§ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -754,20 +370,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 7 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">メディアサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>メディアサーãƒãƒ¼ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ç«¯æœ«ã®ãƒãƒ³ã‚°ã‚„å†èµ·å‹•ã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚リモートã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -845,19 +460,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-location-manager">ãƒã‚±ãƒ¼ã‚·ãƒ§ãƒ³ マãƒãƒ¼ã‚¸ãƒ£ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>ãƒã‚±ãƒ¼ã‚·ãƒ§ãƒ³ マãƒãƒ¼ã‚¸ãƒ£ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã€ä½ç½®æƒ…å ±ã«å¯¾ã™ã‚‹ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®ä¿è·ãŒå›žé¿ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ä¸æ£ç¢ºãªãƒ‡ãƒ¼ã‚¿ã®ç”Ÿæˆã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -874,20 +489,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 20 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Wi-Fi ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Wi-Fi ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ãƒ‡ãƒ¼ã‚¿ãŒå‰Šé™¤ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーæ“作ã®è¦ä»¶ï¼ˆé€šå¸¸ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã‚ˆã‚‹æ“作ã‹è¨±å¯ãŒå¿…è¦ï¼‰ãŒãƒãƒ¼ã‚«ãƒ«ã§å›žé¿ã•ã‚Œã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -907,20 +521,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 25 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-package-manager">パッケージ マãƒãƒ¼ã‚¸ãƒ£ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>パッケージ マãƒãƒ¼ã‚¸ãƒ£ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã‚ˆã‚‹ã‚¢ãƒ—リã®ã‚¢ãƒ³ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã‚„アプリã®æ¨©é™ã®å‰Šé™¤ãŒé˜»æ¢ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーæ“作ã®è¦ä»¶ãŒãƒãƒ¼ã‚«ãƒ«ã§å›žé¿ã•ã‚Œã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -938,20 +551,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 社内</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-system-ui">システムUI ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>システムUI ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã€ç”»é¢å…¨ä½“を覆ㆠUI オーãƒãƒ¼ãƒ¬ã‚¤ãŒä½œæˆã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーæ“作ã®è¦ä»¶ï¼ˆé€šå¸¸ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã‚ˆã‚‹æ“作ã‹è¨±å¯ãŒå¿…è¦ï¼‰ãŒãƒãƒ¼ã‚«ãƒ«ã§å›žé¿ã•ã‚Œã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -969,20 +581,19 @@ <td>7.1.1</td> <td>Google 社内</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-aosp-messaging">AOSP メッセージã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>AOSP メッセージã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ãƒªãƒ¢ãƒ¼ãƒˆã®æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€æ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -999,20 +610,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 9 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">メディアサーãƒãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>メディアサーãƒãƒ¼ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1029,20 +639,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 11 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard">セットアップ ウィザードã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>セットアップ ウィザードã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚Šã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’一時的ã«ãƒ–ãƒãƒƒã‚¯ã§ãã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚端末を修復ã™ã‚‹ã«ã¯ãƒ‡ãƒ¼ã‚¿ã®åˆæœŸåŒ–ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1058,7 +667,7 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 9 月 14 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Google 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> @@ -1066,13 +675,13 @@ <p>メディアサーãƒãƒ¼ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ç«¯æœ«ã®ãƒãƒ³ã‚°ã‚„å†èµ·å‹•ã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚一般的ã§ãªã„端末è¨å®šãŒå¿…è¦ãªãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1089,20 +698,19 @@ <td>7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard-2">セットアップ ウィザードã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>セットアップ ウィザードã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ãƒãƒ¼ã‚«ãƒ«ã®æ”»æ’ƒè€…ã«ã‚ˆã£ã¦ã€ãƒ‡ãƒ¼ã‚¿ã®åˆæœŸåŒ–後㫠Google アカウントã¸ã®ãƒã‚°ã‚¤ãƒ³ãŒè¦æ±‚ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚端末を修復ã™ã‚‹ã«ã¯ãƒ‡ãƒ¼ã‚¿ã®åˆæœŸåŒ–ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1121,20 +729,19 @@ <td>5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 社内</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-audioserver">オーディオサーãƒãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>オーディオサーãƒãƒ¼ã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒç«¯æœ«ã®ãƒãƒ³ã‚°ã‚„å†èµ·å‹•ã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚一時的ãªã‚µãƒ¼ãƒ“ス拒å¦ã®ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä½Žã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1151,23 +758,21 @@ <td>5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 10 月 11 æ—¥</td> </tr> -</table> - +</tbody></table> <h2 id="2017-03-05-details">ã‚»ã‚ュリティ パッムレベル 2017-03-05 ã®è„†å¼±æ€§ã®è©³ç´°</h2> -<p>上記ã®<a href="#2017-03-05-summary">ã‚»ã‚ュリティ パッムレベル 2017-03-05 ã®è„†å¼±æ€§ã®æ¦‚è¦</a>ã§ä¸€è¦§ã«æŒ™ã’ãŸå„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> - +<p>パッãƒãƒ¬ãƒ™ãƒ« 2017-03-05 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> <h3 id="eop-in-mediatek-components">MediaTek コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>M4U ドライãƒã€ã‚µã‚¦ãƒ³ãƒ‰ ドライãƒã€ã‚¿ãƒƒãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã€GPU ドライãƒã€ã‚³ãƒžãƒ³ãƒ‰ã‚ュー ドライãƒãªã©ã® MediaTek コンãƒãƒ¼ãƒãƒ³ãƒˆã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1176,7 +781,7 @@ </tr> <tr> <td>CVE-2017-0500</td> - <td>A-28429685*<br> + <td>A-28429685*<br /> M-ALPS02710006</td> <td>é‡å¤§</td> <td>ãªã—**</td> @@ -1184,7 +789,7 @@ </tr> <tr> <td>CVE-2017-0501</td> - <td>A-28430015*<br> + <td>A-28430015*<br /> M-ALPS02708983</td> <td>é‡å¤§</td> <td>ãªã—**</td> @@ -1192,7 +797,7 @@ </tr> <tr> <td>CVE-2017-0502</td> - <td>A-28430164*<br> + <td>A-28430164*<br /> M-ALPS02710027</td> <td>é‡å¤§</td> <td>ãªã—**</td> @@ -1200,7 +805,7 @@ </tr> <tr> <td>CVE-2017-0503</td> - <td>A-28449045*<br> + <td>A-28449045*<br /> M-ALPS02710075</td> <td>é‡å¤§</td> <td>ãªã—**</td> @@ -1208,7 +813,7 @@ </tr> <tr> <td>CVE-2017-0504</td> - <td>A-30074628*<br> + <td>A-30074628*<br /> M-ALPS02829371</td> <td>é‡å¤§</td> <td>ãªã—**</td> @@ -1216,7 +821,7 @@ </tr> <tr> <td>CVE-2017-0505</td> - <td>A-31822282*<br> + <td>A-31822282*<br /> M-ALPS02992041</td> <td>é‡å¤§</td> <td>ãªã—**</td> @@ -1224,27 +829,26 @@ </tr> <tr> <td>CVE-2017-0506</td> - <td>A-32276718*<br> + <td>A-32276718*<br /> M-ALPS03006904</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>2016 å¹´ 10 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>NVIDIA GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1253,7 +857,7 @@ </tr> <tr> <td>CVE-2017-0337</td> - <td>A-31992762*<br> + <td>A-31992762*<br /> N-CVE-2017-0337</td> <td>é‡å¤§</td> <td>Pixel C</td> @@ -1261,7 +865,7 @@ </tr> <tr> <td>CVE-2017-0338</td> - <td>A-33057977*<br> + <td>A-33057977*<br /> N-CVE-2017-0338</td> <td>é‡å¤§</td> <td>Pixel C</td> @@ -1269,7 +873,7 @@ </tr> <tr> <td>CVE-2017-0333</td> - <td>A-33899363*<br> + <td>A-33899363*<br /> N-CVE-2017-0333</td> <td>é‡å¤§</td> <td>Pixel C</td> @@ -1277,7 +881,7 @@ </tr> <tr> <td>CVE-2017-0306</td> - <td>A-34132950*<br> + <td>A-34132950*<br /> N-CVE-2017-0306</td> <td>é‡å¤§</td> <td>Nexus 9</td> @@ -1285,26 +889,25 @@ </tr> <tr> <td>CVE-2017-0335</td> - <td>A-33043375*<br> + <td>A-33043375*<br /> N-CVE-2017-0335</td> <td>é‡å¤§</td> <td>Pixel C</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-kernel-ion-subsystem">カーãƒãƒ« ION サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« ION サブシステムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1325,20 +928,19 @@ <td>Pixel C</td> <td>2016 å¹´ 12 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Broadcom Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1347,27 +949,26 @@ </tr> <tr> <td>CVE-2017-0509</td> - <td>A-32124445*<br> + <td>A-32124445*<br /> B-RB#110688</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="eop-in-kernel-fiq-debugger">カーãƒãƒ« FIQ デãƒãƒƒã‚¬ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« FIQ デãƒãƒƒã‚¬ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1381,20 +982,19 @@ <td>Nexus 9</td> <td>2016 å¹´ 10 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1403,26 +1003,25 @@ </tr> <tr> <td>CVE-2016-8479</td> - <td>A-31824853*<br> + <td>A-31824853*<br /> QC-CR#1093687</td> <td>é‡å¤§</td> <td>Android Oneã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-kernel-networking-subsystem">カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1431,7 +1030,7 @@ </tr> <tr> <td>CVE-2016-9806</td> - <td>A-33393474<br> + <td>A-33393474<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520"> アップストリームカーãƒãƒ«</a></td> <td>é‡å¤§</td> @@ -1440,26 +1039,25 @@ </tr> <tr> <td>CVE-2016-10200</td> - <td>A-33753815<br> + <td>A-33753815<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"> アップストリームカーãƒãƒ«</a></td> <td>é‡å¤§</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®è„†å¼±æ€§</h3> <p>下記ã®è¡¨ã« Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹è„†å¼±æ€§ã‚’示ã—ã¾ã™ã€‚詳細ã«ã¤ã„ã¦ã¯ã€Qualcomm AMSS ã® 2016 å¹´ 9 月ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã‚’ã”覧ãã ã•ã„。</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1501,22 +1099,21 @@ <td>ãªã—***</td> <td>Qualcomm 社内</td> </tr> -</table> +</tbody></table> <p>* ã“ã®ä¸€é€£ã®å•é¡Œã®é‡å¤§åº¦ã¯ãƒ™ãƒ³ãƒ€ãƒ¼ãŒæ±ºå®šã—ãŸã‚‚ã®ã§ã™ã€‚</p> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>*** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="eop-in-kernel-networking-subsystem-2">カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1525,7 +1122,7 @@ </tr> <tr> <td>CVE-2016-8655</td> - <td>A-33358926<br> + <td>A-33358926<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c"> アップストリームカーãƒãƒ«</a></td> <td>高</td> @@ -1534,26 +1131,25 @@ </tr> <tr> <td>CVE-2016-9793</td> - <td>A-33363517<br> + <td>A-33363517<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Android Oneã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-input-hardware-driver">Qualcomm 入力ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm 入力ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1562,26 +1158,25 @@ </tr> <tr> <td>CVE-2017-0516</td> - <td>A-32341680*<br> + <td>A-32341680*<br /> QC-CR#1096301</td> <td>高</td> <td>Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-mediatek-hardware-sensor-driver">MediaTek ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ センサー ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>MediaTek ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ センサー ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1590,27 +1185,26 @@ </tr> <tr> <td>CVE-2017-0517</td> - <td>A-32372051*<br> + <td>A-32372051*<br /> M-ALPS02973195</td> <td>高</td> <td>ãªã—**</td> <td>2016 å¹´ 10 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm ADSPRPC ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1619,27 +1213,26 @@ </tr> <tr> <td>CVE-2017-0457</td> - <td>A-31695439*<br> - QC-CR#1086123<br> + <td>A-31695439*<br /> + QC-CR#1086123<br /> QC-CR#1100695</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Qualcomm 指紋èªè¨¼ã‚»ãƒ³ã‚µãƒ¼ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm 指紋èªè¨¼ã‚»ãƒ³ã‚µãƒ¼ ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1648,7 +1241,7 @@ </tr> <tr> <td>CVE-2017-0518</td> - <td>A-32370896*<br> + <td>A-32370896*<br /> QC-CR#1086530</td> <td>高</td> <td>Pixelã€Pixel XL</td> @@ -1656,26 +1249,25 @@ </tr> <tr> <td>CVE-2017-0519</td> - <td>A-32372915*<br> + <td>A-32372915*<br /> QC-CR#1086530</td> <td>高</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 24 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm crypto エンジン ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm crypto エンジン ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1684,26 +1276,25 @@ </tr> <tr> <td>CVE-2017-0520</td> - <td>A-31750232<br> + <td>A-31750232<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd"> QC-CR#1082636</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 24 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver">Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm カメラドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1712,7 +1303,7 @@ QC-CR#1082636</a></td> </tr> <tr> <td>CVE-2017-0458</td> - <td>A-32588962<br> + <td>A-32588962<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4"> QC-CR#1089433</a></td> <td>高</td> @@ -1721,26 +1312,25 @@ QC-CR#1089433</a></td> </tr> <tr> <td>CVE-2017-0521</td> - <td>A-32919951<br> + <td>A-32919951<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8"> QC-CR#1097709</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 15 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-apk">MediaTek APK ã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>MediaTek APK ã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚特権プãƒã‚»ã‚¹ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒãƒãƒ¼ã‚«ãƒ«ã«å®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1749,27 +1339,26 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0522</td> - <td>A-32916158*<br> + <td>A-32916158*<br /> M-ALPS03032516</td> <td>高</td> <td>ãªã—**</td> <td>2016 å¹´ 11 月 15 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm Wi-Fi ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1778,7 +1367,7 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0464</td> - <td>A-32940193<br> + <td>A-32940193<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f"> QC-CR#1102593</a></td> <td>高</td> @@ -1787,7 +1376,7 @@ QC-CR#1102593</a></td> </tr> <tr> <td>CVE-2017-0453</td> - <td>A-33979145<br> + <td>A-33979145<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513"> QC-CR#1105085</a></td> <td>高</td> @@ -1796,27 +1385,26 @@ QC-CR#1105085</a></td> </tr> <tr> <td>CVE-2017-0523</td> - <td>A-32835279<br> + <td>A-32835279<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582"> QC-CR#1096945</a></td> <td>高</td> <td>ãªã—*</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1830,20 +1418,19 @@ QC-CR#1096945</a></td> <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-qualcomm-ipa-driver">Qualcomm IPA ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm IPA ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1852,7 +1439,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0456</td> - <td>A-33106520*<br> + <td>A-33106520*<br /> QC-CR#1099598</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> @@ -1860,26 +1447,25 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0525</td> - <td>A-33139056*<br> + <td>A-33139056*<br /> QC-CR#1097714</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-htc-sensor-hub-driver">HTC センサーãƒãƒ– ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>HTC センサーãƒãƒ– ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1900,20 +1486,19 @@ QC-CR#1096945</a></td> <td>Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>NVIDIA GPU ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1922,27 +1507,26 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0307</td> - <td>A-33177895*<br> + <td>A-33177895*<br /> N-CVE-2017-0307</td> <td>高</td> <td>ãªã—**</td> <td>2016 å¹´ 11 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="eop-in-qualcomm-networking-driver">Qualcomm ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1951,7 +1535,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0463</td> - <td>A-33277611<br> + <td>A-33277611<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2"> QC-CR#1101792</a></td> <td>高</td> @@ -1960,26 +1544,25 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2017-0460 </td> - <td>A-31252965*<br> + <td>A-31252965*<br /> QC-CR#1098801</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixelã€Pixel XL</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-kernel-security-subsystem">カーãƒãƒ« ã‚»ã‚ュリティ サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« ã‚»ã‚ュリティ サブシステムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹å†…ã§ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚カーãƒãƒ«ãƒ¬ãƒ™ãƒ«ã®å¤šé‡é˜²å¾¡ã¾ãŸã¯æ‚ªç”¨å¯¾ç–技術を迂回ã™ã‚‹ä¸€èˆ¬çš„ãªæ–¹æ³•ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -1993,20 +1576,19 @@ QC-CR#1101792</a></td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="eop-in-qualcomm-spcom-driver">Qualcomm SPCom ドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> <p>Qualcomm SPCom ドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2015,7 +1597,7 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2016-5856</td> - <td>A-32610665<br> + <td>A-32610665<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368"> QC-CR#1094078</a></td> <td>高</td> @@ -2024,27 +1606,26 @@ QC-CR#1094078</a></td> </tr> <tr> <td>CVE-2016-5857</td> - <td>A-34386529<br> + <td>A-34386529<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5"> QC-CR#1094140</a></td> <td>高</td> <td>ãªã—*</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="id-in-kernel-networking-subsystem">カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ サブシステムã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ç«¯æœ«ã®è¿‘ãã«ã„る攻撃者ãŒæ©Ÿå¯†æƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚許å¯ã‚’å¾—ãšã«ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2053,26 +1634,25 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2014-8709</td> - <td>A-34077221<br> + <td>A-34077221<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f"> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Nexus Player</td> <td>2014 å¹´ 11 月 9 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-driver">MediaTek ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>MediaTek ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«ã€æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2081,27 +1661,26 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2017-0529</td> - <td>A-28449427*<br> + <td>A-28449427*<br /> M-ALPS02710042</td> <td>高</td> <td>ãªã—**</td> <td>2016 å¹´ 4 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="id-in-qualcomm-bootloader">Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>Qualcomm ブートãƒãƒ¼ãƒ€ãƒ¼ã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ãƒ–ートãƒãƒ¼ãƒ€ãƒ¼å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ブートãƒãƒ¼ãƒ€ãƒ¼ レベルã®å¤šé‡é˜²å¾¡ã¾ãŸã¯æ‚ªç”¨å¯¾ç–技術を迂回ã™ã‚‹ä¸€èˆ¬çš„ãªæ–¹æ³•ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2110,26 +1689,25 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2017-0455</td> - <td>A-32370952<br> + <td>A-32370952<br /> <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"> QC-CR#1082755</a></td> <td>高</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-power-driver">Qualcomm é›»æºãƒ‰ãƒ©ã‚¤ãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>Qualcomm é›»æºãƒ‰ãƒ©ã‚¤ãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«ã€æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2138,26 +1716,25 @@ QC-CR#1082755</a></td> </tr> <tr> <td>CVE-2016-8483</td> - <td>A-33745862<br> + <td>A-33745862<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a"> QC-CR#1035099</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 12 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>NVIDIA GPU ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ユーザーã®æ˜Žç¤ºçš„ãªè¨±å¯ã‚’å¾—ãšã«ã€æ©Ÿå¯†ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã®ã«åˆ©ç”¨ã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2166,7 +1743,7 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0334</td> - <td>A-33245849*<br> + <td>A-33245849*<br /> N-CVE-2017-0334</td> <td>高</td> <td>Pixel C</td> @@ -2174,26 +1751,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0336</td> - <td>A-33042679*<br> + <td>A-33042679*<br /> N-CVE-2017-0336</td> <td>高</td> <td>Pixel C</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="dos-in-kernel-cryptographic-subsystem">カーãƒãƒ«æš—å·åŒ–サブシステムã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§</h3> <p>カーãƒãƒ«æš—å·åŒ–サブシステムã«ã‚µãƒ¼ãƒ“ス拒å¦ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€ãƒªãƒ¢ãƒ¼ãƒˆã®æ”»æ’ƒè€…ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ パケットを使用ã—ã¦ã€ç«¯æœ«ã®ãƒãƒ³ã‚°ã‚„å†èµ·å‹•ã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚リモートã§ã®ã‚µãƒ¼ãƒ“ス拒å¦ã®ãŠãã‚ŒãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œé«˜ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2202,26 +1778,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2016-8650</td> - <td>A-33401771<br> + <td>A-33401771<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Qualcomm カメラドライãƒã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ï¼ˆç«¯æœ«å›ºæœ‰ï¼‰</h3> <p>Qualcomm カメラドライãƒã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚Šã€ç¾åœ¨ã®ãƒ—ラットフォーム構æˆã«ã‚ˆã£ã¦ãƒªã‚¹ã‚¯ãŒè»½æ¸›ã•ã‚Œã¦ã„ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2230,26 +1805,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2016-8417</td> - <td>A-32342399<br> + <td>A-32342399<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0"> QC-CR#1088824</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>Qualcomm Wi-Fi ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2258,7 +1832,7 @@ QC-CR#1088824</a></td> </tr> <tr> <td>CVE-2017-0461</td> - <td>A-32073794<br> + <td>A-32073794<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65"> QC-CR#1100132</a></td> <td>ä¸</td> @@ -2267,8 +1841,8 @@ QC-CR#1100132</a></td> </tr> <tr> <td>CVE-2017-0459</td> - <td>A-32644895<br> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> + <td>A-32644895<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> QC-CR#1091939</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> @@ -2276,26 +1850,25 @@ QC-CR#1091939</a></td> </tr> <tr> <td>CVE-2017-0531</td> - <td>A-32877245<br> + <td>A-32877245<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302"> QC-CR#1087469</a></td> <td>ä¸</td> <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 13 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-video-codec-driver">MediaTek ビデオ コーデック ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>MediaTek ビデオ コーデック ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2304,28 +1877,27 @@ QC-CR#1087469</a></td> </tr> <tr> <td>CVE-2017-0532</td> - <td>A-32370398*<br> + <td>A-32370398*<br /> M-ALPS03069985</td> <td>ä¸</td> <td>ãªã—**</td> <td>2016 å¹´ 10 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <p>** Android 7.0 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> - <h3 id="id-in-qualcomm-video-driver">Qualcomm ビデオドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p> Qualcomm ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2334,7 +1906,7 @@ Qualcomm ビデオドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ </tr> <tr> <td>CVE-2017-0533</td> - <td>A-32509422<br> + <td>A-32509422<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> @@ -2343,7 +1915,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2017-0534</td> - <td>A-32508732<br> + <td>A-32508732<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> @@ -2352,7 +1924,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8416</td> - <td>A-32510746<br> + <td>A-32510746<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> @@ -2361,26 +1933,25 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8478</td> - <td>A-32511270<br> + <td>A-32511270<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 28 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-camera-driver">Qualcomm カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>Qualcomm カメラドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2389,7 +1960,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8413</td> - <td>A-32709702<br> + <td>A-32709702<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d"> QC-CR#518731</a></td> <td>ä¸</td> @@ -2398,7 +1969,7 @@ QC-CR#518731</a></td> </tr> <tr> <td>CVE-2016-8477</td> - <td>A-32720522<br> + <td>A-32720522<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"> QC-CR#1090007</a> [<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> @@ -2406,19 +1977,18 @@ QC-CR#1090007</a> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 7 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-htc-sound-codec-driver">HTC サウンド コーデック ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>HTC サウンド コーデック ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2432,20 +2002,19 @@ QC-CR#1090007</a> <td>Nexus 9</td> <td>2016 å¹´ 12 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="id-in-synaptics-touchscreen-driver">Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>Synaptics タッãƒã‚¹ã‚¯ãƒªãƒ¼ãƒ³ ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2459,20 +2028,19 @@ QC-CR#1090007</a> <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="id-in-kernel-usb-gadget-driver">カーãƒãƒ« USB ガジェット ドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>カーãƒãƒ« USB ガジェット ドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä¸ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2486,20 +2054,19 @@ QC-CR#1090007</a> <td>Pixel C</td> <td>Google 社内</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> - <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm カメラドライãƒã§ã®æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§</h3> <p>Qualcomm カメラドライãƒã«æƒ…å ±é–‹ç¤ºã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リãŒæ¨©é™ãƒ¬ãƒ™ãƒ«ã®ç¯„囲外ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚最åˆã«ç‰¹æ¨©ãƒ—ãƒã‚»ã‚¹ã¸ã®ä¾µå…¥ãŒå¿…è¦ã§ã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã®é‡å¤§åº¦ã¯ã€Œä½Žã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> @@ -2508,19 +2075,19 @@ QC-CR#1090007</a> </tr> <tr> <td>CVE-2017-0452</td> - <td>A-32873615*<br> + <td>A-32873615*<br /> QC-CR#1093693</td> <td>低</td> <td>Nexus 5Xã€Nexus 6Pã€Android One</td> <td>2016 å¹´ 11 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <p>* ã“ã®å•é¡Œã«å¯¾ã™ã‚‹ãƒ‘ッãƒã¯å…¬é–‹ã•ã‚Œã¦ã„ã¾ã›ã‚“。アップデート㯠<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h2 id="common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</h2> <p>上記ã®å…¬é–‹æƒ…å ±ã«å¯¾ã™ã‚‹ä¸€èˆ¬çš„ãªè³ªå•ã«ã¤ã„ã¦ã€ä»¥ä¸‹ã§å›žç”ã—ã¾ã™ã€‚</p> -<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’ã©ã®ã‚ˆã†ã«åˆ¤æ–ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ +<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’確ã‹ã‚ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ </strong></p> -<p>端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。</p> +<p>端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。</p> <ul> <li>ã‚»ã‚ュリティ パッムレベル 2017-03-01 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル 2017-03-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚</li> <li>ã‚»ã‚ュリティ パッムレベル 2017-03-05 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル 2017-03-05ã€ãŠã‚ˆã³ãれ以å‰ã®ã™ã¹ã¦ã®ãƒ‘ッãƒãƒ¬ãƒ™ãƒ«ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ @@ -2531,8 +2098,8 @@ QC-CR#1090007</a> <li>[ro.build.version.security_patch]:[2017-03-01]</li> <li>[ro.build.version.security_patch]:[2017-03-05]</li> </ul> -<p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッムレベルãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> -<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッムレベルを定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> +<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <ul> <li>2017 å¹´ 3 月 1 æ—¥ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ãã®ã‚»ã‚ュリティ パッムレベルã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã¨ã€ãれ以å‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã§å ±å‘Šã•ã‚ŒãŸã™ã¹ã¦ã®å•é¡Œã®ä¿®æ£ã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> <li>2017 å¹´ 3 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ä»Šå›žï¼ˆãŠã‚ˆã³ãれ以å‰ï¼‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚ŒãŸã€è©²å½“ã™ã‚‹ã™ã¹ã¦ã®ãƒ‘ッãƒã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> @@ -2541,14 +2108,14 @@ QC-CR#1090007</a> <p><strong>3.  å„å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ Google 端末を判æ–ã™ã‚‹ã«ã¯ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> <p><a href="#2017-03-01-details">2017-03-01</a> 㨠<a href="#2017-03-05-details">2017-03-05</a> ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã«é–¢ã™ã‚‹ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã§ã€å„表ä¸ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã€ãã®å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã®ç¨®é¡žã‚’記載ã—ã¦ã„ã¾ã™ã€‚ã“ã®åˆ—ã«ã¯æ¬¡ã®ã„ãšã‚Œã‹ãŒè¡¨ç¤ºã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <ul> -<li><strong>ã™ã¹ã¦ã® Google 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã®ç«¯æœ«ã¨ Pixel 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚「ã™ã¹ã¦ã€ã«ã¯<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サãƒãƒ¼ãƒˆå¯¾è±¡ã®ç«¯æœ«</a>(Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7(2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL)ãŒå«ã¾ã‚Œã¾ã™ã€‚</li> +<li><strong>ã™ã¹ã¦ã® Google 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã®ç«¯æœ«ã¨ Pixel 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚「ã™ã¹ã¦ã€ã«ã¯<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サãƒãƒ¼ãƒˆå¯¾è±¡ã®ç«¯æœ«</a>(Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL)ãŒå«ã¾ã‚Œã¾ã™ã€‚</li> <li><strong>一部㮠Google 端末</strong>: å•é¡ŒãŒä¸€éƒ¨ã® Google 端末ã®ã¿ã«å½±éŸ¿ã™ã‚‹å ´åˆã€ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯å½±éŸ¿ã‚’å—ã‘ã‚‹ Google 端末ãŒè¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> <li><strong>影響をå—ã‘ã‚‹ Google 端末ãŒãªã„</strong>: Android 7.0 ã‚’æ載ã—㟠Google 端末ãŒå•é¡Œã®å½±éŸ¿ã‚’å—ã‘ãªã„å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œãªã—ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> </ul> <p><strong>4. 「å‚ç…§ã€åˆ—ã®é …ç›®ã¯ã©ã®ã‚ˆã†ãªæƒ…å ±ã«é–¢é€£ä»˜ã‘られã¦ã„ã¾ã™ã‹ï¼Ÿ</strong></p> <p>脆弱性ã®è©³ç´°ã®è¡¨ã§ã€Œå‚ç…§ã€åˆ—ã«è¨˜è¼‰ã—ãŸå†…容ã«ã¯ã€ãã®å‚照番å·ãŒå±žã™çµ„織を示ã™æŽ¥é 辞をå«ã‚ã¦ã„ã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚<em></em>å„接é 辞ã®æ„味ã¯ä»¥ä¸‹ã®ã¨ãŠã‚Šã§ã™ã€‚</p> <table> - <tr> + <tbody><tr> <th>接é 辞</th> <th>å‚ç…§</th> </tr> @@ -2572,11 +2139,11 @@ QC-CR#1090007</a> <td>B-</td> <td>Broadcom ã®å‚照番å·</td> </tr> -</table> +</tbody></table> <h2 id="revisions">改訂</h2> <ul> <li>2017 å¹´ 3 月 6 æ—¥: æƒ…å ±å…¬é–‹</li> <li>2017 å¹´ 3 月 7 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ </li> </ul> -</body> -</html> + +</body></html>
\ No newline at end of file diff --git a/ja/security/bulletin/2017-04-01.html b/ja/security/bulletin/2017-04-01.html index 1667cd5e..1eb06ce2 100644 --- a/ja/security/bulletin/2017-04-01.html +++ b/ja/security/bulletin/2017-04-01.html @@ -19,10 +19,10 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>2017 å¹´ 4 月 3 日公開 | 2017 å¹´ 4 月 5 日更新</em></p> +<p><em>2017 å¹´ 4 月 3 日公開 | 2017 å¹´ 8 月 17 日更新</em></p> <p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Nexus 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§ãƒªãƒªãƒ¼ã‚¹ã—ã¦ã„ã¾ã™ã€‚2017 å¹´ 4 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。</p> <p>パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2017 å¹´ 3 月 6 æ—¥ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)ã®ãƒ¬ãƒã‚¸ãƒˆãƒªã«ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã‚’リリースã—ã¦ã„ã¾ã™ã€‚ã¾ãŸã€ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€ã“れらã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã«åŠ ãˆã€AOSP 以外ã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã‚‚掲載ã—ã¦ã„ã¾ã™ã€‚</p> -<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®åˆ¤å®š</a>ã¯ã€æ”»æ’ƒã‚’å—ã‘ãŸç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã‚„ä¸æ£ã«å›žé¿ã•ã‚ŒãŸãŸã‚ã«ç„¡åŠ¹ã«ã•ã‚ŒãŸå ´åˆã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> +<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€å¤šæ§˜ãªæ–¹æ³•ï¼ˆãƒ¡ãƒ¼ãƒ«ã€ã‚¦ã‚§ãƒ–ã®é–²è¦§ã€MMS ãªã©ï¼‰ã«ã‚ˆã‚Šã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルを処ç†ã™ã‚‹éš›ã«ãƒªãƒ¢ãƒ¼ãƒˆã§ã®ã‚³ãƒ¼ãƒ‰å®Ÿè¡ŒãŒå¯èƒ½ã«ãªã‚‹ãŠãã‚Œã®ã‚ã‚‹é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ã§ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã¾ãŸã¯ä¸æ£ãªå›žé¿ã«ã‚ˆã‚Šç„¡åŠ¹ã¨ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> <p>ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="#mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã«ã‚ˆã‚Šã€Android プラットフォームã®ã‚»ã‚ュリティãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚</p> <p>ã”利用ã®ç«¯æœ«ã§ä¸Šè¨˜ã®æ›´æ–°ã‚’è¡Œã†ã“ã¨ã‚’ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ãŠã™ã™ã‚ã—ã¾ã™ã€‚</p> @@ -50,31 +50,30 @@ <ul> <li>Shellphish Grill ãƒãƒ¼ãƒ ã® Aravind Machiry(donfos): CVE-2016-5349</li> <li>Tencentã€Xuanwu Lab ã® Daxing Guo(<a href="https://twitter.com/freener0">@freener0</a>): CVE-2017-0585ã€CVE-2017-0553</li> - <li><a href="mailto:derrek.haxx@gmail.com">Derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>)ãŠã‚ˆã³ Scott Bauer: CVE-2017-0576</li> + <li><a href="mailto:derrek.haxx@gmail.com">Derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>)ã€Scott Bauer: CVE-2017-0576</li> <li>Project Zero ã® Gal Beniamini: CVE-2017-0571ã€CVE-2017-0570ã€CVE-2017-0572ã€CVE-2017-0569ã€CVE-2017-0561</li> - <li>Qihoo 360 Technology Co. Ltd.ã€IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ãŠã‚ˆã³ <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-6426ã€CVE-2017-0581ã€CVE-2017-0329ã€CVE-2017-0332ã€CVE-2017-0566</li> - <li>Qihoo 360 Technology Co. Ltd.ã€Alpha Team ã® Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2017-0547</li> - <li>Qihoo 360 Technology Co. Ltd.ã€Alpha Team ã® Hao Chen ãŠã‚ˆã³ Guang Gong: CVE-2017-6424ã€CVE-2017-0584ã€CVE-2017-0454ã€CVE-2017-0575ã€CVE-2017-0567</li> + <li>Qihoo 360 Technology Co. Ltd. IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-6426ã€CVE-2017-0581ã€CVE-2017-0329ã€CVE-2017-0332ã€CVE-2017-0566ã€CVE-2017-0573</li> + <li>Qihoo 360 Technology Co. Ltd. Alpha Team ã® Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2017-0547</li> + <li>Qihoo 360 Technology Co. Ltd. Alpha Team ã® Hao Chenã€Guang Gong: CVE-2017-6424ã€CVE-2017-0584ã€CVE-2017-0454ã€CVE-2017-0574ã€CVE-2017-0575ã€CVE-2017-0567</li> <li>Ian Foster(<a href="https://twitter.com/lanrat">@lanrat</a>): CVE-2017-0554</li> <li>Trend Micro Inc. ã® Jack Tang: CVE-2017-0579</li> <li><a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a> ã® Jianjun Dai(<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>): CVE-2017-0559ã€CVE-2017-0541</li> - <li>Qihoo 360ã€IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ãŠã‚ˆã³ <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-6425ã€CVE-2016-5346</li> - <li><a href="http://c0reteam.org">C0RE Team</a> ã® Lubo Zhang(<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>)ãŠã‚ˆã³ Qihoo 360 Technology Co. Ltd.ã€IceSword Lab ã® Yonggang Guo(<a href="https://twitter.com/guoygang">@guoygang</a>): CVE-2017-0564</li> + <li>Qihoo 360 IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-6425ã€CVE-2016-5346</li> + <li><a href="http://c0reteam.org">C0RE Team</a> ã® Lubo Zhang(<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>)ã€Qihoo 360 Technology Co. Ltd. IceSword Lab ã® Yonggang Guo(<a href="https://twitter.com/guoygang">@guoygang</a>): CVE-2017-0564</li> <li>Google ã® <a href="mailto:salyzyn@android.com">Mark Salyzyn</a>: CVE-2017-0558</li> - <li>Teslaã€Product Security Team ã® Mike Anderson(<a href="https://twitter.com/manderbot">@manderbot</a>)ãŠã‚ˆã³ Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0327ã€CVE-2017-0328</li> + <li>Tesla Product Security Team ã® Mike Anderson(<a href="https://twitter.com/manderbot">@manderbot</a>)ã€Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0327ã€CVE-2017-0328</li> <li>Alibaba Mobile Security Group ã® Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yangã€Yang song: CVE-2017-0565</li> <li>Baidu X-Lab(百度安全实验室)㮠Pengfei Ding(ä¸é¹é£žï¼‰ã€Chenfu Bao(包沉浮)ã€Lenx Wei(韦韬): CVE-2016-10236</li> - <li>Tencentã€KeenLab ã® Qidan He(何淇丹 - <a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2017-0544ã€CVE-2016-10231ã€CVE-2017-0325</li> - <li>HCL Technologiesã€Aleph Research ã® Roee Hay(<a href="https://twitter.com/roeehay">@roeehay</a>): CVE-2017-0582ã€CVE-2017-0563</li> + <li>Tencent KeenLab ã® Qidan He(何淇丹)(<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2017-0544ã€CVE-2017-0325</li> + <li>HCL Technologies Aleph Research ã® Roee Hay(<a href="https://twitter.com/roeehay">@roeehay</a>): CVE-2017-0582ã€CVE-2017-0563</li> <li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0562ã€CVE-2017-0339</li> - <li>Trend Microã€Mobile Threat Research Team ã® Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2017-0578</li> + <li>TrendMicro Mobile Threat Research Team ã® Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-10231ã€CVE-2017-0578ã€CVE-2017-0586</li> <li>Tim Becker: CVE-2017-0546</li> <li>Uma Sankar Pradhan(<a href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>): CVE-2017-0560</li> - <li><a href="http://www.trendmicro.com">Trend Micro</a>ã€<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a> ã® V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): CVE-2017-0555ã€CVE-2017-0538ã€CVE-2017-0539ã€CVE-2017-0540ã€CVE-2017-0557ã€CVE-2017-0556</li> + <li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a> ã® V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): CVE-2017-0555ã€CVE-2017-0538ã€CVE-2017-0539ã€CVE-2017-0557ã€CVE-2017-0556</li> <li>Alibaba Inc ã® Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2017-0549</li> - <li>Qihoo 360 Technology Co. Ltd.ã€Chen of Alpha Team ã® Wenlin Yang(<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)ã€Guang Gong(<a href="https://twitter.com/oldfresher">@oldfresher</a>)ã€Hao Chen: CVE-2017-0580ã€CVE-2017-0577</li> - <li>Qihoo 360 Technology Co. Ltd.ã€IceSword Lab ã® Yonggang Guo(<a href="https://twitter.com/guoygang">@guoygang</a>): CVE-2017-0586</li> - <li>Qihoo 360 Technology Co. Ltd.ã€Chengdu Security Response Center ã® <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: CVE-2017-0548</li> + <li>Qihoo 360 Technology Co. Ltd. Alpha Team ã® Wenlin Yang(<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)ã€Guang Gong(<a href="https://twitter.com/oldfresher">@oldfresher</a>)ã€Hao Chen: CVE-2017-0580ã€CVE-2017-0577</li> + <li>Qihoo 360 Technology Co. Ltd. Chengdu Security Response Center ã® <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: CVE-2017-0548</li> <li>Google ã® Zubin Mithra: CVE-2017-0462</li> </ul> @@ -116,14 +115,6 @@ <td>2016 å¹´ 12 月 23 æ—¥</td> </tr> <tr> - <td>CVE-2017-0540</td> - <td><a href="https://android.googlesource.com/platform/external/libhevc/+/01ca88bb6c5bdd44e071f8effebe12f1d7da9853">A-33966031</a></td> - <td>é‡å¤§</td> - <td>ã™ã¹ã¦</td> - <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> - <td>2016 å¹´ 12 月 29 æ—¥</td> - </tr> - <tr> <td>CVE-2017-0541</td> <td><a href="https://android.googlesource.com/platform/external/sonivox/+/56d153259cc3e16a6a0014199a2317dde333c978">A-34031018</a></td> <td>é‡å¤§</td> @@ -1364,7 +1355,7 @@ QC-CR#1103158</a></td> アップストリームカーãƒãƒ«</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XLã€Pixel Cã€Android Oneã€Nexus Player</td> - <td>Google 社内</td> + <td>2014 å¹´ 10 月 24 æ—¥</td> </tr> </tbody></table> @@ -1941,136 +1932,119 @@ QC-CR#1106842</a></td> </tr> <tr> <td>CVE-2014-9931</td> - <td>A-35445101**<br /> - QC-CR#612410</td> + <td>A-35445101**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2014-9932</td> - <td>A-35434683**<br /> - QC-CR#626734</td> + <td>A-35434683**</td> <td>é‡å¤§</td> <td>Pixelã€Pixel XL</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2014-9933</td> - <td>A-35442512<br /> - QC-CR#675463</td> + <td>A-35442512**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2014-9934</td> - <td>A-35439275**<br /> - QC-CR#658249</td> + <td>A-35439275**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2014-9935</td> - <td>A-35444951**<br /> - QC-CR#717626</td> + <td>A-35444951**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2014-9936</td> - <td>A-35442420**<br /> - QC-CR#727389</td> + <td>A-35442420**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2014-9937</td> - <td>A-35445102**<br /> - QC-CR#734095</td> + <td>A-35445102**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-8995</td> - <td>A-35445002**<br /> - QC-CR#733690</td> + <td>A-35445002**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-8996</td> - <td>A-35444658**<br /> - QC-CR#734698</td> + <td>A-35444658**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-8997</td> - <td>A-35432947**<br /> - QC-CR#734707</td> + <td>A-35432947**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-8998</td> - <td>A-35441175**<br /> - QC-CR#735337</td> + <td>A-35441175**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-8999</td> - <td>A-35445401**<br /> - QC-CR#736119</td> + <td>A-35445401**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-9000</td> - <td>A-35441076**<br /> - QC-CR#740632</td> + <td>A-35441076**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-9001</td> - <td>A-35445400**<br /> - QC-CR#736083</td> + <td>A-35445400**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-9002</td> - <td>A-35442421**<br /> - QC-CR#748428</td> + <td>A-35442421**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2015-9003</td> - <td>A-35440626**<br /> - QC-CR#749215</td> + <td>A-35440626**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> </tr> <tr> <td>CVE-2016-10242</td> - <td>A-35434643**<br /> - QC-CR#985139</td> + <td>A-35434643**</td> <td>é‡å¤§</td> <td>ãªã—**</td> <td>Qualcomm 社内</td> @@ -2082,7 +2056,7 @@ QC-CR#1106842</a></td> <h2 id="common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</h2> <p>上記ã®å…¬é–‹æƒ…å ±ã«å¯¾ã™ã‚‹ä¸€èˆ¬çš„ãªè³ªå•ã«ã¤ã„ã¦ã€ä»¥ä¸‹ã§å›žç”ã—ã¾ã™ã€‚</p> -<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’ã©ã®ã‚ˆã†ã«åˆ¤æ–ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> +<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’確ã‹ã‚ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> <p>端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。</p> <ul> <li>ã‚»ã‚ュリティ パッムレベル 2017-04-01 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル 2017-04-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚</li> @@ -2094,8 +2068,8 @@ QC-CR#1106842</a></td> <li>[ro.build.version.security_patch]:[2017-04-05]</li> </ul> -<p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッムレベルãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> -<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッムレベルを定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> +<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <ul> <li>2017 å¹´ 4 月 1 æ—¥ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ãã®ã‚»ã‚ュリティ パッムレベルã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã¨ã€ãれ以å‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã§å ±å‘Šã•ã‚ŒãŸã™ã¹ã¦ã®å•é¡Œã®ä¿®æ£ã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> <li>2017 å¹´ 4 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ä»Šå›žï¼ˆãŠã‚ˆã³ãれ以å‰ï¼‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚ŒãŸã€è©²å½“ã™ã‚‹ã™ã¹ã¦ã®ãƒ‘ッãƒã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> @@ -2104,7 +2078,7 @@ QC-CR#1106842</a></td> <p><strong>3.  å„å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ Google 端末を判æ–ã™ã‚‹ã«ã¯ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ</strong></p> <p><a href="#2017-04-01-details">2017-04-01</a> 㨠<a href="#2017-04-05-details">2017-04-05</a> ã®ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã«é–¢ã™ã‚‹ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã§ã€å„表ä¸ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã€ãã®å•é¡Œã®å½±éŸ¿ã‚’å—ã‘ã‚‹ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã®ç¨®é¡žã‚’記載ã—ã¦ã„ã¾ã™ã€‚ã“ã®åˆ—ã«ã¯æ¬¡ã®ã„ãšã‚Œã‹ãŒè¡¨ç¤ºã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <ul> - <li><strong>ã™ã¹ã¦ã® Google 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã®ç«¯æœ«ã¨ Pixel 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚「ã™ã¹ã¦ã€ã«ã¯<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サãƒãƒ¼ãƒˆå¯¾è±¡ã®ç«¯æœ«</a>(Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7(2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL)ãŒå«ã¾ã‚Œã¾ã™ã€‚</li> + <li><strong>ã™ã¹ã¦ã® Google 端末</strong>: å•é¡ŒãŒã™ã¹ã¦ã®ç«¯æœ«ã¨ Pixel 端末ã«å½±éŸ¿ã‚’与ãˆã‚‹å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œã™ã¹ã¦ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚「ã™ã¹ã¦ã€ã«ã¯<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サãƒãƒ¼ãƒˆå¯¾è±¡ã®ç«¯æœ«</a>(Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL)ãŒå«ã¾ã‚Œã¾ã™ã€‚</li> <li><strong>一部㮠Google 端末</strong>: å•é¡ŒãŒä¸€éƒ¨ã® Google 端末ã®ã¿ã«å½±éŸ¿ã™ã‚‹å ´åˆã€ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯å½±éŸ¿ã‚’å—ã‘ã‚‹ Google 端末ãŒè¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> <li><strong>影響をå—ã‘ã‚‹ Google 端末ãŒãªã„</strong>: Android 7.0 ã‚’æ載ã—㟠Google 端末ãŒå•é¡Œã®å½±éŸ¿ã‚’å—ã‘ãªã„å ´åˆã€è¡¨ã®ã€Œæ›´æ–°å¯¾è±¡ã® Google 端末<em></em>ã€åˆ—ã«ã¯ã€Œãªã—ã€ã¨è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚</li> </ul> @@ -2140,7 +2114,10 @@ QC-CR#1106842</a></td> <h2 id="revisions">改訂</h2> <ul> <li> 2017 å¹´ 4 月 3 æ—¥: æƒ…å ±å…¬é–‹</li> - <li> 2017 å¹´ 4 月 5 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ </li> + <li>2017 å¹´ 4 月 5 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ </li> + <li>2017 å¹´ 4 月 21 æ—¥: CVE-2016-10231ã€CVE-2017-0586 ã®å¸°å±žã‚’ä¿®æ£</li> + <li>2017 å¹´ 4 月 27 æ—¥: å…¬é–‹æƒ…å ±ã‹ã‚‰ CVE-2017-0540 を削除</li> + <li>2017 å¹´ 8 月 17 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã—å‚照番å·ã‚’æ›´æ–°</li> </ul> </body></html>
\ No newline at end of file diff --git a/ja/security/bulletin/2017-05-01.html b/ja/security/bulletin/2017-05-01.html index aabb3a86..f54036d3 100644 --- a/ja/security/bulletin/2017-05-01.html +++ b/ja/security/bulletin/2017-05-01.html @@ -20,9 +20,9 @@ limitations under the License. --> -<p><em>2017 å¹´ 5 月 1 日公開 | 2017 å¹´ 8 月 17 日更新</em></p> +<p><em>2017 å¹´ 5 月 1 日公開 | 2017 å¹´ 10 月 3 日更新</em></p> -<p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’åŠã¼ã™ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Nexus 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§ãƒªãƒªãƒ¼ã‚¹ã—ã¦ã„ã¾ã™ã€‚2017 å¹´ 5 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。</p> +<p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚æƒ…å ±ã®å…¬é–‹ã«ä¼´ã„ã€Nexus 端末ã«å¯¾ã™ã‚‹ã‚»ã‚ュリティ アップデートを無線(OTA)アップデートã§é…ä¿¡ã—ã¾ã—ãŸã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§ãƒªãƒªãƒ¼ã‚¹ã—ã¦ã„ã¾ã™ã€‚2017 å¹´ 5 月 5 日以é™ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。</p> <p>パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠2017 å¹´ 4 月 3 æ—¥ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)ã®ãƒ¬ãƒã‚¸ãƒˆãƒªã«ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã‚’リリースã—ã¦ã„ã¾ã™ã€‚ã¾ãŸã€ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€ã“れらã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã«åŠ ãˆã€AOSP 以外ã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã‚‚掲載ã—ã¦ã„ã¾ã™ã€‚</p> @@ -33,13 +33,13 @@ <p>ã”利用ã®ç«¯æœ«ã§ä¸Šè¨˜ã®æ›´æ–°ã‚’è¡Œã†ã“ã¨ã‚’ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ãŠã™ã™ã‚ã—ã¾ã™ã€‚</p> <h2 id="announcements">ãŠçŸ¥ã‚‰ã›</h2> <ul> -<li>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッムレベル文å—列を定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚詳ã—ãã¯ã€<a href="#common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</a>ã‚’ã”覧ãã ã•ã„。 +<li>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«æ–‡å—列を定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚詳ã—ãã¯ã€<a href="#common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</a>ã‚’ã”覧ãã ã•ã„。 <ul> - <li><strong>2017-05-01</strong>: 部分的ã«å¯¾å‡¦ã—ãŸã‚»ã‚ュリティ パッムレベル文å—列。ã“ã®ã‚»ã‚ュリティ パッムレベル文å—列ã¯ã€2017-05-01(ãŠã‚ˆã³ãれ以å‰ã®ã™ã¹ã¦ã®ã‚»ã‚ュリティ パッムレベル文å—列)ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚</li> - <li><strong>2017-05-05</strong>: 完全ã«å¯¾å‡¦ã—ãŸã‚»ã‚ュリティ パッムレベル文å—列。ã“ã®ã‚»ã‚ュリティ パッムレベル文å—列ã¯ã€2017-05-01 㨠2017-05-05(ãŠã‚ˆã³ãれ以å‰ã®ã™ã¹ã¦ã®ã‚»ã‚ュリティ パッムレベル文å—列)ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚</li> + <li><strong>2017-05-01</strong>: 部分的ã«å¯¾å‡¦ã—ãŸã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«æ–‡å—列。ã“ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«æ–‡å—列ã¯ã€2017-05-01(ãŠã‚ˆã³ãれ以å‰ã®ã™ã¹ã¦ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«æ–‡å—列)ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚</li> + <li><strong>2017-05-05</strong>: 完全ã«å¯¾å‡¦ã—ãŸã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«æ–‡å—列。ã“ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«æ–‡å—列ã¯ã€2017-05-01 㨠2017-05-05(ãŠã‚ˆã³ãれ以å‰ã®ã™ã¹ã¦ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«æ–‡å—列)ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚</li> </ul> </li> -<li>サãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ã¯ã€2017 å¹´ 5 月 5 æ—¥ã®ã‚»ã‚ュリティ パッムレベルã®ã‚¢ãƒƒãƒ—デート 1 件㌠OTA ã§é…ä¿¡ã•ã‚Œã¾ã™ã€‚</li> +<li>サãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ã¯ã€2017 å¹´ 5 月 5 æ—¥ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã®ã‚¢ãƒƒãƒ—デート 1 件㌠OTA ã§é…ä¿¡ã•ã‚Œã¾ã™ã€‚</li> </ul> <h2 id="mitigations">Android 㨠Google サービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</h2> @@ -47,8 +47,8 @@ <p>ã“ã“ã§ã¯ã€<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォーム</a>ã®ä¿è·ã¨ SafetyNet ã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“スã®ä¿è·ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã®è»½æ¸›ã«ã¤ã„ã¦æ¦‚説ã—ã¾ã™ã€‚ã“ã†ã—ãŸæ©Ÿèƒ½ã¯ã€Android ã§ã‚»ã‚ュリティã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’減らã—ã¾ã™ã€‚</p> <ul> -<li>Android プラットフォームã®æœ€æ–°ç‰ˆã§ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Android 上ã®å¤šãã®å•é¡Œã«ã¤ã„ã¦æ‚ªç”¨ãŒå›°é›£ã«ãªã‚Šã¾ã™ã€‚Google ã§ã¯ã€ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã€ã§ãã‚‹é™ã‚Šæœ€æ–°ç‰ˆã® Android ã«æ›´æ–°ã™ã‚‹ã“ã¨ã‚’ãŠã™ã™ã‚ã—ã¦ã„ã¾ã™ã€‚</li> -<li>Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€<a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">「アプリã®ç¢ºèªã€ã‚„ SafetyNet</a> ã«ã‚ˆã£ã¦è„†å¼±æ€§ã®æ‚ªç”¨ã‚’ç©æ¥µçš„ã«ç›£è¦–ã—ã¦ãŠã‚Šã€<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">有害ãªãŠãã‚Œã®ã‚るアプリ</a>ã«ã¤ã„ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¦ã„ã¾ã™ã€‚「アプリã®ç¢ºèªã€ã¯ã€<a href="http://www.android.com/gms">Google モãƒã‚¤ãƒ« サービス</a>ã‚’æ載ã—ãŸç«¯æœ«ã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ãŠã‚Šã€Google Play 以外ã‹ã‚‰ã‚¢ãƒ—リをインストールã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦ã¯ç‰¹ã«é‡è¦ã§ã™ã€‚端末ã®ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹ãƒ„ール㯠Google Play ã§ã¯ç¦æ¢ã•ã‚Œã¦ã„ã¾ã™ãŒã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€ã‚¢ãƒ—リã®å…¥æ‰‹å…ƒã«ã‹ã‹ã‚らãšã€ãƒ«ãƒ¼ãƒˆæ¨©é™å–得アプリを検出ã—ã€ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—よã†ã¨ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¾ã™ã€‚ã¾ãŸã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€æ‚ªæ„ã®ã‚る既知ã®ã‚¢ãƒ—リã§æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œãªã„よã†ã«ã€ãã®ã‚ˆã†ãªã‚¢ãƒ—リã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã‚’見ã¤ã‘ã¦é˜»æ¢ã—ã¾ã™ã€‚ã“ã†ã—ãŸã‚¢ãƒ—リãŒã™ã§ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é€šçŸ¥ã—ã¦ã€æ¤œå‡ºã•ã‚ŒãŸã‚¢ãƒ—リã®å‰Šé™¤ã‚’試ã¿ã¾ã™ã€‚</li> +<li>Android プラットフォームã®æœ€æ–°ç‰ˆã§ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Android 上ã®å¤šãã®å•é¡Œã«ã¤ã„ã¦æ‚ªç”¨ãŒå›°é›£ã«ãªã‚Šã¾ã™ã€‚Google ã§ã¯ã€ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã€ã§ãã‚‹é™ã‚Šæœ€æ–°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã® Android ã«æ›´æ–°ã™ã‚‹ã“ã¨ã‚’ãŠã™ã™ã‚ã—ã¦ã„ã¾ã™ã€‚</li> +<li>Android ã‚»ã‚ュリティ ãƒãƒ¼ãƒ ã¯ã€<a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">「アプリã®ç¢ºèªã€ã‚„ SafetyNet</a> ã«ã‚ˆã£ã¦è„†å¼±æ€§ã®æ‚ªç”¨ã‚’ç©æ¥µçš„ã«ç›£è¦–ã—ã¦ãŠã‚Šã€<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">有害ãªãŠãã‚Œã®ã‚るアプリ</a>ã«ã¤ã„ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¦ã„ã¾ã™ã€‚「アプリã®ç¢ºèªã€ã¯ã€<a href="http://www.android.com/gms">Google モãƒã‚¤ãƒ« サービス</a>ã‚’æ載ã—ãŸç«¯æœ«ã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ãŠã‚Šã€Google Play 以外ã‹ã‚‰ã‚¢ãƒ—リをインストールã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦ã¯ç‰¹ã«é‡è¦ã§ã™ã€‚端末ã®ãƒ«ãƒ¼ãƒˆæ¨©é™ã‚’å–å¾—ã™ã‚‹ãƒ„ール㯠Google Play ã§ã¯ç¦æ¢ã•ã‚Œã¦ã„ã¾ã™ãŒã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€ã‚¢ãƒ—リã®å…¥æ‰‹å…ƒã«é–¢ä¿‚ãªãã€æ¤œå‡ºã•ã‚ŒãŸãƒ«ãƒ¼ãƒˆæ¨©é™å–得アプリをインストールã—よã†ã¨ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«è¦å‘Šã—ã¾ã™ã€‚ã¾ãŸã€ã€Œã‚¢ãƒ—リã®ç¢ºèªã€ã§ã¯ã€æ‚ªæ„ã®ã‚る既知ã®ã‚¢ãƒ—リã§æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œãªã„よã†ã«ã€ãã®ã‚ˆã†ãªã‚¢ãƒ—リã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã‚’見ã¤ã‘ã¦é˜»æ¢ã—ã¾ã™ã€‚ã“ã†ã—ãŸã‚¢ãƒ—リãŒã™ã§ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é€šçŸ¥ã—ã¦ã€æ¤œå‡ºã•ã‚ŒãŸã‚¢ãƒ—リã®å‰Šé™¤ã‚’試ã¿ã¾ã™ã€‚</li> <li>Google ãƒãƒ³ã‚°ã‚¢ã‚¦ãƒˆã‚„メッセンジャーãªã©ã®ã‚¢ãƒ—リã§ã¯çŠ¶æ³ã‚’é©å®œåˆ¤æ–ã—ã€ãƒ¡ãƒ‡ã‚£ã‚¢ã‚µãƒ¼ãƒãƒ¼ãªã©ã®ãƒ—ãƒã‚»ã‚¹ã«è‡ªå‹•çš„ã«ãƒ¡ãƒ‡ã‚£ã‚¢ã‚’渡ã™ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</li> </ul> @@ -83,7 +83,7 @@ <li>Qihoo 360 Technology Co. Ltd. Vulpecker Team ã® Yu Panã€Peide Zhang: CVE-2017-0618ã€CVE-2017-0625</li> </ul> -<h2 id="2017-05-01-details">ã‚»ã‚ュリティ パッムレベル 2017-05-01 ã®è„†å¼±æ€§ã®è©³ç´°</h2> +<h2 id="2017-05-01-details">ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ« 2017-05-01 ã®è„†å¼±æ€§ã®è©³ç´°</h2> <p>パッãƒãƒ¬ãƒ™ãƒ« 2017-05-01 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> @@ -502,7 +502,7 @@ </tr> </tbody></table> -<h2 id="2017-05-05-details">ã‚»ã‚ュリティ パッムレベル 2017-05-05 ã®è„†å¼±æ€§ã®è©³ç´°</h2> +<h2 id="2017-05-05-details">ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ« 2017-05-05 ã®è„†å¼±æ€§ã®è©³ç´°</h2> <p>パッãƒãƒ¬ãƒ™ãƒ« 2017-05-05 ã«è©²å½“ã™ã‚‹ã‚»ã‚ュリティ脆弱性ã®å„é …ç›®ã«ã¤ã„ã¦ã€ä¸‹è¨˜ã«è©³ç´°ã‚’説明ã—ã¾ã™ã€‚å•é¡Œã®å†…容ã¨ãã®é‡å¤§åº¦ã®æ ¹æ‹ ã«ã¤ã„ã¦èª¬æ˜Žã—ã€CVEã€é–¢é€£ã™ã‚‹å‚照先ã€é‡å¤§åº¦ã€æ›´æ–°å¯¾è±¡ã® Google 端末ã€æ›´æ–°å¯¾è±¡ã® AOSP ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼ˆè©²å½“ã™ã‚‹å ´åˆï¼‰ã€å ±å‘Šæ—¥ã‚’表ã«ã¾ã¨ã‚ã¦ã„ã¾ã™ã€‚ãã®å•é¡Œã«å¯¾å‡¦ã—ãŸã€ä¸€èˆ¬å…¬é–‹ã•ã‚Œã¦ã„る変更(AOSP ã®å¤‰æ›´ã®ä¸€è¦§ãªã©ï¼‰ãŒã‚ã‚‹å ´åˆã¯ã€ãã®ãƒã‚° ID ã«ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚複数ã®å¤‰æ›´ãŒåŒã˜ãƒã‚°ã«é–¢ä¿‚ã™ã‚‹å ´åˆã¯ã€ãƒã‚° ID ã®å¾Œã«è¨˜è¼‰ã—ãŸç•ªå·ã«ã€è¿½åŠ ã®å‚ç…§ã¸ã®ãƒªãƒ³ã‚¯ã‚’è¨å®šã—ã¦ã„ã¾ã™ã€‚</p> @@ -618,7 +618,7 @@ QC-CR#1094105</a></td> <th>å‚ç…§</th> <th>é‡å¤§åº¦</th> <th>更新対象㮠Google 端末</th> - <th>å ±å‘Šæ—¥</th> + <th>å ±å‘Šæ—¥ã€€</th> </tr> <tr> <td>CVE-2016-9794</td> @@ -719,34 +719,6 @@ QC-CR#826589</a></td> <p>* Android 7.1.1 以é™ãŒæ載ã•ã‚ŒãŸã‚µãƒãƒ¼ãƒˆå¯¾è±¡ã® Google 端末ã«ãŠã„ã¦ã€é©ç”¨ã§ãã‚‹ã™ã¹ã¦ã®ã‚¢ãƒƒãƒ—デートãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ã“ã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“。</p> -<h3 id="eop-in-kernel-trace-subsystem">カーãƒãƒ« トレース サブシステムã§ã®æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§</h3> - -<p>カーãƒãƒ« トレース サブシステムã«æ¨©é™æ˜‡æ ¼ã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€æ‚ªæ„ã®ã‚ã‚‹ãƒãƒ¼ã‚«ãƒ«ã‚¢ãƒ—リã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚«ãƒ«ã§ã®æ°¸ä¹…çš„ãªç«¯æœ«ã®ä¾µå®³ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã€ç«¯æœ«ã‚’修復ã™ã‚‹ã«ã¯ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚° システムã®å†é©ç”¨ãŒå¿…è¦ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚ã€ã“ã®å•é¡Œã¯ã€Œé‡å¤§ã€ã¨åˆ¤æ–ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> - -<table> - <colgroup><col width="19%" /> - <col width="20%" /> - <col width="10%" /> - <col width="23%" /> - <col width="17%" /> - </colgroup><tbody><tr> - <th>CVE</th> - <th>å‚ç…§</th> - <th>é‡å¤§åº¦</th> - <th>更新対象㮠Google 端末</th> - <th>å ±å‘Šæ—¥</th> - </tr> - <tr> - <td>CVE-2017-0605</td> - <td>A-35399704<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> -QC-CR#1048480</a></td> - <td>é‡å¤§</td> - <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XLã€Pixel Cã€Android Oneã€Nexus Player</td> - <td>2017 å¹´ 2 月 15 æ—¥</td> - </tr> -</tbody></table> - <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®è„†å¼±æ€§</h3> <p>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹è„†å¼±æ€§ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚詳細ã«ã¤ã„ã¦ã¯ã€Qualcomm AMSS ã® 2016 å¹´ 8 月ã€9 月ã€10 月ã€12 月ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã‚’ã”覧ãã ã•ã„。</p> @@ -2206,7 +2178,7 @@ QC-CR#832915</a></td> <h3 id="vulnerabilities-in-qualcomm-components-2">Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã§ã®è„†å¼±æ€§</h3> -<p>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹æ¬¡ã®è„†å¼±æ€§ã¯ã€2014~2016 å¹´ã« Qualcomm AMSS ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã¨ã—ã¦ãƒªãƒªãƒ¼ã‚¹ã•ã‚ŒãŸã‚‚ã®ã§ã™ã€‚ã“れら㯠Android ã®ã‚»ã‚ュリティ パッムレベルã¨ã®é–¢é€£ä»˜ã‘ã®ãŸã‚ã€ä»Šå›žã®ã€ŒAndroid ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã€ã«è¿½è¨˜ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«å½±éŸ¿ã™ã‚‹æ¬¡ã®è„†å¼±æ€§ã¯ã€2014~2016 å¹´ã« Qualcomm AMSS ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã¨ã—ã¦ãƒªãƒªãƒ¼ã‚¹ã•ã‚ŒãŸã‚‚ã®ã§ã™ã€‚ã“れら㯠Android ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã¨ã®é–¢é€£ä»˜ã‘ã®ãŸã‚ã€ä»Šå›žã®ã€ŒAndroid ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã€ã«è¿½è¨˜ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <table> <colgroup><col width="19%" /> @@ -2404,11 +2376,11 @@ QC-CR#832915</a></td> <p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã‚’判æ–ã™ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ </strong></p> -<p>端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。</p> +<p>端末ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。</p> <ul> -<li>ã‚»ã‚ュリティ パッムレベル 2017-05-01 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル 2017-05-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚</li> -<li>ã‚»ã‚ュリティ パッムレベル 2017-05-05 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッムレベル 2017-05-05ã€ãŠã‚ˆã³ãれ以å‰ã®ã™ã¹ã¦ã®ãƒ‘ッãƒãƒ¬ãƒ™ãƒ«ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ +<li>ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ« 2017-05-01 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ« 2017-05-01 ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚</li> +<li>ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ« 2017-05-05 以é™ã§ã¯ã€ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ« 2017-05-05ã€ãŠã‚ˆã³ãれ以å‰ã®ã™ã¹ã¦ã®ãƒ‘ッãƒãƒ¬ãƒ™ãƒ«ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚ </li> </ul> @@ -2420,10 +2392,10 @@ QC-CR#832915</a></td> <p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> -<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <ul> -<li>2017 å¹´ 5 月 1 æ—¥ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ãã®ã‚»ã‚ュリティ パッムレベルã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã¨ã€ãれ以å‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã§å ±å‘Šã•ã‚ŒãŸã™ã¹ã¦ã®å•é¡Œã®ä¿®æ£ã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> -<li>2017 å¹´ 5 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ä»Šå›žï¼ˆãŠã‚ˆã³ãれ以å‰ï¼‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚ŒãŸã€è©²å½“ã™ã‚‹ã™ã¹ã¦ã®ãƒ‘ッãƒã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> +<li>2017 å¹´ 5 月 1 æ—¥ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ãã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã¨ã€ãれ以å‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã§å ±å‘Šã•ã‚ŒãŸã™ã¹ã¦ã®å•é¡Œã®ä¿®æ£ã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> +<li>2017 å¹´ 5 月 5 日以é™ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ä»Šå›žï¼ˆãŠã‚ˆã³ãれ以å‰ï¼‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚ŒãŸã€è©²å½“ã™ã‚‹ã™ã¹ã¦ã®ãƒ‘ッãƒã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> </ul> <p>パートナーã«ã¯ã€å¯¾å‡¦ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã®ä¿®æ£ã‚’ 1 ã¤ã®ã‚¢ãƒƒãƒ—デートã«ã¾ã¨ã‚ã¦æä¾›ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> @@ -2472,6 +2444,7 @@ QC-CR#832915</a></td> <li>2017 å¹´ 5 月 2 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ </li> <li>2017 å¹´ 8 月 10 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— CVE-2017-0493 å‘ã‘ AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ </li> <li>2017 å¹´ 8 月 17 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã—å‚照番å·ã‚’æ›´æ–°</li> +<li>2017 å¹´ 10 月 3 æ—¥: å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— CVE-2017-0605 を削除</li> </ul> </body></html>
\ No newline at end of file diff --git a/ja/security/bulletin/2017-06-01.html b/ja/security/bulletin/2017-06-01.html index 9e49ec1b..9fab102c 100644 --- a/ja/security/bulletin/2017-06-01.html +++ b/ja/security/bulletin/2017-06-01.html @@ -19,15 +19,15 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>2017 å¹´ 6 月 5 日公開 | 2017 å¹´ 6 月 7 日更新</em></p> +<p><em>2017 å¹´ 6 月 5 日公開 | 2017 å¹´ 8 月 17 日更新</em></p> <p>Android ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«ã¯ã€Android æ載端末ã«å½±éŸ¿ã‚’与ãˆã‚‹ã‚»ã‚ュリティã®è„†å¼±æ€§ã®è©³ç´°ã‚’掲載ã—ã¦ã„ã¾ã™ã€‚2017 å¹´ 6 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルã§ã¯ã€ä¸‹è¨˜ã®ã™ã¹ã¦ã®å•é¡Œã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã€‚端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 㨠Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã‚’ã”覧ãã ã•ã„。</p> <p>パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«è¨˜è¼‰ã®å•é¡Œã«ã¤ã„㦠1 ã‹æœˆå‰ã¾ã§ã«é€šçŸ¥æ¸ˆã¿ã§ã™ã€‚Android オープンソース プãƒã‚¸ã‚§ã‚¯ãƒˆï¼ˆAOSP)ã®ãƒ¬ãƒã‚¸ãƒˆãƒªã«ã€ä¸‹è¨˜ã®å•é¡Œã«å¯¾ã™ã‚‹ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã®ãƒ‘ッãƒã‚’リリースã—ã¾ã™ã€‚ã¾ãŸã€ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€ã“れらã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã«åŠ ãˆã€AOSP 以外ã®ãƒ‘ッãƒã¸ã®ãƒªãƒ³ã‚¯ã‚‚掲載ã—ã¦ã„ã¾ã™ã€‚</p> -<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€ãƒ¡ãƒ‡ã‚£ã‚¢ フレームワークã«é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€é›¢ã‚ŒãŸå ´æ‰€ã«ã„る攻撃者ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルやデータã®å‡¦ç†ä¸ã«ãƒ¡ãƒ¢ãƒªç ´å£Šã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚‹ã“ã¨ã§ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®åˆ¤å®š</a>ã¯ã€æ”»æ’ƒã‚’å—ã‘ãŸç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã§ç„¡åŠ¹ã«ã•ã‚Œã‚‹ã‹ä¸æ£ã«å›žé¿ã•ã‚ŒãŸå ´åˆã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> +<p>下記ã®å•é¡Œã®ã†ã¡æœ€ã‚‚é‡å¤§åº¦ã®é«˜ã„ã‚‚ã®ã¯ã€ãƒ¡ãƒ‡ã‚£ã‚¢ フレームワークã«é‡å¤§ãªã‚»ã‚ュリティã®è„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€é›¢ã‚ŒãŸå ´æ‰€ã«ã„る攻撃者ãŒç‰¹åˆ¥ã«ç´°å·¥ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’使用ã—ã¦ã€ãƒ¡ãƒ‡ã‚£ã‚¢ ファイルやデータã®å‡¦ç†ä¸ã«ãƒ¡ãƒ¢ãƒªç ´å£Šã‚’引ãèµ·ã“ã™ãŠãã‚ŒãŒã‚ã‚‹ã“ã¨ã§ã™ã€‚<a href="/security/overview/updates-resources.html#severity">é‡å¤§åº¦ã®è©•ä¾¡</a>ã¯ã€æ”»æ’ƒå¯¾è±¡ã®ç«¯æœ«ã§ãã®è„†å¼±æ€§ãŒæ‚ªç”¨ã•ã‚ŒãŸå ´åˆã®å½±éŸ¿ã«åŸºã¥ãã‚‚ã®ã§ã€ãƒ—ラットフォームやサービスã§ã®ãƒªã‚¹ã‚¯è»½æ¸›ç–ãŒé–‹ç™ºç›®çš„ã¾ãŸã¯ä¸æ£ãªå›žé¿ã«ã‚ˆã‚Šç„¡åŠ¹ã¨ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚</p> -<p>ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ <a href="https://www.android.com/play-protect">Google Play プãƒãƒ†ã‚¯ãƒˆ</a>ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="#mitigations">Android 㨠Google Play プãƒãƒ†ã‚¯ãƒˆã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã¯ã€Android プラットフォームã®ã‚»ã‚ュリティを改善ã—ã¾ã™ã€‚</p> +<p>ã“ã®æ–°ãŸã«å ±å‘Šã•ã‚ŒãŸå•é¡Œã«ã‚ˆã£ã¦å®Ÿéš›ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ç«¯æœ«ãŒä¸æ£ä½¿ç”¨ã•ã‚ŒãŸå ±å‘Šã¯ã‚ã‚Šã¾ã›ã‚“。<a href="/security/enhancements/index.html">Android ã‚»ã‚ュリティ プラットフォームã®ä¿è·</a>ã‚„ <a href="https://www.android.com/play-protect">Google Play プãƒãƒ†ã‚¯ãƒˆ</a>ã«ã¤ã„ã¦è©³ã—ãã¯ã€<a href="#mitigations">Android 㨠Google Play プãƒãƒ†ã‚¯ãƒˆã®ãƒªã‚¹ã‚¯è»½æ¸›ç–</a>ã‚’ã”覧ãã ã•ã„。ã“ã†ã—ãŸä¿è·ã«ã‚ˆã‚Šã€Android プラットフォームã®ã‚»ã‚ュリティãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚</p> <p>ã”利用ã®ç«¯æœ«ã§ä¸Šè¨˜ã®æ›´æ–°ã‚’è¡Œã†ã“ã¨ã‚’ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ãŠã™ã™ã‚ã—ã¾ã™ã€‚</p> @@ -392,6 +392,14 @@ <td>ä¸</td> <td>サウンド ドライãƒ</td> </tr> + <tr> + <td>CVE-2017-6249</td> + <td>A-34373711<a href="#asterisk">*</a><br /> + N-CVE-2017-6249</td> + <td>EoP</td> + <td>ä¸</td> + <td>サウンド ドライãƒ</td> + </tr> </tbody></table> <h3 id="qualcomm-components">Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆ</h3> <p>Qualcomm コンãƒãƒ¼ãƒãƒ³ãƒˆã«é‡å¤§ãªè„†å¼±æ€§ãŒã‚ã‚‹ãŸã‚ã€è¿‘ãã«ã„る攻撃者ã«ã‚ˆã£ã¦ã‚«ãƒ¼ãƒãƒ«å†…ã§ä»»æ„ã®ã‚³ãƒ¼ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚</p> @@ -630,416 +638,364 @@ </tr> <tr> <td>CVE-2014-9960</td> - <td>A-37280308<a href="#asterisk">*</a><br /> - QC-CR#381837</td> - <td>ãªã—</td> + <td>A-37280308<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9961</td> - <td>A-37279724<a href="#asterisk">*</a><br /> - QC-CR#581093</td> - <td>ãªã—</td> + <td>A-37279724<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9953</td> - <td>A-36714770<a href="#asterisk">*</a><br /> - QC-CR#642173</td> - <td>ãªã—</td> + <td>A-36714770<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9967</td> - <td>A-37281466<a href="#asterisk">*</a><br /> - QC-CR#739110</td> - <td>ãªã—</td> + <td>A-37281466<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9026</td> - <td>A-37277231<a href="#asterisk">*</a><br /> - QC-CR#748397</td> - <td>ãªã—</td> + <td>A-37277231<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9027</td> - <td>A-37279124<a href="#asterisk">*</a><br /> - QC-CR#748407</td> - <td>ãªã—</td> + <td>A-37279124<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9008</td> - <td>A-36384689<a href="#asterisk">*</a><br /> - QC-CR#762111</td> - <td>ãªã—</td> + <td>A-36384689<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9009</td> - <td>A-36393600<a href="#asterisk">*</a><br /> - QC-CR#762182</td> - <td>ãªã—</td> + <td>A-36393600<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9010</td> - <td>A-36393101<a href="#asterisk">*</a><br /> - QC-CR#758752</td> - <td>ãªã—</td> + <td>A-36393101<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9011</td> - <td>A-36714882<a href="#asterisk">*</a><br /> - QC-CR#762167</td> - <td>ãªã—</td> + <td>A-36714882<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9024</td> - <td>A-37265657<a href="#asterisk">*</a><br /> - QC-CR#740680</td> - <td>ãªã—</td> + <td>A-37265657<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9012</td> - <td>A-36384691<a href="#asterisk">*</a><br /> - QC-CR#746617</td> - <td>ãªã—</td> + <td>A-36384691<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9013</td> - <td>A-36393251<a href="#asterisk">*</a><br /> - QC-CR#814373</td> - <td>ãªã—</td> + <td>A-36393251<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9014</td> - <td>A-36393750<a href="#asterisk">*</a><br /> - QC-CR#855220</td> - <td>ãªã—</td> + <td>A-36393750<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9015</td> - <td>A-36714120<a href="#asterisk">*</a><br /> - QC-CR#701858</td> - <td>ãªã—</td> + <td>A-36714120<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9029</td> - <td>A-37276981<a href="#asterisk">*</a><br /> - QC-CR#827837</td> - <td>ãªã—</td> + <td>A-37276981<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10338</td> - <td>A-37277738<a href="#asterisk">*</a><br /> - QC-CR#987699</td> - <td>ãªã—</td> + <td>A-37277738<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10336</td> - <td>A-37278436<a href="#asterisk">*</a><br /> - QC-CR#973605</td> - <td>ãªã—</td> + <td>A-37278436<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10333</td> - <td>A-37280574<a href="#asterisk">*</a><br /> - QC-CR#947438</td> - <td>ãªã—</td> + <td>A-37280574<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10341</td> - <td>A-37281667<a href="#asterisk">*</a><br /> - QC-CR#991476</td> - <td>ãªã—</td> + <td>A-37281667<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10335</td> - <td>A-37282802<a href="#asterisk">*</a><br /> - QC-CR#961142</td> - <td>ãªã—</td> + <td>A-37282802<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10340</td> - <td>A-37280614<a href="#asterisk">*</a><br /> - QC-CR#989028</td> - <td>ãªã—</td> + <td>A-37280614<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10334</td> - <td>A-37280664<a href="#asterisk">*</a><br /> - QC-CR#949933</td> - <td>ãªã—</td> + <td>A-37280664<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10339</td> - <td>A-37280575<a href="#asterisk">*</a><br /> - QC-CR#988502</td> - <td>ãªã—</td> + <td>A-37280575<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10298</td> - <td>A-36393252<a href="#asterisk">*</a><br /> - QC-CR#1020465</td> - <td>ãªã—</td> + <td>A-36393252<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10299</td> - <td>A-32577244<a href="#asterisk">*</a><br /> - QC-CR#1058511</td> - <td>ãªã—</td> + <td>A-32577244<a href="#asterisk">*</a></td> + <td>N/A</td> <td>é‡å¤§</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9954</td> - <td>A-36388559<a href="#asterisk">*</a><br /> - QC-CR#552880</td> - <td>ãªã—</td> + <td>A-36388559<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9955</td> - <td>A-36384686<a href="#asterisk">*</a><br /> - QC-CR#622701</td> - <td>ãªã—</td> + <td>A-36384686<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9956</td> - <td>A-36389611<a href="#asterisk">*</a><br /> - QC-CR#638127</td> - <td>ãªã—</td> + <td>A-36389611<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9957</td> - <td>A-36387564<a href="#asterisk">*</a><br /> - QC-CR#638984</td> - <td>ãªã—</td> + <td>A-36387564<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9958</td> - <td>A-36384774<a href="#asterisk">*</a><br /> - QC-CR#638135</td> - <td>ãªã—</td> + <td>A-36384774<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9962</td> - <td>A-37275888<a href="#asterisk">*</a><br /> - QC-CR#656267</td> - <td>ãªã—</td> + <td>A-37275888<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9963</td> - <td>A-37276741<a href="#asterisk">*</a><br /> - QC-CR#657771</td> - <td>ãªã—</td> + <td>A-37276741<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9959</td> - <td>A-36383694<a href="#asterisk">*</a><br /> - QC-CR#651900</td> - <td>ãªã—</td> + <td>A-36383694<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9964</td> - <td>A-37280321<a href="#asterisk">*</a><br /> - QC-CR#680778</td> - <td>ãªã—</td> + <td>A-37280321<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9965</td> - <td>A-37278233<a href="#asterisk">*</a><br /> - QC-CR#711585</td> - <td>ãªã—</td> + <td>A-37278233<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2014-9966</td> - <td>A-37282854<a href="#asterisk">*</a><br /> - QC-CR#727398</td> - <td>ãªã—</td> + <td>A-37282854<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9023</td> - <td>A-37276138<a href="#asterisk">*</a><br /> - QC-CR#739802</td> - <td>ãªã—</td> + <td>A-37276138<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9020</td> - <td>A-37276742<a href="#asterisk">*</a><br /> - QC-CR#733455</td> - <td>ãªã—</td> + <td>A-37276742<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9021</td> - <td>A-37276743<a href="#asterisk">*</a><br /> - QC-CR#735148</td> - <td>ãªã—</td> + <td>A-37276743<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9025</td> - <td>A-37276744<a href="#asterisk">*</a><br /> - QC-CR#743985</td> - <td>ãªã—</td> + <td>A-37276744<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9022</td> - <td>A-37280226<a href="#asterisk">*</a><br /> - QC-CR#736146</td> - <td>ãªã—</td> + <td>A-37280226<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9028</td> - <td>A-37277982<a href="#asterisk">*</a><br /> - QC-CR#762764</td> - <td>ãªã—</td> + <td>A-37277982<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9031</td> - <td>A-37275889<a href="#asterisk">*</a><br /> - QC-CR#866015</td> - <td>ãªã—</td> + <td>A-37275889<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9032</td> - <td>A-37279125<a href="#asterisk">*</a><br /> - QC-CR#873202</td> - <td>ãªã—</td> + <td>A-37279125<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9033</td> - <td>A-37276139<a href="#asterisk">*</a><br /> - QC-CR#892541</td> - <td>ãªã—</td> + <td>A-37276139<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2015-9030</td> - <td>A-37282907<a href="#asterisk">*</a><br /> - QC-CR#854667</td> - <td>ãªã—</td> + <td>A-37282907<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10332</td> - <td>A-37282801<a href="#asterisk">*</a><br /> - QC-CR#906713<br /> - QC-CR#917701<br /> - QC-CR#917702</td> - <td>ãªã—</td> + <td>A-37282801<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10337</td> - <td>A-37280665<a href="#asterisk">*</a><br /> - QC-CR#977632</td> - <td>ãªã—</td> + <td>A-37280665<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> <tr> <td>CVE-2016-10342</td> - <td>A-37281763<a href="#asterisk">*</a><br /> - QC-CR#988941</td> - <td>ãªã—</td> + <td>A-37281763<a href="#asterisk">*</a></td> + <td>N/A</td> <td>高</td> <td>クãƒãƒ¼ã‚ºãƒ‰ã‚½ãƒ¼ã‚¹ コンãƒãƒ¼ãƒãƒ³ãƒˆ</td> </tr> </tbody></table> <h2 id="google-device-updates">Google 端末ã®ã‚¢ãƒƒãƒ—デート</h2> -<p>ã“ã®è¡¨ã«ã¯æœ€æ–°ã®ç„¡ç·šï¼ˆOTA)アップデート㨠Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージã®ã‚»ã‚ュリティ パッムレベルを記載ã—ã¦ã„ã¾ã™ã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージã¯ã€<a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§å…¥æ‰‹ã§ãã¾ã™ã€‚</p> +<p>ã“ã®è¡¨ã«ã¯æœ€æ–°ã®ç„¡ç·šï¼ˆOTA)アップデート㨠Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’記載ã—ã¦ã„ã¾ã™ã€‚Google 端末ã®ãƒ•ã‚¡ãƒ¼ãƒ ウェア イメージã¯ã€<a href="https://developers.google.com/android/nexus/images">Google デベãƒãƒƒãƒ‘ー サイト</a>ã§å…¥æ‰‹ã§ãã¾ã™ã€‚</p> <table> <colgroup><col width="25%" /> <col width="75%" /> </colgroup><tbody><tr> <th>Google 端末</th> - <th>ã‚»ã‚ュリティ パッムレベル</th> + <th>ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«</th> </tr> <tr> <td>Pixel / Pixel XL</td> @@ -1090,7 +1046,7 @@ </tr> <tr> <td>CVE-2017-0649</td> - <td>IceSword Lab, Qihoo 360 Technology Co. Ltd. ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a></td> + <td>Qihoo 360 Technology Co. Ltd. IceSword Lab ã® Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a></td> </tr> <tr> <td>CVE-2017-0646</td> @@ -1102,11 +1058,11 @@ </tr> <tr> <td>CVE-2017-8233</td> - <td>IceSword Lab, Qihoo 360 ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a></td> + <td>Qihoo 360 IceSword Lab ã® Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a></td> </tr> <tr> <td>CVE-2017-7368</td> - <td><a href="http://c0reteam.org">C0RE Team</a> ã® Lubo Zhang(<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>)ã€Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>)ã€Xuxian Jiang</td> + <td><a href="http://c0reteam.org">C0RE Team</a> ã® Lubo Zhang(<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>)ã€Yuan-Tsung Lo(<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>)ã€Xuxian Jiang</td> </tr> <tr> <td>CVE-2017-8242</td> @@ -1118,7 +1074,7 @@ </tr> <tr> <td>CVE-2017-0648</td> - <td><a href="https://alephsecurity.com/">Aleph Research</a>, HCL Technologies ã® Roee Hay(<a href="https://twitter.com/roeehay">@roeehay</a>)</td> + <td>HCL Technologies <a href="https://alephsecurity.com/">Aleph Research</a> ã® Roee Hay(<a href="https://twitter.com/roeehay">@roeehay</a>)</td> </tr> <tr> <td>CVE-2017-7369ã€CVE-2017-6249ã€CVE-2017-6247ã€CVE-2017-6248</td> @@ -1130,7 +1086,7 @@ </tr> <tr> <td>CVE-2017-0640</td> - <td><a href="http://www.trendmicro.com">Trend Micro</a>, <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile Threat Response Team</a> ã® V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>)</td> + <td><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile Threat Response Team</a> ã® V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>)</td> </tr> <tr> <td>CVE-2017-8236</td> @@ -1157,7 +1113,7 @@ <h2 id="common-questions-and-answers">一般的ãªè³ªå•ã¨å›žç”</h2> <p>上記ã®å…¬é–‹æƒ…å ±ã«å¯¾ã™ã‚‹ä¸€èˆ¬çš„ãªè³ªå•ã«ã¤ã„ã¦ã®å›žç”ã¯ä»¥ä¸‹ã®ã¨ãŠã‚Šã§ã™ã€‚</p> -<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’ã©ã®ã‚ˆã†ã«åˆ¤æ–ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ +<p><strong>1. 上記ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ã‚ˆã†ã«ç«¯æœ«ãŒæ›´æ–°ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’確ã‹ã‚ã‚‹ã«ã¯ã€ã©ã†ã™ã‚Œã°ã‚ˆã„ã§ã™ã‹ï¼Ÿ </strong></p> <p>端末ã®ã‚»ã‚ュリティ パッムレベルを確èªã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¯ã€<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ãŠã‚ˆã³ Nexus ã®ã‚¢ãƒƒãƒ—デート スケジュール</a>ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹æ‰‹é †ã‚’ã”覧ãã ã•ã„。</p> @@ -1168,9 +1124,9 @@ <ul> <li>[ro.build.version.security_patch]:[2017-06-01]</li> <li>[ro.build.version.security_patch]:[2017-06-05]</li></ul> -<p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッムレベルãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> +<p><strong>2. ã“ã®å…¬é–‹æƒ…å ±ã« 2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ãŒã‚ã‚‹ã®ã¯ãªãœã§ã™ã‹ï¼Ÿ</strong></p> -<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッムレベルを定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>ã“ã®å…¬é–‹æƒ…å ±ã§ã¯ã€2 ã¤ã®ã‚»ã‚ュリティ パッãƒãƒ¬ãƒ™ãƒ«ã‚’定義ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã™ã¹ã¦ã® Android æ載端末ã§åŒæ§˜ã®å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ä¸€éƒ¨ã®è„†å¼±æ€§ã‚’サブセットã¨ã—ã€Android パートナーãŒè¿…速ã‹ã¤æŸ”軟ã«ä¿®æ£ã§ãるよã†ã«ã™ã‚‹ãŸã‚ã§ã™ã€‚Android パートナーã«ã¯ã€ã“ã®å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚Œã¦ã„ã‚‹å•é¡Œã‚’ã™ã¹ã¦ä¿®æ£ã—ã€æœ€æ–°ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ã“ã¨ãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚</p> <ul> <li>2017 å¹´ 6 月 1 æ—¥ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ãã®ã‚»ã‚ュリティ パッムレベルã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã®å•é¡Œã¨ã€ãれ以å‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã§å ±å‘Šã•ã‚ŒãŸã™ã¹ã¦ã®å•é¡Œã®ä¿®æ£ã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li> <li>2017 å¹´ 6 月 5 日以é™ã®ã‚»ã‚ュリティ パッムレベルを使用ã™ã‚‹ç«¯æœ«ã«ã¯ã€ä»Šå›žï¼ˆãŠã‚ˆã³ãれ以å‰ï¼‰ã®ã‚»ã‚ュリティã«é–¢ã™ã‚‹å…¬é–‹æƒ…å ±ã«æŽ²è¼‰ã•ã‚ŒãŸã€è©²å½“ã™ã‚‹ã™ã¹ã¦ã®ãƒ‘ッãƒã‚’組ã¿è¾¼ã‚€å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚</li></ul> @@ -1204,11 +1160,11 @@ <td>サービス拒å¦</td> </tr> <tr> - <td>ãªã—</td> + <td>N/A</td> <td>該当ã™ã‚‹åˆ†é¡žãªã—</td> </tr> </tbody></table> -<p><strong>4. 「å‚ç…§ã€ã®åˆ—ã®é …ç›®ã¯ã©ã†ã„ã†æ„味ã§ã™ã‹ï¼Ÿ<em></em></strong></p> +<p><strong>4. 「å‚ç…§ã€åˆ—ã®é …ç›®ã¯ã©ã†ã„ã†æ„味ã§ã™ã‹ï¼Ÿ<em></em></strong></p> <p>脆弱性ã®è©³ç´°ã®è¡¨ã§ã€Œå‚ç…§ã€åˆ—ã«è¨˜è¼‰ã—ãŸé …ç›®ã«ã¯ã€ãã®å‚照番å·ãŒå±žã™çµ„織を示ã™æŽ¥é 辞をå«ã‚ã¦ã„ã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚<em></em></p> @@ -1240,9 +1196,9 @@ <td>Broadcom ã®å‚照番å·</td> </tr> </tbody></table> -<p id="asterisk"><strong>5. 「å‚ç…§ã€åˆ—ã® Android ãƒã‚° ID ã®æ¨ªã«ã‚る「<a href="#asterisk">*</a>ã€ã¯ã©ã†ã„ã†æ„味ã§ã™ã‹ï¼Ÿ<em></em></strong></p> +<p id="asterisk"><strong>5. 「å‚ç…§<em></em>ã€åˆ—ã® Android ãƒã‚° ID ã®æ¨ªã«ã‚る「<a href="#asterisk">*</a>ã€ã¯ã©ã†ã„ã†æ„味ã§ã™ã‹ï¼Ÿ</strong></p> -<p>公開ã•ã‚Œã¦ã„ãªã„å•é¡Œã«ã¯ã€ã€Œå‚ç…§ã€åˆ—ã® Android ãƒã‚° ID ã®æ¨ªã«ã€Œ<a href="#asterisk">*</a>ã€ã‚’付ã‘ã¦ã„ã¾ã™ã€‚<em></em>ã“ã®å•é¡Œã®ã‚¢ãƒƒãƒ—デートã¯ã€é€šå¸¸ã€<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> +<p>公開ã•ã‚Œã¦ã„ãªã„å•é¡Œã«ã¯ã€ã€Œå‚ç…§<em></em>ã€åˆ—ã® Android ãƒã‚° ID ã®æ¨ªã«ã€Œ<a href="#asterisk">*</a>ã€ã‚’付ã‘ã¦ã„ã¾ã™ã€‚ã“ã®å•é¡Œã®ã‚¢ãƒƒãƒ—デートã¯ã€é€šå¸¸ã€<a href="https://developers.google.com/android/nexus/drivers">Google デベãƒãƒƒãƒ‘ー サイト</a>ã‹ã‚‰å…¥æ‰‹ã§ãã‚‹ Nexus 端末用最新ãƒã‚¤ãƒŠãƒª ドライãƒã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚</p> <h2 id="versions">ãƒãƒ¼ã‚¸ãƒ§ãƒ³</h2> <table> @@ -1264,6 +1220,16 @@ <td>2017 å¹´ 6 月 7 æ—¥</td> <td>å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— AOSP ãƒªãƒ³ã‚¯ã‚’è¿½åŠ </td> </tr> + <tr> + <td>1.2</td> + <td>2017 å¹´ 7 月 11 æ—¥</td> + <td>å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã— CVE-2017-6249 ã‚’è¿½åŠ </td> + </tr> + <tr> + <td>1.3</td> + <td>2017 å¹´ 8 月 17 æ—¥</td> + <td>å…¬é–‹æƒ…å ±ã‚’æ”¹è¨‚ã—å‚照番å·ã‚’æ›´æ–°</td> + </tr> </tbody></table> </body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2016-04-02.html b/ko/security/bulletin/2016-04-02.html index f6e41553..80ad13a8 100644 --- a/ko/security/bulletin/2016-04-02.html +++ b/ko/security/bulletin/2016-04-02.html @@ -1,8 +1,7 @@ -<html devsite> - <head> - <title>Nexus 보안 ê²Œì‹œíŒ - 2016ë…„ 4ì›”</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> +<html devsite><head> + <title>Nexus 보안 게시íŒâ€”2016ë…„ 4ì›”</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,209 +20,47 @@ limitations under the License. --> +<p><em>2016ë…„ 4ì›” 4ì¼ ê²Œì‹œë¨ | 2016ë…„ 12ì›” 19ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> - - - -<p><em>2016ë…„ 4ì›” 4ì¼ ê²Œì‹œë¨ | 2016ë…„ 4ì›” 6ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> -<p>Googleì˜ Android 보안 ê²Œì‹œíŒ ì›”ê°„ 출시 ê³¼ì •ì˜ ì¼í™˜ìœ¼ë¡œ ë¬´ì„ -ì—…ë°ì´íŠ¸ë¥¼ 통해 Nexus 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. +<p>Googleì˜ Android 보안 ê²Œì‹œíŒ ì›”ê°„ 출시 ê³¼ì •ì˜ ì¼í™˜ìœ¼ë¡œ ë¬´ì„ (OTA) +ì—…ë°ì´íŠ¸ë¥¼ 통한 Nexus 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. ë˜í•œ Nexus 펌웨어 ì´ë¯¸ì§€ë„ <a href="https://developers.google.com/android/nexus/images">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì— ì¶œì‹œë˜ì—ˆìŠµë‹ˆë‹¤. 2016ë…„ 4ì›” 2ì¼ ì´í›„ 보안 패치 수준ì—ì„œ ë‹¤ìŒ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆìŠµë‹ˆë‹¤ (보안 패치 ìˆ˜ì¤€ì„ í™•ì¸í•˜ëŠ” ë°©ë²•ì€ <a href="https://support.google.com/nexus/answer/4457705">Nexus ë„움ë§</a> ì„ ì°¸ì¡°í•˜ì„¸ìš”).</p> + <p>파트너ì—게는 게시íŒì— ì„¤ëª…ëœ ë¬¸ì œë¥¼ 2016ë…„ 3ì›” 16ì¼ ì´ì „ì— í†µì§€í–ˆìŠµë‹ˆë‹¤. 해당하는 경우, 소스 코드 패치가 Android 오픈소스 프로ì 트(AOSP) ì €ìž¥ì†Œì— ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤.</p> + <p>ì´ ì¤‘ 가장 심ê°í•œ ë¬¸ì œëŠ” 미디어 파ì¼ì„ ì²˜ë¦¬í• ë•Œ -ì´ë©”ì¼ê³¼ 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ -ì›ê²©ìœ¼ë¡œ 코드를 ì‹¤í–‰í• ìˆ˜ 있게 하는 심ê°í•œ 보안 취약성입니다.</p> +ì´ë©”ì¼, 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ +ì›ê²©ìœ¼ë¡œ 코드를 ì‹¤í–‰í• ìˆ˜ 있게 하는 심ê°í•œ 보안 취약성입니다. <a href="/security/overview/updates-resources.html#severity">심ê°ë„ +í‰ê°€</a>는 개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화가 사용 중지ë˜ì–´ 있거나 +우회ë˜ëŠ” 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ ë°›ì„ ìˆ˜ 있는 ì˜í–¥ì„ +기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤.</p> + <p><a href="/security/advisory/2016-03-18.html"> ì´ì „ì— Android 보안 ê¶Œê³ 2016-03-18</a>ì—ì„œ 루팅 ì• í”Œë¦¬ì¼€ì´ì…˜ì˜ -<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> ì•…ìš©ì„ ë…¼ì˜í–ˆì—ˆìŠµë‹ˆë‹¤. ì´ë²ˆ ì—…ë°ì´íŠ¸ì—ì„œ <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> +<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> ì•…ìš©ì„ ë…¼ì˜í–ˆìŠµë‹ˆë‹¤. ì´ë²ˆ ì—…ë°ì´íŠ¸ì—ì„œ <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> ê°€ í•´ê²°ë˜ì—ˆìŠµë‹ˆë‹¤. ì‹¤ì œ ê³ ê°ì´ 새로 ë³´ê³ ëœ ì´ëŸ¬í•œ ë¬¸ì œë¡œ ì¸í•´ 악용당했다는 ì‹ ê³ ëŠ” ì ‘ìˆ˜ë˜ì§€ 않았습니다. SafetyNetê³¼ ê°™ì´ Android 플랫í¼ì˜ ë³´ì•ˆì„ ê°œì„ í•˜ëŠ” <a href="/security/enhancements/index.html"> Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° ì„œë¹„ìŠ¤ 보호 기능 ì„¸ë¶€ì •ë³´ë¥¼ ë³´ë ¤ë©´ <a href="#mitigations">완화</a> ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> -<h2 id="security_vulnerability_summary">보안 취약성 요약</h2> -<p>아래 í‘œì—는 보안 취약성 목ë¡, ì¼ë°˜ì ì¸ ì·¨ì•½ì„± ë° ë…¸ì¶œ ID(CVE), -í‰ê°€ëœ 심ê°ë„ê°€ í¬í•¨ë˜ì–´ 있습니다. <a href="/security/overview/updates-resources.html#severity"> -심ê°ë„ í‰ê°€</a>는 개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화를 ì‚¬ìš©í• ìˆ˜ 없거나 -ìš°íšŒì— ì„±ê³µí•œ 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ 받는 ì˜í–¥ì„ -기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤.</p> -<table> -<tr> -<th>ë¬¸ì œ</th> -<th>CVE</th> -<th>심ê°ë„</th> -</tr> -<tr> -<td>DHCPCDì˜ ì›ê²© 코드 실행 취약성</td> -<td>CVE-2016-1503<br/> - CVE-2014-6060</td> -<td>심ê°</td> -</tr> -<tr> -<td>미디어 ì½”ë±ì˜ ì›ê²© 코드 실행 취약성</td> -<td>CVE-2016-0834</td> -<td>심ê°</td> -</tr> -<tr> -<td>미디어 ì„œë²„ì˜ ì›ê²© 코드 실행 취약성</td> -<td>CVE-2016-0835<br/> - CVE-2016-0836<br/> - CVE-2016-0837<br/> - CVE-2016-0838<br/> - CVE-2016-0839<br/> - CVE-2016-0840<br/> - CVE-2016-0841</td> -<td>심ê°</td> -</tr> -<tr> -<td>libstagefrightì˜ ì›ê²© 코드 실행 취약성</td> -<td>CVE-2016-0842</td> -<td>심ê°</td> -</tr> -<tr> -<td>커ë„ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2015-1805</td> -<td>심ê°</td> -</tr> -<tr> -<td>Qualcomm 성능 모듈ì˜<br/> - 권한 승격 취약성</td> -<td>CVE-2016-0843</td> -<td>심ê°</td> -</tr> -<tr> -<td>Qualcomm RF êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-0844</td> -<td>심ê°</td> -</tr> -<tr> -<td>커ë„ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2014-9322</td> -<td>심ê°</td> -</tr> -<tr> -<td>IMemory 네ì´í‹°ë¸Œ ì¸í„°íŽ˜ì´ìŠ¤ì˜ 권한 승격 취약성</td> -<td>CVE-2016-0846</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>Telecom êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-0847</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>다운로드 관리ìžì˜ 권한 승격 취약성</td> -<td>CVE-2016-0848</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>복구 ì ˆì°¨ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-0849</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>ë¸”ë£¨íˆ¬ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-0850</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>Texas Instruments Haptic ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2409</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>ë™ì˜ìƒ ì»¤ë„ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2410</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>Qualcomm ì „ì› ê´€ë¦¬ 구성요소ì˜<br/> -권한 승격 취약성</td> -<td>CVE-2016-2411</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>시스템 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2412</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2413</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>Minikinì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> -<td>CVE-2016-2414</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>Exchange ActiveSyncì˜ ì •ë³´ 공개 취약성</td> -<td>CVE-2016-2415</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</td> -<td>CVE-2016-2416<br/> - CVE-2016-2417<br/> - CVE-2016-2418<br/> - CVE-2016-2419</td> -<td>높ìŒ</td> -</tr> -<tr> -<td>Debuggered êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2420</td> -<td>보통</td> -</tr> -<tr> -<td>설치 ë§ˆë²•ì‚¬ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2421</td> -<td>보통</td> -</tr> -<tr> -<td>Wi-Fiì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2422</td> -<td>보통</td> -</tr> -<tr> -<td>ì „í™” ê¸°ëŠ¥ì˜ ê¶Œí•œ 승격 취약성</td> -<td>CVE-2016-2423</td> -<td>보통</td> -</tr> -<tr> -<td>SyncStorageEngineì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> -<td>CVE-2016-2424</td> -<td>보통</td> -</tr> -<tr> -<td>AOSP ë©”ì¼ì˜ ì •ë³´ 공개 취약성</td> -<td>CVE-2016-2425</td> -<td>보통</td> -</tr> -<tr> -<td>í”„ë ˆìž„ì›Œí¬ì˜ ì •ë³´ 공개 취약성</td> -<td>CVE-2016-2426</td> -<td>보통</td> -</tr> -<tr> -<td>BouncyCastleì˜ ì •ë³´ 공개 취약성</td> -<td>CVE-2016-2427</td> -<td>보통</td> -</tr> -</table> + <h2 id="mitigations">완화</h2> -<p>다ìŒì€ SafetyNetê³¼ ê°™ì€ <a href="/security/enhancements/index.html">Android 보안 플랫í¼</a> ë° ì„œë¹„ìŠ¤ 보호 기능ì—ì„œ ì œê³µí•˜ëŠ” ì™„í™”ì— ëŒ€í•œ 요약입니다. -ì´ëŸ¬í•œ ê¸°ëŠ¥ì„ í†µí•´ Androidì—ì„œ 보안 ì·¨ì•½ì„±ì´ ì•…ìš©ë ê°€ëŠ¥ì„±ì„ -줄입니다.</p> + +<p>다ìŒì€ SafetyNetê³¼ ê°™ì€ <a href="/security/enhancements/index.html">Android 보안 플랫í¼</a> ë° +서비스 보호 기능ì—ì„œ ì œê³µí•˜ëŠ” 완화를 요약한 +내용입니다. ì´ëŸ¬í•œ ê¸°ëŠ¥ì„ í†µí•´ Androidì—ì„œ +보안 ì·¨ì•½ì„±ì´ ì•…ìš©ë ê°€ëŠ¥ì„±ì„ +ì¤„ì¼ ìˆ˜ 있습니다.</p> + <ul> -<li> Android í”Œëž«í¼ ìµœì‹ ë²„ì „ì˜ í–¥ìƒëœ 기능으로 Androidì˜ ì—¬ëŸ¬ ë¬¸ì œë¥¼ + <li> Android í”Œëž«í¼ ìµœì‹ ë²„ì „ì˜ í–¥ìƒëœ 기능으로 Androidì˜ ì—¬ëŸ¬ ë¬¸ì œë¥¼ 악용하기 ë”ìš± ì–´ë ¤ì›Œì¡ŒìŠµë‹ˆë‹¤. 가능한 경우 ëª¨ë“ ì‚¬ìš©ìžëŠ” Android ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤. </li><li> Android 보안팀ì—서는 ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 설치ë ë•Œ 사용ìžì—게 ê²½ê³ ë¥¼ @@ -235,24 +72,27 @@ Android ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤. ì‹ë³„í•˜ê³ ì°¨ë‹¨í•©ë‹ˆë‹¤. ì´ëŸ¬í•œ ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì´ë¯¸ ì„¤ì¹˜ëœ ê²½ìš° 앱 ì¸ì¦ì—ì„œ 사용ìžì—게 ì´ë¥¼ ì•Œë¦¬ê³ ì• í”Œë¦¬ì¼€ì´ì…˜ ì‚ì œë¥¼ ì‹œë„합니다. - </li><li> 가능한 경우 Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— + </li><li> Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— ë¯¸ë””ì–´ë¥¼ ìžë™ìœ¼ë¡œ ì „ë‹¬í•˜ì§€ 않습니다. </li></ul> -<h2 id="acknowledgements">사사</h2> + +<h2 id="acknowledgements">ê°ì‚¬ì˜ ë§ì”€</h2> + <p>Android 보안팀ì—ì„œ 참여해 ì£¼ì‹ ë‹¤ìŒ ì—°êµ¬ì›ì—게 ê°ì‚¬ë“œë¦½ë‹ˆë‹¤.</p> + <ul> -<li> Chrome ë³´ì•ˆíŒ€ì˜ Abhishek Arya, Oliver Chang, Martin Barbella: CVE-2016-0834, CVE-2016-0841, CVE-2016-0840, CVE-2016-0839, CVE-2016-0838 + <li> Chrome ë³´ì•ˆíŒ€ì˜ Abhishek Arya, Oliver Chang, Martin Barbella: CVE-2016-0834, CVE-2016-0841, CVE-2016-0840, CVE-2016-0839, CVE-2016-0838 </li><li> CENSUS S.Aì˜ Anestis Bechtsoudis(<a href="https://twitter.com/anestisb">@anestisb</a>) : CVE-2016-0842, CVE-2016-0836, CVE-2016-0835 </li><li> Google TelecomíŒ€ì˜ Brad Ebinger, Santos Cordon: CVE-2016-0847 </li><li> TU Braunschweig <a href="https://www.ibr.cs.tu-bs.de">ìš´ì˜ì²´ì œ ë° ì»´í“¨í„° ë„¤íŠ¸ì›Œí¬ ì—°êµ¬ì†Œ</a>ì˜ Dominik Schürmann: CVE-2016-2425 - </li><li> Qihoo 360 IceSword ì—°êµ¬ì†Œì˜ Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), + </li><li> Qihoo 360 IceSword Labì˜ Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a>, Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) :CVE-2016-0844 - </li><li> <a href="mailto:gpiskas@gmail.com">École polytechnique fédérale de Lausanne</a>ì˜ <a href="https://www.epfl.ch"> + </li><li> <a href="https://www.epfl.ch">École polytechnique fédérale de Lausanne</a>ì˜ <a href="mailto:gpiskas@gmail.com"> George Piskas</a>: CVE-2016-2426 </li><li> <a href="http://www.360.com/">Qihoo 360 Technology Co.Ltd</a>ì˜ Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2016-2412, CVE-2016-2416 @@ -269,10 +109,9 @@ Android ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤. Nico Golde(<a href="https://twitter.com/iamnion">@iamnion</a>): CVE-2016-2420, CVE-2016-0849 </li><li> Trend Microì˜ Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-2418, CVE-2016-2413, CVE-2016-2419 - </li><li> Google ì •ë³´ ë³´ì•ˆíŒ€ì˜ Quan Nguyen: CVE-2016-2427 </li><li> Richard Shupak: CVE-2016-2415 </li><li> <a href="https://labs.mwrinfosecurity.com/">MWR Labs</a>ì˜ - Romain Trouvé(<a href="https://twitter.com/bouuntyyy">@bouuntyyy)</a>: CVE-2016-0850 + Romain Trouvé: CVE-2016-0850 </li><li> Stuart Henderson: CVE-2016-2422 </li><li> Android ë³´ì•ˆíŒ€ì˜ Vishwath Mohan: CVE-2016-2424 </li><li> Alibaba Inc.ì˜ @@ -282,8 +121,9 @@ Nico Golde(<a href="https://twitter.com/iamnion">@iamnion</a>): CVE-2016-2420, C </li><li> ì¸ë””ì• ë‚˜ ëŒ€í•™êµ ë¸”ë£¨ë°í„´ ìº í¼ìŠ¤ì˜ <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a>, <a href="mailto:xw7@indiana.edu">Xiaofeng Wang</a>, ë¶ê²½ 대학êµì˜ <a href="mailto:litongxin1991@gmail.com">Tongxin Li</a> -<a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>: CVE-2016-0848 + <a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>: CVE-2016-0848 </li></ul> + <p>Android 보안팀ì—ì„œ ë‹¤ìŒ ë¶„ë“¤ì—ê²Œë„ ê°ì‚¬ë“œë¦½ë‹ˆë‹¤. <a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>, @@ -291,283 +131,309 @@ Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang, <a href="https://www.zimperium.com/">Zimperium</a> CVE-2015-1805와 ê´€ë ¨í•´ ë„ì›€ì„ ì£¼ì…”ì„œ ê°ì‚¬í•©ë‹ˆë‹¤.</p> + <h2 id="security_vulnerability_details">보안 취약성 ì„¸ë¶€ì •ë³´</h2> -<p>ë‹¤ìŒ ì„¹ì…˜ì—는 ìœ„ì˜ <a href="#security_vulnerability_summary">보안 취약성 요약</a>ì— ë‚˜ì—´ëœ -ê° ì·¨ì•½ì„± ì„¸ë¶€ì •ë³´ê°€ í¬í•¨ë˜ì–´ -있습니다. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° CVE, ê´€ë ¨ 버그, 심ê°ë„, + +<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 2016-04-02 패치 ìˆ˜ì¤€ì— ì ìš©ë˜ëŠ” +ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. +여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° CVE, ê´€ë ¨ 버그, 심ê°ë„, 해당 ë²„ì „ ë° ì‹ ê³ ëœ ë‚ ì§œê°€ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 ë¬¸ì œë¥¼ í•´ê²°í•œ AOSP 확ì¸ì„ 버그 IDì— ì—°ê²°í•©ë‹ˆë‹¤. í•˜ë‚˜ì˜ ë²„ê·¸ì™€ ê´€ë ¨ëœ ë³€ê²½ì‚¬í•ì´ 여러 ê°œì¸ ê²½ìš° 추가 AOSP 참조가 버그 ID 다ìŒì— 오는 ë²ˆí˜¸ì— ì—°ê²°ë©ë‹ˆë‹¤.</p> + <h3 id="remote_code_execution_vulnerability_in_dhcpcd">DHCPCDì˜ ì›ê²© 코드 실행 취약성</h3> + <p>DHCP(Dynamic Host Configuration Protocol) ì„œë¹„ìŠ¤ì˜ ì·¨ì•½ì„±ìœ¼ë¡œ ì¸í•´ -공격ìžê°€ 메모리 ì†ìƒì„ ì¼ìœ¼í‚¤ê³ ì›ê²© 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” DHCP í´ë¼ì´ì–¸íŠ¸ ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ìœ¼ë¡œ ì¸í•´ +공격ìžê°€ 메모리 ì†ìƒì„ ì¼ìœ¼í‚¤ê³ ì›ê²© 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” DHCP í´ë¼ì´ì–¸íŠ¸ ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤. DHCP 서비스는 타사 ì•±ì´ ì¼ë°˜ì 으로 ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¶Œí•œì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> ANDROID-15268738</a></td> -<td>심ê°</td> -<td>4.4.4</td> -<td>2014ë…„ 7ì›” 30ì¼</td> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> + <td>심ê°</td> + <td>4.4.4</td> + <td>2014ë…„ 7ì›” 30ì¼</td> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> ANDROID-16677003</a></td> -<td>심ê°</td> -<td>4.4.4</td> -<td>2014ë…„ 7ì›” 30ì¼</td> -</tr> -<tr> -<td>CVE-2016-1503</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> + <td>심ê°</td> + <td>4.4.4</td> + <td>2014ë…„ 7ì›” 30ì¼</td> + </tr> + <tr> + <td>CVE-2016-1503</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> ANDROID-26461634</a></td> -<td>심ê°</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 4ì¼</td> -</tr> -</table> + <td>심ê°</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 4ì¼</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_media_codec">미디어 ì½”ë±ì˜ ì›ê²© 코드 실행 취약성</h3> + <p>특별히 ì œìž‘ëœ íŒŒì¼ì„ 미디어 íŒŒì¼ ë° ë°ì´í„°ë¥¼ 처리하는 ë™ì•ˆ 미디어 서버가 사용하는 미디어 ì½”ë±ì˜ ì·¨ì•½ì„±ì„ í†µí•´ 공격ìžê°€ 메모리 ì†ìƒì„ ì¼ìœ¼í‚¤ê³ ì›ê²© 코드가 미디어 서버 프로세스로 실행ë˜ë„ë¡ í• ìˆ˜ 있습니다.</p> + <p>ë¬¸ì œì˜ ê¸°ëŠ¥ì€ ìš´ì˜ì²´ì œì˜ 핵심 부분ì´ë©°, 여러 ì• í”Œë¦¬ì¼€ì´ì…˜ì—ì„œ ì´ ê¸°ëŠ¥ì´ ì›ê²© 콘í…ì¸ , 특히 MMS와 ë¯¸ë””ì–´ì˜ ë¸Œë¼ìš°ì € 재ìƒì— ì ‘ê·¼í• ìˆ˜ 있게 허용합니다.</p> -<p>ì´ ë¬¸ì œëŠ” 미디어 서버 서비스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ìœ¼ë¡œ ì¸í•´ + +<p>ì´ ë¬¸ì œëŠ” 미디어 서버 서비스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤. 미디어 서버 서비스는 오디오와 ë™ì˜ìƒ ìŠ¤íŠ¸ë¦¼ë¿ ì•„ë‹ˆë¼ íƒ€ì‚¬ ì•±ì´ ì¼ë°˜ì 으로 ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¶Œí•œì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다.</p> <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0834</td> -<td>ANDROID-26220548*</td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 16ì¼</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0834</td> + <td>ANDROID-26220548*</td> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 16ì¼</td> + </tr> +</tbody></table> + <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> + <h3 id="remote_code_execution_vulnerability_in_mediaserver">미디어 ì„œë²„ì˜ ì›ê²© 코드 실행 취약성</h3> + <p>특별히 ì œìž‘ëœ íŒŒì¼ì„ 미디어 íŒŒì¼ ë° ë°ì´í„° 처리하는 ë™ì•ˆ 미디어 ì„œë²„ì˜ ì·¨ì•½ì„±ì„ í†µí•´ 공격ìžê°€ 메모리 ì†ìƒì„ ì¼ìœ¼í‚¤ê³ ì›ê²© 코드가 미디어 서버 프로세스로 실행ë˜ë„ë¡ í• ìˆ˜ 있습니다.</p> + <p>ë¬¸ì œì˜ ê¸°ëŠ¥ì€ ìš´ì˜ì²´ì œì˜ 핵심 부분ì´ë©°, 여러 ì• í”Œë¦¬ì¼€ì´ì…˜ì—ì„œ ì´ ê¸°ëŠ¥ì´ ì›ê²© 콘í…ì¸ , 특히 MMS와 ë¯¸ë””ì–´ì˜ ë¸Œë¼ìš°ì € 재ìƒì— ì ‘ê·¼í• ìˆ˜ 있게 허용합니다.</p> -<p>ì´ ë¬¸ì œëŠ” 미디어 서버 서비스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ìœ¼ë¡œ ì¸í•´ + +<p>ì´ ë¬¸ì œëŠ” 미디어 서버 서비스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤. 미디어 서버 서비스는 오디오와 ë™ì˜ìƒ ìŠ¤íŠ¸ë¦¼ë¿ ì•„ë‹ˆë¼ íƒ€ì‚¬ ì•±ì´ ì¼ë°˜ì 으로 ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¶Œí•œì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0835</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0835</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> ANDROID-26070014</a> [<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>] </td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 6ì¼</td> -</tr> -<tr> -<td>CVE-2016-0836</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 6ì¼</td> + </tr> + <tr> + <td>CVE-2016-0836</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> ANDROID-25812590</a></td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 11ì›” 19ì¼</td> -</tr> -<tr> -<td>CVE-2016-0837</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 11ì›” 19ì¼</td> + </tr> + <tr> + <td>CVE-2016-0837</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> ANDROID-27208621</a></td> -<td>심ê°</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 2ì›” 11ì¼</td> -</tr> -<tr> -<td>CVE-2016-0838</td> -<td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> + <td>심ê°</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 2ì›” 11ì¼</td> + </tr> + <tr> + <td>CVE-2016-0838</td> + <td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> ANDROID-26366256</a> [<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> -<td>심ê°</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -<tr> -<td>CVE-2016-0839</td> -<td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> + <td>심ê°</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> + <tr> + <td>CVE-2016-0839</td> + <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> ANDROID-25753245</a></td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -<tr> -<td>CVE-2016-0840</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> + <tr> + <td>CVE-2016-0840</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> ANDROID-26399350</a></td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -<tr> -<td>CVE-2016-0841</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> + <tr> + <td>CVE-2016-0841</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> ANDROID-26040840</a></td> -<td>심ê°</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -</table> + <td>심ê°</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_libstagefright">libstagefrightì˜ ì›ê²© 코드 실행 취약성</h3> + <p>특별히 ì œìž‘ëœ íŒŒì¼ì„ 미디어 íŒŒì¼ ë° ë°ì´í„° 처리하는 ë™ì•ˆ libstagefrightì˜ ì·¨ì•½ì„±ì„ í†µí•´ 공격ìžê°€ 메모리 ì†ìƒì„ ì¼ìœ¼í‚¤ê³ ì›ê²© 코드가 미디어 서버 프로세스로 실행ë˜ë„ë¡ í• ìˆ˜ 있습니다.</p> + <p>ë¬¸ì œì˜ ê¸°ëŠ¥ì€ ìš´ì˜ì²´ì œì˜ 핵심 부분ì´ë©°, 여러 ì• í”Œë¦¬ì¼€ì´ì…˜ì—ì„œ ì´ ê¸°ëŠ¥ì´ ì›ê²© 콘í…ì¸ , 특히 MMS와 ë¯¸ë””ì–´ì˜ ë¸Œë¼ìš°ì € 재ìƒì— ì ‘ê·¼í• ìˆ˜ 있게 허용합니다.</p> -<p>ì´ ë¬¸ì œëŠ” 미디어 서버 서비스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ìœ¼ë¡œ ì¸í•´ + +<p>ì´ ë¬¸ì œëŠ” 미디어 서버 서비스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤. 미디어 서버 서비스는 오디오와 ë™ì˜ìƒ ìŠ¤íŠ¸ë¦¼ë¿ ì•„ë‹ˆë¼ íƒ€ì‚¬ ì•±ì´ ì¼ë°˜ì 으로 ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¶Œí•œì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0842</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0842</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> ANDROID-25818142</a></td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 11ì›” 23ì¼</td> -</tr> -</table> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 11ì›” 23ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_kernel">커ë„ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>커ë„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” -ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì˜ 가능성으로 ì¸í•´ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° -기기는 ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ì—¬ -수리해야 í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="/security/advisory/2016-03-18.html">Android 보안 ê¶Œê³ 2016-03-18</a>ì— ì„¤ëª…ë˜ì–´ 있습니다.</p> +ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì„ ì¼ìœ¼í‚¬ ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° +기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤. ì´ ë¬¸ì œëŠ” <a href="/security/advisory/2016-03-18.html">Android 보안 ê¶Œê³ 2016-03-18</a>ì— ì„¤ëª…ë˜ì–´ 있습니다.</p> + <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2015-1805</td> -<td>ANDROID-27275324*</td> -<td>심ê°</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 2ì›” 19ì¼</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2015-1805</td> + <td>ANDROID-27275324*</td> + <td>심ê°</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 2ì›” 19ì¼</td> + </tr> +</tbody></table> <p>* 다ìŒê³¼ ê°™ì€ íŠ¹ì • ì»¤ë„ ë²„ì „ì— AOSPì˜ íŒ¨ì¹˜ë¥¼ ì‚¬ìš©í• ìˆ˜ 있습니다. <a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>, <a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a>, <a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a></p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module">Qualcomm 성능 ëª¨ë“ˆì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Qualcommì˜ ARM 프로세서용 성능 ì´ë²¤íŠ¸ ê´€ë¦¬ìž êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” -ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì˜ 가능성으로 ì¸í•´ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° -기기는 ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ì—¬ 수리해야 í• ìˆ˜ -있습니다.</p> +ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì„ ì¼ìœ¼í‚¬ ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° +기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0843</td> -<td>ANDROID-25801197*</td> -<td>심ê°</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2015ë…„ 11ì›” 19ì¼</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0843</td> + <td>ANDROID-25801197*</td> + <td>심ê°</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2015ë…„ 11ì›” 19ì¼</td> + </tr> +</tbody></table> + <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> + <h3 id="elevation_of_privilege_in_qualcomm_rf_component">Qualcomm RF êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Qualcomm RF ë“œë¼ì´ë²„ì— ë¡œì»¬ 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있는 -ì·¨ì•½ì„±ì´ ìžˆìŠµë‹ˆë‹¤. ì´ ë¬¸ì œëŠ” ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì˜ 가능성으로 ì¸í•´ -심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° 기기는 ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ì—¬ -수리해야 í• ìˆ˜ 있습니다.</p> +ì·¨ì•½ì„±ì´ ìžˆìŠµë‹ˆë‹¤. ì´ ë¬¸ì œëŠ” ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì„ ì¼ìœ¼í‚¬ ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> + <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0844</td> -<td>ANDROID-26324307*</td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 25ì¼</td> -</tr> -</table> -<p>* ì´ ë¬¸ì œ í•´ê²°ì„ ìœ„í•œ 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0844</td> + <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/57531cacb40682be4b1189c721fd1e7f25bf3786"> + ANDROID-26324307</a>*</td> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 25ì¼</td> + </tr> +</tbody></table> +<p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 추가 패치는 <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa"> -Linux 업스트림</a>ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> +Linux 업스트림</a>ì— ìžˆìŠµë‹ˆë‹¤.</p> + <h3 id="elevation_of_privilege_vulnerability_in_kernel12">커ë„ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>ì¼ë°˜ 커ë„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” -ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì˜ 가능성으로 ì¸í•´ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° -기기는 ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ì—¬ -수리해야 í• ìˆ˜ 있습니다.</p> +ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì„ ì¼ìœ¼í‚¬ ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©° +기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2014-9322</td> -<td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2014-9322</td> + <td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> [<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>] - [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br/> + [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br /> [<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>] [<a href="https://android.googlesource.com/kernel/common/+/44d057a37868a60bc2eb6e7d1dcea701f234d56a">5</a>] [<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>] @@ -576,143 +442,147 @@ Linux 업스트림</a>ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> [<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>] [<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>] [<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> -<td>심ê°</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 25ì¼</td> -</tr> -</table> + <td>심ê°</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 25ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_imemory_native_interface"> IMemory 네ì´í‹°ë¸Œ ì¸í„°íŽ˜ì´ìŠ¤ì˜ 권한 승격 취약성</h3> + <p>IMemory 네ì´í‹°ë¸Œ ì¸í„°íŽ˜ì´ìŠ¤ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ -ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” -타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> -ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 +ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0846</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0846</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> ANDROID-26877992</a></td> -<td>높ìŒ</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 29ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 29ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_telecom_component"> Telecom êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Telecom êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 공격ìžê°€ -ìž„ì˜ì˜ 번호로 ì „í™”ë¥¼ 걸 수 있습니다. ì´ ë¬¸ì œëŠ” -타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> -ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ -ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ ë¡œì»¬ 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +ìž„ì˜ì˜ 번호로 ì „í™”ë¥¼ 걸 수 있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ +로컬 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0847</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0847</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> ANDROID-26864502</a> [<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>] </td> -<td>높ìŒ</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -</table> + <td>높ìŒ</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_download_manager"> 다운로드 관리ìžì˜ 권한 승격 취약성</h3> + <p>다운로드 관리ìžì˜ 권한 승격 취약성으로 ì¸í•´ 공격ìžê°€ 비공개 ì €ìž¥ì†Œì— ìžˆëŠ” -승ì¸ë˜ì§€ ì•Šì€ íŒŒì¼ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” -타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> -ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ -ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ ë¡œì»¬ 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +승ì¸ë˜ì§€ ì•Šì€ íŒŒì¼ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ +로컬 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> + <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0848</td> -<td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0848</td> + <td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> ANDROID-26211054</a></td> -<td>높ìŒ</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 14ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 14ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_recovery_procedure"> 복구 ì ˆì°¨ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>복구 ì ˆì°¨ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ -ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> -ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ +ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ + +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0849</td> -<td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0849</td> + <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> ANDROID-26960931</a></td> -<td>높ìŒ</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 2ì›” 3ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 2ì›” 3ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_bluetooth"> ë¸”ë£¨íˆ¬ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>ë¸”ë£¨íˆ¬ìŠ¤ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 최초 íŽ˜ì–´ë§ ê³¼ì •ì—ì„œ ì‹ ë¢°í• ìˆ˜ 없는 기기가 íœ´ëŒ€ì „í™”ì™€ 페어ë§í• 수 있습니다. ì´ë¡œ ì¸í•´ ì¸í„°ë„· ì—°ê²°ê³¼ ê°™ì€ ê¸°ê¸° ë¦¬ì†ŒìŠ¤ì— ë¬´ë‹¨ìœ¼ë¡œ ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ì‹ ë¢°í• ìˆ˜ 없는 ê¸°ê¸°ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í• ìˆ˜ 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-0850</td> -<td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-0850</td> + <td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> ANDROID-26551752</a></td> -<td>높ìŒ</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 13ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 13ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_texas_instruments_haptic_driver"> Texas Instruments Haptic ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Texas Instruments 햅틱 ì»¤ë„ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 커ë„ì˜ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì¼ë°˜ì 으로 ì´ì™€ ê°™ì€ @@ -720,25 +590,27 @@ Texas Instruments Haptic ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> ì„œë¹„ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2409</td> -<td>ANDROID-25981545*</td> -<td>높ìŒ</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 25ì¼</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2409</td> + <td>ANDROID-25981545*</td> + <td>높ìŒ</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 25ì¼</td> + </tr> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_kernel_driver"> Qualcomm ë™ì˜ìƒ ì»¤ë„ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Qualcomm ë™ì˜ìƒ ì»¤ë„ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 커ë„ì˜ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì¼ë°˜ì 으로 ì»¤ë„ ì½”ë“œ 실행 ì·¨ì•½ì„±ì€ @@ -746,25 +618,27 @@ Qualcomm ë™ì˜ìƒ ì»¤ë„ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> ì„œë¹„ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2410</td> -<td>ANDROID-26291677*</td> -<td>높ìŒ</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 21ì¼</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2410</td> + <td>ANDROID-26291677*</td> + <td>높ìŒ</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 21ì¼</td> + </tr> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_power_management_component"> Qualcomm ì „ì› ê´€ë¦¬ êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Qualcomm ì „ì› ê´€ë¦¬ ì»¤ë„ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 커ë„ì˜ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì¼ë°˜ì 으로 @@ -772,393 +646,400 @@ Qualcomm ì „ì› ê´€ë¦¬ êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> ë¨¼ì € ê¸°ê¸°ì— ì¹¨íˆ¬í•˜ì—¬ 루트로 승격해야 하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2411</td> -<td>ANDROID-26866053*</td> -<td>높ìŒ</td> -<td>6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 28ì¼</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2411</td> + <td>ANDROID-26866053*</td> + <td>높ìŒ</td> + <td>6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 28ì¼</td> + </tr> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> + <h3 id="elevation_of_privilege_vulnerability_in_system_server"> 시스템 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>시스템 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ -ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” -타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 +ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2412</td> -<td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2412</td> + <td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> ANDROID-26593930</a></td> -<td>높ìŒ</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 15ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 15ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> 미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</h3> -<p>미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> -ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ + +<p>미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2413</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2413</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> ANDROID-26403627</a></td> -<td>높ìŒ</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 5ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 5ì¼</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_vulnerability_in_minikin">Minikinì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> + <p>Minikin ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 서비스 거부 취약성으로 ì¸í•´ 로컬 공격ìžê°€ ì¼ì‹œì 으로 ëŒ€ìƒ ê¸°ê¸°ë¡œì˜ ì•¡ì„¸ìŠ¤ë¥¼ ì°¨ë‹¨í• ìˆ˜ 있습니다. 공격ìžê°€ ì‹ ë¢°í• ìˆ˜ 없는 ê¸€ê¼´ì´ ë¡œë“œë˜ë„ë¡ í•˜ê±°ë‚˜ Minikin êµ¬ì„±ìš”ì†Œì— ì˜¤ë²„í”Œë¡œê°€ ë°œìƒí•˜ë„ë¡ í•˜ì—¬ 충ëŒì„ ì¼ìœ¼í‚¬ 수 있습니다. ì´ ë¬¸ì œëŠ” 서비스 거부로 ì¸í•´ 재부팅 루프 ìƒíƒœê°€ 지ì†ë 수 있기 ë•Œë¬¸ì— ì‹¬ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2414</td> -<td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2414</td> + <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> ANDROID-26413177</a> [<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>] </td> -<td>높ìŒ</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2015ë…„ 11ì›” 3ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2015ë…„ 11ì›” 3ì¼</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_exchange_activesync"> Exchange ActiveSyncì˜ ì •ë³´ 공개 취약성</h3> + <p>Exchange ActiveSyncì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 사용ìžì˜ ê°œì¸ì •ë³´ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 보호ë˜ëŠ” ë°ì´í„°ì— ì›ê²©ìœ¼ë¡œ 액세스하ë„ë¡ í—ˆìš©í•˜ë¯€ë¡œ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2415</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2415</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> ANDROID-26488455</a></td> -<td>높ìŒ</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 11ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 11ì¼</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_mediaserver">미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</h3> + <p>미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 공격ìžê°€ 플랫í¼ì„ 악용하기 ì–´ë µë„ë¡ ë§ˆë ¨ëœ ë³´ì•ˆ 장치를 ìš°íšŒí• ìˆ˜ -있습니다. ì´ ë¬¸ì œëŠ” 타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> -ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° -사용ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 +ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2416</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2416</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> ANDROID-27046057</a> [<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>] </td> -<td>높ìŒ</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 2ì›” 5ì¼</td> -</tr> -<tr> -<td>CVE-2016-2417</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> + <td>높ìŒ</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 2ì›” 5ì¼</td> + </tr> + <tr> + <td>CVE-2016-2417</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> ANDROID-26914474</a></td> -<td>높ìŒ</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 2ì›” 1ì¼</td> -</tr> -<tr> -<td>CVE-2016-2418</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> + <td>높ìŒ</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 2ì›” 1ì¼</td> + </tr> + <tr> + <td>CVE-2016-2418</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> ANDROID-26324358</a></td> -<td>높ìŒ</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 24ì¼</td> -</tr> -<tr> -<td>CVE-2016-2419</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> + <td>높ìŒ</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 24ì¼</td> + </tr> + <tr> + <td>CVE-2016-2419</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> ANDROID-26323455</a></td> -<td>높ìŒ</td> -<td>6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 24ì¼</td> -</tr> -</table> + <td>높ìŒ</td> + <td>6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 24ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_debuggerd_component"> Debuggered êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Debuggerd êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ê¸°ê¸°ì— ì˜êµ¬ì 으로 ì¹¨íˆ¬í• ìˆ˜ 있는 ìž„ì˜ì˜ 코드를 -ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ê²½ìš° ê¸°ê¸°ì˜ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•˜ì—¬ -수리해야 합니다. ì¼ë°˜ì 으로 ì´ì™€ ê°™ì€ ì½”ë“œ 실행 버그는 +ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ê²½ìš° 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤. ì¼ë°˜ì 으로 ì´ì™€ ê°™ì€ ì½”ë“œ 실행 버그는 심ê°ìœ¼ë¡œ í‰ê°€ë˜ì§€ë§Œ Android ë²„ì „ 4.4.4ì˜ ê²½ìš°ì—만 ê¶Œí•œì„ ì‹œìŠ¤í…œì—ì„œ 루트로 승격하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤. Android ë²„ì „ 5.0 ì´ìƒì—서는 SELinux ê·œì¹™ì´ íƒ€ì‚¬ ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 해당 ì½”ë“œì— ì ‘ê·¼í•˜ëŠ” ê²ƒì„ ë°©ì§€í•©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2420</td> -<td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2420</td> + <td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> ANDROID-26403620</a> [<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>] </td> -<td>보통</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 5ì¼</td> -</tr> -</table> + <td>보통</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 5ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard"> 설치 ë§ˆë²•ì‚¬ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>설치 ë§ˆë²•ì‚¬ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 공격ìžê°€ 초기화 보호 ê¸°ëŠ¥ì„ ìš°íšŒí•˜ì—¬ ê¸°ê¸°ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 누군가 ê¸°ê¸°ì— ì‹¤ì œë¡œ 액세스하여 초기화 보호 ê¸°ëŠ¥ì„ ìš°íšŒí•¨ìœ¼ë¡œì¨ ê³µê²©ìžê°€ 기기를 ìž¬ì„¤ì •í•˜ì—¬ ëª¨ë“ ë°ì´í„°ë¥¼ ì‚ì œí• ìˆ˜ 있기 ë•Œë¬¸ì— ì‹¬ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2421</td> -<td>ANDROID-26154410*</td> -<td>보통</td> -<td>5.1.1, 6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2421</td> + <td>ANDROID-26154410*</td> + <td>보통</td> + <td>5.1.1, 6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> + <h3 id="elevation_of_privilege_in_wi-fi">Wi-Fiì˜ ê¶Œí•œ 승격 취약성</h3> + <p>Wi-Fiì˜ ê¶Œí•œ 승격 ì·¨ì•½ì„±ì„ ì•…ìš©í•˜ì—¬ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ê¶Œí•œì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ -있습니다. ì´ ë¬¸ì œëŠ” 타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> -ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ -ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> +있습니다. ì´ ë¬¸ì œëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 +ìŠ¹ê²©ëœ ê¶Œí•œì„ ë¶€ì—¬í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2422</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2422</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> ANDROID-26324357</a></td> -<td>보통</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 23ì¼</td> -</tr> -</table> + <td>보통</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 23ì¼</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_telephony">ì „í™” ê¸°ëŠ¥ì˜ ê¶Œí•œ 승격 취약성</h3> + <p>ì „í™” ê¸°ëŠ¥ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 공격ìžê°€ 초기화 보호 ê¸°ëŠ¥ì„ ìš°íšŒí•˜ì—¬ ê¸°ê¸°ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 누군가 ê¸°ê¸°ì— ì‹¤ì œë¡œ 액세스하여 초기화 보호 ê¸°ëŠ¥ì„ ìš°íšŒí•¨ìœ¼ë¡œì¨ ê³µê²©ìžê°€ 기기를 ìž¬ì„¤ì •í•˜ì—¬ ëª¨ë“ ë°ì´í„°ë¥¼ ì‚ì œí• ìˆ˜ 있기 ë•Œë¬¸ì— ì‹¬ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2423</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2423</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> ANDROID-26303187</a></td> -<td>보통</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -</table> + <td>보통</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_in_syncstorageengine">SyncStorageEngineì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> + <p>SyncStorageEngineì˜ ì„œë¹„ìŠ¤ 거부 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 재부팅 루프를 ìœ ë°œí• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 초기화를 통해 해결해야 하는 ì¼ì‹œì ì¸ ì„œë¹„ìŠ¤ 거부를 ìœ ë°œí•˜ëŠ” ë° ì‚¬ìš©ë 수 있어서 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2424</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2424</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> ANDROID-26513719</a></td> -<td>보통</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -</table> + <td>보통</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_aosp_mail">AOSP ë©”ì¼ì˜ ì •ë³´ 공개 취약성</h3> + <p>AOSP ë©”ì¼ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 사용ìžì˜ ê°œì¸ì •ë³´ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 부ì ì ˆí•˜ê²Œ '위험한' ê¶Œí•œì„ ì–»ëŠ” ë° ì‚¬ìš©ë 수 있어서 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> ANDROID-26989185</a></td> -<td>보통</td> -<td>4.4.4, 5.1.1, 6.0, 6.0.1</td> -<td>2016ë…„ 1ì›” 29ì¼</td> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td>ANDROID-7154234*</td> -<td>보통</td> -<td>5.0.2</td> -<td>2016ë…„ 1ì›” 29ì¼</td> -</tr> -</table> + <td>보통</td> + <td>4.4.4, 5.1.1, 6.0, 6.0.1</td> + <td>2016ë…„ 1ì›” 29ì¼</td> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td>ANDROID-7154234*</td> + <td>보통</td> + <td>5.0.2</td> + <td>2016ë…„ 1ì›” 29ì¼</td> + </tr> +</tbody></table> + <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 AOSPì— í¬í•¨ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> + <h3 id="information_disclosure_vulnerability_in_framework">í”„ë ˆìž„ì›Œí¬ì˜ ì •ë³´ 공개 취약성</h3> + <p>í”„ë ˆìž„ì›Œí¬ êµ¬ì„±ìš”ì†Œì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ íŠ¹ì • ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 민ê°í•œ ì •ë³´ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있ë„ë¡ í—ˆìš©ë 수 있습니다. ì´ ë¬¸ì œëŠ” 권한 ì—†ì´ ë¶€ì ì ˆí•˜ê²Œ ë°ì´í„°ì— 액세스하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ ê´€ë ¨ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2426</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> + <tbody><tr> + <th>CVE</th> + <th>AOSP ë§í¬ ê´€ë ¨ 버그</th> + <th>심ê°ë„</th> + <th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> + <th>ì‹ ê³ ëœ ë‚ ì§œ</th> + </tr> + <tr> + <td>CVE-2016-2426</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> ANDROID-26094635</a></td> -<td>보통</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>2015ë…„ 12ì›” 8ì¼</td> -</tr> -</table> -<h3 id="information_disclosure_vulnerability_in_bouncycastle">BouncyCastleì˜ ì •ë³´ 공개 취약성</h3> -<p>BouncyCastleì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ ì¸ì¦ 키가 ìœ ì¶œë 수 -있습니다. ì´ ë¬¸ì œëŠ” ê¸°ê¸°ì— ì„¤ì¹˜ëœ ì•±ìœ¼ë¡œ 권한 ì—†ì´ ë¶€ì ì ˆí•˜ê²Œ -위험한 ìˆ˜ì¤€ì˜ ë°ì´í„°ë‚˜ ê¸°ëŠ¥ì— ì•¡ì„¸ìŠ¤í•˜ëŠ” ë° ì‚¬ìš©ë 수 있으므로 -심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> -<table> -<tr> -<th>CVE</th> -<th>AOSP ë§í¬ê°€ í¬í•¨ëœ 버그</th> -<th>심ê°ë„</th> -<th>ì—…ë°ì´íŠ¸ëœ ë²„ì „</th> -<th>ì‹ ê³ ëœ ë‚ ì§œ</th> -</tr> -<tr> -<td>CVE-2016-2427</td> -<td><a href="https://android.googlesource.com/platform/libcore/+/efd369d996fd38c50a50ea0de8f20507253cb6de"> - ANDROID-26234568</a> - [<a href="https://android.googlesource.com/platform/external/bouncycastle/+/b3bddea0f33c0459293c6419569ad151b4a7b44b">2</a>] - </td> -<td>보통</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>Google 사내용</td> -</tr> -</table> + <td>보통</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>2015ë…„ 12ì›” 8ì¼</td> + </tr> +</tbody></table> + <h2 id="common_questions_and_answers">ì¼ë°˜ì ì¸ ì§ˆë¬¸ ë° ë‹µë³€</h2> + <p>ì´ ì„¹ì…˜ì—서는 게시íŒì„ ì½ì€ ë’¤ ì œê¸°ë 수 있는 ì¼ë°˜ì ì¸ ì§ˆë¬¸ì— ë‹µë³€ì„ ì œì‹œí•©ë‹ˆë‹¤.</p> + <p><strong>1. ë‚´ 기기가 ì—…ë°ì´íŠ¸ë˜ì–´ ì´ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆëŠ”지 어떻게 ì•Œ 수 있나요? </strong></p> + <p>2016ë…„ 4ì›” 2ì¼ ì´í›„ 보안 패치 수준ì—ì„œ ë‹¤ìŒ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆìŠµë‹ˆë‹¤(방법 안내는 <a href="https://support.google.com/nexus/answer/4457705">Nexus ë„움ë§</a>ì„ ì°¸ì¡°í•˜ì„¸ìš”). ì´ ì—…ë°ì´íŠ¸ë¥¼ í¬í•¨í•˜ëŠ” 기기 ì œì¡°ì—…ì²´ëŠ” 패치 문ìžì—´ ìˆ˜ì¤€ì„ ë‹¤ìŒê³¼ ê°™ì´ ì„¤ì •í•´ì•¼ 합니다. [ro.build.version.security_patch]:[2016-04-02]</p> + <p><strong>2. ì´ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì´ 2016ë…„ 4ì›” 2ì¼ì¸ ì´ìœ ê°€ 무엇ì¸ê°€ìš”?</strong></p> + <p>월간 보안 ì—…ë°ì´íŠ¸ì˜ 보안 패치 ìˆ˜ì¤€ì€ ì¼ë°˜ì 으로 매월 1ì¼ë¡œ ì„¤ì •ë©ë‹ˆë‹¤. 4ì›”ì˜ ê²½ìš° 2016ë…„ 4ì›” 1ì¼ ë³´ì•ˆ 패치 수준ì—ì„œ <a href="/security/advisory/2016-03-18.html">Android 보안 ê¶Œê³ 2016-03-18</a> -ì— ì„¤ëª…ëœ ê²ƒê³¼ ê°™ì´ CVE-2015-1805를 ì œì™¸í•œ ì´ ê²Œì‹œíŒì— ì„¤ëª…ëœ ëª¨ë“ ë¬¸ì œê°€ +ì— ì„¤ëª…ëœ ê²ƒê³¼ ê°™ì´ CVE-2015-1805를 ì œì™¸í•œ ì´ ê²Œì‹œíŒì— ì„¤ëª…ëœ ëª¨ë“ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆìŒì„ ì•Œë ¤ì¤ë‹ˆë‹¤. 2016ë…„ 4ì›” 2ì¼ ë³´ì•ˆ 패치 수준ì—서는 <a href="/security/advisory/2016-03-18.html">Android 보안 ê¶Œê³ 2016-03-18</a>ì— ì„¤ëª…ëœ ê²ƒê³¼ ê°™ì´ CVE-2015-1805를 í¬í•¨í•œ ì´ ê²Œì‹œíŒì— ì„¤ëª…ëœ ëª¨ë“ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆë‹¤ê³ ì•Œë ¤ì¤ë‹ˆë‹¤.</p> -<h2 id="revisions">ë²„ì „</h2> + +<h2 id="revisions">ìˆ˜ì • ë‚´ì—</h2> + <ul> -<li> 2016ë…„ 4ì›” 4ì¼: 게시íŒì´ ê²Œì‹œë¨ + <li> 2016ë…„ 4ì›” 4ì¼: 게시íŒì´ ê²Œì‹œë¨ </li><li> 2016ë…„ 4ì›” 6ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ AOSP ë§í¬ í¬í•¨ë¨ + </li><li> 2016ë…„ 4ì›” 7ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ 추가 AOSP ë§í¬ í¬í•¨ë¨ + </li><li> 2016ë…„ 7ì›” 11ì¼: CVE-2016-2427ì˜ ì„¤ëª…ì´ ì—…ë°ì´íŠ¸ë¨ + </li><li> 2016ë…„ 8ì›” 1ì¼: CVE-2016-2427ì˜ ì„¤ëª…ì´ ì—…ë°ì´íŠ¸ë¨ + </li><li> 2016ë…„ 12ì›” 19ì¼: ì—…ë°ì´íŠ¸ë˜ì–´ ë³µêµ¬ëœ CVE-2016-2427ì´ ì‚ì œë¨ </li></ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2016-07-01.html b/ko/security/bulletin/2016-07-01.html index 138d15a6..c0c06121 100644 --- a/ko/security/bulletin/2016-07-01.html +++ b/ko/security/bulletin/2016-07-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> - <title>Android 보안 ê²Œì‹œíŒ - 2016ë…„ 7ì›”</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> +<html devsite><head> + <title>Android 보안 게시íŒâ€”2016ë…„ 7ì›”</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,8 +20,6 @@ limitations under the License. --> - - <p><em>2016ë…„ 7ì›” 6ì¼ì— ê²Œì‹œë¨ | 2016ë…„ 7ì›” 14ì¼ì— ì—…ë°ì´íŠ¸ë¨</em></p> <p>Android 보안 게시íŒì€ Android ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 보안 취약성 ì„¸ë¶€ì •ë³´ë¥¼ 다룹니다. 게시íŒê³¼ 함께 ë¬´ì„ ì—…ë°ì´íŠ¸ë¥¼ 통해 @@ -34,17 +31,20 @@ Nexus 펌웨어 ì´ë¯¸ì§€ë„ <a href="https://developers.google.com/android/nexu <p> 파트너ì—게는 게시íŒì— ì„¤ëª…ëœ ë¬¸ì œë¥¼ 2016ë…„ 6ì›” 6ì¼ ì´ì „ì— í†µì§€í–ˆìŠµë‹ˆë‹¤. 해당하는 경우, 소스 코드 패치가 Android -오픈소스 프로ì 트(AOSP) ì €ìž¥ì†Œì— ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. +오픈소스 프로ì 트(AOSP) ì €ìž¥ì†Œì— ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. ì´ ê²Œì‹œíŒì—는 AOSP ì™¸ë¶€ì˜ íŒ¨ì¹˜ ë§í¬ë„ í¬í•¨ë˜ì–´ 있습니다.</p> <p>ì´ ì¤‘ 가장 심ê°í•œ ë¬¸ì œëŠ” 미디어 파ì¼ì„ ì²˜ë¦¬í• ë•Œ -ì´ë©”ì¼ê³¼ 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ -ì›ê²©ìœ¼ë¡œ 코드를 ì‹¤í–‰í• ìˆ˜ 있게 하는 심ê°í•œ 보안 취약성입니다.</p> +ì´ë©”ì¼, 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ +ì›ê²©ìœ¼ë¡œ 코드를 ì‹¤í–‰í• ìˆ˜ 있게 하는 심ê°í•œ 보안 취약성입니다. <a href="/security/overview/updates-resources.html#severity">심ê°ë„ +í‰ê°€</a>는 개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화가 사용 중지ë˜ì–´ 있거나 +우회ë˜ëŠ” 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ ë°›ì„ ìˆ˜ 있는 ì˜í–¥ì„ +기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤.</p> <p>ì‹¤ì œ ê³ ê°ì´ 새로 ë³´ê³ ëœ ì´ëŸ¬í•œ ë¬¸ì œë¡œ ì¸í•´ 악용당했다는 ì‹ ê³ ëŠ” ì ‘ìˆ˜ë˜ì§€ 않았습니다. SafetyNetê³¼ ê°™ì´ Android 플랫í¼ì˜ ë³´ì•ˆì„ ê°œì„ í•˜ëŠ” -<a href="/security/enhancements/index.html">Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° -서비스 보호 기능 ê´€ë ¨ ì„¸ë¶€ì •ë³´ë¥¼ ë³´ë ¤ë©´ -<a href="완화">Android ë° Google 서비스 완화</a> ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> +<a href="/security/enhancements/index.html">Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° ì„œë¹„ìŠ¤ 보호 ê¸°ëŠ¥ì— ê´€í•´ +ìžì„¸ížˆ ì•Œì•„ë³´ë ¤ë©´ <a href="#mitigations">Android ë° Google 서비스 완화</a> +ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> <p>ëª¨ë“ ê³ ê°ì€ 기기ì—ì„œ ì´ ì—…ë°ì´íŠ¸ë¥¼ 수ë½í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</p> <h2 id="announcements">공지사í•</h2> <ul> @@ -57,421 +57,14 @@ Nexus 펌웨어 ì´ë¯¸ì§€ë„ <a href="https://developers.google.com/android/nexu <li><strong>2016-07-01</strong>: 부분 보안 패치 수준 문ìžì—´ìž…니다. ì´ ë³´ì•ˆ 패치 수준 문ìžì—´ì€ 2016-07-01ì— í•´ë‹¹í•˜ëŠ” ëª¨ë“ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆìŒì„ 나타냅니다. - <li><strong>2016-07-05</strong>: ì „ì²´ 보안 패치 수준 문ìžì—´ìž…니다. ì´ ë³´ì•ˆ + </li><li><strong>2016-07-05</strong>: ì „ì²´ 보안 패치 수준 문ìžì—´ìž…니다. ì´ ë³´ì•ˆ 패치 수준 문ìžì—´ì€ 2016-07-01ê³¼ 2016-07-05ì— í•´ë‹¹í•˜ëŠ” ëª¨ë“ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆìŒì„ 나타냅니다.</li> - </li></ul> + </ul> </li> - <li>지ì›ë˜ëŠ” Nexus 기기는 2016ë…„ 7ì›” 5ì¼ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì˜ OTA - ì—…ë°ì´íŠ¸ë¥¼ 받게 ë©ë‹ˆë‹¤.</li> + <li>지ì›ë˜ëŠ” Nexus 기기는 2016ë…„ 7ì›” 5ì¼ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì˜ ë‹¨ì¼ OTA +ì—…ë°ì´íŠ¸ë¥¼ 받게 ë©ë‹ˆë‹¤.</li> </ul> -<h2 id="security_vulnerability_summary">보안 취약성 요약</h2> -<p>아래 í‘œì—는 보안 취약성 목ë¡, ì¼ë°˜ì ì¸ ì·¨ì•½ì„± ë° ë…¸ì¶œ ID(CVE), -í‰ê°€ëœ 심ê°ë„ ë° Nexus 기기가 ì˜í–¥ì„ 받는지 여부가 -í¬í•¨ë˜ì–´ 있습니다. <a href="/security/overview/updates-resources.html#severity">심ê°ë„ í‰ê°€</a>는 -개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화를 ì‚¬ìš©í• ìˆ˜ 없거나 -ìš°íšŒì— ì„±ê³µí•œ 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ 받는 ì˜í–¥ì„ -기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤.</p> - -<h3 id="2016-07-01_summary">2016-07-01 보안 패치 수준—취약성 요약</h3> -<p> -ë‹¤ìŒ ë¬¸ì œëŠ” 2016ë…„ 7ì›” 1ì¼ ë³´ì•ˆ 패치 수준 ì´ìƒì—ì„œ í•´ê²°ë©ë‹ˆë‹¤.</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>ë¬¸ì œ</th> - <th>CVE</th> - <th>심ê°ë„</th> - <th>Nexusì— ì˜í–¥ 여부</th> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2016-2506, CVE-2016-2505, CVE-2016-2507, CVE-2016-2508, - CVE-2016-3741, CVE-2016-3742, CVE-2016-3743</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>OpenSSL & BoringSSLì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2016-2108</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>ë¸”ë£¨íˆ¬ìŠ¤ì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2016-3744</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>libpngì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3751</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3745, CVE-2016-3746, CVE-2016-3747</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì†Œì¼“ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3748</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>LockSettingsServiceì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3749</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>í”„ë ˆìž„ì›Œí¬ APIì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3750</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ChooserTarget ì„œë¹„ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3752</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-3753</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>OpenSSLì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-2107</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-3754, CVE-2016-3755, CVE-2016-3756</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>libcì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-3818</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>lsofì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3757</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3758</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>í”„ë ˆìž„ì›Œí¬ APIì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3759</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>ë¸”ë£¨íˆ¬ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3760</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>NFCì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3761</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>ì†Œì¼“ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-3762</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>프ë¡ì‹œ ìžë™ êµ¬ì„±ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-3763</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-3764, CVE-2016-3765</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-3766</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> -</table> -<p>* 지ì›ë˜ëŠ” Nexus ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ -ì·¨ì•½ì„±ì— ì˜í–¥ì„ 받지 않습니다.</p> - - -<h3 id="2016-07-05_summary">2016-07-05 보안 패치 수준—취약성 요약</h3> -<p> -2016-07-01ì˜ ëª¨ë“ ë¬¸ì œì™€ ë‹¤ìŒ ë¬¸ì œëŠ” 2016ë…„ 7ì›” 5ì¼ -보안 패치 수준 ì´ìƒì—ì„œ í•´ê²°ë©ë‹ˆë‹¤.</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>ë¬¸ì œ</th> - <th>CVE</th> - <th>심ê°ë„</th> - <th>Nexusì— ì˜í–¥ 여부</th> - </tr> - <tr> - <td>Qualcomm GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-2503, CVE-2016-2067</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3767</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm 성능 êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성 - (기기별 ë¬¸ì œ)</td> - <td>CVE-2016-3768</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3769</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3770, CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, - CVE-2016-3774</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ íŒŒì¼ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3775</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>USB ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</td> - <td>CVE-2015-8816</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2014-9794, CVE-2014-9795, CVE-2015-8892, CVE-2013-7457, CVE-2014-9781, - CVE-2014-9786, CVE-2014-9788, CVE-2014-9779, CVE-2014-9780, CVE-2014-9789, - CVE-2014-9793, CVE-2014-9782, CVE-2014-9783, CVE-2014-9785, CVE-2014-9787, - CVE-2014-9784, CVE-2014-9777, CVE-2014-9778, CVE-2014-9790, CVE-2014-9792, - CVE-2014-9797, CVE-2014-9791, CVE-2014-9796, CVE-2014-9800, CVE-2014-9799, - CVE-2014-9801, CVE-2014-9802, CVE-2015-8891, CVE-2015-8888, CVE-2015-8889, - CVE-2015-8890</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm USB ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-2502</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3792</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-2501</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3793</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ì „ì› ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3795, CVE-2016-3796</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3797</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek 하드웨어 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성 - (기기별 ë¬¸ì œ)</td> - <td>CVE-2016-3798</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3799, CVE-2016-3800</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek GPS ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3801</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ íŒŒì¼ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3802, CVE-2016-3803</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ì „ì› ê´€ë¦¬ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성 - (기기별 ë¬¸ì œ)</td> - <td>CVE-2016-3804, CVE-2016-3805</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3806</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì§ë ¬ 주변기기 ì¸í„°íŽ˜ì´ìŠ¤ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성 - (기기별 ë¬¸ì œ)</td> - <td>CVE-2016-3807, CVE-2016-3808</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-2068</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>커ë„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</td> - <td>CVE-2014-9803</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ë„¤íŠ¸ì›Œí¬ êµ¬ì„±ìš”ì†Œì˜ ì •ë³´ 공개 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3809</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3810</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3811</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë™ì˜ìƒ ì½”ë± ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성 - (기기별 ë¬¸ì œ)</td> - <td>CVE-2016-3812</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm USB ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3813</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3814, CVE-2016-3815</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-3816</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ í…”ë ˆíƒ€ì´í”„ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2016-0723</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm 부트로ë”ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성(기기별 - ë¬¸ì œ)</td> - <td>CVE-2014-9798, CVE-2015-8893</td> - <td>ì¼ë°˜</td> - <td>예</td> - </tr> -</table> <h2 id="mitigations">Android ë° Google 서비스 완화</h2> <p>다ìŒì€ SafetyNetê³¼ ê°™ì€ <a href="/security/enhancements/index.html">Android 보안 플랫í¼</a> ë° @@ -482,10 +75,10 @@ Nexus 펌웨어 ì´ë¯¸ì§€ë„ <a href="https://developers.google.com/android/nexu <li>Android í”Œëž«í¼ ìµœì‹ ë²„ì „ì˜ í–¥ìƒëœ 기능으로 Androidì˜ ì—¬ëŸ¬ ë¬¸ì œë¥¼ 악용하기 ë”ìš± ì–´ë ¤ì›Œì¡ŒìŠµë‹ˆë‹¤. 가능하다면 ëª¨ë“ ì‚¬ìš©ìžëŠ” ìµœì‹ ë²„ì „ì˜ Androidë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</li> - <li>Android 보안팀ì—서는 <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì´ - - 설치ë ë•Œ ê²½ê³ ë¥¼ 보내는 <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf">앱 ì¸ì¦ ë° SafetyNet</a>ì„ ì‚¬ìš©í•˜ì—¬ - + <li>Android 보안팀ì—서는 <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì— ê´€í•´ + + 사용ìžì—게 ê²½ê³ ë¥¼ 보내는 <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf">앱 ì¸ì¦ ë° SafetyNet</a>ì„ ì‚¬ìš©í•˜ì—¬ + 악용사례를 ì ê·¹ì 으로 모니터ë§í•©ë‹ˆë‹¤. 앱 ì¸ì¦ì€ <a href="http://www.android.com/gms">Google ëª¨ë°”ì¼ ì„œë¹„ìŠ¤</a>ê°€ ì ìš©ëœ ê¸°ê¸°ì—ì„œ 기본ì 으로 사용 ì„¤ì •ë˜ì–´ 있으며 Google Play 외부ì—ì„œ ì• í”Œë¦¬ì¼€ì´ì…˜ì„ 설치하는 사용ìžì—게 특히 중요합니다. Google Play @@ -495,80 +88,80 @@ Nexus 펌웨어 ì´ë¯¸ì§€ë„ <a href="https://developers.google.com/android/nexu 권한 승격 ì·¨ì•½ì„±ì„ ì•…ìš©í•˜ëŠ” 것으로 ì•Œë ¤ì§„ 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‹ë³„í•˜ê³ ì°¨ë‹¨í•©ë‹ˆë‹¤. ì´ëŸ¬í•œ ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì´ë¯¸ ì„¤ì¹˜ëœ ê²½ìš° 앱 ì¸ì¦ì—ì„œ 사용ìžì—게 ì´ë¥¼ ì•Œë¦¬ê³ ê°ì§€ëœ ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‚ì œí•˜ë ¤ê³ ì‹œë„합니다.</li> - <li>가능한 경우 Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— + <li>Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— ë¯¸ë””ì–´ë¥¼ ìžë™ìœ¼ë¡œ ì „ë‹¬í•˜ì§€ 않습니다.</li> </ul> -<h2 id="acknowledgements">사사</h2> +<h2 id="acknowledgements">ê°ì‚¬ì˜ ë§ì”€</h2> <p>참여해 ì£¼ì‹ ë‹¤ìŒ ì—°êµ¬ì›ì—게 ê°ì‚¬ë“œë¦½ë‹ˆë‹¤.</p> <ul> <li>Chrome ë³´ì•ˆíŒ€ì˜ Abhishek Arya, Oliver Chang, Martin Barbella: CVE-2016-3756, CVE-2016-3741, CVE-2016-3743, CVE-2016-3742 - <li>Check Point Software Technologies Ltd.ì˜ Adam Donenfeld et al.: CVE-2016-2503 - <li>Googleì˜ Adam Powell: CVE-2016-3752 - <li>Context Information Securityì˜ Alex Chapman, Paul Stone: CVE-2016-3763 - <li><a href="https://www.e2e-assure.com/">e2e-assure</a>ì˜ Andy Tyler + </li><li>Check Point Software Technologies Ltd.ì˜ Adam Donenfeld et al.: CVE-2016-2503 + </li><li>Googleì˜ Adam Powell: CVE-2016-3752 + </li><li>Context Information Securityì˜ Alex Chapman, Paul Stone: CVE-2016-3763 + </li><li><a href="https://www.e2e-assure.com/">e2e-assure</a>ì˜ Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>): CVE-2016-2457 - <li>Google Project Zeroì˜ Ben Hawkes: CVE-2016-3775 - <li><a href="http://c0reteam.org">C0RE팀</a>ì˜ Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), + </li><li>Google Project Zeroì˜ Ben Hawkes: CVE-2016-3775 + </li><li><a href="http://c0reteam.org">C0RE팀</a>ì˜ Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Yuan-Tsung Lo(<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>), Xuxian Jiang: CVE-2016-3770, CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, CVE-2016-3774 - <li>Googleì˜ Christopher Tate: CVE-2016-3759 - <li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)ì˜ + </li><li>Googleì˜ Christopher Tate: CVE-2016-3759 + </li><li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)ì˜ Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-3762 - <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> IceSword Labì˜ + </li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a> IceSword Labì˜ Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), pjf(<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>): CVE-2016-3806, CVE-2016-3816, CVE-2016-3805, CVE-2016-3804, CVE-2016-3767, CVE-2016-3810, CVE-2016-3795, CVE-2016-3796 - <li>Google AndroidíŒ€ì˜ Greg Kaiser: CVE-2016-3758 - <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. + </li><li>Google AndroidíŒ€ì˜ Greg Kaiser: CVE-2016-3758 + </li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. Mobile Safe Teamì˜ Guang Gong(龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2016-3764 - <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. Mobile Safe Teamì˜ + </li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. Alpha Teamì˜ Hao Chen, Guang Gong: CVE-2016-3792, CVE-2016-3768 - <li><a href="http://www.cmcm.com">Cheetah Mobile</a> Security Research Labì˜ + </li><li><a href="http://www.cmcm.com">Cheetah Mobile</a> Security Research Labì˜ Hao Qin: CVE-2016-3754, CVE-2016-3766 - <li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. + </li><li><a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>. IceSword Labì˜ Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), pjf(<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>): CVE-2016-3814,CVE-2016-3802, CVE-2016-3769, CVE-2016-3807, CVE-2016-3808 - <li>Googleì˜ Marco Nelissen: CVE-2016-3818 - <li>Google Project Zeroì˜ Mark Brand: CVE-2016-3757 - <li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>: CVE-2016-3750 - <li><a href="http://c0reteam.org">C0RE팀</a>ì˜ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), + </li><li>Googleì˜ Marco Nelissen: CVE-2016-3818 + </li><li>Google Project Zeroì˜ Mark Brand: CVE-2016-3757 + </li><li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>: CVE-2016-3750 + </li><li><a href="http://c0reteam.org">C0RE팀</a>ì˜ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-3747, CVE-2016-3746, CVE-2016-3765 - <li>Alibaba Mobile Security Groupì˜ Peng Xiao, Chengming Yang, Ning You, + </li><li>Alibaba Mobile Security Groupì˜ Peng Xiao, Chengming Yang, Ning You, Chao Yang, Yang Ssong: CVE-2016-3800, CVE-2016-3799, CVE-2016-3801, CVE-2016-3812, CVE-2016-3798 - <li>Trend Microì˜ Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): + </li><li>Trend Microì˜ Peter Pi(<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-3793 - <li>Googleì˜ Ricky Wai: CVE-2016-3749 - <li>Roeland Krak: CVE-2016-3753 - <li>Scott Bauer(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): + </li><li>Googleì˜ Ricky Wai: CVE-2016-3749 + </li><li>Roeland Krak: CVE-2016-3753 + </li><li>Scott Bauer(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-3797, CVE-2016-3813, CVE-2016-3815, CVE-2016-2501, CVE-2016-2502 - <li>Vasily Vasilev: CVE-2016-2507 - <li>Alibaba Inc.ì˜ Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>) + </li><li>Vasily Vasilev: CVE-2016-2507 + </li><li>Alibaba Inc.ì˜ Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>) : CVE-2016-2508, CVE-2016-3755 - <li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)ì˜ + </li><li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)ì˜ Wen Niu(<a href="https://twitter.com/NWMonster">@NWMonster</a>): CVE-2016-3809 - <li>Tencent Security Platform Departmentì˜ Xiling Gong: CVE-2016-3745 - <li>Chinese Academy of Sciences Institute of Software TCA Labì˜ Yacong Gu: + </li><li>Tencent Security Platform Departmentì˜ Xiling Gong: CVE-2016-3745 + </li><li>Chinese Academy of Sciences Institute of Software TCA Labì˜ Yacong Gu: CVE-2016-3761 - <li>Tencent Xuanwu LABì˜ Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) + </li><li>Tencent Xuanwu LABì˜ Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) : CVE-2016-2505 - <li>Tencent Xuanwu LABì˜ Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>), + </li><li>Tencent Xuanwu LABì˜ Yongke Wang(<a href="https://twitter.com/Rudykewang">@Rudykewang</a>), Wei Wei(<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>) : CVE-2016-2506 - <li>Baidu X-Labì˜ Yulong Zhang, Tao (Lenx) Wei: CVE-2016-3744</li> -</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> + </li><li>Baidu X-Labì˜ Yulong Zhang, Tao(Lenx) Wei: CVE-2016-3744</li> +</ul> -<h2 id="2016-07-01_details">2016-07-01 보안 패치 수준—보안 취약성 ì„¸ë¶€ì •ë³´</h2> -<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 ìœ„ì˜ <a href="#2016-07-01_summary">2016-07-01 보안 패치 수준— -취약성 요약</a>ì— ë‚˜ì—´ëœ ê° ì·¨ì•½ì„± ì„¸ë¶€ì •ë³´ë¥¼ -ì œê³µí•©ë‹ˆë‹¤. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° +<h2 id="2016-07-01-details">2016-07-01 보안 패치 수준—보안 취약성 ì„¸ë¶€ì •ë³´</h2> +<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 2016-07-01 패치 ìˆ˜ì¤€ì— ì ìš©ë˜ëŠ” +ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. +여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Nexus 기기, ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œ ë“±ì´ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ 버그 IDì— @@ -579,7 +172,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ë¯¸ë””ì–´ ì„œë²„ì˜ ì›ê²© 코드 실행 취약성</h3> <p>미디어 ì„œë²„ì˜ ì›ê²© 코드 실행 취약성으로 ì¸í•´ 특별히 ì œìž‘ëœ íŒŒì¼ì„ 사용하는 공격ìžê°€ 미디어 íŒŒì¼ ë° ë°ì´í„° 처리 ì¤‘ì— ë©”ëª¨ë¦¬ ì†ìƒì„ ì¼ìœ¼í‚¬ 수 -있습니다. ì´ ë¬¸ì œëŠ” 미디어 서버 프로세스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ìœ¼ë¡œ ì¸í•´ +있습니다. ì´ ë¬¸ì œëŠ” 미디어 서버 프로세스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤. 미디어 서버 프로세스는 오디오와 ë™ì˜ìƒ ìŠ¤íŠ¸ë¦¼ë¿ ì•„ë‹ˆë¼ íƒ€ì‚¬ ì•±ì´ ì¼ë°˜ì 으로 ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¶Œí•œì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다.</p> @@ -588,13 +181,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì ‘ê·¼í• ìˆ˜ 있게 허용합니다.</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -671,24 +264,23 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>6.0, 6.0.1</td> <td>Google 사내용</td> </tr> -</table> - +</tbody></table> -<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> +<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> OpenSSL & BoringSSLì˜ ì›ê²© 코드 실행 취약성</h3> <p>OpenSSL ë° BoringSSLì˜ ì›ê²© 코드 실행 취약성으로 ì¸í•´ 특별히 ì œìž‘ëœ íŒŒì¼ì„ 사용하는 공격ìžê°€ 파ì¼ê³¼ ë°ì´í„° 처리 ì¤‘ì— ë©”ëª¨ë¦¬ ì†ìƒì„ ì¼ìœ¼í‚¬ 수 -있습니다. ì´ ë¬¸ì œëŠ” ì˜í–¥ì„ 받는 프로세스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ìœ¼ë¡œ ì¸í•´ +있습니다. ì´ ë¬¸ì œëŠ” ì˜í–¥ì„ 받는 프로세스 ë‚´ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -706,23 +298,23 @@ OpenSSL & BoringSSLì˜ ì›ê²© 코드 실행 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 5ì›” 3ì¼</td> </tr> -</table> +</tbody></table> <h3 id="remote-code-execution-vulnerability-in-bluetooth"> ë¸”ë£¨íˆ¬ìŠ¤ì˜ ì›ê²© 코드 실행 취약성</h3> <p>ë¸”ë£¨íˆ¬ìŠ¤ì˜ ì›ê²© 코드 실행 취약성으로 ì¸í•´ 가까운 공격ìžê°€ íŽ˜ì–´ë§ ê³¼ì •ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” -블루투스 기기를 초기화하는 ë™ì•ˆ ì›ê²© 코드 실행 가능성으로 ì¸í•´ +블루투스 기기를 초기화하는 ë™ì•ˆ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -739,25 +331,26 @@ OpenSSL & BoringSSLì˜ ì›ê²© 코드 실행 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 3ì›” 30ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-libpng"> libpngì˜ ê¶Œí•œ 승격 취약성</h3> <p>libpngì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ -있습니다. ì´ ë¬¸ì œëŠ” 타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ê¸°ëŠ¥ì— -<a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” -<a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ -ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ ë¡œì»¬ 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +있습니다. ì´ ë¬¸ì œëŠ” <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ +ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 +ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ +로컬 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -775,22 +368,23 @@ libpngì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2015ë…„ 12ì›” 3ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-mediaserver"> 미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</h3> -<p>미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> -권한과 ê°™ì´ íƒ€ì‚¬ ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 -ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ ë¡œì»¬ 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +<p>미디어 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ìŠ¹ê²©ëœ ì‹œìŠ¤í…œ ì• í”Œë¦¬ì¼€ì´ì…˜ 컨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">서명</a> ë˜ëŠ” <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> 권한과 ê°™ì´ +타사 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ +ì•¡ì„¸ìŠ¤í• ìˆ˜ 없는 ìŠ¹ê²©ëœ ê¶Œí•œìœ¼ë¡œì˜ +로컬 액세스를 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -828,7 +422,7 @@ libpngì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 3ì›” 28ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets"> ì†Œì¼“ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -839,13 +433,13 @@ libpngì˜ ê¶Œí•œ 승격 취약성</h3> í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -863,7 +457,7 @@ libpngì˜ ê¶Œí•œ 승격 취약성</h3> <td>6.0, 6.0.1</td> <td>2016ë…„ 4ì›” 13ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice"> LockSettingsServiceì˜ ê¶Œí•œ 승격 취약성</h3> @@ -873,13 +467,13 @@ LockSettingsServiceì˜ ê¶Œí•œ 승격 취약성</h3> 보안 ì„¤ì • ë³€ê²½ì„ ë¡œì»¬ì—ì„œ ìš°íšŒí• ìˆ˜ 있게 하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -897,7 +491,7 @@ LockSettingsServiceì˜ ê¶Œí•œ 승격 취약성</h3> <td>6.0, 6.0.1</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis"> í”„ë ˆìž„ì›Œí¬ APIì˜ ê¶Œí•œ 승격 취약성</h3> @@ -908,13 +502,13 @@ LockSettingsServiceì˜ ê¶Œí•œ 승격 취약성</h3> 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -932,7 +526,7 @@ LockSettingsServiceì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2015ë…„ 12ì›” 16ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service"> ChooserTarget ì„œë¹„ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -942,13 +536,13 @@ ChooserTarget ì„œë¹„ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</h3> 사용ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -966,7 +560,7 @@ ChooserTarget ì„œë¹„ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</h3> <td>6.0, 6.0.1</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver"> 미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -976,13 +570,13 @@ ChooserTarget ì„œë¹„ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</h3> 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -998,7 +592,7 @@ ChooserTarget ì„œë¹„ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4</td> <td>2016ë…„ 2ì›” 15ì¼</td> </tr> -</table> +</tbody></table> <p>* 지ì›ë˜ëŠ” Nexus ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì— ì˜í–¥ì„ 받지 않습니다.</p> @@ -1010,13 +604,13 @@ OpenSSLì˜ ì •ë³´ 공개 취약성</h3> 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1032,7 +626,7 @@ OpenSSLì˜ ì •ë³´ 공개 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1</td> <td>2016ë…„ 4ì›” 13ì¼</td> </tr> -</table> +</tbody></table> <p>* 지ì›ë˜ëŠ” Nexus ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì— ì˜í–¥ì„ 받지 않습니다.</p> @@ -1040,16 +634,16 @@ OpenSSLì˜ ì •ë³´ 공개 취약성</h3> 미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부 취약성으로 ì¸í•´ 특별히 ì œìž‘ëœ íŒŒì¼ì„ 사용하는 공격ìžê°€ 기기를 지연시키거나 ìž¬ë¶€íŒ…ì„ ì¼ìœ¼í‚¬ 수 있습니다. ì´ ë¬¸ì œëŠ” -ì¼ì‹œì ì¸ ì›ê²© 서비스 거부 가능성으로 ì¸í•´ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +ì¼ì‹œì ì¸ ì›ê²© 서비스 거부 ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1088,22 +682,22 @@ OpenSSLì˜ ì •ë³´ 공개 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-libc"> libcì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p>libcì˜ ì„œë¹„ìŠ¤ 거부 취약성으로 ì¸í•´ 특별히 ì œìž‘ëœ íŒŒì¼ì„ 사용하는 공격ìžê°€ 기기를 지연시키거나 ìž¬ë¶€íŒ…ì„ ì¼ìœ¼í‚¬ 수 있습니다. ì´ ë¬¸ì œëŠ” -ì›ê²© 서비스 거부 가능성으로 ì¸í•´ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> +ì›ê²© 서비스 거부 ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1119,7 +713,7 @@ libcì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <td>4.4.4</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* 지ì›ë˜ëŠ” Nexus ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì— ì˜í–¥ì„ 받지 않습니다.</p> @@ -1131,13 +725,13 @@ lsofì˜ ê¶Œí•œ 승격 취약성</h3> 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1155,7 +749,7 @@ lsofì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 4ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader"> DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1165,13 +759,13 @@ DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</h3> 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1189,7 +783,7 @@ DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2"> í”„ë ˆìž„ì›Œí¬ APIì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1200,13 +794,13 @@ DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</h3> ê¶Œí•œì„ ìš”êµ¬í•˜ë¯€ë¡œ 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1224,7 +818,7 @@ DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</h3> <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"> ë¸”ë£¨íˆ¬ìŠ¤ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1234,13 +828,13 @@ DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</h3> 부여하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1259,7 +853,7 @@ DexClassLoaderì˜ ê¶Œí•œ 승격 취약성</h3> <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 2ì›” 29ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-nfc"> NFCì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1269,13 +863,13 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1293,7 +887,7 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 4ì›” 20ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"> ì†Œì¼“ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1304,13 +898,13 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1328,7 +922,7 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 4ì›” 21ì¼</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> 프ë¡ì‹œ ìžë™ êµ¬ì„±ì˜ ì •ë³´ 공개 취약성</h3> @@ -1336,13 +930,13 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> 민ê°í•œ ì •ë³´ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있ë„ë¡ í—ˆìš©ë 수 있습니다. ì´ ë¬¸ì œëŠ” 권한 ì—†ì´ ë°ì´í„°ì— 액세스하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1360,7 +954,7 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 3ì›” 10ì¼</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver-2"> 미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -1369,13 +963,13 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> 있으므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1403,22 +997,22 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> <td>6.0, 6.0.1</td> <td>2016ë…„ 4ì›” 8ì¼</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> 미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부 취약성으로 ì¸í•´ 특별히 ì œìž‘ëœ íŒŒì¼ì„ 사용하는 공격ìžê°€ 기기를 지연시키거나 ìž¬ë¶€íŒ…ì„ ì¼ìœ¼í‚¬ 수 있습니다. ì´ ë¬¸ì œëŠ” -ì›ê²© 서비스 거부 가능성으로 ì¸í•´ 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> +ì›ê²© 서비스 거부 ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1437,12 +1031,12 @@ NFCì˜ ê¶Œí•œ 승격 취약성</h3> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 4ì›” 29ì¼</td> </tr> -</table> +</tbody></table> -<h2 id="2016-07-05_details">2016-07-05 보안 패치 수준—취약성 ì„¸ë¶€ì •ë³´</h2> -<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 ìœ„ì˜ <a href="2016-07-05_summary">2016-07-05 보안 패치 수준— -취약성 요약</a>ì— ë‚˜ì—´ëœ ê° ì·¨ì•½ì„± ì„¸ë¶€ì •ë³´ë¥¼ -ì œê³µí•©ë‹ˆë‹¤. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° +<h2 id="2016-07-05-details">2016-07-05 보안 패치 수준—취약성 ì„¸ë¶€ì •ë³´</h2> +<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 2016-07-05 패치 ìˆ˜ì¤€ì— ì ìš©ë˜ëŠ” +ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. +여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Nexus 기기, ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œ ë“±ì´ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ 버그 IDì— @@ -1455,15 +1049,15 @@ Qualcomm GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì„ ì¼ìœ¼í‚¬ ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©°, -기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> +기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1487,7 +1081,7 @@ Qualcomm GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 5X, Nexus 6, Nexus 6P</td> <td>2016ë…„ 4ì›” 20ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ì 으로 ì‚¬ìš©í• ìˆ˜ 없습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -1500,12 +1094,12 @@ MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1515,12 +1109,12 @@ MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <tr> <td>CVE-2016-3767</td> <td>A-28169363* - <br>M-ALPS02689526</td> + <br />M-ALPS02689526</td> <td>심ê°</td> <td>Android One</td> <td>2016ë…„ 4ì›” 6ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ì 으로 ì‚¬ìš©í• ìˆ˜ 없습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -1534,12 +1128,12 @@ Qualcomm 성능 êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1554,7 +1148,7 @@ Qualcomm 성능 êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 5, Nexus 6, Nexus 5X, Nexus 6P, Nexus 7(2013)</td> <td>2016ë…„ 4ì›” 9ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ì 으로 ì‚¬ìš©í• ìˆ˜ 없습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -1565,15 +1159,15 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ì˜êµ¬ì ì¸ ë¡œì»¬ 기기 ì†ìƒì„ ì¼ìœ¼í‚¬ ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©°, -기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> +기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1582,13 +1176,13 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3769</td> - <td>A-28376656*<br> + <td>A-28376656*<br /> N-CVE20163769</td> <td>심ê°</td> <td>Nexus 9</td> <td>2016ë…„ 4ì›” 18ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -1602,12 +1196,12 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1616,7 +1210,7 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> </tr> <tr> <td>CVE-2016-3770</td> - <td>A-28346752*<br> + <td>A-28346752*<br /> M-ALPS02703102</td> <td>심ê°</td> <td>Android One</td> @@ -1624,7 +1218,7 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> </tr> <tr> <td>CVE-2016-3771</td> - <td>A-29007611*<br> + <td>A-29007611*<br /> M-ALPS02703102</td> <td>심ê°</td> <td>Android One</td> @@ -1632,7 +1226,7 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> </tr> <tr> <td>CVE-2016-3772</td> - <td>A-29008188*<br> + <td>A-29008188*<br /> M-ALPS02703102</td> <td>심ê°</td> <td>Android One</td> @@ -1640,7 +1234,7 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> </tr> <tr> <td>CVE-2016-3773</td> - <td>A-29008363*<br> + <td>A-29008363*<br /> M-ALPS02703102</td> <td>심ê°</td> <td>Android One</td> @@ -1648,13 +1242,13 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> </tr> <tr> <td>CVE-2016-3774</td> - <td>A-29008609*<br> + <td>A-29008609*<br /> M-ALPS02703102</td> <td>심ê°</td> <td>Android One</td> <td>2016ë…„ 4ì›” 22ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -1668,12 +1262,12 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1687,7 +1281,7 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> <td>Nexus 5X, Nexus 6, Nexus 6P ë° Nexus Player, Pixel C</td> <td>2016ë…„ 5ì›” 4ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -1701,12 +1295,12 @@ USB ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1720,28 +1314,28 @@ USB ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9, Nexus Player, Pixel C</td> <td>2016ë…„ 5ì›” 4ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> -<p>아래 í‘œì—는 부트로ë”, ì¹´ë©”ë¼ ë“œë¼ì´ë²„, ìºë¦í„° ë“œë¼ì´ë¸Œ, 네트워í¬, -사운드 ë“œë¼ì´ë²„ ë° ë™ì˜ìƒ ë“œë¼ì´ë²„를 í¬í•¨í•´ Qualcomm êµ¬ì„±ìš”ì†Œì— +<p>아래 í‘œì—는 부트로ë”, ì¹´ë©”ë¼ ë“œë¼ì´ë²„, ìºë¦í„° ë“œë¼ì´ë²„, 네트워í¬, +사운드 ë“œë¼ì´ë²„, ë™ì˜ìƒ ë“œë¼ì´ë²„ ë“±ì˜ Qualcomm êµ¬ì„±ìš”ì†Œì— ì˜í–¥ì„ 주는 보안 ì·¨ì•½ì„±ì´ í¬í•¨ë˜ì–´ 있습니다.</p> <p>ì´ ì¤‘ 가장 심ê°í•œ ë¬¸ì œëŠ” ìž„ì˜ì˜ 코드 실행 가능성으로 로컬 기기가 ì˜êµ¬ì 으로 ì†ìƒë 수 있으므로 심ê°ë„ 심ê°ìœ¼ë¡œ -í‰ê°€ë˜ë©°, 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ ìµœì‹ ë²„ì „ìœ¼ë¡œ -ì—…ë°ì´íŠ¸í•´ì•¼ í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> +í‰ê°€ë˜ë©°, 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 +í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„*</th> @@ -1750,7 +1344,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9795</td> - <td>A-28820720<br> + <td>A-28820720<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] </td> @@ -1760,7 +1354,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9794</td> - <td>A-28821172<br> + <td>A-28821172<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> </td> <td>심ê°</td> @@ -1769,7 +1363,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2015-8892</td> - <td>A-28822807<br> + <td>A-28822807<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> </td> <td>심ê°</td> @@ -1778,8 +1372,8 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9781</td> - <td>A-28410333<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> + <td>A-28410333<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> </td> <td>높ìŒ</td> <td>Nexus 7(2013)</td> @@ -1787,7 +1381,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9786</td> - <td>A-28557260<br> + <td>A-28557260<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1795,7 +1389,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9788</td> - <td>A-28573112<br> + <td>A-28573112<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> <td>높ìŒ</td> <td>Nexus 5</td> @@ -1803,15 +1397,15 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9779</td> - <td>A-28598347<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> + <td>A-28598347<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> <td>높ìŒ</td> <td>Nexus 5</td> <td>2014ë…„ 3ì›” 13ì¼</td> </tr> <tr> <td>CVE-2014-9780</td> - <td>A-28602014<br> + <td>A-28602014<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 5X, Nexus 6P</td> @@ -1819,7 +1413,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9789</td> - <td>A-28749392<br> + <td>A-28749392<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> <td>높ìŒ</td> <td>Nexus 5</td> @@ -1827,7 +1421,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9793</td> - <td>A-28821253<br> + <td>A-28821253<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> <td>높ìŒ</td> <td>Nexus 7(2013)</td> @@ -1835,7 +1429,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9782</td> - <td>A-28431531<br> + <td>A-28431531<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1843,7 +1437,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9783</td> - <td>A-28441831<br> + <td>A-28441831<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> <td>높ìŒ</td> @@ -1852,7 +1446,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9785</td> - <td>A-28469042<br> + <td>A-28469042<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> <td>높ìŒ</td> <td>Nexus 7(2013)</td> @@ -1860,7 +1454,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9787</td> - <td>A-28571496<br> + <td>A-28571496<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> <td>높ìŒ</td> <td>Nexus 7(2013)</td> @@ -1868,7 +1462,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9784</td> - <td>A-28442449<br> + <td>A-28442449<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1876,7 +1470,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9777</td> - <td>A-28598501<br> + <td>A-28598501<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1884,7 +1478,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9778</td> - <td>A-28598515<br> + <td>A-28598515<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1892,16 +1486,16 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9790</td> - <td>A-28769136<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> - [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> + <td>A-28769136<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> + [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> <td>2014ë…„ 4ì›” 30ì¼</td> </tr> <tr> <td>CVE-2014-9792</td> - <td>A-28769399<br> + <td>A-28769399<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> <td>높ìŒ</td> <td>Nexus 5</td> @@ -1909,7 +1503,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9797</td> - <td>A-28821090<br> + <td>A-28821090<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> <td>높ìŒ</td> <td>Nexus 5</td> @@ -1917,15 +1511,15 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9791</td> - <td>A-28803396<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> + <td>A-28803396<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> <td>높ìŒ</td> <td>Nexus 7(2013)</td> <td>2014ë…„ 8ì›” 29ì¼</td> </tr> <tr> <td>CVE-2014-9796</td> - <td>A-28820722<br> + <td>A-28820722<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1933,7 +1527,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9800</td> - <td>A-28822150<br> + <td>A-28822150<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1941,7 +1535,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9799</td> - <td>A-28821731<br> + <td>A-28821731<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1949,7 +1543,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9801</td> - <td>A-28822060<br> + <td>A-28822060<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> <td>높ìŒ</td> <td>Nexus 5</td> @@ -1957,7 +1551,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9802</td> - <td>A-28821965<br> + <td>A-28821965<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1965,7 +1559,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2015-8891</td> - <td>A-28842418<br> + <td>A-28842418<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> @@ -1973,7 +1567,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2015-8888</td> - <td>A-28822465<br> + <td>A-28822465<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> <td>높ìŒ</td> <td>Nexus 5</td> @@ -1981,7 +1575,7 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2015-8889</td> - <td>A-28822677<br> + <td>A-28822677<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> <td>높ìŒ</td> <td>Nexus 6P</td> @@ -1989,13 +1583,13 @@ Qualcomm êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2015-8890</td> - <td>A-28822878<br> + <td>A-28822878<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 7(2013)</td> <td>2015ë…„ 8ì›” 19ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œì˜ ì‹¬ê°ë„ ë“±ê¸‰ì€ Qualcommì—ì„œ ì§ì ‘ ì œê³µí•©ë‹ˆë‹¤.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> @@ -2006,12 +1600,12 @@ Qualcomm USB ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2026,22 +1620,22 @@ Qualcomm USB ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 5X, Nexus 6P</td> <td>2016ë…„ 3ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ -있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ ì ˆì°¨ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 +있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2056,22 +1650,22 @@ Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 7(2013)</td> <td>2016ë…„ 3ì›” 17ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 -ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ ì ˆì°¨ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 +ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2086,7 +1680,7 @@ Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013)</td> <td>2016ë…„ 3ì›” 27ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2099,12 +1693,12 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2113,13 +1707,13 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3793</td> - <td>A-28026625*<br> + <td>A-28026625*<br /> N-CVE20163793</td> <td>높ìŒ</td> <td>Nexus 9</td> <td>2016ë…„ 4ì›” 5ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2132,12 +1726,12 @@ MediaTek ì „ì› ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2146,7 +1740,7 @@ MediaTek ì „ì› ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3795</td> - <td>A-28085222*<br> + <td>A-28085222*<br /> M-ALPS02677244</td> <td>높ìŒ</td> <td>Android One</td> @@ -2154,13 +1748,13 @@ MediaTek ì „ì› ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3796</td> - <td>A-29008443*<br> + <td>A-29008443*<br /> M-ALPS02677244</td> <td>높ìŒ</td> <td>Android One</td> <td>2016ë…„ 4ì›” 7ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2169,16 +1763,16 @@ MediaTek ì „ì› ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 ì‹¤í–‰í• ìˆ˜ -있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ ì ˆì°¨ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 +있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2193,7 +1787,7 @@ Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 5X</td> <td>2016ë…„ 4ì›” 7ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2202,16 +1796,16 @@ Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> MediaTek 하드웨어 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>MediaTek 하드웨어 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 -ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ ì ˆì°¨ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 +ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2220,13 +1814,13 @@ MediaTek 하드웨어 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3798</td> - <td>A-28174490*<br> + <td>A-28174490*<br /> M-ALPS02703105</td> <td>높ìŒ</td> <td>Android One</td> <td>2016ë…„ 4ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2239,12 +1833,12 @@ MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2253,7 +1847,7 @@ MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3799</td> - <td>A-28175025*<br> + <td>A-28175025*<br /> M-ALPS02693738</td> <td>높ìŒ</td> <td>Android One</td> @@ -2261,13 +1855,13 @@ MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3800</td> - <td>A-28175027*<br> + <td>A-28175027*<br /> M-ALPS02693739</td> <td>높ìŒ</td> <td>Android One</td> <td>2016ë…„ 4ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2280,12 +1874,12 @@ MediaTek GPS ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2294,13 +1888,13 @@ MediaTek GPS ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3801</td> - <td>A-28174914*<br> + <td>A-28174914*<br /> M-ALPS02688853</td> <td>높ìŒ</td> <td>Android One</td> <td>2016ë…„ 4ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2313,12 +1907,12 @@ MediaTek GPS ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2339,7 +1933,7 @@ MediaTek GPS ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Nexus 5X, Nexus 6P</td> <td>2016ë…„ 5ì›” 4ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2352,12 +1946,12 @@ MediaTek ì „ì› ê´€ë¦¬ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2366,7 +1960,7 @@ MediaTek ì „ì› ê´€ë¦¬ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3804</td> - <td>A-28332766*<br> + <td>A-28332766*<br /> M-ALPS02694410</td> <td>높ìŒ</td> <td>Android One</td> @@ -2374,13 +1968,13 @@ MediaTek ì „ì› ê´€ë¦¬ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3805</td> - <td>A-28333002*<br> + <td>A-28333002*<br /> M-ALPS02694412</td> <td>높ìŒ</td> <td>Android One</td> <td>2016ë…„ 4ì›” 21ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2393,12 +1987,12 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2407,13 +2001,13 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2016-3806</td> - <td>A-28402341*<br> + <td>A-28402341*<br /> M-ALPS02715341</td> <td>높ìŒ</td> <td>Android One</td> <td>2016ë…„ 4ì›” 26ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2426,12 +2020,12 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2452,7 +2046,7 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td>Pixel C</td> <td>2016ë…„ 4ì›” 26ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2465,12 +2059,12 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2480,12 +2074,12 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <tr> <td>CVE-2016-2068</td> <td>A-28470967 - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> <td>높ìŒ</td> <td>Nexus 5, Nexus 5X, Nexus 6, Nexus 6P</td> <td>2016ë…„ 4ì›” 28ì¼</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-kernel"> 커ë„ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -2495,12 +2089,12 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2509,14 +2103,14 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> </tr> <tr> <td>CVE-2014-9803</td> - <td>A-28557020<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> + <td>A-28557020<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> 업스트림 커ë„</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-networking-component"> ë„¤íŠ¸ì›Œí¬ êµ¬ì„±ìš”ì†Œì˜ ì •ë³´ 공개 취약성</h3> @@ -2526,12 +2120,12 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2545,7 +2139,7 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <td><a href="#all_nexus">ëª¨ë“ Nexus</a></td> <td>2016ë…„ 3ì›” 5ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2558,12 +2152,12 @@ MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> 민ê°í•œ ë°ì´í„°ì— 액세스하는 ë° ì‚¬ìš©ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2572,13 +2166,13 @@ MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> </tr> <tr> <td>CVE-2016-3810</td> - <td>A-28175522*<br> + <td>A-28175522*<br /> M-ALPS02694389</td> <td>높ìŒ</td> <td>Android One</td> <td>2016ë…„ 4ì›” 12ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2591,12 +2185,12 @@ MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2610,7 +2204,7 @@ MediaTek Wi-Fi ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <td>Nexus 9</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2623,12 +2217,12 @@ MediaTek ë™ì˜ìƒ ì½”ë± ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2637,13 +2231,13 @@ MediaTek ë™ì˜ìƒ ì½”ë± ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> </tr> <tr> <td>CVE-2016-3812</td> - <td>A-28174833*<br> + <td>A-28174833*<br /> M-ALPS02688832</td> <td>보통</td> <td>Android One</td> <td>2016ë…„ 4ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2656,12 +2250,12 @@ Qualcomm USB ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2676,7 +2270,7 @@ Qualcomm USB ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <td>Nexus 5, Nexus 5X, Nexus 6, Nexus 6P</td> <td>2016ë…„ 4ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2689,12 +2283,12 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2703,7 +2297,7 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> </tr> <tr> <td>CVE-2016-3814</td> - <td>A-28193342*<br> + <td>A-28193342*<br /> N-CVE20163814</td> <td>보통</td> <td>Nexus 9</td> @@ -2711,13 +2305,13 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> </tr> <tr> <td>CVE-2016-3815</td> - <td>A-28522274*<br> + <td>A-28522274*<br /> N-CVE20163815</td> <td>보통</td> <td>Nexus 9</td> <td>2016ë…„ 5ì›” 1ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2730,12 +2324,12 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2749,7 +2343,7 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <td>Android One</td> <td>2016ë…„ 4ì›” 26ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -2762,12 +2356,12 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2776,7 +2370,7 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> </tr> <tr> <td>CVE-2016-0723</td> - <td>A-28409131<br> + <td>A-28409131<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439">업스트림 커ë„</a></td> <td>보통</td> @@ -2784,7 +2378,7 @@ MediaTek ë””ìŠ¤í”Œë ˆì´ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> Player, Pixel C</td> <td>2016ë…„ 4ì›” 26ì¼</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> Qualcomm 부트로ë”ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> @@ -2794,12 +2388,12 @@ Qualcomm 부트로ë”ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2822,9 +2416,9 @@ Qualcomm 부트로ë”ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <td>Nexus 5, Nexus 7(2013)</td> <td>2015ë…„ 8ì›” 19ì¼</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">ì¼ë°˜ì ì¸ ì§ˆë¬¸ ë° ë‹µë³€</h2> -<p>ì´ ì„¹ì…˜ì—서는 게시íŒì„ ì½ì€ ë’¤ ì œê¸°ë 수 있는 ì¼ë°˜ì ì¸ ì§ˆë¬¸ì— ë‹µë³€ì„ ì œì‹œí•©ë‹ˆë‹¤.</p> +<p>ì´ ì„¹ì…˜ì—서는 게시íŒì„ ì½ì€ ë’¤ ì œê¸°ë 수 있는 ì¼ë°˜ì ì¸ ì§ˆë¬¸ì— ëŒ€í•œ ë‹µë³€ì„ ì œì‹œí•©ë‹ˆë‹¤.</p> <p><strong>1. ë‚´ 기기가 ì—…ë°ì´íŠ¸ë˜ì–´ ì´ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆëŠ”지 어떻게 ì•Œ 수 있나요?</strong></p> <p>2016-07-01 보안 패치 문ìžì—´ 수준과 ê´€ë ¨ëœ ëª¨ë“ ë¬¸ì œëŠ” 2016-07-01 @@ -2850,23 +2444,21 @@ Qualcomm 부트로ë”ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> 2016ë…„ 7ì›” 5ì¼ì˜ 보안 패치 수준과 ê´€ë ¨ëœ ë¬¸ì œì˜ ìˆ˜ì •ì‚¬í•ì„ í¬í•¨í• 수 있습니다.</p> -<p id="all_nexus"><strong>3. ë¬¸ì œ ìœ í˜•ë³„ë¡œ ì˜í–¥ì„ 받는 Nexus 기기를 어떻게 ê²°ì •í•˜ë‚˜ìš”?</strong></p> -<p><a href="#2016-07-01_details">2016-07-01</a> ë° -<a href="#2016-07-05_details">2016-07-05</a> 보안 취약성 ì„¸ë¶€ì •ë³´ 섹션ì—ì„œ -ê°ê°ì˜ í‘œì— ë¬¸ì œ ìœ í˜•ë³„ë¡œ ì—…ë°ì´íŠ¸ëœ ëŒ€ìƒ Nexus ê¸°ê¸°ì˜ ë²”ìœ„ë¥¼ í¬í•¨í•˜ëŠ” -ì—…ë°ì´íŠ¸ëœ Nexus 기기 ì—´ì´ ìžˆìŠµë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤.</p> +<p id="all_nexus"><strong>3. ë¬¸ì œë³„ë¡œ ì˜í–¥ì„ 받는 Nexus 기기는 어떻게 ì•Œ 수 있나요?</strong></p> +<p><a href="#2016-07-01-details">2016-07-01</a> ë° +<a href="#2016-07-05-details">2016-07-05</a> 보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” +ê° í‘œì˜ ì—…ë°ì´íŠ¸ëœ Nexus 기기 ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ì˜í–¥ì„ 받는 Nexus ê¸°ê¸°ì˜ ë²”ìœ„ê°€ ë¬¸ì œë³„ë¡œ ì—…ë°ì´íŠ¸ë˜ì–´ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤.</p> <ul> - <li><strong>ëª¨ë“ Nexus 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Nexus ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우 + <li><strong>ëª¨ë“ Nexus 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Nexus ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Nexus 기기</em> ì—´ì— 'ëª¨ë“ Nexus'ë¼ê³ 표시ë©ë‹ˆë‹¤. 'ëª¨ë“ Nexus'는 다ìŒê³¼ ê°™ì€ <a href="https://support.google.com/nexus/answer/4457705#nexus_devices">지ì›ë˜ëŠ” 기기</a>를 í¬í•¨í•©ë‹ˆë‹¤. Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9, Android One, Nexus Player, Pixel C</li> - <li><strong>ì¼ë¶€ Nexus 기기</strong>: ë¬¸ì œê°€ ì˜í–¥ì„ 미치지 않는 Nexus - 기기가 있는 경우, ì˜í–¥ì„ 받는 Nexus 기기가 - <em>ì—…ë°ì´íŠ¸ëœ Nexus 기기</em> ì—´ì— í‘œì‹œë©ë‹ˆë‹¤.</li> - <li><strong>Nexus 기기 해당없ìŒ</strong>: ë¬¸ì œê°€ Nexus ê¸°ê¸°ì— ì˜í–¥ì„ 미치지 않는 경우 - í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Nexus 기기</em> ì—´ì— '해당없ìŒ'ì´ í‘œì‹œë©ë‹ˆë‹¤.</li> + <li><strong>ì¼ë¶€ Nexus 기기</strong>: ë¬¸ì œê°€ ì¼ë¶€ Nexus ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, +ì˜í–¥ì„ 받는 Nexus 기기가 <em>ì—…ë°ì´íŠ¸ëœ Nexus 기기</em> ì—´ì— í‘œì‹œë©ë‹ˆë‹¤.</li> + <li><strong>Nexus 기기 해당 ì—†ìŒ</strong>: ë¬¸ì œê°€ Nexus ê¸°ê¸°ì— ì˜í–¥ì„ 미치지 않는 경우, + í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Nexus 기기</em> ì—´ì— 'ì—†ìŒ'ì´ë¼ê³ 표시ë©ë‹ˆë‹¤.</li> </ul> <p><strong>4. 참조 ì—´ì˜ í•ëª©ì´ 매핑하는 대ìƒì€ 무엇ì¸ê°€ìš”?</strong></p> @@ -2875,9 +2467,9 @@ Qualcomm 부트로ë”ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> 다ìŒê³¼ ê°™ì´ ë§¤í•‘ë©ë‹ˆë‹¤.</p> <table> - <tr> + <tbody><tr> <th>ì ‘ë‘ì–´</th> - <th>참조 문서</th> + <th>참조</th> </tr> <tr> <td>A-</td> @@ -2895,21 +2487,20 @@ Qualcomm 부트로ë”ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <td>N-</td> <td>NVIDIA 참조 번호</td> </tr> -</table> +</tbody></table> -<h2 id="revisions">ë²„ì „</h2> +<h2 id="revisions">ìˆ˜ì • ë‚´ì—</h2> <ul> <li>2016ë…„ 7ì›” 6ì¼: 게시íŒì´ 게시ë¨</li> <li>2016ë…„ 7ì›” 7ì¼: <ul> <li>AOSP ë§í¬ ì¶”ê°€ë¨ - <li>CVE-2016-3794ê°€ CVE-2016-3814와 중복ë˜ì–´ ì‚ì œë¨ - <li>CVE-2016-2501 ë° CVE-2016-2502ì˜ ì†ì„±ì´ ì¶”ê°€ë¨ - </li></li></li></ul> + </li><li>CVE-2016-3794ê°€ CVE-2016-3814와 중복ë˜ì–´ ì‚ì œë¨ + </li><li>CVE-2016-2501 ë° CVE-2016-2502ì˜ ì†ì„±ì´ ì¶”ê°€ë¨ + </li></ul> </li> <li>2016ë…„ 7ì›” 11ì¼: CVE-2016-3750ì˜ ì†ì„±ì´ ì—…ë°ì´íŠ¸ë¨</li> <li>2016ë…„ 7ì›” 14ì¼: CVE-2016-2503ì˜ ì†ì„±ì´ ì—…ë°ì´íŠ¸ë¨</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2016-12-01.html b/ko/security/bulletin/2016-12-01.html index 59b9f962..52dd844d 100644 --- a/ko/security/bulletin/2016-12-01.html +++ b/ko/security/bulletin/2016-12-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android 보안 게시íŒâ€”2016ë…„ 12ì›”</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,15 +20,13 @@ limitations under the License. --> - - -<p><em>2016ë…„ 12ì›” 5ì¼ ê²Œì‹œë¨ | 2016ë…„ 12ì›” 7ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> +<p><em>2016ë…„ 12ì›” 5ì¼ ê²Œì‹œë¨ | 2016ë…„ 12ì›” 21ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> <p> -Android 보안 게시íŒì€ Android ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 보안 취약성 +Android 보안 게시íŒì—서는 Android ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 보안 취약성 ì„¸ë¶€ì •ë³´ë¥¼ 다룹니다. 게시íŒê³¼ 함께 ë¬´ì„ (OTA) ì—…ë°ì´íŠ¸ë¥¼ 통해 Google 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌웨어 ì´ë¯¸ì§€ë„ <a href="https://developers.google.com/android/nexus/images">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì— ê²Œì‹œë˜ì—ˆìŠµë‹ˆë‹¤. 아래 목ë¡ì˜ ë¬¸ì œëŠ” 2016ë…„ 12ì›” 5ì¼ -보안 패치 수준 ì´ìƒì—ì„œ ëª¨ë‘ í•´ê²°ë©ë‹ˆë‹¤. <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì„ +보안 패치 수준 ì´ìƒì—ì„œ ëª¨ë‘ í•´ê²°ë©ë‹ˆë‹¤. <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì„ ì°¸ì¡°í•˜ì—¬ 기기 보안 패치 ìˆ˜ì¤€ì„ í™•ì¸í•˜ëŠ” ë°©ë²•ì„ ì•Œì•„ë³´ì„¸ìš”. </p> <p> @@ -40,15 +37,18 @@ Google 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌웨 ì´ ê²Œì‹œíŒì—는 AOSP ì™¸ë¶€ì˜ íŒ¨ì¹˜ ë§í¬ë„ í¬í•¨ë˜ì–´ 있습니다. </p> <p> -ì´ ì¤‘ 가장 심ê°í•œ ë¬¸ì œëŠ” 기기별 ì½”ë“œì˜ ì‹¬ê°í•œ 보안 취약성으로, ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ -ìž„ì˜ ì½”ë“œ ì‹¤í–‰ì„ í—ˆìš©í•˜ì—¬ 로컬 기기가 ì˜êµ¬ì 으로 ì†ìƒë ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë©° -기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤. +ì´ ì¤‘ 가장 심ê°í•œ ë¬¸ì œëŠ” 기기별 ì½”ë“œì˜ ì‹¬ê°í•œ 보안 취약성으로, ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ ì½”ë“œ ì‹¤í–‰ì„ í—ˆìš©í•˜ì—¬ 로컬 기기가 ì˜êµ¬ì 으로 ì†ìƒë ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë©° +기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤. <a href="/security/overview/updates-resources.html#severity">심ê°ë„ +í‰ê°€</a>는 개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화가 사용 중지ë˜ì–´ 있거나 +우회ë˜ëŠ” 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ ë°›ì„ ìˆ˜ 있는 ì˜í–¥ì„ +기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤. </p> <p> ì‹¤ì œ ê³ ê°ì´ 새로 ë³´ê³ ëœ ì´ëŸ¬í•œ ë¬¸ì œë¡œ ì¸í•´ 악용당했다는 ì‹ ê³ ëŠ” ì ‘ìˆ˜ë˜ì§€ 않았습니다. <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>ê³¼ ê°™ì´ Android 플랫í¼ì˜ ë³´ì•ˆì„ ê°œì„ í•˜ëŠ” -<a href="/security/enhancements/index.html">Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° ì„œë¹„ìŠ¤ 보호 ê¸°ëŠ¥ì— ê´€ë ¨ëœ -ì„¸ë¶€ì •ë³´ë¥¼ ë³´ë ¤ë©´ <a href="#mitigations">Android ë° Google 서비스 완화</a> ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”. +<a href="/security/enhancements/index.html">Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° ì„œë¹„ìŠ¤ 보호 ê¸°ëŠ¥ì— ê´€í•´ +ìžì„¸ížˆ ì•Œì•„ë³´ë ¤ë©´ <a href="#mitigations">Android ë° Google 서비스 완화</a> +ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”. </p> <p> ëª¨ë“ ê³ ê°ì€ 기기ì—ì„œ ì´ ì—…ë°ì´íŠ¸ë¥¼ 수ë½í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤. @@ -60,7 +60,7 @@ Google 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌웨 ë‘ ê°€ì§€ 보안 패치 수준 문ìžì—´ì´ í¬í•¨ë˜ì–´ 있습니다. ìžì„¸í•œ ë‚´ìš©ì€ <a href="#common-questions-and-answers">ì¼ë°˜ì ì¸ ì§ˆë¬¸ ë° ë‹µë³€</a>ì„ ì°¸ì¡°í•˜ì„¸ìš”. <ul> - <li><strong>2016-12-01</strong>: 부분 보안 패치 수준 문ìžì—´ìž…니다. + <li><strong>2016-12-01</strong>: 부분 보안 패치 수준 문ìžì—´ìž…니다. ì´ ë³´ì•ˆ 패치 수준 문ìžì—´ì€ 2016-12-01 ë° ì´ì „ì˜ ëª¨ë“ ë³´ì•ˆ 패치 수준 문ìžì—´ê³¼ ê´€ë ¨ëœ ë¬¸ì œê°€ ëª¨ë‘ í•´ê²°ë˜ì—ˆìŒì„ 나타냅니다.</li> <li><strong>2016-12-05</strong>: ì „ì²´ 보안 패치 수준 문ìžì—´ìž…니다. ì´ ë³´ì•ˆ 패치 수준 @@ -71,299 +71,6 @@ Google 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌웨 <li>지ì›ë˜ëŠ” Google 기기는 2016ë…„ 12ì›” 5ì¼ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì˜ ë‹¨ì¼ OTA ì—…ë°ì´íŠ¸ë¥¼ 받게 ë©ë‹ˆë‹¤.</li> </ul> -<h2 id="security-vulnerability-summary">보안 취약성 요약</h2> -<p> -아래 í‘œì—는 보안 취약성 목ë¡, ì¼ë°˜ì ì¸ ì·¨ì•½ì„± ë° ë…¸ì¶œ ID(CVE), -심ê°ë„ í‰ê°€ ë° Google 기기가 ì˜í–¥ì„ 받는지 여부가 -í¬í•¨ë˜ì–´ 있습니다. <a href="/security/overview/updates-resources.html#severity">심ê°ë„ í‰ê°€</a>는 -개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화를 ì‚¬ìš©í• ìˆ˜ 없거나 -ìš°íšŒì— ì„±ê³µí•œ 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ 받는 ì˜í–¥ì„ -기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤. -</p> -<h3 id="2016-12-01-summary">2016-12-01 보안 패치 수준—취약성 요약</h3> -<p> -ë‹¤ìŒ ë¬¸ì œëŠ” 2016-12-01 보안 패치 수준 ì´ìƒì—ì„œ í•´ê²°ë©ë‹ˆë‹¤. -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>ë¬¸ì œ</th> - <th>CVE</th> - <th>심ê°ë„</th> - <th>Google ê¸°ê¸°ì— ì˜í–¥ 여부</th> - </tr> - <tr> - <td>CURL/LIBCURLì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2016-5419, CVE-2016-5420, CVE-2016-5421</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>libziparchiveì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6762</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì „í™” ê¸°ëŠ¥ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-6763</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-6766, CVE-2016-6765, CVE-2016-6764, CVE-2016-6767</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Framesequence ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2016-6768</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Smart Lockì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6769</td> - <td>보통</td> - <td>아니요*</td> - </tr> - <tr> - <td>í”„ë ˆìž„ì›Œí¬ APIì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6770</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>ì „í™” ê¸°ëŠ¥ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6771</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Wi-Fiì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6772</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-6773</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>패키지 관리ìžì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-6774</td> - <td>보통</td> - <td>예</td> - </tr> -</table> -<p> -* 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ -ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. -</p> -<h3 id="2016-12-05-summary">2016-12-05 -보안 패치 수준—취약성 요약</h3> -<p> -2016-12-01ì˜ ëª¨ë“ ë¬¸ì œì™€ ë‹¤ìŒ ë¬¸ì œëŠ” 2016-12-05 -보안 패치 수준 ì´ìƒì—ì„œ í•´ê²°ë©ë‹ˆë‹¤. -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>ë¬¸ì œ</th> - <th>CVE</th> - <th>심ê°ë„</th> - <th>Google ê¸°ê¸°ì— ì˜í–¥ 여부</th> - </tr> - <tr> - <td>ì»¤ë„ ë©”ëª¨ë¦¬ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-4794, CVE-2016-5195</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6775, CVE-2016-6776, CVE-2016-6777</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>커ë„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2015-8966</td> - <td>심ê°</td> - <td>아니요*</td> - </tr> - <tr> - <td>NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6915, CVE-2016-6916, CVE-2016-6917</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ION ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-9120</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm êµ¬ì„±ìš”ì†Œì˜ ì·¨ì•½ì„±</td> - <td>CVE-2016-8411</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ íŒŒì¼ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2014-4014</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>커ë„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2015-8967</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>HTC 사운드 ì½”ë± ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6778, CVE-2016-6779, CVE-2016-6780</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6492, CVE-2016-6781, CVE-2016-6782, CVE-2016-6783, - CVE-2016-6784, CVE-2016-6785</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>Qualcomm 미디어 ì½”ë±ì˜ 권한 승격 취약성</td> - <td>CVE-2016-6761, CVE-2016-6760, CVE-2016-6759, CVE-2016-6758</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6755</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ì„±ëŠ¥ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6786, CVE-2016-6787</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek I2C ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6788</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>NVIDIA libomx ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성</td> - <td>CVE-2016-6789, CVE-2016-6790</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-6791, CVE-2016-8391, CVE-2016-8392</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ë³´ì•ˆ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2015-7872</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-8393, CVE-2016-8394</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Broadcom Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2014-9909, CVE-2014-9910</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8396</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8397</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>GPSì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-5341</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-8395</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-8399</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm êµ¬ì„±ìš”ì†Œì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-6756, CVE-2016-6757</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA librm ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8400</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ êµ¬ì„±ìš”ì†Œì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8401, CVE-2016-8402, CVE-2016-8403, CVE-2016-8404, - CVE-2016-8405, CVE-2016-8406, CVE-2016-8407</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8408, CVE-2016-8409</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8410</td> - <td>보통</td> - <td>예</td> - </tr> -</table> -<p> -* 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ -ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. -</p> <h2 id="mitigations">Android ë° Google 서비스 완화</h2> <p> 다ìŒì€ SafetyNetê³¼ ê°™ì€ <a href="/security/enhancements/index.html">Android 보안 플랫í¼</a> ë° @@ -375,8 +82,8 @@ Google 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌웨 <li>Android í”Œëž«í¼ ìµœì‹ ë²„ì „ì˜ í–¥ìƒëœ 기능으로 Androidì˜ ì—¬ëŸ¬ ë¬¸ì œë¥¼ 악용하기가 ë”ìš± ì–´ë ¤ì›Œì¡ŒìŠµë‹ˆë‹¤. 가능하다면 ëª¨ë“ ì‚¬ìš©ìžëŠ” ìµœì‹ ë²„ì „ì˜ Androidë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</li> -<li>Android 보안팀ì—서는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì„ ì„¤ì¹˜í• ê²½ìš° -사용ìžì—게 ê²½ê³ ë¥¼ ë³´ë‚´ë„ë¡ ì„¤ê³„ëœ <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">앱 ì¸ì¦ ë° SafetyNet</a>ì„ ì‚¬ìš©í•˜ì—¬ +<li>Android 보안팀ì—서는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì— ê´€í•´ +사용ìžì—게 ê²½ê³ ë¥¼ 보내는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">앱 ì¸ì¦ ë° SafetyNet</a>ì„ ì‚¬ìš©í•˜ì—¬ 악용사례를 ì ê·¹ì 으로 모니터ë§í•©ë‹ˆë‹¤. 앱 ì¸ì¦ì€ <a href="http://www.android.com/gms">Google ëª¨ë°”ì¼ ì„œë¹„ìŠ¤</a>ê°€ ì ìš©ëœ ê¸°ê¸°ì— ê¸°ë³¸ì 으로 사용 ì„¤ì •ë˜ì–´ 있으며 Google Play 외부ì—ì„œ ì• í”Œë¦¬ì¼€ì´ì…˜ì„ 설치하는 사용ìžì—게 특히 중요합니다. Google @@ -386,7 +93,7 @@ Play ë‚´ì—ì„œ 기기 루팅 ë„구는 금지ë˜ì–´ 있지만 권한 승격 ì·¨ì•½ì„±ì„ ì•…ìš©í•˜ëŠ” 것으로 ì•Œë ¤ì§„ 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‹ë³„í•˜ê³ ì°¨ë‹¨í•©ë‹ˆë‹¤. ì´ëŸ¬í•œ ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì´ë¯¸ ì„¤ì¹˜ëœ ê²½ìš° 앱 ì¸ì¦ì—ì„œ 사용ìžì—게 ì´ë¥¼ ì•Œë¦¬ê³ ê°ì§€ëœ ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‚ì œí•˜ë ¤ê³ ì‹œë„합니다.</li> -<li>가능한 경우 Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— +<li>Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— ë¯¸ë””ì–´ë¥¼ ìžë™ìœ¼ë¡œ ì „ë‹¬í•˜ì§€ 않습니다.</li> </ul> @@ -410,7 +117,7 @@ Play ë‚´ì—ì„œ 기기 루팅 ë„구는 금지ë˜ì–´ 있지만 IceSword Labì˜ Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6779, CVE-2016-6778, CVE-2016-8401, CVE-2016-8402, CVE-2016-8403, CVE-2016-8409, CVE-2016-8408, CVE-2016-8404</li> - <li>Qihoo 360 Technology Co. Ltd, IceSword Labì˜ Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: + <li>Qihoo 360 Technology Co. Ltd, IceSword Labì˜ Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-6788, CVE-2016-6781, CVE-2016-6782, CVE-2016-8396</li> <li><a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>, <a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Chiachih Wu(<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Xuxian Jiang: CVE-2016-6791, CVE-2016-8391, CVE-2016-8392</li> @@ -461,18 +168,14 @@ Googleì˜ Yong Wang(王勇)(<a href="https://twitter.com/ThomasKing2014">@Thomas <h2 id="2016-12-01-details">2016-12-01 보안 패치 수준—취약성 ì„¸ë¶€ì •ë³´</h2> <p> -ë‹¤ìŒ ì„¹ì…˜ì—서는 ìœ„ì˜ <a href="#2016-12-01-summary">2016-12-01 보안 패치 수준— -취약성 요약</a>ì— ë‚˜ì—´ëœ ê° ì·¨ì•½ì„±ì˜ ì„¸ë¶€ì •ë³´ë¥¼ -확ì¸í• 수 있습니다. - 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° CVE, -ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Google 기기, -ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œ ë“±ì´ -í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 +ë‹¤ìŒ ì„¹ì…˜ì—서는 2016-12-01 패치 ìˆ˜ì¤€ì— ì ìš©ë˜ëŠ” +ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° +CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Google 기기, +ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œ ë“±ì´ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ 버그 IDì— ì—°ê²°í•©ë‹ˆë‹¤. í•˜ë‚˜ì˜ ë²„ê·¸ì™€ ê´€ë ¨ëœ ë³€ê²½ì‚¬í•ì´ 여러 ê°œì¸ ê²½ìš° 추가 참조가 버그 ID 다ìŒì— 오는 ë²ˆí˜¸ì— ì—°ê²°ë˜ì–´ 있습니다.</p> - <h3 id="rce-in-curl-libcurl">CURL/LIBCURLì˜ ì›ê²© 코드 실행 취약성</h3> <p> @@ -484,13 +187,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -522,8 +225,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>7.0</td> <td>2016ë…„ 8ì›” 3ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-libziparchive">libziparchiveì˜ ê¶Œí•œ 승격 취약성</h3> @@ -536,13 +238,13 @@ libziparchive ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 ì•… </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -561,8 +263,7 @@ libziparchive ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 ì•… <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>2016ë…„ 8ì›” 28ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-telephony">ì „í™” ê¸°ëŠ¥ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p> @@ -573,13 +274,13 @@ libziparchive ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 ì•… </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -596,8 +297,7 @@ libziparchive ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 ì•… <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>2016ë…„ 9ì›” 12ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p> @@ -607,13 +307,13 @@ libziparchive ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 ì•… </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -656,14 +356,13 @@ libziparchive ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 ì•… <td>4.4.4</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p> * 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. </p> - <h3 id="rce-in-framesequence-library">Framesequence ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì›ê²© 코드 실행 취약성</h3> <p> @@ -675,13 +374,13 @@ Framesequence ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì›ê²© 코드 실행 취약성으로 ì¸í•´ 특 </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -698,8 +397,7 @@ Framesequence ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì›ê²© 코드 실행 취약성으로 ì¸í•´ 특 <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>2016ë…„ 9ì›” 19ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-smart-lock">Smart Lockì˜ ê¶Œí•œ 승격 취약성</h3> @@ -711,13 +409,13 @@ Smart Lock ì„¤ì •ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 사용ìžê°€ ë </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -733,13 +431,12 @@ Smart Lock ì„¤ì •ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 사용ìžê°€ ë <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 5ì›” 27ì¼</td> </tr> -</table> +</tbody></table> <p> * 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. </p> - <h3 id="eop-in-framework-apis">í”„ë ˆìž„ì›Œí¬ APIì˜ ê¶Œí•œ 승격 취약성</h3> <p> @@ -750,13 +447,13 @@ Smart Lock ì„¤ì •ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 사용ìžê°€ ë </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -773,8 +470,7 @@ Smart Lock ì„¤ì •ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 사용ìžê°€ ë <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>2016ë…„ 7ì›” 16ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-telephony">ì „í™” ê¸°ëŠ¥ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -785,13 +481,13 @@ Smart Lock ì„¤ì •ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 사용ìžê°€ ë </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -808,8 +504,7 @@ Smart Lock ì„¤ì •ì— ì•¡ì„¸ìŠ¤í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” 사용ìžê°€ ë <td>6.0, 6.0.1, 7.0</td> <td>2016ë…„ 9ì›” 17ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Wi-Fiì˜ ê¶Œí•œ 승격 취약성</h3> <p> @@ -820,13 +515,13 @@ Wi-Fiì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -844,8 +539,7 @@ Wi-Fiì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>2016ë…„ 9ì›” 30ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -857,13 +551,13 @@ Wi-Fiì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -881,8 +575,7 @@ Wi-Fiì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì <td>6.0, 6.0.1, 7.0</td> <td>2016ë…„ 7ì›” 27ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-package-manager">패키지 관리ìžì˜ ì •ë³´ 공개 취약성</h3> @@ -894,13 +587,13 @@ Wi-Fiì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -917,15 +610,13 @@ Wi-Fiì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì <td>7.0</td> <td>2016ë…„ 8ì›” 29ì¼</td> </tr> -</table> - +</tbody></table> <h2 id="2016-12-05-details">2016-12-05 보안 패치 수준—취약성 ì„¸ë¶€ì •ë³´</h2> <p> -ë‹¤ìŒ ì„¹ì…˜ì—서는 ìœ„ì˜ <a href="#2016-12-05-summary">2016-12-05 보안 패치 수준— -취약성 요약</a>ì— ë‚˜ì—´ëœ ê° ë³´ì•ˆ ì·¨ì•½ì„±ì˜ ì„¸ë¶€ì •ë³´ë¥¼ -확ì¸í• 수 있습니다. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° +ë‹¤ìŒ ì„¹ì…˜ì—서는 2016-12-05 패치 ìˆ˜ì¤€ì— ì ìš©ë˜ëŠ” +ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Google 기기, ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œ ë“±ì´ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ 버그 IDì— @@ -943,12 +634,12 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -957,7 +648,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2016-4794</td> - <td>A-31596597<br> + <td>A-31596597<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"> 업스트림 커ë„</a> [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> @@ -967,7 +658,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2016-5195</td> - <td>A-32141528<br> + <td>A-32141528<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> 업스트림 커ë„</a> [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> @@ -976,8 +667,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² Player, Pixel, Pixel XL</td> <td>2016ë…„ 10ì›” 12ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -990,12 +680,12 @@ NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1004,26 +694,26 @@ NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2016-6775</td> - <td>A-31222873*<br>N-CVE-2016-6775</td> + <td>A-31222873*<br />N-CVE-2016-6775</td> <td>심ê°</td> <td>Nexus 9</td> <td>2016ë…„ 8ì›” 25ì¼</td> </tr> <tr> <td>CVE-2016-6776</td> - <td>A-31680980*<br>N-CVE-2016-6776</td> + <td>A-31680980*<br />N-CVE-2016-6776</td> <td>심ê°</td> <td>Nexus 9</td> <td>2016ë…„ 9ì›” 22ì¼</td> </tr> <tr> <td>CVE-2016-6777</td> - <td>A-31910462*<br>N-CVE-2016-6777</td> + <td>A-31910462*<br />N-CVE-2016-6777</td> <td>심ê°</td> <td>Nexus 9</td> <td>2016ë…„ 10ì›” 3ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1040,12 +730,12 @@ NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1054,20 +744,19 @@ NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2015-8966</td> - <td>A-31435731<br> + <td>A-31435731<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> 업스트림 커ë„</a></td> <td>심ê°</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 9ì›” 10ì¼</td> </tr> -</table> +</tbody></table> <p> * 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. </p> - <h3 id="eop-in-nvidia-video-driver">NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p> @@ -1079,12 +768,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1094,7 +783,7 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <tr> <td>CVE-2016-6915</td> <td>A-31471161* - <br>N-CVE-2016-6915</td> + <br />N-CVE-2016-6915</td> <td>심ê°</td> <td>Nexus 9</td> <td>2016ë…„ 9ì›” 13ì¼</td> @@ -1102,7 +791,7 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <tr> <td>CVE-2016-6916</td> <td>A-32072350* - <br>N-CVE-2016-6916</td> + <br />N-CVE-2016-6916</td> <td>심ê°</td> <td>Nexus 9, Pixel C</td> <td>2016ë…„ 9ì›” 13ì¼</td> @@ -1110,12 +799,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <tr> <td>CVE-2016-6917</td> <td>A-32072253* - <br>N-CVE-2016-6917</td> + <br />N-CVE-2016-6917</td> <td>심ê°</td> <td>Nexus 9</td> <td>2016ë…„ 9ì›” 13ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1132,12 +821,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1146,27 +835,27 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2016-9120</td> - <td>A-31568617<br> + <td>A-31568617<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> 업스트림 커ë„</a></td> <td>심ê°</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player</td> <td>2016ë…„ 9ì›” 16ì¼</td> </tr> -</table> +</tbody></table> -<h3>Qualcomm êµ¬ì„±ìš”ì†Œì˜ ì·¨ì•½ì„±</h3> +<h3 id="vulnerabilities-in-qc-components">Qualcomm êµ¬ì„±ìš”ì†Œì˜ ì·¨ì•½ì„±</h3> <p> ë‹¤ìŒ ì·¨ì•½ì„±ì€ Qualcomm êµ¬ì„±ìš”ì†Œì— ì˜í–¥ì„ 주며 Qualcomm AMSS 2015ë…„ 11ì›” 보안 게시íŒì— ìžì„¸ížˆ 설명ë˜ì–´ 있습니다. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„*</th> @@ -1180,7 +869,7 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <td>Nexus 6, Nexus 6P, Android One</td> <td>Qualcomm 사내용</td> </tr> -</table> +</tbody></table> <p>* ì´ ì·¨ì•½ì„±ì˜ ì‹¬ê°ë„ ë“±ê¸‰ì€ ê³µê¸‰ì—…ì²´ì—ì„œ ê²°ì •í•œ 것입니다.</p> <p>** ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1198,12 +887,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1212,15 +901,14 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2014-4014</td> - <td>A-31252187<br> + <td>A-31252187<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> 업스트림 커ë„</a></td> <td>높ìŒ</td> <td>Nexus 6, Nexus Player</td> <td>2014ë…„ 6ì›” 10ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-2">커ë„ì˜ ê¶Œí•œ 승격 취약성</h3> <p> @@ -1231,12 +919,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1245,15 +933,14 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2015-8967</td> - <td>A-31703084<br> + <td>A-31703084<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> 업스트림 커ë„</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Pixel, Pixel XL</td> <td>2015ë…„ 1ì›” 8ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-htc-sound-codec-driver">HTC 사운드 ì½”ë± ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1265,12 +952,12 @@ HTC 사운드 ì½”ë± ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1298,7 +985,7 @@ HTC 사운드 ì½”ë± ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <td>Nexus 9</td> <td>2016ë…„ 8ì›” 30ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1315,12 +1002,12 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1329,53 +1016,52 @@ MediaTek ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2016-6492</td> - <td>A-28175122<br>MT-ALPS02696413</td> + <td>A-28175122<br />MT-ALPS02696413</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 4ì›” 11ì¼</td> </tr> <tr> <td>CVE-2016-6781</td> - <td>A-31095175<br>MT-ALPS02943455</td> + <td>A-31095175<br />MT-ALPS02943455</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 8ì›” 22ì¼</td> </tr> <tr> <td>CVE-2016-6782</td> - <td>A-31224389<br>MT-ALPS02943506</td> + <td>A-31224389<br />MT-ALPS02943506</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 8ì›” 24ì¼</td> </tr> <tr> <td>CVE-2016-6783</td> - <td>A-31350044<br>MT-ALPS02943437</td> + <td>A-31350044<br />MT-ALPS02943437</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 9ì›” 6ì¼</td> </tr> <tr> <td>CVE-2016-6784</td> - <td>A-31350755<br>MT-ALPS02961424</td> + <td>A-31350755<br />MT-ALPS02961424</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 9ì›” 6ì¼</td> </tr> <tr> <td>CVE-2016-6785</td> - <td>A-31748056<br>MT-ALPS02961400</td> + <td>A-31748056<br />MT-ALPS02961400</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 9ì›” 25ì¼</td> </tr> -</table> +</tbody></table> <p> * 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. </p> - <h3 id="eop-in-qualcomm-media-codecs">Qualcomm 미디어 ì½”ë±ì˜ 권한 승격 취약성</h3> <p> @@ -1387,12 +1073,12 @@ Qualcomm 미디어 ì½”ë±ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 악성 </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1402,7 +1088,7 @@ Qualcomm 미디어 ì½”ë±ì˜ 권한 승격 취약성으로 ì¸í•´ 로컬 악성 <tr> <td>CVE-2016-6761</td> <td>A-29421682* - <br>QC-CR#1055792</td> + <br />QC-CR#1055792</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> @@ -1411,7 +1097,7 @@ Pixel XL</td> <tr> <td>CVE-2016-6760</td> <td>A-29617572* - <br>QC-CR#1055783</td> + <br />QC-CR#1055783</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> @@ -1420,7 +1106,7 @@ Pixel XL</td> <tr> <td>CVE-2016-6759</td> <td>A-29982686* - <br>QC-CR#1055766</td> + <br />QC-CR#1055766</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> @@ -1429,13 +1115,13 @@ Pixel XL</td> <tr> <td>CVE-2016-6758</td> <td>A-30148882* - <br>QC-CR#1071731</td> + <br />QC-CR#1071731</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> <td>2016ë…„ 7ì›” 13ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1447,17 +1133,17 @@ Pixel XL</td> <p> Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 -ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ ì ˆì°¨ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 +ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1466,15 +1152,14 @@ Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2016-6755</td> - <td>A-30740545<br> + <td>A-30740545<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> QC-CR#1065916</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 8ì›” 3ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-performance-subsystem">ì»¤ë„ ì„±ëŠ¥ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1485,12 +1170,12 @@ QC-CR#1065916</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1515,8 +1200,7 @@ Player, Pixel, Pixel XL</td> Player, Pixel, Pixel XL</td> <td>2016ë…„ 8ì›” 22ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1528,12 +1212,12 @@ MediaTek I2C ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1542,18 +1226,17 @@ MediaTek I2C ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2016-6788</td> - <td>A-31224428<br>MT-ALPS02943467</td> + <td>A-31224428<br />MT-ALPS02943467</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 8ì›” 24ì¼</td> </tr> -</table> +</tbody></table> <p> * 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. </p> - <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ 권한 승격 취약성</h3> <p> @@ -1565,12 +1248,12 @@ NVIDIA libomx ë¼ì´ë¸ŒëŸ¬ë¦¬(libnvomx)ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1580,7 +1263,7 @@ NVIDIA libomx ë¼ì´ë¸ŒëŸ¬ë¦¬(libnvomx)ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <tr> <td>CVE-2016-6789</td> <td>A-31251973* - <br>N-CVE-2016-6789</td> + <br />N-CVE-2016-6789</td> <td>높ìŒ</td> <td>Pixel C</td> <td>2016ë…„ 8ì›” 29ì¼</td> @@ -1588,12 +1271,12 @@ NVIDIA libomx ë¼ì´ë¸ŒëŸ¬ë¦¬(libnvomx)ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <tr> <td>CVE-2016-6790</td> <td>A-31251628* - <br>N-CVE-2016-6790</td> + <br />N-CVE-2016-6790</td> <td>높ìŒ</td> <td>Pixel C</td> <td>2016ë…„ 8ì›” 28ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1610,12 +1293,12 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1624,7 +1307,7 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2016-6791</td> - <td>A-31252384<br> + <td>A-31252384<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1071809</a></td> <td>높ìŒ</td> @@ -1633,7 +1316,7 @@ QC-CR#1071809</a></td> </tr> <tr> <td>CVE-2016-8391</td> - <td>A-31253255<br> + <td>A-31253255<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1072166</a></td> <td>높ìŒ</td> @@ -1642,15 +1325,14 @@ QC-CR#1072166</a></td> </tr> <tr> <td>CVE-2016-8392</td> - <td>A-31385862<br> + <td>A-31385862<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1073136</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 9ì›” 8ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-security-subsystem">ì»¤ë„ ë³´ì•ˆ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1662,12 +1344,12 @@ QC-CR#1073136</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1676,7 +1358,7 @@ QC-CR#1073136</a></td> </tr> <tr> <td>CVE-2015-7872</td> - <td>A-31253168<br> + <td>A-31253168<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> 업스트림 커ë„</a></td> <td>높ìŒ</td> @@ -1684,25 +1366,24 @@ QC-CR#1073136</a></td> Pixel XL</td> <td>2016ë…„ 8ì›” 31ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p> Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ 커ë„ì˜ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 -ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ ì ˆì°¨ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 +ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ë¨¼ì € ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1723,7 +1404,7 @@ Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ <td>Nexus 9, Android One</td> <td>2016ë…„ 9ì›” 8ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1740,12 +1421,12 @@ Broadcom Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1754,25 +1435,24 @@ Broadcom Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ </tr> <tr> <td>CVE-2014-9909</td> - <td>A-31676542<br>B-RB#26684</td> + <td>A-31676542<br />B-RB#26684</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 9ì›” 21ì¼</td> </tr> <tr> <td>CVE-2014-9910</td> - <td>A-31746399<br>B-RB#26710</td> + <td>A-31746399<br />B-RB#26710</td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>2016ë…„ 9ì›” 26ì¼</td> </tr> -</table> +</tbody></table> <p> * 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. </p> - <h3 id="id-in-mediatek-video-driver">MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <p> @@ -1783,12 +1463,12 @@ MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1802,13 +1482,12 @@ MediaTek ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì <td>ì—†ìŒ*</td> <td>2016ë…„ 8ì›” 26ì¼</td> </tr> -</table> +</tbody></table> <p> * 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다. </p> - <h3 id="id-in-nvidia-video-driver">NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <p> @@ -1819,12 +1498,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì•… </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1833,13 +1512,13 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì•… </tr> <tr> <td>CVE-2016-8397</td> - <td>A-31385953*<br> + <td>A-31385953*<br /> N-CVE-2016-8397</td> <td>높ìŒ</td> <td>Nexus 9</td> <td>2016ë…„ 9ì›” 8ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1854,12 +1533,12 @@ Qualcomm GPS êµ¬ì„±ìš”ì†Œì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성으로 ì¸í•´ ì›ê²© </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1874,7 +1553,7 @@ Qualcomm GPS êµ¬ì„±ìš”ì†Œì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성으로 ì¸í•´ ì›ê²© Pixel XL</td> <td>2016ë…„ 6ì›” 21ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1891,12 +1570,12 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성으로 ì¸í•´ ê³ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1906,12 +1585,12 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성으로 ì¸í•´ ê³ <tr> <td>CVE-2016-8395</td> <td>A-31403040* - <br>N-CVE-2016-8395</td> + <br />N-CVE-2016-8395</td> <td>높ìŒ</td> <td>Pixel C</td> <td>2016ë…„ 9ì›” 9ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1929,12 +1608,12 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성으로 ì¸í•´ ê³ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1949,7 +1628,7 @@ NVIDIA ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성으로 ì¸í•´ ê³ Player, Pixel, Pixel XL</td> <td>2016ë…„ 9ì›” 5ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -1966,12 +1645,12 @@ Player, Pixel, Pixel XL</td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1980,7 +1659,7 @@ Player, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2016-6756</td> - <td>A-29464815<br> + <td>A-29464815<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> QC-CR#1042068</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> @@ -1990,15 +1669,14 @@ Player, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2016-6757</td> - <td>A-30148242<br> + <td>A-30148242<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> QC-CR#1052821</a></td> <td>보통</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> <td>2016ë…„ 7ì›” 13ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-librm-library">NVIDIA librm ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì •ë³´ 공개 취약성</h3> @@ -2010,12 +1688,12 @@ NVIDIA librm ë¼ì´ë¸ŒëŸ¬ë¦¬(libnvrm)ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2025,12 +1703,12 @@ NVIDIA librm ë¼ì´ë¸ŒëŸ¬ë¦¬(libnvrm)ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ <tr> <td>CVE-2016-8400</td> <td>A-31251599* - <br>N-CVE-2016-8400</td> + <br />N-CVE-2016-8400</td> <td>보통</td> <td>Pixel C</td> <td>2016ë…„ 8ì›” 29ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -2048,12 +1726,12 @@ ION 하위 시스템, Binder, USB ë“œë¼ì´ë²„, ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì„ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2113,7 +1791,7 @@ Player, Pixel, Pixel XL</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 9ì›” 28ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -2131,12 +1809,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì•… </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2146,7 +1824,7 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì•… <tr> <td>CVE-2016-8408</td> <td>A-31496571* - <br>N-CVE-2016-8408</td> + <br />N-CVE-2016-8408</td> <td>보통</td> <td>Nexus 9</td> <td>2016ë…„ 9ì›” 13ì¼</td> @@ -2154,12 +1832,12 @@ NVIDIA ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì•… <tr> <td>CVE-2016-8409</td> <td>A-31495687* - <br>N-CVE-2016-8409</td> + <br />N-CVE-2016-8409</td> <td>보통</td> <td>Nexus 9</td> <td>2016ë…„ 9ì›” 13ì¼</td> </tr> -</table> +</tbody></table> <p> * ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ @@ -2175,12 +1853,12 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2189,14 +1867,14 @@ Qualcomm 사운드 ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ 로컬 ì </tr> <tr> <td>CVE-2016-8410</td> - <td>A-31498403<br> + <td>A-31498403<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> QC-CR#987010</a></td> <td>보통</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">ì¼ë°˜ì ì¸ ì§ˆë¬¸ ë° ë‹µë³€</h2> <p> @@ -2208,7 +1886,7 @@ QC-CR#987010</a></td> </p> <p> ê¸°ê¸°ì˜ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì„ í™•ì¸í•˜ëŠ” ë°©ë²•ì„ ì•Œì•„ë³´ë ¤ë©´ -<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì˜ +<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì˜ ì•ˆë‚´ë¥¼ ì½ì–´ 보세요. </p> <ul> @@ -2226,12 +1904,11 @@ QC-CR#987010</a></td> <li>[ro.build.version.security_patch]:[2016-12-05]</li> </ul> <p> -<strong>2. ì´ ê²Œì‹œíŒì— 세 가지 보안 패치 ìˆ˜ì¤€ì´ ìžˆëŠ” ì´ìœ ê°€ 무엇ì¸ê°€ìš”?</strong> +<strong>2. ì´ ê²Œì‹œíŒì— ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ ìžˆëŠ” ì´ìœ ê°€ 무엇ì¸ê°€ìš”?</strong> </p> <p> ì´ ê²Œì‹œíŒì—서는 Android 파트너가 ëª¨ë“ Android 기기ì—ì„œ ìœ ì‚¬í•˜ê²Œ ë°œìƒí•˜ëŠ” -취약성 ë¬¸ì œì˜ ì¼ë¶€ë¥¼ ë”ìš± ë¹ ë¥´ê³ ìœ ì—°í•˜ê²Œ 해결하기 위한 ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ -í¬í•¨ë˜ì–´ 있습니다. Android 파트너는 ì´ ê²Œì‹œíŒì— ì–¸ê¸‰ëœ ë¬¸ì œë¥¼ ëª¨ë‘ ìˆ˜ì •í•˜ê³ +취약성 ë¬¸ì œì˜ ì¼ë¶€ë¥¼ ë”ìš± ë¹ ë¥´ê³ ìœ ì—°í•˜ê²Œ 해결하ë„ë¡ í•˜ê¸° 위해 ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ í¬í•¨ë˜ì–´ 있습니다. Android 파트너는 ì´ ê²Œì‹œíŒì— ì–¸ê¸‰ëœ ë¬¸ì œë¥¼ ëª¨ë‘ ìˆ˜ì •í•˜ê³ ìµœì‹ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì„ ì‚¬ìš©í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤. </p> <ul> @@ -2249,19 +1926,19 @@ QC-CR#987010</a></td> <strong>3. ë¬¸ì œë³„ë¡œ ì˜í–¥ì„ 받는 Google 기기는 어떻게 ì•Œ 수 있나요?</strong> </p> <p> -<a href="#2016-12-01-details">2016ë…„ 12ì›” 1ì¼</a> ë° <a href="#2016-12-05-details">2016ë…„ 12ì›” 5ì¼</a> 보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í…Œì´ë¸”ì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ì˜í–¥ì„ 받는 Google ê¸°ê¸°ì˜ ë²”ìœ„ê°€ ë¬¸ì œë³„ë¡œ ì—…ë°ì´íŠ¸ë˜ì–´ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤. +<a href="#2016-12-01-details">2016-12-01</a> ë° <a href="#2016-12-05-details">2016-12-05</a> 보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ì˜í–¥ì„ 받는 Google ê¸°ê¸°ì˜ ë²”ìœ„ê°€ ë¬¸ì œë³„ë¡œ ì—…ë°ì´íŠ¸ë˜ì–´ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤. </p> <ul> <li><strong>ëª¨ë“ Google 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Google 기기 ë° Pixel ê¸°ê¸°ì— - ì˜í–¥ì„ 미치는 경우 í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— - '모ë‘'ë¼ê³ 표시ë©ë‹ˆë‹¤. '모ë‘'ì—는 다ìŒê³¼ ê°™ì€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">지ì›ë˜ëŠ” 기기</a>ê°€ - í¬í•¨ë©ë‹ˆë‹¤. Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9, - Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> - <li><strong>ì¼ë¶€ Google 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 ê²ƒì´ - ì•„ë‹ ê²½ìš°, ì˜í–¥ì„ 받는 Google 기기가 <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— + ì˜í–¥ì„ 미치는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— + '모ë‘'ë¼ê³ 표시ë©ë‹ˆë‹¤. '모ë‘'는 다ìŒê³¼ ê°™ì€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">지ì›ë˜ëŠ” 기기</a>를 + í¬í•¨í•©ë‹ˆë‹¤. Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, + Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.</li> + <li><strong>ì¼ë¶€ Google 기기</strong>: ë¬¸ì œê°€ ì¼ë¶€ Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, + ì˜í–¥ì„ 받는 Google 기기가 <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— í‘œì‹œë©ë‹ˆë‹¤.</li> - <li><strong>Google 기기 해당없ìŒ</strong>: ë¬¸ì œê°€ Android 7.0ì„ ì‹¤í–‰í•˜ëŠ” Google ê¸°ê¸°ì— - ì˜í–¥ì„ 미치지 않는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— 'ì—†ìŒ'ì´ + <li><strong>Google 기기 해당 ì—†ìŒ</strong>: ë¬¸ì œê°€ Android 7.0ì„ ì‹¤í–‰í•˜ëŠ” Google ê¸°ê¸°ì— + ì˜í–¥ì„ 미치지 않는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— 'ì—†ìŒ'ì´ë¼ê³ 표시ë©ë‹ˆë‹¤.</li> </ul> <p> @@ -2273,9 +1950,9 @@ QC-CR#987010</a></td> 다ìŒê³¼ ê°™ì´ ë§¤í•‘ë©ë‹ˆë‹¤. </p> <table> - <tr> + <tbody><tr> <th>ì ‘ë‘ì–´</th> - <th>참조 문서</th> + <th>참조</th> </tr> <tr> <td>A-</td> @@ -2297,13 +1974,14 @@ QC-CR#987010</a></td> <td>B-</td> <td>Broadcom 참조 번호</td> </tr> -</table> +</tbody></table> <h2 id="revisions">ìˆ˜ì • ë‚´ì—</h2> <ul> <li>2016ë…„ 12ì›” 5ì¼: 게시íŒì´ 게시ë¨</li> <li>2016ë…„ 12ì›” 7ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ AOSP ë§í¬ê°€ 추가ë˜ê³ CVE-2016-6915, CVE-2016-6916, CVE-2016-6917 ê¸°ì—¬ìž í‘œì‹œê°€ ì—…ë°ì´íŠ¸ë¨</li> + <li>2016ë…„ 12ì›” 21ì¼: CVE-2016-8411 설명 ë° + ì¼ë°˜ì ì¸ ì§ˆë¬¸ ë° ë‹µë³€ì˜ ì˜¤íƒ€ê°€ ìˆ˜ì •ë¨</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2017-03-01.html b/ko/security/bulletin/2017-03-01.html index 3db9f3ca..38133fb7 100644 --- a/ko/security/bulletin/2017-03-01.html +++ b/ko/security/bulletin/2017-03-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android 보안 게시íŒâ€”2017ë…„ 3ì›”</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -20,23 +19,27 @@ See the License for the specific language governing permissions and limitations under the License. --> + <p><em>2017ë…„ 3ì›” 6ì¼ ê²Œì‹œë¨ | 2017ë…„ 3ì›” 7ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> <p>Android 보안 게시íŒì€ Android ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 보안 취약성 ì„¸ë¶€ì •ë³´ë¥¼ 다룹니다. 게시íŒê³¼ 함께 ë¬´ì„ (OTA) ì—…ë°ì´íŠ¸ë¥¼ 통해 Google 기기 보안 ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌웨어 ì´ë¯¸ì§€ë„ <a href="https://developers.google.com/android/nexus/images">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì— ê²Œì‹œë˜ì—ˆìŠµë‹ˆë‹¤. 아래 목ë¡ì˜ ë¬¸ì œëŠ” 2017ë…„ 3ì›” 5ì¼ -보안 패치 수준 ì´ìƒì—ì„œ ëª¨ë‘ í•´ê²°ë©ë‹ˆë‹¤. <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì„ +보안 패치 수준 ì´ìƒì—ì„œ ëª¨ë‘ í•´ê²°ë©ë‹ˆë‹¤. <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì„ ì°¸ì¡°í•˜ì—¬ 기기 보안 패치 ìˆ˜ì¤€ì„ í™•ì¸í•˜ëŠ” ë°©ë²•ì„ ì•Œì•„ë³´ì„¸ìš”.</p> <p>파트너ì—게는 게시íŒì— ì„¤ëª…ëœ ë¬¸ì œì— ê´€í•œ ì•Œë¦¼ì„ 2017ë…„ 2ì›” 6ì¼ ì´ì „ì— ì „ë‹¬í–ˆìŠµë‹ˆë‹¤. ì´ëŸ¬í•œ ë¬¸ì œë¥¼ 해결하기 위한 소스 코드 패치는 Android 오픈소스 프로ì 트(AOSP) ì €ìž¥ì†Œì— ë°°í¬ë˜ì—ˆìœ¼ë©° ì´ ê²Œì‹œíŒì—ë„ ë§í¬ë˜ì–´ 있습니다. ì´ ê²Œì‹œíŒì—는 AOSP ì™¸ë¶€ì˜ íŒ¨ì¹˜ ë§í¬ë„ í¬í•¨ë˜ì–´ 있습니다.</p> <p>ì´ ì¤‘ 가장 심ê°í•œ ë¬¸ì œëŠ” 미디어 파ì¼ì„ ì²˜ë¦¬í• ë•Œ -ì´ë©”ì¼ê³¼ 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ -ì›ê²©ìœ¼ë¡œ 코드를 ì‹¤í–‰í• ìˆ˜ 있게 하는 심ê°í•œ 보안 취약성입니다.</p> +ì´ë©”ì¼, 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ +ì›ê²©ìœ¼ë¡œ 코드를 ì‹¤í–‰í• ìˆ˜ 있게 하는 심ê°í•œ 보안 취약성입니다. <a href="/security/overview/updates-resources.html#severity">심ê°ë„ +í‰ê°€</a>는 개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화가 사용 중지ë˜ì–´ 있거나 +우회ë˜ëŠ” 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ ë°›ì„ ìˆ˜ 있는 ì˜í–¥ì„ +기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤.</p> <p>ì‹¤ì œ ê³ ê°ì´ 새로 ë³´ê³ ëœ ì´ëŸ¬í•œ ë¬¸ì œë¡œ ì¸í•´ 악용당했다는 ì‹ ê³ ëŠ” ì ‘ìˆ˜ë˜ì§€ 않았습니다. <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>ê³¼ ê°™ì´ Android 플랫í¼ì˜ ë³´ì•ˆì„ ê°œì„ í•˜ëŠ” -<a href="{@docRoot}security/enhancements/index.html">Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° ì„œë¹„ìŠ¤ 보호 ê¸°ëŠ¥ì— ê´€í•´ +<a href="/security/enhancements/index.html">Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° ì„œë¹„ìŠ¤ 보호 ê¸°ëŠ¥ì— ê´€í•´ ìžì„¸ížˆ ì•Œì•„ë³´ë ¤ë©´ <a href="#mitigations">Android ë° Google 서비스 완화</a> ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> <p>ëª¨ë“ ê³ ê°ì€ 기기ì—ì„œ ì´ ì—…ë°ì´íŠ¸ë¥¼ 수ë½í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</p> @@ -44,7 +47,7 @@ Android 오픈소스 프로ì 트(AOSP) ì €ìž¥ì†Œì— ë°°í¬ë˜ì—ˆìœ¼ë©° ì´ ê²Œì <ul> <li>ì´ ê²Œì‹œíŒì—는 Android 파트너가 ëª¨ë“ Android 기기ì—ì„œ ìœ ì‚¬í•˜ê²Œ ë°œìƒí•˜ëŠ” 취약성 ë¬¸ì œì˜ ì¼ë¶€ë¥¼ ë”ìš± ë¹ ë¥´ê³ ìœ ì—°í•˜ê²Œ 해결하기 위한 -ë‘ ê°€ì§€ 보안 패치 수준 문ìžì—´ì´ í¬í•¨ë˜ì–´ 있습니다. ìžì„¸í•œ ë‚´ìš©ì€ <a href="#common-questions-and-answers">ì¼ë°˜ì ì¸ +ë‘ ê°€ì§€ 보안 패치 수준 문ìžì—´ì´ í¬í•¨ë˜ì–´ 있습니다. ìžì„¸í•œ ë‚´ìš©ì€ <a href="#common-questions-and-answers">ì¼ë°˜ì ì¸ ì§ˆë¬¸ ë° ë‹µë³€</a>ì„ ì°¸ì¡°í•˜ì„¸ìš”. <ul> <li><strong>2017-03-01</strong>: 부분 보안 패치 수준 문ìžì—´ìž…니다. ì´ @@ -58,404 +61,9 @@ Android 오픈소스 프로ì 트(AOSP) ì €ìž¥ì†Œì— ë°°í¬ë˜ì—ˆìœ¼ë©° ì´ ê²Œì <li>지ì›ë˜ëŠ” Google 기기는 2017ë…„ 3ì›” 5ì¼ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì˜ ë‹¨ì¼ OTA ì—…ë°ì´íŠ¸ë¥¼ 받게 ë©ë‹ˆë‹¤.</li> </ul> -<h2 id="security-vulnerability-summary">보안 취약성 요약</h2> -<p>아래 í‘œì—는 보안 취약성 목ë¡, ì¼ë°˜ì ì¸ ì·¨ì•½ì„± ë° ë…¸ì¶œ ID(CVE), -심ê°ë„ í‰ê°€ ë° Google 기기가 ì˜í–¥ì„ 받는지 여부가 -í¬í•¨ë˜ì–´ 있습니다. <a href="{@docRoot}security/overview/updates-resources.html#severity">심ê°ë„ í‰ê°€</a>는 -개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화를 ì‚¬ìš©í• ìˆ˜ 없거나 -ìš°íšŒì— ì„±ê³µí•œ 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ 받는 ì˜í–¥ì„ -기준으로 ë‚´ë ¤ì§‘ë‹ˆë‹¤.</p> -<h3 id="2017-03-01-summary">2017-03-01 -보안 패치 수준—취약성 요약</h3> -<p>ë‹¤ìŒ ë¬¸ì œëŠ” 2017-03-01 보안 패치 수준 ì´ìƒì—ì„œ í•´ê²°ë©ë‹ˆë‹¤.</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>ë¬¸ì œ</th> - <th>CVE</th> - <th>심ê°ë„</th> - <th>Google ê¸°ê¸°ì— ì˜í–¥ 여부</th> - </tr> - <tr> - <td>OpenSSL & BoringSSLì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2016-2182</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469, -CVE-2017-0470, CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0474</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>복구 ì¸ì¦ì˜ 권한 승격 취약성</td> - <td>CVE-2017-0475</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>AOSP ë©”ì‹œì§€ì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2017-0476</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>libgdxì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2017-0477</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Framesequence ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì›ê²© 코드 실행 취약성</td> - <td>CVE-2017-0478</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>NFCì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0481</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>오디오 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0479, CVE-2017-0480</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2017-0482, CVE-2017-0483, CVE-2017-0484, CVE-2017-0485, -CVE-2017-0486, CVE-2017-0487, CVE-2017-0488</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>위치 관리ìžì˜ 권한 승격 취약성</td> - <td>CVE-2017-0489</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Wi-Fiì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0490</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>패키지 관리ìžì˜ 권한 승격 취약성</td> - <td>CVE-2017-0491</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>시스템 UIì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0492</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>AOSP ë©”ì‹œì§€ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0494</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0495</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>ì„¤ì • ë§ˆë²•ì‚¬ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2017-0496</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2017-0497</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>ì„¤ì • ë§ˆë²•ì‚¬ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2017-0498</td> - <td>보통</td> - <td>아니요*</td> - </tr> - <tr> - <td>오디오 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2017-0499</td> - <td>ë‚®ìŒ</td> - <td>예</td> - </tr> -</table> -<p>* 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ -ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> -<h3 id="2017-03-05-summary">2017-03-05 -보안 패치 수준—취약성 요약</h3> -<p>2017-03-01ì˜ ëª¨ë“ ë¬¸ì œì™€ ë‹¤ìŒ ë¬¸ì œëŠ” 2017-03-05 -보안 패치 수준 ì´ìƒì—ì„œ í•´ê²°ë©ë‹ˆë‹¤.</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>ë¬¸ì œ</th> - <th>CVE</th> - <th>심ê°ë„</th> - <th>Google ê¸°ê¸°ì— ì˜í–¥ 여부</th> - </tr> - <tr> - <td>MediaTek êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, -CVE-2017-0504, CVE-2017-0505, CVE-2017-0506</td> - <td>심ê°</td> - <td>아니요*</td> - </tr> - <tr> - <td>NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0337, CVE-2017-0338, CVE-2017-0333, CVE-2017-0306, CVE-2017-0335</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ION 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0507, CVE-2017-0508</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>Broadcom Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0509</td> - <td>심ê°</td> - <td>아니요*</td> - </tr> - <tr> - <td>ì»¤ë„ FIQ ë””ë²„ê±°ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0510</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-8479</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-9806, CVE-2016-10200</td> - <td>심ê°</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm êµ¬ì„±ìš”ì†Œì˜ ì·¨ì•½ì„±</td> - <td>CVE-2016-8484, CVE-2016-8485, CVE-2016-8486, CVE-2016-8487, CVE-2016-8488</td> - <td>심ê°</td> - <td>아니요*</td> - </tr> - <tr> - <td>ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-8655, CVE-2016-9793</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ìž…ë ¥ 하드웨어 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0516</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek 하드웨어 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0517</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>Qualcomm ADSPRPC ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0457</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm 지문 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 -취약성</td> - <td>CVE-2017-0518, CVE-2017-0519</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm 암호화 엔진 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0520</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0458, CVE-2017-0521</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek APKì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0522</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0464, CVE-2017-0453, CVE-2017-0523</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0524</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm IPA ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0456, CVE-2017-0525</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>HTC 센서 허브 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0526, CVE-2017-0527</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0307</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>Qualcomm ë„¤íŠ¸ì›Œí¬ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0463, CVE-2017-0460</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ë³´ì•ˆ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2017-0528</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm SPCom ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</td> - <td>CVE-2016-5856, CVE-2016-5857</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2014-8709</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0529</td> - <td>높ìŒ</td> - <td>아니요*</td> - </tr> - <tr> - <td>Qualcomm 부트로ë”ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0455</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ì „ì› ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8483</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>NVIDIA GPU ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0334, CVE-2017-0336</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ ì•”í˜¸í™” 하위 ì‹œìŠ¤í…œì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</td> - <td>CVE-2016-8650</td> - <td>높ìŒ</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 -ë¬¸ì œ)</td> - <td>CVE-2016-8417</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0461, CVE-2017-0459, CVE-2017-0531</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>MediaTek ë™ì˜ìƒ ì½”ë± ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0532</td> - <td>보통</td> - <td>아니요*</td> - </tr> - <tr> - <td>Qualcomm ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0533, CVE-2017-0534, CVE-2016-8416, CVE-2016-8478</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2016-8413, CVE-2016-8477</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>HTC 사운드 ì½”ë± ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0535</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0536</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>ì»¤ë„ USB ê°€ì ¯ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0537</td> - <td>보통</td> - <td>예</td> - </tr> - <tr> - <td>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</td> - <td>CVE-2017-0452</td> - <td>ë‚®ìŒ</td> - <td>예</td> - </tr> -</table> -<p>* 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ -ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> <h2 id="mitigations">Android ë° Google 서비스 완화</h2> -<p>다ìŒì€ SafetyNetê³¼ ê°™ì€ <a href="{@docRoot}security/enhancements/index.html">Android 보안 플랫í¼</a> ë° +<p>다ìŒì€ SafetyNetê³¼ ê°™ì€ <a href="/security/enhancements/index.html">Android 보안 플랫í¼</a> ë° ì„œë¹„ìŠ¤ 보호 기능ì—ì„œ ì œê³µë˜ëŠ” 완화를 요약한 내용입니다. ì´ëŸ¬í•œ ê¸°ëŠ¥ì„ í†µí•´ Androidì—ì„œ 보안 ì·¨ì•½ì„±ì´ ì•…ìš©ë ê°€ëŠ¥ì„±ì„ ì¤„ì¼ ìˆ˜ 있습니다.</p> @@ -463,7 +71,7 @@ CVE-2017-0504, CVE-2017-0505, CVE-2017-0506</td> <li>Android í”Œëž«í¼ ìµœì‹ ë²„ì „ì˜ í–¥ìƒëœ 기능으로 Androidì˜ ì—¬ëŸ¬ ë¬¸ì œë¥¼ 악용하기가 ë”ìš± ì–´ë ¤ì›Œì¡ŒìŠµë‹ˆë‹¤. 가능하다면 ëª¨ë“ ì‚¬ìš©ìžëŠ” ìµœì‹ ë²„ì „ì˜ Androidë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</li> -<li>Android 보안팀ì—서는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">ìž ìž¬ì 으로 위험한 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì— ê´€í•´ +<li>Android 보안팀ì—서는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì— ê´€í•´ 사용ìžì—게 ê²½ê³ ë¥¼ 보내는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">앱 ì¸ì¦ ë° SafetyNet</a>ì„ ì‚¬ìš©í•˜ì—¬ 악용사례를 ì ê·¹ì 으로 모니터ë§í•©ë‹ˆë‹¤. 앱 ì¸ì¦ì€ <a href="http://www.android.com/gms">Google ëª¨ë°”ì¼ ì„œë¹„ìŠ¤</a>ê°€ ì ìš©ëœ ê¸°ê¸°ì— ê¸°ë³¸ì 으로 사용 ì„¤ì •ë˜ì–´ 있으며 Google Play 외부ì—ì„œ @@ -474,96 +82,96 @@ Play ë‚´ì—ì„œ 기기 루팅 ë„구는 금지ë˜ì–´ 있지만 권한 승격 ì·¨ì•½ì„±ì„ ì•…ìš©í•˜ëŠ” 것으로 ì•Œë ¤ì§„ 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‹ë³„í•˜ê³ ì°¨ë‹¨í•©ë‹ˆë‹¤. ì´ëŸ¬í•œ ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì´ë¯¸ ì„¤ì¹˜ëœ ê²½ìš° 앱 ì¸ì¦ì—ì„œ 사용ìžì—게 ì´ë¥¼ ì•Œë¦¬ê³ ê°ì§€ëœ ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‚ì œí•˜ë ¤ê³ ì‹œë„합니다.</li> -<li>가능한 경우 Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— +<li>Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— ë¯¸ë””ì–´ë¥¼ ìžë™ìœ¼ë¡œ ì „ë‹¬í•˜ì§€ 않습니다.</li> </ul> <h2 id="acknowledgements">ê°ì‚¬ì˜ ë§ì”€</h2> <p>참여해 ì£¼ì‹ ë‹¤ìŒ ì—°êµ¬ì›ì—게 ê°ì‚¬ë“œë¦½ë‹ˆë‹¤.</p> <ul> <li>Google Dynamic ToolsíŒ€ì˜ Alexander Potapenko: CVE-2017-0537 -<li>Alibaba Mobile Security Groupì˜ Baozeng Ding, Chengming Yang, +</li><li>Alibaba Mobile Security Groupì˜ Baozeng Ding, Chengming Yang, Peng Xiao, Yang Song: CVE-2017-0506 -<li>Alibaba Mobile Security Groupì˜ Baozeng Ding, Ning You, Chengming Yang, +</li><li>Alibaba Mobile Security Groupì˜ Baozeng Ding, Ning You, Chengming Yang, Peng Xiao, Yang Song: CVE-2017-0463 -<li>Android ë³´ì•ˆíŒ€ì˜ Billy Lau: CVE-2017-0335, CVE-2017-0336, CVE-2017-0338, +</li><li>Android ë³´ì•ˆíŒ€ì˜ Billy Lau: CVE-2017-0335, CVE-2017-0336, CVE-2017-0338, CVE-2017-0460 -<li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2016-8413, +</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2016-8413, CVE-2016-8477, CVE-2017-0531 -<li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>), <a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0521 -<li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)ì˜ +</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a>(<a href="https://twitter.com/derrekr6">@derrekr6</a>), <a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0521 +</li><li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)ì˜ Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2017-0334, CVE-2017-0456, CVE-2017-0457, CVE-2017-0525 -<li><a href="http://www.ms509.com">MS509Team</a>ì˜ En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>), +</li><li><a href="http://www.ms509.com">MS509Team</a>ì˜ En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>), Bo Liu: CVE-2017-0490 -<li>Qihoo 360 Technology Co. Ltd. +</li><li>Qihoo 360 Technology Co. Ltd. IceSword Labì˜ Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0509, CVE-2017-0524, CVE-2017-0529, CVE-2017-0536 -<li>Qihoo 360 Technology Co. Ltd Alpha Teamì˜ Hao Chen, Guang Gong: +</li><li>Qihoo 360 Technology Co. Ltd Alpha Teamì˜ Hao Chen, Guang Gong: CVE-2017-0453, CVE-2017-0461, CVE-2017-0464 -<li>Sony Mobile Communications Inc.ì˜ Hiroki Yamamoto, Fang Chen: +</li><li>Sony Mobile Communications Inc.ì˜ Hiroki Yamamoto, Fang Chen: CVE-2017-0481 -<li>IBM Security X-Force ì—°êµ¬ì› Sagi Kedmi, Roee Hay: CVE-2017-0510 -<li><a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a>ì˜ Jianjun Dai(<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>): CVE-2017-0478 -<li>Qihoo 360 IceSword Labì˜ Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8416, +</li><li>IBM Security X-Force ì—°êµ¬ì› Sagi Kedmi, Roee Hay: CVE-2017-0510 +</li><li><a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a>ì˜ Jianjun Dai(<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>): CVE-2017-0478 +</li><li>Qihoo 360 IceSword Labì˜ Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-8416, CVE-2016-8478, CVE-2017-0458, CVE-2017-0459, CVE-2017-0518, CVE-2017-0519, CVE-2017-0533, CVE-2017-0534 -<li><a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>, <a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Xuxian Jiang: CVE-2016-8479 -<li>Googleì˜ Makoto Onuki: CVE-2017-0491 -<li><a href="http://c0reteam.org">C0RE Team</a>ì˜ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>, Xuxian Jiang: CVE-2017-0479, CVE-2017-0480 -<li>Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): +</li><li><a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>, <a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Xuxian Jiang: CVE-2016-8479 +</li><li>Googleì˜ Makoto Onuki: CVE-2017-0491 +</li><li><a href="http://c0reteam.org">C0RE Team</a>ì˜ Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>, Xuxian Jiang: CVE-2017-0479, CVE-2017-0480 +</li><li>Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0535 -<li>Tesla Motors Product Security Teamì˜ +</li><li>Tesla Motors Product Security Teamì˜ Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0306 -<li>Baidu X-Lab(百度安全实验室)ì˜ Pengfei Ding(ä¸é¹é£ž), Chenfu Bao(包沉浮), +</li><li>Baidu X-Lab(百度安全实验室)ì˜ Pengfei Ding(ä¸é¹é£ž), Chenfu Bao(包沉浮), Lenx Wei(韦韬): CVE-2016-8417 -<li>Tencent KeenLabì˜ Qidan He(何淇丹) +</li><li>Tencent KeenLabì˜ Qidan He(何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>): CVE-2017-0337, CVE-2017-0476 -<li>Qihoo 360ì˜ Qing Zhang, Singapore Institute of Technology(SIT)ì˜ +</li><li>Qihoo 360ì˜ Qing Zhang, Singapore Institute of Technology(SIT)ì˜ Guangdong Bai: CVE-2017-0496 -<li>Ant-financial Light-Year Security Lab(èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤)ì˜ +</li><li>Ant-financial Light-Year Security Lab(èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤)ì˜ Quhe, wanchouchou: CVE-2017-0522 -<li>DarkMatter +</li><li>DarkMatter Secure Communicationsì˜ <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a>: CVE-2017-0528 -<li>UC Santa Barbara +</li><li>UC Santa Barbara Shellphish Grill Teamì˜ salls(<a href="https://twitter.com/chris_salls">@chris_salls</a>): CVE-2017-0505 -<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0504, +</li><li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0504, CVE-2017-0516 -<li>Sean Beaupre(beaups): CVE-2017-0455 -<li>Trend Microì˜ Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): +</li><li>Sean Beaupre(beaups): CVE-2017-0455 +</li><li>Trend Microì˜ Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2017-0452 -<li>Fujitsuì˜ Shinichi Matsumoto: CVE-2017-0498 -<li><a href="http://www.byterev.com">ByteRev</a>ì˜ <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>: CVE-2017-0489 -<li>Googleì˜ Svetoslav Ganov: CVE-2017-0492 -<li><a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Xuxian Jiang: CVE-2017-0333 -<li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile -Threat Response Team</a>ì˜ V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): +</li><li>Fujitsuì˜ Shinichi Matsumoto: CVE-2017-0498 +</li><li><a href="http://www.byterev.com">ByteRev</a>ì˜ <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>: CVE-2017-0489 +</li><li>Googleì˜ Svetoslav Ganov: CVE-2017-0492 +</li><li><a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Xuxian Jiang: CVE-2017-0333 +</li><li><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile +Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a>ì˜ V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469, CVE-2017-0470, -CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0482, CVE-2017-0485, -CVE-2017-0486, CVE-2017-0487, CVE-2017-0494, CVE-2017-0495 -<li>Ant-financial Light-Year Security Lab(èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤)ì˜ +CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0482, CVE-2017-0484, +CVE-2017-0485, CVE-2017-0486, CVE-2017-0487, CVE-2017-0494, CVE-2017-0495 +</li><li>Ant-financial Light-Year Security Lab(èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤)ì˜ Wish Wu(å´æ½æµ æ¤å½¼)(<a href="https://twitter.com/wish_wu">@wish_wu</a>): CVE-2017-0477 -<li>Qihoo 360 Technology Co. Ltd Vulpecker Teamì˜ Yu Pan: CVE-2017-0517, +</li><li>Qihoo 360 Technology Co. Ltd Vulpecker Teamì˜ Yu Pan: CVE-2017-0517, CVE-2017-0532 -<li><a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, +</li><li><a href="http://c0reteam.org">C0RE Team</a>ì˜ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Xuxian Jiang: CVE-2017-0526, CVE-2017-0527 -<li><a href="http://c0reteam.org">C0RE Team</a>ì˜ Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>), <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>, <a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>, Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), -Xuxian Jiang: CVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> +</li><li><a href="http://c0reteam.org">C0RE Team</a>ì˜ Yuqi Lu(<a href="https://twitter.com/nikos233__">@nikos233</a>), <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>, <a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>, Mingjian Zhou(<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), +Xuxian Jiang: CVE-2017-0483</li> +<li>Qihoo 360 Technology Co. Ltd., Chengdu Security Response Centerì˜ Zinuo Han(<a href="https://weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>): +CVE-2017-0475, CVE-2017-0497 +</li></ul> <h2 id="2017-03-01-details">2017-03-01 보안 패치 수준—취약성 ì„¸ë¶€ì •ë³´</h2> -<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 ìœ„ì˜ -<a href="#2017-03-01-summary">2017-03-01 -보안 패치 수준— 취약성 요약</a>ì— ë‚˜ì—´ëœ ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ -ìžì„¸ížˆ 알아볼 수 있습니다. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° -CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Google 기기, -ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œ ë“±ì´ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 +<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 2017-03-01 패치 ìˆ˜ì¤€ì— ì ìš©ë˜ëŠ” +ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. 여기ì—는 ë¬¸ì œ 설명, +심ê°ë„ 근거 ë° CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Google 기기, ì—…ë°ì´íŠ¸ëœ +AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œê°€ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ 버그 IDì— ì—°ê²°í•©ë‹ˆë‹¤. í•˜ë‚˜ì˜ ë²„ê·¸ì™€ ê´€ë ¨ëœ ë³€ê²½ì‚¬í•ì´ 여러 ê°œì¸ ê²½ìš° 추가 참조가 버그 ID 다ìŒì— 오는 ë²ˆí˜¸ì— ì—°ê²°ë˜ì–´ 있습니다.</p> - -<h3 id="rce-in-openssl-&-boringssl">OpenSSL & BoringSSLì˜ +<h3 id="rce-in-openssl-&-boringssl">OpenSSL & BoringSSLì˜ ì›ê²© 코드 실행 취약성</h3> <p>OpenSSL ë° BoringSSLì˜ ì›ê²© 코드 실행 취약성으로 ì¸í•´ 특별히 ì œìž‘ëœ íŒŒì¼ì„ 사용하는 공격ìžê°€ 파ì¼ê³¼ ë°ì´í„° 처리 ì¤‘ì— ë©”ëª¨ë¦¬ ì†ìƒì„ ì¼ìœ¼í‚¬ 수 @@ -571,13 +179,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì‹¬ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -594,8 +202,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 8ì›” 5ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-mediaserver-">미디어 ì„œë²„ì˜ ì›ê²© 코드 실행 취약성 </h3> @@ -605,13 +212,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì‹¬ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -703,7 +310,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>7.0, 7.1.1</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-recovery-verifier">복구 ì¸ì¦ì˜ 권한 승격 취약성</h3> @@ -714,13 +321,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ê¸°ê¸°ë¥¼ ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -737,8 +344,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 10ì›” 2ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-aosp-messaging">AOSP ë©”ì‹œì§€ì˜ ì›ê²© 코드 실행 취약성</h3> @@ -748,13 +354,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì‹¬ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -771,8 +377,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 12ì›” 6ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-libgdx">libgdxì˜ ì›ê²© 코드 실행 취약성</h3> <p>libgdxì˜ ì›ê²© 코드 실행 취약성으로 ì¸í•´ 특별히 ì œìž‘ëœ íŒŒì¼ì„ 사용하는 @@ -781,13 +386,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì‚¬ìš©í•˜ëŠ” ì• í”Œë¦¬ì¼€ì´ì…˜ì—ì„œ ì›ê²© 코드를 ì‹¤í–‰í• ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -804,8 +409,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>7.1.1</td> <td>2016ë…„ 12ì›” 14ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-framesequence-library">Framesequence ë¼ì´ë¸ŒëŸ¬ë¦¬ì˜ ì›ê²© 코드 실행 취약성</h3> @@ -816,13 +420,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì‹¬ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -839,7 +443,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 12ì›” 16ì¼</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-nfc">NFCì˜ ê¶Œí•œ 승격 취약성</h3> <p>NFCì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ ê·¼ì ‘í•œ 공격ìžê°€ ê¶Œí•œì´ ì„¤ì •ëœ @@ -849,13 +453,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -872,7 +476,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 11ì›” 6ì¼</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-audioserver">오디오 ì„œë²„ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -883,13 +487,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -919,8 +523,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 11ì›” 7ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p>미디어 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성으로 ì¸í•´ 공격ìžê°€ 특별히 ì œìž‘ëœ @@ -928,13 +531,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì›ê²© 서비스 거부를 ì•¼ê¸°í• ìˆ˜ 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1012,7 +615,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-location-manager">위치 관리ìžì˜ 권한 승격 취약성</h3> @@ -1022,13 +625,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1045,8 +648,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 11ì›” 20ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Wi-Fiì˜ ê¶Œí•œ 승격 취약성</h3> <p>Wi-Fiì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ @@ -1055,13 +657,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ìš°íšŒí• ìˆ˜ 있게 하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤. </p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1081,8 +683,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 11ì›” 25ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-package-manager">패키지 관리ìžì˜ 권한 승격 취약성</h3> @@ -1092,13 +693,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ìš°íšŒí• ìˆ˜ 있게 하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1116,8 +717,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>Google 사내용</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-system-ui">시스템 UIì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1128,13 +728,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ë³´í†µìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1152,8 +752,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>7.1.1</td> <td>Google 사내용</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-aosp-messaging">AOSP ë©”ì‹œì§€ì˜ ì •ë³´ 공개 취약성</h3> @@ -1163,13 +762,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1186,8 +785,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 11ì›” 9ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">미디어 ì„œë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -1197,13 +795,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1220,8 +818,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 12ì›” 11ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard">ì„¤ì • ë§ˆë²•ì‚¬ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> @@ -1230,13 +827,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ê¸°ê¸°ë¥¼ 수리하기 위해 초기화를 수행해야 í• ìˆ˜ 있으므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1252,7 +849,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>2016ë…„ 9ì›” 14ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Google 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> @@ -1266,13 +863,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ì¼ë°˜ì ì´ì§€ ì•Šì€ ê¸°ê¸° ì„¤ì •ì´ í•„ìš”í•˜ë¯€ë¡œ 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1289,8 +886,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>7.0, 7.1.1</td> <td>2016ë…„ 12ì›” 2ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard-2">ì„¤ì • ë§ˆë²•ì‚¬ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> @@ -1299,13 +895,13 @@ Google ê³„ì • 로그ì¸ì„ 요구하ë„ë¡ ì„¤ì •í• ìˆ˜ 있습니다. ì´ ë¬¸ì 초기화를 수행해야 í• ìˆ˜ 있으므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤. </p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1324,8 +920,7 @@ Google ê³„ì • 로그ì¸ì„ 요구하ë„ë¡ ì„¤ì •í• ìˆ˜ 있습니다. ì´ ë¬¸ì <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>Google 사내용</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-audioserver">오디오 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p>오디오 ì„œë²„ì˜ ì„œë¹„ìŠ¤ 거부 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ @@ -1333,13 +928,13 @@ Google ê³„ì • 로그ì¸ì„ 요구하ë„ë¡ ì„¤ì •í• ìˆ˜ 있습니다. ì´ ë¬¸ì 거부를 ì•¼ê¸°í• ìˆ˜ 있으므로 심ê°ë„ ë‚®ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1356,22 +951,18 @@ Google ê³„ì • 로그ì¸ì„ 요구하ë„ë¡ ì„¤ì •í• ìˆ˜ 있습니다. ì´ ë¬¸ì <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2016ë…„ 10ì›” 11ì¼</td> </tr> -</table> - +</tbody></table> <h2 id="2017-03-05-details">2017-03-05 보안 패치 수준—취약성 ì„¸ë¶€ì •ë³´</h2> -<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 ìœ„ì˜ -<a href="#2017-03-05-summary">2017-03-05 -보안 패치 수준— 취약성 요약</a>ì— ë‚˜ì—´ëœ ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ -ìžì„¸ížˆ 알아볼 수 있습니다. 여기ì—는 ë¬¸ì œ 설명, 심ê°ë„ 근거 ë° -CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Google 기기, -ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œ ë“±ì´ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 +<p>ë‹¤ìŒ ì„¹ì…˜ì—서는 2017-03-05 패치 ìˆ˜ì¤€ì— ì ìš©ë˜ëŠ” +ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. 여기ì—는 ë¬¸ì œ 설명, +심ê°ë„ 근거 ë° CVE, ê´€ë ¨ 참조, 심ê°ë„, ì—…ë°ì´íŠ¸ëœ Google 기기, ì—…ë°ì´íŠ¸ëœ +AOSP ë²„ì „(해당하는 경우), ì‹ ê³ ëœ ë‚ ì§œê°€ í¬í•¨ëœ 표가 ì œì‹œë©ë‹ˆë‹¤. 가능한 경우 AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ 버그 IDì— ì—°ê²°í•©ë‹ˆë‹¤. í•˜ë‚˜ì˜ ë²„ê·¸ì™€ ê´€ë ¨ëœ ë³€ê²½ì‚¬í•ì´ 여러 ê°œì¸ ê²½ìš° 추가 참조가 버그 ID 다ìŒì— 오는 ë²ˆí˜¸ì— ì—°ê²°ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-mediatek-components">MediaTek êµ¬ì„±ìš”ì†Œì˜ ê¶Œí•œ 승격 취약성</h3> <p>M4U ë“œë¼ì´ë²„, 사운드 ë“œë¼ì´ë²„, 터치스í¬ë¦° ë“œë¼ì´ë²„, GPU ë“œë¼ì´ë²„, @@ -1382,12 +973,12 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ê¸°ê¸°ë¥¼ ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1396,7 +987,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0500</td> - <td>A-28429685*<br> + <td>A-28429685*<br /> M-ALPS02710006</td> <td>심ê°</td> <td>ì—†ìŒ**</td> @@ -1404,7 +995,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0501</td> - <td>A-28430015*<br> + <td>A-28430015*<br /> M-ALPS02708983</td> <td>심ê°</td> <td>ì—†ìŒ**</td> @@ -1412,7 +1003,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0502</td> - <td>A-28430164*<br> + <td>A-28430164*<br /> M-ALPS02710027</td> <td>심ê°</td> <td>ì—†ìŒ**</td> @@ -1420,7 +1011,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0503</td> - <td>A-28449045*<br> + <td>A-28449045*<br /> M-ALPS02710075</td> <td>심ê°</td> <td>ì—†ìŒ**</td> @@ -1428,7 +1019,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0504</td> - <td>A-30074628*<br> + <td>A-30074628*<br /> M-ALPS02829371</td> <td>심ê°</td> <td>ì—†ìŒ**</td> @@ -1436,7 +1027,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0505</td> - <td>A-31822282*<br> + <td>A-31822282*<br /> M-ALPS02992041</td> <td>심ê°</td> <td>ì—†ìŒ**</td> @@ -1444,13 +1035,13 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0506</td> - <td>A-32276718*<br> + <td>A-32276718*<br /> M-ALPS03006904</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>2016ë…„ 10ì›” 18ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -1459,7 +1050,6 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <p>** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1469,12 +1059,12 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ê¸°ê¸°ë¥¼ ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1483,7 +1073,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0337</td> - <td>A-31992762*<br> + <td>A-31992762*<br /> N-CVE-2017-0337</td> <td>심ê°</td> <td>Pixel C</td> @@ -1491,7 +1081,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0338</td> - <td>A-33057977*<br> + <td>A-33057977*<br /> N-CVE-2017-0338</td> <td>심ê°</td> <td>Pixel C</td> @@ -1499,7 +1089,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0333</td> - <td>A-33899363*<br> + <td>A-33899363*<br /> N-CVE-2017-0333</td> <td>심ê°</td> <td>Pixel C</td> @@ -1507,7 +1097,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0306</td> - <td>A-34132950*<br> + <td>A-34132950*<br /> N-CVE-2017-0306</td> <td>심ê°</td> <td>Nexus 9</td> @@ -1515,20 +1105,19 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </tr> <tr> <td>CVE-2017-0335</td> - <td>A-33043375*<br> + <td>A-33043375*<br /> N-CVE-2017-0335</td> <td>심ê°</td> <td>Pixel C</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-kernel-ion-subsystem">ì»¤ë„ ION 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</h3> <p>ì»¤ë„ ION 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 @@ -1538,12 +1127,12 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² ê¸°ê¸°ë¥¼ ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1565,14 +1154,13 @@ C, Pixel, Pixel XL</td> <td>Pixel C</td> <td>2016ë…„ 12ì›” 28ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Broadcom Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1582,12 +1170,12 @@ C, Pixel, Pixel XL</td> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1596,13 +1184,13 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2017-0509</td> - <td>A-32124445*<br> + <td>A-32124445*<br /> B-RB#110688</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>2016ë…„ 10ì›” 12ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -1611,7 +1199,6 @@ C, Pixel, Pixel XL</td> <p>** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="eop-in-kernel-fiq-debugger">ì»¤ë„ FIQ ë””ë²„ê±°ì˜ ê¶Œí•œ 승격 취약성</h3> <p>ì»¤ë„ FIQ ë””ë²„ê±°ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1621,12 +1208,12 @@ C, Pixel, Pixel XL</td> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1640,14 +1227,13 @@ C, Pixel, Pixel XL</td> <td>Nexus 9</td> <td>2016ë…„ 10ì›” 25ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1657,12 +1243,12 @@ C, Pixel, Pixel XL</td> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1671,20 +1257,19 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2016-8479</td> - <td>A-31824853*<br> + <td>A-31824853*<br /> QC-CR#1093687</td> <td>심ê°</td> <td>Android One, Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> <td>2016ë…„ 9ì›” 29ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-kernel-networking-subsystem">ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</h3> <p>ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1694,12 +1279,12 @@ C, Pixel, Pixel XL</td> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1708,7 +1293,7 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2016-9806</td> - <td>A-33393474<br> + <td>A-33393474<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520"> 업스트림 커ë„</a></td> <td>심ê°</td> @@ -1717,15 +1302,14 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2016-10200</td> - <td>A-33753815<br> + <td>A-33753815<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"> 업스트림 커ë„</a></td> <td>심ê°</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>2016ë…„ 12ì›” 19ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm êµ¬ì„±ìš”ì†Œì˜ ì·¨ì•½ì„±</h3> @@ -1733,12 +1317,12 @@ C, Pixel, Pixel XL</td> 2016ë…„ 9ì›” 보안 게시íŒì— ìžì„¸ížˆ 설명ë˜ì–´ 있습니다.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1780,7 +1364,7 @@ C, Pixel, Pixel XL</td> <td>ì—†ìŒ***</td> <td>Qualcomm 사내용</td> </tr> -</table> +</tbody></table> <p>* ì´ ì·¨ì•½ì„±ì˜ ì‹¬ê°ë„ ë“±ê¸‰ì€ ê³µê¸‰ì—…ì²´ì—ì„œ ê²°ì •í•œ 것입니다.</p> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 @@ -1790,7 +1374,6 @@ C, Pixel, Pixel XL</td> <p>*** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="eop-in-kernel-networking-subsystem-2">ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</h3> <p>ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1799,12 +1382,12 @@ C, Pixel, Pixel XL</td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1813,7 +1396,7 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2016-8655</td> - <td>A-33358926<br> + <td>A-33358926<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c"> 업스트림 커ë„</a></td> <td>높ìŒ</td> @@ -1823,7 +1406,7 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2016-9793</td> - <td>A-33363517<br> + <td>A-33363517<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"> 업스트림 커ë„</a></td> <td>높ìŒ</td> @@ -1831,8 +1414,7 @@ C, Pixel, Pixel XL</td> C, Pixel, Pixel XL</td> <td>2016ë…„ 12ì›” 2ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-input-hardware-driver">Qualcomm ìž…ë ¥ 하드웨어 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -1842,12 +1424,12 @@ C, Pixel, Pixel XL</td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1856,20 +1438,19 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2017-0516</td> - <td>A-32341680*<br> + <td>A-32341680*<br /> QC-CR#1096301</td> <td>높ìŒ</td> <td>Android One, Pixel, Pixel XL</td> <td>2016ë…„ 10ì›” 21ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-mediatek-hardware-sensor-driver">MediaTek 하드웨어 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>MediaTek 하드웨어 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1878,12 +1459,12 @@ C, Pixel, Pixel XL</td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1892,13 +1473,13 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2017-0517</td> - <td>A-32372051*<br> + <td>A-32372051*<br /> M-ALPS02973195</td> <td>높ìŒ</td> <td>ì—†ìŒ**</td> <td>2016ë…„ 10ì›” 22ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -1907,7 +1488,6 @@ C, Pixel, Pixel XL</td> <p>** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm ADSPRPC ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1916,12 +1496,12 @@ C, Pixel, Pixel XL</td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1930,21 +1510,20 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2017-0457</td> - <td>A-31695439*<br> - QC-CR#1086123<br> + <td>A-31695439*<br /> + QC-CR#1086123<br /> QC-CR#1100695</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>2016ë…„ 9ì›” 22ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Qualcomm 지문 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm 지문 센서 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1953,12 +1532,12 @@ C, Pixel, Pixel XL</td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -1967,7 +1546,7 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2017-0518</td> - <td>A-32370896*<br> + <td>A-32370896*<br /> QC-CR#1086530</td> <td>높ìŒ</td> <td>Pixel, Pixel XL</td> @@ -1975,20 +1554,19 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2017-0519</td> - <td>A-32372915*<br> + <td>A-32372915*<br /> QC-CR#1086530</td> <td>높ìŒ</td> <td>Pixel, Pixel XL</td> <td>2016ë…„ 10ì›” 24ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm 암호화 엔진 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm 암호화 엔진 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -1997,12 +1575,12 @@ C, Pixel, Pixel XL</td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2011,15 +1589,14 @@ C, Pixel, Pixel XL</td> </tr> <tr> <td>CVE-2017-0520</td> - <td>A-31750232<br> + <td>A-31750232<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd"> QC-CR#1082636</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 9ì›” 24ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver">Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> @@ -2029,12 +1606,12 @@ QC-CR#1082636</a></td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2043,7 +1620,7 @@ QC-CR#1082636</a></td> </tr> <tr> <td>CVE-2017-0458</td> - <td>A-32588962<br> + <td>A-32588962<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4"> QC-CR#1089433</a></td> <td>높ìŒ</td> @@ -2052,15 +1629,14 @@ QC-CR#1089433</a></td> </tr> <tr> <td>CVE-2017-0521</td> - <td>A-32919951<br> + <td>A-32919951<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8"> QC-CR#1097709</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 11ì›” 15ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-apk">MediaTek APKì˜ ê¶Œí•œ 승격 취약성</h3> @@ -2070,12 +1646,12 @@ QC-CR#1097709</a></td> ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2084,13 +1660,13 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0522</td> - <td>A-32916158*<br> + <td>A-32916158*<br /> M-ALPS03032516</td> <td>높ìŒ</td> <td>ì—†ìŒ**</td> <td>2016ë…„ 11ì›” 15ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -2099,7 +1675,6 @@ QC-CR#1097709</a></td> <p>** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -2108,12 +1683,12 @@ QC-CR#1097709</a></td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2122,7 +1697,7 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0464</td> - <td>A-32940193<br> + <td>A-32940193<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f"> QC-CR#1102593</a></td> <td>높ìŒ</td> @@ -2131,7 +1706,7 @@ QC-CR#1102593</a></td> </tr> <tr> <td>CVE-2017-0453</td> - <td>A-33979145<br> + <td>A-33979145<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513"> QC-CR#1105085</a></td> <td>높ìŒ</td> @@ -2140,18 +1715,17 @@ QC-CR#1105085</a></td> </tr> <tr> <td>CVE-2017-0523</td> - <td>A-32835279<br> + <td>A-32835279<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582"> QC-CR#1096945</a></td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -2160,12 +1734,12 @@ QC-CR#1096945</a></td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2179,14 +1753,13 @@ QC-CR#1096945</a></td> <td>Android One, Nexus 5X, Nexus 6P, Nexus 9, Pixel, Pixel XL</td> <td>2016ë…„ 11ì›” 18ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-qualcomm-ipa-driver">Qualcomm IPA ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm IPA ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -2195,12 +1768,12 @@ QC-CR#1096945</a></td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2209,7 +1782,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0456</td> - <td>A-33106520*<br> + <td>A-33106520*<br /> QC-CR#1099598</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td> @@ -2217,20 +1790,19 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0525</td> - <td>A-33139056*<br> + <td>A-33139056*<br /> QC-CR#1097714</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 11ì›” 25ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-htc-sensor-hub-driver">HTC 센서 허브 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>HTC 센서 허브 ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -2239,12 +1811,12 @@ QC-CR#1096945</a></td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2265,14 +1837,13 @@ QC-CR#1096945</a></td> <td>Nexus 9, Pixel, Pixel XL</td> <td>2016ë…„ 12ì›” 25ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>NVIDIA GPU ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -2282,12 +1853,12 @@ QC-CR#1096945</a></td> 기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2296,13 +1867,13 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0307</td> - <td>A-33177895*<br> + <td>A-33177895*<br /> N-CVE-2017-0307</td> <td>높ìŒ</td> <td>ì—†ìŒ**</td> <td>2016ë…„ 11ì›” 28ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -2311,7 +1882,6 @@ QC-CR#1096945</a></td> <p>** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="eop-in-qualcomm-networking-driver">Qualcomm ë„¤íŠ¸ì›Œí¬ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm ë„¤íŠ¸ì›Œí¬ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -2320,12 +1890,12 @@ QC-CR#1096945</a></td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2334,7 +1904,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0463</td> - <td>A-33277611<br> + <td>A-33277611<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2"> QC-CR#1101792</a></td> <td>높ìŒ</td> @@ -2343,20 +1913,19 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2017-0460 </td> - <td>A-31252965*<br> + <td>A-31252965*<br /> QC-CR#1098801</td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-kernel-security-subsystem">ì»¤ë„ ë³´ì•ˆ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성</h3> <p>ì»¤ë„ ë³´ì•ˆ 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ 로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ @@ -2365,12 +1934,12 @@ QC-CR#1101792</a></td> ì•…ìš© 완화 ê¸°ìˆ ì„ ì¼ë°˜ì 으로 우회하는 것ì´ë¯€ë¡œ 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2384,14 +1953,13 @@ QC-CR#1101792</a></td> <td>Pixel, Pixel XL</td> <td>2016ë…„ 12ì›” 4ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="eop-in-qualcomm-spcom-driver">Qualcomm SPCom ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성</h3> <p>Qualcomm SPCom ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ @@ -2400,12 +1968,12 @@ QC-CR#1101792</a></td> 가능하므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2414,7 +1982,7 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2016-5856</td> - <td>A-32610665<br> + <td>A-32610665<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368"> QC-CR#1094078</a></td> <td>높ìŒ</td> @@ -2423,18 +1991,17 @@ QC-CR#1094078</a></td> </tr> <tr> <td>CVE-2016-5857</td> - <td>A-34386529<br> + <td>A-34386529<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5"> QC-CR#1094140</a></td> <td>높ìŒ</td> <td>ì—†ìŒ*</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="id-in-kernel-networking-subsystem">ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ì •ë³´ 공개 취약성</h3> <p>ì»¤ë„ ë„¤íŠ¸ì›Œí¬ í•˜ìœ„ ì‹œìŠ¤í…œì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ @@ -2443,12 +2010,12 @@ QC-CR#1094140</a></td> 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2457,15 +2024,14 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2014-8709</td> - <td>A-34077221<br> + <td>A-34077221<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f"> 업스트림 커ë„</a></td> <td>높ìŒ</td> <td>Nexus Player</td> <td>2014ë…„ 11ì›” 9ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-driver">MediaTek ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -2475,12 +2041,12 @@ QC-CR#1094140</a></td> 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2489,13 +2055,13 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2017-0529</td> - <td>A-28449427*<br> + <td>A-28449427*<br /> M-ALPS02710042</td> <td>높ìŒ</td> <td>ì—†ìŒ**</td> <td>2016ë…„ 4ì›” 27ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -2504,7 +2070,6 @@ QC-CR#1094140</a></td> <p>** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="id-in-qualcomm-bootloader">Qualcomm 부트로ë”ì˜ ì •ë³´ 공개 취약성</h3> <p>Qualcomm 부트로ë”ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ @@ -2514,12 +2079,12 @@ QC-CR#1094140</a></td> í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2528,15 +2093,14 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2017-0455</td> - <td>A-32370952<br> + <td>A-32370952<br /> <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"> QC-CR#1082755</a></td> <td>높ìŒ</td> <td>Pixel, Pixel XL</td> <td>2016ë…„ 10ì›” 21ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-power-driver">Qualcomm ì „ì› ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -2546,12 +2110,12 @@ QC-CR#1082755</a></td> 사용ë 수 있으므로 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2560,15 +2124,14 @@ QC-CR#1082755</a></td> </tr> <tr> <td>CVE-2016-8483</td> - <td>A-33745862<br> + <td>A-33745862<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a"> QC-CR#1035099</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P</td> <td>2016ë…„ 12ì›” 19ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -2578,12 +2141,12 @@ QC-CR#1035099</a></td> 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2592,7 +2155,7 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0334</td> - <td>A-33245849*<br> + <td>A-33245849*<br /> N-CVE-2017-0334</td> <td>높ìŒ</td> <td>Pixel C</td> @@ -2600,20 +2163,19 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0336</td> - <td>A-33042679*<br> + <td>A-33042679*<br /> N-CVE-2017-0336</td> <td>높ìŒ</td> <td>Pixel C</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="dos-in-kernel-cryptographic-subsystem">ì»¤ë„ ì•”í˜¸í™” 하위 ì‹œìŠ¤í…œì˜ ì„œë¹„ìŠ¤ 거부(DoS) 취약성</h3> <p>ì»¤ë„ ì•”í˜¸í™” 하위 ì‹œìŠ¤í…œì˜ ì„œë¹„ìŠ¤ 거부 취약성으로 ì¸í•´ @@ -2622,12 +2184,12 @@ QC-CR#1035099</a></td> 심ê°ë„ 높ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2636,15 +2198,14 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2016-8650</td> - <td>A-33401771<br> + <td>A-33401771<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"> 업스트림 커ë„</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>2016ë…„ 10ì›” 12ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ê¶Œí•œ 승격 취약성(기기별 ë¬¸ì œ)</h3> @@ -2655,12 +2216,12 @@ QC-CR#1035099</a></td> 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2669,15 +2230,14 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2016-8417</td> - <td>A-32342399<br> + <td>A-32342399<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0"> QC-CR#1088824</a></td> <td>보통</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 10ì›” 21ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -2687,12 +2247,12 @@ QC-CR#1088824</a></td> ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2701,7 +2261,7 @@ QC-CR#1088824</a></td> </tr> <tr> <td>CVE-2017-0461</td> - <td>A-32073794<br> + <td>A-32073794<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65"> QC-CR#1100132</a></td> <td>보통</td> @@ -2710,8 +2270,8 @@ QC-CR#1100132</a></td> </tr> <tr> <td>CVE-2017-0459</td> - <td>A-32644895<br> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> + <td>A-32644895<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> QC-CR#1091939</a></td> <td>보통</td> <td>Pixel, Pixel XL</td> @@ -2719,15 +2279,14 @@ QC-CR#1091939</a></td> </tr> <tr> <td>CVE-2017-0531</td> - <td>A-32877245<br> + <td>A-32877245<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302"> QC-CR#1087469</a></td> <td>보통</td> <td>Android One, Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>2016ë…„ 11ì›” 13ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-video-codec-driver">MediaTek ë™ì˜ìƒ ì½”ë± ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -2737,12 +2296,12 @@ QC-CR#1087469</a></td> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2751,13 +2310,13 @@ QC-CR#1087469</a></td> </tr> <tr> <td>CVE-2017-0532</td> - <td>A-32370398*<br> + <td>A-32370398*<br /> M-ALPS03069985</td> <td>보통</td> <td>ì—†ìŒ**</td> <td>2016ë…„ 10ì›” 22ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -2766,7 +2325,6 @@ QC-CR#1087469</a></td> <p>** 지ì›ë˜ëŠ” Android 7.0 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> - <h3 id="id-in-qualcomm-video-driver">Qualcomm ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <p>Qualcomm ë™ì˜ìƒ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ @@ -2775,12 +2333,12 @@ QC-CR#1087469</a></td> ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2789,7 +2347,7 @@ QC-CR#1087469</a></td> </tr> <tr> <td>CVE-2017-0533</td> - <td>A-32509422<br> + <td>A-32509422<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>보통</td> @@ -2798,7 +2356,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2017-0534</td> - <td>A-32508732<br> + <td>A-32508732<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>보통</td> @@ -2807,7 +2365,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8416</td> - <td>A-32510746<br> + <td>A-32510746<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>보통</td> @@ -2816,15 +2374,14 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8478</td> - <td>A-32511270<br> + <td>A-32511270<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>보통</td> <td>Pixel, Pixel XL</td> <td>2016ë…„ 10ì›” 28ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-camera-driver">Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -2834,12 +2391,12 @@ QC-CR#1088206</a></td> ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2848,7 +2405,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8413</td> - <td>A-32709702<br> + <td>A-32709702<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d"> QC-CR#518731</a></td> <td>보통</td> @@ -2857,7 +2414,7 @@ QC-CR#518731</a></td> </tr> <tr> <td>CVE-2016-8477</td> - <td>A-32720522<br> + <td>A-32720522<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"> QC-CR#1090007</a> [<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> @@ -2865,8 +2422,7 @@ QC-CR#1090007</a> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>2016ë…„ 11ì›” 7ì¼</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-htc-sound-codec-driver">HTC 사운드 ì½”ë± ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> @@ -2876,12 +2432,12 @@ QC-CR#1090007</a> ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2895,14 +2451,13 @@ QC-CR#1090007</a> <td>Nexus 9</td> <td>2016ë…„ 12ì›” 11ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="id-in-synaptics-touchscreen-driver">Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <p>Synaptics 터치스í¬ë¦° ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ @@ -2911,12 +2466,12 @@ QC-CR#1090007</a> 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2930,14 +2485,13 @@ QC-CR#1090007</a> <td>Android One, Nexus 5X, Nexus 6P, Nexus 9, Pixel, Pixel XL</td> <td>2016ë…„ 12ì›” 12ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="id-in-kernel-usb-gadget-driver">ì»¤ë„ USB ê°€ì ¯ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <p>ì»¤ë„ USB ê°€ì ¯ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ @@ -2946,12 +2500,12 @@ QC-CR#1090007</a> ê¶Œí•œì´ ì„¤ì •ëœ í”„ë¡œì„¸ìŠ¤ì— ì¹¨íˆ¬í•´ì•¼ë§Œ 실행 가능하므로 심ê°ë„ 보통으로 í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2965,14 +2519,13 @@ QC-CR#1090007</a> <td>Pixel C</td> <td>Google 사내용</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> - <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성</h3> <p>Qualcomm ì¹´ë©”ë¼ ë“œë¼ì´ë²„ì˜ ì •ë³´ 공개 취약성으로 ì¸í•´ @@ -2981,12 +2534,12 @@ QC-CR#1090007</a> 실행 가능하므로 심ê°ë„ ë‚®ìŒìœ¼ë¡œ í‰ê°€ë©ë‹ˆë‹¤.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> <th>심ê°ë„</th> @@ -2995,13 +2548,13 @@ QC-CR#1090007</a> </tr> <tr> <td>CVE-2017-0452</td> - <td>A-32873615*<br> + <td>A-32873615*<br /> QC-CR#1093693</td> <td>ë‚®ìŒ</td> <td>Nexus 5X, Nexus 6P, Android One</td> <td>2016ë…„ 11ì›” 10ì¼</td> </tr> -</table> +</tbody></table> <p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -3012,7 +2565,7 @@ QC-CR#1090007</a> <p><strong>1. ë‚´ 기기가 ì—…ë°ì´íŠ¸ë˜ì–´ ì´ ë¬¸ì œê°€ í•´ê²°ë˜ì—ˆëŠ”지 어떻게 ì•Œ 수 있나요? </strong></p> <p>ê¸°ê¸°ì˜ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì„ í™•ì¸í•˜ëŠ” ë°©ë²•ì„ ì•Œì•„ë³´ë ¤ë©´ -<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì˜ +<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel ë° Nexus ì—…ë°ì´íŠ¸ ì¼ì •</a>ì˜ ì•ˆë‚´ë¥¼ ì½ì–´ 보세요.</p> <ul> <li>2017-03-01 보안 패치 수준과 ê´€ë ¨ëœ ëª¨ë“ ë¬¸ì œëŠ” 2017-03-01 @@ -3029,8 +2582,7 @@ QC-CR#1090007</a> </ul> <p><strong>2 ì´ ê²Œì‹œíŒì— ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ ìžˆëŠ” ì´ìœ ê°€ 무엇ì¸ê°€ìš”?</strong></p> <p>ì´ ê²Œì‹œíŒì—서는 Android 파트너가 ëª¨ë“ Android 기기ì—ì„œ ìœ ì‚¬í•˜ê²Œ ë°œìƒí•˜ëŠ” -취약성 ë¬¸ì œì˜ ì¼ë¶€ë¥¼ ë”ìš± ë¹ ë¥´ê³ ìœ ì—°í•˜ê²Œ 해결하기 위한 ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ -í¬í•¨ë˜ì–´ 있습니다. Android 파트너는 ì´ ê²Œì‹œíŒì— ì–¸ê¸‰ëœ ë¬¸ì œë¥¼ ëª¨ë‘ ìˆ˜ì •í•˜ê³ +취약성 ë¬¸ì œì˜ ì¼ë¶€ë¥¼ ë”ìš± ë¹ ë¥´ê³ ìœ ì—°í•˜ê²Œ 해결하ë„ë¡ í•˜ê¸° 위해 ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ í¬í•¨ë˜ì–´ 있습니다. Android 파트너는 ì´ ê²Œì‹œíŒì— ì–¸ê¸‰ëœ ë¬¸ì œë¥¼ ëª¨ë‘ ìˆ˜ì •í•˜ê³ ìµœì‹ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì„ ì‚¬ìš©í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</p> <ul> <li>2017ë…„ 3ì›” 1ì¼ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì„ ì‚¬ìš©í•˜ëŠ” 기기는 ì´ ë³´ì•ˆ 패치 수준과 @@ -3044,18 +2596,15 @@ QC-CR#1090007</a> <p><strong>3. ë¬¸ì œë³„ë¡œ ì˜í–¥ì„ 받는 Google 기기는 어떻게 ì•Œ 수 있나요?</strong></p> <p><a href="#2017-03-01-details">2017-03-01</a> ë° <a href="#2017-03-05-details">2017-03-05</a> -보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í…Œì´ë¸”ì˜ <em>ì—…ë°ì´íŠ¸ëœ Google -기기</em> ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ê° ë¬¸ì œì™€ ê´€ë ¨í•´ ì—…ë°ì´íŠ¸ëœ -ì˜í–¥ 받는 Google ê¸°ê¸°ì˜ ë²”ìœ„ê°€ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤.</p> +보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google +기기</em> ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ì˜í–¥ì„ 받는 Google ê¸°ê¸°ì˜ ë²”ìœ„ê°€ ë¬¸ì œë³„ë¡œ ì—…ë°ì´íŠ¸ë˜ì–´ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤.</p> <ul> <li><strong>ëª¨ë“ Google 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Google 기기 ë° Pixel ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— -'모ë‘'ë¼ê³ 표시ë©ë‹ˆë‹¤. '모ë‘'ì—는 다ìŒê³¼ ê°™ì€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">지ì›ë˜ëŠ” 기기</a>ê°€ -í¬í•¨ë©ë‹ˆë‹¤. Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9, -Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> -<li><strong>ì¼ë¶€ Google 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 ê²ƒì´ -ì•„ë‹Œ 경우, ì˜í–¥ì„ 받는 Google 기기가 <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— -표시ë©ë‹ˆë‹¤.</li> +'모ë‘'ë¼ê³ 표시ë©ë‹ˆë‹¤. '모ë‘'ì—는 다ìŒê³¼ ê°™ì€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">지ì›ë˜ëŠ” 기기</a>ê°€ í¬í•¨ë©ë‹ˆë‹¤. Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, +Nexus Player, Pixel C, Pixel, Pixel XL.</li> +<li><strong>ì¼ë¶€ Google 기기</strong>: ë¬¸ì œê°€ ì¼ë¶€ Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, +ì˜í–¥ì„ 받는 Google 기기가 <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— í‘œì‹œë©ë‹ˆë‹¤.</li> <li><strong>Google 기기 해당 ì—†ìŒ</strong>: ë¬¸ì œê°€ Android 7.0ì„ ì‹¤í–‰í•˜ëŠ” Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치지 않는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— 'ì—†ìŒ'ì´ë¼ê³ 표시ë©ë‹ˆë‹¤. </li> @@ -3065,9 +2614,9 @@ Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> ì¡°ì§ì„ 나타내는 ì ‘ë‘어를 í¬í•¨í• 수 있습니다. ì´ëŸ¬í•œ ì ‘ë‘어는 다ìŒê³¼ ê°™ì´ ë§¤í•‘ë©ë‹ˆë‹¤.</p> <table> - <tr> + <tbody><tr> <th>ì ‘ë‘ì–´</th> - <th>참조 문서</th> + <th>참조</th> </tr> <tr> <td>A-</td> @@ -3089,11 +2638,11 @@ Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> <td>B-</td> <td>Broadcom 참조 번호</td> </tr> -</table> +</tbody></table> <h2 id="revisions">ìˆ˜ì • ë‚´ì—</h2> <ul> <li>2017ë…„ 3ì›” 6ì¼: 게시íŒì´ 게시ë¨</li> <li>2017ë…„ 3ì›” 7ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ AOSP ë§í¬ê°€ í¬í•¨ë¨</li> </ul> -</body> -</html> + +</body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2017-04-01.html b/ko/security/bulletin/2017-04-01.html index 040baefe..9abf731c 100644 --- a/ko/security/bulletin/2017-04-01.html +++ b/ko/security/bulletin/2017-04-01.html @@ -19,7 +19,7 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>2017ë…„ 4ì›” 3ì¼ ê²Œì‹œë¨ | 2017ë…„ 4ì›” 5ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> +<p><em>2017ë…„ 4ì›” 3ì¼ ê²Œì‹œë¨ | 2017ë…„ 8ì›” 17ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> <p>Android 보안 게시íŒì—서는 Android ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 보안 취약성 ì„¸ë¶€ì •ë³´ë¥¼ 다룹니다. 게시íŒê³¼ 함께 ë¬´ì„ (OTA) ì—…ë°ì´íŠ¸ë¥¼ 통해 Nexus ê¸°ê¸°ì˜ ë³´ì•ˆ ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌웨어 ì´ë¯¸ì§€ë„ @@ -30,7 +30,7 @@ Nexus ê¸°ê¸°ì˜ ë³´ì•ˆ ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌ì ì €ìž¥ì†Œì— ë°°í¬ë˜ì—ˆìœ¼ë©°, ì´ ê²Œì‹œíŒì— ë§í¬ë˜ì–´ 있습니다. ì´ ê²Œì‹œíŒì—는 AOSP ì™¸ë¶€ì— ìžˆëŠ” 패치로 ì—°ê²°ë˜ëŠ” ë§í¬ë„ í¬í•¨ë˜ì–´ 있습니다.</p> <p>ì´ ì¤‘ 가장 심ê°í•œ ë¬¸ì œëŠ” 미디어 파ì¼ì„ ì²˜ë¦¬í• ë•Œ -ì´ë©”ì¼ê³¼ 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ +ì´ë©”ì¼, 웹 íƒìƒ‰, MMS 등 여러 ë°©ë²•ì„ í†µí•´ ëŒ€ìƒ ê¸°ê¸°ì—ì„œ ì›ê²©ìœ¼ë¡œ 코드를 ì‹¤í–‰í• ìˆ˜ 있게 하는 심ê°í•œ 보안 취약성입니다. <a href="/security/overview/updates-resources.html#severity">심ê°ë„ í‰ê°€</a>는 개발 목ì 으로 í”Œëž«í¼ ë° ì„œë¹„ìŠ¤ 완화가 사용 중지ë˜ì–´ 있거나 우회ë˜ëŠ” 경우 취약성 악용으로 ì¸í•´ ëŒ€ìƒ ê¸°ê¸°ê°€ ë°›ì„ ìˆ˜ 있는 ì˜í–¥ì„ @@ -70,8 +70,9 @@ Nexus ê¸°ê¸°ì˜ ë³´ì•ˆ ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌ì <li>Android í”Œëž«í¼ ìµœì‹ ë²„ì „ì˜ í–¥ìƒëœ 기능으로 Androidì˜ ì—¬ëŸ¬ ë¬¸ì œë¥¼ 악용하기 ë”ìš± ì–´ë ¤ì›Œì¡ŒìŠµë‹ˆë‹¤. 가능하다면 ëª¨ë“ ì‚¬ìš©ìžëŠ” ìµœì‹ ë²„ì „ì˜ Androidë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</li> - <li>Android 보안팀ì—서는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì´ -설치ë ë•Œ ê²½ê³ ë¥¼ 보내는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf">앱 ì¸ì¦ ë° SafetyNet</a>ì„ ì‚¬ìš©í•˜ì—¬ + <li>Android 보안팀ì—서는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì— ê´€í•´ + +사용ìžì—게 ê²½ê³ ë¥¼ 보내는 <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf">앱 ì¸ì¦ ë° SafetyNet</a>ì„ ì‚¬ìš©í•˜ì—¬ 악용사례를 ì ê·¹ì 으로 모니터ë§í•©ë‹ˆë‹¤. 앱 ì¸ì¦ì€ <a href="http://www.android.com/gms">Google ëª¨ë°”ì¼ ì„œë¹„ìŠ¤</a>ê°€ ì ìš©ëœ ê¸°ê¸°ì— ê¸°ë³¸ì 으로 사용 ì„¤ì •ë˜ì–´ 있으며, Google Play 외부ì—ì„œ ê°€ì ¸ì˜¨ ì• í”Œë¦¬ì¼€ì´ì…˜ì„ 설치하는 사용ìžì—게 특히 중요합니다. Google @@ -81,7 +82,7 @@ Nexus ê¸°ê¸°ì˜ ë³´ì•ˆ ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌ì 권한 승격 ì·¨ì•½ì„±ì„ ì•…ìš©í•˜ëŠ” 것으로 ì•Œë ¤ì§„ 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‹ë³„í•˜ê³ ì°¨ë‹¨í•©ë‹ˆë‹¤. ì´ëŸ¬í•œ ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì´ë¯¸ ì„¤ì¹˜ëœ ê²½ìš° 앱 ì¸ì¦ì—ì„œ 사용ìžì—게 ì´ë¥¼ ì•Œë¦¬ê³ ê°ì§€ëœ ì• í”Œë¦¬ì¼€ì´ì…˜ì„ ì‚ì œí•˜ë ¤ê³ ì‹œë„합니다.</li> - <li>가능한 경우 Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— + <li>Google 행아웃과 ë©”ì‹ ì € ì• í”Œë¦¬ì¼€ì´ì…˜ì€ 미디어 서버와 ê°™ì€ í”„ë¡œì„¸ìŠ¤ì— ë¯¸ë””ì–´ë¥¼ ìžë™ìœ¼ë¡œ ì „ë‹¬í•˜ì§€ 않습니다.</li> </ul> @@ -95,27 +96,25 @@ Nexus ê¸°ê¸°ì˜ ë³´ì•ˆ ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌ì CVE-2017-0576</li> <li>Project Zeroì˜ Gal Beniamini: CVE-2017-0571, CVE-2017-0570, CVE-2017-0572, CVE-2017-0569, CVE-2017-0561</li> - <li>Qihoo 360 Technology Co. Ltd. IceSword Labì˜ - Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a>: - CVE-2017-6426, CVE-2017-0581, CVE-2017-0329, CVE-2017-0332, - CVE-2017-0566</li> + <li>Qihoo 360 Technology Co. Ltd., IceSword Labì˜ Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf </a>: CVE-2017-6426, CVE-2017-0581, CVE-2017-0329, CVE-2017-0332, + CVE-2017-0566, CVE-2017-0573</li> <li>Qihoo 360 Technology Co. Ltd. Alpha Teamì˜ Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>): CVE-2017-0547</li> - <li>Qihoo 360 Technology Co. Ltd Alpha Teamì˜ Hao Chen, Guang Gong: - CVE-2017-6424, CVE-2017-0584, CVE-2017-0454, CVE-2017-0575, CVE-2017-0567</li> + <li>Qihoo 360 Technology Co. Ltd., Alpha Teamì˜ Hao Chen, Guang Gong: + CVE-2017-6424, CVE-2017-0584, CVE-2017-0454, CVE-2017-0574, CVE-2017-0575, CVE-2017-0567</li> <li>Ian Foster(<a href="https://twitter.com/lanrat">@lanrat</a>): CVE-2017-0554</li> <li>Trend Micro Inc.ì˜ Jack Tang: CVE-2017-0579</li> <li><a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a>ì˜ Jianjun Dai(<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>): CVE-2017-0559, CVE-2017-0541</li> <li>Qihoo 360 IceSword Labì˜ Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a>: CVE-2017-6425, CVE-2016-5346</li> - <li><a href="http://c0reteam.org">C0RE Team</a>ì˜ Lubo Zhang (<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>), - Qihoo 360 Technology Co. Ltd. + <li><a href="http://c0reteam.org">C0RE Team</a>ì˜ Lubo Zhang(<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>), + Qihoo 360 Technology Co. Ltd. IceSword Labì˜ Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>): CVE-2017-0564</li> <li>Googleì˜ <a href="mailto:salyzyn@android.com">Mark Salyzyn</a>: CVE-2017-0558</li> - <li>Tesla Product Security TeamíŒ€ì˜ + <li>Tesla Product Security Teamì˜ Mike Anderson(<a href="https://twitter.com/manderbot">@manderbot</a>), Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>) :CVE-2017-0327, CVE-2017-0328</li> <li>Alibaba Mobile Security Groupì˜ Peng Xiao, Chengming Yang, @@ -123,27 +122,24 @@ Nexus ê¸°ê¸°ì˜ ë³´ì•ˆ ì—…ë°ì´íŠ¸ê°€ 출시ë˜ì—ˆìŠµë‹ˆë‹¤. Google 기기 펌ì <li>Baidu X-Lab(百度安全实验室)ì˜ Pengfei Ding(ä¸é¹é£ž), Chenfu Bao(包沉浮), Lenx Wei(韦韬): CVE-2016-10236</li> <li>Tencent KeenLabì˜ Qidan He(何淇丹 - <a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) - :CVE-2017-0544, CVE-2016-10231, CVE-2017-0325</li> +: CVE-2017-0544, CVE-2017-0325</li> <li>HCL Technologies Aleph Researchì˜ Roee Hay(<a href="https://twitter.com/roeehay">@roeehay</a>): CVE-2017-0582, CVE-2017-0563</li> <li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0562, CVE-2017-0339</li> <li>TrendMicro Mobile Threat Research Teamì˜ - Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2017-0578</li> + Seven Shen(<a href="https://twitter.com/lingtongshen">@lingtongshen</a>): CVE-2016-10231, CVE-2017-0578, CVE-2017-0586</li> <li>Tim Becker: CVE-2017-0546</li> <li>Uma Sankar Pradhan(<a href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>): CVE-2017-0560</li> - <li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a>ì˜ - V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>): - CVE-2017-0555, CVE-2017-0538, CVE-2017-0539, CVE-2017-0540, CVE-2017-0557, + <li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile + Threat Response Team</a>ì˜ V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): + CVE-2017-0555, CVE-2017-0538, CVE-2017-0539, CVE-2017-0557, CVE-2017-0556</li> <li>Alibaba Inc.ì˜ Weichao Sun(<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2017-0549</li> <li>Qihoo 360 Technology Co. Ltd. Alpha Teamì˜ Wenlin Yang(<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>), - Guang Gong(<a href="https://twitter.com/oldfresher">@oldfresher</a>), Hao - Chen: CVE-2017-0580, CVE-2017-0577</li> - <li>Qihoo 360 Technology Co. Ltd. IceSword Labì˜ - Yonggang Guo(<a href="https://twitter.com/guoygang">@guoygang</a>): CVE-2017-0586</li> + Guang Gong(<a href="https://twitter.com/oldfresher">@oldfresher</a>), Hao Chen: CVE-2017-0580, CVE-2017-0577</li> <li>Qihoo 360 Technology Co. Ltd., Chengdu Security Response Centerì˜ <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>: CVE-2017-0548</li> <li>Googleì˜ Zubin Mithra: CVE-2017-0462</li> @@ -198,14 +194,6 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>2016ë…„ 12ì›” 23ì¼</td> </tr> <tr> - <td>CVE-2017-0540</td> - <td><a href="https://android.googlesource.com/platform/external/libhevc/+/01ca88bb6c5bdd44e071f8effebe12f1d7da9853">A-33966031</a></td> - <td>심ê°</td> - <td>모ë‘</td> - <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> - <td>2016ë…„ 12ì›” 29ì¼</td> - </tr> - <tr> <td>CVE-2017-0541</td> <td><a href="https://android.googlesource.com/platform/external/sonivox/+/56d153259cc3e16a6a0014199a2317dde333c978">A-34031018</a></td> <td>심ê°</td> @@ -798,7 +786,7 @@ Nexus Player</td> <td>2016ë…„ 10ì›” 9ì¼</td> </tr> </tbody></table> -<p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” +<p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -1034,7 +1022,7 @@ Nexus Player</td> <td>2016ë…„ 12ì›” 24ì¼</td> </tr> </tbody></table> -<p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì–´ 있지 않습니다. ì—…ë°ì´íŠ¸ëŠ” +<p>* ì´ ë¬¸ì œë¥¼ 해결하기 위한 패치는 공개ë˜ì§€ 않습니다. ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µë˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— @@ -1672,7 +1660,7 @@ QC-CR#1103158</a></td> <td>높ìŒ</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android One, Nexus Player</td> - <td>Google 사내용</td> + <td>2014ë…„ 10ì›” 24ì¼</td> </tr> </tbody></table> @@ -1730,7 +1718,7 @@ One, Nexus Player</td> <td>CVE-2014-3145</td> <td>A-34469585<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=314760e66c35c8ffa51b4c4ca6948d207e783079"> -업스트림 커ë„</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"> +Upstream kernel</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"> [2]</a></td> <td>높ìŒ</td> <td>Nexus 6, Nexus Player</td> @@ -2355,136 +2343,119 @@ Qualcomm AMSS 보안 게시íŒì„ 통해 ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. ê° ì·¨ì•½ì„±ì˜ </tr> <tr> <td>CVE-2014-9931</td> - <td>A-35445101**<br /> - QC-CR#612410</td> + <td>A-35445101**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2014-9932</td> - <td>A-35434683**<br /> - QC-CR#626734</td> + <td>A-35434683**</td> <td>심ê°</td> <td>Pixel, Pixel XL</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2014-9933</td> - <td>A-35442512<br /> - QC-CR#675463</td> + <td>A-35442512**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2014-9934</td> - <td>A-35439275**<br /> - QC-CR#658249</td> + <td>A-35439275**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2014-9935</td> - <td>A-35444951**<br /> - QC-CR#717626</td> + <td>A-35444951**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2014-9936</td> - <td>A-35442420**<br /> - QC-CR#727389</td> + <td>A-35442420**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2014-9937</td> - <td>A-35445102**<br /> - QC-CR#734095</td> + <td>A-35445102**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-8995</td> - <td>A-35445002**<br /> - QC-CR#733690</td> + <td>A-35445002**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-8996</td> - <td>A-35444658**<br /> - QC-CR#734698</td> + <td>A-35444658**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-8997</td> - <td>A-35432947**<br /> - QC-CR#734707</td> + <td>A-35432947**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-8998</td> - <td>A-35441175**<br /> - QC-CR#735337</td> + <td>A-35441175**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-8999</td> - <td>A-35445401**<br /> - QC-CR#736119</td> + <td>A-35445401**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-9000</td> - <td>A-35441076**<br /> - QC-CR#740632</td> + <td>A-35441076**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-9001</td> - <td>A-35445400**<br /> - QC-CR#736083</td> + <td>A-35445400**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-9002</td> - <td>A-35442421**<br /> - QC-CR#748428</td> + <td>A-35442421**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2015-9003</td> - <td>A-35440626**<br /> - QC-CR#749215</td> + <td>A-35440626**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> </tr> <tr> <td>CVE-2016-10242</td> - <td>A-35434643**<br /> - QC-CR#985139</td> + <td>A-35434643**</td> <td>심ê°</td> <td>ì—†ìŒ**</td> <td>Qualcomm 사내용</td> @@ -2520,8 +2491,7 @@ Qualcomm AMSS 보안 게시íŒì„ 통해 ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. ê° ì·¨ì•½ì„±ì˜ <p><strong>2. ì´ ê²Œì‹œíŒì— ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ ìžˆëŠ” ì´ìœ ê°€ 무엇ì¸ê°€ìš”?</strong></p> <p>ì´ ê²Œì‹œíŒì—서는 Android 파트너가 ëª¨ë“ Android 기기ì—ì„œ ìœ ì‚¬í•˜ê²Œ ë°œìƒí•˜ëŠ” -취약성 ë¬¸ì œì˜ ì¼ë¶€ë¥¼ ë”ìš± ë¹ ë¥´ê³ ìœ ì—°í•˜ê²Œ 해결하기 위한 ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ -í¬í•¨ë˜ì–´ 있습니다. Android 파트너는 ì´ ê²Œì‹œíŒì— ì–¸ê¸‰ëœ ë¬¸ì œë¥¼ ëª¨ë‘ ìˆ˜ì •í•˜ê³ +취약성 ë¬¸ì œì˜ ì¼ë¶€ë¥¼ ë”ìš± ë¹ ë¥´ê³ ìœ ì—°í•˜ê²Œ 해결하ë„ë¡ í•˜ê¸° 위해 ë‘ ê°€ì§€ 보안 패치 ìˆ˜ì¤€ì´ í¬í•¨ë˜ì–´ 있습니다. Android 파트너는 ì´ ê²Œì‹œíŒì— ì–¸ê¸‰ëœ ë¬¸ì œë¥¼ ëª¨ë‘ ìˆ˜ì •í•˜ê³ ìµœì‹ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì„ ì‚¬ìš©í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</p> <ul> <li>2017ë…„ 4ì›” 1ì¼ ë³´ì•ˆ 패치 ìˆ˜ì¤€ì„ ì‚¬ìš©í•˜ëŠ” 기기는 ì´ ë³´ì•ˆ 패치 수준과 @@ -2535,18 +2505,17 @@ Qualcomm AMSS 보안 게시íŒì„ 통해 ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. ê° ì·¨ì•½ì„±ì˜ <p><strong>3. ë¬¸ì œë³„ë¡œ ì˜í–¥ì„ 받는 Google 기기는 어떻게 ì•Œ 수 있나요?</strong></p> <p><a href="#2017-04-01-details">2017-04-01</a> ë° <a href="#2017-04-05-details">2017-04-05</a> -보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í…Œì´ë¸”ì˜ <em>ì—…ë°ì´íŠ¸ëœ Google +보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ì˜í–¥ì„ 받는 Google ê¸°ê¸°ì˜ ë²”ìœ„ê°€ ë¬¸ì œë³„ë¡œ ì—…ë°ì´íŠ¸ë˜ì–´ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤.</p> <ul> <li><strong>ëª¨ë“ Google 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Google 기기 ë° Pixel ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— '모ë‘'ë¼ê³ 표시ë©ë‹ˆë‹¤. '모ë‘'ì—는 다ìŒê³¼ ê°™ì€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">지ì›ë˜ëŠ” 기기</a>ê°€ - í¬í•¨ë©ë‹ˆë‹¤. Nexus 5X, Nexus 6, Nexus 6P, Nexus 7(2013), Nexus 9, - Android One, Nexus Player, Pixel C, Pixel, Pixel XL.</li> - <li><strong>ì¼ë¶€ Google 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 ê²ƒì´ - ì•„ë‹Œ 경우, ì˜í–¥ì„ 받는 Google 기기가 <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— - 표시ë©ë‹ˆë‹¤.</li> + í¬í•¨ë©ë‹ˆë‹¤. Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, + Nexus Player, Pixel C, Pixel, Pixel XL.</li> + <li><strong>ì¼ë¶€ Google 기기</strong>: ë¬¸ì œê°€ ì¼ë¶€ Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, +ì˜í–¥ì„ 받는 Google 기기가 <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— í‘œì‹œë©ë‹ˆë‹¤.</li> <li><strong>Google 기기 해당 ì—†ìŒ</strong>: ë¬¸ì œê°€ Android 7.0ì„ ì‹¤í–‰í•˜ëŠ” Google ê¸°ê¸°ì— ì˜í–¥ì„ 미치지 않는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— 'ì—†ìŒ'ì´ë¼ê³ 표시ë©ë‹ˆë‹¤. </li> @@ -2558,7 +2527,7 @@ Qualcomm AMSS 보안 게시íŒì„ 통해 ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. ê° ì·¨ì•½ì„±ì˜ <table> <tbody><tr> <th>ì ‘ë‘ì–´</th> - <th>참조 문서</th> + <th>참조</th> </tr> <tr> <td>A-</td> @@ -2586,6 +2555,9 @@ Qualcomm AMSS 보안 게시íŒì„ 통해 ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. ê° ì·¨ì•½ì„±ì˜ <ul> <li>2017ë…„ 4ì›” 3ì¼: 게시íŒì´ 게시ë¨</li> <li>2017ë…„ 4ì›” 5ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ AOSP ë§í¬ í¬í•¨ë¨</li> + <li>2017ë…„ 4ì›” 21ì¼: CVE-2016-10231, CVE-2017-0586ì˜ ì†ì„±ì´ ìˆ˜ì •ë¨</li> + <li>2017ë…„ 4ì›” 27ì¼: CVE-2017-0540ì´ ê²Œì‹œíŒì—ì„œ ì‚ì œë¨</li> + <li>2017ë…„ 8ì›” 17ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ 참조 번호가 ì—…ë°ì´íŠ¸ë¨</li> </ul> </body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2017-05-01.html b/ko/security/bulletin/2017-05-01.html index 3bfb2f80..f05f9d19 100644 --- a/ko/security/bulletin/2017-05-01.html +++ b/ko/security/bulletin/2017-05-01.html @@ -20,7 +20,7 @@ limitations under the License. --> -<p><em>2017ë…„ 5ì›” 1ì¼ì— ê²Œì‹œë¨ | 2017ë…„ 8ì›” 17ì¼ì— ì—…ë°ì´íŠ¸ë¨</em></p> +<p><em>2017ë…„ 5ì›” 1ì¼ ê²Œì‹œë¨ | 2017ë…„ 10ì›” 3ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> <p>Android 보안 게시íŒì—서는 Android ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 보안 취약성 ì„¸ë¶€ì •ë³´ë¥¼ 다룹니다. 게시íŒê³¼ 함께 ë¬´ì„ (OTA) ì—…ë°ì´íŠ¸ë¥¼ 통해 @@ -887,40 +887,6 @@ QC-CR#826589</a></td> <p>* 지ì›ë˜ëŠ” Android 7.1.1 ì´ìƒ Google ê¸°ê¸°ì— ì œê³µëœ ì—…ë°ì´íŠ¸ê°€ ëª¨ë‘ ì„¤ì¹˜ë˜ì—ˆë‹¤ë©´ ì´ëŸ¬í•œ ì·¨ì•½ì„±ì˜ ì˜í–¥ì„ 받지 않습니다.</p> -<h3 id="eop-in-kernel-trace-subsystem">ì»¤ë„ ì¶”ì 하위 ì‹œìŠ¤í…œì˜ -권한 승격 취약성</h3> - -<p>ì»¤ë„ ì¶”ì 하위 ì‹œìŠ¤í…œì˜ ê¶Œí•œ 승격 취약성으로 ì¸í•´ -로컬 악성 ì• í”Œë¦¬ì¼€ì´ì…˜ì´ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ ìž„ì˜ì˜ 코드를 -ì‹¤í–‰í• ìˆ˜ 있습니다. ì´ ë¬¸ì œëŠ” ì˜êµ¬ì ì¸ -로컬 기기 ì†ìƒì„ ì¼ìœ¼í‚¬ ê°€ëŠ¥ì„±ì´ ìžˆìœ¼ë¯€ë¡œ 심ê°ë„ 심ê°ìœ¼ë¡œ í‰ê°€ë˜ë©°, -기기를 ìˆ˜ë¦¬í•˜ë ¤ë©´ ìš´ì˜ì²´ì œë¥¼ 재설치해야 í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤.</p> - -<table> - <colgroup><col width="19%" /> - <col width="20%" /> - <col width="10%" /> - <col width="23%" /> - <col width="17%" /> - </colgroup><tbody><tr> - <th>CVE</th> - <th>참조</th> - <th>심ê°ë„</th> - <th>ì—…ë°ì´íŠ¸ëœ Google 기기</th> - <th>ì‹ ê³ ëœ ë‚ ì§œ</th> - </tr> - <tr> - <td>CVE-2017-0605</td> - <td>A-35399704<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> -QC-CR#1048480</a></td> - <td>심ê°</td> - <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android -One, Nexus Player</td> - <td>2017ë…„ 2ì›” 15ì¼</td> - </tr> -</tbody></table> - <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm êµ¬ì„±ìš”ì†Œì˜ ì·¨ì•½ì„±</h3> @@ -2869,8 +2835,9 @@ Qualcomm AMSS 보안 게시íŒì„ 통해 ë°°í¬ë˜ì—ˆìŠµë‹ˆë‹¤. ê° ì·¨ì•½ì„±ì˜ <p><a href="#2017-05-01-details">2017-05-01</a> ë° <a href="#2017-05-05-details">2017-05-05</a> -보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> -ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ì˜í–¥ì„ 받는 Google ê¸°ê¸°ì˜ ë²”ìœ„ê°€ ë¬¸ì œë³„ë¡œ ì—…ë°ì´íŠ¸ë˜ì–´ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤.</p> +보안 취약성 ì„¸ë¶€ì •ë³´ ì„¹ì…˜ì— ìžˆëŠ” ê° í…Œì´ë¸”ì˜ +<em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì„ í™•ì¸í•˜ë©´ ë©ë‹ˆë‹¤. ì´ ì—´ì—는 ê° ë¬¸ì œì™€ ê´€ë ¨í•´ ì—…ë°ì´íŠ¸ëœ +ì˜í–¥ 받는 Google ê¸°ê¸°ì˜ ë²”ìœ„ê°€ 표시ë©ë‹ˆë‹¤. ì´ ì—´ì—는 다ìŒê³¼ ê°™ì€ ì˜µì…˜ì´ ìžˆìŠµë‹ˆë‹¤.</p> <ul> <li><strong>ëª¨ë“ Google 기기</strong>: ë¬¸ì œê°€ ëª¨ë“ Google 기기 ë° Pixel ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 경우, í‘œì˜ <em>ì—…ë°ì´íŠ¸ëœ Google 기기</em> ì—´ì— @@ -2922,6 +2889,7 @@ Pixel C, Pixel, Pixel XL.</li> <li>2017ë…„ 5ì›” 2ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ AOSP ë§í¬ í¬í•¨ë¨</li> <li>2017ë…„ 8ì›” 10ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ CVE-2017-0493ì˜ ì¶”ê°€ AOSP ë§í¬ í¬í•¨ë¨</li> <li>2017ë…„ 8ì›” 17ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ 참조 번호가 ì—…ë°ì´íŠ¸ë¨</li> +<li>2017ë…„ 10ì›” 3ì¼: 게시íŒì´ ìˆ˜ì •ë˜ì–´ CVE-2017-0605ê°€ ì‚ì œë¨</li> </ul> </body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2017-06-01.html b/ko/security/bulletin/2017-06-01.html index 5344dcdc..99e43206 100644 --- a/ko/security/bulletin/2017-06-01.html +++ b/ko/security/bulletin/2017-06-01.html @@ -1,5 +1,5 @@ <html devsite><head> - <title>Android 보안 ê²Œì‹œíŒ â€” 2017ë…„ 6ì›”</title> + <title>Android 보안 게시íŒâ€”2017ë…„ 6ì›”</title> <meta name="project_path" value="/_project.yaml"/> <meta name="book_path" value="/_book.yaml"/> </head> @@ -19,7 +19,7 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>2017ë…„ 6ì›” 5ì¼ ê²Œì‹œë¨ | 2017ë…„ 6ì›” 7ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> +<p><em>2017ë…„ 6ì›” 5ì¼ ê²Œì‹œë¨ | 2017ë…„ 8ì›” 17ì¼ ì—…ë°ì´íŠ¸ë¨</em></p> <p>Android 보안 게시íŒì—서는 Android ê¸°ê¸°ì— ì˜í–¥ì„ 미치는 보안 취약성 ì„¸ë¶€ì •ë³´ë¥¼ 다룹니다. 아래 목ë¡ì˜ ë¬¸ì œëŠ” 2017ë…„ 6ì›” 5ì¼ @@ -41,14 +41,14 @@ Android 오픈소스 프로ì 트(AOSP) ì €ìž¥ì†Œì— ë°°í¬ë˜ê³ ì´ ê²Œì‹œíŒì <p>ì‹¤ì œ ê³ ê°ì´ 새로 ë³´ê³ ëœ ì´ëŸ¬í•œ ë¬¸ì œë¡œ ì¸í•´ 악용당했다는 ì‹ ê³ ëŠ” ì ‘ìˆ˜ë˜ì§€ 않았습니다. Android 플랫í¼ì˜ ë³´ì•ˆì„ ê°œì„ í•˜ëŠ” <a href="/security/enhancements/index.html">Android 보안 í”Œëž«í¼ ë³´í˜¸</a> ë° -<a href="https://www.android.com/play-protect">Google Play Protect</a> ê´€ë ¨ ì„¸ë¶€ì •ë³´ë¥¼ -ë³´ë ¤ë©´ <a href="#mitigations">Android ë° Google Play Protect 완화</a> +<a href="https://www.android.com/play-protect">Google Play 프로í…트</a> ê´€ë ¨ ì„¸ë¶€ì •ë³´ë¥¼ +ë³´ë ¤ë©´ <a href="#mitigations">Android ë° Google Play 프로í…트 완화</a> ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> <p>ëª¨ë“ ê³ ê°ì€ 기기ì—ì„œ ì´ ì—…ë°ì´íŠ¸ë¥¼ 수ë½í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</p> -<p class="note"><strong>ì°¸ê³ :</strong> ìµœì‹ ë¬´ì„ ì—…ë°ì´íŠ¸(OTA) ê´€ë ¨ ì •ë³´ ë° -Google ê¸°ê¸°ì˜ íŽŒì›¨ì–´ ì´ë¯¸ì§€ëŠ” <a href="#google-device-updates">Google 기기 ì—…ë°ì´íŠ¸</a> ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> +<p class="note"><strong>ì°¸ê³ :</strong> Google ê¸°ê¸°ì˜ ìµœì‹ ë¬´ì„ ì—…ë°ì´íŠ¸(OTA) ë° íŽŒì›¨ì–´ ì´ë¯¸ì§€ +ê´€ë ¨ ì •ë³´ëŠ” <a href="#google-device-updates">Google 기기 ì—…ë°ì´íŠ¸</a> ì„¹ì…˜ì„ ì°¸ì¡°í•˜ì„¸ìš”.</p> <h2 id="announcements">공지사í•</h2> <ul> @@ -73,8 +73,8 @@ Google ê¸°ê¸°ì˜ íŽŒì›¨ì–´ ì´ë¯¸ì§€ëŠ” <a href="#google-device-updates">Google </li> </ul> -<h2 id="mitigations">Android ë° Google Play Protect 완화</h2> -<p>다ìŒì€ <a href="https://www.android.com/play-protect">Google Play Protect</a>와 ê°™ì€ <a href="/security/enhancements/index.html">Android 보안 플랫í¼</a> +<h2 id="mitigations">Android ë° Google Play 프로í…트 완화</h2> +<p>다ìŒì€ <a href="https://www.android.com/play-protect">Google Play 프로í…트</a>와 ê°™ì€ <a href="/security/enhancements/index.html">Android 보안 플랫í¼</a> ë° ì„œë¹„ìŠ¤ 보호 기능ì—ì„œ ì œê³µí•˜ëŠ” ì™„í™”ì— ê´€í•œ 요약입니다. ì´ëŸ¬í•œ ê¸°ëŠ¥ì„ í†µí•´ Androidì—ì„œ 보안 ì·¨ì•½ì„±ì´ @@ -83,10 +83,10 @@ Google ê¸°ê¸°ì˜ íŽŒì›¨ì–´ ì´ë¯¸ì§€ëŠ” <a href="#google-device-updates">Google <li>Android í”Œëž«í¼ ìµœì‹ ë²„ì „ì˜ í–¥ìƒëœ 기능으로 Androidì˜ ì—¬ëŸ¬ ë¬¸ì œë¥¼ 악용하기 ë”ìš± ì–´ë ¤ì›Œì¡ŒìŠµë‹ˆë‹¤. 가능하다면 ëª¨ë“ ì‚¬ìš©ìžëŠ” ìµœì‹ ë²„ì „ì˜ Androidë¡œ ì—…ë°ì´íŠ¸í•˜ëŠ” ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.</li> - <li>Android 보안팀ì—서는 <a href="https://www.android.com/play-protect">Google Play Protect</a>를 통해 + <li>Android 보안팀ì—서는 <a href="https://www.android.com/play-protect">Google Play 프로í…트</a>를 통해 악용사례를 ì ê·¹ 모니터ë§í•˜ê³ - <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">ìž ìž¬ì 으로 위험한 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì— ê´€í•´ - 사용ìžì—게 ê²½ê³ ë¥¼ 보냅니다. Google Play Protect는 <a href="http://www.android.com/gms">Google ëª¨ë°”ì¼ ì„œë¹„ìŠ¤</a>ê°€ ì ìš©ëœ + <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">ìœ í•´í• ìˆ˜ 있는 ì• í”Œë¦¬ì¼€ì´ì…˜</a>ì— ê´€í•´ + 사용ìžì—게 ê²½ê³ ë¥¼ 보냅니다. Google Play 프로í…트는 <a href="http://www.android.com/gms">Google ëª¨ë°”ì¼ ì„œë¹„ìŠ¤</a>ê°€ ì ìš©ëœ ê¸°ê¸°ì— ê¸°ë³¸ì 으로 사용 ì„¤ì •ë˜ì–´ 있으며 Google Play 외부ì—ì„œ ê°€ì ¸ì˜¨ ì•±ì„ ì„¤ì¹˜í•˜ëŠ” 사용ìžì—게 특히 중요합니다.</li> </ul> @@ -114,7 +114,7 @@ CVE, ê´€ë ¨ 참조, <a href="#vulnerability-type">취약성 ìœ í˜•</a>, <a href= </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „</th> </tr> @@ -154,7 +154,7 @@ CVE, ê´€ë ¨ 참조, <a href="#vulnerability-type">취약성 ìœ í˜•</a>, <a href= </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „</th> </tr> @@ -243,7 +243,7 @@ CVE, ê´€ë ¨ 참조, <a href="#vulnerability-type">취약성 ìœ í˜•</a>, <a href= </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „</th> </tr> @@ -311,7 +311,7 @@ CVE, ê´€ë ¨ 참조, <a href="#vulnerability-type">취약성 ìœ í˜•</a>, <a href= </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „</th> </tr> @@ -328,7 +328,7 @@ CVE, ê´€ë ¨ 참조, <a href="#vulnerability-type">취약성 ìœ í˜•</a>, <a href= ê° ë³´ì•ˆ ì·¨ì•½ì„±ì— ê´€í•´ ìžì„¸ížˆ 알아볼 수 있습니다. ì·¨ì•½ì„±ì€ ì˜í–¥ì„ 받는 구성요소 ì•„ëž˜ì— ë¶„ë¥˜ë˜ì–´ 있으며 CVE, ê´€ë ¨ 참조, <a href="#vulnerability-type">취약성 ìœ í˜•</a>, <a href="/security/overview/updates-resources.html#severity">심ê°ë„</a>, 구성요소(해당하는 경우), -ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우)와 ê°™ì€ +ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „(해당하는 경우)ê³¼ ê°™ì€ ì„¸ë¶€ì •ë³´ê°€ í¬í•¨ë˜ì–´ 있습니다. 가능한 경우 AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ 버그 IDì— ì—°ê²°í•©ë‹ˆë‹¤. í•˜ë‚˜ì˜ ë²„ê·¸ì™€ ê´€ë ¨ëœ ë³€ê²½ì‚¬í•ì´ 여러 ê°œì¸ ê²½ìš° 추가 @@ -347,7 +347,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>구성요소</th> </tr> @@ -379,7 +379,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>ì—…ë°ì´íŠ¸ëœ AOSP ë²„ì „</th> </tr> @@ -404,7 +404,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>구성요소</th> </tr> @@ -438,7 +438,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>구성요소</th> </tr> @@ -458,6 +458,14 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <td>보통</td> <td>사운드 ë“œë¼ì´ë²„</td> </tr> + <tr> + <td>CVE-2017-6249</td> + <td>A-34373711<a href="#asterisk">*</a><br /> + N-CVE-2017-6249</td> + <td>EoP</td> + <td>보통</td> + <td>사운드 ë“œë¼ì´ë²„</td> + </tr> </tbody></table> <h3 id="qualcomm-components">Qualcomm 구성요소</h3> <p>ì´ ì„¹ì…˜ì˜ ê°€ìž¥ 심ê°í•œ 취약성으로 ì¸í•´ ì¸ì ‘í•œ 공격ìžê°€ ì»¤ë„ ì»¨í…스트 ë‚´ì—ì„œ @@ -472,7 +480,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>구성요소</th> </tr> @@ -628,7 +636,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6a3b8afdf97e77c0b64005b23fa6d32025d922e5">QC-CR#2009231</a></td> <td>EoP</td> <td>보통</td> - <td>Secure Execution Environment Communication ë“œë¼ì´ë²„</td> + <td>Secure Execution Environment Communicator ë“œë¼ì´ë²„</td> </tr> <tr> <td>CVE-2017-8239</td> @@ -668,7 +676,7 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>구성요소</th> </tr> @@ -696,416 +704,363 @@ AOSP ë³€ê²½ì‚¬í• ëª©ë¡ê³¼ ê°™ì´ ë¬¸ì œë¥¼ í•´ê²°í•œ 공개 변경사í•ì„ ë² </colgroup><tbody><tr> <th>CVE</th> <th>참조</th> - <th>형ì‹</th> + <th>ìœ í˜•</th> <th>심ê°ë„</th> <th>구성요소</th> </tr> <tr> <td>CVE-2014-9960</td> - <td>A-37280308<a href="#asterisk">*</a><br /> - QC-CR#381837</td> + <td>A-37280308<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9961</td> - <td>A-37279724<a href="#asterisk">*</a><br /> - QC-CR#581093</td> + <td>A-37279724<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9953</td> - <td>A-36714770<a href="#asterisk">*</a><br /> - QC-CR#642173</td> + <td>A-36714770<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9967</td> - <td>A-37281466<a href="#asterisk">*</a><br /> - QC-CR#739110</td> + <td>A-37281466<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9026</td> - <td>A-37277231<a href="#asterisk">*</a><br /> - QC-CR#748397</td> + <td>A-37277231<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9027</td> - <td>A-37279124<a href="#asterisk">*</a><br /> - QC-CR#748407</td> + <td>A-37279124<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9008</td> - <td>A-36384689<a href="#asterisk">*</a><br /> - QC-CR#762111</td> + <td>A-36384689<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9009</td> - <td>A-36393600<a href="#asterisk">*</a><br /> - QC-CR#762182</td> + <td>A-36393600<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9010</td> - <td>A-36393101<a href="#asterisk">*</a><br /> - QC-CR#758752</td> + <td>A-36393101<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9011</td> - <td>A-36714882<a href="#asterisk">*</a><br /> - QC-CR#762167</td> + <td>A-36714882<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9024</td> - <td>A-37265657<a href="#asterisk">*</a><br /> - QC-CR#740680</td> + <td>A-37265657<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9012</td> - <td>A-36384691<a href="#asterisk">*</a><br /> - QC-CR#746617</td> + <td>A-36384691<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9013</td> - <td>A-36393251<a href="#asterisk">*</a><br /> - QC-CR#814373</td> + <td>A-36393251<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9014</td> - <td>A-36393750<a href="#asterisk">*</a><br /> - QC-CR#855220</td> + <td>A-36393750<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9015</td> - <td>A-36714120<a href="#asterisk">*</a><br /> - QC-CR#701858</td> + <td>A-36714120<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9029</td> - <td>A-37276981<a href="#asterisk">*</a><br /> - QC-CR#827837</td> + <td>A-37276981<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10338</td> - <td>A-37277738<a href="#asterisk">*</a><br /> - QC-CR#987699</td> + <td>A-37277738<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10336</td> - <td>A-37278436<a href="#asterisk">*</a><br /> - QC-CR#973605</td> + <td>A-37278436<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10333</td> - <td>A-37280574<a href="#asterisk">*</a><br /> - QC-CR#947438</td> + <td>A-37280574<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10341</td> - <td>A-37281667<a href="#asterisk">*</a><br /> - QC-CR#991476</td> + <td>A-37281667<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10335</td> - <td>A-37282802<a href="#asterisk">*</a><br /> - QC-CR#961142</td> + <td>A-37282802<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10340</td> - <td>A-37280614<a href="#asterisk">*</a><br /> - QC-CR#989028</td> + <td>A-37280614<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10334</td> - <td>A-37280664<a href="#asterisk">*</a><br /> - QC-CR#949933</td> + <td>A-37280664<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10339</td> - <td>A-37280575<a href="#asterisk">*</a><br /> - QC-CR#988502</td> + <td>A-37280575<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10298</td> - <td>A-36393252<a href="#asterisk">*</a><br /> - QC-CR#1020465</td> + <td>A-36393252<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10299</td> - <td>A-32577244<a href="#asterisk">*</a><br /> - QC-CR#1058511</td> + <td>A-32577244<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>심ê°</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9954</td> - <td>A-36388559<a href="#asterisk">*</a><br /> - QC-CR#552880</td> + <td>A-36388559<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9955</td> - <td>A-36384686<a href="#asterisk">*</a><br /> - QC-CR#622701</td> + <td>A-36384686<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9956</td> - <td>A-36389611<a href="#asterisk">*</a><br /> - QC-CR#638127</td> + <td>A-36389611<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9957</td> - <td>A-36387564<a href="#asterisk">*</a><br /> - QC-CR#638984</td> + <td>A-36387564<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9958</td> - <td>A-36384774<a href="#asterisk">*</a><br /> - QC-CR#638135</td> + <td>A-36384774<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9962</td> - <td>A-37275888<a href="#asterisk">*</a><br /> - QC-CR#656267</td> + <td>A-37275888<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9963</td> - <td>A-37276741<a href="#asterisk">*</a><br /> - QC-CR#657771</td> + <td>A-37276741<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9959</td> - <td>A-36383694<a href="#asterisk">*</a><br /> - QC-CR#651900</td> + <td>A-36383694<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9964</td> - <td>A-37280321<a href="#asterisk">*</a><br /> - QC-CR#680778</td> + <td>A-37280321<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9965</td> - <td>A-37278233<a href="#asterisk">*</a><br /> - QC-CR#711585</td> + <td>A-37278233<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2014-9966</td> - <td>A-37282854<a href="#asterisk">*</a><br /> - QC-CR#727398</td> + <td>A-37282854<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9023</td> - <td>A-37276138<a href="#asterisk">*</a><br /> - QC-CR#739802</td> + <td>A-37276138<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9020</td> - <td>A-37276742<a href="#asterisk">*</a><br /> - QC-CR#733455</td> + <td>A-37276742<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9021</td> - <td>A-37276743<a href="#asterisk">*</a><br /> - QC-CR#735148</td> + <td>A-37276743<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9025</td> - <td>A-37276744<a href="#asterisk">*</a><br /> - QC-CR#743985</td> + <td>A-37276744<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9022</td> - <td>A-37280226<a href="#asterisk">*</a><br /> - QC-CR#736146</td> + <td>A-37280226<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9028</td> - <td>A-37277982<a href="#asterisk">*</a><br /> - QC-CR#762764</td> + <td>A-37277982<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9031</td> - <td>A-37275889<a href="#asterisk">*</a><br /> - QC-CR#866015</td> + <td>A-37275889<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9032</td> - <td>A-37279125<a href="#asterisk">*</a><br /> - QC-CR#873202</td> + <td>A-37279125<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9033</td> - <td>A-37276139<a href="#asterisk">*</a><br /> - QC-CR#892541</td> + <td>A-37276139<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2015-9030</td> - <td>A-37282907<a href="#asterisk">*</a><br /> - QC-CR#854667</td> + <td>A-37282907<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10332</td> - <td>A-37282801<a href="#asterisk">*</a><br /> - QC-CR#906713<br /> - QC-CR#917701<br /> - QC-CR#917702</td> + <td>A-37282801<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10337</td> - <td>A-37280665<a href="#asterisk">*</a><br /> - QC-CR#977632</td> + <td>A-37280665<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> <tr> <td>CVE-2016-10342</td> - <td>A-37281763<a href="#asterisk">*</a><br /> - QC-CR#988941</td> + <td>A-37281763<a href="#asterisk">*</a></td> <td>해당 ì—†ìŒ</td> <td>높ìŒ</td> <td>비공개 소스 구성요소</td> </tr> </tbody></table> <h2 id="google-device-updates">Google 기기 ì—…ë°ì´íŠ¸</h2> -<p>ì´ í‘œì—는 ìµœì‹ ë¬´ì„ ì—…ë°ì´íŠ¸(OTA)ì˜ ë³´ì•ˆ 패치 수준 ë° Google ê¸°ê¸°ì˜ -펌웨어 ì´ë¯¸ì§€ê°€ í¬í•¨ë˜ì–´ 있습니다. The Google 기기 펌웨어 ì´ë¯¸ì§€ëŠ” +<p>ì´ í‘œì—는 Google ê¸°ê¸°ì˜ ìµœì‹ ë¬´ì„ ì—…ë°ì´íŠ¸(OTA) ë° íŽŒì›¨ì–´ ì´ë¯¸ì§€ì˜ 보안 패치 ìˆ˜ì¤€ì´ í¬í•¨ë˜ì–´ 있습니다. Google 기기 펌웨어 ì´ë¯¸ì§€ëŠ” <a href="https://developers.google.com/android/nexus/images">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ë°›ì„ ìˆ˜ 있습니다.</p> @@ -1166,7 +1121,7 @@ Bo Liu</td> </tr> <tr> <td>CVE-2017-0649</td> - <td>Qihoo 360 Technology Co. Ltd. IceSword Labì˜ + <td>Qihoo 360 Technology Co. Ltd., IceSword Labì˜ Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a></td> </tr> <tr> @@ -1339,7 +1294,8 @@ Xuxian Jiang</td> <p id="asterisk"><strong>5. <em>참조</em> ì—´ì—ì„œ Android 버그 ID ì˜†ì— ìžˆëŠ” <a href="#asterisk">*</a> 표시는 ë¬´ì—‡ì„ ì˜ë¯¸í•˜ë‚˜ìš”?</strong></p> -<p>공개ë˜ì§€ ì•Šì€ ë¬¸ì œëŠ” <em>참조</em> ì—´ì˜ Android 버그 ID ì˜†ì— <a href="#asterisk">*</a> 표시가 있습니다. ì¼ë°˜ì 으로 해당 ë¬¸ì œì˜ ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ +<p>공개ë˜ì§€ ì•Šì€ ë¬¸ì œëŠ” <em>참조</em> ì—´ì˜ Android 버그 ID ì˜†ì— <a href="#asterisk">*</a> 표시가 +있습니다. ì¼ë°˜ì 으로 해당 ë¬¸ì œì˜ ì—…ë°ì´íŠ¸ëŠ” <a href="https://developers.google.com/android/nexus/drivers">Google ê°œë°œìž ì‚¬ì´íŠ¸</a>ì—ì„œ ì œê³µí•˜ëŠ” Nexus 기기용 ìµœì‹ ë°”ì´ë„ˆë¦¬ ë“œë¼ì´ë²„ì— í¬í•¨ë˜ì–´ 있습니다.</p> <h2 id="versions">ë²„ì „</h2> @@ -1362,6 +1318,16 @@ Xuxian Jiang</td> <td>2017ë…„ 6ì›” 7ì¼</td> <td>게시íŒì´ ìˆ˜ì •ë˜ì–´ AOSP ë§í¬ í¬í•¨ë¨</td> </tr> + <tr> + <td>1.2</td> + <td>2017ë…„ 7ì›” 11ì¼</td> + <td>게시íŒì´ ìˆ˜ì •ë˜ì–´ CVE-2017-6249ê°€ í¬í•¨ë¨</td> + </tr> + <tr> + <td>1.3</td> + <td>2017ë…„ 8ì›” 17ì¼</td> + <td>게시íŒì´ ìˆ˜ì •ë˜ì–´ 참조 번호가 ì—…ë°ì´íŠ¸ë¨</td> + </tr> </tbody></table> </body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2016-04-02.html b/ru/security/bulletin/2016-04-02.html index f9f1565f..7bcc3add 100644 --- a/ru/security/bulletin/2016-04-02.html +++ b/ru/security/bulletin/2016-04-02.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Бюллетень по безопаÑноÑти Nexus – апрель 2016 г.</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,208 +20,31 @@ limitations under the License. --> +<p><em>Опубликовано 4Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г. | Обновлено 19Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</em></p> - - - -<p><em>Опубликовано 4Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г. | Обновлено 6Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</em></p> -<p>К выходу ежемеÑÑчного Ð±ÑŽÐ»Ð»ÐµÑ‚ÐµÐ½Ñ Ð¾ безопаÑноÑти Android мы выпуÑтили -автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти Ð´Ð»Ñ ÑƒÑтройÑтв Nexus +<p>К выходу ежемеÑÑчного Ð±ÑŽÐ»Ð»ÐµÑ‚ÐµÐ½Ñ Ð¿Ð¾ безопаÑноÑти Android мы выпуÑтили автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти Ð´Ð»Ñ ÑƒÑтройÑтв Nexus и опубликовали образы прошивок Nexus на <a href="https://developers.google.com/android/nexus/images">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. ПеречиÑленные проблемы уÑтранены в иÑправлении от 2Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года или более новом. О том, как узнать дату поÑледнего Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, раÑÑказываетÑÑ Ð² <a href="https://support.google.com/nexus/answer/4457705">документации Nexus</a>.</p> -<p>Мы Ñообщили партнерам об уÑзвимоÑÑ‚ÑÑ… 16 марта 2016 года или ранее. - ИÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼ загружены в хранилище + +<p>Мы Ñообщили партнерам об уÑзвимоÑÑ‚ÑÑ… 16 марта 2016 года или ранее. ИÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼ загружены в хранилище Android Open Source Project (AOSP).</p> -<p>Ðаиболее ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· уÑзвимоÑтей имеет критичеÑкий уровень и позволÑет -удаленно выполнÑÑ‚ÑŒ код на пораженном уÑтройÑтве (например, при работе -Ñ Ñлектронной почтой, проÑмотре Ñайтов в Интернете или обработке -медиафайлов MMS).</p> -<p>Узнать больше об иÑпользовании рутинг-приложением уÑзвимоÑти <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> -можно в <a href="/security/advisory/2016-03-18.html">Примечании по безопаÑноÑти Android от 18 марта 2016 г.</a> Ð’ Ñтом + +<p>Ðаиболее ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· уÑзвимоÑтей имеет критичеÑкий уровень и позволÑет удаленно выполнÑÑ‚ÑŒ код на пораженном уÑтройÑтве (например, при работе Ñ Ñлектронной почтой, проÑмотре Ñайтов в Интернете или обработке медиафайлов MMS). <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны.</p> + +<p>Узнать больше о том, как уÑзвимоÑÑ‚ÑŒ <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> иÑпользуетÑÑ Ñ€ÑƒÑ‚Ð¸Ð½Ð³-приложением, можно из <a href="/security/advisory/2016-03-18.html">ÐŸÑ€Ð¸Ð¼ÐµÑ‡Ð°Ð½Ð¸Ñ Ð¿Ð¾ безопаÑноÑти Android от 18 марта 2016 г.</a> Ð’ Ñтом обновлении она <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805"></a>уÑтранена. -Обнаруженные уÑзвимоÑти не ÑкÑплуатировалиÑÑŒ. - Ð’ разделе <a href="#mitigations">Предотвращение атак</a> раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> -и ÑредÑтва защиты ÑервиÑов, например SafetyNet, помогают Ñнизить -вероÑтноÑÑ‚ÑŒ атак на Android.</p> -<h2 id="security_vulnerability_summary">Перечень уÑзвимоÑтей</h2> -<p>Ð’ таблице ниже перечиÑлены уÑзвимоÑти, их идентификаторы (CVE) и уровни -ÑерьезноÑти. Уровень <a href="/security/overview/updates-resources.html#severity">завиÑит</a> от того, какой ущерб будет нанеÑен уÑтройÑтву -при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены -разработчиком или взломаны.</p> -<table> -<tr> -<th>УÑзвимоÑÑ‚ÑŒ</th> -<th>CVE</th> -<th>Уровень ÑерьезноÑти</th> -</tr> -<tr> -<td>Удаленное выполнение кода через dhcpcd</td> -<td>CVE-2016-1503<br/> - CVE-2014-6060</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Удаленное выполнение кода через медиакодек</td> -<td>CVE-2016-0834</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Удаленное выполнение кода через mediaserver</td> -<td>CVE-2016-0835<br/> - CVE-2016-0836<br/> - CVE-2016-0837<br/> - CVE-2016-0838<br/> - CVE-2016-0839<br/> - CVE-2016-0840<br/> - CVE-2016-0841</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Удаленное выполнение кода через libstagefright</td> -<td>CVE-2016-0842</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Повышение привилегий через Ñдро</td> -<td>CVE-2015-1805</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Повышение привилегий через модуль<br/> - производительноÑти процеÑÑора Qualcomm</td> -<td>CVE-2016-0843</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Повышение привилегий через RF-компонент процеÑÑора Qualcomm</td> -<td>CVE-2016-0844</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Повышение привилегий через Ñдро</td> -<td>CVE-2014-9322</td> -<td>КритичеÑкий</td> -</tr> -<tr> -<td>Повышение привилегий через IMemory Native Interface</td> -<td>CVE-2016-0846</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через компонент Telecom</td> -<td>CVE-2016-0847</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через диÑпетчер загрузки</td> -<td>CVE-2016-0848</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий во Ð²Ñ€ÐµÐ¼Ñ Ð¿Ñ€Ð¾Ñ†ÐµÑÑа воÑÑтановлениÑ</td> -<td>CVE-2016-0849</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через Bluetooth</td> -<td>CVE-2016-0850</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через драйвер виброотклика Texas Instruments</td> -<td>CVE-2016-2409</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через видеодрайвер Ñдра Qualcomm</td> -<td>CVE-2016-2410</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через<br/> -компонент ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ð¸Ñ‚Ð°Ð½Ð¸ÐµÐ¼ Qualcomm</td> -<td>CVE-2016-2411</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через system_server</td> -<td>CVE-2016-2412</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через mediaserver</td> -<td>CVE-2016-2413</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Отказ в обÑлуживании в Minikin</td> -<td>CVE-2016-2414</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>РаÑкрытие информации через Exchange ActiveSync</td> -<td>CVE-2016-2415</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>РаÑкрытие информации через mediaserver</td> -<td>CVE-2016-2416<br/> - CVE-2016-2417<br/> - CVE-2016-2418<br/> - CVE-2016-2419</td> -<td>Ð’Ñ‹Ñокий</td> -</tr> -<tr> -<td>Повышение привилегий через компонент Debuggerd</td> -<td>CVE-2016-2420</td> -<td>Средний</td> -</tr> -<tr> -<td>Повышение привилегий через маÑтер наÑтройки</td> -<td>CVE-2016-2421</td> -<td>Средний</td> -</tr> -<tr> -<td>Повышение привилегий через Wi-Fi</td> -<td>CVE-2016-2422</td> -<td>Средний</td> -</tr> -<tr> -<td>Повышение привилегий через телефонную ÑвÑзь</td> -<td>CVE-2016-2423</td> -<td>Средний</td> -</tr> -<tr> -<td>Отказ в обÑлуживании в SyncStorageEngine</td> -<td>CVE-2016-2424</td> -<td>Средний</td> -</tr> -<tr> -<td>РаÑкрытие информации через почтовый клиент AOSP</td> -<td>CVE-2016-2425</td> -<td>Средний</td> -</tr> -<tr> -<td>РаÑкрытие информации через Framework</td> -<td>CVE-2016-2426</td> -<td>Средний</td> -</tr> -<tr> -<td>РаÑкрытие информации через Bouncy Castle</td> -<td>CVE-2016-2427</td> -<td>Средний</td> -</tr> -</table> +У Ð½Ð°Ñ Ð½ÐµÑ‚ информации о том, что обнаруженные уÑзвимоÑти ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например SafetyNet, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> + <h2 id="mitigations">Предотвращение атак</h2> -<p>Ðиже раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, -например SafetyNet, позволÑÑŽÑ‚ Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> + +<p>Ðиже раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например SafetyNet, позволÑÑŽÑ‚ Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> + <ul> -<li> ИÑпользование многих уÑзвимоÑтей затруднÑетÑÑ Ð² новых верÑиÑÑ… Android, - поÑтому мы рекомендуем вÑем пользователÑм Ñвоевременно обновлÑÑ‚ÑŒ ÑиÑтему. + <li> Ð’ новых верÑиÑÑ… Android иÑпользование многих уÑзвимоÑтей затруднÑетÑÑ, поÑтому мы рекомендуем вÑем пользователÑм Ñвоевременно обновлÑÑ‚ÑŒ ÑиÑтему. </li><li> Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Проверки приложений и SafetyNet. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке потенциально @@ -237,442 +59,440 @@ Android Open Source Project (AOSP).</p> </li><li> ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким процеÑÑам, как mediaserver, автоматичеÑки. </li></ul> + <h2 id="acknowledgements">БлагодарноÑти</h2> + <p>Благодарим вÑех, кто помог обнаружить уÑзвимоÑти:</p> + <ul> -<li> Ðбхишек ÐрьÑ, Оливер Чен и Мартин Барбелла из команды + <li> Ðбхишек ÐрьÑ, Оливер Чен и Мартин Барбелла из команды безопаÑноÑти Google Chrome: CVE-2016-0834, CVE-2016-0841, CVE-2016-0840, CVE-2016-0839, CVE-2016-0838 </li><li> ÐнеÑÑ‚Ð¸Ñ Ð‘ÐµÑ…Ñ‚ÑÑƒÐ´Ð¸Ñ (<a href="https://twitter.com/anestisb">@anestisb</a>) из CENSUS S.A.: CVE-2016-0842, CVE-2016-0836, CVE-2016-0835 </li><li> БрÑд Ðбингер и Ð¡Ð°Ð½Ñ‚Ð¾Ñ ÐšÐ¾Ñ€Ð´Ð¾Ð½ из команды Google Telecom: CVE-2016-0847 </li><li> Доминик Шурманн из <a href="https://www.ibr.cs.tu-bs.de">ИнÑтитута операционных ÑиÑтем и компьютерных Ñетей</a>, БрауншвейгÑкий техничеÑкий универÑитет: CVE-2016-2425 - </li><li> ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), -<a href="http://weibo.com/jfpan">pjf</a> и ЦзÑньцÑн Чжао -(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) из IceSword Lab, -Qihoo 360: CVE-2016-0844 - </li><li> <a href="mailto:gpiskas@gmail.com">Джордж ПиÑкаÑ</a> из -<a href="https://www.epfl.ch">Федеральной политехничеÑкой школы Лозанны</a>: CVE-2016-2426 - </li><li> Гуан Гун (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>) -из <a href="http://www.360.com/">Qihoo 360 Technology Co.Ltd</a>: CVE-2016-2412, CVE-2016-2416 + </li><li> ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a> и ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) из IceSword Lab, Qihoo 360: CVE-2016-0844 + </li><li> <a href="mailto:gpiskas@gmail.com">Джордж ПиÑкаÑ</a> из <a href="https://www.epfl.ch">Федеральной политехничеÑкой школы Лозанны</a>: CVE-2016-2426 + </li><li> Гуан Гун (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>) из <a href="http://www.360.com/">Qihoo 360 Technology Co. Ltd</a>: CVE-2016-2412, CVE-2016-2416 </li><li> Ð”Ð¶ÐµÐ¹Ð¼Ñ Ð¤Ð¾Ñ€ÑˆÐ¾Ñƒ из Google Project Zero: CVE-2016-2417, CVE-2016-0846 - </li><li> ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), -<a href="http://weibo.com/jfpan">pjf</a> и ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь -(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) из IceSword Lab, -Qihoo 360: CVE-2016-2410, CVE-2016-2411 - </li><li> ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) -и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360: CVE-2016-2409 + </li><li> ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>), <a href="http://weibo.com/jfpan">pjf</a> и ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) из IceSword Lab, Qihoo 360: CVE-2016-2410, CVE-2016-2411 + </li><li> ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360: CVE-2016-2409 </li><li> ÐÑнÑи Ван из Vertu Ltd.: CVE-2016-0837 </li><li> <a href="mailto:nasim@zamir.ca">ÐаÑим Замир</a>: CVE-2016-2409 </li><li> Ðико Голде (<a href="https://twitter.com/iamnion">@iamnion</a>) из Qualcomm Product Security Initiative: CVE-2016-2420, CVE-2016-0849 - </li><li> Питер Пи (<a href="https://twitter.com/heisecode">@heisecode</a>) -из Trend Micro: CVE-2016-2418, CVE-2016-2413, CVE-2016-2419 - </li><li> Куан Ðгуен из команды Google по безопаÑноÑти: CVE-2016-2427 + </li><li> Питер Пи (<a href="https://twitter.com/heisecode">@heisecode</a>) из Trend Micro: CVE-2016-2418, CVE-2016-2413, CVE-2016-2419 </li><li> Ричард Шупак: CVE-2016-2415 - </li><li> Роман Труве (<a href="https://twitter.com/bouuntyyy">@bouuntyyy)</a> из -<a href="https://labs.mwrinfosecurity.com/">MWR Labs</a>: CVE-2016-0850 + </li><li> Ромен Труве из <a href="https://labs.mwrinfosecurity.com/">MWR Labs</a>: CVE-2016-0850 </li><li> Стюарт ХендерÑон: CVE-2016-2422 </li><li> Вишват Мохан из команды безопаÑноÑти Android: CVE-2016-2424 </li><li> Ð’Ñйчао Сунь (<a href="https://twitter.com/sunblate">@sunblate</a>) из Alibaba Inc.: CVE-2016-2414 </li><li> Виш Ву (<a href="https://twitter.com/wish_wu">@wish_wu</a>) из Trend Micro Inc.: CVE-2016-0843 - </li><li> <a href="mailto:luc2yj@gmail.com">Йонцзун Ли</a> и -<a href="mailto:xw7@indiana.edu">СÑофÑн Ван</a> из ИндианÑкого универÑитета в Блумингтоне, -<a href="mailto:litongxin1991@gmail.com">ТунÑинь Ли</a> и -<a href="mailto:hanxinhui@pku.edu.cn">СиньхуÑй Хань</a> из ПекинÑкого универÑитета: CVE-2016-0848 + </li><li> <a href="mailto:luc2yj@gmail.com">Йонцзун Ли</a> и <a href="mailto:xw7@indiana.edu">СÑофÑн Ван</a> из ИндианÑкого универÑитета в Блумингтоне, <a href="mailto:litongxin1991@gmail.com">ТунÑинь Ли</a> и <a href="mailto:hanxinhui@pku.edu.cn">СиньхуÑй Хань</a> из ПекинÑкого универÑитета: CVE-2016-0848 </li></ul> -<p>Команда безопаÑноÑти Android также благодарит тех, кто предоÑтавил -информацию об уÑзвимоÑти CVE-2015-1805: -<a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, -<a href="mailto:vancouverdou@gmail.com">Ð’ÐµÐ½ÑŒÐºÑ Ð”Ð¾Ñƒ</a>, -Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) -и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a> -и <a href="https://www.zimperium.com/">Zimperium</a>.</p> + +<p>Команда безопаÑноÑти Android также благодарит тех, кто предоÑтавил информацию об уÑзвимоÑти CVE-2015-1805: <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, <a href="mailto:vancouverdou@gmail.com">Ð’ÐµÐ½ÑŒÐºÑ Ð”Ð¾Ñƒ</a>, Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и СюйÑÑнь ЦзÑна из <a href="http://c0reteam.org">C0RE Team</a>, а также <a href="https://www.zimperium.com/">Zimperium</a>.</p> + <h2 id="security_vulnerability_details">ОпиÑание уÑзвимоÑтей</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех <a href="#security_vulnerability_summary">перечиÑленных выше</a> -уÑзвимоÑÑ‚ÑÑ…: опиÑание, обоÑнование ÑерьезноÑти, а также таблицу Ñ CVE, ÑÑылкой -на ошибку, уровнем ÑерьезноÑти, уÑзвимыми верÑиÑми и датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ -об ошибке. + +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2016-04-02: +опиÑание, обоÑнование ÑерьезноÑти, а также таблицу Ñ CVE, ÑÑылкой на ошибку, уровнем ÑерьезноÑти, уÑзвимыми верÑиÑми и датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на Ñообщение в AOSP, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки, и дополнительные ÑÑылки в квадратных Ñкобках.</p> + <h3 id="remote_code_execution_vulnerability_in_dhcpcd">Удаленное выполнение кода через dhcpcd</h3> + <p>УÑзвимоÑÑ‚ÑŒ в ÑервиÑе DHCP позволÑет злоумышленнику нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти и удаленно выполнить код. Из-за Ñтого ей приÑвоен критичеÑкий уровень. У ÑервиÑа DHCP еÑÑ‚ÑŒ доÑтуп к привилегиÑм, закрытым Ð´Ð»Ñ Ñторонних приложений.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибки Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> + <tbody><tr> + <th>CVE</th> + <th>Ошибки Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> ANDROID-15268738</a></td> -<td>КритичеÑкий</td> -<td>4.4.4</td> -<td>30Â Ð¸ÑŽÐ»Ñ 2014 г.</td> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> + <td>КритичеÑкий</td> + <td>4.4.4</td> + <td>30Â Ð¸ÑŽÐ»Ñ 2014 г.</td> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> ANDROID-16677003</a></td> -<td>КритичеÑкий</td> -<td>4.4.4</td> -<td>30Â Ð¸ÑŽÐ»Ñ 2014 г.</td> -</tr> -<tr> -<td>CVE-2016-1503</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> + <td>КритичеÑкий</td> + <td>4.4.4</td> + <td>30Â Ð¸ÑŽÐ»Ñ 2014 г.</td> + </tr> + <tr> + <td>CVE-2016-1503</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> ANDROID-26461634</a></td> -<td>КритичеÑкий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>4 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <td>КритичеÑкий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>4 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_media_codec">Удаленное выполнение кода через медиакодек</h3> + <p>При обработке медиафайлов и данных в Ñпециально Ñозданном файле злоумышленник может воÑпользоватьÑÑ ÑƒÑзвимоÑтью медиакодека Ð´Ð»Ñ mediaserver, нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти и удаленно выполнить код как процеÑÑ mediaserver.</p> + <p>УÑÐ·Ð²Ð¸Ð¼Ð°Ñ Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ ÑвлÑетÑÑ Ð¾Ñновной ÑоÑтавлÑющей ОС. Многие Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑŽÑ‚ контенту, оÑобенно MMS-ÑообщениÑм и воÑпроизводимым в браузере медиафайлам, диÑтанционно обращатьÑÑ Ðº ней.</p> + <p>УÑзвимоÑти приÑвоен критичеÑкий уровень из-за возможноÑти удаленного -Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте ÑервиÑа mediaserver. У него еÑÑ‚ÑŒ доÑтуп к аудио- -и видеопотокам, а также к привилегиÑм, закрытым Ð´Ð»Ñ Ñторонних приложений.</p> +Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте ÑервиÑа mediaserver. У него еÑÑ‚ÑŒ доÑтуп +к аудио- и видеопотокам, а также к привилегиÑм, закрытым Ð´Ð»Ñ Ñторонних +приложений.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0834</td> -<td>ANDROID-26220548*</td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>16Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Ошибка</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0834</td> + <td>ANDROID-26220548*</td> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>16Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <p>*ИÑправление не опубликовано в AOSP. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> + <h3 id="remote_code_execution_vulnerability_in_mediaserver">Удаленное выполнение кода через mediaserver</h3> + <p>При обработке медиафайлов и данных в Ñпециально Ñозданном файле злоумышленник может воÑпользоватьÑÑ ÑƒÑзвимоÑтью mediaserver, нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти и удаленно выполнить код как процеÑÑ mediaserver.</p> + <p>УÑÐ·Ð²Ð¸Ð¼Ð°Ñ Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ ÑвлÑетÑÑ Ð¾Ñновной ÑоÑтавлÑющей ОС. Многие Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑŽÑ‚ контенту, оÑобенно MMS-ÑообщениÑм и воÑпроизводимым в браузере медиафайлам, диÑтанционно обращатьÑÑ Ðº ней.</p> + <p>УÑзвимоÑти приÑвоен критичеÑкий уровень из-за возможноÑти удаленного -Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте ÑервиÑа mediaserver. У него еÑÑ‚ÑŒ доÑтуп к аудио- -и видеопотокам, а также к привилегиÑм, закрытым Ð´Ð»Ñ Ñторонних приложений.</p> +Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте ÑервиÑа mediaserver. У него еÑÑ‚ÑŒ доÑтуп +к аудио- и видеопотокам, а также к привилегиÑм, закрытым Ð´Ð»Ñ Ñторонних +приложений.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибки Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0835</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> - ANDROID-26070014</a> - [<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>] + <tbody><tr> + <th>CVE</th> + <th>Ошибки Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0835</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301">ANDROID-26070014</a> [<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>] </td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>6Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -<tr> -<td>CVE-2016-0836</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>6Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> + <tr> + <td>CVE-2016-0836</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> ANDROID-25812590</a></td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>19 ноÑÐ±Ñ€Ñ 2015 г.</td> -</tr> -<tr> -<td>CVE-2016-0837</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>19 ноÑÐ±Ñ€Ñ 2015 г.</td> + </tr> + <tr> + <td>CVE-2016-0837</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> ANDROID-27208621</a></td> -<td>КритичеÑкий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>11Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> -</tr> -<tr> -<td>CVE-2016-0838</td> -<td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> - ANDROID-26366256</a> - [<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> -<td>КритичеÑкий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -<tr> -<td>CVE-2016-0839</td> -<td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> + <td>КритичеÑкий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>11Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-0838</td> + <td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49">ANDROID-26366256</a> [<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> + <td>КритичеÑкий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> + <tr> + <td>CVE-2016-0839</td> + <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> ANDROID-25753245</a></td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -<tr> -<td>CVE-2016-0840</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> + <tr> + <td>CVE-2016-0840</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> ANDROID-26399350</a></td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -<tr> -<td>CVE-2016-0841</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> + <tr> + <td>CVE-2016-0841</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> ANDROID-26040840</a></td> -<td>КритичеÑкий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -</table> + <td>КритичеÑкий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_libstagefright">Удаленное выполнение кода через libstagefright</h3> + <p>При обработке медиафайлов и данных в Ñпециально Ñозданном файле злоумышленник может воÑпользоватьÑÑ ÑƒÑзвимоÑтью libstagefright, нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти и удаленно выполнить код как процеÑÑ mediaserver.</p> + <p>УÑÐ·Ð²Ð¸Ð¼Ð°Ñ Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ ÑвлÑетÑÑ Ð¾Ñновной ÑоÑтавлÑющей ОС. Многие Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑŽÑ‚ контенту, оÑобенно MMS-ÑообщениÑм и воÑпроизводимым в браузере медиафайлам, диÑтанционно обращатьÑÑ Ðº ней.</p> + <p>УÑзвимоÑти приÑвоен критичеÑкий уровень из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте ÑервиÑа mediaserver. У него еÑÑ‚ÑŒ доÑтуп к аудио- и видеопотокам, а также к привилегиÑм, закрытым Ð´Ð»Ñ Ñторонних приложений.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0842</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0842</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> ANDROID-25818142</a></td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>23 ноÑÐ±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>23 ноÑÐ±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_kernel">Повышение привилегий через Ñдро</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Ð”Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ нужно переуÑтановить ОС. Узнайте больше об Ñтой уÑзвимоÑти в <a href="/security/advisory/2016-03-18.html">Примечании по безопаÑноÑти Android от 18 марта 2016 г.</a></p> + <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2015-1805</td> -<td>ANDROID-27275324*</td> -<td>КритичеÑкий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>19Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> -</tr> -</table> -<p>*ИÑправление опубликовано в AOSP Ð´Ð»Ñ Ñледующих верÑий Ñдра: -<a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a> -<a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a> -<a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a></p> + <tbody><tr> + <th>CVE</th> + <th>Ошибка</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2015-1805</td> + <td>ANDROID-27275324*</td> + <td>КритичеÑкий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>19Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> + </tr> +</tbody></table> +<p>*ИÑправление опубликовано в AOSP Ð´Ð»Ñ Ñледующих верÑий Ñдра: <a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>, <a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a> и <a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a>.</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module">Повышение привилегий через модуль производительноÑти процеÑÑора Qualcomm</h3> + <p>УÑзвимоÑÑ‚ÑŒ обнаружена в диÑпетчере Ñобытий производительноÑти Ð´Ð»Ñ ARM-процеÑÑоров Qualcomm. Она позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. УÑзвимоÑти приÑвоен критичеÑкий уровень, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Ð”Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ нужно переуÑтановить ОС.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0843</td> -<td>ANDROID-25801197*</td> -<td>КритичеÑкий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>19 ноÑÐ±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Ошибка</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0843</td> + <td>ANDROID-25801197*</td> + <td>КритичеÑкий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>19 ноÑÐ±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <p>*ИÑправление не опубликовано в AOSP. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> + <h3 id="elevation_of_privilege_in_qualcomm_rf_component">Повышение привилегий через RF-компонент процеÑÑора Qualcomm</h3> + <p>УÑзвимоÑÑ‚ÑŒ RF-драйвера Qualcomm позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен критичеÑкий уровень, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Ð”Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ ÑƒÑзвимоÑти нужно переуÑтановить ОС.</p> + <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0844</td> -<td>ANDROID-26324307*</td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>25Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> -<p>*ИÑправление опубликовано не в AOSP, а в <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa">ÑообщеÑтве Linux</a>.</p> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0844</td> + <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/57531cacb40682be4b1189c721fd1e7f25bf3786">ANDROID-26324307</a>*</td> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>25Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> +<p>*Дополнительное иÑправление опубликовано в <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa">ÑообщеÑтве Linux</a>.</p> + <h3 id="elevation_of_privilege_vulnerability_in_kernel12">Повышение привилегий через Ñдро</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. УÑзвимоÑти приÑвоен критичеÑкий уровень, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Ð”Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ нужно переуÑтановить ОС.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2014-9322</td> -<td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> - [<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>] - [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br/> - [<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>] - [<a href="">5</a>] - [<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>] - [<a href="https://android.googlesource.com/kernel/common/+/e068734f9e7344997a61022629b92d142a985ab3">7</a>] - [<a href="https://android.googlesource.com/kernel/common/+/fdc6c1052bc7d89a5826904fbb4318677e8442ce">8</a>] - [<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>] - [<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>] - [<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> -<td>КритичеÑкий</td> -<td>6.0, 6.0.1</td> -<td>25Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2014-9322</td> + <td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> [<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>] [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br /> + [<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>] [<a href="https://android.googlesource.com/kernel/common/+/44d057a37868a60bc2eb6e7d1dcea701f234d56a">5</a>] [<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>] [<a href="https://android.googlesource.com/kernel/common/+/e068734f9e7344997a61022629b92d142a985ab3">7</a>] [<a href="https://android.googlesource.com/kernel/common/+/fdc6c1052bc7d89a5826904fbb4318677e8442ce">8</a>] [<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>] [<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>] [<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> + <td>КритичеÑкий</td> + <td>6.0, 6.0.1</td> + <td>25Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_imemory_native_interface"> Повышение привилегий через IMemory Native Interface</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте ÑиÑтемного Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ñ Ñ€Ð°Ñширенным доÑтупом. - Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним -приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> + Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0846</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0846</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> ANDROID-26877992</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>29 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>29 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_telecom_component"> Повышение привилегий через компонент Telecom</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику Ñовершать вызовы, менÑÑ Ð½Ð¾Ð¼ÐµÑ€ звонÑщего -на произвольный. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним -приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +на произвольный. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0847</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> - ANDROID-26864502</a> - [<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>] + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0847</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444">ANDROID-26864502</a> [<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>] </td> -<td>Ð’Ñ‹Ñокий</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_download_manager"> Повышение привилегий через диÑпетчер загрузки</h3> + <p>УÑзвимоÑÑ‚ÑŒ обнаружена в диÑпетчере загрузки. Она позволÑет получить доÑтуп -к неавторизованным файлам в личном хранилище. Проблеме приÑвоен выÑокий -уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, -недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +к неавторизованным файлам в личном хранилище. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> + <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0848</td> -<td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0848</td> + <td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> ANDROID-26211054</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>14Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>14Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_recovery_procedure"> Повышение привилегий во Ð²Ñ€ÐµÐ¼Ñ Ð¿Ñ€Ð¾Ñ†ÐµÑÑа воÑÑтановлениÑ</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте ÑиÑтемного Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ñ Ñ€Ð°Ñширенным доÑтупом. - Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним -приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> + Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0849</td> -<td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0849</td> + <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> ANDROID-26960931</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>3Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>3Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_bluetooth"> Повышение привилегий через Bluetooth</h3> + <p>УÑзвимоÑÑ‚ÑŒ обнаружена в Bluetooth. Она позволÑет ненадежному уÑтройÑтву подÑоединитьÑÑ Ðº телефону во Ð²Ñ€ÐµÐ¼Ñ Ð¿ÐµÑ€Ð²Ð¾Ð½Ð°Ñ‡Ð°Ð»ÑŒÐ½Ð¾Ð¹ процедуры подключениÑ. Ðто дает злоумышленнику неавторизованный доÑтуп к реÑурÑам уÑтройÑтва, @@ -680,148 +500,156 @@ ARM-процеÑÑоров Qualcomm. Она позволÑет локальноРÑерьезноÑти, поÑкольку она позволÑет получить возможноÑти, недоÑтупные ненадежным уÑтройÑтвам.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-0850</td> -<td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-0850</td> + <td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> ANDROID-26551752</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>13 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>13 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_texas_instruments_haptic_driver"> Повышение привилегий через драйвер виброотклика Texas Instruments</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Как правило, таким ошибкам приÑваивают критичеÑкий уровень, но в Ñтом Ñлучае уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту ÑервиÑа, вызывающего драйвер, поÑтому уровень был Ñнижен до выÑокого.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2409</td> -<td>ANDROID-25981545*</td> -<td>Ð’Ñ‹Ñокий</td> -<td>6.0, 6.0.1</td> -<td>25Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Ошибка</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2409</td> + <td>ANDROID-25981545*</td> + <td>Ð’Ñ‹Ñокий</td> + <td>6.0, 6.0.1</td> + <td>25Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> <p>*ИÑправление не опубликовано в AOSP. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_kernel_driver"> Повышение привилегий через видеодрайвер Ñдра Qualcomm</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Как правило, таким ошибкам приÑваивают критичеÑкий уровень, но в Ñтом Ñлучае уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту ÑервиÑа, вызывающего драйвер, поÑтому уровень был Ñнижен до выÑокого.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2410</td> -<td>ANDROID-26291677*</td> -<td>Ð’Ñ‹Ñокий</td> -<td>6.0, 6.0.1</td> -<td>21Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Ошибка</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2410</td> + <td>ANDROID-26291677*</td> + <td>Ð’Ñ‹Ñокий</td> + <td>6.0, 6.0.1</td> + <td>21Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> <p>*ИÑправление не опубликовано в AOSP. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_power_management_component"> Повышение привилегий через компонент ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ð¸Ñ‚Ð°Ð½Ð¸ÐµÐ¼ Qualcomm</h3> + <p>УÑзвимоÑÑ‚ÑŒ обнаружена в драйвере ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ð¸Ñ‚Ð°Ð½Ð¸ÐµÐ¼ Ñдра Qualcomm. Она позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Как правило, таким ошибкам приÑваивают критичеÑкий уровень, но в Ñтом Ñлучае уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту уÑтройÑтва и получить root-права, поÑтому уровень был Ñнижен до выÑокого.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2411</td> -<td>ANDROID-26866053*</td> -<td>Ð’Ñ‹Ñокий</td> -<td>6.0, 6.0.1</td> -<td>28 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Ошибка</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2411</td> + <td>ANDROID-26866053*</td> + <td>Ð’Ñ‹Ñокий</td> + <td>6.0, 6.0.1</td> + <td>28 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> <p>*ИÑправление не опубликовано в AOSP. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> + <h3 id="elevation_of_privilege_vulnerability_in_system_server"> Повышение привилегий через system_server</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте ÑиÑтемного Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ñ Ñ€Ð°Ñширенным -доÑтупом. УÑзвимоÑти приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним -приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +доÑтупом. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2412</td> -<td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2412</td> + <td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> ANDROID-26593930</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>15 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>15 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> Повышение привилегий через mediaserver</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте ÑиÑтемного Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ñ Ñ€Ð°Ñширенным -доÑтупом. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним -приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +доÑтупом. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2413</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2413</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> ANDROID-26403627</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>5 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>5 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_vulnerability_in_minikin">Отказ в обÑлуживании в Minikin</h3> + <p>УÑзвимоÑÑ‚ÑŒ в библиотеке Minikin позволÑет локальному взломщику временно заблокировать доÑтуп к пораженному уÑтройÑтву. Злоумышленник может инициировать загрузку ненадежного шрифта, что вызовет переполнение Minikin и @@ -829,98 +657,97 @@ ARM-процеÑÑоров Qualcomm. Она позволÑет локальноРпоÑкольку из-за отказа в обÑлуживании начинаетÑÑ Ð±ÐµÑÐºÐ¾Ð½ÐµÑ‡Ð½Ð°Ñ Ñ†ÐµÐ¿Ð¾Ñ‡ÐºÐ° перезагрузок уÑтройÑтва.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2414</td> -<td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> - ANDROID-26413177</a> - [<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>] + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2414</td> + <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6">ANDROID-26413177</a> [<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>] </td> -<td>Ð’Ñ‹Ñокий</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>3 ноÑÐ±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>3 ноÑÐ±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_exchange_activesync"> РаÑкрытие информации через Exchange ActiveSync</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получить удаленный доÑтуп к конфиденциальным данным пользователÑ. Из-за Ñтого ей приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2415</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2415</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> ANDROID-26488455</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>11 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>11 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_mediaserver">РаÑкрытие информации через mediaserver</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет обойти защиту, предотвращающую атаки -на платформу, и раÑкрыть конфиденциальную информацию. Проблеме -приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно -получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, -<a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +на платформу, и раÑкрыть конфиденциальную информацию. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно также получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибки Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2416</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> - ANDROID-27046057</a> - [<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>] + <tbody><tr> + <th>CVE</th> + <th>Ошибки Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2416</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd">ANDROID-27046057</a> [<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>] </td> -<td>Ð’Ñ‹Ñокий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>5Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> -</tr> -<tr> -<td>CVE-2016-2417</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> + <td>Ð’Ñ‹Ñокий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>5Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-2417</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> ANDROID-26914474</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>1Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> -</tr> -<tr> -<td>CVE-2016-2418</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> + <td>Ð’Ñ‹Ñокий</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>1Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-2418</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> ANDROID-26324358</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>6.0, 6.0.1</td> -<td>24Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -<tr> -<td>CVE-2016-2419</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> + <td>Ð’Ñ‹Ñокий</td> + <td>6.0, 6.0.1</td> + <td>24Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> + <tr> + <td>CVE-2016-2419</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> ANDROID-26323455</a></td> -<td>Ð’Ñ‹Ñокий</td> -<td>6.0, 6.0.1</td> -<td>24Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <td>Ð’Ñ‹Ñокий</td> + <td>6.0, 6.0.1</td> + <td>24Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_debuggerd_component"> Повышение привилегий через компонент Debuggerd</h3> + <p>УÑзвимоÑÑ‚ÑŒ компонента Debuggerd позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код на уÑтройÑтве. Из-за Ñтого нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Ð”Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ нужно переуÑтановить ОС. @@ -929,216 +756,213 @@ ARM-процеÑÑоров Qualcomm. Она позволÑет локальноРÑнижен до Ñреднего. Ð’ Android 5.0 и более поздних верÑиÑÑ… правила SELinux не позволÑÑŽÑ‚ Ñторонним приложениÑм оперировать Ñ ÐºÐ¾Ð´Ð¾Ð¼.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2420</td> -<td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> - ANDROID-26403620</a> - [<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>] + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2420</td> + <td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98">ANDROID-26403620</a> [<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>] </td> -<td>Средний</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>5 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> + <td>Средний</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>5 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard"> Повышение привилегий через маÑтер наÑтройки</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику, в руки которого попало уÑтройÑтво, получить доÑтуп к наÑтройкам и выполнить их ÑброÑ. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно обойти защиту от ÑброÑа.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2421</td> -<td>ANDROID-26154410*</td> -<td>Средний</td> -<td>5.1.1, 6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -</table> -<p>*ИÑправление не опубликовано в AOSP. + <tbody><tr> + <th>CVE</th> + <th>Ошибка</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2421</td> + <td>ANDROID-26154410*</td> + <td>Средний</td> + <td>5.1.1, 6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> +</tbody></table> + +<p>*ИÑправление не опубликовано в AOSP. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> + <h3 id="elevation_of_privilege_in_wi-fi">Повышение привилегий через Wi-Fi</h3> + <p>УÑзвимоÑÑ‚ÑŒ Wi-Fi позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте ÑиÑтемного Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ñ Ñ€Ð°Ñширенным -доÑтупом. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним -приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +доÑтупом. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2422</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2422</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> ANDROID-26324357</a></td> -<td>Средний</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>23Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> + <td>Средний</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>23Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_telephony">Повышение привилегий через телефонную ÑвÑзь</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику, в руки которого попало уÑтройÑтво, получить доÑтуп к наÑтройкам и выполнить их ÑброÑ. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно обойти защиту от ÑброÑа.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2423</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2423</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> ANDROID-26303187</a></td> -<td>Средний</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -</table> + <td>Средний</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_in_syncstorageengine">Отказ в обÑлуживании в SyncStorageEngine</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО вызвать беÑконечную цепочку перезагрузок уÑтройÑтва. УÑзвимоÑти приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку из-за нее может произойти отказ в обÑлуживании. Ð”Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ нужно ÑброÑить наÑтройки уÑтройÑтва.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2424</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2424</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> ANDROID-26513719</a></td> -<td>Средний</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -</table> + <td>Средний</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>ДоÑтупно только Ñотрудникам Google</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_aosp_mail">РаÑкрытие информации через почтовый клиент AOSP</h3> + <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получить доÑтуп к конфиденциальным данным пользователÑ. Ей приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить Ñ€Ð°Ð·Ñ€ÐµÑˆÐµÐ½Ð¸Ñ ÑƒÑ€Ð¾Ð²Ð½Ñ dangerous (опаÑные).</p> <table> -<tr> -<th>CVE</th> -<th>Ошибки Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> + <tbody><tr> + <th>CVE</th> + <th>Ошибки Ñо ÑÑылками на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> ANDROID-26989185</a></td> -<td>Средний</td> -<td>4.4.4, 5.1.1, 6.0, 6.0.1</td> -<td>29 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td>ANDROID-7154234*</td> -<td>Средний</td> -<td>5.0.2</td> -<td>29 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> -</tr> -</table> -<p>*ИÑправление не опубликовано в AOSP. + <td>Средний</td> + <td>4.4.4, 5.1.1, 6.0, 6.0.1</td> + <td>29 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td>ANDROID-7154234*</td> + <td>Средний</td> + <td>5.0.2</td> + <td>29 ÑÐ½Ð²Ð°Ñ€Ñ 2016 г.</td> + </tr> +</tbody></table> + +<p>*ИÑправление не опубликовано в AOSP. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> + <h3 id="information_disclosure_vulnerability_in_framework">РаÑкрытие информации через Framework</h3> + <p>УÑзвимоÑÑ‚ÑŒ компонента Framework позволÑет ПО получить неÑанкционированный доÑтуп к конфиденциальной информации. Из-за Ñтого проблеме приÑвоен Ñредний уровень ÑерьезноÑти.</p> <table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылкой на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2426</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> + <tbody><tr> + <th>CVE</th> + <th>Ошибка Ñо ÑÑылкой на AOSP</th> + <th>Уровень ÑерьезноÑти</th> + <th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> + <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> + </tr> + <tr> + <td>CVE-2016-2426</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> ANDROID-26094635</a></td> -<td>Средний</td> -<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>8Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> -</tr> -</table> -<h3 id="information_disclosure_vulnerability_in_bouncycastle">РаÑкрытие информации через Bouncy Castle</h3> -<p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику украÑÑ‚ÑŒ ключ аутентификации. Проблеме -приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить -доÑтуп к возможноÑÑ‚Ñм и данным ÑƒÑ€Ð¾Ð²Ð½Ñ dangerous (опаÑные), еÑли на уÑтройÑтве -уÑтановлено вредоноÑное ПО.</p> -<table> -<tr> -<th>CVE</th> -<th>Ошибка Ñо ÑÑылками на AOSP</th> -<th>Уровень ÑерьезноÑти</th> -<th>ВерÑии, получившие обновление ÑиÑтемы безопаÑноÑти</th> -<th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> -</tr> -<tr> -<td>CVE-2016-2427</td> -<td><a href="https://android.googlesource.com/platform/libcore/+/efd369d996fd38c50a50ea0de8f20507253cb6de"> - ANDROID-26234568</a> - [<a href="https://android.googlesource.com/platform/external/bouncycastle/+/b3bddea0f33c0459293c6419569ad151b4a7b44b">2</a>] - </td> -<td>Средний</td> -<td>5.0.2, 5.1.1, 6.0, 6.0.1</td> -<td>ДоÑтупно только Ñотрудникам Google</td> -</tr> -</table> + <td>Средний</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + <td>8Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> + </tr> +</tbody></table> + <h2 id="common_questions_and_answers">ЧаÑто задаваемые вопроÑÑ‹</h2> + <p>Ð’ Ñтом разделе мы отвечаем на вопроÑÑ‹, которые могут возникнуть поÑле Ð¿Ñ€Ð¾Ñ‡Ñ‚ÐµÐ½Ð¸Ñ Ð±ÑŽÐ»Ð»ÐµÑ‚ÐµÐ½Ñ.</p> + <p><strong>1. Как определить, уÑтановлено ли на уÑтройÑтво обновление, в котором уÑтранены перечиÑленные проблемы? </strong></p> + <p>ПеречиÑленные проблемы уÑтранены в иÑправлении от 2Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года или более новом. О том, как узнать дату поÑледнего Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, раÑÑказываетÑÑ Ð² <a href="https://support.google.com/nexus/answer/4457705">документации Nexus</a>. Производители уÑтройÑтв, позволÑющие уÑтановить Ñти обновлениÑ, должны приÑвоить им уровень [ro.build.version.security_patch]:[2016-04-02].</p> + <p><strong>2. Почему 2Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года вышло дополнительное иÑправление?</strong></p> + <p>Обычно иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð² ÑиÑтеме безопаÑноÑти поÑвлÑÑŽÑ‚ÑÑ 1-го чиÑла каждого меÑÑца. Ð’ апреле такое иÑправление включало в ÑÐµÐ±Ñ Ñ€ÐµÑˆÐµÐ½Ð¸Ðµ вÑех проблем, опиÑанных в Ñтом бюллетене, за иÑключением уÑзвимоÑти CVE-2015-1805. Узнать о ней больше можно в <a href="/security/advisory/2016-03-18.html">Примечании по безопаÑноÑти Android от 18 марта 2016 года.</a> Ð’ иÑправлении от 2Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года вÑе опиÑанные выше уÑзвимоÑти, Ð²ÐºÐ»ÑŽÑ‡Ð°Ñ CVE-2015-1805, уÑтранены.<a href="/security/advisory/2016-03-18.html"></a></p> + <h2 id="revisions">ВерÑии</h2> + <ul> -<li> 4Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года. Бюллетень опубликован. + <li> 4Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года. Бюллетень опубликован. </li><li> 6Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года. Добавлены ÑÑылки на AOSP. + </li><li> 7Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 года. Добавлена Ð´Ð¾Ð¿Ð¾Ð»Ð½Ð¸Ñ‚ÐµÐ»ÑŒÐ½Ð°Ñ ÑÑылка на AOSP. + </li><li> 11Â Ð¸ÑŽÐ»Ñ 2016 года. Обновлено опиÑание CVE-2016-2427. + </li><li> 1 авгуÑта 2016 года. Обновлено опиÑание CVE-2016-2427. + </li><li> 19Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года. Удалены ÑÐ²ÐµÐ´ÐµÐ½Ð¸Ñ Ð¾Ð± уÑзвимоÑти CVE-2016-2427, поÑкольку она была добавлена по ошибке. </li></ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2016-07-01.html b/ru/security/bulletin/2016-07-01.html index d5b1efa4..9b2f84b6 100644 --- a/ru/security/bulletin/2016-07-01.html +++ b/ru/security/bulletin/2016-07-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Бюллетень по безопаÑноÑти Android – июль 2016 г.</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,8 +20,6 @@ limitations under the License. --> - - <p><em>Опубликовано 6Â Ð¸ÑŽÐ»Ñ 2016 г. | Обновлено 14Â Ð¸ÑŽÐ»Ñ 2016 г.</em></p> <p>Ð’ Ñтом бюллетене ÑодержитÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑÑ‚ÑÑ… в защите уÑтройÑтв Android. К его выходу мы выпуÑтили автоматичеÑкое обновление @@ -33,17 +30,12 @@ можно узнать в <a href="https://support.google.com/nexus/answer/4457705#nexus_devices">Справочном центре</a>.</p> <p> Мы Ñообщили партнерам об уÑзвимоÑÑ‚ÑÑ… 6Â Ð¸ÑŽÐ½Ñ 2016 года или ранее. - ИÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼ загружены в хранилище Android Open Source Project (AOSP). + ИÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼ загружены в хранилище Android Open Source Project (AOSP). Ð’ Ñтом бюллетене также приведены ÑÑылки на иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð²Ð½Ðµ AOSP.</p> -<p>Ðаиболее ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· уÑзвимоÑтей имеет критичеÑкий уровень -и позволÑет удаленно выполнÑÑ‚ÑŒ код на пораженном уÑтройÑтве -(например, при работе Ñ Ñлектронной почтой, проÑмотре Ñайтов -в Интернете или обработке медиафайлов MMS).</p> -<p>Обнаруженные уÑзвимоÑти не ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="mitigations">Предотвращение атак</a> -раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, -например SafetyNet, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> +<p>Ðаиболее ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· уÑзвимоÑтей имеет критичеÑкий уровень и позволÑет удаленно выполнÑÑ‚ÑŒ код на пораженном уÑтройÑтве (например, при работе Ñ Ñлектронной почтой, проÑмотре Ñайтов в Интернете или обработке медиафайлов MMS). <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны.</p> +<p>У Ð½Ð°Ñ Ð½ÐµÑ‚ информации о том, что обнаруженные уÑзвимоÑти ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> опиÑываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например SafetyNet, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> <p>Мы рекомендуем вÑем пользователÑм уÑтановить перечиÑленные здеÑÑŒ обновлениÑ.</p> <h2 id="announcements">ОбъÑвлениÑ</h2> <ul> @@ -54,439 +46,27 @@ <a href="#common-questions-and-answers">ЧаÑто задаваемые вопроÑÑ‹</a>. <ul> <li><strong>2016-07-01</strong>: чаÑтичное обновление ÑиÑтемы безопаÑноÑти, в котором иÑправлены вÑе уÑзвимоÑти ÑƒÑ€Ð¾Ð²Ð½Ñ 2016-07-01. - <li><strong>2016-07-05</strong>: полное обновление ÑиÑтемы безопаÑноÑти, в котором иÑправлены вÑе уÑзвимоÑти уровней 2016-07-01 и 2016-07-05.</li> - </li></ul> + </li><li><strong>2016-07-05</strong>: полное обновление ÑиÑтемы безопаÑноÑти, в котором иÑправлены вÑе уÑзвимоÑти уровней 2016-07-01 и 2016-07-05.</li> + </ul> </li> - <li>Ðа поддерживаемые уÑтройÑтва Nexus будет уÑтановлено единое автоматичеÑкое обновление - ÑиÑтемы безопаÑноÑти от 5Â Ð¸ÑŽÐ»Ñ 2016 года.</li> + <li>Ðа поддерживаемые уÑтройÑтва Nexus будет уÑтановлено единое автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти от 5Â Ð¸ÑŽÐ»Ñ 2016 года.</li> </ul> -<h2 id="security_vulnerability_summary">Перечень уÑзвимоÑтей</h2> -<p>Ð’ таблице ниже перечиÑлены уÑзвимоÑти, их идентификаторы (CVE) -и уровни ÑерьезноÑти, а также указано, затрагивает ли проблема уÑтройÑтва Nexus. <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву -при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены -разработчиком или взломаны.</p> - -<h3 id="2016-07-01_summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-07-01)</h3> -<p> -ПеречиÑленные проблемы должны быть уÑтранены в иÑправлении от 1Â Ð¸ÑŽÐ»Ñ 2016 года или более новом.</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>УÑзвимоÑÑ‚ÑŒ</th> - <th>CVE</th> - <th>Уровень ÑерьезноÑти</th> - <th>Затрагивает уÑтройÑтва Nexus?</th> - </tr> - <tr> - <td>Удаленное выполнение кода через mediaserver</td> - <td>CVE-2016-2506, CVE-2016-2505, CVE-2016-2507, CVE-2016-2508, - CVE-2016-3741, CVE-2016-3742, CVE-2016-3743</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Удаленное выполнение кода через OpenSSL и BoringSSL</td> - <td>CVE-2016-2108</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Удаленное выполнение кода через Bluetooth</td> - <td>CVE-2016-3744</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через libpng</td> - <td>CVE-2016-3751</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через mediaserver</td> - <td>CVE-2016-3745, CVE-2016-3746, CVE-2016-3747</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñокеты</td> - <td>CVE-2016-3748</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через LockSettingsService</td> - <td>CVE-2016-3749</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Framework API</td> - <td>CVE-2016-3750</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñлужбу ChooserTarget</td> - <td>CVE-2016-3752</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через mediaserver</td> - <td>CVE-2016-3753</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>РаÑкрытие информации через OpenSSL</td> - <td>CVE-2016-2107</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в mediaserver</td> - <td>CVE-2016-3754, CVE-2016-3755, CVE-2016-3756</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в libc</td> - <td>CVE-2016-3818</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через lsof</td> - <td>CVE-2016-3757</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через DexClassLoader</td> - <td>CVE-2016-3758</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Framework API</td> - <td>CVE-2016-3759</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Bluetooth</td> - <td>CVE-2016-3760</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через NFC</td> - <td>CVE-2016-3761</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñокеты</td> - <td>CVE-2016-3762</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через Proxy Auto-Config</td> - <td>CVE-2016-3763</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через mediaserver</td> - <td>CVE-2016-3764, CVE-2016-3765</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в mediaserver</td> - <td>CVE-2016-3766</td> - <td>Средний</td> - <td>Да</td> - </tr> -</table> -<p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Nexus, -на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - - -<h3 id="2016-07-05_summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-07-05)</h3> -<p> -Ð’ иÑправлении от 5Â Ð¸ÑŽÐ»Ñ 2016 года или более новом уÑтранены вÑе проблемы, -упомÑнутые в обновлении 2016-07-01, а также уÑзвимоÑти, перечиÑленные ниже.</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>УÑзвимоÑÑ‚ÑŒ</th> - <th>CVE</th> - <th>Уровень ÑерьезноÑти</th> - <th>Затрагивает уÑтройÑтва Nexus?</th> - </tr> - <tr> - <td>Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого - процеÑÑора (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-2503, CVE-2016-2067</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi-драйвер MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3767</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через компонент производительноÑти процеÑÑора Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3768</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через видеодрайвер NVIDIA - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3769</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйверы MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3770, CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, - CVE-2016-3774</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через файловую ÑиÑтему Ñдра - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3775</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через USB-драйвер (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2015-8816</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через компоненты Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2014-9794, CVE-2014-9795, CVE-2015-8892, CVE-2013-7457, CVE-2014-9781, - CVE-2014-9786, CVE-2014-9788, CVE-2014-9779, CVE-2014-9780, CVE-2014-9789, - CVE-2014-9793, CVE-2014-9782, CVE-2014-9783, CVE-2014-9785, CVE-2014-9787, - CVE-2014-9784, CVE-2014-9777, CVE-2014-9778, CVE-2014-9790, CVE-2014-9792, - CVE-2014-9797, CVE-2014-9791, CVE-2014-9796, CVE-2014-9800, CVE-2014-9799, - CVE-2014-9801, CVE-2014-9802, CVE-2015-8891, CVE-2015-8888, CVE-2015-8889, - CVE-2015-8890</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через USB-драйвер Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-2502</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi-драйвер Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3792</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹ - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-2501</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер NVIDIA Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹ - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3793</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Ð¿Ð¸Ñ‚Ð°Ð½Ð¸Ñ MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3795, CVE-2016-3796</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi-драйвер Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3797</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер MediaTek Ð´Ð»Ñ Ð°Ð¿Ð¿Ð°Ñ€Ð°Ñ‚Ð½Ð¾Ð³Ð¾ датчика - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3798</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через видеодрайвер MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3799, CVE-2016-3800</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через GPS-драйвер MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3801</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через файловую ÑиÑтему Ñдра - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3802, CVE-2016-3803</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ð¸Ñ‚Ð°Ð½Ð¸ÐµÐ¼ MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3804, CVE-2016-3805</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер диÑÐ¿Ð»ÐµÑ MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3806</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер SPI - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3807, CVE-2016-3808</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через аудиодрайвер Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-2068</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñдро (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2014-9803</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через Ñетевой компонент (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3809</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через Wi-Fi-драйвер MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3810</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через видеодрайвер Ñдра - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3811</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер видеокодека MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3812</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через USB-драйвер Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3813</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер NVIDIA Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹ - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3814, CVE-2016-3815</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер диÑÐ¿Ð»ÐµÑ MediaTek - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-3816</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер Ñдра Ð´Ð»Ñ Ñ‚ÐµÐ»ÐµÑ‚Ð°Ð¹Ð¿Ð° - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-0723</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в загрузчике Qualcomm - (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2014-9798, CVE-2015-8893</td> - <td>Средний</td> - <td>Да</td> - </tr> -</table> <h2 id="mitigations">Предотвращение атак</h2> <p>Ðиже раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например SafetyNet, позволÑÑŽÑ‚ Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> <ul> - <li>ИÑпользование многих уÑзвимоÑтей затруднÑетÑÑ Ð² новых - верÑиÑÑ… Android, поÑтому мы рекомендуем вÑем пользователÑм + <li>ИÑпользование многих уÑзвимоÑтей затруднÑетÑÑ Ð² новых верÑиÑÑ… Android, поÑтому мы рекомендуем вÑем пользователÑм Ñвоевременно обновлÑÑ‚ÑŒ ÑиÑтему.</li> - <li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ - <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке - <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоноÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ + <li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоноÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">мобильными ÑервиÑами Google</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников. Ð¥Ð¾Ñ‚Ñ Ð² Google Play инÑтрументы Ð´Ð»Ñ Ñ€ÑƒÑ‚Ð¸Ð½Ð³Ð° запрещены, они могут вÑтречатьÑÑ Ð² других магазинах. ЕÑли пользователь решает уÑтановить такое приложение, Проверка предупреждает об Ñтом. - Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, - иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать - его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема - уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> - <li>ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким - процеÑÑам, как mediaserver, автоматичеÑки.</li> + Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> + <li>ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким процеÑÑам, как mediaserver, автоматичеÑки.</li> </ul> <h2 id="acknowledgements">БлагодарноÑти</h2> @@ -494,82 +74,56 @@ <ul> <li>Ðбхишек ÐрьÑ, Оливер Чен и Мартин Барбелла из команды безопаÑноÑти Google Chrome: CVE-2016-3756, CVE-2016-3741, CVE-2016-3743, CVE-2016-3742 - <li>Ðдам Доненфелд и другие Ñотрудники Check Point Software Technologies Ltd.: CVE-2016-2503 - <li>Ðдам ПауÑлл из Google: CVE-2016-3752 - <li>ÐÐ»ÐµÐºÑ Ð§Ð°Ð¿Ð¼Ð°Ð½ и Пол Стоун из Context Information Security: CVE-2016-3763 - <li>Ðнди Тайлер (<a href="https://twitter.com/ticarpi">@ticarpi</a>) из - <a href="https://www.e2e-assure.com/">e2e-assure</a>: CVE-2016-2457 - <li>Бен Ð¥Ð¾ÑƒÐºÑ Ð¸Ð· Google Project Zero: CVE-2016-3775 - <li>Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), - Юань-Цун Ло (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) - и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3770, - CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, CVE-2016-3774 - <li>КриÑтофер Тейт из Google: CVE-2016-3759 - <li>Ди ШÑнь (<a href="https://twitter.com/returnsme">@returnsme</a>) из KeenLab - (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-3762 - <li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) - и pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) из IceSword Lab, - <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a>: CVE-2016-3806, - CVE-2016-3816, CVE-2016-3805, CVE-2016-3804, CVE-2016-3767, CVE-2016-3810, - CVE-2016-3795, CVE-2016-3796 - <li>Грег Кайзер из команды Google Android: CVE-2016-3758 - <li>Гуан Гун (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>) - из Mobile Safe Team, <a href="http://www.360.com">Qihoo 360 Technology Co. - Ltd</a>.: CVE-2016-3764 - <li>Хао ЧÑнь и Гуан Гун из Mobile Safe Team, <a href="http://www.360.com"> - Qihoo 360 Technology Co. Ltd</a>.: CVE-2016-3792, CVE-2016-3768 - <li>Хао Цинь из Security Research Lab, <a href="http://www.cmcm.com">Cheetah - Mobile</a>: CVE-2016-3754, CVE-2016-3766 - <li>ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) - и pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) из IceSword Lab, - <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd</a>: CVE-2016-3814, - CVE-2016-3802, CVE-2016-3769, CVE-2016-3807, CVE-2016-3808 - <li>Марко ÐелиÑÑен из Google: CVE-2016-3818 - <li>Марк Бренд из Google Project Zero: CVE-2016-3757 - <li><a href="https://github.com/michalbednarski">Михал БеднарÑкий</a>: CVE-2016-3750 - <li>МинцзÑнь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), - Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и - СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3747, - CVE-2016-3746, CVE-2016-3765 - <li>ПÑн СÑо, ЧÑнмин Ян, Ðин Ю, Чао Ян и Ян Сун из Alibaba + </li><li>Ðдам Доненфелд и другие Ñотрудники Check Point Software Technologies Ltd.: CVE-2016-2503 + </li><li>Ðдам ПауÑлл из Google: CVE-2016-3752 + </li><li>ÐÐ»ÐµÐºÑ Ð§Ð°Ð¿Ð¼Ð°Ð½ и Пол Стоун из Context Information Security: CVE-2016-3763 + </li><li>Ðнди Тайлер (<a href="https://twitter.com/ticarpi">@ticarpi</a>) из <a href="https://www.e2e-assure.com/">e2e-assure</a>: CVE-2016-2457 + </li><li>Бен Ð¥Ð¾ÑƒÐºÑ Ð¸Ð· Google Project Zero: CVE-2016-3775 + </li><li>Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), Юань-Цун Ло (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3770, CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, CVE-2016-3774 + </li><li>КриÑтофер Тейт из Google: CVE-2016-3759 + </li><li>Ди ШÑнь (<a href="https://twitter.com/returnsme">@returnsme</a>) из KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-3762 + </li><li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) из IceSword Lab, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a>: CVE-2016-3806, CVE-2016-3816, CVE-2016-3805, CVE-2016-3804, CVE-2016-3767, CVE-2016-3810, CVE-2016-3795, CVE-2016-3796 + </li><li>Грег Кайзер из команды Google Android: CVE-2016-3758 + </li><li>Гуан Гун (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>) из Mobile Safe Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a>: CVE-2016-3764 + </li><li>Хао ЧÑнь и Гуан Гун из Alpha Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a>: CVE-2016-3792, CVE-2016-3768 + </li><li>Хао Цинь из Security Research Lab, <a href="http://www.cmcm.com">Cheetah Mobile</a>: CVE-2016-3754, CVE-2016-3766 + </li><li>ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) и pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>) из IceSword Lab, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a>: CVE-2016-3814, CVE-2016-3802, CVE-2016-3769, CVE-2016-3807, CVE-2016-3808 + </li><li>Марко ÐелиÑÑен из Google: CVE-2016-3818 + </li><li>Марк Бренд из Google Project Zero: CVE-2016-3757 + </li><li><a href="https://github.com/michalbednarski">Михал БеднарÑкий</a>: CVE-2016-3750 + </li><li>МинцзÑнь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-3747, CVE-2016-3746, CVE-2016-3765 + </li><li>ПÑн СÑо, ЧÑнмин Ян, Ðин Ю, Чао Ян и Ян Сун из Alibaba Mobile Security Group: CVE-2016-3800, CVE-2016-3799, CVE-2016-3801, CVE-2016-3812, CVE-2016-3798 - <li>Питер Пи (<a href="https://twitter.com/heisecode">@heisecode</a>) из Trend + </li><li>Питер Пи (<a href="https://twitter.com/heisecode">@heisecode</a>) из Trend Micro: CVE-2016-3793 - <li>Рики Ð’Ñй из Google: CVE-2016-3749 - <li>Роланд Крак: CVE-2016-3753 - <li>Скотт БауÑÑ€ (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): + </li><li>Рики Ð’Ñй из Google: CVE-2016-3749 + </li><li>Роланд Крак: CVE-2016-3753 + </li><li>Скотт БауÑÑ€ (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-3797, CVE-2016-3813, CVE-2016-3815, CVE-2016-2501, CVE-2016-2502 - <li>ВаÑилий ВаÑильев: CVE-2016-2507 - <li>Ð’Ñйчао Сунь (<a href="https://twitter.com/sunblate">@sunblate</a>) из + </li><li>ВаÑилий ВаÑильев: CVE-2016-2507 + </li><li>Ð’Ñйчао Сунь (<a href="https://twitter.com/sunblate">@sunblate</a>) из Alibaba Inc.: CVE-2016-2508, CVE-2016-3755 - <li>Ð’Ñнь ÐÑŽ (<a href="https://twitter.com/NWMonster">@NWMonster</a>) из KeenLab - (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-3809 - <li>Силин Гун из отдела безопаÑноÑти платформы Tencent: CVE-2016-3745 - <li>Яцун Гу из лаборатории TCA ИнÑтитута программного обеÑÐ¿ÐµÑ‡ÐµÐ½Ð¸Ñ ÐšÐ¸Ñ‚Ð°Ð¹Ñкой академии наук: + </li><li>Ð’Ñнь ÐÑŽ (<a href="https://twitter.com/NWMonster">@NWMonster</a>) из KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-3809 + </li><li>Силин Гун из отдела безопаÑноÑти платформы Tencent: CVE-2016-3745 + </li><li>Яцун Гу из лаборатории TCA ИнÑтитута программного обеÑÐ¿ÐµÑ‡ÐµÐ½Ð¸Ñ ÐšÐ¸Ñ‚Ð°Ð¹Ñкой академии наук: CVE-2016-3761 - <li>Ð®Ð½ÐºÑ Ð’Ð°Ð½ (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) из + </li><li>Ð®Ð½ÐºÑ Ð’Ð°Ð½ (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) из Xuanwu LAB, Tencent: CVE-2016-2505 - <li>Ð®Ð½ÐºÑ Ð’Ð°Ð½ (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) и - Ð’Ñй Ð’Ñй (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>) из Xuanwu - LAB, Tencent: CVE-2016-2506 - <li>Юйлун Чжан и Тао (ЛенкÑ) Ð’Ñй из Baidu X-Lab: CVE-2016-3744</li> -</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> - -<h2 id="2016-07-01_details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-07-01)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех -<a href="#2016-07-01_summary">перечиÑленных выше</a> уÑзвимоÑÑ‚ÑÑ…: опиÑание и обоÑнование ÑерьезноÑти, -таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми -уÑтройÑтвами Nexus и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ -об ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное + </li><li>Ð®Ð½ÐºÑ Ð’Ð°Ð½ (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) и Ð’Ñй Ð’Ñй (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>) из Xuanwu LAB, Tencent: CVE-2016-2506 + </li><li>Юйлун Чжан и Тао (ЛенкÑ) Ð’Ñй из Baidu X-Lab: CVE-2016-3744</li> +</ul> + +<h2 id="2016-07-01-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-07-01)</h2> +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2016-07-01: +опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Nexus и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="remote-code-execution-vulnerability-in-mediaserver"> Удаленное выполнение кода через mediaserver</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику нарушить целоÑтноÑÑ‚ÑŒ информации -в памÑти при обработке медиафайлов и данных в Ñпециально Ñозданном файле. - Проблеме приÑвоен критичеÑкий уровень ÑерьезноÑти из-за возможноÑти +в памÑти при обработке медиафайлов и данных в Ñпециально Ñозданном файле. Проблеме приÑвоен критичеÑкий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте процеÑÑа mediaserver. У него еÑÑ‚ÑŒ доÑтуп к аудио- и видеопотокам, а также к привилегиÑм, закрытым Ð´Ð»Ñ Ñторонних приложений.</p> @@ -578,13 +132,13 @@ в браузере медиафайлам, диÑтанционно обращатьÑÑ Ðº ней.</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -621,9 +175,7 @@ </tr> <tr> <td>CVE-2016-2508</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f"> - A-28799341</a> - [<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>] + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f">A-28799341</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>] </td> <td>КритичеÑкий</td> <td><a href="#all_nexus">Ð’Ñе уÑтройÑтва</a></td> @@ -632,9 +184,7 @@ </tr> <tr> <td>CVE-2016-3741</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795"> - A-28165661</a> - [<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>] + <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795">A-28165661</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>] </td> <td>КритичеÑкий</td> <td><a href="#all_nexus">Ð’Ñе уÑтройÑтва</a></td> @@ -661,10 +211,9 @@ <td>6.0, 6.0.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> - +</tbody></table> -<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> +<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> Удаленное выполнение кода через OpenSSL и BoringSSL</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти при обработке файлов и данных в Ñпециально Ñозданном файле. @@ -672,13 +221,13 @@ удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте затрагиваемого процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -696,7 +245,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>3Â Ð¼Ð°Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="remote-code-execution-vulnerability-in-bluetooth"> Удаленное выполнение кода через Bluetooth</h3> @@ -705,13 +254,13 @@ проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -728,26 +277,22 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>30 марта 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-libpng"> Повышение привилегий через libpng</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте ÑиÑтемного Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ñ Ñ€Ð°Ñширенным -доÑтупом. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные -Ñторонним приложениÑм (например, -<a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и -<a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +доÑтупом. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -765,26 +310,22 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>3Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-mediaserver"> Повышение привилегий через mediaserver</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте ÑиÑтемного Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ñ Ñ€Ð°Ñширенным -доÑтупом. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные -Ñторонним приложениÑм (например, -<a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и -<a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> +доÑтупом. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить разрешениÑ, недоÑтупные Ñторонним приложениÑм (например, <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> и <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a>).</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -822,7 +363,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>28 марта 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets"> Повышение привилегий через Ñокеты</h3> @@ -833,13 +374,13 @@ предотвращающую атаки на платформу.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -857,20 +398,20 @@ <td>6.0, 6.0.1</td> <td>13Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice"> Повышение привилегий через LockSettingsService</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет вредоноÑному ПО ÑбраÑывать пароль Ð´Ð»Ñ Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²ÐºÐ¸ Ñкрана без Ñ€Ð°Ð·Ñ€ÐµÑˆÐµÐ½Ð¸Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ локально обходит обÑзательные Ñ‚Ñ€ÐµÐ±Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¾Ñ‚Ð½Ð¾Ñительно взаимодейÑÑ‚Ð²Ð¸Ñ Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÐµÐ¼ либо Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð½Ð°Ñтроек безопаÑноÑти.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -888,7 +429,7 @@ <td>6.0, 6.0.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis"> Повышение привилегий через Framework API</h3> @@ -899,13 +440,13 @@ доÑтуп к данным.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -923,7 +464,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>16Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2015 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service"> Повышение привилегий через Ñлужбу ChooserTarget</h3> @@ -933,13 +474,13 @@ доÑтуп к данным о дейÑтвиÑÑ… в другом приложении.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -957,7 +498,7 @@ <td>6.0, 6.0.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver"> РаÑкрытие информации через mediaserver</h3> @@ -967,13 +508,13 @@ проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -989,7 +530,7 @@ <td>4.4.4</td> <td>15Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Nexus, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> @@ -1001,13 +542,13 @@ проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1023,7 +564,7 @@ <td>4.4.4, 5.0.2, 5.1.1</td> <td>13Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Nexus, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> @@ -1035,13 +576,13 @@ в обÑлуживании.</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1051,9 +592,7 @@ </tr> <tr> <td>CVE-2016-3754</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> - A-28615448</a> - [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e">A-28615448</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] </td> <td>Ð’Ñ‹Ñокий</td> <td><a href="#all_nexus">Ð’Ñе уÑтройÑтва</a></td> @@ -1080,7 +619,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-libc"> Отказ в обÑлуживании в libc</h3> @@ -1090,13 +629,13 @@ в обÑлуживании.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1112,7 +651,7 @@ <td>4.4.4</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Nexus, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> @@ -1125,13 +664,13 @@ набора дейÑтвий вручную.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1149,7 +688,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>11Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader"> Повышение привилегий через DexClassLoader</h3> @@ -1159,13 +698,13 @@ вручную.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1183,7 +722,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2"> Повышение привилегий через Framework API</h3> @@ -1194,13 +733,13 @@ хранение данных приложений.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1218,7 +757,7 @@ <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"> Повышение привилегий через Bluetooth</h3> @@ -1229,13 +768,13 @@ привилегии на уÑтройÑтве без Ñвного Ñ€Ð°Ð·Ñ€ÐµÑˆÐµÐ½Ð¸Ñ Ð²Ð»Ð°Ð´ÐµÐ»ÑŒÑ†Ð°.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1245,16 +784,14 @@ </tr> <tr> <td>CVE-2016-3760</td> - <td><a href="https://android.googlesource.com/platform/hardware/libhardware/+/8b3d5a64c3c8d010ad4517f652731f09107ae9c5">A-27410683</a> -[<a href="https://android.googlesource.com/platform/system/bt/+/37c88107679d36c419572732b4af6e18bb2f7dce">2</a>] -[<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>] + <td><a href="https://android.googlesource.com/platform/hardware/libhardware/+/8b3d5a64c3c8d010ad4517f652731f09107ae9c5">A-27410683</a> [<a href="https://android.googlesource.com/platform/system/bt/+/37c88107679d36c419572732b4af6e18bb2f7dce">2</a>] [<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>] </td> <td>Средний</td> <td><a href="#all_nexus">Ð’Ñе уÑтройÑтва</a></td> <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>29Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-nfc"> Повышение привилегий через NFC</h3> @@ -1265,13 +802,13 @@ привилегии на уÑтройÑтве без Ñвного Ñ€Ð°Ð·Ñ€ÐµÑˆÐµÐ½Ð¸Ñ Ð²Ð»Ð°Ð´ÐµÐ»ÑŒÑ†Ð°.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1289,7 +826,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>20Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"> Повышение привилегий через Ñокеты</h3> @@ -1299,13 +836,13 @@ приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку она позволÑет обойти защиту, предотвращающую атаки на платформу.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1323,7 +860,7 @@ <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>21Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> РаÑкрытие информации через Proxy Auto-Config</h3> @@ -1332,13 +869,13 @@ Ñредний уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1356,7 +893,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>10 марта 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver-2"> РаÑкрытие информации через mediaserver</h3> @@ -1365,13 +902,13 @@ уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1399,7 +936,7 @@ <td>6.0, 6.0.1</td> <td>8Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> Отказ в обÑлуживании в mediaserver</h3> @@ -1409,13 +946,13 @@ в обÑлуживании.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1425,40 +962,33 @@ </tr> <tr> <td>CVE-2016-3766</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> - A-28471206</a> - [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e">A-28471206</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] </td> <td>Средний</td> <td><a href="#all_nexus">Ð’Ñе уÑтройÑтва</a></td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>29Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> -<h2 id="2016-07-05_details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-07-05)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех -<a href="2016-07-05_summary">перечиÑленных выше</a> уÑзвимоÑÑ‚ÑÑ…: опиÑание и обоÑнование ÑерьезноÑти, -таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми -уÑтройÑтвами Nexus и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ -об ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное +<h2 id="2016-07-05-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-07-05)</h2> +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2016-07-05: +опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Nexus и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный -код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, -поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, -Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> +код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1482,7 +1012,7 @@ <td>Nexus 5X, Nexus 6, Nexus 6P</td> <td>20Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> @@ -1493,12 +1023,12 @@ проблемы потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1508,12 +1038,12 @@ <tr> <td>CVE-2016-3767</td> <td>A-28169363* - <br>M-ALPS02689526</td> + <br />M-ALPS02689526</td> <td>КритичеÑкий</td> <td>Android One</td> <td>6Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> @@ -1524,12 +1054,12 @@ проблемы потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1544,23 +1074,21 @@ <td>Nexus 5, Nexus 6, Nexus 5X, Nexus 6P, Nexus 7 (2013)</td> <td>9Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> Повышение привилегий через видеодрайвер NVIDIA</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный -код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку -из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ -проблемы потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> +код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1569,13 +1097,13 @@ </tr> <tr> <td>CVE-2016-3769</td> - <td>A-28376656*<br> + <td>A-28376656*<br /> N-CVE20163769</td> <td>КритичеÑкий</td> <td>Nexus 9</td> <td>18Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific"> @@ -1586,12 +1114,12 @@ проблемы потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1600,7 +1128,7 @@ </tr> <tr> <td>CVE-2016-3770</td> - <td>A-28346752*<br> + <td>A-28346752*<br /> M-ALPS02703102</td> <td>КритичеÑкий</td> <td>Android One</td> @@ -1608,7 +1136,7 @@ </tr> <tr> <td>CVE-2016-3771</td> - <td>A-29007611*<br> + <td>A-29007611*<br /> M-ALPS02703102</td> <td>КритичеÑкий</td> <td>Android One</td> @@ -1616,7 +1144,7 @@ </tr> <tr> <td>CVE-2016-3772</td> - <td>A-29008188*<br> + <td>A-29008188*<br /> M-ALPS02703102</td> <td>КритичеÑкий</td> <td>Android One</td> @@ -1624,7 +1152,7 @@ </tr> <tr> <td>CVE-2016-3773</td> - <td>A-29008363*<br> + <td>A-29008363*<br /> M-ALPS02703102</td> <td>КритичеÑкий</td> <td>Android One</td> @@ -1632,29 +1160,27 @@ </tr> <tr> <td>CVE-2016-3774</td> - <td>A-29008609*<br> + <td>A-29008609*<br /> M-ALPS02703102</td> <td>КритичеÑкий</td> <td>Android One</td> <td>22Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> Повышение привилегий через файловую ÑиÑтему Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный -код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку -из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ -проблемы потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> +код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1668,7 +1194,7 @@ <td>Nexus 5X, Nexus 6, Nexus 6P и Nexus Player, Pixel C</td> <td>4Â Ð¼Ð°Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> @@ -1679,12 +1205,12 @@ Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1698,25 +1224,21 @@ <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, Pixel C</td> <td>4Â Ð¼Ð°Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> Повышение привилегий через компоненты Qualcomm</h3> -<p>Ð’ таблице ниже перечиÑлены уÑзвимоÑти ÑиÑтемы безопаÑноÑти, затрагивающие -компоненты Qualcomm, в том чиÑле загрузчик, драйвер камеры, Ñимвольный -драйвер, Ñеть, аудиодрайвер и видеодрайвер.</p> -<p>Ðаиболее важным проблемам приÑвоен критичеÑкий уровень ÑерьезноÑти, -поÑкольку из-за них нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, -Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ñ‚Ð°ÐºÐ¾Ð¹ проблемы потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> +<p>Ð’ таблице ниже перечиÑлены уÑзвимоÑти ÑиÑтемы безопаÑноÑти, затрагивающие компоненты Qualcomm, в том чиÑле загрузчик, драйвер камеры, Ñимвольный драйвер, Ñеть, аудиодрайвер и видеодрайвер.</p> +<p>Ðаиболее важным проблемам приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð¸Ð·Ð²Ð¾Ð»ÑŒÐ½Ð¾Ð³Ð¾ кода нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти*</th> @@ -1725,9 +1247,8 @@ </tr> <tr> <td>CVE-2014-9795</td> - <td>A-28820720<br> - <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> - [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] + <td>A-28820720<br /> + <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] </td> <td>КритичеÑкий</td> <td>Nexus 5</td> @@ -1735,7 +1256,7 @@ </tr> <tr> <td>CVE-2014-9794</td> - <td>A-28821172<br> + <td>A-28821172<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> </td> <td>КритичеÑкий</td> @@ -1744,7 +1265,7 @@ </tr> <tr> <td>CVE-2015-8892</td> - <td>A-28822807<br> + <td>A-28822807<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> </td> <td>КритичеÑкий</td> @@ -1753,8 +1274,8 @@ </tr> <tr> <td>CVE-2014-9781</td> - <td>A-28410333<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> + <td>A-28410333<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> </td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 7 (2013)</td> @@ -1762,7 +1283,7 @@ </tr> <tr> <td>CVE-2014-9786</td> - <td>A-28557260<br> + <td>A-28557260<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1770,7 +1291,7 @@ </tr> <tr> <td>CVE-2014-9788</td> - <td>A-28573112<br> + <td>A-28573112<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5</td> @@ -1778,15 +1299,15 @@ </tr> <tr> <td>CVE-2014-9779</td> - <td>A-28598347<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> + <td>A-28598347<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5</td> <td>13 марта 2014 г.</td> </tr> <tr> <td>CVE-2014-9780</td> - <td>A-28602014<br> + <td>A-28602014<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 5X, Nexus 6P</td> @@ -1794,7 +1315,7 @@ </tr> <tr> <td>CVE-2014-9789</td> - <td>A-28749392<br> + <td>A-28749392<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5</td> @@ -1802,7 +1323,7 @@ </tr> <tr> <td>CVE-2014-9793</td> - <td>A-28821253<br> + <td>A-28821253<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 7 (2013)</td> @@ -1810,7 +1331,7 @@ </tr> <tr> <td>CVE-2014-9782</td> - <td>A-28431531<br> + <td>A-28431531<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1818,16 +1339,15 @@ </tr> <tr> <td>CVE-2014-9783</td> - <td>A-28441831<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> - [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> + <td>A-28441831<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 7 (2013)</td> <td>31 марта 2014 г.</td> </tr> <tr> <td>CVE-2014-9785</td> - <td>A-28469042<br> + <td>A-28469042<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 7 (2013)</td> @@ -1835,7 +1355,7 @@ </tr> <tr> <td>CVE-2014-9787</td> - <td>A-28571496<br> + <td>A-28571496<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 7 (2013)</td> @@ -1843,7 +1363,7 @@ </tr> <tr> <td>CVE-2014-9784</td> - <td>A-28442449<br> + <td>A-28442449<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1851,7 +1371,7 @@ </tr> <tr> <td>CVE-2014-9777</td> - <td>A-28598501<br> + <td>A-28598501<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1859,7 +1379,7 @@ </tr> <tr> <td>CVE-2014-9778</td> - <td>A-28598515<br> + <td>A-28598515<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1867,16 +1387,15 @@ </tr> <tr> <td>CVE-2014-9790</td> - <td>A-28769136<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> - [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> + <td>A-28769136<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> <td>30Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2014 г.</td> </tr> <tr> <td>CVE-2014-9792</td> - <td>A-28769399<br> + <td>A-28769399<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5</td> @@ -1884,7 +1403,7 @@ </tr> <tr> <td>CVE-2014-9797</td> - <td>A-28821090<br> + <td>A-28821090<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5</td> @@ -1892,15 +1411,15 @@ </tr> <tr> <td>CVE-2014-9791</td> - <td>A-28803396<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> + <td>A-28803396<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 7 (2013)</td> <td>29 авгуÑта 2014 г.</td> </tr> <tr> <td>CVE-2014-9796</td> - <td>A-28820722<br> + <td>A-28820722<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1908,7 +1427,7 @@ </tr> <tr> <td>CVE-2014-9800</td> - <td>A-28822150<br> + <td>A-28822150<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1916,7 +1435,7 @@ </tr> <tr> <td>CVE-2014-9799</td> - <td>A-28821731<br> + <td>A-28821731<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1924,7 +1443,7 @@ </tr> <tr> <td>CVE-2014-9801</td> - <td>A-28822060<br> + <td>A-28822060<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5</td> @@ -1932,7 +1451,7 @@ </tr> <tr> <td>CVE-2014-9802</td> - <td>A-28821965<br> + <td>A-28821965<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1940,7 +1459,7 @@ </tr> <tr> <td>CVE-2015-8891</td> - <td>A-28842418<br> + <td>A-28842418<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> @@ -1948,7 +1467,7 @@ </tr> <tr> <td>CVE-2015-8888</td> - <td>A-28822465<br> + <td>A-28822465<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5</td> @@ -1956,7 +1475,7 @@ </tr> <tr> <td>CVE-2015-8889</td> - <td>A-28822677<br> + <td>A-28822677<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 6P</td> @@ -1964,13 +1483,13 @@ </tr> <tr> <td>CVE-2015-8890</td> - <td>A-28822878<br> + <td>A-28822878<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 7 (2013)</td> <td>19 авгуÑта 2015 г</td> </tr> -</table> +</tbody></table> <p>*Уровень ÑерьезноÑти Ñтих уÑзвимоÑтей определÑетÑÑ Ð½ÐµÐ¿Ð¾ÑредÑтвенно компанией Qualcomm.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> @@ -1980,12 +1499,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2000,21 +1519,20 @@ <td>Nexus 5X, Nexus 6P</td> <td>11 марта 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> Повышение привилегий через Wi-Fi-драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный -код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> +код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2029,21 +1547,20 @@ <td>Nexus 7 (2013)</td> <td>17 марта 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный -код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> +код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2058,7 +1575,7 @@ <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013)</td> <td>27 марта 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> @@ -2068,12 +1585,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2082,13 +1599,13 @@ </tr> <tr> <td>CVE-2016-3793</td> - <td>A-28026625*<br> + <td>A-28026625*<br /> N-CVE20163793</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 9</td> <td>5Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> @@ -2098,12 +1615,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2112,7 +1629,7 @@ </tr> <tr> <td>CVE-2016-3795</td> - <td>A-28085222*<br> + <td>A-28085222*<br /> M-ALPS02677244</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> @@ -2120,28 +1637,27 @@ </tr> <tr> <td>CVE-2016-3796</td> - <td>A-29008443*<br> + <td>A-29008443*<br /> M-ALPS02677244</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> <td>7Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> Повышение привилегий через Wi-Fi-драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный -код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> +код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2156,7 +1672,7 @@ <td>Nexus 5X</td> <td>7Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> @@ -2166,12 +1682,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2180,28 +1696,27 @@ </tr> <tr> <td>CVE-2016-3798</td> - <td>A-28174490*<br> + <td>A-28174490*<br /> M-ALPS02703105</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> <td>11Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> Повышение привилегий через видеодрайвер MediaTek</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный -код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку -уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> +код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2210,7 +1725,7 @@ </tr> <tr> <td>CVE-2016-3799</td> - <td>A-28175025*<br> + <td>A-28175025*<br /> M-ALPS02693738</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> @@ -2218,13 +1733,13 @@ </tr> <tr> <td>CVE-2016-3800</td> - <td>A-28175027*<br> + <td>A-28175027*<br /> M-ALPS02693739</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> <td>11Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> @@ -2234,12 +1749,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2248,13 +1763,13 @@ </tr> <tr> <td>CVE-2016-3801</td> - <td>A-28174914*<br> + <td>A-28174914*<br /> M-ALPS02688853</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> <td>11Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> @@ -2264,12 +1779,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2290,7 +1805,7 @@ <td>Nexus 5X, Nexus 6P</td> <td>4Â Ð¼Ð°Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> @@ -2300,12 +1815,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2314,7 +1829,7 @@ </tr> <tr> <td>CVE-2016-3804</td> - <td>A-28332766*<br> + <td>A-28332766*<br /> M-ALPS02694410</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> @@ -2322,13 +1837,13 @@ </tr> <tr> <td>CVE-2016-3805</td> - <td>A-28333002*<br> + <td>A-28333002*<br /> M-ALPS02694412</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> <td>21Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> @@ -2338,12 +1853,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2352,13 +1867,13 @@ </tr> <tr> <td>CVE-2016-3806</td> - <td>A-28402341*<br> + <td>A-28402341*<br /> M-ALPS02715341</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> <td>26Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> @@ -2368,12 +1883,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2394,7 +1909,7 @@ <td>Pixel С</td> <td>26Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> @@ -2404,12 +1919,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2419,12 +1934,12 @@ <tr> <td>CVE-2016-2068</td> <td>A-28470967 - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5, Nexus 5X, Nexus 6, Nexus 6P</td> <td>28Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-kernel"> Повышение привилегий через Ñдро</h3> @@ -2433,12 +1948,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2447,14 +1962,14 @@ </tr> <tr> <td>CVE-2014-9803</td> - <td>A-28557020<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> + <td>A-28557020<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-networking-component"> РаÑкрытие информации через Ñетевой компонент</h3> @@ -2464,12 +1979,12 @@ ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2483,22 +1998,22 @@ <td><a href="#all_nexus">Ð’Ñе уÑтройÑтва</a></td> <td>5 марта 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver"> РаÑкрытие информации через Wi-Fi-драйвер MediaTek</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный -доÑтуп к конфиденциальным данным. Из-за Ñтого проблеме приÑвоен выÑокий уровень -ÑерьезноÑти.</p> +доÑтуп к конфиденциальным данным. Из-за Ñтого +проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2507,13 +2022,13 @@ </tr> <tr> <td>CVE-2016-3810</td> - <td>A-28175522*<br> + <td>A-28175522*<br /> M-ALPS02694389</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One</td> <td>12Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> @@ -2523,12 +2038,12 @@ уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2542,7 +2057,7 @@ <td>Nexus 9</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> @@ -2553,12 +2068,12 @@ нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2567,30 +2082,28 @@ </tr> <tr> <td>CVE-2016-3812</td> - <td>A-28174833*<br> + <td>A-28174833*<br /> M-ALPS02688832</td> <td>Средний</td> <td>Android One</td> <td>11Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> РаÑкрытие информации через USB-драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. -Проблеме приÑвоен Ñредний -уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала -нарушить защиту привилегированного процеÑÑа.</p> +Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2605,7 +2118,7 @@ <td>Nexus 5, Nexus 5X, Nexus 6, Nexus 6P</td> <td>11Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> @@ -2617,12 +2130,12 @@ нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2631,7 +2144,7 @@ </tr> <tr> <td>CVE-2016-3814</td> - <td>A-28193342*<br> + <td>A-28193342*<br /> N-CVE20163814</td> <td>Средний</td> <td>Nexus 9</td> @@ -2639,13 +2152,13 @@ </tr> <tr> <td>CVE-2016-3815</td> - <td>A-28522274*<br> + <td>A-28522274*<br /> N-CVE20163815</td> <td>Средний</td> <td>Nexus 9</td> <td>1Â Ð¼Ð°Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> @@ -2656,12 +2169,12 @@ нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2675,7 +2188,7 @@ <td>Android One</td> <td>26Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> @@ -2687,12 +2200,12 @@ нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2701,7 +2214,7 @@ </tr> <tr> <td>CVE-2016-0723</td> - <td>A-28409131<br> + <td>A-28409131<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439">Upstream kernel</a></td> <td>Средний</td> @@ -2709,22 +2222,22 @@ kernel</a></td> Player, Pixel C</td> <td>26Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> Отказ в обÑлуживании в загрузчике Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО вызывать Ð½Ð°Ñ€ÑƒÑˆÐµÐ½Ð¸Ñ Ð² работе -ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС. +ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2747,7 +2260,7 @@ kernel</a></td> <td>Nexus 5, Nexus 7 (2013)</td> <td>19 авгуÑта 2015 г</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">ЧаÑто задаваемые вопроÑÑ‹</h2> <p>Ð’ Ñтом разделе мы отвечаем на вопроÑÑ‹, которые могут возникнуть поÑле Ð¿Ñ€Ð¾Ñ‡Ñ‚ÐµÐ½Ð¸Ñ Ð±ÑŽÐ»Ð»ÐµÑ‚ÐµÐ½Ñ.</p> @@ -2756,7 +2269,7 @@ kernel</a></td> <p>Ð’ иÑправлении от 1Â Ð¸ÑŽÐ»Ñ 2016 года уÑтранены вÑе проблемы, ÑвÑзанные Ñ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸ÐµÐ¼ 2016-07-01. Ð’ иÑправлении от 5Â Ð¸ÑŽÐ»Ñ 2016 года или более новом уÑтранены вÑе проблемы, ÑвÑзанные Ñ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸ÐµÐ¼ 2016-07-05. О том, как узнать дату -поÑледнего Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, раÑÑказываетÑÑ Ð² <a href="https://support.google.com/nexus/answer/4457705">Справочном центре</a>. +поÑледнего Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, раÑÑказываетÑÑ Ð² <a href="https://support.google.com/nexus/answer/4457705">Справочном центре</a>. Производители уÑтройÑтв, позволÑющие уÑтановить Ñти обновлениÑ, должны приÑвоить им уровень [ro.build.version.security_patch]:[2016-07-01] или @@ -2777,8 +2290,7 @@ kernel</a></td> некоторые уÑзвимоÑти, иÑправленные в обновлении от 5Â Ð¸ÑŽÐ»Ñ 2016 года.</p> <p id="all_nexus"><strong>3. Как определить, на каких уÑтройÑтвах Nexus приÑутÑтвует уÑзвимоÑÑ‚ÑŒ?</strong></p> -<p>Ð’ каждой таблице разделов Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей <a href="#2016-07-01_details">2016-07-01</a> и -<a href="#2016-07-05_details">2016-07-05</a> еÑÑ‚ÑŒ Ñтолбец "Обновленные уÑтройÑтва Nexus". Ð’ нем указано, +<p>Ð’ каждой таблице разделов Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей <a href="#2016-07-01-details">2016-07-01</a> и <a href="#2016-07-05-details">2016-07-05</a> еÑÑ‚ÑŒ Ñтолбец "Обновленные уÑтройÑтва Nexus". Ð’ нем указано, на каких уÑтройÑтвах приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</p> <ul> <li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> @@ -2786,8 +2298,7 @@ kernel</a></td> <a href="https://support.google.com/nexus/answer/4457705#nexus_devices">поддерживаемых уÑтройÑтвах Nexus</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, Nexus Player и Pixel C.</li> - <li><strong>Ðекоторые уÑтройÑтва.</strong> <em></em>ПеречиÑлены уÑтройÑтва, на которых приÑутÑтвует - уÑзвимоÑÑ‚ÑŒ.</li> + <li><strong>Ðекоторые уÑтройÑтва.</strong> <em></em>ПеречиÑлены уÑтройÑтва, на которых приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</li> <li><strong>Ðет.</strong> Проблема не возникает ни на одном уÑтройÑтве Nexus.<em></em></li> </ul> @@ -2797,7 +2308,7 @@ kernel</a></td> иÑточник ÑÑылки, а именно:</p> <table> - <tr> + <tbody><tr> <th>ПрефикÑ</th> <th>Значение</th> </tr> @@ -2817,7 +2328,7 @@ kernel</a></td> <td>N-</td> <td>СÑылочный номер NVIDIA</td> </tr> -</table> +</tbody></table> <h2 id="revisions">ВерÑии</h2> <ul> @@ -2825,13 +2336,12 @@ kernel</a></td> <li>7Â Ð¸ÑŽÐ»Ñ 2016 года. <ul> <li>Добавлены ÑÑылки на AOSP. - <li>Удалена Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑти CVE-2016-3794, Ñовпадающей Ñ CVE-2016-3814. - <li>Добавлена Ð°Ñ‚Ñ€Ð¸Ð±ÑƒÑ†Ð¸Ñ ÑƒÑзвимоÑтей CVE-2016-2501 и CVE-2016-2502. - </li></li></li></ul> + </li><li>Удалена Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑти CVE-2016-3794, Ñовпадающей Ñ CVE-2016-3814. + </li><li>Добавлена Ð°Ñ‚Ñ€Ð¸Ð±ÑƒÑ†Ð¸Ñ ÑƒÑзвимоÑтей CVE-2016-2501 и CVE-2016-2502. + </li></ul> </li> <li>11Â Ð¸ÑŽÐ»Ñ 2016 года. Обновлена Ð°Ñ‚Ñ€Ð¸Ð±ÑƒÑ†Ð¸Ñ ÑƒÑзвимоÑти CVE-2016-3750.</li> <li>14Â Ð¸ÑŽÐ»Ñ 2016 года. Обновлена Ð°Ñ‚Ñ€Ð¸Ð±ÑƒÑ†Ð¸Ñ ÑƒÑзвимоÑти CVE-2016-2503.</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2016-12-01.html b/ru/security/bulletin/2016-12-01.html index 000a36fa..f2ac029b 100644 --- a/ru/security/bulletin/2016-12-01.html +++ b/ru/security/bulletin/2016-12-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Бюллетень по безопаÑноÑти Android – декабрь 2016 г.</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,22 +20,20 @@ limitations under the License. --> - - -<p><em>Опубликовано 5Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г. | Обновлено 7Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</em></p> +<p><em>Опубликовано 5Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г. | Обновлено 21Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</em></p> <p> Ð’ Ñтом бюллетене ÑодержитÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑÑ‚ÑÑ… в защите уÑтройÑтв Android. К его выходу мы выпуÑтили автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти Ð´Ð»Ñ ÑƒÑтройÑтв Google и опубликовали образы прошивок <a href="https://developers.google.com/android/nexus/images">на Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. Ð’Ñе актуальные проблемы, перечиÑленные здеÑÑŒ, уÑтранены в иÑправлении от 5Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года или более новом. Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы -безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>. +безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>. </p> <p> Мы Ñообщили партнерам об уÑзвимоÑÑ‚ÑÑ… 7 ноÑÐ±Ñ€Ñ 2016 года или ранее. ИÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ ÑƒÑзвимоÑтей доÑтупны в хранилище Android Open Source Project (AOSP). Ð’ Ñтом бюллетене также приведены ÑÑылки на иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð²Ð½Ðµ AOSP. </p> <p> -Ðаиболее важным проблемам приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за них нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ñ‚Ð°ÐºÐ¸Ñ… проблем потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС. +Ðаиболее важным проблемам приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за них нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ñ‚Ð°ÐºÐ¸Ñ… проблем потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС. <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны. </p> <p> -Обнаруженные уÑзвимоÑти не ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android. +У Ð½Ð°Ñ Ð½ÐµÑ‚ информации о том, что обнаруженные уÑзвимоÑти ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> опиÑываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android. </p> <p> Мы рекомендуем вÑем пользователÑм уÑтановить перечиÑленные в разделе обновлениÑ. @@ -52,288 +49,6 @@ </li> <li>Ðа поддерживаемые уÑтройÑтва Google будет уÑтановлено единое автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти от 5Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года.</li> </ul> -<h2 id="security-vulnerability-summary">Перечень уÑзвимоÑтей</h2> -<p> -Ð’ таблице ниже перечиÑлены уÑзвимоÑти, их идентификаторы (CVE) и уровни ÑерьезноÑти, а также указано, затрагивает ли проблема уÑтройÑтва Google. <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны. -</p> -<h3 id="2016-12-01-summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-12-01)</h3> -<p> -ПеречиÑленные проблемы должны быть уÑтранены в иÑправлении от 1Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года или более новом. -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>УÑзвимоÑÑ‚ÑŒ</th> - <th>CVE</th> - <th>Уровень ÑерьезноÑти</th> - <th>Затрагивает уÑтройÑтва Google?</th> - </tr> - <tr> - <td>Удаленное выполнение кода через CURL/LIBCURL</td> - <td>CVE-2016-5419, CVE-2016-5420, CVE-2016-5421</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через libziparchive</td> - <td>CVE-2016-6762</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании через телефонную ÑвÑзь</td> - <td>CVE-2016-6763</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в mediaserver</td> - <td>CVE-2016-6766, CVE-2016-6765, CVE-2016-6764, CVE-2016-6767</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Удаленное выполнение кода через библиотеку Framesequence</td> - <td>CVE-2016-6768</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Smart Lock</td> - <td>CVE-2016-6769</td> - <td>Средний</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через Framework API</td> - <td>CVE-2016-6770</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через телефонную ÑвÑзь</td> - <td>CVE-2016-6771</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi</td> - <td>CVE-2016-6772</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через mediaserver</td> - <td>CVE-2016-6773</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через Package Manager</td> - <td>CVE-2016-6774</td> - <td>Средний</td> - <td>Да</td> - </tr> -</table> -<p> -*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. -</p> -<h3 id="2016-12-05-summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-12-05)</h3> -<p> -Ð’ иÑправлении от 5Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года или более новом уÑтранены вÑе проблемы, упомÑнутые в обновлении 2016-12-01, а также уÑзвимоÑти, перечиÑленные ниже. -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>УÑзвимоÑÑ‚ÑŒ</th> - <th>CVE</th> - <th>Уровень ÑерьезноÑти</th> - <th>Затрагивает уÑтройÑтва Google?</th> - </tr> - <tr> - <td>Повышение привилегий через подÑиÑтему памÑти Ñдра</td> - <td>CVE-2016-4794, CVE-2016-5195</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</td> - <td>CVE-2016-6775, CVE-2016-6776, CVE-2016-6777</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñдро</td> - <td>CVE-2015-8966</td> - <td>КритичеÑкий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через видеодрайвер NVIDIA</td> - <td>CVE-2016-6915, CVE-2016-6916, CVE-2016-6917</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер ION Ñдра</td> - <td>CVE-2016-9120</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>УÑзвимоÑти в компонентах Qualcomm</td> - <td>CVE-2016-8411</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через файловую ÑиÑтему Ñдра</td> - <td>CVE-2014-4014</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñдро</td> - <td>CVE-2015-8967</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через аудиодрайвер кодеков HTC</td> - <td>CVE-2016-6778, CVE-2016-6779, CVE-2016-6780</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер MediaTek</td> - <td>CVE-2016-6492, CVE-2016-6781, CVE-2016-6782, CVE-2016-6783, CVE-2016-6784, CVE-2016-6785</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через медиакодеки Qualcomm</td> - <td>CVE-2016-6761, CVE-2016-6760, CVE-2016-6759, CVE-2016-6758</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</td> - <td>CVE-2016-6755</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через подÑиÑтему производительноÑти Ñдра</td> - <td>CVE-2016-6786, CVE-2016-6787</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер I2C MediaTek</td> - <td>CVE-2016-6788</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через библиотеку libomx NVIDIA</td> - <td>CVE-2016-6789, CVE-2016-6790</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через аудиодрайвер Qualcomm</td> - <td>CVE-2016-6791, CVE-2016-8391, CVE-2016-8392</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через подÑиÑтему безопаÑноÑти Ñдра</td> - <td>CVE-2015-7872</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер ÑенÑорного Ñкрана Synaptics</td> - <td>CVE-2016-8393, CVE-2016-8394</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi-драйвер Broadcom</td> - <td>CVE-2014-9909, CVE-2014-9910</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>РаÑкрытие информации через видеодрайвер MediaTek</td> - <td>CVE-2016-8396</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>РаÑкрытие информации через видеодрайвер NVIDIA</td> - <td>CVE-2016-8397</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в GPS</td> - <td>CVE-2016-5341</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в драйвере NVIDIA Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</td> - <td>CVE-2016-8395</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñетевую подÑиÑтему Ñдра</td> - <td>CVE-2016-8399</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через компоненты Qualcomm</td> - <td>CVE-2016-6756, CVE-2016-6757</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через библиотеку librm NVIDIA</td> - <td>CVE-2016-8400</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через компоненты Ñдра</td> - <td>CVE-2016-8401, CVE-2016-8402, CVE-2016-8403, CVE-2016-8404, CVE-2016-8405, CVE-2016-8406, CVE-2016-8407</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через видеодрайвер NVIDIA</td> - <td>CVE-2016-8408, CVE-2016-8409</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через аудиодрайвер Qualcomm</td> - <td>CVE-2016-8410</td> - <td>Средний</td> - <td>Да</td> - </tr> -</table> -<p> -*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. -</p> <h2 id="mitigations">Предотвращение атак</h2> <p> Ðиже раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> @@ -344,13 +59,8 @@ <li>ИÑпользование многих уÑзвимоÑтей затруднÑетÑÑ Ð² новых верÑиÑÑ… Android, поÑтому мы рекомендуем вÑем пользователÑм Ñвоевременно обновлÑÑ‚ÑŒ ÑиÑтему.</li> -<li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_2015_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоноÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">мобильными ÑервиÑами Google</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников. Ð¥Ð¾Ñ‚Ñ Ð² Google Play инÑтрументы Ð´Ð»Ñ Ñ€ÑƒÑ‚Ð¸Ð½Ð³Ð° запрещены, -они могут вÑтречатьÑÑ Ð² других магазинах. ЕÑли пользователь решает уÑтановить такое приложение, Проверка предупреждает об Ñтом. Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, -иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать -его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема -уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> -<li>ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким -процеÑÑам, как mediaserver, автоматичеÑки.</li> +<li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоноÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">мобильными ÑервиÑами Google</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников. Ð¥Ð¾Ñ‚Ñ Ð² Google Play инÑтрументы Ð´Ð»Ñ Ñ€ÑƒÑ‚Ð¸Ð½Ð³Ð° запрещены, они могут вÑтречатьÑÑ Ð² других магазинах. ЕÑли пользователь решает уÑтановить такое приложение, Проверка предупреждает об Ñтом. Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> +<li>ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким процеÑÑам, как mediaserver, автоматичеÑки.</li> </ul> <h2 id="acknowledgements">БлагодарноÑти</h2> @@ -365,7 +75,7 @@ <li>ДÑвид Бенджамин и Кенни Рут из Google: CVE-2016-6767</li> <li>Ди ШÑнь (<a href="https://twitter.com/returnsme">@returnsme</a>) из KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-6776, CVE-2016-6787</li> <li>Ðнь Ð¥Ñ (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) из <a href="http://www.ms509.com">MS509Team</a>: CVE-2016-6763</li> - <li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2016-6779, CVE-2016-6778, CVE-2016-8401, CVE-2016-8402, CVE-2016-8403, CVE-2016-8409, CVE-2016-8408, CVE-2016-8404</li> + <li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2016-6779, CVE-2016-6778, CVE-2016-8401, CVE-2016-8402, CVE-2016-8403, CVE-2016-8409, CVE-2016-8408, CVE-2016-8404</li> <li>ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd: CVE-2016-6788, CVE-2016-6781, CVE-2016-6782, CVE-2016-8396</li> <li><a href="mailto:zlbzlb815@163.com">Лубо Чжан</a>, <a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a>, Чиачи У (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-6791, CVE-2016-8391, CVE-2016-8392</li> <li>Марк Бренд из Project Zero: CVE-2016-6772</li> @@ -392,13 +102,12 @@ <li><a href="http://weibo.com/ele7enxxh">Цзыно Хань</a> из Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.: CVE-2016-6762</li> </ul> <p> -ÐžÑ‚Ð´ÐµÐ»ÑŒÐ½Ð°Ñ Ð±Ð»Ð°Ð³Ð¾Ð´Ð°Ñ€Ð½Ð¾ÑÑ‚ÑŒ ÐœÑнло Гоу (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>) из Bottle Tech, Юн Ван (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) и Зубин Митра из Google за их помощь в ÑоÑтавлении Ñтого бюллетенÑ. +ÐžÑ‚Ð´ÐµÐ»ÑŒÐ½Ð°Ñ Ð±Ð»Ð°Ð³Ð¾Ð´Ð°Ñ€Ð½Ð¾ÑÑ‚ÑŒ ÐœÑнло Гоу (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>) из Bottle Tech, Юн Вану (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) и Зубину Митре из Google за их помощь в ÑоÑтавлении Ñтого бюллетенÑ. </p> <h2 id="2016-12-01-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-12-01)</h2> <p> -Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех <a href="#2016-12-01-summary">перечиÑленных выше</a> уÑзвимоÑÑ‚ÑÑ…: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> - +Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2016-12-01: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="rce-in-curl-libcurl">Удаленное выполнение кода через CURL/LIBCURL</h3> <p> @@ -406,13 +115,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -444,8 +153,7 @@ <td>7.0</td> <td>3 авгуÑта 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-libziparchive">Повышение привилегий через libziparchive</h3> <p> @@ -453,13 +161,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -469,16 +177,14 @@ </tr> <tr> <td>CVE-2016-6762</td> - <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c">A-31251826</a> - [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>] + <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c">A-31251826</a> [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>] </td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>28 авгуÑта 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-telephony">Отказ в обÑлуживании через телефонную ÑвÑзь</h3> <p> @@ -487,13 +193,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -510,8 +216,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>12 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">Отказ в обÑлуживании в mediaserver</h3> <p> @@ -519,13 +224,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -568,26 +273,25 @@ <td>4.4.4</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p> *Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. </p> - <h3 id="rce-in-framesequence-library">Удаленное выполнение кода через библиотеку Framesequence</h3> <p> УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ произвольный код в контекÑте непривилегированного процеÑÑа Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñпециально Ñозданного файла. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в ПО, которое иÑпользует Ñту библиотеку. </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -604,8 +308,7 @@ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>19 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-smart-lock">Повышение привилегий через Smart Lock</h3> <p> @@ -613,13 +316,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -635,12 +338,11 @@ <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>27Â Ð¼Ð°Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. </p> - <h3 id="eop-in-framework-apis">Повышение привилегий через Framework API</h3> <p> УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к ÑиÑтемным функциÑм. @@ -648,13 +350,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -671,8 +373,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>16Â Ð¸ÑŽÐ»Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-telephony">Повышение привилегий через телефонную ÑвÑзь</h3> <p> @@ -680,13 +381,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -703,8 +404,7 @@ <td>6.0, 6.0.1, 7.0</td> <td>17 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Повышение привилегий через Wi-Fi</h3> <p> @@ -712,13 +412,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -728,15 +428,13 @@ </tr> <tr> <td>CVE-2016-6772</td> - <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484">A-31856351</a> - [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484">A-31856351</a> [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> <td>Средний</td> <td>Ð’Ñе</td> <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>30 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">РаÑкрытие информации через mediaserver</h3> <p> @@ -744,13 +442,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -760,15 +458,13 @@ </tr> <tr> <td>CVE-2016-6773</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0">A-30481714</a> - [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0">A-30481714</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> <td>Средний</td> <td>Ð’Ñе</td> <td>6.0, 6.0.1, 7.0</td> <td>27Â Ð¸ÑŽÐ»Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-package-manager">РаÑкрытие информации через Package Manager</h3> <p> @@ -776,13 +472,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -799,12 +495,11 @@ <td>7.0</td> <td>29 авгуÑта 2016 г.</td> </tr> -</table> - +</tbody></table> <h2 id="2016-12-05-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2016-12-05)</h2> <p> -Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех <a href="#2016-12-05-summary">перечиÑленных выше</a> уÑзвимоÑÑ‚ÑÑ…: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> +Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2016-12-05: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="eop-in-kernel-memory-subsystem">Повышение привилегий через подÑиÑтему памÑти Ñдра</h3> <p> @@ -812,12 +507,12 @@ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -826,24 +521,21 @@ </tr> <tr> <td>CVE-2016-4794</td> - <td>A-31596597<br> - <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28">Upstream kernel</a> - [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> + <td>A-31596597<br /> + <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28">Upstream kernel</a> [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> <td>КритичеÑкий</td> <td>Pixel C, Pixel, Pixel XL</td> <td>17Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> <tr> <td>CVE-2016-5195</td> - <td>A-32141528<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1">Upstream kernel</a> - [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> + <td>A-32141528<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1">Upstream kernel</a> [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> <td>КритичеÑкий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL</td> <td>12 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-nvidia-gpu-driver">Повышение привилегий через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</h3> <p> @@ -851,12 +543,12 @@ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -865,26 +557,26 @@ </tr> <tr> <td>CVE-2016-6775</td> - <td>A-31222873*<br>N-CVE-2016-6775</td> + <td>A-31222873*<br />N-CVE-2016-6775</td> <td>КритичеÑкий</td> <td>Nexus 9</td> <td>25 авгуÑта 2016 г.</td> </tr> <tr> <td>CVE-2016-6776</td> - <td>A-31680980*<br>N-CVE-2016-6776</td> + <td>A-31680980*<br />N-CVE-2016-6776</td> <td>КритичеÑкий</td> <td>Nexus 9</td> <td>22 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> <tr> <td>CVE-2016-6777</td> - <td>A-31910462*<br>N-CVE-2016-6777</td> + <td>A-31910462*<br />N-CVE-2016-6777</td> <td>КритичеÑкий</td> <td>Nexus 9</td> <td>3 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -896,12 +588,12 @@ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -910,31 +602,30 @@ </tr> <tr> <td>CVE-2015-8966</td> - <td>A-31435731<br> + <td>A-31435731<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> Upstream kernel</a></td> <td>КритичеÑкий</td> <td>Ðет*</td> <td>10 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. </p> - <h3 id="eop-in-nvidia-video-driver">Повышение привилегий через видеодрайвер NVIDIA</h3> <p> УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -944,7 +635,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-6915</td> <td>A-31471161* - <br>N-CVE-2016-6915</td> + <br />N-CVE-2016-6915</td> <td>КритичеÑкий</td> <td>Nexus 9</td> <td>13 ÑентÑÐ±Ñ€Ñ 2016 г.</td> @@ -952,7 +643,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-6916</td> <td>A-32072350* - <br>N-CVE-2016-6916</td> + <br />N-CVE-2016-6916</td> <td>КритичеÑкий</td> <td>Nexus 9, Pixel C</td> <td>13 ÑентÑÐ±Ñ€Ñ 2016 г.</td> @@ -960,12 +651,12 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-6917</td> <td>A-32072253* - <br>N-CVE-2016-6917</td> + <br />N-CVE-2016-6917</td> <td>КритичеÑкий</td> <td>Nexus 9</td> <td>13 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -976,12 +667,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -990,26 +681,26 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-9120</td> - <td>A-31568617<br> + <td>A-31568617<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> Upstream kernel</a></td> <td>КритичеÑкий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player</td> <td>16 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> -<h3>УÑзвимоÑти в компонентах Qualcomm</h3> +<h3 id="vulnerabilities-in-qc-components">УÑзвимоÑти в компонентах Qualcomm</h3> <p> Следующие уÑзвимоÑти затрагивают компоненты Qualcomm и опиÑаны в бюллетене по безопаÑноÑти Qualcomm AMSS за ноÑбрь 2015 года. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти*</th> @@ -1023,7 +714,7 @@ Upstream kernel</a></td> <td>Nexus 6, Nexus 6P, Android One</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> -</table> +</tbody></table> <p>*Уровень ÑерьезноÑти Ñтих уÑзвимоÑтей определÑетÑÑ Ð½ÐµÐ¿Ð¾ÑредÑтвенно компанией Qualcomm.</p> <p>**ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1034,12 +725,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1048,15 +739,14 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2014-4014</td> - <td>A-31252187<br> + <td>A-31252187<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 6, Nexus Player</td> <td>10Â Ð¸ÑŽÐ½Ñ 2014 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-2">Повышение привилегий через Ñдро</h3> <p> @@ -1064,12 +754,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1078,15 +768,14 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2015-8967</td> - <td>A-31703084<br> + <td>A-31703084<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Pixel, Pixel XL</td> <td>8 ÑÐ½Ð²Ð°Ñ€Ñ 2015 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-htc-sound-codec-driver">Повышение привилегий через аудиодрайвер кодеков HTC</h3> <p> @@ -1094,12 +783,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1127,7 +816,7 @@ Upstream kernel</a></td> <td>Nexus 9</td> <td>30 авгуÑта 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1138,12 +827,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1152,64 +841,63 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-6492</td> - <td>A-28175122<br>MT-ALPS02696413</td> + <td>A-28175122<br />MT-ALPS02696413</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>11Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> <tr> <td>CVE-2016-6781</td> - <td>A-31095175<br>MT-ALPS02943455</td> + <td>A-31095175<br />MT-ALPS02943455</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>22 авгуÑта 2016 г.</td> </tr> <tr> <td>CVE-2016-6782</td> - <td>A-31224389<br>MT-ALPS02943506</td> + <td>A-31224389<br />MT-ALPS02943506</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>24 авгуÑта 2016 г.</td> </tr> <tr> <td>CVE-2016-6783</td> - <td>A-31350044<br>MT-ALPS02943437</td> + <td>A-31350044<br />MT-ALPS02943437</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>6 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> <tr> <td>CVE-2016-6784</td> - <td>A-31350755<br>MT-ALPS02961424</td> + <td>A-31350755<br />MT-ALPS02961424</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>6 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> <tr> <td>CVE-2016-6785</td> - <td>A-31748056<br>MT-ALPS02961400</td> + <td>A-31748056<br />MT-ALPS02961400</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>25 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. </p> - <h3 id="eop-in-qualcomm-media-codecs">Повышение привилегий через медиакодеки Qualcomm</h3> <p> УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте привилегированного процеÑÑа. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить привилегии, недоÑтупные Ñторонним приложениÑм. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1219,7 +907,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-6761</td> <td>A-29421682* - <br>QC-CR#1055792</td> + <br />QC-CR#1055792</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> <td>16Â Ð¸ÑŽÐ½Ñ 2016 г.</td> @@ -1227,7 +915,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-6760</td> <td>A-29617572* - <br>QC-CR#1055783</td> + <br />QC-CR#1055783</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> <td>23Â Ð¸ÑŽÐ½Ñ 2016 г.</td> @@ -1235,7 +923,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-6759</td> <td>A-29982686* - <br>QC-CR#1055766</td> + <br />QC-CR#1055766</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> <td>4Â Ð¸ÑŽÐ»Ñ 2016 г.</td> @@ -1243,12 +931,12 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-6758</td> <td>A-30148882* - <br>QC-CR#1071731</td> + <br />QC-CR#1071731</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> <td>13Â Ð¸ÑŽÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1259,12 +947,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1273,15 +961,14 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-6755</td> - <td>A-30740545<br> + <td>A-30740545<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> QC-CR#1065916</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>3 авгуÑта 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-performance-subsystem">Повышение привилегий через подÑиÑтему производительноÑти Ñдра</h3> <p> @@ -1289,12 +976,12 @@ QC-CR#1065916</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1317,8 +1004,7 @@ QC-CR#1065916</a></td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL</td> <td>22 авгуÑта 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-i2c-driver">Повышение привилегий через драйвер I2C MediaTek</h3> <p> @@ -1326,12 +1012,12 @@ QC-CR#1065916</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1340,29 +1026,28 @@ QC-CR#1065916</a></td> </tr> <tr> <td>CVE-2016-6788</td> - <td>A-31224428<br>MT-ALPS02943467</td> + <td>A-31224428<br />MT-ALPS02943467</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>24 авгуÑта 2016 г.</td> </tr> -</table> +</tbody></table> <p> *Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. </p> - <h3 id="eop-in-nvidia-libomx-library">Повышение привилегий через библиотеку libomx NVIDIA</h3> <p> УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте привилегированного процеÑÑа. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить привилегии, недоÑтупные Ñторонним приложениÑм. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1372,7 +1057,7 @@ QC-CR#1065916</a></td> <tr> <td>CVE-2016-6789</td> <td>A-31251973* - <br>N-CVE-2016-6789</td> + <br />N-CVE-2016-6789</td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel С</td> <td>29 авгуÑта 2016 г.</td> @@ -1380,12 +1065,12 @@ QC-CR#1065916</a></td> <tr> <td>CVE-2016-6790</td> <td>A-31251628* - <br>N-CVE-2016-6790</td> + <br />N-CVE-2016-6790</td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel С</td> <td>28 авгуÑта 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1396,12 +1081,12 @@ QC-CR#1065916</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1410,7 +1095,7 @@ QC-CR#1065916</a></td> </tr> <tr> <td>CVE-2016-6791</td> - <td>A-31252384<br> + <td>A-31252384<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1071809</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -1419,7 +1104,7 @@ QC-CR#1071809</a></td> </tr> <tr> <td>CVE-2016-8391</td> - <td>A-31253255<br> + <td>A-31253255<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1072166</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -1428,15 +1113,14 @@ QC-CR#1072166</a></td> </tr> <tr> <td>CVE-2016-8392</td> - <td>A-31385862<br> + <td>A-31385862<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1073136</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>8 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-security-subsystem">Повышение привилегий через подÑиÑтему безопаÑноÑти Ñдра</h3> <p> @@ -1444,12 +1128,12 @@ QC-CR#1073136</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1458,15 +1142,14 @@ QC-CR#1073136</a></td> </tr> <tr> <td>CVE-2015-7872</td> - <td>A-31253168<br> + <td>A-31253168<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel, Pixel XL</td> <td>31 авгуÑта 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-synaptics-touchscreen-driver">Повышение привилегий через драйвер ÑенÑорного Ñкрана Synaptics</h3> <p> @@ -1474,12 +1157,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1500,7 +1183,7 @@ Upstream kernel</a></td> <td>Nexus 9, Android One</td> <td>8 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1511,12 +1194,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1525,36 +1208,35 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2014-9909</td> - <td>A-31676542<br>B-RB#26684</td> + <td>A-31676542<br />B-RB#26684</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>21 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> <tr> <td>CVE-2014-9910</td> - <td>A-31746399<br>B-RB#26710</td> + <td>A-31746399<br />B-RB#26710</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>26 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. </p> - <h3 id="id-in-mediatek-video-driver">РаÑкрытие информации через видеодрайвер MediaTek</h3> <p> УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Из-за Ñтого проблеме приÑвоен выÑокий уровень ÑерьезноÑти. </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1568,12 +1250,11 @@ Upstream kernel</a></td> <td>Ðет*</td> <td>26 авгуÑта 2016 г.</td> </tr> -</table> +</tbody></table> <p> *Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ. </p> - <h3 id="id-in-nvidia-video-driver">РаÑкрытие информации через видеодрайвер NVIDIA</h3> <p> УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. @@ -1581,12 +1262,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1595,13 +1276,13 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-8397</td> - <td>A-31385953*<br> + <td>A-31385953*<br /> N-CVE-2016-8397</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 9</td> <td>8 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1612,12 +1293,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1631,7 +1312,7 @@ Upstream kernel</a></td> <td>Nexus 6, Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td> <td>21Â Ð¸ÑŽÐ½Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1642,12 +1323,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1657,12 +1338,12 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-8395</td> <td>A-31403040* - <br>N-CVE-2016-8395</td> + <br />N-CVE-2016-8395</td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel С</td> <td>9 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1673,12 +1354,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1692,7 +1373,7 @@ Upstream kernel</a></td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL</td> <td>5 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1703,12 +1384,12 @@ Upstream kernel</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1717,24 +1398,22 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-6756</td> - <td>A-29464815<br> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5">QC-CR#1042068</a> - [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> + <td>A-29464815<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5">QC-CR#1042068</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> <td>Средний</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>17Â Ð¸ÑŽÐ½Ñ 2016 г.</td> </tr> <tr> <td>CVE-2016-6757</td> - <td>A-30148242<br> + <td>A-30148242<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> QC-CR#1052821</a></td> <td>Средний</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> <td>13Â Ð¸ÑŽÐ»Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-librm-library">РаÑкрытие информации через библиотеку librm NVIDIA</h3> <p> @@ -1742,12 +1421,12 @@ QC-CR#1052821</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1757,12 +1436,12 @@ QC-CR#1052821</a></td> <tr> <td>CVE-2016-8400</td> <td>A-31251599* - <br>N-CVE-2016-8400</td> + <br />N-CVE-2016-8400</td> <td>Средний</td> <td>Pixel С</td> <td>29 авгуÑта 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1773,12 +1452,12 @@ QC-CR#1052821</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1834,7 +1513,7 @@ QC-CR#1052821</a></td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>28 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1846,12 +1525,12 @@ QC-CR#1052821</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1861,7 +1540,7 @@ QC-CR#1052821</a></td> <tr> <td>CVE-2016-8408</td> <td>A-31496571* - <br>N-CVE-2016-8408</td> + <br />N-CVE-2016-8408</td> <td>Средний</td> <td>Nexus 9</td> <td>13 ÑентÑÐ±Ñ€Ñ 2016 г.</td> @@ -1869,12 +1548,12 @@ QC-CR#1052821</a></td> <tr> <td>CVE-2016-8409</td> <td>A-31495687* - <br>N-CVE-2016-8409</td> + <br />N-CVE-2016-8409</td> <td>Средний</td> <td>Nexus 9</td> <td>13 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p> *ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. </p> @@ -1885,12 +1564,12 @@ QC-CR#1052821</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1899,14 +1578,14 @@ QC-CR#1052821</a></td> </tr> <tr> <td>CVE-2016-8410</td> - <td>A-31498403<br> + <td>A-31498403<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> QC-CR#987010</a></td> <td>Средний</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">ЧаÑто задаваемые вопроÑÑ‹</h2> <p> @@ -1918,7 +1597,7 @@ QC-CR#987010</a></td> </strong> </p> <p> -Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>. +Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>. </p> <ul> <li>Ð’ иÑправлении от 1Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года или более новом уÑтранены вÑе проблемы, ÑвÑзанные Ñ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸ÐµÐ¼ 2016-12-01.</li> @@ -1951,7 +1630,7 @@ QC-CR#987010</a></td> Ð’ каждой таблице разделов Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей <a href="#2016-12-01-details">2016-12-01</a> и <a href="#2016-12-05-details">2016-12-05</a> еÑÑ‚ÑŒ Ñтолбец <em>Обновленные уÑтройÑтва Google</em>. Ð’ нем указано, на каких уÑтройÑтвах приÑутÑтвует уÑзвимоÑÑ‚ÑŒ. </p> <ul> - <li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> + <li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> <li><strong>Ðекоторые уÑтройÑтва.</strong> <em></em>ПеречиÑлены уÑтройÑтва, на которых приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</li> <li><strong>Ðет.</strong> Проблема не возникает ни на одном уÑтройÑтве Google.<em></em></li> </ul> @@ -1959,12 +1638,10 @@ QC-CR#987010</a></td> <strong>4. Ðа что указывают запиÑи в Ñтолбце "СÑылки"?</strong> </p> <p> -Ð’ таблицах Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей еÑÑ‚ÑŒ Ñтолбец <em>СÑылки</em>. -ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в нем может Ñодержать префикÑ, указывающий на -иÑточник ÑÑылки, а именно: +Ð’ таблицах Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей еÑÑ‚ÑŒ Ñтолбец <em>СÑылки</em>. ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в нем может Ñодержать префикÑ, указывающий на иÑточник ÑÑылки, а именно: </p> <table> - <tr> + <tbody><tr> <th>ПрефикÑ</th> <th>Значение</th> </tr> @@ -1988,12 +1665,12 @@ QC-CR#987010</a></td> <td>B-</td> <td>СÑылочный номер Broadcom</td> </tr> -</table> +</tbody></table> <h2 id="revisions">ВерÑии</h2> <ul> <li>5Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года. Бюллетень опубликован.</li> <li>7Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года. Добавлены ÑÑылки на AOSP и обновлена Ð°Ñ‚Ñ€Ð¸Ð±ÑƒÑ†Ð¸Ñ ÑƒÑзвимоÑтей Ð´Ð»Ñ CVE-2016-6915, CVE-2016-6916 и CVE-2016-6917.</li> + <li>21Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 года. ИÑправлены опечатки в опиÑании CVE-2016-8411 и разделе "ЧаÑто задаваемые вопроÑÑ‹".</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2017-03-01.html b/ru/security/bulletin/2017-03-01.html index 6f0f0b10..e9c05595 100644 --- a/ru/security/bulletin/2017-03-01.html +++ b/ru/security/bulletin/2017-03-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Бюллетень по безопаÑноÑти Android – март 2017 г.</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -22,11 +21,11 @@ --> <p><em>Опубликовано 6 марта 2017 г. | Обновлено 7 марта 2017 г.</em></p> -<p>Ð’ Ñтом бюллетене ÑодержитÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑÑ‚ÑÑ… в защите уÑтройÑтв Android. К его выходу мы выпуÑтили автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти Ð´Ð»Ñ ÑƒÑтройÑтв Google и опубликовали образы прошивок <a href="https://developers.google.com/android/nexus/images">на Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. Ð’Ñе актуальные проблемы, перечиÑленные здеÑÑŒ, уÑтранены в иÑправлении от 5 марта 2017 года или более новом. Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> +<p>Ð’ Ñтом бюллетене ÑодержитÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑÑ‚ÑÑ… в защите уÑтройÑтв Android. К его выходу мы выпуÑтили автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти Ð´Ð»Ñ ÑƒÑтройÑтв Google и опубликовали образы прошивок <a href="https://developers.google.com/android/nexus/images">на Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. Ð’Ñе актуальные проблемы, перечиÑленные здеÑÑŒ, уÑтранены в иÑправлении от 5 марта 2017 года или более новом. Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> <p>Мы Ñообщили партнерам об уÑзвимоÑÑ‚ÑÑ… 6Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2017 года или ранее. ИÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ ÑƒÑзвимоÑтей доÑтупны в хранилище Android Open Source Project (AOSP). Ð’ Ñтом бюллетене также приведены ÑÑылки на иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð²Ð½Ðµ AOSP.</p> -<p>Ðаиболее ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· уÑзвимоÑтей имеет критичеÑкий уровень и позволÑет удаленно выполнÑÑ‚ÑŒ код на пораженном уÑтройÑтве (например, при работе Ñ Ñлектронной почтой, проÑмотре Ñайтов в Интернете или обработке медиафайлов MMS).</p> -<p>Обнаруженные уÑзвимоÑти не ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> опиÑываетÑÑ, как <a href="{@docRoot}security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> +<p>Ðаиболее ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· уÑзвимоÑтей имеет критичеÑкий уровень и позволÑет удаленно выполнÑÑ‚ÑŒ код на пораженном уÑтройÑтве (например, при работе Ñ Ñлектронной почтой, проÑмотре Ñайтов в Интернете или обработке медиафайлов MMS). <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны.</p> +<p>У Ð½Ð°Ñ Ð½ÐµÑ‚ информации о том, что обнаруженные уÑзвимоÑти ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> опиÑываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> <p>Мы рекомендуем вÑем пользователÑм уÑтановить перечиÑленные в разделе обновлениÑ.</p> <h2 id="announcements">ОбъÑвлениÑ</h2> <ul> @@ -38,456 +37,72 @@ </li> <li>Ðа поддерживаемые уÑтройÑтва Google будет уÑтановлено единое автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти от 5 марта 2017 года.</li> </ul> -<h2 id="security-vulnerability-summary">Перечень уÑзвимоÑтей</h2> -<p>Ð’ таблице ниже перечиÑлены уÑзвимоÑти, их идентификаторы (CVE) и уровни ÑерьезноÑти, а также указано, затрагивает ли проблема уÑтройÑтва Google. <a href="{@docRoot}security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны.</p> -<h3 id="2017-03-01-summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-03-01)</h3> -<p>ПеречиÑленные проблемы должны быть уÑтранены в иÑправлении от 1 марта 2017 года или более новом.</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>УÑзвимоÑÑ‚ÑŒ</th> - <th>CVE</th> - <th>Уровень ÑерьезноÑти</th> - <th>Затрагивает уÑтройÑтва Google?</th> - </tr> - <tr> - <td>Удаленное выполнение кода через OpenSSL и BoringSSL</td> - <td>CVE-2016-2182</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Удаленное выполнение кода через mediaserver</td> - <td>CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469, CVE-2017-0470, CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0474</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через верификатор воÑÑтановлениÑ</td> - <td>CVE-2017-0475</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Удаленное выполнение кода через клиент Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° ÑообщениÑми AOSP</td> - <td>CVE-2017-0476</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Удаленное выполнение кода через libgdx</td> - <td>CVE-2017-0477</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Удаленное выполнение кода через библиотеку Framesequence</td> - <td>CVE-2017-0478</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через NFC</td> - <td>CVE-2017-0481</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через audioserver</td> - <td>CVE-2017-0479, CVE-2017-0480</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в mediaserver</td> - <td>CVE-2017-0482, CVE-2017-0483, CVE-2017-0484, CVE-2017-0485, CVE-2017-0486, CVE-2017-0487, CVE-2017-0488</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через диÑпетчер меÑтоположениÑ</td> - <td>CVE-2017-0489</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi</td> - <td>CVE-2017-0490</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через диÑпетчер пакетов</td> - <td>CVE-2017-0491</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через System UI</td> - <td>CVE-2017-0492</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через клиент Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° ÑообщениÑми AOSP</td> - <td>CVE-2017-0494</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через mediaserver</td> - <td>CVE-2017-0495</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в маÑтере наÑтройки</td> - <td>CVE-2017-0496</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в mediaserver</td> - <td>CVE-2017-0497</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в маÑтере наÑтройки</td> - <td>CVE-2017-0498</td> - <td>Средний</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в audioserver</td> - <td>CVE-2017-0499</td> - <td>Ðизкий</td> - <td>Да</td> - </tr> -</table> -<p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> -<h3 id="2017-03-05-summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-03-05)</h3> -<p>Ð’ иÑправлении от 5 марта 2017 года или более новом уÑтранены вÑе проблемы, упомÑнутые в обновлении 2017-03-01, а также уÑзвимоÑти, перечиÑленные ниже.</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>УÑзвимоÑÑ‚ÑŒ</th> - <th>CVE</th> - <th>Уровень ÑерьезноÑти</th> - <th>Затрагивает уÑтройÑтва Google?</th> - </tr> - <tr> - <td>Повышение привилегий через компоненты MediaTek</td> - <td>CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0504, CVE-2017-0505, CVE-2017-0506</td> - <td>КритичеÑкий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</td> - <td>CVE-2017-0337, CVE-2017-0338, CVE-2017-0333, CVE-2017-0306, CVE-2017-0335</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через подÑиÑтему ION Ñдра</td> - <td>CVE-2017-0507, CVE-2017-0508</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi-драйвер Broadcom</td> - <td>CVE-2017-0509</td> - <td>КритичеÑкий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через FIQ-отладчик Ñдра</td> - <td>CVE-2017-0510</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</td> - <td>CVE-2016-8479</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через Ñетевую подÑиÑтему Ñдра</td> - <td>CVE-2016-9806, CVE-2016-10200</td> - <td>КритичеÑкий</td> - <td>Да</td> - </tr> - <tr> - <td>УÑзвимоÑти в компонентах Qualcomm</td> - <td>CVE-2016-8484, CVE-2016-8485, CVE-2016-8486, CVE-2016-8487, CVE-2016-8488</td> - <td>КритичеÑкий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через Ñетевую подÑиÑтему Ñдра</td> - <td>CVE-2016-8655, CVE-2016-9793</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер уÑтройÑтв ввода Qualcomm</td> - <td>CVE-2017-0516</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер MediaTek Ð´Ð»Ñ Ð°Ð¿Ð¿Ð°Ñ€Ð°Ñ‚Ð½Ð¾Ð³Ð¾ датчика</td> - <td>CVE-2017-0517</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через ADSPRPC-драйвер Qualcomm</td> - <td>CVE-2017-0457</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Ñканера отпечатков пальцев Qualcomm</td> - <td>CVE-2017-0518, CVE-2017-0519</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ</td> - <td>CVE-2017-0520</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</td> - <td>CVE-2017-0458, CVE-2017-0521</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через APK MediaTek</td> - <td>CVE-2017-0522</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через Wi-Fi-драйвер Qualcomm</td> - <td>CVE-2017-0464, CVE-2017-0453, CVE-2017-0523</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер ÑенÑорного Ñкрана Synaptics</td> - <td>CVE-2017-0524</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер уÑÐ¸Ð»Ð¸Ñ‚ÐµÐ»Ñ Qualcomm</td> - <td>CVE-2017-0456, CVE-2017-0525</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер контроллера датчиков HTC</td> - <td>CVE-2017-0526, CVE-2017-0527</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</td> - <td>CVE-2017-0307</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>Повышение привилегий через Ñетевой драйвер Qualcomm</td> - <td>CVE-2017-0463, CVE-2017-0460</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через подÑиÑтему безопаÑноÑти Ñдра</td> - <td>CVE-2017-0528</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через SPCom-драйвер Qualcomm</td> - <td>CVE-2016-5856, CVE-2016-5857</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>РаÑкрытие информации через Ñетевую подÑиÑтему Ñдра</td> - <td>CVE-2014-8709</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер MediaTek</td> - <td>CVE-2017-0529</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Ðет*</td> - </tr> - <tr> - <td>РаÑкрытие информации через загрузчик Qualcomm</td> - <td>CVE-2017-0455</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер Ð¿Ð¸Ñ‚Ð°Ð½Ð¸Ñ Qualcomm</td> - <td>CVE-2016-8483</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</td> - <td>CVE-2017-0334, CVE-2017-0336</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Отказ в обÑлуживании в криптографичеÑкой подÑиÑтеме Ñдра</td> - <td>CVE-2016-8650</td> - <td>Ð’Ñ‹Ñокий</td> - <td>Да</td> - </tr> - <tr> - <td>Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹ (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</td> - <td>CVE-2016-8417</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через Wi-Fi-драйвер Qualcomm</td> - <td>CVE-2017-0461, CVE-2017-0459, CVE-2017-0531</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер видеокодека MediaTek</td> - <td>CVE-2017-0532</td> - <td>Средний</td> - <td>Ðет*</td> - </tr> - <tr> - <td>РаÑкрытие информации через видеодрайвер Qualcomm</td> - <td>CVE-2017-0533, CVE-2017-0534, CVE-2016-8416, CVE-2016-8478</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</td> - <td>CVE-2016-8413, CVE-2016-8477</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через аудиодрайвер кодеков HTC</td> - <td>CVE-2017-0535</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер ÑенÑорного Ñкрана Synaptics</td> - <td>CVE-2017-0536</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через USB-драйвер Ñдра</td> - <td>CVE-2017-0537</td> - <td>Средний</td> - <td>Да</td> - </tr> - <tr> - <td>РаÑкрытие информации через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</td> - <td>CVE-2017-0452</td> - <td>Ðизкий</td> - <td>Да</td> - </tr> -</table> -<p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> <h2 id="mitigations">Предотвращение атак</h2> -<p>Ðиже раÑÑказываетÑÑ, как <a href="{@docRoot}security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например SafetyNet, позволÑÑŽÑ‚ Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> +<p>Ðиже раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например SafetyNet, позволÑÑŽÑ‚ Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> <ul> <li>ИÑпользование многих уÑзвимоÑтей затруднÑетÑÑ Ð² новых верÑиÑÑ… Android, поÑтому мы рекомендуем вÑем пользователÑм Ñвоевременно обновлÑÑ‚ÑŒ ÑиÑтему.</li> -<li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_2015_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке <a href="http://static.googleusercontent.com/media/source.android.com/ru//security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоноÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">мобильными ÑервиÑами Google</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников. Ð¥Ð¾Ñ‚Ñ Ð² Google Play инÑтрументы Ð´Ð»Ñ Ñ€ÑƒÑ‚Ð¸Ð½Ð³Ð° запрещены, -они могут вÑтречатьÑÑ Ð² других магазинах. ЕÑли пользователь решает уÑтановить такое приложение, Проверка предупреждает об Ñтом. Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, -иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать -его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема -уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> -<li>ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким -процеÑÑам, как mediaserver, автоматичеÑки.</li> +<li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке <a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоноÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">мобильными ÑервиÑами Google</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников. Ð¥Ð¾Ñ‚Ñ Ð² Google Play инÑтрументы Ð´Ð»Ñ Ñ€ÑƒÑ‚Ð¸Ð½Ð³Ð° запрещены, они могут вÑтречатьÑÑ Ð² других магазинах. ЕÑли пользователь решает уÑтановить такое приложение, Проверка предупреждает об Ñтом. Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> +<li>ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким процеÑÑам, как mediaserver, автоматичеÑки.</li> </ul> <h2 id="acknowledgements">БлагодарноÑти</h2> <p>Благодарим вÑех, кто помог обнаружить уÑзвимоÑти:</p> <ul> <li>ÐлекÑандр Потапенко из команды Google Dynamic Tools: CVE-2017-0537 -<li>БаоцзÑн Дин, ЧÑнмин Ян, ПÑн СÑо и Ян Сун из Alibaba Mobile Security Group: CVE-2017-0506 -<li>БаоцзÑн Дин, Ðин Ю, ЧÑнмин Ян, ПÑн СÑо и Ян Сун из Alibaba Mobile Security Group: CVE-2017-0463 -<li>Билли Лау из команды безопаÑноÑти Android: CVE-2017-0335, CVE-2017-0336, CVE-2017-0338, CVE-2017-0460 -<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2016-8413, CVE-2016-8477, CVE-2017-0531 -<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) и <a href="mailto:sbauer@plzdonthack.me">Скотт БауÑÑ€</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0521 -<li>Ди ШÑнь (<a href="https://twitter.com/returnsme">@returnsme</a>) из KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-8412, CVE-2016-8444, CVE-2016-8427, CVE-2017-0403 -<li>Ðнь Ð¥Ñ (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) и Бо Лю из <a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0490 -<li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2016-6725, CVE-2016-6738, CVE-2016-6740, CVE-2016-6741, CVE-2016-6742, CVE-2016-6744, CVE-2016-6745, CVE-2016-3906 -<li>Хао ЧÑнь и Гуан Гун из Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-0453, CVE-2017-0461, CVE-2017-0464 -<li>Хироки Ямамото и Фан Чень из Sony Mobile Communications Inc.: CVE-2017-0481 -<li>Саги Кедми и Рои Ð¥Ñй из IBM Security X-Force: CVE-2017-0510 -<li>ЦзÑньцзюнь Дай (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) из <a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a>: CVE-2017-0478 -<li>ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360: CVE-2016-6688, CVE-2016-6677, CVE-2016-6673, CVE-2016-6687, CVE-2016-6686, CVE-2016-6681, CVE-2016-6682, CVE-2016-3930 -<li><a href="mailto:zlbzlb815@163.com">Лубо Чжан</a>, <a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8479 -<li>Макото Онуки из Google: CVE-2017-0491 -<li>МинцзÑнь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:arnow117@gmail.com">ХаньÑÑн Ð’Ñнь</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0479, CVE-2017-0480 -<li>Ðейтан КрÑнделл (<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0535 -<li>Ðейтан КрÑнделл (<a href="https://twitter.com/natecray">@natecray</a>) из Tesla Motors Product Security Team: CVE-2017-0306 -<li>ПÑнфÑй Дин (ä¸é¹é£ž), ЧÑньфу Бао (包沉浮) и Ð›ÐµÐ½ÐºÑ Ð’Ñй (韦韬) из Baidu X-Lab (百度安全实验室): CVE-2016-8417 -<li>Цидань Ð¥Ñ (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) из KeenLab, Tencent: CVE-2017-0337, CVE-2017-0476 -<li>Цин Чжан из Qihoo 360 и Гуандун Бай из ТехнологичеÑкого инÑтитута Сингапура (SIT): CVE-2017-0496 -<li>Ð¦ÑŽÐ¹Ñ…Ñ Ð¸ ваньчоучоу из Ant-financial Light-Year Security Lab (èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤): CVE-2017-0522 -<li><a href="mailto:keun-o.park@darkmatter.ae">Sahara</a> из Secure Communications в DarkMatter: CVE-2017-0528 -<li>salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>) из команды Shellphish Grill, КалифорнийÑкий универÑитет в Санта-Барбаре: CVE-2017-0505 -<li><a href="mailto:sbauer@plzdonthack.me">Скотт БауÑÑ€</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0504, CVE-2017-0516 -<li>Шон Бопре (beaups): CVE-2017-0455 -<li>Севен ШÑнь (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) из TrendMicro: CVE-2017-0452 -<li>Шиничи Мацумото из Fujitsu: CVE-2017-0498 -<li><a href="mailto:smarques84@gmail.com">Стефан Марк</a> из <a href="http://www.byterev.com">ByteRev</a>: CVE-2017-0489 -<li>СветоÑлав Ганов из Google: CVE-2017-0492 -<li><a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0333 -<li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">команды по изучению угроз Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469, CVE-2017-0470, CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0482, CVE-2017-0485, CVE-2017-0486, CVE-2017-0487, CVE-2017-0494, CVE-2017-0495 -<li>Виш У (å´æ½æµ æ¤å½¼) (<a href="https://twitter.com/wish_wu">@wish_wu</a>) из Ant-financial Light-Year Security Lab (èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤): CVE-2017-0477 -<li>Юй Пань из Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2017-0517, CVE-2017-0532 -<li><a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0526, CVE-2017-0527 -<li>Юйци Лу (<a href="https://twitter.com/nikos233__">@nikos233</a>), <a href="mailto:vancouverdou@gmail.com">Ð’ÑÐ½ÑŒÐºÑ Ð”Ð¾Ñƒ</a>, <a href="mailto:shaodacheng2016@gmail.com">ДачÑн Шао</a>, МинцзÑнь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> +</li><li>БаоцзÑн Дин, ЧÑнмин Ян, ПÑн СÑо и Ян Сун из Alibaba Mobile Security Group: CVE-2017-0506 +</li><li>БаоцзÑн Дин, Ðин Ю, ЧÑнмин Ян, ПÑн СÑо и Ян Сун из Alibaba Mobile Security Group: CVE-2017-0463 +</li><li>Билли Лау из команды безопаÑноÑти Android: CVE-2017-0335, CVE-2017-0336, CVE-2017-0338, CVE-2017-0460 +</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>): CVE-2016-8413, CVE-2016-8477, CVE-2017-0531 +</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) и <a href="mailto:sbauer@plzdonthack.me">Скотт БауÑÑ€</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0521 +</li><li>Ди ШÑнь (<a href="https://twitter.com/returnsme">@returnsme</a>) из KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2017-0334, CVE-2017-0456, CVE-2017-0457, CVE-2017-0525 +</li><li>Ðнь Ð¥Ñ (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) и Бо Лю из <a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0490 +</li><li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0509, CVE-2017-0524, CVE-2017-0529, CVE-2017-0536 +</li><li>Хао ЧÑнь и Гуан Гун из Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-0453, CVE-2017-0461, CVE-2017-0464 +</li><li>Хироки Ямамото и Фан ЧÑнь из Sony Mobile Communications Inc.: CVE-2017-0481 +</li><li>Саги Кедми и Рои Ð¥Ñй из IBM Security X-Force: CVE-2017-0510 +</li><li>ЦзÑньцзюнь Дай (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) из <a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a>: CVE-2017-0478 +</li><li>ЦзÑньцÑн Чжао (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360: CVE-2016-8416, CVE-2016-8478, CVE-2017-0458, CVE-2017-0459, CVE-2017-0518, CVE-2017-0519, CVE-2017-0533, CVE-2017-0534 +</li><li><a href="mailto:zlbzlb815@163.com">Лубо Чжан</a>, <a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-8479 +</li><li>Макото Онуки из Google: CVE-2017-0491 +</li><li>МинцзÑнь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), <a href="mailto:arnow117@gmail.com">ХаньÑÑн Ð’Ñнь</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0479, CVE-2017-0480 +</li><li>Ðейтан КрÑнделл (<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0535 +</li><li>Ðейтан КрÑнделл (<a href="https://twitter.com/natecray">@natecray</a>) из Tesla Motors Product Security Team: CVE-2017-0306 +</li><li>ПÑнфÑй Дин (ä¸é¹é£ž), ЧÑньфу Бао (包沉浮) и Ð›ÐµÐ½ÐºÑ Ð’Ñй (韦韬) из Baidu X-Lab (百度安全实验室): CVE-2016-8417 +</li><li>Цидань Ð¥Ñ (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) из KeenLab, Tencent: CVE-2017-0337, CVE-2017-0476 +</li><li>Цин Чжан из Qihoo 360 и Гуандун Бай из ТехнологичеÑкого инÑтитута Сингапура (SIT): CVE-2017-0496 +</li><li>Ð¦ÑŽÐ¹Ñ…Ñ Ð¸ ваньчоучоу из Ant-financial Light-Year Security Lab (èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤): CVE-2017-0522 +</li><li><a href="mailto:keun-o.park@darkmatter.ae">Sahara</a> из Secure Communications в DarkMatter: CVE-2017-0528 +</li><li>salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>) из команды Shellphish Grill, КалифорнийÑкий универÑитет в Санта-Барбаре: CVE-2017-0505 +</li><li><a href="mailto:sbauer@plzdonthack.me">Скотт БауÑÑ€</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0504, CVE-2017-0516 +</li><li>Шон Бопре (beaups): CVE-2017-0455 +</li><li>Севен ШÑнь (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) из TrendMicro: CVE-2017-0452 +</li><li>Шиничи Мацумото из Fujitsu: CVE-2017-0498 +</li><li><a href="mailto:smarques84@gmail.com">Стефан Марк</a> из <a href="http://www.byterev.com">ByteRev</a>: CVE-2017-0489 +</li><li>СветоÑлав Ганов из Google: CVE-2017-0492 +</li><li><a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0333 +</li><li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">команды по изучению угроз Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469, CVE-2017-0470, CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0482, CVE-2017-0484, CVE-2017-0485, CVE-2017-0486, CVE-2017-0487, CVE-2017-0494, CVE-2017-0495 +</li><li>Виш У (å´æ½æµ æ¤å½¼) (<a href="https://twitter.com/wish_wu">@wish_wu</a>) из Ant-financial Light-Year Security Lab (èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤): CVE-2017-0477 +</li><li>Юй Пань из Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2017-0517, CVE-2017-0532 +</li><li><a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0526, CVE-2017-0527 +</li><li>Юйци Лу (<a href="https://twitter.com/nikos233__">@nikos233</a>), <a href="mailto:vancouverdou@gmail.com">Ð’ÑÐ½ÑŒÐºÑ Ð”Ð¾Ñƒ</a>, <a href="mailto:shaodacheng2016@gmail.com">ДачÑн Шао</a>, МинцзÑнь Чжоу (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2017-0483</li> +<li>Цзыно Хань (<a href="https://weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>) из Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.: CVE-2017-0475, CVE-2017-0497 +</li></ul> <h2 id="2017-03-01-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-03-01)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, обозначенных в разделе <a href="#2017-03-01-summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-03-01)</a>: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2017-03-01: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> - -<h3 id="rce-in-openssl-&-boringssl">Удаленное выполнение кода через OpenSSL и BoringSSL</h3> +<h3 id="rce-in-openssl-&-boringssl">Удаленное выполнение кода через OpenSSL и BoringSSL</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти при обработке файлов и данных в Ñпециально Ñозданном файле. Проблеме приÑвоен критичеÑкий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте привилегированного процеÑÑа.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -504,8 +119,7 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>5 авгуÑта 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-mediaserver-">Удаленное выполнение кода через mediaserver </h3> @@ -513,13 +127,13 @@ в памÑти при обработке медиафайлов и данных в Ñпециально Ñозданном файле. Проблеме приÑвоен критичеÑкий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте процеÑÑа mediaserver.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -529,8 +143,7 @@ </tr> <tr> <td>CVE-2017-0466</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a> -[<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>] + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>] </td> <td>КритичеÑкий</td> <td>Ð’Ñе</td> @@ -539,8 +152,7 @@ </tr> <tr> <td>CVE-2017-0467</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a> -[<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] </td> <td>КритичеÑкий</td> <td>Ð’Ñе</td> @@ -549,8 +161,7 @@ </tr> <tr> <td>CVE-2017-0468</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a> - [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] + <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] </td> <td>КритичеÑкий</td> <td>Ð’Ñе</td> @@ -611,19 +222,19 @@ <td>7.0, 7.1.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-recovery-verifier">Повышение привилегий через верификатор воÑÑтановлениÑ</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -640,20 +251,19 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>2 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-aosp-messaging">Удаленное выполнение кода через клиент Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° ÑообщениÑми AOSP</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти при обработке медиафайлов и данных в Ñпециально Ñозданном файле. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте непривилегированного процеÑÑа.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -670,20 +280,19 @@ <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>6Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-libgdx">Удаленное выполнение кода через libgdx</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ произвольный код в контекÑте непривилегированного процеÑÑа Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñпециально Ñозданного файла. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в ПО, которое иÑпользует Ñту библиотеку.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -700,20 +309,19 @@ <td>7.1.1</td> <td>14Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-framesequence-library">Удаленное выполнение кода через библиотеку Framesequence</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ произвольный код в контекÑте непривилегированного процеÑÑа Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñпециально Ñозданного файла. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в ПО, которое иÑпользует Ñту библиотеку.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -730,20 +338,20 @@ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>16Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-nfc">Повышение привилегий через NFC</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ произвольный код в контекÑте привилегированного процеÑÑа. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить привилегии, недоÑтупные Ñторонним приложениÑм.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -760,19 +368,19 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>6 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-audioserver">Повышение привилегий через audioserver</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте привилегированного процеÑÑа. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку Ñ ÐµÐµ помощью можно получить привилегии, недоÑтупные Ñторонним приложениÑм.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -782,9 +390,7 @@ </tr> <tr> <td>CVE-2017-0479</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> - A-32707507</a> -[<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32707507</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] </td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> @@ -793,29 +399,26 @@ </tr> <tr> <td>CVE-2017-0480</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0"> - A-32705429</a> -[<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32705429</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>] </td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>7 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">Отказ в обÑлуживании в mediaserver</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ перезагрузку или вызывать завиÑание уÑтройÑтва Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñпециально Ñозданного файла. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку она приводит к отказу в обÑлуживании.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -825,13 +428,7 @@ </tr> <tr> <td>CVE-2017-0482</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c"> - A-33090864</a> -[<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>] -[<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>] -[<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>] -[<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>] -[<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">A-33090864</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> <td>6.0, 6.0.1, 7.0, 7.1.1</td> @@ -839,9 +436,7 @@ </tr> <tr> <td>CVE-2017-0483</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976"> - A-33137046</a> -[<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976">A-33137046</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> @@ -849,9 +444,7 @@ </tr> <tr> <td>CVE-2017-0484</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7"> - A-33298089</a> -[<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">A-33298089</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a>]</td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> <td>6.0, 6.0.1, 7.0, 7.1.1</td> @@ -893,19 +486,19 @@ <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-location-manager">Повышение привилегий через диÑпетчер меÑтоположениÑ</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО обходить защиту ОС Ð´Ð»Ñ Ð´Ð°Ð½Ð½Ñ‹Ñ… о меÑтоположении. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку она может иÑпользоватьÑÑ Ð´Ð»Ñ Ð³ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ð¸ неправильных данных.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -922,20 +515,19 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>20 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Повышение привилегий через Wi-Fi</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО удалÑÑ‚ÑŒ пользовательÑкие данные. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ позволÑет обойти обÑзательные Ñ‚Ñ€ÐµÐ±Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¾Ñ‚Ð½Ð¾Ñительно взаимодейÑÑ‚Ð²Ð¸Ñ Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÐµÐ¼ (например, ÑвÑзанные Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸ÐµÐ¼ доÑтупа к функциÑм, которые обычно требуют Ñ€Ð°Ð·Ñ€ÐµÑˆÐµÐ½Ð¸Ñ Ð¸Ð»Ð¸ должны быть запущены пользователем). </p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -945,30 +537,26 @@ </tr> <tr> <td>CVE-2017-0490</td> - <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95"> - A-33178389</a> -[<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>] -[<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>] + <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95">A-33178389</a> [<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>] [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>] </td> <td>Средний</td> <td>Ð’Ñе</td> <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>25 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-package-manager">Повышение привилегий через диÑпетчер пакетов</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО блокировать удаление приложений или разрешений пользователÑми. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ позволÑет обойти Ñ‚Ñ€ÐµÐ±Ð¾Ð²Ð°Ð½Ð¸Ñ Ðº взаимодейÑтвию Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÐµÐ¼.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -986,20 +574,19 @@ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-system-ui">Повышение привилегий через System UI</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО Ñоздать наложение интерфейÑа на веÑÑŒ Ñкран. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ позволÑет обойти обÑзательные Ñ‚Ñ€ÐµÐ±Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¾Ñ‚Ð½Ð¾Ñительно взаимодейÑÑ‚Ð²Ð¸Ñ Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÐµÐ¼ (например, ÑвÑзанные Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸ÐµÐ¼ доÑтупа к функциÑм, которые обычно требуют Ñ€Ð°Ð·Ñ€ÐµÑˆÐµÐ½Ð¸Ñ Ð¸Ð»Ð¸ должны быть запущены пользователем).</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1017,20 +604,19 @@ <td>7.1.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-aosp-messaging">РаÑкрытие информации через клиент Ð´Ð»Ñ Ð¾Ð±Ð¼ÐµÐ½Ð° ÑообщениÑми AOSP</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику получить неÑанкционированный доÑтуп к данным Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñпециально Ñозданного файла. Из-за Ñтого проблеме приÑвоен Ñредний уровень ÑерьезноÑти.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1047,20 +633,19 @@ <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>9 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">РаÑкрытие информации через mediaserver</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Из-за Ñтого проблеме приÑвоен Ñредний уровень ÑерьезноÑти.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1077,20 +662,19 @@ <td>6.0, 6.0.1, 7.0, 7.1.1</td> <td>11Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard">Отказ в обÑлуживании в маÑтере наÑтройки</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО временно заблокировать доÑтуп к пораженному уÑтройÑтву. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку Ð´Ð»Ñ ÐµÐµ Ñ€ÐµÑˆÐµÐ½Ð¸Ñ Ð¼Ð¾Ð¶ÐµÑ‚ потребоватьÑÑ ÑÐ±Ñ€Ð¾Ñ Ð½Ð°Ñтроек уÑтройÑтва.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1106,7 +690,7 @@ <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> <td>14 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Google, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> @@ -1114,13 +698,13 @@ <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ перезагрузку или вызывать завиÑание уÑтройÑтва Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñпециально Ñозданного файла. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ð½Ð°Ð»Ð¸Ñ‡Ð¸Ñ Ð½ÐµÑтандартной конфигурации уÑтройÑтва.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1137,20 +721,19 @@ <td>7.0, 7.1.1</td> <td>2Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard-2">Отказ в обÑлуживании в маÑтере наÑтройки</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику, находÑщемуÑÑ Ð¿Ð¾Ð±Ð»Ð¸Ð·Ð¾Ñти, запроÑить вход в аккаунт Google поÑле ÑброÑа наÑтроек. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку Ð´Ð»Ñ ÐµÐµ Ñ€ÐµÑˆÐµÐ½Ð¸Ñ Ð¼Ð¾Ð¶ÐµÑ‚ потребоватьÑÑ ÑÐ±Ñ€Ð¾Ñ Ð½Ð°Ñтроек уÑтройÑтва. </p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1160,29 +743,26 @@ </tr> <tr> <td>CVE-2017-0498</td> - <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b"> - A-30352311</a> -[<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>] + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b">A-30352311</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>] </td> <td>Средний</td> <td>Ð’Ñе</td> <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-audioserver">Отказ в обÑлуживании в audioserver</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ перезагрузку или вызывать завиÑание уÑтройÑтва. Проблеме приÑвоен низкий уровень ÑерьезноÑти, поÑкольку она приводит к временному отказу в обÑлуживании.</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1199,23 +779,21 @@ <td>5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> <td>11 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h2 id="2017-03-05-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-03-05)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, обозначенных в разделе <a href="#2017-03-05-summary">Перечень уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-03-05)</a>: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> - +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2017-03-05: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="eop-in-mediatek-components">Повышение привилегий через компоненты MediaTek</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1224,7 +802,7 @@ </tr> <tr> <td>CVE-2017-0500</td> - <td>A-28429685*<br> + <td>A-28429685*<br /> M-ALPS02710006</td> <td>КритичеÑкий</td> <td>Ðет**</td> @@ -1232,7 +810,7 @@ </tr> <tr> <td>CVE-2017-0501</td> - <td>A-28430015*<br> + <td>A-28430015*<br /> M-ALPS02708983</td> <td>КритичеÑкий</td> <td>Ðет**</td> @@ -1240,7 +818,7 @@ </tr> <tr> <td>CVE-2017-0502</td> - <td>A-28430164*<br> + <td>A-28430164*<br /> M-ALPS02710027</td> <td>КритичеÑкий</td> <td>Ðет**</td> @@ -1248,7 +826,7 @@ </tr> <tr> <td>CVE-2017-0503</td> - <td>A-28449045*<br> + <td>A-28449045*<br /> M-ALPS02710075</td> <td>КритичеÑкий</td> <td>Ðет**</td> @@ -1256,7 +834,7 @@ </tr> <tr> <td>CVE-2017-0504</td> - <td>A-30074628*<br> + <td>A-30074628*<br /> M-ALPS02829371</td> <td>КритичеÑкий</td> <td>Ðет**</td> @@ -1264,7 +842,7 @@ </tr> <tr> <td>CVE-2017-0505</td> - <td>A-31822282*<br> + <td>A-31822282*<br /> M-ALPS02992041</td> <td>КритичеÑкий</td> <td>Ðет**</td> @@ -1272,27 +850,26 @@ </tr> <tr> <td>CVE-2017-0506</td> - <td>A-32276718*<br> + <td>A-32276718*<br /> M-ALPS03006904</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>18 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="eop-in-nvidia-gpu-driver">Повышение привилегий через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1301,7 +878,7 @@ </tr> <tr> <td>CVE-2017-0337</td> - <td>A-31992762*<br> + <td>A-31992762*<br /> N-CVE-2017-0337</td> <td>КритичеÑкий</td> <td>Pixel С</td> @@ -1309,7 +886,7 @@ </tr> <tr> <td>CVE-2017-0338</td> - <td>A-33057977*<br> + <td>A-33057977*<br /> N-CVE-2017-0338</td> <td>КритичеÑкий</td> <td>Pixel С</td> @@ -1317,7 +894,7 @@ </tr> <tr> <td>CVE-2017-0333</td> - <td>A-33899363*<br> + <td>A-33899363*<br /> N-CVE-2017-0333</td> <td>КритичеÑкий</td> <td>Pixel С</td> @@ -1325,7 +902,7 @@ </tr> <tr> <td>CVE-2017-0306</td> - <td>A-34132950*<br> + <td>A-34132950*<br /> N-CVE-2017-0306</td> <td>КритичеÑкий</td> <td>Nexus 9</td> @@ -1333,26 +910,25 @@ </tr> <tr> <td>CVE-2017-0335</td> - <td>A-33043375*<br> + <td>A-33043375*<br /> N-CVE-2017-0335</td> <td>КритичеÑкий</td> <td>Pixel С</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-kernel-ion-subsystem">Повышение привилегий через подÑиÑтему ION Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1373,20 +949,19 @@ <td>Pixel С</td> <td>28Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-broadcom-wi-fi-driver">Повышение привилегий через Wi-Fi-драйвер Broadcom</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1395,27 +970,26 @@ </tr> <tr> <td>CVE-2017-0509</td> - <td>A-32124445*<br> + <td>A-32124445*<br /> B-RB#110688</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>12 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="eop-in-kernel-fiq-debugger">Повышение привилегий через FIQ-отладчик Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1429,20 +1003,19 @@ <td>Nexus 9</td> <td>25 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-qualcomm-gpu-driver">Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1451,26 +1024,25 @@ </tr> <tr> <td>CVE-2016-8479</td> - <td>A-31824853*<br> + <td>A-31824853*<br /> QC-CR#1093687</td> <td>КритичеÑкий</td> <td>Android One, Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> <td>29 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-kernel-networking-subsystem">Повышение привилегий через Ñетевую подÑиÑтему Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1479,7 +1051,7 @@ </tr> <tr> <td>CVE-2016-9806</td> - <td>A-33393474<br> + <td>A-33393474<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520"> Upstream kernel</a></td> <td>КритичеÑкий</td> @@ -1488,26 +1060,25 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-10200</td> - <td>A-33753815<br> + <td>A-33753815<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"> Upstream kernel</a></td> <td>КритичеÑкий</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>19Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="vulnerabilities-in-qualcomm-components">УÑзвимоÑти в компонентах Qualcomm</h3> <p>Следующие уÑзвимоÑти затрагивают компоненты Qualcomm и опиÑаны в бюллетенÑÑ… по безопаÑноÑти Qualcomm AMSS за ÑентÑбрь 2016 года.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1549,22 +1120,21 @@ Upstream kernel</a></td> <td>Ðет***</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> -</table> +</tbody></table> <p>*Уровень ÑерьезноÑти Ñтих уÑзвимоÑтей определÑетÑÑ Ð½ÐµÐ¿Ð¾ÑредÑтвенно компанией Qualcomm.</p> -<p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> +<p>**ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>***Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="eop-in-kernel-networking-subsystem-2">Повышение привилегий через Ñетевую подÑиÑтему Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1573,7 +1143,7 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-8655</td> - <td>A-33358926<br> + <td>A-33358926<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -1582,26 +1152,25 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-9793</td> - <td>A-33363517<br> + <td>A-33363517<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Android One, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, Pixel C, Pixel, Pixel XL</td> <td>2Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-input-hardware-driver">Повышение привилегий через драйвер уÑтройÑтв ввода Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1610,27 +1179,26 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0516</td> - <td>A-32341680*<br> + <td>A-32341680*<br /> QC-CR#1096301</td> <td>Ð’Ñ‹Ñокий</td> <td>Android One, Pixel, Pixel XL</td> <td>21 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-mediatek-hardware-sensor-driver">Повышение привилегий через драйвер MediaTek Ð´Ð»Ñ Ð°Ð¿Ð¿Ð°Ñ€Ð°Ñ‚Ð½Ð¾Ð³Ð¾ датчика</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1639,27 +1207,26 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0517</td> - <td>A-32372051*<br> + <td>A-32372051*<br /> M-ALPS02973195</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет**</td> <td>22 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="eop-in-qualcomm-adsprpc-driver">Повышение привилегий через ADSPRPC-драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1668,27 +1235,26 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0457</td> - <td>A-31695439*<br> - QC-CR#1086123<br> + <td>A-31695439*<br /> + QC-CR#1086123<br /> QC-CR#1100695</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>22 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Повышение привилегий через драйвер Ñканера отпечатков пальцев Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1697,7 +1263,7 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0518</td> - <td>A-32370896*<br> + <td>A-32370896*<br /> QC-CR#1086530</td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel, Pixel XL</td> @@ -1705,26 +1271,25 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0519</td> - <td>A-32372915*<br> + <td>A-32372915*<br /> QC-CR#1086530</td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel, Pixel XL</td> <td>24 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-qualcomm-crypto-engine-driver">Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1733,26 +1298,25 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0520</td> - <td>A-31750232<br> + <td>A-31750232<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd"> QC-CR#1082636</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>24 ÑентÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver">Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1761,7 +1325,7 @@ QC-CR#1082636</a></td> </tr> <tr> <td>CVE-2017-0458</td> - <td>A-32588962<br> + <td>A-32588962<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4"> QC-CR#1089433</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -1770,26 +1334,25 @@ QC-CR#1089433</a></td> </tr> <tr> <td>CVE-2017-0521</td> - <td>A-32919951<br> + <td>A-32919951<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8"> QC-CR#1097709</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>15 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-apk">Повышение привилегий через APK MediaTek</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте привилегированного процеÑÑа. Из-за Ñтого ей приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1798,27 +1361,26 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0522</td> - <td>A-32916158*<br> + <td>A-32916158*<br /> M-ALPS02708925</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет**</td> <td>15 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="eop-in-qualcomm-wi-fi-driver">Повышение привилегий через Wi-Fi-драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1827,7 +1389,7 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0449S</td> - <td>A-32940193<br> + <td>A-32940193<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f"> QC-CR#1102593</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -1836,7 +1398,7 @@ QC-CR#1102593</a></td> </tr> <tr> <td>CVE-2017-0453</td> - <td>A-33979145<br> + <td>A-33979145<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513"> QC-CR#1105085</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -1845,27 +1407,26 @@ QC-CR#1105085</a></td> </tr> <tr> <td>CVE-2017-0523</td> - <td>A-32835279<br> + <td>A-32835279<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582"> QC-CR#1096945</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="eop-in-synaptics-touchscreen-driver">Повышение привилегий через драйвер ÑенÑорного Ñкрана Synaptics</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1879,21 +1440,20 @@ QC-CR#1096945</a></td> <td>Android One, Nexus 5X, Nexus 6P, Nexus 9, Pixel, Pixel XL</td> <td>18 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-qualcomm-ipa-driver">Повышение привилегий через драйвер уÑÐ¸Ð»Ð¸Ñ‚ÐµÐ»Ñ Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1902,7 +1462,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0456</td> - <td>A-33106520*<br> + <td>A-33106520*<br /> QC-CR#1099598</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td> @@ -1910,26 +1470,25 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0525</td> - <td>A-33139056*<br> + <td>A-33139056*<br /> QC-CR#1097714</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>25 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-htc-sensor-hub-driver">Повышение привилегий через драйвер контроллера датчиков HTC</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1950,20 +1509,19 @@ QC-CR#1096945</a></td> <td>Nexus 9, Pixel, Pixel XL</td> <td>25Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-nvidia-gpu-driver-2">Повышение привилегий через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -1972,27 +1530,26 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0307</td> - <td>A-33177895*<br> + <td>A-33177895*<br /> N-CVE-2017-0307</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет**</td> <td>28 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="eop-in-qualcomm-networking-driver">Повышение привилегий через Ñетевой драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2001,7 +1558,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0463</td> - <td>A-33277611<br> + <td>A-33277611<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2"> QC-CR#1101792</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -2010,26 +1567,25 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2017-0460 </td> - <td>A-31252965*<br> + <td>A-31252965*<br /> QC-CR#1098801</td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-kernel-security-subsystem">Повышение привилегий через подÑиÑтему безопаÑноÑти Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ код в контекÑте привилегированного процеÑÑа. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ позволÑет обойти защиту ÑƒÑ€Ð¾Ð²Ð½Ñ Ñдра и аналогичные технологии защиты.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2043,20 +1599,19 @@ QC-CR#1101792</a></td> <td>Pixel, Pixel XL</td> <td>4Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="eop-in-qualcomm-spcom-driver">Повышение привилегий через SPCom-драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2065,7 +1620,7 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2016-5856</td> - <td>A-32610665<br> + <td>A-32610665<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368"> QC-CR#1094078</a></td> <td>Ð’Ñ‹Ñокий</td> @@ -2074,27 +1629,26 @@ QC-CR#1094078</a></td> </tr> <tr> <td>CVE-2016-5857</td> - <td>A-34386529<br> + <td>A-34386529<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5"> QC-CR#1094140</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет*</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="id-in-kernel-networking-subsystem">РаÑкрытие информации через Ñетевую подÑиÑтему Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику, находÑщемуÑÑ Ð¿Ð¾Ð±Ð»Ð¸Ð·Ð¾Ñти, получить неÑанкционированный доÑтуп к конфиденциальной информации. Из-за Ñтого проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2103,27 +1657,26 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2014-8709</td> - <td>A-34077221<br> + <td>A-34077221<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus Player</td> <td>9 ноÑÐ±Ñ€Ñ 2014 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-driver">РаÑкрытие информации через драйвер MediaTek</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Из-за Ñтого проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2132,27 +1685,26 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0529</td> - <td>A-28449427*<br> + <td>A-28449427*<br /> M-ALPS02710042</td> <td>Ð’Ñ‹Ñокий</td> <td>Ðет**</td> <td>27Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="id-in-qualcomm-bootloader">РаÑкрытие информации через загрузчик Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте загрузчика. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ позволÑет обойти защиту ÑƒÑ€Ð¾Ð²Ð½Ñ Ð·Ð°Ð³Ñ€ÑƒÐ·Ñ‡Ð¸ÐºÐ° и аналогичные технологии защиты.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2161,26 +1713,25 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2017-0455</td> - <td>A-32370952<br> + <td>A-32370952<br /> <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"> QC-CR#1082755</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel, Pixel XL</td> <td>21 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-power-driver">РаÑкрытие информации через драйвер Ð¿Ð¸Ñ‚Ð°Ð½Ð¸Ñ Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Из-за Ñтого проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2189,27 +1740,26 @@ QC-CR#1082755</a></td> </tr> <tr> <td>CVE-2016-8483</td> - <td>A-33745862<br> + <td>A-33745862<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a"> QC-CR#1035099</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P</td> <td>19Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-gpu-driver">РаÑкрытие информации через драйвер NVIDIA Ð´Ð»Ñ Ð³Ñ€Ð°Ñ„Ð¸Ñ‡ÐµÑкого процеÑÑора</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Из-за Ñтого проблеме приÑвоен выÑокий уровень ÑерьезноÑти.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2218,7 +1768,7 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0334</td> - <td>A-33245849*<br> + <td>A-33245849*<br /> N-CVE-2017-0334</td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel С</td> @@ -2226,26 +1776,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0336</td> - <td>A-33042679*<br> + <td>A-33042679*<br /> N-CVE-2017-0336</td> <td>Ð’Ñ‹Ñокий</td> <td>Pixel С</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="dos-in-kernel-cryptographic-subsystem">Отказ в обÑлуживании в криптографичеÑкой подÑиÑтеме Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ перезагрузку или вызывать завиÑание уÑтройÑтва Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñпециально Ñозданного Ñетевого пакета. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку она приводит к отказу в обÑлуживании.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2254,26 +1803,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2016-8650</td> - <td>A-33401771<br> + <td>A-33401771<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>12 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Повышение привилегий через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹ (уÑзвимоÑÑ‚ÑŒ уÑтройÑтва)</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа, а также предотвращаетÑÑ Ñ‚ÐµÐºÑƒÑ‰Ð¸Ð¼Ð¸ наÑтройками платформы.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2282,26 +1830,25 @@ Upstream kernel</a></td> </tr> <tr> <td>CVE-2016-8417</td> - <td>A-32342399<br> + <td>A-32342399<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0"> QC-CR#1088824</a></td> <td>Средний</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>21 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-wi-fi-driver">РаÑкрытие информации через Wi-Fi-драйвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2310,7 +1857,7 @@ QC-CR#1088824</a></td> </tr> <tr> <td>CVE-2017-0461</td> - <td>A-32073794<br> + <td>A-32073794<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65"> QC-CR#1100132</a></td> <td>Средний</td> @@ -2319,8 +1866,8 @@ QC-CR#1100132</a></td> </tr> <tr> <td>CVE-2017-0459</td> - <td>A-32644895<br> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> + <td>A-32644895<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> QC-CR#1091939</a></td> <td>Средний</td> <td>Pixel, Pixel XL</td> @@ -2328,26 +1875,25 @@ QC-CR#1091939</a></td> </tr> <tr> <td>CVE-2017-0531</td> - <td>A-32877245<br> + <td>A-32877245<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302"> QC-CR#1087469</a></td> <td>Средний</td> <td>Android One, Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>13 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-video-codec-driver">РаÑкрытие информации через драйвер видеокодека MediaTek</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2356,27 +1902,26 @@ QC-CR#1087469</a></td> </tr> <tr> <td>CVE-2017-0532</td> - <td>A-32370398*<br> + <td>A-32370398*<br /> M-ALPS03069985</td> <td>Средний</td> <td>Ðет**</td> <td>22 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> - <h3 id="id-in-qualcomm-video-driver">РаÑкрытие информации через видеодрайвер Qualcomm</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2385,7 +1930,7 @@ QC-CR#1087469</a></td> </tr> <tr> <td>CVE-2017-0533</td> - <td>A-32509422<br> + <td>A-32509422<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>Средний</td> @@ -2394,7 +1939,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2017-0534</td> - <td>A-32508732<br> + <td>A-32508732<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>Средний</td> @@ -2403,7 +1948,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8416</td> - <td>A-32510746<br> + <td>A-32510746<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>Средний</td> @@ -2412,26 +1957,25 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8478</td> - <td>A-32511270<br> + <td>A-32511270<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>Средний</td> <td>Pixel, Pixel XL</td> <td>28 октÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-camera-driver">РаÑкрытие информации через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2440,7 +1984,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8413</td> - <td>A-32709702<br> + <td>A-32709702<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d"> QC-CR#518731</a></td> <td>Средний</td> @@ -2449,27 +1993,24 @@ QC-CR#518731</a></td> </tr> <tr> <td>CVE-2016-8477</td> - <td>A-32720522<br> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"> -QC-CR#1090007</a> -[<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> + <td>A-32720522<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508">QC-CR#1090007</a> [<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> <td>Средний</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td> <td>7 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-htc-sound-codec-driver">РаÑкрытие информации через аудиодрайвер кодеков HTC</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2483,20 +2024,19 @@ QC-CR#1090007</a> <td>Nexus 9</td> <td>11Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="id-in-synaptics-touchscreen-driver">РаÑкрытие информации через драйвер ÑенÑорного Ñкрана Synaptics</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2510,20 +2050,19 @@ QC-CR#1090007</a> <td>Android One, Nexus 5X, Nexus 6P, Nexus 9, Pixel, Pixel XL</td> <td>12Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="id-in-kernel-usb-gadget-driver">РаÑкрытие информации через USB-драйвер Ñдра</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен Ñредний уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2537,20 +2076,19 @@ QC-CR#1090007</a> <td>Pixel С</td> <td>ДоÑтупно только Ñотрудникам Google</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> - <h3 id="id-in-qualcomm-camera-driver-2">РаÑкрытие информации через драйвер Qualcomm Ð´Ð»Ñ ÐºÐ°Ð¼ÐµÑ€Ñ‹</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным. Проблеме приÑвоен низкий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>СÑылки</th> <th>Уровень ÑерьезноÑти</th> @@ -2559,20 +2097,20 @@ QC-CR#1090007</a> </tr> <tr> <td>CVE-2017-0452</td> - <td>A-32873615*<br> + <td>A-32873615*<br /> QC-CR#1093693</td> <td>Ðизкий приоритет</td> <td>Nexus 5X, Nexus 6P, Android One</td> <td>10 ноÑÐ±Ñ€Ñ 2016 г.</td> </tr> -</table> +</tbody></table> <p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h2 id="common-questions-and-answers">ЧаÑто задаваемые вопроÑÑ‹</h2> <p>Ð’ Ñтом разделе мы отвечаем на вопроÑÑ‹, которые могут возникнуть поÑле Ð¿Ñ€Ð¾Ñ‡Ñ‚ÐµÐ½Ð¸Ñ Ð±ÑŽÐ»Ð»ÐµÑ‚ÐµÐ½Ñ.</p> <p><strong>1. Как определить, уÑтановлено ли на уÑтройÑтво обновление, в котором уÑтранены перечиÑленные проблемы? </strong></p> -<p>Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> +<p>Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> <ul> <li>Ð’ иÑправлении от 1 марта 2017 года или более новом уÑтранены вÑе проблемы, ÑвÑзанные Ñ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸ÐµÐ¼ 2017-03-01.</li> <li>Ð’ иÑправлении от 5 марта 2017 года или более новом уÑтранены вÑе проблемы, ÑвÑзанные Ñ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸ÐµÐ¼ 2017-03-05. @@ -2593,16 +2131,14 @@ QC-CR#1090007</a> <p><strong>3. Как определить, на каких уÑтройÑтвах Google приÑутÑтвует уÑзвимоÑÑ‚ÑŒ?</strong></p> <p>Ð’ каждой таблице разделов Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей <a href="#2017-03-01-details">2017-03-01</a> и <a href="#2017-03-05-details">2017-03-05</a> еÑÑ‚ÑŒ Ñтолбец <em>Обновленные уÑтройÑтва Google</em>. Ð’ нем указано, на каких уÑтройÑтвах приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</p> <ul> -<li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> +<li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> <li><strong>Ðекоторые уÑтройÑтва.</strong> <em></em>ПеречиÑлены уÑтройÑтва, на которых приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</li> <li><strong>Ðет.</strong> Проблема не возникает ни на одном уÑтройÑтве Google.<em></em> </li> </ul> <p><strong>4. Ðа что указывают запиÑи в Ñтолбце "СÑылки"?</strong></p> -<p>Ð’ таблицах Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей еÑÑ‚ÑŒ Ñтолбец <em>СÑылки</em>. -ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в нем может Ñодержать префикÑ, указывающий на -иÑточник ÑÑылки, а именно:</p> +<p>Ð’ таблицах Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей еÑÑ‚ÑŒ Ñтолбец <em>СÑылки</em>. ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в нем может Ñодержать префикÑ, указывающий на иÑточник ÑÑылки, а именно:</p> <table> - <tr> + <tbody><tr> <th>ПрефикÑ</th> <th>Значение</th> </tr> @@ -2626,11 +2162,11 @@ QC-CR#1090007</a> <td>B-</td> <td>СÑылочный номер Broadcom</td> </tr> -</table> +</tbody></table> <h2 id="revisions">ВерÑии</h2> <ul> <li>6 марта 2017 года. Бюллетень опубликован.</li> <li>7 марта 2017 года. Добавлены ÑÑылки на AOSP.</li> </ul> -</body> -</html> + +</body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2017-04-01.html b/ru/security/bulletin/2017-04-01.html index 2c3b2361..59655834 100644 --- a/ru/security/bulletin/2017-04-01.html +++ b/ru/security/bulletin/2017-04-01.html @@ -19,11 +19,11 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>Опубликовано 3Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 г. | Обновлено 5Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 г.</em></p> +<p><em>Опубликовано 3Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 г. | Обновлено 17 авгуÑта 2017 г.</em></p> <p>Ð’ Ñтом бюллетене ÑодержитÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑÑ‚ÑÑ… в защите уÑтройÑтв Android. К его выходу мы выпуÑтили автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти Ð´Ð»Ñ ÑƒÑтройÑтв Google и опубликовали образы прошивок <a href="https://developers.google.com/android/nexus/images">на Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. Ð’Ñе актуальные проблемы, перечиÑленные здеÑÑŒ, уÑтранены в иÑправлении от 5Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 года или более новом. Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> <p>Мы Ñообщили партнерам об уÑзвимоÑÑ‚ÑÑ… 6 марта 2017 года или ранее. ИÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ ÑƒÑзвимоÑтей доÑтупны в хранилище Android Open Source Project (AOSP). Ð’ Ñтом бюллетене также приведены ÑÑылки на иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð²Ð½Ðµ AOSP.</p> <p>Ðаиболее ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· уÑзвимоÑтей имеет критичеÑкий уровень и позволÑет удаленно выполнÑÑ‚ÑŒ код на пораженном уÑтройÑтве (например, при работе Ñ Ñлектронной почтой, проÑмотре Ñайтов в Интернете или обработке медиафайлов MMS). <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны.</p> -<p>Обнаруженные уÑзвимоÑти не ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> опиÑываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> +<p>У Ð½Ð°Ñ Ð½ÐµÑ‚ информации о том, что обнаруженные уÑзвимоÑти ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> опиÑываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> <p>Мы рекомендуем вÑем пользователÑм уÑтановить перечиÑленные в разделе обновлениÑ.</p> <h2 id="announcements">ОбъÑвлениÑ</h2> @@ -52,9 +52,9 @@ <li>ДаÑин Го (<a href="https://twitter.com/freener0">@freener0</a>) из Xuanwu Lab, Tencent: CVE-2017-0585, CVE-2017-0553</li> <li><a href="mailto:derrek.haxx@gmail.com">Derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) и Скотт БауÑÑ€: CVE-2017-0576</li> <li>ГÑл Бениамини из Project Zero: CVE-2017-0571, CVE-2017-0570, CVE-2017-0572, CVE-2017-0569, CVE-2017-0561</li> - <li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2017-6426, CVE-2017-0581, CVE-2017-0329, CVE-2017-0332, CVE-2017-0566</li> + <li>ГÑÐ½Ñ†Ð·Ñ Ð§Ñнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2017-6426, CVE-2017-0581, CVE-2017-0329, CVE-2017-0332, CVE-2017-0566, CVE-2017-0573</li> <li>Гуан Гун (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>) из Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-0547</li> - <li>Хао ЧÑнь и Гуан Гун из Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-6424, CVE-2017-0584, CVE-2017-0454, CVE-2017-0575, CVE-2017-0567</li> + <li>Хао ЧÑнь и Гуан Гун из Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-6424, CVE-2017-0584, CVE-2017-0454, CVE-2017-0574, CVE-2017-0575, CVE-2017-0567</li> <li>ИÑн ФоÑтер (<a href="https://twitter.com/lanrat">@lanrat</a>): CVE-2017-0554</li> <li>Джек Тан из Trend Micro Inc.: CVE-2017-0579</li> <li>ЦзÑньцзюнь Дай (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) из <a href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a>: CVE-2017-0559, CVE-2017-0541</li> @@ -64,22 +64,21 @@ <li>Майк ÐндерÑон (<a href="https://twitter.com/manderbot">@manderbot</a>) и Ðейтан КрÑнделл (<a href="https://twitter.com/natecray">@natecray</a>) из Tesla's Product Security Team: CVE-2017-0327, CVE-2017-0328</li> <li>ПÑн СÑо, ЧÑнмин Ян, Ðин Ю, Чао Ян и Ян Сун из Alibaba Mobile Security Group: CVE-2017-0565</li> <li>ПÑнфÑй Дин (ä¸é¹é£ž), ЧÑньфу Бао (包沉浮) и Ð›ÐµÐ½ÐºÑ Ð’Ñй (韦韬) из Baidu X-Lab (百度安全实验室): CVE-2016-10236</li> - <li>Цидань Ð¥Ñ (何淇丹 - <a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) из KeenLab, Tencent: CVE-2017-0544, CVE-2016-10231, CVE-2017-0325</li> + <li>Цидань Ð¥Ñ (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) из KeenLab, Tencent: CVE-2017-0544, CVE-2017-0325</li> <li>Рои Ð¥Ñй (<a href="https://twitter.com/roeehay">@roeehay</a>) из Aleph Research, HCL Technologies: CVE-2017-0582, CVE-2017-0563</li> <li><a href="mailto:sbauer@plzdonthack.me">Скотт БауÑÑ€</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2017-0562, CVE-2017-0339</li> - <li>Севен ШÑнь (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) из команды по изучению угроз Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв, Trend Micro: CVE-2017-0578</li> + <li>Севен ШÑнь (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) из команды по изучению угроз Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв, Trend Micro: CVE-2016-10231, CVE-2017-0578, CVE-2017-0586</li> <li>Тим Беккер: CVE-2017-0546</li> <li>Ума Санкар Прадхан (<a href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>): CVE-2017-0560</li> - <li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">команды по изучению угроз Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0555, CVE-2017-0538, CVE-2017-0539, CVE-2017-0540, CVE-2017-0557, CVE-2017-0556</li> + <li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">команды по изучению угроз Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0555, CVE-2017-0538, CVE-2017-0539, CVE-2017-0557, CVE-2017-0556</li> <li>Ð’Ñйчао Сунь (<a href="https://twitter.com/sunblate">@sunblate</a>) из Alibaba Inc: CVE-2017-0549</li> <li>Ð’Ñньлинь Ян (<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>), Гуан Гун (<a href="https://twitter.com/oldfresher">@oldfresher</a>) и Хао ЧÑнь из Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-0580, CVE-2017-0577</li> - <li>Юнган Го (<a href="https://twitter.com/guoygang">@guoygang</a>) из IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2017-0586</li> <li><a href="http://weibo.com/ele7enxxh">Цзыно Хань</a> из Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.: CVE-2017-0548</li> <li>Зубин Митра из Google: CVE-2017-0462</li> </ul> <h2 id="2017-04-01-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-04-01)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ… Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти 2017-04-01: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2017-04-01: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="rce-in-mediaserver">Удаленное выполнение кода через mediaserver</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти при обработке медиафайлов и данных в Ñпециально Ñозданном файле. Проблеме приÑвоен критичеÑкий уровень ÑерьезноÑти из-за возможноÑти удаленного Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ ÐºÐ¾Ð´Ð° в контекÑте процеÑÑа mediaserver.</p> @@ -116,14 +115,6 @@ <td>23Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> </tr> <tr> - <td>CVE-2017-0540</td> - <td><a href="https://android.googlesource.com/platform/external/libhevc/+/01ca88bb6c5bdd44e071f8effebe12f1d7da9853">A-33966031</a></td> - <td>КритичеÑкий</td> - <td>Ð’Ñе</td> - <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> - <td>29Â Ð´ÐµÐºÐ°Ð±Ñ€Ñ 2016 г.</td> - </tr> - <tr> <td>CVE-2017-0541</td> <td><a href="https://android.googlesource.com/platform/external/sonivox/+/56d153259cc3e16a6a0014199a2317dde333c978">A-34031018</a></td> <td>КритичеÑкий</td> @@ -325,8 +316,7 @@ </tr> <tr> <td>CVE-2017-0551</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/8b5fd8f24eba5dd19ab2f80ea11a9125aa882ae2">A-34097231</a> - [<a href="https://android.googlesource.com/platform/external/libavc/+/494561291a503840f385fbcd11d9bc5f4dc502b8">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/8b5fd8f24eba5dd19ab2f80ea11a9125aa882ae2">A-34097231</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/494561291a503840f385fbcd11d9bc5f4dc502b8">2</a>]</td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> <td>6.0, 6.0.1, 7.0, 7.1.1</td> @@ -391,8 +381,7 @@ </tr> <tr> <td>CVE-2017-0554</td> - <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/aeb795ef2290af1a0e4b14909363bc574e6b3ee7">A-33815946</a> - [<a href="https://android.googlesource.com/platform/frameworks/base/+/3294256ba5b9e2ba2d8619d617e3d900e5386564">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/aeb795ef2290af1a0e4b14909363bc574e6b3ee7">A-33815946</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/3294256ba5b9e2ba2d8619d617e3d900e5386564">2</a>]</td> <td>Средний</td> <td>Ð’Ñе</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> @@ -509,7 +498,7 @@ </tbody></table> <h2 id="2017-04-05-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-04-05)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ… Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти 2017-04-05: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2017-04-05: опиÑание и обоÑнование ÑерьезноÑти, таблицу Ñ CVE, ÑÑылками, уровнем ÑерьезноÑти, уÑзвимыми уÑтройÑтвами Google и верÑиÑми AOSP (при наличии), а также датой ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке. Где возможно, мы приведем оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="rce-in-broadcom-wi-fi-firmware">Удаленное выполнение кода во вÑтроенном ПО Wi-Fi Broadcom</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ произвольный код в контекÑте однокриÑтальной ÑиÑтемы Wi-Fi. Из-за Ñтого проблеме приÑвоен критичеÑкий уровень ÑерьезноÑти.</p> @@ -716,7 +705,7 @@ Upstream kernel</a></td> </tr> </tbody></table> <p>*Уровень ÑерьезноÑти Ñтих уÑзвимоÑтей определÑетÑÑ Ð½ÐµÐ¿Ð¾ÑредÑтвенно компанией Qualcomm.</p> -<p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> +<p>**ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>***Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> <h3 id="rce-in-v8">Удаленное выполнение кода через v8</h3> @@ -1205,8 +1194,7 @@ QC-CR#1096799</a></td> <tr> <td>CVE-2016-10232</td> <td>A-34386696<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=21e0ead58e47798567d846b84f16f89cf69a57ae">QC-CR#1024872</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=27f7b3b3059f6181e2786f886f4cd92f413bc30c"> -[2]</a></td> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=21e0ead58e47798567d846b84f16f89cf69a57ae">QC-CR#1024872</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=27f7b3b3059f6181e2786f886f4cd92f413bc30c">[2]</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> <td>10 ÑÐ½Ð²Ð°Ñ€Ñ 2017 г.</td> @@ -1365,7 +1353,7 @@ QC-CR#1103158</a></td> Upstream kernel</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android One, Nexus Player</td> - <td>ДоÑтупно только Ñотрудникам Google</td> + <td>24 октÑÐ±Ñ€Ñ 2014 г.</td> </tr> </tbody></table> @@ -1415,8 +1403,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2014-3145</td> <td>A-34469585<br /> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=314760e66c35c8ffa51b4c4ca6948d207e783079">Upstream kernel</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"> -[2]</a></td> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=314760e66c35c8ffa51b4c4ca6948d207e783079">Upstream kernel</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3">[2]</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 6, Nexus Player</td> <td>9Â Ð¼Ð°Ñ 2014 г.</td> @@ -1443,10 +1430,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-5349</td> <td>A-29083830<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=7c3bf6557c62d904b15507eb451fda8fd7ef750c">QC-CR#1021945</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=03853a58952834ac3e1e3007c9c680dd4c001a2f"> -[2]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e3d969000fb60ecb9bc01667fa89957f67763514"> -[3]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=9bd398661cae758ffc557adc7de74ba32654e1f9"> -[4]</a></td> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=7c3bf6557c62d904b15507eb451fda8fd7ef750c">QC-CR#1021945</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=03853a58952834ac3e1e3007c9c680dd4c001a2f">[2]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e3d969000fb60ecb9bc01667fa89957f67763514">[3]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=9bd398661cae758ffc557adc7de74ba32654e1f9">[4]</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> <td>1Â Ð¸ÑŽÐ½Ñ 2016 г.</td> @@ -1473,8 +1457,7 @@ Upstream kernel</a></td> <tr> <td>CVE-2016-10234</td> <td>A-34390017<br /> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=c7d7492c1e329fdeb28a7901c4cd634d41a996b1">QC-CR#1069060</a> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=d12370c7f3ecded1867fbd6b70ded35db55cab1d"> -[2]</a></td> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=c7d7492c1e329fdeb28a7901c4cd634d41a996b1">QC-CR#1069060</a> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=d12370c7f3ecded1867fbd6b70ded35db55cab1d">[2]</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> <td>10 ÑÐ½Ð²Ð°Ñ€Ñ 2017 г.</td> @@ -1942,143 +1925,126 @@ QC-CR#1106842</a></td> </tr> <tr> <td>CVE-2014-9931</td> - <td>A-35445101**<br /> - QC-CR#612410</td> + <td>A-35445101**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2014-9932</td> - <td>A-35434683**<br /> - QC-CR#626734</td> + <td>A-35434683**</td> <td>КритичеÑкий</td> <td>Pixel, Pixel XL</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2014-9933</td> - <td>A-35442512<br /> - QC-CR#675463</td> + <td>A-35442512**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2014-9934</td> - <td>A-35439275**<br /> - QC-CR#658249</td> + <td>A-35439275**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2014-9935</td> - <td>A-35444951**<br /> - QC-CR#717626</td> + <td>A-35444951**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2014-9936</td> - <td>A-35442420**<br /> - QC-CR#727389</td> + <td>A-35442420**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2014-9937</td> - <td>A-35445102**<br /> - QC-CR#734095</td> + <td>A-35445102**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-8995</td> - <td>A-35445002**<br /> - QC-CR#733690</td> + <td>A-35445002**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-8996</td> - <td>A-35444658**<br /> - QC-CR#734698</td> + <td>A-35444658**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-8997</td> - <td>A-35432947**<br /> - QC-CR#734707</td> + <td>A-35432947**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-8998</td> - <td>A-35441175**<br /> - QC-CR#735337</td> + <td>A-35441175**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-8999</td> - <td>A-35445401**<br /> - QC-CR#736119</td> + <td>A-35445401**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-9000</td> - <td>A-35441076**<br /> - QC-CR#740632</td> + <td>A-35441076**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-9001</td> - <td>A-35445400**<br /> - QC-CR#736083</td> + <td>A-35445400**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-9002</td> - <td>A-35442421**<br /> - QC-CR#748428</td> + <td>A-35442421**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2015-9003</td> - <td>A-35440626**<br /> - QC-CR#749215</td> + <td>A-35440626**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> <tr> <td>CVE-2016-10242</td> - <td>A-35434643**<br /> - QC-CR#985139</td> + <td>A-35434643**</td> <td>КритичеÑкий</td> <td>Ðет**</td> <td>ДоÑтупно только Ñотрудникам Qualcomm</td> </tr> </tbody></table> <p>*Уровень ÑерьезноÑти Ñтих уÑзвимоÑтей определÑетÑÑ Ð½ÐµÐ¿Ð¾ÑредÑтвенно компанией Qualcomm.</p> -<p>*ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> +<p>**ИÑправление не опубликовано. Обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <p>***Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.0, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> <h2 id="common-questions-and-answers">ЧаÑто задаваемые вопроÑÑ‹</h2> @@ -2106,14 +2072,12 @@ QC-CR#1106842</a></td> <p><strong>3. Как определить, на каких уÑтройÑтвах Google приÑутÑтвует уÑзвимоÑÑ‚ÑŒ?</strong></p> <p>Ð’ каждой таблице разделов Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей <a href="#2017-04-01-details">2017-04-01</a> и <a href="#2017-04-05-details">2017-04-05</a> еÑÑ‚ÑŒ Ñтолбец <em>Обновленные уÑтройÑтва Google</em>. Ð’ нем указано, на каких уÑтройÑтвах приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</p> <ul> - <li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> + <li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> <li><strong>Ðекоторые уÑтройÑтва.</strong> <em></em>ПеречиÑлены уÑтройÑтва, на которых приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</li> <li><strong>Ðет.</strong> Проблема не возникает ни на одном уÑтройÑтве Google.<em></em> </li> </ul> <p><strong>4. Ðа что указывают запиÑи в Ñтолбце "СÑылки"?</strong></p> -<p>Ð’ таблицах Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей еÑÑ‚ÑŒ Ñтолбец <em>СÑылки</em>. -ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в нем может Ñодержать префикÑ, указывающий на -иÑточник ÑÑылки, а именно:</p> +<p>Ð’ таблицах Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей еÑÑ‚ÑŒ Ñтолбец <em>СÑылки</em>. ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в нем может Ñодержать префикÑ, указывающий на иÑточник ÑÑылки, а именно:</p> <table> <tbody><tr> <th>ПрефикÑ</th> @@ -2145,6 +2109,9 @@ QC-CR#1106842</a></td> <ul> <li>3Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 года. Бюллетень опубликован.</li> <li>5Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 года. Добавлены ÑÑылки на AOSP.</li> + <li>21Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 года. ИÑправлена Ð°Ñ‚Ñ€Ð¸Ð±ÑƒÑ†Ð¸Ñ ÑƒÑзвимоÑтей CVE-2016-10231 и CVE-2017-0586.</li> + <li>27Â Ð°Ð¿Ñ€ÐµÐ»Ñ 2017 года. Ð˜Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑти CVE-2017-0540 удалена из бюллетенÑ.</li> + <li>17 авгуÑта 2017 года. Обновлены ÑÑылочные номера.</li> </ul> </body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2017-05-01.html b/ru/security/bulletin/2017-05-01.html index 386a5c3b..48b13204 100644 --- a/ru/security/bulletin/2017-05-01.html +++ b/ru/security/bulletin/2017-05-01.html @@ -20,7 +20,7 @@ limitations under the License. --> -<p><em>Опубликовано 1Â Ð¼Ð°Ñ 2017 г. | Обновлено 17 авгуÑта 2017 г.</em></p> +<p><em>Опубликовано 1Â Ð¼Ð°Ñ 2017 г. | Обновлено 3 октÑÐ±Ñ€Ñ 2017 г.</em></p> <p>Ð’ Ñтом бюллетене ÑодержитÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑÑ‚ÑÑ… в защите уÑтройÑтв Android. К его выходу мы выпуÑтили автоматичеÑкое обновление ÑиÑтемы безопаÑноÑти Ð´Ð»Ñ ÑƒÑтройÑтв Google и опубликовали образы прошивок <a href="https://developers.google.com/android/nexus/images">на Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>. Ð’Ñе актуальные проблемы, перечиÑленные здеÑÑŒ, уÑтранены в иÑправлении от 5Â Ð¼Ð°Ñ 2017 года или более новом. Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> @@ -51,7 +51,7 @@ <li>ИÑпользование многих уÑзвимоÑтей затруднÑетÑÑ Ð² новых верÑиÑÑ… Android, поÑтому мы рекомендуем вÑем пользователÑм Ñвоевременно обновлÑÑ‚ÑŒ ÑиÑтему.</li> -<li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоноÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">мобильными ÑервиÑами Google</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников. Ð¥Ð¾Ñ‚Ñ Ð² Google Play инÑтрументы Ð´Ð»Ñ Ñ€ÑƒÑ‚Ð¸Ð½Ð³Ð° запрещены, они могут вÑтречатьÑÑ Ð² других магазинах. ЕÑли пользователь решает уÑтановить такое приложение, Проверка предупреждает об Ñтом. Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> +<li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Ðти ÑервиÑÑ‹ предупреждают Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ð± уÑтановке <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально опаÑных приложений</a>. Проверка приложений включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">мобильными ÑервиÑами Google</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников. Ð¥Ð¾Ñ‚Ñ Ð² Google Play инÑтрументы Ð´Ð»Ñ Ñ€ÑƒÑ‚Ð¸Ð½Ð³Ð° запрещены, они могут вÑтречатьÑÑ Ð² других магазинах. ЕÑли пользователь решает уÑтановить такое приложение, Проверка предупреждает об Ñтом. Кроме того, она пытаетÑÑ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸Ñ†Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ извеÑтное вредоноÑное ПО, иÑпользующее уÑзвимоÑÑ‚ÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹, и блокировать его уÑтановку. ЕÑли подобное ПО уже еÑÑ‚ÑŒ на уÑтройÑтве, ÑиÑтема уведомит об Ñтом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ попытаетÑÑ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ приложение.</li> <li>ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Google Hangouts и Messenger не передают медиафайлы таким процеÑÑам, как mediaserver, автоматичеÑки.</li> </ul> @@ -77,7 +77,7 @@ <li><a href="mailto:sbauer@plzdonthack.me">Скотт БауÑÑ€</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-10274</li> <li><a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и СюйÑÑнь ЦзÑн из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-10291</li> <li>ВаÑилий ВаÑильев: CVE-2017-0589</li> -<li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0590, CVE-2017-0587, CVE-2017-0600</li> +<li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">команды по изучению угроз Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0590, CVE-2017-0587, CVE-2017-0600</li> <li>Силин Гун из отдела безопаÑноÑти платформы Tencent: CVE-2017-0597</li> <li>Синюань Линь из 360 Marvel Team: CVE-2017-0627</li> <li>Юн Ван (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) из Alibaba Inc: CVE-2017-0588</li> @@ -283,8 +283,7 @@ </tr> <tr> <td>CVE-2017-0598</td> - <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> - [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> <td>Ð’Ñ‹Ñокий</td> <td>Ð’Ñе</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -379,9 +378,7 @@ </tr> <tr> <td>CVE-2017-0493</td> - <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> - [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>] - [<a href="https://android.googlesource.com/platform/frameworks/base/+/58552f814a03d978b4a6507f3c16f71964f9b28f">3</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>] [<a href="https://android.googlesource.com/platform/frameworks/base/+/58552f814a03d978b4a6507f3c16f71964f9b28f">3</a>]</td> <td>Средний</td> <td>Ð’Ñе</td> <td>7.0, 7.1.1</td> @@ -722,37 +719,9 @@ QC-CR#826589</a></td> <p>*Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.1.1, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> -<h3 id="eop-in-kernel-trace-subsystem">Повышение привилегий через подÑиÑтему траÑÑировки Ñдра</h3> - -<p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Ей приÑвоен критичеÑкий уровень ÑерьезноÑти, поÑкольку из-за нее нарушаетÑÑ Ñ€Ð°Ð±Ð¾Ñ‚Ð° ÑиÑтемы безопаÑноÑти. Возможно, Ð´Ð»Ñ ÑƒÑÑ‚Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼Ñ‹ потребуетÑÑ Ð¿ÐµÑ€ÐµÑƒÑтановить ОС.</p> - -<table> - <colgroup><col width="19%" /> - <col width="20%" /> - <col width="10%" /> - <col width="23%" /> - <col width="17%" /> - </colgroup><tbody><tr> - <th>CVE</th> - <th>СÑылки</th> - <th>Уровень ÑерьезноÑти</th> - <th>Обновленные уÑтройÑтва Google</th> - <th>Дата ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибке</th> - </tr> - <tr> - <td>CVE-2017-0605</td> - <td>A-35399704<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> -QC-CR#1048480</a></td> - <td>КритичеÑкий</td> - <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android One, Nexus Player</td> - <td>15Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2017 г.</td> - </tr> -</tbody></table> - <h3 id="vulnerabilities-in-qualcomm-components">УÑзвимоÑти в компонентах Qualcomm</h3> -<p>Ðти уÑзвимоÑти затрагивают компоненты Qualcomm и опиÑаны в бюллетенÑÑ… по безопаÑноÑти Qualcomm AMSS за авгуÑÑ‚, ÑентÑбрь, октÑбрь и декабрь 2016 года.</p> +<p>Ðти уÑзвимоÑти затрагивают компоненты Qualcomm и опиÑаны в бюллетенÑÑ… по безопаÑноÑти Qualcomm AMSS за авгуÑÑ‚, ÑентÑбрь, октÑбрь и декабрь 2016 г.</p> <table> <colgroup><col width="19%" /> @@ -1325,7 +1294,7 @@ QC-CR#1080290</a></td> <p>**Ðта уÑзвимоÑÑ‚ÑŒ не затрагивает поддерживаемые уÑтройÑтва Google Ñ Android 7.1.1, на которых уÑтановлены вÑе доÑтупные обновлениÑ.</p> -<h3 id="eop-in-mediatek-system-management-interrupt-driver">Повышение привилегий через драйвер Ð¿Ñ€ÐµÑ€Ñ‹Ð²Ð°Ð½Ð¸Ñ ÑиÑтемного ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ MediaTek</h3> +<h3 id="eop-in-mediatek-system-management-interrupt-driver">Повышение привилегий через драйвер прерываний ÑиÑтемного ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ MediaTek</h3> <p>УÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра. Проблеме приÑвоен выÑокий уровень ÑерьезноÑти, поÑкольку уÑзвимоÑÑ‚ÑŒ требует Ñначала нарушить защиту привилегированного процеÑÑа.</p> @@ -1606,9 +1575,7 @@ QC-CR#1104431</a></td> <tr> <td>CVE-2017-7184</td> <td>A-36565222<br /> - <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> -Upstream kernel</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> -[2]</a></td> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a">Upstream kernel</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df">[2]</a></td> <td>Ð’Ñ‹Ñокий</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Android One</td> <td>23 марта 2017 г.</td> @@ -2018,9 +1985,7 @@ QC-CR#1086833</a></td> <tr> <td>CVE-2016-5858</td> <td>A-35400153<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> -QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> -[2]</a></td> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711">QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6">[2]</a></td> <td>Средний</td> <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> <td>15Â Ñ„ÐµÐ²Ñ€Ð°Ð»Ñ 2017 г.</td> @@ -2419,8 +2384,8 @@ QC-CR#832915</a></td> <p>Производители уÑтройÑтв, позволÑющие уÑтановить Ñти обновлениÑ, должны приÑвоить им один из Ñтих уровней:</p> <ul> -<li>[ro.build.version.security_patch]:[2017-05-01];</li> -<li>[ro.build.version.security_patch]:[2017-05-05].</li> +<li>[ro.build.version.security_patch]:[2017-05-01]</li> +<li>[ro.build.version.security_patch]:[2017-05-05]</li> </ul> <p><strong>2. Почему в Ñтом бюллетене говоритÑÑ Ð¾ двух обновлениÑÑ… ÑиÑтемы безопаÑноÑти?</strong></p> @@ -2431,15 +2396,15 @@ QC-CR#832915</a></td> <li>Ðа уÑтройÑтвах Ñ ÑƒÑтановленным обновлением от 5Â Ð¼Ð°Ñ 2017 года или более новым должны быть иÑправлены вÑе проблемы, упомÑнутые в Ñтом бюллетене и предыдущих выпуÑках.</li> </ul> -<p>Рекомендуем партнерам объединить вÑе иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼ в одно обновление.</p> +<p>Рекомендуем партнерам Ñобрать вÑе иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¾Ð±Ð»ÐµÐ¼ в одно обновление.</p> <p><strong>3. Как определить, на каких уÑтройÑтвах Google приÑутÑтвует уÑзвимоÑÑ‚ÑŒ?</strong></p> <p>Ð’ каждой таблице разделов Ñ Ð¾Ð¿Ð¸Ñанием уÑзвимоÑтей <a href="#2017-05-01-details">2017-05-01</a> и <a href="#2017-05-05-details">2017-05-05</a> еÑÑ‚ÑŒ Ñтолбец <em>Обновленные уÑтройÑтва Google</em>. Ð’ нем указано, на каких уÑтройÑтвах приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</p> <ul> -<li><strong>Ð’Ñе уÑтройÑтва</strong>. Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> -<li><strong>Ðекоторые уÑтройÑтва</strong>. <em></em>ПеречиÑлены уÑтройÑтва, на которых приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</li> -<li><strong>Ðет</strong>. Проблема не возникает ни на одном уÑтройÑтве Google.<em></em> </li> +<li><strong>Ð’Ñе уÑтройÑтва.</strong> Проблема возникает на<em></em> Ñледующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых уÑтройÑтвах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> +<li><strong>Ðекоторые уÑтройÑтва.</strong> <em></em>ПеречиÑлены уÑтройÑтва, на которых приÑутÑтвует уÑзвимоÑÑ‚ÑŒ.</li> +<li><strong>Ðет.</strong> Проблема не возникает ни на одном уÑтройÑтве Google.<em></em> </li> </ul> <p><strong>4. Ðа что указывают запиÑи в Ñтолбце "СÑылки"?</strong></p> @@ -2477,6 +2442,7 @@ QC-CR#832915</a></td> <li>2Â Ð¼Ð°Ñ 2017 года. Добавлены ÑÑылки на AOSP.</li> <li>10 авгуÑта 2017 года. Добавлена Ð´Ð¾Ð¿Ð¾Ð»Ð½Ð¸Ñ‚ÐµÐ»ÑŒÐ½Ð°Ñ ÑÑылка на AOSP Ð´Ð»Ñ CVE-2017-0493.</li> <li>17 авгуÑта 2017 года. Обновлены ÑÑылочные номера.</li> +<li>3 октÑÐ±Ñ€Ñ 2017 года. Удалена Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑти CVE-2017-0605.</li> </ul> </body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2017-06-01.html b/ru/security/bulletin/2017-06-01.html index fe571dbb..868122c4 100644 --- a/ru/security/bulletin/2017-06-01.html +++ b/ru/security/bulletin/2017-06-01.html @@ -19,7 +19,7 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>Опубликовано 5Â Ð¸ÑŽÐ½Ñ 2017 г. | Обновлено 7Â Ð¸ÑŽÐ½Ñ 2016 г.</em></p> +<p><em>Опубликовано 5Â Ð¸ÑŽÐ½Ñ 2017 г. | Обновлено 17 авгуÑта 2017 г.</em></p> <p>Ð’ Ñтом бюллетене ÑодержитÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑÑ‚ÑÑ… в защите уÑтройÑтв Android. Ð’Ñе актуальные проблемы, перечиÑленные здеÑÑŒ, уÑтранены в иÑправлении от 5Â Ð¸ÑŽÐ½Ñ 2017 года или более новом. Информацию о том, как проверить Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> @@ -27,11 +27,11 @@ <p>Ð¡Ð°Ð¼Ð°Ñ ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ Ð¸Ð· Ñтих проблем – критичеÑÐºÐ°Ñ ÑƒÑзвимоÑÑ‚ÑŒ в Media Framework, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ñет злоумышленнику нарушить целоÑтноÑÑ‚ÑŒ информации в памÑти при обработке медиафайлов и данных в Ñпециально Ñозданном файле. <a href="/security/overview/updates-resources.html#severity">Уровень ÑерьезноÑти</a> завиÑит от того, какой ущерб будет нанеÑен уÑтройÑтву при атаке Ñ Ð¸Ñпользованием уÑзвимоÑти, еÑли ÑредÑтва защиты будут отключены разработчиком или взломаны.</p> -<p>Обнаруженные уÑзвимоÑти не ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и <a href="https://www.android.com/play-protect">Google Play Защита</a> помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> +<p>У Ð½Ð°Ñ Ð½ÐµÑ‚ информации о том, что обнаруженные уÑзвимоÑти ÑкÑплуатировалиÑÑŒ. Ð’ разделе <a href="#mitigations">Предотвращение атак</a> раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и <a href="https://www.android.com/play-protect">Google Play Защита</a> помогают Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> <p>Мы рекомендуем вÑем пользователÑм уÑтановить перечиÑленные здеÑÑŒ обновлениÑ.</p> -<p class="note"><strong>Примечание.</strong> Ð˜Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾ поÑледних автоматичеÑких обновлениÑÑ… (OTA) и об образах прошивок Ð´Ð»Ñ ÑƒÑтройÑтв Google находитÑÑ Ð² разделе <a href="#google-device-updates">ÐžÐ±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑƒÑтройÑтв Google</a>.</p> +<p class="note"><strong>Примечание.</strong> Ð˜Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾ поÑледних автоматичеÑких обновлениÑÑ… (OTA) и образах прошивок Ð´Ð»Ñ ÑƒÑтройÑтв Google находитÑÑ Ð² разделе <a href="#google-device-updates">ÐžÐ±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑƒÑтройÑтв Google</a>.</p> <h2 id="announcements">ОбъÑвлениÑ</h2> <ul> @@ -45,14 +45,15 @@ </ul> <h2 id="mitigations">Предотвращение атак</h2> -<p>Ðиже раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://www.android.com/play-protect">Google Play Защита</a> позволÑÑŽÑ‚ Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> +<p>Ðиже раÑÑказываетÑÑ, как <a href="/security/enhancements/index.html">платформа безопаÑноÑти</a> и ÑредÑтва защиты ÑервиÑов, например <a href="https://www.android.com/play-protect">Google Play Защита</a>, +позволÑÑŽÑ‚ Ñнизить вероÑтноÑÑ‚ÑŒ атак на Android.</p> <ul> <li>ИÑпользование многих уÑзвимоÑтей затруднÑетÑÑ Ð² новых верÑиÑÑ… Android, поÑтому мы рекомендуем вÑем пользователÑм Ñвоевременно обновлÑÑ‚ÑŒ ÑиÑтему.</li> <li>Команда, Ð¾Ñ‚Ð²ÐµÑ‡Ð°ÑŽÑ‰Ð°Ñ Ð·Ð° безопаÑноÑÑ‚ÑŒ Android, активно отÑлеживает Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <a href="https://www.android.com/play-protect">Google Play Защиты</a> и предупреждает пользователей об уÑтановке <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально опаÑных приложений</a>. Google Play Защита включена по умолчанию на вÑех уÑтройÑтвах Ñ <a href="http://www.android.com/gms">ÑервиÑами Google Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ñ‹Ñ… уÑтройÑтв</a>. Она оÑобенно важна, еÑли пользователь уÑтанавливает ПО из Ñторонних иÑточников.</li> </ul> <h2 id="2017-06-01-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-06-01)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ… Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти 2017-06-01. УÑзвимоÑти Ñгруппированы по компонентам, которые они затрагивают. Ð”Ð»Ñ ÐºÐ°Ð¶Ð´Ð¾Ð³Ð¾ приведено опиÑание и таблица Ñ CVE, ÑÑылками, <a href="#vulnerability-type">типом</a>, <a href="/security/overview/updates-resources.html#severity">уровнем ÑерьезноÑти</a>, а также верÑиÑми AOSP (при наличии). Где возможно, мы приводим оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2017-06-01. УÑзвимоÑти Ñгруппированы по компонентам, которые они затрагивают. Ð”Ð»Ñ ÐºÐ°Ð¶Ð´Ð¾Ð³Ð¾ приведено опиÑание и таблица Ñ CVE, ÑÑылками, <a href="#vulnerability-type">типом</a>, <a href="/security/overview/updates-resources.html#severity">уровнем ÑерьезноÑти</a>, а также верÑиÑми AOSP (при наличии). Где возможно, мы приводим оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="bluetooth">Bluetooth</h3> <p>Ð¡Ð°Ð¼Ð°Ñ ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ ÑƒÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО получать неÑанкционированный доÑтуп к данным.</p> @@ -270,7 +271,7 @@ </tr> </tbody></table> <h2 id="2017-06-05-details">ОпиÑание уÑзвимоÑтей (обновление ÑиÑтемы безопаÑноÑти 2017-06-05)</h2> -<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ… Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемы безопаÑноÑти 2017-06-05. УÑзвимоÑти Ñгруппированы по компонентам, которые они затрагивают. Ð”Ð»Ñ ÐºÐ°Ð¶Ð´Ð¾Ð³Ð¾ приведена таблица Ñ CVE, ÑÑылками, <a href="#vulnerability-type">типом</a>, <a href="/security/overview/updates-resources.html#severity">уровнем ÑерьезноÑти</a>, а также верÑиÑми AOSP (при наличии). Где возможно, мы приводим оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> +<p>Ð’ Ñтом разделе вы найдете подробную информацию обо вÑех уÑзвимоÑÑ‚ÑÑ…, уÑтраненных в обновлении ÑиÑтемы безопаÑноÑти 2017-06-05. УÑзвимоÑти Ñгруппированы по компонентам, которые они затрагивают. Ð”Ð»Ñ ÐºÐ°Ð¶Ð´Ð¾Ð³Ð¾ приведена таблица Ñ CVE, ÑÑылками, <a href="#vulnerability-type">типом</a>, <a href="/security/overview/updates-resources.html#severity">уровнем ÑерьезноÑти</a>, а также верÑиÑми AOSP (при наличии). Где возможно, мы приводим оÑновную ÑÑылку на опубликованное изменение, ÑвÑзанное Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки (например, ÑпиÑок AOSP), и дополнительные ÑÑылки в квадратных Ñкобках.</p> <h3 id="kernel-components">Компоненты Ñдра</h3> <p>Ð¡Ð°Ð¼Ð°Ñ ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ ÑƒÑзвимоÑÑ‚ÑŒ позволÑет локальному вредоноÑному ПО выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра.</p> @@ -392,6 +393,14 @@ <td>Средний</td> <td>Ðудиодрайвер</td> </tr> + <tr> + <td>CVE-2017-6249</td> + <td>A-34373711<a href="#asterisk">*</a><br /> + N-CVE-2017-6249</td> + <td>ПП</td> + <td>Средний</td> + <td>Ðудиодрайвер</td> + </tr> </tbody></table> <h3 id="qualcomm-components">Компоненты Qualcomm</h3> <p>Ð¡Ð°Ð¼Ð°Ñ ÑÐµÑ€ÑŒÐµÐ·Ð½Ð°Ñ ÑƒÑзвимоÑÑ‚ÑŒ позволÑет злоумышленнику выполнÑÑ‚ÑŒ произвольный код в контекÑте Ñдра.</p> @@ -428,8 +437,7 @@ <tr> <td>CVE-2017-7366</td> <td>A-36252171<br /> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f4c9ffd6cd7960265f38e285ac43cbecf2459e45">QC-CR#1036161</a> -[<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7c4d5736d32f91f0cafe6cd86d00e26389970b00">2</a>]</td> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f4c9ffd6cd7960265f38e285ac43cbecf2459e45">QC-CR#1036161</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7c4d5736d32f91f0cafe6cd86d00e26389970b00">2</a>]</td> <td>ПП</td> <td>Ð’Ñ‹Ñокий</td> <td>Драйвер графичеÑкого процеÑÑора</td> @@ -485,8 +493,7 @@ <tr> <td>CVE-2017-7369</td> <td>A-33751424<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=75ed08a822cf378ffed0d2f177d06555bd77a006">QC-CR#2009216</a> -[<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=ae8f1d5f60644983aba7fbab469d0e542a187c6e">2</a>]</td> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=75ed08a822cf378ffed0d2f177d06555bd77a006">QC-CR#2009216</a> [<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=ae8f1d5f60644983aba7fbab469d0e542a187c6e">2</a>]</td> <td>ПП</td> <td>Средний</td> <td>Ðудиодрайвер</td> @@ -561,7 +568,7 @@ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6a3b8afdf97e77c0b64005b23fa6d32025d922e5">QC-CR#2009231</a></td> <td>ПП</td> <td>Средний</td> - <td>Драйвер QSEE Communacator</td> + <td>Драйвер QSEE Communicator</td> </tr> <tr> <td>CVE-2017-8239</td> @@ -630,402 +637,350 @@ </tr> <tr> <td>CVE-2014-9960</td> - <td>A-37280308<a href="#asterisk">*</a><br /> - QC-CR#381837</td> + <td>A-37280308<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9961</td> - <td>A-37279724<a href="#asterisk">*</a><br /> - QC-CR#581093</td> + <td>A-37279724<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9953</td> - <td>A-36714770<a href="#asterisk">*</a><br /> - QC-CR#642173</td> + <td>A-36714770<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9967</td> - <td>A-37281466<a href="#asterisk">*</a><br /> - QC-CR#739110</td> + <td>A-37281466<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9026</td> - <td>A-37277231<a href="#asterisk">*</a><br /> - QC-CR#748397</td> + <td>A-37277231<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9027</td> - <td>A-37279124<a href="#asterisk">*</a><br /> - QC-CR#748407</td> + <td>A-37279124<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9008</td> - <td>A-36384689<a href="#asterisk">*</a><br /> - QC-CR#762111</td> + <td>A-36384689<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9009</td> - <td>A-36393600<a href="#asterisk">*</a><br /> - QC-CR#762182</td> + <td>A-36393600<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9010</td> - <td>A-36393101<a href="#asterisk">*</a><br /> - QC-CR#758752</td> + <td>A-36393101<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9011</td> - <td>A-36714882<a href="#asterisk">*</a><br /> - QC-CR#762167</td> + <td>A-36714882<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9024</td> - <td>A-37265657<a href="#asterisk">*</a><br /> - QC-CR#740680</td> + <td>A-37265657<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9012</td> - <td>A-36384691<a href="#asterisk">*</a><br /> - QC-CR#746617</td> + <td>A-36384691<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9013</td> - <td>A-36393251<a href="#asterisk">*</a><br /> - QC-CR#814373</td> + <td>A-36393251<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9014</td> - <td>A-36393750<a href="#asterisk">*</a><br /> - QC-CR#855220</td> + <td>A-36393750<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9015</td> - <td>A-36714120<a href="#asterisk">*</a><br /> - QC-CR#701858</td> + <td>A-36714120<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9029</td> - <td>A-37276981<a href="#asterisk">*</a><br /> - QC-CR#827837</td> + <td>A-37276981<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10338</td> - <td>A-37277738<a href="#asterisk">*</a><br /> - QC-CR#987699</td> + <td>A-37277738<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10336</td> - <td>A-37278436<a href="#asterisk">*</a><br /> - QC-CR#973605</td> + <td>A-37278436<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10333</td> - <td>A-37280574<a href="#asterisk">*</a><br /> - QC-CR#947438</td> + <td>A-37280574<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10341</td> - <td>A-37281667<a href="#asterisk">*</a><br /> - QC-CR#991476</td> + <td>A-37281667<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10335</td> - <td>A-37282802<a href="#asterisk">*</a><br /> - QC-CR#961142</td> + <td>A-37282802<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10340</td> - <td>A-37280614<a href="#asterisk">*</a><br /> - QC-CR#989028</td> + <td>A-37280614<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10334</td> - <td>A-37280664<a href="#asterisk">*</a><br /> - QC-CR#949933</td> + <td>A-37280664<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10339</td> - <td>A-37280575<a href="#asterisk">*</a><br /> - QC-CR#988502</td> + <td>A-37280575<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10298</td> - <td>A-36393252<a href="#asterisk">*</a><br /> - QC-CR#1020465</td> + <td>A-36393252<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10299</td> - <td>A-32577244<a href="#asterisk">*</a><br /> - QC-CR#1058511</td> + <td>A-32577244<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>КритичеÑкий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9954</td> - <td>A-36388559<a href="#asterisk">*</a><br /> - QC-CR#552880</td> + <td>A-36388559<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9955</td> - <td>A-36384686<a href="#asterisk">*</a><br /> - QC-CR#622701</td> + <td>A-36384686<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9956</td> - <td>A-36389611<a href="#asterisk">*</a><br /> - QC-CR#638127</td> + <td>A-36389611<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9957</td> - <td>A-36387564<a href="#asterisk">*</a><br /> - QC-CR#638984</td> + <td>A-36387564<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9958</td> - <td>A-36384774<a href="#asterisk">*</a><br /> - QC-CR#638135</td> + <td>A-36384774<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9962</td> - <td>A-37275888<a href="#asterisk">*</a><br /> - QC-CR#656267</td> + <td>A-37275888<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9963</td> - <td>A-37276741<a href="#asterisk">*</a><br /> - QC-CR#657771</td> + <td>A-37276741<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9959</td> - <td>A-36383694<a href="#asterisk">*</a><br /> - QC-CR#651900</td> + <td>A-36383694<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9964</td> - <td>A-37280321<a href="#asterisk">*</a><br /> - QC-CR#680778</td> + <td>A-37280321<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9965</td> - <td>A-37278233<a href="#asterisk">*</a><br /> - QC-CR#711585</td> + <td>A-37278233<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2014-9966</td> - <td>A-37282854<a href="#asterisk">*</a><br /> - QC-CR#727398</td> + <td>A-37282854<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9023</td> - <td>A-37276138<a href="#asterisk">*</a><br /> - QC-CR#739802</td> + <td>A-37276138<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9020</td> - <td>A-37276742<a href="#asterisk">*</a><br /> - QC-CR#733455</td> + <td>A-37276742<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9021</td> - <td>A-37276743<a href="#asterisk">*</a><br /> - QC-CR#735148</td> + <td>A-37276743<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9025</td> - <td>A-37276744<a href="#asterisk">*</a><br /> - QC-CR#743985</td> + <td>A-37276744<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9022</td> - <td>A-37280226<a href="#asterisk">*</a><br /> - QC-CR#736146</td> + <td>A-37280226<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9028</td> - <td>A-37277982<a href="#asterisk">*</a><br /> - QC-CR#762764</td> + <td>A-37277982<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9031</td> - <td>A-37275889<a href="#asterisk">*</a><br /> - QC-CR#866015</td> + <td>A-37275889<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9032</td> - <td>A-37279125<a href="#asterisk">*</a><br /> - QC-CR#873202</td> + <td>A-37279125<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9033</td> - <td>A-37276139<a href="#asterisk">*</a><br /> - QC-CR#892541</td> + <td>A-37276139<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2015-9030</td> - <td>A-37282907<a href="#asterisk">*</a><br /> - QC-CR#854667</td> + <td>A-37282907<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10332</td> - <td>A-37282801<a href="#asterisk">*</a><br /> - QC-CR#906713<br /> - QC-CR#917701<br /> - QC-CR#917702</td> + <td>A-37282801<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10337</td> - <td>A-37280665<a href="#asterisk">*</a><br /> - QC-CR#977632</td> + <td>A-37280665<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> </tr> <tr> <td>CVE-2016-10342</td> - <td>A-37281763<a href="#asterisk">*</a><br /> - QC-CR#988941</td> + <td>A-37281763<a href="#asterisk">*</a></td> <td>Ð/Д</td> <td>Ð’Ñ‹Ñокий</td> <td>Закрытый компонент</td> @@ -1178,7 +1133,7 @@ <p id="vulnerability-type"><strong>3. Что означают ÑÐ¾ÐºÑ€Ð°Ñ‰ÐµÐ½Ð¸Ñ Ð² Ñтолбце <em>Тип</em>?</strong></p> -<p>Ð Ñтой Ñтолбце указан<em></em> тип уÑзвимоÑти по Ñледующей клаÑÑификации:</p> +<p>Ð’ Ñтом Ñтолбце указан<em></em> тип уÑзвимоÑти по Ñледующей клаÑÑификации:</p> <table> <colgroup><col width="25%" /> @@ -1242,7 +1197,7 @@ </tbody></table> <p id="asterisk"><strong>6. Что означает значок <a href="#asterisk">*</a> Ñ€Ñдом Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ ошибки Android в Ñтолбце <em>СÑылки</em>?</strong></p> -<p>Значок <a href="#asterisk">*</a> (звездочка) означает, что иÑправление Ð´Ð»Ñ ÑƒÑзвимоÑти не опубликовано<em></em>. Ðеобходимое обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> +<p>Значок <a href="#asterisk">*</a> означает, что иÑправление Ð´Ð»Ñ ÑƒÑзвимоÑти не опубликовано<em></em>. Ðеобходимое обновление ÑодержитÑÑ Ð² поÑледних бинарных драйверах Ð´Ð»Ñ ÑƒÑтройÑтв Nexus, которые можно Ñкачать на <a href="https://developers.google.com/android/nexus/drivers">Ñайте Ð´Ð»Ñ Ñ€Ð°Ð·Ñ€Ð°Ð±Ð¾Ñ‚Ñ‡Ð¸ÐºÐ¾Ð²</a>.</p> <h2 id="versions">ВерÑии</h2> <table> @@ -1264,6 +1219,16 @@ <td>7Â Ð¸ÑŽÐ½Ñ 2017 г.</td> <td>Добавлены ÑÑылки на AOSP.</td> </tr> + <tr> + <td>1.2</td> + <td>11Â Ð¸ÑŽÐ»Ñ 2017 г.</td> + <td>Добавлена Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑзвимоÑти CVE-2017-6249.</td> + </tr> + <tr> + <td>1.3</td> + <td>17 авгуÑта 2017 г.</td> + <td>Обновлены ÑÑылочные номера.</td> + </tr> </tbody></table> </body></html>
\ No newline at end of file diff --git a/zh-cn/_book.yaml b/zh-cn/_book.yaml index 30063d93..5a1b4846 100644 --- a/zh-cn/_book.yaml +++ b/zh-cn/_book.yaml @@ -22,7 +22,7 @@ upper_tabs: title: 开始使用 - section: - path: /source/requirements - title: 概览 + title: è¦æ±‚ - path: /source/initializing title: æ建编译环境 - path: /source/downloading @@ -32,7 +32,7 @@ upper_tabs: - path: /source/jack title: 使用 Jack 编译 - path: /source/devices - title: 选择设备 + title: 使用å‚考开å‘æ¿ - path: /source/running title: è¿è¡Œç‰ˆæœ¬ - path: /source/building-kernels @@ -68,7 +68,7 @@ upper_tabs: - path: /source/read-bug-reports title: 阅读错误报告 - path: /source/code-style - title: 代ç æ ·å¼è§„则 + title: Java 代ç æ ·å¼è§„则 title: åšå‡ºè´¡çŒ® - path: /source/community title: 社区 @@ -113,59 +113,79 @@ upper_tabs: - path: /security/advisory/ title: 公告 - section: - - path: /security/bulletin/2017-04-01 - title: 4 月 - - path: /security/bulletin/2017-03-01 - title: 3 月 - - path: /security/bulletin/2017-02-01 - title: 2 月 - - path: /security/bulletin/2017-01-01 - title: 1 月 - - path: /security/bulletin/2017 - title: 索引 - title: 2017 年公告 - - section: - - path: /security/bulletin/2016-12-01 - title: 12 月 - - path: /security/bulletin/2016-11-01 - title: 11 月 - - path: /security/bulletin/2016-10-01 - title: 10 月 - - path: /security/bulletin/2016-09-01 - title: 9 月 - - path: /security/bulletin/2016-08-01 - title: 8 月 - - path: /security/bulletin/2016-07-01 - title: 7 月 - - path: /security/bulletin/2016-06-01 - title: 6 月 - - path: /security/bulletin/2016-05-01 - title: 5 月 - - path: /security/bulletin/2016-04-02 - title: 4 月 - - path: /security/bulletin/2016-03-01 - title: 3 月 - - path: /security/bulletin/2016-02-01 - title: 2 月 - - path: /security/bulletin/2016-01-01 - title: 1 月 - - path: /security/bulletin/2016 - title: 索引 - title: 2016 年公告 + - section: + - path: /security/bulletin/2017-10-01 + title: 10 月 + - path: /security/bulletin/2017-09-01 + title: 9 月 + - path: /security/bulletin/2017-08-01 + title: 8 月 + - path: /security/bulletin/2017-07-01 + title: 7 月 + - path: /security/bulletin/2017-06-01 + title: 6 月 + - path: /security/bulletin/2017-05-01 + title: 5 月 + - path: /security/bulletin/2017-04-01 + title: 4 月 + - path: /security/bulletin/2017-03-01 + title: 3 月 + - path: /security/bulletin/2017-02-01 + title: 2 月 + - path: /security/bulletin/2017-01-01 + title: 1 月 + - path: /security/bulletin/2017 + title: 索引 + title: 2017 年公告 + - section: + - path: /security/bulletin/2016-12-01 + title: 12 月 + - path: /security/bulletin/2016-11-01 + title: 11 月 + - path: /security/bulletin/2016-10-01 + title: 10 月 + - path: /security/bulletin/2016-09-01 + title: 9 月 + - path: /security/bulletin/2016-08-01 + title: 8 月 + - path: /security/bulletin/2016-07-01 + title: 7 月 + - path: /security/bulletin/2016-06-01 + title: 6 月 + - path: /security/bulletin/2016-05-01 + title: 5 月 + - path: /security/bulletin/2016-04-02 + title: 4 月 + - path: /security/bulletin/2016-03-01 + title: 3 月 + - path: /security/bulletin/2016-02-01 + title: 2 月 + - path: /security/bulletin/2016-01-01 + title: 1 月 + - path: /security/bulletin/2016 + title: 索引 + title: 2016 年公告 + - section: + - path: /security/bulletin/2015-12-01 + title: 12 月 + - path: /security/bulletin/2015-11-01 + title: 11 月 + - path: /security/bulletin/2015-10-01 + title: 10 月 + - path: /security/bulletin/2015-09-01 + title: 9 月 + - path: /security/bulletin/2015-08-01 + title: 8 月 + - path: /security/bulletin/2015 + title: 索引 + title: 2015 年公告 + title: Android 公告 - section: - - path: /security/bulletin/2015-12-01 - title: 12 月 - - path: /security/bulletin/2015-11-01 - title: 11 月 - - path: /security/bulletin/2015-10-01 - title: 10 月 - - path: /security/bulletin/2015-09-01 - title: 9 月 - - path: /security/bulletin/2015-08-01 - title: 8 月 - - path: /security/bulletin/2015 - title: 索引 - title: 2015 年公告 + - path: /security/bulletin/pixel/index + title: 概览 + - path: /security/bulletin/pixel/2017-10-01 + title: 2017 å¹´ 10 月 + title: Pixel/Nexus 公告 title: 公告 - section: - path: /security/apksigning/ @@ -186,8 +206,14 @@ upper_tabs: title: 概览 - path: /security/keystore/features title: 功能 + - path: /security/keystore/attestation + title: å¯†é’¥è®¤è¯ + - path: /security/keystore/version-binding + title: 版本绑定 + - path: /security/keystore/tags + title: 授æƒæ ‡è®° - path: /security/keystore/implementer-ref - title: é¢å‘实现人员的å‚考资料 + title: 功能 title: 密钥å˜å‚¨åŒº - section: - path: /security/trusty/ @@ -233,39 +259,137 @@ upper_tabs: - path: /devices/ title: 概览 - section: + - path: /devices/architecture/ + title: 概览 + - path: /devices/architecture/hal + title: 硬件抽象层 (HAL) + - path: /devices/architecture/hal-types + title: HAL 类型 + - path: /devices/architecture/treble + title: Treble - section: - - path: /devices/accessories/audio + - path: /devices/architecture/kernel/ title: 概览 - - section: - - path: /devices/accessories/headset/ - title: 概览 - - path: /devices/accessories/headset/plug-headset-spec - title: 3.5 æ¯«ç±³è€³æœºè§„æ ¼ - - path: /devices/accessories/headset/jack-headset-spec - title: 3.5 毫米æ’å”è§„æ ¼ - - path: /devices/accessories/headset/usb-headset-spec - title: USB è€³æœºè§„æ ¼ - - path: /devices/accessories/headset/expected-behavior - title: 预期行为 - - path: /devices/accessories/headset/testing - title: 测试 - title: 耳机 - title: 音频é…件 + - path: /devices/architecture/kernel/releases + title: 稳定版本和更新 + - path: /devices/architecture/kernel/modular-kernels + title: 模å—åŒ–å†…æ ¸è¦æ±‚ + - path: /devices/architecture/kernel/reqs-interfaces + title: 接å£è¦æ±‚ + - path: /devices/architecture/kernel/config + title: é…ç½® + - path: /devices/architecture/kernel/hardening + title: å†…æ ¸åŠ å›º + - path: /devices/architecture/kernel/squashfs + title: SquashFS + - path: /devices/architecture/kernel/lldb-debug + title: LLDB 调试 + - path: /devices/architecture/kernel/network_tests + title: 网络测试 + title: å†…æ ¸ - section: - - path: /devices/accessories/custom + - path: /devices/architecture/hidl/ title: 概览 - - section: - - path: /devices/accessories/protocol - title: 概览 - - path: /devices/accessories/aoa2 - title: AOA 2.0 - - path: /devices/accessories/aoa - title: AOA 1.0 - title: AOA - - path: /devices/accessories/stylus - title: 触控笔 - title: 自定义é…件 - title: é…件 + - path: /devices/architecture/hidl/interfaces + title: 接å£å’Œè½¯ä»¶åŒ… + - path: /devices/architecture/hidl/hashing + title: 接å£å“ˆå¸Œ + - path: /devices/architecture/hidl/services + title: æœåŠ¡å’Œæ•°æ®è½¬ç§» + - path: /devices/architecture/hidl/fmq + title: 快速消æ¯é˜Ÿåˆ— + - path: /devices/architecture/hidl/binder-ipc + title: 使用 Binder IPC + - path: /devices/architecture/hidl/network-stack + title: ç½‘ç»œå †æ ˆé…置工具 + - path: /devices/architecture/hidl/threading + title: 线程模型 + - path: /devices/architecture/hidl/converting + title: 转æ¢æ¨¡å— + - path: /devices/architecture/hidl/types + title: æ•°æ®ç±»åž‹ + - path: /devices/architecture/hidl/versioning + title: 版本控制 + - path: /devices/architecture/hidl/code-style + title: 代ç æ ·å¼æŒ‡å— + title: HIDL(一般信æ¯ï¼‰ + - section: + - path: /devices/architecture/hidl-cpp/ + title: 概览 + - path: /devices/architecture/hidl-cpp/packages + title: 软件包 + - path: /devices/architecture/hidl-cpp/interfaces + title: æŽ¥å£ + - path: /devices/architecture/hidl-cpp/types + title: æ•°æ®ç±»åž‹ + - path: /devices/architecture/hidl-cpp/functions + title: 功能 + title: HIDL (C++) + - section: + - path: /devices/architecture/hidl-java/ + title: 概览 + - path: /devices/architecture/hidl-java/types + title: æ•°æ®ç±»åž‹ + - path: /devices/architecture/hidl-java/interfaces + title: 接å£é”™è¯¯å’Œæ–¹æ³• + - path: /devices/architecture/hidl-java/constants + title: å¯¼å‡ºå¸¸é‡ + title: HIDL (Java) + - section: + - path: /devices/architecture/configstore/ + title: 概览 + - path: /devices/architecture/configstore/interface + title: 创建 HAL æŽ¥å£ + - path: /devices/architecture/configstore/service + title: 实现æœåŠ¡ + - path: /devices/architecture/configstore/client + title: 客户端使用情况 + - path: /devices/architecture/configstore/add-class-item + title: æ·»åŠ ç±»å’Œé¡¹ + title: ConfigStore HAL + - section: + - path: /devices/architecture/dto/ + title: 概览 + - path: /devices/architecture/dto/implement + title: 实现 DTO + - path: /devices/architecture/dto/syntax + title: DTO è¯æ³• + - path: /devices/architecture/dto/compile + title: ç¼–è¯‘å’ŒéªŒè¯ + - path: /devices/architecture/dto/multiple + title: 使用多个 DT + - path: /devices/architecture/dto/partitions + title: DTB/DTBO åˆ†åŒºæ ¼å¼ + - path: /devices/architecture/dto/optimize + title: 优化 DTO + title: è®¾å¤‡æ ‘å åŠ å±‚ + - section: + - path: /devices/architecture/vndk/ + title: 概览 + - path: /devices/architecture/vndk/extensions + title: VNDK 扩展 + - path: /devices/architecture/vndk/deftool + title: VNDK 定义工具 + - path: /devices/architecture/vndk/linker-namespace + title: 链接器命å空间 + - path: /devices/architecture/vndk/dir-rules-sepolicy + title: 目录ã€è§„则和 sepolicy + - path: /devices/architecture/vndk/renderscript + title: Renderscript + title: 供应商 NDK + - section: + - path: /devices/architecture/vintf/ + title: 概览 + - path: /devices/architecture/vintf/objects + title: VINTF å¯¹è±¡æ•°æ® + - path: /devices/architecture/vintf/comp-matrices + title: 兼容性矩阵 + - path: /devices/architecture/vintf/match-rules + title: 匹é…规则 + - path: /devices/architecture/vintf/resources + title: èµ„æº + title: 供应商接å£å¯¹è±¡ + title: 架构 - section: - path: /devices/audio/ title: 概览 @@ -324,9 +448,27 @@ upper_tabs: - path: /devices/audio/tv title: 电视音频 title: 音频 - - path: /devices/automotive + - section: + - path: /devices/automotive/ + title: 概览 + - path: /devices/automotive/properties + title: 车辆属性 + - path: /devices/automotive/camera-hal + title: 相机 HAL + - path: /devices/automotive/ivi_connectivity + title: IVI 连接 title: 汽车 - - path: /devices/bluetooth + - section: + - path: /devices/bluetooth + title: 概览 + - path: /devices/bluetooth/services + title: æœåŠ¡ + - path: /devices/bluetooth/ble_advertising + title: BLE 广告 + - path: /devices/bluetooth/verifying_debugging + title: 验è¯å’Œè°ƒè¯• + - path: /devices/bluetooth/hci_requirements + title: HCI è¦æ±‚ title: è“牙 - section: - path: /devices/camera/ @@ -364,6 +506,8 @@ upper_tabs: title: Surface å’Œ SurfaceHolder - path: /devices/graphics/arch-egl-opengl title: OpenGL ES + - path: /devices/graphics/renderer + title: OpenGLRenderer é…ç½® - path: /devices/graphics/arch-vulkan title: Vulkan - path: /devices/graphics/arch-sv-glsv @@ -405,7 +549,7 @@ upper_tabs: title: OpenGL ES 测试 title: 图形 - section: - - path: /devices/input/overview + - path: /devices/input/ title: 概览 - path: /devices/input/key-layout-files title: 按键布局文件 @@ -419,8 +563,6 @@ upper_tabs: title: 键盘设备 - path: /devices/input/touch-devices title: 触摸设备 - - path: /devices/input/diagnostics - title: è¯Šæ– - path: /devices/input/getevent title: Getevent - path: /devices/input/validate-keymaps @@ -436,6 +578,41 @@ upper_tabs: - path: /devices/media/oem title: OEM ä¾èµ–项 title: 媒体 + - path: /devices/accessories + section: + - section: + - path: /devices/accessories/audio + title: 概览 + - section: + - path: /devices/accessories/headset/ + title: 概览 + - path: /devices/accessories/headset/plug-headset-spec + title: 3.5 æ¯«ç±³è€³æœºè§„æ ¼ + - path: /devices/accessories/headset/jack-headset-spec + title: 3.5 毫米æ’å”è§„æ ¼ + - path: /devices/accessories/headset/usb-headset-spec + title: USB è€³æœºè§„æ ¼ + - path: /devices/accessories/headset/expected-behavior + title: 预期行为 + - path: /devices/accessories/headset/testing + title: 测试 + title: 耳机 + title: 音频é…件 + - section: + - path: /devices/accessories/custom + title: 概览 + - section: + - path: /devices/accessories/protocol + title: 概览 + - path: /devices/accessories/aoa2 + title: AOA 2.0 + - path: /devices/accessories/aoa + title: AOA 1.0 + title: AOA + - path: /devices/accessories/stylus + title: 触控笔 + title: 自定义é…件 + title: 外设 - section: - path: /devices/sensors/ title: 概览 @@ -469,14 +646,18 @@ upper_tabs: title: 设备é…ç½® - path: /devices/storage/config-example title: é…置示例 - title: å˜å‚¨è®¾å¤‡ + - path: /devices/storage/faster-stats + title: 更快获å–ç»Ÿè®¡ä¿¡æ¯ + title: å˜å‚¨ - section: - path: /devices/tv title: 概览 - path: /devices/tv/hdmi-cec title: HDMI-CEC 控制æœåŠ¡ - path: /devices/tv/reference-tv-app - title: å‚考电视应用 + title: å‚考 TV 应用 + - path: /devices/tv/customize-tv-app + title: 自定义 TV 应用 title: 电视 name: ç§»æ¤ name: ç§»æ¤ @@ -488,6 +669,8 @@ upper_tabs: - section: - path: /devices/tech/dalvik title: 概览 + - path: /devices/tech/dalvik/improvements + title: 改进 - path: /devices/tech/dalvik/dalvik-bytecode title: å—节ç æ ¼å¼ - path: /devices/tech/dalvik/dex-format @@ -506,26 +689,22 @@ upper_tabs: - section: - path: /devices/tech/config/ title: 概览 + - path: /devices/tech/config/ambient + title: 微光功能 - path: /devices/tech/config/carrier title: è¿è¥å•†å®šåˆ¶ - - path: /devices/tech/config/connect_tests - title: 网络连接测试 - path: /devices/tech/config/filesystem - title: 文件系统 - - path: /devices/tech/config/kernel - title: å†…æ ¸é…ç½® - - path: /devices/tech/config/kernel_network_tests - title: å†…æ ¸ç½‘ç»œæµ‹è¯• - - path: /devices/tech/config/low-ram - title: ä½Žå†…å˜ + title: 文件 DAC é…ç½® - path: /devices/tech/config/namespaces_libraries title: 库的命å空间 - - path: /devices/tech/config/renderer - title: OpenGLRenderer + - path: /devices/tech/config/perms-whitelist + title: 特许æƒé™ç™½åå• - path: /devices/tech/config/runtime_perms title: è¿è¡Œæ—¶æƒé™ - path: /devices/tech/config/uicc title: UICC + - path: /devices/tech/config/usb-hal + title: USB HAL - path: /devices/tech/config/voicemail title: å¯è§†åŒ–è¯éŸ³ä¿¡ç®± title: é…ç½® @@ -542,6 +721,10 @@ upper_tabs: title: æä¾›ç´§æ€¥å‘¼å« - path: /devices/tech/connect/felica title: FeliCa 的主机å¡æ¨¡æ‹Ÿ + - path: /devices/tech/connect/oob-users + title: 失去平衡的用户 + - path: /devices/tech/connect/connect_tests + title: 网络连接测试 - path: /devices/tech/connect/ril title: æ— çº¿ç•Œé¢å±‚ (RIL) title: 网络连接 @@ -568,16 +751,34 @@ upper_tabs: title: 概览 - path: /devices/tech/debug/native-crash title: 诊æ–原生代ç 崩溃问题 + - section: + - path: /devices/tech/debug/eval_perf + title: 概览 + - path: /devices/tech/debug/systrace + title: 了解 systrace + - path: /devices/tech/debug/ftrace + title: 使用 ftrace + - path: /devices/tech/debug/jank_capacity + title: 识别与负载能力相关的å¡é¡¿ + - path: /devices/tech/debug/jank_jitter + title: 识别与抖动相关的å¡é¡¿ + title: 评估性能 - path: /devices/tech/debug/asan title: AddressSanitizer - - path: /devices/tech/debug/dumpsys - title: Dumpsys + - path: /devices/tech/debug/sanitizers + title: LLVM 清ç†ç¨‹åº + - path: /devices/tech/debug/gdb + title: 使用 GDB - path: /devices/tech/debug/native-memory title: 本地内å˜ä½¿ç”¨æƒ…况 - - path: /devices/tech/debug/netstats - title: 网络使用情况 - - path: /devices/tech/debug/procstats - title: 内å˜ä½¿ç”¨æƒ…况 + - path: /devices/tech/debug/rescue-party + title: æ•‘æ´æ–¹ + - path: /devices/tech/debug/storaged + title: Storaged + - path: /devices/tech/debug/strace + title: Strace + - path: /devices/tech/debug/valgrind + title: Valgrind title: 调试 - section: - path: /devices/tech/admin/ @@ -602,6 +803,8 @@ upper_tabs: - section: - path: /devices/tech/display/ title: 概览 + - path: /devices/tech/display/adaptive-icons + title: è‡ªåŠ¨è°ƒèŠ‚å›¾æ ‡ - path: /devices/tech/display/app-shortcuts title: 应用快æ·æ–¹å¼ - path: /devices/tech/display/circular-icons @@ -614,11 +817,15 @@ upper_tabs: title: 多窗å£æ¨¡å¼ - path: /devices/tech/display/night-light title: å¤œé—´æ¨¡å¼ + - path: /devices/tech/display/pip + title: ç”»ä¸ç”» - path: /devices/tech/display/retail-mode title: é›¶å”®æ¼”ç¤ºæ¨¡å¼ - title: 显示设置 - - path: /reference/hal/ - title: HAL 文件å‚考 + - path: /devices/tech/display/split-screen + title: 分å±äº¤äº’ + - path: /devices/tech/display/widgets-shortcuts + title: 微件和快æ·æ–¹å¼ + title: 显示 - section: - path: /devices/tech/ota/ title: 概览 @@ -636,8 +843,22 @@ upper_tabs: title: ç¾å版本以供å‘布 - path: /devices/tech/ota/ab_updates title: A/B 系统更新 + - path: /devices/tech/ota/ab_implement + title: 实现 A/B æ›´æ–° title: OTA æ›´æ–° - section: + - path: /devices/tech/perf/ + title: 概览 + - path: /devices/tech/perf/boot-times + title: å¯åŠ¨æ—¶é—´ + - path: /devices/tech/perf/flash-wear + title: é—ªå˜ç£¨æŸç®¡ç† + - path: /devices/tech/perf/low-ram + title: ä½Žå†…å˜ + - path: /devices/tech/perf/task-snapshots + title: 任务快照 + title: 性能 + - section: - path: /devices/tech/power/ title: 概览 - path: /devices/tech/power/mgmt @@ -650,9 +871,19 @@ upper_tabs: title: è®¾å¤‡ç”µæº - path: /devices/tech/power/values title: 功率值 - - path: /devices/tech/power/batterystats - title: ç”µæ± ä½¿ç”¨æƒ…å†µ - title: ç”µæº + title: 功率 + - section: + - path: /devices/tech/settings/ + title: 概览 + - path: /devices/tech/settings/patterns-components + title: 模å¼å’Œç»„件 + - path: /devices/tech/settings/info-architecture + title: ä¿¡æ¯æž¶æž„ + - path: /devices/tech/settings/personalized + title: 个性化设置 + - path: /devices/tech/settings/universal-search + title: 通用æœç´¢ + title: 设置èœå• - section: - path: /devices/tech/test_infra/tradefed/ title: 概览 @@ -668,11 +899,23 @@ upper_tabs: title: é€‰é¡¹å¤„ç† - path: /devices/tech/test_infra/tradefed/full_example title: 端到端示例 - - path: /devices/tech/test_infra/tradefed/fundamentals/vts - title: 使用 VTS 进行系统测试 - path: /reference/tradefed/ title: 软件包索引 title: 测试基础架构 + - section: + - path: /devices/tech/vts/ + title: 概览 + - path: /devices/tech/test_infra/tradefed/fundamentals/vts + title: 使用 VTS 进行系统测试 + - path: /devices/tech/vts/setup + title: VTS ä¿¡æ¯ä¸å¿ƒè®¾ç½® + - path: /devices/tech/vts/database + title: VTS ä¿¡æ¯ä¸å¿ƒæ•°æ®åº“ + - path: /devices/tech/vts/ui + title: VTS ä¿¡æ¯ä¸å¿ƒç•Œé¢ + - path: /devices/tech/vts/performance + title: 性能测试 + title: 供应商测试套件 (VTS) name: 微调 name: 微调 - lower_tabs: @@ -702,13 +945,21 @@ upper_tabs: title: 概览 - path: /compatibility/cts/audio-framework title: 音频框架 - - path: /compatibility/cts/camera-hal - title: 相机 HAL 测试 - path: /compatibility/cts/near-ultrasound title: 近超声测试 - path: /compatibility/cts/rotation-vector title: 旋转矢é‡äº¤å‰æ£€éªŒ + - path: /compatibility/cts/usb-audio + title: USB 音频 CTS 测试 title: è¿è¡Œ CTS 验è¯ç¨‹åº + - section: + - path: /compatibility/cts/camera-hal + title: 相机 HAL 测试 + - path: /compatibility/cts/camera-its-box + title: 相机盒装 ITS + - path: /compatibility/cts/camera-its-box-assembly + title: 相机组装盒装 ITS + title: 相机测试 - path: /compatibility/cts/interpret title: 解读结果 - path: /compatibility/cts/development @@ -724,30 +975,12 @@ upper_tabs: other: - contents: - path: /reference/ - title: API å‚考 - - section: - - path: /reference/hal/ - title: 概览 - - path: /reference/hal/annotated - title: æ•°æ®ç»“æž„ - - path: /reference/hal/classes - title: æ•°æ®ç»“构索引 - - path: /reference/hal/functions - title: æ•°æ®å—段 - - path: /reference/hal/files - title: 文件列表 - - path: /reference/hal/globals - title: 全局类型 - - path: /reference/hal/deprecated - title: 已弃用 - style: accordion - title: 硬件抽象层 - - section: - - path: /reference/tradefed/classes - title: 类索引 - - path: /reference/tradefed/packages - title: 软件包索引 - style: accordion + title: å‚考 + - path: /reference/hidl/ + title: HIDL + - path: /reference/hal/ + title: 硬件抽象层(旧版) + - path: /reference/tradefed/ title: Trade Federation name: å‚考 name: å‚考 diff --git a/zh-cn/_index.yaml b/zh-cn/_index.yaml index 024d1e9e..1d02db82 100644 --- a/zh-cn/_index.yaml +++ b/zh-cn/_index.yaml @@ -7,63 +7,73 @@ landing_page: path: /source/downloading rows: - items: - - heading: Android 7.1 æ›´æ–°ï¼ + - heading: 8.0 接å£å’Œæž¶æž„ description: > - 移æ¤åˆ°æœ€æ–°çš„ Android å¹³å°ï¼Œæ‰“é€ æ·±å—用户é’ç的设备。<style>.devsite-feedback-button { + 使用简å•çš„ HIDL 接å£ç§»æ¤åˆ°æœ€æ–°çš„ Android å¹³å°ï¼Œæ‰“é€ æ·±å—用户é’ç的设备。<style>.devsite-feedback-button + { display: none; } + /* blank bg color for landing images in first row */ + + .devsite-landing-row:first-of-type .devsite-landing-row-item-image { + background: none; + } + </style> buttons: - - label: ç«‹å³æ›´æ–° - path: /devices/ + - label: 了解 Treble + path: /devices/architecture/treble image_path: /images/landing_icon-porting.png - heading: ä¿éšœ Android 安全至关é‡è¦ description: > 了解 Android 安全计划的è¿ä½œæ–¹å¼ï¼Œå¹¶äº†è§£å¦‚何实现最新功能。 image_path: /images/landing_icon-security.png buttons: - - label: 了解详情 + - label: 实现安全 path: /security/ - heading: ç¡®ä¿å…¼å®¹æ€§ï¼Œæ”¯æŒå„类应用 - description: >- + description: > æ供与其他 Android 设备一致的体验,并能安装更多应用。 image_path: /images/landing_icon-compatibility.png buttons: - label: 测试设备 path: /compatibility/ - - classname: devsite-landing-row-large-headings devsite-landing-row-no-image-background tf-about-row devsite-landing-row-75 + - classname: devsite-landing-row-large-headings devsite-landing-row-no-image-background + tf-about-row devsite-landing-row-75 background: grey items: - heading: Android 开放æºä»£ç 项目简介 description: | - Android 是一个支æŒå¤šç§ç§»åŠ¨è®¾å¤‡çš„开放æºä»£ç è½¯ä»¶å †æ ˆä»¥åŠå¯¹åº”çš„ç”± Google 领导的开放æºä»£ç 项目。æ¤ç½‘站和 Android 开放æºä»£ç 项目 (AOSP) 代ç 库å¯ä¸ºæ‚¨æ供所需信æ¯å’Œæºä»£ç ,供您创建定制的 Android å †æ ˆç‰ˆæœ¬ï¼Œå°†è®¾å¤‡å’Œé…件移æ¤åˆ° Android å¹³å°ï¼ŒåŒæ—¶ç¡®ä¿æ‚¨çš„设备符åˆå…¼å®¹æ€§è¦æ±‚。 + Android 是一个支æŒå¤šç§ç§»åŠ¨è®¾å¤‡çš„å¼€æºè½¯ä»¶å †æ ˆä»¥åŠå¯¹åº”çš„ç”± Google 领导的开æºé¡¹ç›®ã€‚æ¤ç½‘站和 Android 开放æºä»£ç 项目 (AOSP) 代ç 库å¯ä¸ºæ‚¨æ供所需信æ¯å’Œæºä»£ç ,供您创建定制的 Android å †æ ˆç‰ˆæœ¬ï¼Œå°†è®¾å¤‡å’Œé…件移æ¤åˆ° Android å¹³å°ï¼ŒåŒæ—¶ç¡®ä¿æ‚¨çš„设备符åˆå…¼å®¹æ€§è¦æ±‚。<br /><br /> - æ¤å¤–ï¼Œæˆ‘ä»¬è¿˜å¸Œæœ›ç¡®ä¿ Android ä¸ä¸å˜åœ¨ä¸€ä¸ªé›†ä¸ç“¶é¢ˆï¼ˆæ„å³æ²¡æœ‰ä»»ä½•è¡Œä¸šå‚与者å¯ä¸€æ‰‹é™åˆ¶æˆ–控制其他å‚ä¸Žè€…çš„åˆ›æ–°ï¼‰ã€‚è¿™æ ·ï¼Œæˆ‘ä»¬å°±å¯ä»¥é’ˆå¯¹æ¶ˆè´¹ç±»å•†å“æ‰“é€ ä¸€ä¸ªå®Œæ•´çš„é«˜å“è´¨æ“作系统,并支æŒå¯¹æºä»£ç 进行定制和移æ¤ã€‚ + æ¤å¤–ï¼Œæˆ‘ä»¬è¿˜å¸Œæœ›ç¡®ä¿ Android å¹³å°ä¸å˜åœ¨ä¸€ä¸ªé›†ä¸ç“¶é¢ˆï¼ˆæ„å³æ²¡æœ‰ä»»ä½•è¡Œä¸šå‚与者å¯ä¸€æ‰‹é™åˆ¶æˆ–控制其他å‚ä¸Žè€…çš„åˆ›æ–°ï¼‰ã€‚è¿™æ ·ï¼Œæˆ‘ä»¬å°±å¯ä»¥é’ˆå¯¹æ¶ˆè´¹ç±»å•†å“æ‰“é€ ä¸€ä¸ªå®Œæ•´çš„é«˜å“è´¨æ“作系统,并支æŒå¯¹æºä»£ç 进行定制和移æ¤ã€‚<br /><br /> + + 作为 AOSP 文档网站,我们希望您能助我们一臂之力。éšç€ç”Ÿæ€ç³»ç»Ÿä¸æ–å˜åŒ–,我们需è¦æ‚¨çš„帮助æ¥ä¿æŒæœ€æ–°çŠ¶æ€ã€‚您å¯ä»¥æŒ‰ç…§æˆ‘们的 <a href="https://android.googlesource.com/platform/docs/source.android.com/+/master/README.txt">README</a> ä¸çš„说明直接对æºæ–‡ä»¶è¿›è¡Œä¿®å¤ï¼Œä¹Ÿå¯ä»¥ä½¿ç”¨ä»»æ„页é¢åº•éƒ¨çš„<a href="https://issuetracker.google.com/issues/new?component=191476">网站å馈</a>链接æ¥æŠ¥å‘Šé”™è¯¯ä»¥åŠæ供改进建议。如需详细了解所有更新,请å‚阅网站的<a href="https://android.googlesource.com/platform/docs/source.android.com/+log/master?pretty=full&no-merges">更改日志</a>。 image_path: /images/android_stack.png - heading: æ–°é—» items: - - heading: 网站改头æ¢é¢ + - heading: ä¸å›½ç½‘站已推出 description: > - 本网站全新改版,å¯è®©æ‚¨æ›´è½»æ¾åœ°æµè§ˆã€æœç´¢å’Œé˜…读日益增多的信æ¯ã€‚您还å¯ä»¥çœ‹çœ‹æ–°çš„æ ‡ç¾ã€é¡µè„šå’Œå‚考资料ç‰ã€‚ + 该网站已在ä¸å›½å‘布,网å€ä¸ºï¼šsource.android.google.cn。æ¤å¤–,所有éžå‚考资料也都已翻译为简体ä¸æ–‡ï¼Œæ–¹ä¾¿ç›¸åº”用户使用。 buttons: - - label: 2017 å¹´ 4 月 - path: /source/site-updates - - heading: 年度安全回顾 + - label: 2017 å¹´ 9 月 14 æ—¥ + path: https://source.android.google.cn/ + - heading: 9 月安全公告 description: > - Android 安全团队已å‘布其 2016 年年度回顾报告。这份内容全é¢çš„报告介ç»äº† Android å’Œ Google 为ä¿éšœç”¨æˆ·å®‰å…¨æ‰€é‡‡å–的措施。 + 2017 å¹´ 9 月的 Android 安全公告已ç»å‘布,一åŒå‘布的还有相关修æ£ç¨‹åºçš„链接以åŠç”¨äºŽ 9 月 Android 安全更新补ä¸çš„新版本å·ã€‚ buttons: - - label: 2017 å¹´ 3 月 21 æ—¥ - path: http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf - - heading: 3 月 Android 安全公告 + - label: 2017 å¹´ 9 月 13 æ—¥ + path: /security/bulletin/2017-09-01 + - heading: è“牙文档套件 description: > - 2017 å¹´ 3 月的 Android 安全公告已ç»å‘布,一åŒå‘布的还有相关修æ£ç¨‹åºçš„链接以åŠç”¨äºŽ 3 月 Android 安全更新补ä¸çš„新版本å·ã€‚ + è“ç‰™æ–‡æ¡£æ‰©å……äº†ä¸°å¯Œçš„å†…å®¹ï¼Œæ·»åŠ äº†å¯¹å„ç§æœåŠ¡ã€ä½ŽåŠŸè€—广告以åŠè°ƒè¯•ç‰å†…容的说明。 buttons: - - label: 2017 å¹´ 3 月 7 æ—¥ - path: /security/bulletin/2017-03-01 + - label: 2017 å¹´ 8 月 29 æ—¥ + path: /devices/bluetooth/ - classname: devsite-landing-row-100 tf-row-centered items: - buttons: - classname: button button-primary label: æ›´å¤šåŠ¨æ€ - path: https://android.googlesource.com/platform/docs/source.android.com/+log/master?no-merges + path: /source/site-updates diff --git a/zh-cn/compatibility/cts/development.html b/zh-cn/compatibility/cts/development.html index 2a412c3b..9f054292 100644 --- a/zh-cn/compatibility/cts/development.html +++ b/zh-cn/compatibility/cts/development.html @@ -22,12 +22,12 @@ <h2 id="initializing-your-repo-client">åˆå§‹åŒ–您的 Repo 客户端</h2> <p>在å‘出 <code>repo -init</code> 命令时,请按照相关<a href="/source/downloading.html">说明</a>进行æ“作以获å–并构建 Android æºä»£ç ,但应指定一个特定的 CTS 分支å称,例如 <code>-b android-5.0_r2</code>。这å¯ç¡®ä¿æ‚¨çš„ CTS 更改将包å«åœ¨ä¸‹ä¸€ä¸ªåŠåŽç» CTS 版本ä¸ã€‚</p> +init</code> 命令时,请按照<a href="/source/downloading.html">相关说明</a>进行æ“作以获å–并编译 Android æºä»£ç ,但应指定一个特定的 CTS 分支å称,例如 <code>-b android-5.0_r2</code>。这å¯ç¡®ä¿æ‚¨çš„ CTS 更改将包å«åœ¨ä¸‹ä¸€ä¸ªåŠåŽç» CTS 版本ä¸ã€‚</p> <h2 id="building-and-running-cts">构建和è¿è¡Œ CTS</h2> <p>执行以下命令以构建 CTS 并å¯åŠ¨äº¤äº’å¼ CTS 控制å°ï¼š</p> -<p class="note"><strong>注æ„</strong>:您å¯ä»¥ä¸º <code>TARGET_PRODUCT</code> æ供以下其他值之一,以针对ä¸åŒçš„架构进行构建:<code>aosp_x86_64</code> 或 <code>aosp_mips</code></p> +<p class="note"><strong>注æ„</strong>:您å¯ä»¥ä¸º <code>TARGET_PRODUCT</code> æ供以下其他值之一,以针对ä¸åŒçš„架构进行编译:<code>aosp_x86_64</code> 或 <code>aosp_mips</code></p> <pre class="devsite-click-to-copy"> <code class="devsite-terminal">cd <em>/path/to/android/root</em></code> <code class="devsite-terminal">make cts -j32 TARGET_PRODUCT=aosp_arm64</code> @@ -55,7 +55,8 @@ tf> run cts --plan CTS <p>大多数 CTS 测试用例都针对 Android API ä¸çš„特定类。这些测试具有以 <code>cts</code> 为åŽç¼€çš„ Java 软件包å称和以 <code>Test</code> 为åŽç¼€çš„ç±»å称。æ¯ä¸ªæµ‹è¯•ç”¨ä¾‹åŒ…å«å¤šä¸ªæµ‹è¯•ï¼Œå…¶ä¸æ¯ä¸ªæµ‹è¯•é€šå¸¸ä¼šå¯¹æ‰€æµ‹è¯•çš„类采用特定方法。这些测试被安排在一个目录结构ä¸ä¸”分为ä¸åŒçš„类别,例如“微件â€å’Œâ€œè§†å›¾â€ã€‚</p> -<p>例如,用于 Java 软件包 <code>android.widget.TextView</code> çš„ CTS 测试为 <code>android.widget.cts.TextViewTest</code>,其 Java 软件包å称为 <code>android.widget.cts</code>,类å称为 <code>TextViewTest</code>。</p> +<p> +例如,用于 Java 软件包 <code>android.widget.TextView</code> çš„ CTS 测试为 <code>android.widget.cts.TextViewTest</code>,其 Java 软件包å称为 <code>android.widget.cts</code>,类å称为 <code>TextViewTest</code>。</p> <ul> <li><strong>Java 软件包å称</strong><br />CTS 测试的 Java 软件包å称是所测试的类的软件包å称,åŽè·Ÿâ€œ.ctsâ€ã€‚对于我们的示例æ¥è¯´ï¼Œè½¯ä»¶åŒ…å称为 <code>android.widget.cts</code>。 @@ -112,7 +113,9 @@ cts/ <p>如果您使用的是 CTS v1,请å‚阅 <code>cts/tests/tests/example</code> 下的示例并创建一个新目录。å¦å¤–,请确ä¿ä»Žå…¶ <code>Android.mk</code> ä¸å°†æ–°è½¯ä»¶åŒ…的模å—åç§°æ·»åŠ åˆ° <code>cts/CtsTestCaseList.mk</code> ä¸çš„ <code>CTS_COVERAGE_TEST_CASE_LIST</code>。该 Makefile ç”± <code>build/core/tasks/cts.mk</code> 用æ¥å°†æ‰€æœ‰æµ‹è¯•ç»„åˆåœ¨ä¸€èµ·ä»¥åˆ›å»ºæœ€ç»ˆ CTS 软件包。</p> <h4 id="cts-v2">CTS v2</h4> -<p>按照下列æ¥éª¤ï¼Œä½¿ç”¨ç¤ºä¾‹æµ‹è¯• <code><a href="https://android.googlesource.com/platform/cts/+/master/tests/sample/">/cts/tests/sample/</a></code> 快速å¯åŠ¨æ–°çš„测试模å—:</p> +<p> +按照下列æ¥éª¤ï¼Œä½¿ç”¨ç¤ºä¾‹æµ‹è¯• <code><a href="https://android.googlesource.com/platform/cts/+/master/tests/sample/">/cts/tests/sample/</a></code> 快速å¯åŠ¨æ–°çš„测试模å—: +</p> <ol> <li>è¿è¡Œä»¥ä¸‹å‘½ä»¤æ¥åˆ›å»ºæµ‹è¯•ç›®å½•å¹¶å°†ç¤ºä¾‹æ–‡ä»¶å¤åˆ¶åˆ°è¯¥ç›®å½•ï¼š<pre class="devsite-terminal devsite-click-to-copy">mkdir cts/tests/<i>module-name</i> && cp -r cts/tests/sample/* cts/tests/<i>module-name</i></pre> @@ -183,6 +186,16 @@ include $(call all-makefiles-under,$(LOCAL_PATH)) </tbody><tbody> <tr> + <td>8.0</td> + <td>oreo-cts-dev</td> + <td>æ¯æœˆ</td> + </tr> +<tr> + <td>7.1</td> + <td>nougat-mr1-cts-dev</td> + <td>æ¯æœˆ</td> + </tr> +<tr> <td>7.0</td> <td>nougat-cts-dev</td> <td>æ¯æœˆ</td> @@ -229,9 +242,10 @@ include $(call all-makefiles-under,$(LOCAL_PATH)) <h3 id="auto-merge">自动åˆå¹¶æµç¨‹</h3> -<p>CTS å¼€å‘åˆ†æ”¯å·²è®¾ç½®ï¼Œå› æ¤æ交到æ¯ä¸ªåˆ†æ”¯çš„更改将自动åˆå¹¶ï¼Œå¦‚下所示:<br />jb-dev-> jb-mr1.1-cts-dev -> jb-mr2-cts-dev -> kitkat-cts-dev -> +<p>CTS å¼€å‘åˆ†æ”¯å·²è®¾ç½®ï¼Œå› æ¤æ交到æ¯ä¸ªåˆ†æ”¯çš„更改将自动åˆå¹¶ï¼Œå¦‚下所示:<br /> +jb-dev-> jb-mr1.1-cts-dev -> jb-mr2-cts-dev -> kitkat-cts-dev -> lollipop-cts-dev -> lollipop-mr1-cts-dev -> marshmallow-cts-dev -> -nougat-cts-dev -> <private-development-branch for Android N MR1></p> +nougat-cts-dev -> nougat-mr1-cts-dev -> oreo-cts-dev -> <private-development-branch for Android O MR1></p> <p>如果å˜æ›´åˆ—表 (CL) 未能æ£ç¡®åˆå¹¶ï¼ŒCL 的作者将收到一å°ç”µå邮件,其ä¸åŒ…å«æœ‰å…³å¦‚何解决冲çªçš„说明。在大多数情况下,CL 作者å¯ä»¥é€šè¿‡è¿™äº›è¯´æ˜Žæ¥è·³è¿‡å˜åœ¨å†²çªçš„ CL 的自动åˆå¹¶æµç¨‹ã€‚</p> diff --git a/zh-cn/compatibility/cts/downloads.html b/zh-cn/compatibility/cts/downloads.html index 96a4e954..14c497fd 100644 --- a/zh-cn/compatibility/cts/downloads.html +++ b/zh-cn/compatibility/cts/downloads.html @@ -24,52 +24,72 @@ <h2 id="android-80">Android 8.0</h2> <p>Android 8.0 是代å·ä¸º Oreo çš„å¼€å‘里程碑版本。 -以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-8.0_r1â€æ ‡è®°åŒæ¥ã€‚</p> +以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-8.0_r3â€æ ‡è®°åŒæ¥ã€‚</p> <ul> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-8.0_r1-linux_x86-arm.zip">Android 8.0 R1 兼容性测试套件 (CTS) - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-8.0_r1-linux_x86-x86.zip">Android 8.0 R1 兼容性测试套件 (CTS) - x86</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r1-linux_x86-arm.zip">Android 8.0 R1 CTS 验è¯ç¨‹åº - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r1-linux_x86-x86.zip">Android 8.0 R1 CTS 验è¯ç¨‹åº - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-8.0_r3-linux_x86-arm.zip">Android +8.0 R3 兼容性测试套件 (CTS) - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-8.0_r3-linux_x86-x86.zip">Android +8.0 R3 兼容性测试套件 (CTS) - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r3-linux_x86-arm.zip">Android +8.0 R3 CTS 验è¯ç¨‹åº - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r3-linux_x86-x86.zip">Android +8.0 R3 CTS 验è¯ç¨‹åº - x86</a></li> </ul> <h2 id="android-71">Android 7.1</h2> <p>Android 7.1 是代å·ä¸º Nougat-MR1 çš„å¼€å‘里程碑版本。 -以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-7.1_r10â€æ ‡è®°åŒæ¥ã€‚</p> +以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-7.1_r11â€æ ‡è®°åŒæ¥ã€‚</p> <ul> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.1_r10-linux_x86-arm.zip">Android 7.1 R10 兼容性测试套件 (CTS) - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.1_r10-linux_x86-x86.zip">Android 7.1 R10 兼容性测试套件 (CTS) - x86</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r10-linux_x86-arm.zip">Android 7.1 R10 CTS 验è¯ç¨‹åº - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r10-linux_x86-x86.zip">Android 7.1 R10 CTS 验è¯ç¨‹åº - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.1_r11-linux_x86-arm.zip">Android +7.1 R11 兼容性测试套件 (CTS) - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.1_r11-linux_x86-x86.zip">Android +7.1 R11 兼容性测试套件 (CTS) - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r11-linux_x86-arm.zip">Android +7.1 R11 CTS 验è¯ç¨‹åº - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r11-linux_x86-x86.zip">Android +7.1 R11 CTS 验è¯ç¨‹åº - x86</a></li> </ul> <h2 id="android-70">Android 7.0</h2> <p>Android 7.0 是代å·ä¸º Nougat çš„å¼€å‘里程碑版本。 -以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-7.0_r14â€æ ‡è®°åŒæ¥ã€‚</p> +以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-7.0_r15â€æ ‡è®°åŒæ¥ã€‚</p> <ul> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.0_r14-linux_x86-arm.zip">Android 7.0 R14 兼容性测试套件 (CTS) - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.0_r14-linux_x86-x86.zip">Android 7.0 R14 兼容性测试套件 (CTS) - x86</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r14-linux_x86-arm.zip">Android 7.0 R14 CTS 验è¯ç¨‹åº - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r14-linux_x86-x86.zip">Android 7.0 R14 CTS 验è¯ç¨‹åº - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.0_r15-linux_x86-arm.zip">Android +7.0 R15 兼容性测试套件 (CTS) - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-7.0_r15-linux_x86-x86.zip">Android +7.0 R15 兼容性测试套件 (CTS) - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r15-linux_x86-arm.zip">Android +7.0 R15 CTS 验è¯ç¨‹åº - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r15-linux_x86-x86.zip">Android +7.0 R15 CTS 验è¯ç¨‹åº - x86</a></li> </ul> <h2 id="android-60">Android 6.0</h2> <p>Android 6.0 是代å·ä¸º Marshmallow çš„å¼€å‘里程碑版本。 -以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-6.0_r23â€æ ‡è®°åŒæ¥ã€‚</p> +以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-6.0_r24â€æ ‡è®°åŒæ¥ã€‚</p> <ul> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-6.0_r23-linux_x86-arm.zip">Android 6.0 R23 兼容性测试套件 (CTS) - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-6.0_r23-linux_x86-x86.zip">Android 6.0 R23 兼容性测试套件 (CTS) - x86</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r23-linux_x86-arm.zip">Android 6.0 R23 CTS 验è¯ç¨‹åº - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r23-linux_x86-x86.zip">Android 6.0 R23 CTS 验è¯ç¨‹åº - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-6.0_r24-linux_x86-arm.zip">Android +6.0 R24 兼容性测试套件 (CTS) - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-6.0_r24-linux_x86-x86.zip">Android +6.0 R24 兼容性测试套件 (CTS) - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r24-linux_x86-arm.zip">Android +6.0 R24 CTS 验è¯ç¨‹åº - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r24-linux_x86-x86.zip">Android +6.0 R24 CTS 验è¯ç¨‹åº - x86</a></li> </ul> <h2 id="android-51">Android 5.1</h2> <p>Android 5.1 是代å·ä¸º Lollipop-MR1 çš„å¼€å‘里程碑版本。 -以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-5.1_r24â€æ ‡è®°åŒæ¥ã€‚</p> -<ul> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-5.1_r24-linux_x86-arm.zip">Android 5.1 R24 兼容性测试套件 (CTS) - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-5.1_r24-linux_x86-x86.zip">Android 5.1 R24 兼容性测试套件 (CTS) - x86</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r24-linux_x86-arm.zip">Android 5.1 R24 CTS 验è¯ç¨‹åº - ARM</a></li> -<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r24-linux_x86-x86.zip">Android 5.1 R24 CTS 验è¯ç¨‹åº - x86</a></li> +以下测试的æºä»£ç å¯ä»¥ä¸Žå¼€æ”¾æºä»£ç æ ‘ä¸çš„“android-cts-5.1_r25â€æ ‡è®°åŒæ¥ã€‚</p> +<ul> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-5.1_r25-linux_x86-arm.zip">Android +5.1 R25 兼容性测试套件 (CTS) - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-5.1_r25-linux_x86-x86.zip">Android +5.1 R25 兼容性测试套件 (CTS) - x86</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r25-linux_x86-arm.zip">Android +5.1 R25 CTS 验è¯ç¨‹åº - ARM</a></li> +<li><a href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r25-linux_x86-x86.zip">Android +5.1 R25 CTS 验è¯ç¨‹åº - x86</a></li> </ul> <h2 id="android-50">Android 5.0</h2> diff --git a/zh-cn/compatibility/cts/interpret.html b/zh-cn/compatibility/cts/interpret.html index 9c2fd3c3..f024a5a1 100644 --- a/zh-cn/compatibility/cts/interpret.html +++ b/zh-cn/compatibility/cts/interpret.html @@ -29,7 +29,7 @@ $CTS_ROOT/android-cts/repository/results/<start_time>.zip <p>在 zip 压缩包ä¸ï¼ŒtestResult.xml 文件会包å«å®žé™…的结果。在任何网络æµè§ˆå™¨ï¼ˆæŽ¨è使用与 HTML 5 技术兼容的æµè§ˆå™¨ï¼‰ä¸æ‰“å¼€æ¤æ–‡ä»¶ï¼Œå³å¯æŸ¥çœ‹æµ‹è¯•ç»“果。</p> -<p>使用 Chrome æµè§ˆå™¨æ—¶ï¼Œå¦‚æžœ testResult.xml 显示空白页é¢ï¼Œè¯·<a href="https://www.chromium.org/developers/how-tos/run-chromium-with-flags">更改æµè§ˆå™¨é…ç½®</a>以å¯ç”¨ --allow-file-access-from-files å‘½ä»¤è¡Œæ ‡è®°ã€‚<em></em></p> +<p>使用 Chrome æµè§ˆå™¨æ—¶ï¼Œå¦‚æžœ testResult.xml 显示空白页é¢ï¼Œè¯·<a href="https://www.chromium.org/developers/how-tos/run-chromium-with-flags">更改æµè§ˆå™¨é…ç½®</a>以å¯ç”¨ <em>--allow-file-access-from-files</em> å‘½ä»¤è¡Œæ ‡è®°ã€‚</p> <h3 id="reading-the-test-results">阅读测试结果</h3> diff --git a/zh-cn/compatibility/cts/run.html b/zh-cn/compatibility/cts/run.html index 053047d8..19f4bae3 100644 --- a/zh-cn/compatibility/cts/run.html +++ b/zh-cn/compatibility/cts/run.html @@ -28,7 +28,7 @@ <li>至少连接一个设备。 </li><li>在开始è¿è¡Œ CTS 时,按<strong>主å±å¹•</strong>按钮将设备设置为显示主å±å¹•ã€‚</li><li>当设备在è¿è¡Œæµ‹è¯•æ—¶ï¼Œå®ƒä¸èƒ½ç”¨äºŽæ‰§è¡Œä»»ä½•å…¶ä»–任务,并且必须ä¿æŒé™æ¢çŠ¶æ€ï¼ˆä»¥å…触å‘ä¼ æ„Ÿå™¨æ´»åŠ¨ï¼‰ï¼ŒåŒæ—¶è¦è®©ç›¸æœºæŒ‡å‘æŸä¸ªå¯ä»¥èšç„¦çš„对象。 </li><li>在è¿è¡Œ CTS 时,ä¸è¦æŒ‰è®¾å¤‡ä¸Šçš„任何键。按测试设备上的键或触摸其å±å¹•ä¼šå¹²æ‰°æ£åœ¨è¿è¡Œçš„测试,并且å¯èƒ½å¯¼è‡´æµ‹è¯•å¤±è´¥ã€‚ - </li><li><em></em>通过è¿è¡Œè§£åŽ‹ç¼© CTS 包所得的文件夹ä¸çš„ cts-tradefed 脚本(例如 <code>$ ./android-cts/tools/cts-tradefed</code>)æ¥å¯åŠ¨ CTS 控制å°ã€‚ + </li><li>通过è¿è¡Œè§£åŽ‹ç¼© CTS 包所得的文件夹ä¸çš„ cts-tradefed 脚本(例如 <code>$ ./android-cts/tools/cts-tradefed</code>)æ¥å¯åŠ¨ CTS 控制å°ã€‚<em></em> </li><li>é€šè¿‡é™„åŠ ä»¥ä¸‹å‘½ä»¤å¯åŠ¨é»˜è®¤æµ‹è¯•è®¡åˆ’(包å«æ‰€æœ‰æµ‹è¯•åŒ…):<code>run cts --plan CTS</code>。这将å¯åŠ¨æµ‹è¯•å…¼å®¹æ€§æ‰€éœ€çš„所有 CTS 测试。 <ul> diff --git a/zh-cn/compatibility/cts/setup.html b/zh-cn/compatibility/cts/setup.html index 2150eee8..257ee3e7 100644 --- a/zh-cn/compatibility/cts/setup.html +++ b/zh-cn/compatibility/cts/setup.html @@ -135,7 +135,7 @@ ro.product.first_api_level=21 <p class="warning"><strong>è¦å‘Šï¼š</strong>这将清空设备ä¸çš„所有用户数æ®ã€‚</p> </li><li>将设备的è¯è¨€è®¾ç½®ä¸ºè‹±è¯ï¼ˆ<strong>美国</strong>):<strong>设置 > è¯è¨€å’Œè¾“入法 > è¯è¨€</strong> </li><li>如果设备上具有 GPS 或 WLAN/移动网络功能,则打开ä½ç½®ä¿¡æ¯è®¾ç½®ï¼š<strong>设置 > ä½ç½®ä¿¡æ¯ > å¼€å¯</strong> - </li><li>连接到满足以下è¦æ±‚çš„ WLAN ç½‘ç»œï¼šæ”¯æŒ IPv6,å¯ä»¥å°†è¢«æµ‹è®¾å¤‡ (DUT) 视为隔离的客户端<em></em>(请å‚阅上文的<a href="#physical_environment">物ç†çŽ¯å¢ƒ</a>部分),并å¯ä»¥è¿žæŽ¥åˆ°äº’è”网:<strong>设置 > WLAN</strong> + </li><li>连接到满足以下è¦æ±‚çš„ WLAN ç½‘ç»œï¼šæ”¯æŒ IPv6,å¯ä»¥å°†è¢«æµ‹è®¾å¤‡ (DUT) 视为隔离的客户端(请å‚阅上文的<a href="#physical_environment">物ç†çŽ¯å¢ƒ</a>部分),并å¯ä»¥è¿žæŽ¥åˆ°äº’è”网:<strong>设置 > WLAN</strong><em></em> </li><li>ç¡®ä¿è®¾å¤‡ä¸Šæœªè®¾ç½®é”定图案或密ç :<strong>设置 > 安全 > å±å¹•é”定 > æ— </strong> </li><li>在设备上å¯ç”¨ <strong>USB 调试</strong>:<strong>设置 > å¼€å‘者选项 > USB 调试</strong>。 <p class="note"><strong>注æ„:</strong>在 Android 4.2 åŠæ›´é«˜ç‰ˆæœ¬ä¸ï¼Œé»˜è®¤æƒ…况下会éšè—<strong>å¼€å‘者选项</strong>。è¦æ˜¾ç¤ºè¿™äº›é€‰é¡¹ï¼Œè¯·ä¾æ¬¡è½¬åˆ°<strong>设置 > 关于手机</strong>,然åŽç‚¹æŒ‰<strong>版本å·</strong>七次。返回上一å±å¹•ä»¥æŸ¥æ‰¾<strong>å¼€å‘者选项</strong>。è¦æŸ¥çœ‹å…¶ä»–详细信æ¯ï¼Œè¯·å‚阅<a href="http://developer.android.com/studio/run/device.html#developer-device-options">å¯ç”¨è®¾å¤‡ä¸Šçš„å¼€å‘者选项</a>。</p> diff --git a/zh-cn/compatibility/cts/verifier.html b/zh-cn/compatibility/cts/verifier.html index 8f84eede..7cf1c079 100644 --- a/zh-cn/compatibility/cts/verifier.html +++ b/zh-cn/compatibility/cts/verifier.html @@ -179,7 +179,7 @@ adb pull /mnt/sdcard/ctsVerifierReports/ </li> </ul> </li> -<li>è¦æ¸…除通过/失败结果,请在 CTS 验è¯ç¨‹åºåº”用ä¸é€‰æ‹©è¿™äº›ç»“果,然åŽä¾æ¬¡é€‰æ‹©â€œèœå•â€>“清除â€ã€‚<em></em></li> +<li>è¦æ¸…除通过/失败结果,请在 CTS 验è¯ç¨‹åºåº”用ä¸é€‰æ‹©è¿™äº›ç»“果,然åŽä¾æ¬¡é€‰æ‹©<em>“èœå•â€>“清除â€</em>。</li> </ol> </body></html>
\ No newline at end of file diff --git a/zh-cn/compatibility/index.html b/zh-cn/compatibility/index.html index 1263644f..12d7a543 100644 --- a/zh-cn/compatibility/index.html +++ b/zh-cn/compatibility/index.html @@ -48,9 +48,9 @@ <h2 id="android-compatibility-is-free-and-its-easy">Android 兼容性计划是å…费的,而且申请æ¥éª¤å¾ˆç®€å•</h2> <p>è¦æ‰“é€ ä¸Ž Android 兼容的移动设备,请éµå¾ªä»¥ä¸‹ä¸‰ä¸ªæ¥éª¤è¿›è¡Œæ“作:</p> <ol> -<li><em></em>èŽ·å– <a href="/source/index.html">Android 软件æºä»£ç </a>。这是è¦ç§»æ¤åˆ°æ‚¨çš„硬件的 Android å¹³å°æºä»£ç 。</li> -<li><em></em>éµå¾ª Android 兼容性定义文档 (CDD)(<a href="/compatibility/android-cdd.pdf">PDF</a>ã€<a href="/compatibility/android-cdd.html">HTML</a>)的è¦æ±‚。CDD 列出了对兼容的 Android 设备的软件和硬件è¦æ±‚。</li> -<li><em></em>通过<a href="/compatibility/cts/">兼容性测试套件 (CTS)</a> 测试。在开å‘过程ä¸éšæ—¶å€ŸåŠ© CTS 评估兼容性。</li> </ol> +<li>èŽ·å– <a href="/source/index.html">Android 软件æºä»£ç </a>。<em></em>这是è¦ç§»æ¤åˆ°æ‚¨çš„硬件的 Android å¹³å°æºä»£ç 。</li> +<li>éµå¾ª Android 兼容性定义文档 (CDD)çš„è¦æ±‚(<a href="/compatibility/android-cdd.pdf">PDF</a>ã€<a href="/compatibility/android-cdd.html">HTML</a>)。<em></em>CDD 列出了对兼容的 Android 设备的软件和硬件è¦æ±‚。</li> +<li>通过<a href="/compatibility/cts/">兼容性测试套件 (CTS) 测试</a>。<em></em>在开å‘过程ä¸éšæ—¶å€ŸåŠ© CTS 评估兼容性。</li> </ol> <p>åœ¨ç¬¦åˆ CDD è¦æ±‚且通过 CTS 测试åŽï¼Œæ‚¨çš„设备å³æ˜¯ä¸Ž Android 兼容的设备,这æ„味ç€ç”Ÿæ€ç³»ç»Ÿä¸çš„ Android 应用在您的设备上è¿è¡Œæ—¶å¯æ供一致的体验。有关 Android 兼容性计划的详细信æ¯ï¼Œè¯·å‚阅<a href="overview.html">计划概述</a>。</p> diff --git a/zh-cn/devices/architecture/dto/optimize.html b/zh-cn/devices/architecture/dto/optimize.html index 3fca0732..37a11a15 100644 --- a/zh-cn/devices/architecture/dto/optimize.html +++ b/zh-cn/devices/architecture/dto/optimize.html @@ -70,7 +70,7 @@ </tbody></table> <h2 id="libufdt">libufdt</h2> -<p>虽然最新的 <code><a href="https://github.com/dgibson/dtc/tree/master/libfdt" class="external">libfdt</a></code> æ”¯æŒ DTO,但是我们建议您使用 <code>libufdt</code> æ¥å®žçŽ° DTO(æºæ–‡ä»¶ä½äºŽ AOSP ä¸çš„ <code><a href="https://android.googlesource.com/platform/system/libufdt/+/refs/heads/master" class="external">platform/system/libufdt</a></code> 下)。<code>libufdt</code> 会从æ‰å¹³åŒ–è®¾å¤‡æ ‘ (FDT) ç¼–è¯‘çœŸå®žçš„æ ‘ç»“æž„ï¼ˆéžæ‰å¹³åŒ–è®¾å¤‡æ ‘ï¼Œç®€ç§°ä¸º <em>ufdt</em>ï¼‰ï¼Œå› è€Œå¯ä»¥æ”¹å–„两个 <code>.dtb</code> 文件(从 O(N2) 到 O(N)ï¼Œå…¶ä¸ N æ˜¯æ ‘ä¸çš„节点编å·ï¼‰çš„åˆå¹¶ã€‚</p> +<p>虽然最新的 <code><a href="https://github.com/dgibson/dtc/tree/master/libfdt" class="external">libfdt</a></code> æ”¯æŒ DTO,但是我们建议您使用 <code>libufdt</code> æ¥å®žçŽ° DTO(æºæ–‡ä»¶ä½äºŽAOSP ä¸çš„ <code><a href="https://android.googlesource.com/platform/system/libufdt/+/refs/heads/master" class="external">platform/system/libufdt</a></code> 下)。<code>libufdt</code> 会从æ‰å¹³åŒ–è®¾å¤‡æ ‘ (FDT) ç¼–è¯‘çœŸå®žçš„æ ‘ç»“æž„ï¼ˆéžæ‰å¹³åŒ–è®¾å¤‡æ ‘ï¼Œç®€ç§°ä¸º ufdtï¼‰ï¼Œå› è€Œå¯ä»¥æ”¹å–„两个 <code>.dtb</code> 文件(从 O(N2) 到 O(N)ï¼Œå…¶ä¸ N æ˜¯æ ‘ä¸çš„节点编å·ï¼‰çš„åˆå¹¶ã€‚<em></em></p> <h3 id="performance">性能测试</h3> <p>在 Google 的内部测试ä¸ï¼Œè¿›è¡Œç¼–译åŽï¼Œåœ¨ 2405 <code>.dtb</code> å’Œ 283 <code>.dtbo</code> DT 节点上使用 <code>libufdt</code> 生æˆäº† 70,618 å—节和 8,566 å—节的文件大å°ã€‚与从 FreeBSD 移æ¤çš„ <a href="http://fxr.watson.org/fxr/source/boot/fdt/" class="external">DTO 实现</a>(è¿è¡Œæ—¶ä¸º 124 毫秒)相比,<code>libufdt</code> DTO è¿è¡Œæ—¶ä¸º 10 毫秒。</p> diff --git a/zh-cn/devices/architecture/dto/partitions.html b/zh-cn/devices/architecture/dto/partitions.html index a5fb8bea..9814501a 100644 --- a/zh-cn/devices/architecture/dto/partitions.html +++ b/zh-cn/devices/architecture/dto/partitions.html @@ -23,7 +23,7 @@ <p>如果您的 DTB/DTBO ä½äºŽä¸“属的分区(例如 <code>dtb</code> å’Œ <code>dtbo</code> 分区)ä¸ï¼Œè¯·ä½¿ç”¨ä»¥ä¸‹è¡¨æ ¼ç»“æž„å’Œå¤´æ–‡ä»¶æ ¼å¼ï¼š</p> <p><img src="../images/treble_dto_partition_layout.png"/></p> -<figcaption><strong>图 1</strong> <code>dtb</code>/<code>dtbo</code> 分区布局示例(è¦äº†è§£ AVB ç¾å相关信æ¯ï¼Œè¯·å‚阅<a href="/devices/architecture/dto/implement.html#security">安全性</a>)。 +<figcaption><strong>图 1</strong> 分区布局示例 <code>dtb</code>/<code>dtbo</code>(è¦äº†è§£ AVB ç¾å相关信æ¯ï¼Œè¯·å‚阅<a href="/devices/architecture/dto/implement.html#security">安全性</a>)。 </figcaption> <h2 id="structures">æ•°æ®ç»“æž„</h2> @@ -120,12 +120,12 @@ int check_dtbo(const dt_table_entry *entry, uint32_t header_addr) { </pre></li></ul> <h2 id="mkdtimg">mkdtimg</h2> -<p><code>mkdtimg</code> 是用于创建 <code>dtb</code>/<code>dtbo</code> æ˜ åƒï¼ˆAOSP ä¸ <code>system/libufdt</code> 下的<a href="https://android-review.googlesource.com/#/q/topic:mkdtimg+(status:open+OR+status:merged+OR+status:pending)" class="external">æºä»£ç </a>)的工具。<code>mkdtimg</code> 支æŒå¤šä¸ªå‘½ä»¤ï¼ŒåŒ…括 <code>create</code>ã€<code>cfg_create</code> å’Œ <code>dump</code>。</p> +<p><code>mkdtimg</code> 是用于创建 <code>dtb</code>/<code>dtbo</code> æ˜ åƒï¼ˆAOSP ä¸ <code>system/libufdt</code> 下的<a href="https://android-review.googlesource.com/#/q/topic:mkdtimg+(status:open+OR+status:merged+OR+status:pending)" class="external">æºä»£ç </a>的工具。<code>mkdtimg</code> 支æŒå¤šä¸ªå‘½ä»¤ï¼ŒåŒ…括 <code>create</code>ã€<code>cfg_create</code> å’Œ <code>dump</code>。</p> <h3 id="create">create</h3> <p>使用 <code>create</code> 命令创建 <code>dtb</code>/<code>dtbo</code> æ˜ åƒï¼š</p> -<pre class="prettyprint"> -$mkdtimg create <image_filename> (<global-option>...) \ +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal">mkdtimg create <image_filename> (<global-option>...) \</code> <ftb1_filename> (<entry1_option>...) \ <ftb2_filename> (<entry2_option>...) \ ... @@ -149,7 +149,7 @@ $mkdtimg create <image_filename> (<global-option>...) \ <p>例如,<code>/board/:id</code>。<code>mkdtimg</code> 从 DTB/DTBO 文件ä¸çš„路径读å–值,并将值(32 ä½ï¼‰åˆ†é…ç»™ <code>dt_table_entry</code> ä¸çš„相对属性。或者,您也å¯ä»¥å°† <code>global_option</code> 作为所有æ¡ç›®çš„默认选项。<code>dt_table_header</code> ä¸ <code>page_size</code> 的默认值为 2048ï¼›å¯ä½¿ç”¨ <code>global_option --page_size=<number></code> 分é…ä¸åŒçš„值。</p> <p>示例:</p> -<pre class="prettyprint"> +<pre class="devsite-click-to-copy"> [board1.dts] /dts-v1/; /plugin/; @@ -167,7 +167,7 @@ $mkdtimg create <image_filename> (<global-option>...) \ status = "okay"; }; -$mkdtimg create dtbo.img --id=/:board_id --custom0=0xabc \ +<code class="devsite-terminal">mkdtimg create dtbo.img --id=/:board_id --custom0=0xabc \</code> board1.dtbo \ board2.dtbo --id=0x6800 \ board3.dtbo --id=0x6801 --custom0=0x123 @@ -199,7 +199,7 @@ $mkdtimg create dtbo.img --id=/:board_id --custom0=0xabc \ <p>选项 <code>global_option</code> å’Œ <code>entryX_option</code> å¿…é¡»ä»¥ä¸€ä¸ªæˆ–å¤šä¸ªç©ºæ ¼å—符开头(这些选项与 <code>create</code> 选项相åŒï¼Œä¸å¸¦ <code>--</code> å‰ç¼€ï¼‰ã€‚空行或者以 <code>#</code> 开头的行将被忽略。</p> <p>示例:</p> -<pre class="prettyprint"> +<pre class="devsite-click-to-copy"> [dtboimg.cfg] # global options id=/:board_id @@ -215,7 +215,7 @@ board2.dtbo id=0x6801 # override the value of id in global options custom0=0x123 # override the value of custom0 in global options -$mkdtimg cfg_create dtbo.img dtboimg.cfg +<code class="devsite-terminal">mkdtimg cfg_create dtbo.img dtboimg.cfg</code> </pre> <p><code>mkdtimg</code> ä¸ä¼šå¤„ç† <code>.dtb</code>/<code>.dtbo</code> 文件的对é½æ–¹å¼ï¼Œè€Œæ˜¯å°†å®ƒä»¬é™„åŠ åˆ°æ˜ åƒä¸Šã€‚当您使用 <code>dtc</code> å°† <code>.dts</code> 编译为 <code>.dtb</code>/<code>.dtbo</code> æ—¶ï¼Œå¿…é¡»æ·»åŠ é€‰é¡¹ <code>-a</code>ã€‚ä¾‹å¦‚ï¼Œæ·»åŠ é€‰é¡¹ <code>-a 4</code> ä¼šæ·»åŠ å†…è¾¹è·ï¼Œå› æ¤ <code>.dtb</code>/<code>.dtbo</code> 的大å°å°†è°ƒæ•´ä¸º 4 个å—节。</p> @@ -224,8 +224,8 @@ $mkdtimg cfg_create dtbo.img dtboimg.cfg <h3 id="dump">转储</h3> <p>对于 <code>dtb</code>/<code>dtbo</code> æ˜ åƒï¼Œè¯·ä½¿ç”¨ <code>dump</code> 命令打å°æ˜ åƒä¸çš„ä¿¡æ¯ã€‚示例:</p> -<pre class="prettyprint"> -$mkdtimg dump dtbo.img +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal">mkdtimg dump dtbo.img</code> dt_table_header: magic = d7b7ab1e total_size = 1300 diff --git a/zh-cn/devices/audio/terminology.html b/zh-cn/devices/audio/terminology.html index 010bbc7c..93da052b 100644 --- a/zh-cn/devices/audio/terminology.html +++ b/zh-cn/devices/audio/terminology.html @@ -300,8 +300,7 @@ Sony/Philips æ•°å—接å£æ ¼å¼ï¼Œç”¨äºŽæœªåŽ‹ç¼©çš„ PCM éŸ³é¢‘çš„äº’è¿žã€‚å¦‚éœ <dt>TOSLINK</dt> <dd> -<a href="https://en.wikipedia.org/wiki/TOSLINK">TOSLINK</a> 是一ç§é…åˆ S/PDIF<em></em> 使用的光纤音频数æ®çº¿ã€‚ -</dd> +<a href="https://en.wikipedia.org/wiki/TOSLINK">TOSLINK</a> 是一ç§é…åˆ S/PDIF 使用的光纤音频数æ®çº¿ã€‚<em></em></dd> <dt>USB</dt> <dd> @@ -426,7 +425,7 @@ Android 专用术è¯åŒ…括仅在 Android 音频框架ä¸ä½¿ç”¨çš„术è¯ï¼Œä»¥åŠ <dt>ALSA</dt> <dd> -高级 Linux 声音体系。Linux 的音频框架,对其他系统也有影å“。è¦äº†è§£é€šç”¨å®šä¹‰ï¼Œè¯·å‚阅 <a href="http://en.wikipedia.org/wiki/Advanced_Linux_Sound_Architecture">ALSA</a>。在 Android ä¸ï¼ŒALSA æŒ‡çš„æ˜¯å†…æ ¸éŸ³é¢‘æ¡†æž¶å’Œé©±åŠ¨ç¨‹åºï¼Œè€Œä¸æ˜¯ç”¨æˆ·æ¨¡å¼ API。å¦è¯·å‚阅“tinyalsaâ€<em></em>。 +高级 Linux 声音体系。Linux 的音频框架,对其他系统也有影å“。è¦äº†è§£é€šç”¨å®šä¹‰ï¼Œè¯·å‚阅 <a href="http://en.wikipedia.org/wiki/Advanced_Linux_Sound_Architecture">ALSA</a>。在 Android ä¸ï¼ŒALSA æŒ‡çš„æ˜¯å†…æ ¸éŸ³é¢‘æ¡†æž¶å’Œé©±åŠ¨ç¨‹åºï¼Œè€Œä¸æ˜¯ç”¨æˆ·æ¨¡å¼ API。å¦è¯·å‚阅“tinyalsaâ€ã€‚<em></em> </dd> <dt>音频设备</dt> @@ -436,7 +435,7 @@ Android 专用术è¯åŒ…括仅在 Android 音频框架ä¸ä½¿ç”¨çš„术è¯ï¼Œä»¥åŠ <dt>AudioEffect</dt> <dd> -用于输出(处ç†åŽï¼‰éŸ³æ•ˆä¸Žè¾“入(处ç†å‰ï¼‰éŸ³æ•ˆçš„ API 和实现框架。该 API 在 <a href="http://developer.android.com/reference/android/media/audiofx/AudioEffect.html">android.media.audiofxAudioEffect</a> ä¸è¿›è¡Œäº†å®šä¹‰ã€‚ +用于输出(处ç†åŽï¼‰éŸ³æ•ˆä¸Žè¾“入(处ç†å‰ï¼‰éŸ³æ•ˆçš„ API 和实现框架。该 API 在 <a href="http://developer.android.com/reference/android/media/audiofx/AudioEffect.html">android.media.audiofx.AudioEffect</a> ä¸è¿›è¡Œäº†å®šä¹‰ã€‚ </dd> <dt>AudioFlinger</dt> @@ -446,7 +445,8 @@ Android 声音æœåŠ¡å™¨å®žçŽ°ç”¨ä¾‹ã€‚AudioFlinger 在 mediaserver 进程ä¸è¿è <dt>音频焦点</dt> <dd> -跨多个独立应用管ç†éŸ³é¢‘互动的 API 集。如需了解详情,请å‚阅<a href="http://developer.android.com/training/managing-audio/audio-focus.html">管ç†éŸ³é¢‘焦点</a>以åŠä¸Žç„¦ç‚¹ç›¸å…³çš„方法和 <a href="http://developer.android.com/reference/android/media/AudioManager.html">android.media.AudioManager</a>。 +跨多个独立应用管ç†éŸ³é¢‘互动的 API 集。 +如需了解详情,请å‚阅<a href="http://developer.android.com/training/managing-audio/audio-focus.html">管ç†éŸ³é¢‘焦点</a>以åŠä¸Žç„¦ç‚¹ç›¸å…³çš„方法和 <a href="http://developer.android.com/reference/android/media/AudioManager.html">android.media. AudioManager</a> 常é‡ã€‚ </dd> <dt>AudioMixer</dt> @@ -566,7 +566,7 @@ AudioFlinger ä¸çš„模å—,负责åŒæ¥çº¿ç¨‹ä¹‹é—´çš„状æ€ã€‚NBAIO ç”¨äºŽä¼ é <dt>音频æµç±»åž‹</dt> <dd> -表示音频输出使用情形的枚举。音频政ç–的实现使用音频æµç±»åž‹ä»¥åŠå…¶ä»–å‚æ•°æ¥ç¡®å®šéŸ³é‡å’Œè·¯ç”±å†³ç–。è¦æŸ¥çœ‹éŸ³é¢‘æµç±»åž‹çš„列表,请å‚阅 <a href="http://developer.android.com/reference/android/media/AudioManager.html">android.mediaAudioManager</a>。 +表示音频输出使用情形的枚举。音频政ç–的实现使用音频æµç±»åž‹ä»¥åŠå…¶ä»–å‚æ•°æ¥ç¡®å®šéŸ³é‡å’Œè·¯ç”±å†³ç–。è¦æŸ¥çœ‹éŸ³é¢‘æµç±»åž‹çš„列表,请å‚阅 <a href="http://developer.android.com/reference/android/media/AudioManager.html">android.media.AudioManager</a>。 </dd> <dt>tee sink</dt> @@ -581,7 +581,7 @@ ALSA å†…æ ¸ä¹‹ä¸Šå…·æœ‰ BSD 许å¯çš„å°åž‹ç”¨æˆ·æ¨¡å¼ API。建议用于实现 <dt>ToneGenerator</dt> <dd> -比 AudioTrack 级别更高的客户端 API,用于æ’放åŒéŸ³å¤šé¢‘ (DTMF) ä¿¡å·ã€‚如需了解详情,请å‚阅<a href="http://en.wikipedia.org/wiki/Dual-tone_multi-frequency_signaling">åŒéŸ³å¤šé¢‘ä¿¡å·</a>å’Œ <a href="http://developer.android.com/reference/android/media/ToneGenerator.html">android.mediaToneGenerator</a> ä¸çš„ API 定义。 +比 AudioTrack 级别更高的客户端 API,用于æ’放åŒéŸ³å¤šé¢‘ (DTMF) ä¿¡å·ã€‚如需了解详情,请å‚阅<a href="http://en.wikipedia.org/wiki/Dual-tone_multi-frequency_signaling">åŒéŸ³å¤šé¢‘ä¿¡å·</a>å’Œ <a href="http://developer.android.com/reference/android/media/ToneGenerator.html">android.media.ToneGenerator</a> ä¸çš„ API 定义。 </dd> <dt>音轨</dt> diff --git a/zh-cn/devices/bluetooth/hci_requirements.html b/zh-cn/devices/bluetooth/hci_requirements.html new file mode 100644 index 00000000..385c3a7d --- /dev/null +++ b/zh-cn/devices/bluetooth/hci_requirements.html @@ -0,0 +1,2005 @@ +<html devsite><head> <title>HCI è¦æ±‚</title> <meta name="project_path" value="/_project.yaml"/> <meta name="book_path" value="/_book.yaml"/> + </head> <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); you may + not use this file except in compliance with the License. You may obtain a + copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + License for the specific language governing permissions and limitations + under the License. + --> + + <p>ä¸»æœºæŽ§åˆ¶å™¨æŽ¥å£ (HCI) 用于与è“牙控制器交互。</p> + + <p>本文档列出了è“牙 (BT) å’Œè“牙低功耗 (BLE) çš„è¦æ±‚,旨在让主机 BT å †æ ˆä¾›åº”å•†å’Œ BT 控制器供应商了解,必须éµå¾ªè¿™äº›å¹³å°è¦æ±‚æ‰èƒ½ä½¿ç”¨ä¸‹é¢æ‰€è¿°çš„功能集。</p> + + <p><a href="https://www.bluetooth.org/en-us/specification/adopted-specifications">è“牙 SIG 网站</a>上æ供了è“ç‰™æ ¸å¿ƒ 4.1 规范(在本文档ä¸ç§°ä¸ºâ€œBT 4.1 æ ¸å¿ƒè§„èŒƒâ€ï¼‰ä»¥åŠå…¶ä»–æ£å¼æ–‡æ¡£ã€‚</p> + <h2 id="general-design-overview">总体设计概览</h2> + <h3 id="chip-capabilities-and-configuration">芯片功能和é…ç½®</h3> + <p>作为一个开放平å°ï¼ŒAndroid 汇集了å„ç§è½¯ä»¶ç‰ˆæœ¬ã€åŽŸå§‹è®¾å¤‡åˆ¶é€ 商 (OEM)ã€ä¾›åº”商以åŠå¹³å°å’ŒèŠ¯ç‰‡åŠŸèƒ½ã€‚</p> + + <p>本文档介ç»äº†ä¸€ç§å¯è®© BT 控制器æ供其功能(ä¸åœ¨æ ‡å‡†çš„ BT 4.1 æ ¸å¿ƒè§„èŒƒå†…ï¼‰çš„è®¾è®¡ç†å¿µï¼Œä»¥æ¤æ¥ç®¡ç†ä¸æ–å˜åŒ–çš„æ ¼å±€ä»¥åŠè¿ç§»ã€‚然åŽï¼Œä¸»æœº BT å †æ ˆå¯ä»¥ä½¿ç”¨è¿™äº›åŠŸèƒ½æ¥ç¡®å®šè¦å¯ç”¨çš„功能。</p> + + <h3 id="supporting-open-standards">支æŒå¼€æ”¾å¼æ ‡å‡†</h3> + <p>Android çš„ä¸€ä¸ªç›®æ ‡æ˜¯æ”¯æŒé‚£äº›åœ¨è“牙规范ä¸èŽ·å¾—æ£å¼æ‰¹å‡†çš„开放å¼æ ‡å‡†ã€‚如果下文所述的æŸé¡¹åŠŸèƒ½åœ¨æœªæ¥è“ç‰™è§„èŒƒçš„æ ‡å‡† HCI 方法ä¸å¯ç”¨ï¼Œé‚£ä¹ˆæˆ‘们就倾å‘于将该方法设为默认方法。</p> + <h2 id="vendor-specific-capabilities">特定于供应商的功能</h2> + <p>特定于供应商的命令:<code>LE_Get_Vendor_Capabilities_Command</code></p> + + <p>OCF(OpCode 命令å—段):0x153</p> + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td></td> + <td>ä¸é€‚用</td> + <td>空命令å‚数列表</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>max_advt_instances</code></td> + <td>1 个八ä½å—节</td> + <td>支æŒçš„广告实例数é‡</td> + </tr> + <tr> + <td><code>offloaded_resolution_of_private-address</code></td> + <td>1 个八ä½å—节</td> + <td>RPA çš„ BT 芯片功能;如果芯片支æŒï¼Œåˆ™éœ€è¦ä¸»æœºå¯ç”¨ã€‚<br /> + 0 = ä¸èƒ½<br /> + 1 = 能</td> + </tr> + <tr> + <td><code>total_scan_results_storage</code></td> + <td>2 个八ä½å—节</td> + <td>用于扫æ结果的å˜å‚¨ç©ºé—´ï¼ˆä»¥å—节为å•ä½ï¼‰</td> + </tr> + <tr> + <td><code>max_irk_list_sz</code></td> + <td>1 个八ä½å—节</td> + <td>固件ä¸æ”¯æŒçš„ IRK æ¡ç›®æ•°é‡</td> + </tr> + <tr> + <td><code>filtering_support</code></td> + <td>1 个八ä½å—节</td> + <td>支æŒåœ¨æŽ§åˆ¶å™¨ä¸è¿›è¡Œè¿‡æ»¤ã€‚<br /> + 0 = ä¸æ”¯æŒ<br /> + 1 = 支æŒ</td> + </tr> + <tr> + <td><code>max_filter</code></td> + <td>1 个八ä½å—节</td> + <td>支æŒçš„过滤器数é‡</td> + </tr> + <tr> + <td><code>activity_energy_info_support</code></td> + <td>1 个八ä½å—节</td> + <td>支æŒæŠ¥å‘Šæ´»åŠ¨å’ŒåŠŸè€—ä¿¡æ¯ã€‚<br /> + 0 = ä¸èƒ½<br /> + 1 = 能</td> + </tr> + <tr> + <td><code>version_supported</code></td> + <td>2 个八ä½å—节<br /> + [0x00, 0x60]</td> + <td>指定支æŒçš„ Google 功能规范的版本。<br /> + å—节[0] = 主è¦ç‰ˆæœ¬å·<br /> + å—节[1] = 次è¦ç‰ˆæœ¬å·</td> + </tr> + <tr> + <td><code>total_num_of_advt_tracked</code></td> + <td>2 个八ä½å—节</td> + <td>出于 <code>OnLost</code>/<code>OnFound</code> 目的跟踪的广告主的总数</td> + </tr> + <tr> + <td><code>extended_scan_support</code></td> + <td>1 个八ä½å—节</td> + <td>支æŒæ›´é•¿çš„扫æ时段和间隔</td> + </tr> + <tr> + <td><code>debug_logging_supported</code></td> + <td>1 个八ä½å—节</td> + <td>支æŒä»ŽæŽ§åˆ¶å™¨è®°å½•äºŒè¿›åˆ¶æ–‡ä»¶è°ƒè¯•ä¿¡æ¯</td> + </tr> + <tr> + <td><code>LE_address_generation_offloading_support</code></td> + <td>1 个八ä½å—节</td> + <td>0 = ä¸æ”¯æŒ<br /> + 1 = 支æŒ</td> + </tr> + </tbody></table> + + <p><code>max_advt_instances parameter</code> 表示控制器ä¸çš„广告实例的总数。<code>advt_instance</code> ID 的范围将是 0 到 <code>max_advt_instances-1</code>。</p> + + <p>ID ç‰äºŽ 0 çš„å¹¿å‘Šå®žä¾‹å°†æ˜ å°„åˆ°çŽ°æœ‰ï¼ˆé»˜è®¤/æ ‡å‡†ï¼‰HCI 实例。在默认/æ ‡å‡† HCI 接å£ä¸Šè¿è¡Œæ—¶ï¼Œåº”ä½¿ç”¨æ ‡å‡†çš„ HCI 命令集。</p> + + <h2 id="multi-advertiser-support">多广告主支æŒ</h2> + <p>多广告主支æŒçš„ç›®æ ‡å¦‚ä¸‹ï¼š</p> + + <ul> + <li>能够支æŒå¤šä¸ªå¹¿å‘Š (<code>max_advt_instances</code>)</li> <li>æä¾›ä¸åŒçš„ä¼ è¾“åŠŸçŽ‡ä»¥æ”¯æŒä¸åŒçš„范围</li> <li>支æŒä¸åŒçš„广告内容</li> + <li>针对æ¯ä½ä¸ªå¹¿å‘Šä¸»è¿›è¡Œä¸ªæ€§åŒ–回å¤</li> + <li>ä¿æŠ¤æ¯ä½å¹¿å‘Šä¸»çš„éšç§ï¼ˆä¸å¯è·Ÿè¸ªï¼‰</li> + <li>å¯è¿žæŽ¥</li> + </ul> + + <p>为了确ä¿æ¤è§„èŒƒæŽ¥è¿‘çŽ°æœ‰æ ‡å‡†ï¼Œæˆ‘ä»¬æ供了下列特定于供应商的命令。它们派生自è“ç‰™æ ¸å¿ƒ 4.1 规范。</p> + + <h3 id="le_multi_advt_command">LE_Multi_Advt_Command</h3> + <p>OCF:0x154</p> + + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Multi_advt_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 - <code>Set_Advt_Param_Multi_Sub_Cmd</code><br /> + 0x02 - <code>Set_Advt_Data_Multi_Sub_Cmd</code><br /> + 0x03 - <code>Set_Scan_Resp_Data_Multi_Sub_Cmd</code><br /> + 0x04 - <code>Set_Random_Addr_Multi_Sub_Cmd</code><br /> + 0x05 - <code>Set_Advt_Enable_Multi_Sub_Cmd</code></td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Multi_advt_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 - <code>Set_Advt_Param_Multi_Command</code><br /> + 0x02 - <code>Set_Advt_Data_Multi_Command</code><br /> + 0x03 - <code>Set_Scan_Resp_Data_Multi_Command</code><br /> + 0x04 - <code>Set_Random_Addr_Multi_Command</code><br /> + 0x05 - <code>Set_Advt_Enable_Multi_Command</code></td> + </tr> + </tbody></table> + + <h4 id="le_multi_advt_command-set_advt_param_multi_sub_cmd">LE_Multi_Advt_Command:Set_Advt_Param_Multi_Sub_Cmd</h4> + <p>基础å‚考(以下称为“规范â€ï¼‰ï¼šBT 4.1 æ ¸å¿ƒè§„èŒƒï¼Œç¬¬ 964 页(LE 设置广告å‚数命令)</p> + + <p>å OCF:0x01</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Advertising_Interval_Min</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Interval_Max</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Type</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Own_Address_Type</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Own_Address</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Direct_Address_Type</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Direct_Address</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Channel_Map</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Adverstising_Filter_Policy</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Instance</code></td> + <td>1 个八ä½å—节</td> + <td>指定上述å‚数对实例的适用性</td> + </tr> + <tr> + <td><code>Tx_power</code></td> + <td>1 个八ä½å—节</td> + <td>Transmit_Power<br /> + å•ä½ - 以 dBm 为å•ä½ï¼ˆæœ‰ç¬¦å·æ•´æ•°ï¼‰<br /> + 范围(-70 到 +20)</td> + </tr> + </tbody></table> + + <p>在设置æ¤å¤šå¹¿å‘Šå®žä¾‹æ—¶ï¼Œ<code>Own_Address</code> å‚æ•°å¯ä»¥æ˜¯ä¸»æœºé…置的地å€ã€‚è¿™æ ·ï¼Œåœ¨ä¼ è¾“ç¬¬ä¸€ä¸ªä¿¡æ ‡æ—¶èƒ½å¤ŸèŽ·å¾—ä¸€ä¸ªå¯è§£æžç§æœ‰åœ°å€ã€‚æ— è®ºé‡‡ç”¨ä½•ç§è¿žæŽ¥ï¼Œå®žä¾‹ä¸Šçš„广告都会继ç»ã€‚主机 BT å †æ ˆå¯ä»¥å‘出命令,以在建立连接åŽå¼€å§‹åœ¨å®žä¾‹ä¸ŠæŠ•æ”¾å¹¿å‘Šã€‚</p> + + <p>系统将按照上述命令,针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ï¼Œå¦‚è“ç‰™æ ¸å¿ƒ 4.1 规范ä¸æ‰€è§„定。如果广告实例或 <code>Tx_Power</code> å‚æ•°æ— æ•ˆï¼Œåˆ™æŽ§åˆ¶å™¨ä¼šä½¿ç”¨éžæˆåŠŸï¼ˆæ— 效å‚数)代ç å“应。</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Multi_advt_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 [<code>Set_Advt_Param_Multi_Sub_Cmd]</code></td> + </tr> + </tbody></table> + + <h4 id="le_multi_advt_command-set_advt_data_multi_sub_cmd">LE_Multi_Advt_Command:Set_Advt_Data_Multi_Sub_Cmd</h4> + + <p>基础å‚考:BT 4.1 æ ¸å¿ƒè§„èŒƒï¼Œç¬¬ 969 页(LE 设置广告数æ®å‘½ä»¤ï¼‰</p> + + <p>å OCF:0x02</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Advertising_Data_Length</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Data</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Instance</code></td> + <td>1 个八ä½å—节</td> + <td>指定上述å‚数对实例的适用性</td> + </tr> + </tbody></table> + + <p>系统将按照上述命令,针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ï¼Œå¦‚è“ç‰™æ ¸å¿ƒ 4.1 规范ä¸æ‰€è§„定。如果广告实例或 <code>Tx_Power</code> å‚æ•°æ— æ•ˆï¼Œåˆ™æŽ§åˆ¶å™¨ä¼šä½¿ç”¨éžæˆåŠŸä»£ç å“应。</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Multi_advt_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x02 [<code>Set_Advt_Data_Multi_Sub_Cmd]</code></td> + </tr> + </tbody></table> + + <h4 id="le_multi_advt_command-set_scan_resp_data_multi_sub_cmd">LE_Multi_Advt_Command:Set_Scan_Resp_Data_Multi_Sub_Cmd</h4> + <p>基础å‚考:BT 4.1 æ ¸å¿ƒè§„èŒƒï¼Œç¬¬ 970 页(LE 设置扫æå“应数æ®å‘½ä»¤ï¼‰</p> + + <p>å OCF:0x03</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Scan_Response_Data_Length</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Scan_Response_Data</code></td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Instance</code></td> + <td>1 个八ä½å—节</td> + <td>指定上述å‚数对实例的适用性</td> + </tr> + </tbody></table> + + <p>系统将按照上述命令,针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ï¼Œå¦‚è“ç‰™æ ¸å¿ƒ 4.1 规范ä¸æ‰€è§„定。如果广告实例或 <code>Tx_Power</code> å‚æ•°æ— æ•ˆï¼Œåˆ™æŽ§åˆ¶å™¨ä¼šä½¿ç”¨éžæˆåŠŸä»£ç ï¼ˆæ— æ•ˆå‚数)å“应。</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Multi_advt_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x03 [<code>Set_Scan_Resp_Data_Multi_Sub_Cmd]</code></td> + </tr> + </tbody></table> + + <h4 id="le_multi_advt_command-set_random_addr_multi_sub_cmd">LE_Multi_Advt_Command:Set_Random_Addr_Multi_Sub_Cmd</h4> + <p>基础å‚考:BT 4.1 æ ¸å¿ƒè§„èŒƒï¼Œç¬¬ 963 页(LE 设置éšæœºåœ°å€å‘½ä»¤ï¼‰</p> + + <p>å OCF:0x04</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td>éšæœºåœ°å€</td> + <td>按规范</td> + <td>按规范</td> + </tr> + <tr> + <td><code>Advertising_Instance</code></td> + <td>1 个八ä½å—节</td> + <td>指定上述å‚数对实例的适用性</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Multi_advt_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x04 [<code>Set_Random_Addr_Multi_Sub_Cmd]</code></td> + </tr> + </tbody></table> + + <h4 id="le_multi_advt_command-set_advt_enable_multi_sub_cmd">LE_Multi_Advt_Command:Set_Advt_Enable_Multi_Sub_Cmd</h4> + <p>基础å‚考:BT 4.1 æ ¸å¿ƒè§„èŒƒï¼Œç¬¬ 971 é¡µï¼ˆè¯¥æ ¸å¿ƒè§„èŒƒä¸çš„ LE 设置广告å¯ç”¨å‘½ä»¤ï¼‰</p> + + <p>OCF:0x05</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Advertising_Enable</code></td> + <td>1 个八ä½å—节</td> + <td>1 表示å¯ç”¨ã€‚任何其他值å‡è¡¨ç¤ºåœç”¨ã€‚</td> + </tr> + <tr> + <td><code>Advertising_Instance</code></td> + <td>1 个八ä½å—节</td> + <td>指定上述å‚数对实例的适用性。实例 0 è¡¨ç¤ºæ ‡å‡† HCI 实例。</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Multi_advt_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x05 [<code>Set_Advt_Enable_Multi_Sub_Cmd]</code></td> + </tr> + </tbody></table> + + <h2 id="offloaded-resolution-of-private-address">分æµè§£æžç§æœ‰åœ°å€</h2> + <p>æ¤åŠŸèƒ½å…许在控制器固件或硬件ä¸è§£æžç§æœ‰åœ°å€ï¼Œä»Žè€Œæ供以下优势: + </p> + + <ul> + <li>缩çŸä¸»æœºåœ¨è§£æžç§æœ‰åœ°å€æ—¶çš„延迟时间</li> + <li>通过é¿å…唤醒主机æ¥èŠ‚çœç”µé‡</li> + </ul> + + <h3 id="le_set_rpa_timeout">LE_Set_RPA_Timeout</h3> + <p>OCF:0x15C</p> + + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>LE_local_IRK</code></td> + <td>16 个八ä½å—节</td> + <td>本地设备 IRK 用于生æˆå¯è§£æžçš„éšæœºåœ°å€ã€‚</td> + </tr> + <tr> + <td><code>tRPA_min</code></td> + <td>2 个八ä½å—节</td> + <td>æœ€çŸ RPA 生æˆè¶…时时间(以秒为å•ä½ï¼‰ã€‚ + 控制器必须在超时期间或超时之åŽï¼Œé’ˆå¯¹ä»»ä½•å¹¿å‘Š/扫æ/连接事件生æˆæ–°çš„å¯è§£æžåœ°å€ã€‚<br /> + 有效范围:300-1800</td> + </tr> + <tr> + <td><code>tRPA_max</code></td> + <td>2 个八ä½å—节</td> + <td>最长 RPA 生æˆè¶…时时间(以秒为å•ä½ï¼‰ã€‚ + 控制器必须在超时期间或超时之å‰ï¼Œé’ˆå¯¹ä»»ä½•å¹¿å‘Š/扫æ/连接事件生æˆæ–°çš„å¯è§£æžåœ°å€ã€‚<br /> + 有效范围:<code>tRPA_min</code>-1800</td> + </tr> + </tbody></table> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令的状æ€ã€‚<br /> + <br /> + 建议的 HCI 状æ€å€¼ï¼š<br /> + 0x00 æˆåŠŸ<br /> + 0x01 未知命令(如果ä¸å—支æŒï¼‰<br /> + 0x12 æ— æ•ˆçš„å‘½ä»¤å‚数(如果任æ„å‚æ•°ä¸åœ¨æŒ‡å®šèŒƒå›´å†…)</td> + </tr> + </tbody></table> + + <h3 id="le_rpa_offload_command">LE_RPA_offload_Command</h3> + <p>OCF:0x155</p> + + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>RPA_offload_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x1 - å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能<br /> + 0x2 - å°† IRK æ·»åŠ åˆ°åˆ—è¡¨ä¸<br /> + 0x3 - 从列表ä¸ç§»é™¤ IRK<br /> + 0x4 - 清除 IRK 列表<br /> + 0x5 - è¯»å– IRK 列表æ¡ç›®</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Event_RPA_offload_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x1 - å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能<br /> + 0x2 - å°† IRK æ·»åŠ åˆ°åˆ—è¡¨ä¸<br /> + 0x3 - 从列表ä¸ç§»é™¤ IRK<br /> + 0x4 - 清除 IRK 列表<br /> + 0x5 - è¯»å– IRK 列表æ¡ç›®</td> + </tr> + </tbody></table> + + <h4 id="le_rpa_offload-enable_cust_specific_sub_command">LE_RPA_offload:Enable_cust_specific_sub_Command</h4> + <p>å OCF:0x01</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>enable_customer_specific_feature_set</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 - å¯ç”¨åˆ†æµ RPA 功能<br /> + 0x00 - åœç”¨åˆ†æµ RPA 功能</td> + </tr> + </tbody></table> + + <p>RPA 分æµéœ€è¦ç”±ä¸»æœºæ ¹æ®èŠ¯ç‰‡åŠŸèƒ½å¯ç”¨ã€‚请å‚阅 <code>LE_Get_Vendor_Capabilities_Command.</code> æ¯ä¸ªèŠ¯ç‰‡åœ¨å›ºä»¶ä¸å…·æœ‰ä¸åŒçš„ <code>max_irk_list_sz </code>。</p> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚ + </p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Event_cust_specific_feature_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 [å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能]</td> + </tr> + </tbody></table> + + <h4 id="le_rpa_offload-add_irk_to_list_sub_command">LE_RPA_offload:Add_IRK_to_list_sub_Command</h4> + <p>å OCF:0x02</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>LE_IRK</code></td> + <td>16 个八ä½å—节</td> + <td>LE IRK(第 1 个å—节 LSB)</td> + </tr> + <tr> + <td><code>Address_Type</code></td> + <td>1 个八ä½å—节</td> + <td>0:公开地å€<br /> + 1:éšæœºåœ°å€</td> + </tr> + <tr> + <td><code>LE_Device_Address</code></td> + <td>6 个八ä½å—节</td> + <td>与 IRK 相关è”的公开地å€æˆ–éšæœºåœ°å€ï¼ˆç¬¬ 1 个å—节 LSB)</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Event_cust_specific_feature_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x02 [å°† IRK æ·»åŠ åˆ°åˆ—è¡¨ä¸]</td> + </tr> + <tr> + <td><code>LE_IrkList_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>完æˆå½“å‰æ“作åŽå¯ç”¨çš„ IRL 列表æ¡ç›®</td> + </tr> + </tbody></table> + + <h4 id="le_rpa_offload-remove_irk_to_list_sub_command">LE_RPA_offload:Remove_IRK_to_list_sub_Command</h4> + <p>å OCF:0x03</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Address_Type</code></td> + <td>1 个八ä½å—节</td> + <td>0:公开地å€<br /> + 1:éšæœºåœ°å€</td> + </tr> + <tr> + <td><code>LE_Device_Address</code></td> + <td>6 个八ä½å—节</td> + <td>与 IRK 相关è”的公开地å€æˆ–éšæœºåœ°å€</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Event_cust_specific_feature_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x03 [从列表ä¸ç§»é™¤ IRK]</td> + </tr> + <tr> + <td><code>LE_IrkList_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>完æˆå½“å‰æ“作åŽå¯ç”¨çš„ IRL 列表æ¡ç›®</td> + </tr> + </tbody></table> + + <h4 id="le_rpa_offload-clear_irk_list_sub_command">LE_RPA_offload:Clear_IRK_list_sub_Command</h4> + <p>å OCF:0x04</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td>æ— </td> + <td></td> + <td></td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Event_cust_specific_feature_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x04 [清除 IRK 列表]</td> + </tr> + <tr> + <td><code>LE_IrkList_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>完æˆå½“å‰æ“作 [<code>max_irk_list_sz]</code> åŽå¯ç”¨çš„ IRL 列表æ¡ç›®</td> + </tr> + </tbody></table> + + <h4 id="le_rpa_offload-read_irk_list_sub_command">LE_RPA_offload:Read_IRK_list_sub_Command</h4> + <p>å OCF:0x05</p> + + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>LE_read_IRK_list_entry-index</code></td> + <td>1 个八ä½å—节</td> + <td>IRK 列表 [0,<code>max_irk_list_sz-1]</code> 索引</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚ + </p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Event_cust_specific_feature_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x05 [è¯»å– IRK 列表æ¡ç›®]</td> + </tr> + <tr> + <td><code>LE_Read_IRK_List_entry</code></td> + <td>1 个八ä½å—节</td> + <td>主机想è¦è¯»å›žçš„ IRK 索引(IRK 列表的最大大å°ä¸º 32)</td> + </tr> + <tr> + <td><code>LE_IRK</code></td> + <td>16 个八ä½å—节</td> + <td>IRK 值</td> + </tr> + <tr> + <td><code>Address_Type</code></td> + <td>1 个八ä½å—节</td> + <td>0:公开地å€<br /> + 1:éšæœºåœ°å€</td> + </tr> + <tr> + <td><code>LE_Device_Address</code></td> + <td>6 个八ä½å—节</td> + <td>与 IRK 相关è”的公开地å€æˆ–éšæœºåœ°å€</td> + </tr> + <tr> + <td><code>LE_Resolved_Private_Address</code></td> + <td>6 个八ä½å—节</td> + <td>æ¤ IRK 的当å‰å·²è§£æžçš„å¯è§£æžç§æœ‰åœ°å€</td> + </tr> + </tbody></table> + + <h2 id="batching-of-scan-results">批处ç†æ‰«æ结果</h2> + <p>æˆ‘ä»¬çš„ä¸€ä¸ªè®¾è®¡ç›®æ ‡æ˜¯æ”¹å–„è“牙 LE 扫æå“åº”äº‹ä»¶é€šçŸ¥ä¼ é€ç»™ä¸»æœºçš„æ–¹å¼ï¼Œä»Žè€ŒèŠ‚çœä¸»æœºç”µé‡ã€‚</p> + + <p>通过é™ä½ŽæŽ§åˆ¶å™¨é€šçŸ¥ä¸»æœºåº”用处ç†å™¨æ‰«æ结果的频率,主机应用处ç†å™¨å¯ä»¥æ›´é•¿æ—¶é—´ä¿æŒåœ¨é—²ç½®/ä¼‘çœ çŠ¶æ€ã€‚这会é™ä½Žä¸»æœºåŠŸè€—。<code>LE_Get_Vendor_Capabilities_Command</code> 的返回å‚æ•° <code>total_scan_results_storage</code> 表示芯片最多å¯å˜å‚¨å¤šå°‘扫æ结果。</p> + + <p>æ¤åŠŸèƒ½é‡ç‚¹å…³æ³¨è“ç‰™æŽ§åˆ¶å™¨ä¸ LE 扫æ结果å˜å‚¨è®¾å¤‡çš„管ç†å’Œé…置。该å˜å‚¨è®¾å¤‡ç”¨äºŽæš‚时批处ç†å¹¿å‘Šæ•°æ®ä»¥åŠæ‰«æ由控制器接收以供ç¨åŽä¼ é€åˆ°ä¸»æœºçš„æ•°æ®å’Œå…ƒæ•°æ®ã€‚</p> + + <p>固件应支æŒå¯ä»¥åŒæ—¶è¿›è¡Œçš„两类批处ç†ï¼š</p> + + <ul> + <li>截æ–。包å«ä»¥ä¸‹ä¿¡æ¯å…ƒç´ :{MAC, TX Power, RSSI, Timestamp}</li> + <li>完整。包å«ä»¥ä¸‹ä¿¡æ¯å…ƒç´ :{MAC, TX Power, RSSI, Timestamp, Adv Data, Scan Response}</li> + </ul> + + <h3 id="le_batch_scan_command">LE_Batch_Scan_Command</h3> + <p>OCF:0x156</p> + + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Batch_Scan_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x1 - å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能<br /> + 0x2 - 设置批é‡æ‰«æå˜å‚¨è®¾å¤‡å‚æ•°<br /> + 0x3 - 设置批é‡æ‰«æå‚æ•°<br /> + 0x4 - 读å–批é‡æ‰«æ结果å‚æ•°</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚ + å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能ä¸ä¼šå¯åŠ¨æ‰«æ。</p> + + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Batch_Scan_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x1 - å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能<br /> + 0x2 - 设置批é‡æ‰«æå˜å‚¨è®¾å¤‡å‚æ•°<br /> + 0x3 - 设置批é‡æ‰«æå‚æ•°<br /> + 0x4 - 读å–批é‡æ‰«æ结果å‚æ•°</td> + </tr> + </tbody></table> + + <h4 id="le_batch_scan_command-enable-customer-specific-feature">LE_Batch_Scan_Command:å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能</h4> + <p>å OCF:0x01</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>enable_customer_specific_feature_set</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 - å¯ç”¨æ‰¹é‡æ‰«æ功能<br /> + 0x00 - åœç”¨æ‰¹é‡æ‰«æ功能</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Batch_Scan_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x1 - å¯ç”¨ç‰¹å®šäºŽå®¢æˆ·çš„功能<br /> + 0x2 - 设置批é‡æ‰«æå˜å‚¨è®¾å¤‡å‚æ•°<br /> + 0x3 - 设置批é‡æ‰«æå‚æ•°<br /> + 0x4 - 读å–批é‡æ‰«æ结果å‚æ•°</td> + </tr> + </tbody></table> + + <h4 id="le_batch_scan_command-set-batch-scan-storage-param-subcommand">LE_Batch_Scan_Command:设置批é‡æ‰«æå˜å‚¨è®¾å¤‡å‚æ•°å命令</h4> + <p>å OCF:0x02</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Batch_Scan_Full_Max</code></td> + <td>1 个八ä½å—节</td> + <td>分é…åˆ°å®Œæ•´æ ·å¼çš„最大å˜å‚¨ç©ºé—´ï¼ˆä»¥ ï¼… å½¢å¼è¡¨ç¤ºï¼‰[范围:0-100]</td> + </tr> + <tr> + <td><code>Batch_Scan_Truncated_Max</code></td> + <td>1 个八ä½å—节</td> + <td>分é…到截æ–æ ·å¼çš„最大å˜å‚¨ç©ºé—´ï¼ˆä»¥ ï¼… å½¢å¼è¡¨ç¤ºï¼‰[范围:0-100]</td> + </tr> + <tr> + <td><code>Batch_Scan_Notify_Threshold</code></td> + <td>1 个八ä½å—节</td> + <td>å•ä¸ªå˜å‚¨æ± 的设置通知ç‰çº§ï¼ˆä»¥ ï¼… å½¢å¼è¡¨ç¤ºï¼‰[范围:0-100]。<br /> + 设置为 0 会åœç”¨é€šçŸ¥ã€‚ + 系统会生æˆç‰¹å®šäºŽä¾›åº”商的 HCI 事件(å˜å‚¨é˜ˆå€¼è¿è§„å事件)</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Batch_scan_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x02 [设置批é‡æ‰«æå‚æ•°]</td> + </tr> + </tbody></table> + + <h4 id="le_batch_scan_command-set-batch-scan-param-subcommand">LE_Batch_Scan_Command:设置批é‡æ‰«æå‚æ•°å命令</h4> + <p>å OCF:0x03</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Batch_Scan_Mode</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - 批é‡æ‰«æå·²åœç”¨<br /> + 0x01 - å·²å¯ç”¨æˆªæ–模å¼<br /> + 0x02 - å·²å¯ç”¨å®Œæ•´æ¨¡å¼<br /> + 0x03 - å·²å¯ç”¨æˆªæ–模å¼å’Œå®Œæ•´æ¨¡å¼</td> + </tr> + <tr> + <td><code>Duty_cycle_scan_window</code></td> + <td>4 个八ä½å—节</td> + <td>批é‡æ‰«æ的扫æ时间(æ’槽数)</td> + </tr> + <tr> + <td><code>Duty_cyle_scan_interval</code></td> + <td>4 个八ä½å—节</td> + <td>批é‡æ‰«æ的间隔时间(æ’槽数)</td> + </tr> + <tr> + <td><code>own_address_type</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - 公共设备地å€<br /> + 0x01 - éšæœºè®¾å¤‡åœ°å€</td> + </tr> + <tr> + <td><code>Batch_scan_Discard_Rule</code></td> + <td>1 个八ä½å—节</td> + <td>0 - èˆå¼ƒæœ€æ—©çš„广告<br /> + 1 - èˆå¼ƒ RSSI 最弱的广告</td> + </tr> + </tbody></table> + + <p>æ¤å命令会开始批é‡æ‰«æ(如果å¯ç”¨ï¼‰ã€‚在截æ–扫æä¸ï¼Œç»“果以截æ–å½¢å¼å˜å‚¨ï¼Œå…¶ä¸æˆªæ–æ ·å¼çš„唯一密钥 = {<code>BD_ADDR,</code> scan_interval}。这æ„味ç€ï¼Œç³»ç»Ÿé’ˆå¯¹æ¯ä¸ªæ‰«æé—´éš”åªè®°å½•ä¸€ä¸ª <code>BD_ADDR will</code>。针对截æ–模å¼ä¿å˜çš„记录如下:{<code>BD_ADDR,</code> Tx Power, RSSI, Timestamp}。</p> + + <p>如果å¯ç”¨å®Œæ•´æ¨¡å¼ï¼Œç³»ç»Ÿä¼šä½¿ç”¨ä¸»åŠ¨æ‰«æ并记录扫æå“åº”ã€‚å®Œæ•´æ ·å¼çš„唯一密钥 = {MAC, Ad packet},与扫æé—´éš”æ— å…³ã€‚é’ˆå¯¹å®Œæ•´æ¨¡å¼ä¿å˜çš„记录如下:{<code>BD_ADDR,</code> Tx Power, RSSI, Timestamp, Ad packet, Scan Response}ã€‚åœ¨å®Œæ•´æ ·å¼ä¸‹ï¼Œå¦‚果在ä¸åŒçš„扫æ间隔多次看到åŒä¸€ä¸ªå¹¿å‘ŠåŒ…,则仅记录一次。ä¸è¿‡ï¼Œåœ¨æˆªæ–模å¼ä¸‹ï¼Œé‡è¦çš„是 <code>BA_ADDR </code>在ä¸åŒæ‰«æ间隔的显示情况(æ¯ä¸ªæ‰«æ间隔显示一次)。RSSI 是扫æ间隔内唯一广告的所有é‡å¤é¡¹çš„å¹³å‡å€¼ã€‚</p> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Batch_scan_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x03 [设置批é‡æ‰«æå‚æ•°]</td> + </tr> + </tbody></table> + + <h4 id="le_batch_scan_command-read-batch-scan-results-sub-command"> +LE_Batch_Scan_Command:读å–批é‡æ‰«æ结果å命令</h4> + <p>å OCF:0x04</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Batch_Scan_Data_read</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 - 截æ–模å¼æ•°æ®<br /> + 0x02 - 完整模å¼æ•°æ®</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚ + 当主机å‘出æ¤å‘½ä»¤æ—¶ï¼ŒæŽ§åˆ¶å™¨ä¸çš„结果å¯èƒ½æ— 法完全放入一个命令完æˆäº‹ä»¶ã€‚主机会åå¤å‘出æ¤å‘½ä»¤ï¼Œç›´åˆ°å‘½ä»¤å®Œæˆäº‹ä»¶ä¸çš„相应结果显示记录数为 0,这表示控制器没有更多è¦ä¼ 输给主机的记录。æ¯ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶å¯ä»¥åªåŒ…å«ä¸€ç§æ•°æ®ç±»åž‹ï¼ˆå®Œæ•´æˆ–截æ–)的多个记录。</p> + + <p>控制器和主机时间å‚考ä¸åŒæ¥ã€‚å› æ¤ï¼Œæ—¶é—´æˆ³éœ€è¦ç‰¹åˆ«è¯´æ˜Žã€‚时间戳的å•ä½ä¸º 50 毫秒。时间戳的值å–决于主机指定 <code>Read_Batch_Scan_Results_Sub_cmd </code>的时间。 + 如果固件ä¸å‘½ä»¤åˆ°è¾¾æ—¶é—´ä¸º <code>T_c</code>,则在固件ä¸æˆªå–时间戳的实际时间为 <code>T_fw.</code> 报告时间将是 (<code>T_c</code> - <code>T_fw)</code>。<code>T_c</code> å’Œ <code>T_fw </code> 在固件时域ä¸ã€‚è¿™æ ·ä¸€æ¥ï¼Œä¸»æœºèƒ½å¤Ÿè®¡ç®—事件å‘生的时间。</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>Batch_scan_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x03 [设置批é‡æ‰«æå‚æ•°]</td> + </tr> + <tr> + <td><code>Batch_Scan_data_read</code></td> + <td>1 个八ä½å—节</td> + <td>æ ‡è¯†æ ¼å¼ï¼ˆæˆªæ–或完整)</td> + </tr> + <tr> + <td><code>num_of_records</code></td> + <td>1 个八ä½å—节</td> + <td><code>Batch_Scan_data_read</code> 的记录数</td> + </tr> + <tr> + <td><code>format_of_data</code></td> + <td>å˜é‡</td> + <td><span style="text-decoration:underline;">截æ–模å¼ï¼š</span><br /> + Address[0]:6 个八ä½å—节<br /> + Address_Type[0]:1 个八ä½å—节<br /> + Tx_Pwr[0]:1 个八ä½å—节<br /> + RSSI[0]:1 个八ä½å—节<br /> + Timestamp[0]:2 个八ä½å—节<br /> + [å¤šä¸ªé‡‡ç”¨ä¸Šè¿°æ ¼å¼çš„记录 (<code>num_of_records)</code>]<br /> + <br /> + <span style="text-decoration:underline;">完整模å¼ï¼š</span><br /> + Address[0]:6 个八ä½å—节<br /> + Address_Type[0]:1 个八ä½å—节<br /> + Tx_Pwr[0]:1 个八ä½å—节<br /> + RSSI[0]:1 个八ä½å—节<br /> + Timestamp[0]:2 个八ä½å—节<br /> + Adv packet_len[0]:1 个八ä½å—节<br /> + Adv_packet[0]:Adv_packet_len 个八ä½å—节<br /> + Scan_data_resp_len[0]:1 个八ä½å—节<br /> + Scan_data_resp[0]:<code>Scan_data_resp </code>个八ä½å—节<br /> + [å¤šä¸ªé‡‡ç”¨ä¸Šè¿°æ ¼å¼çš„记录 (<code>num_of_records)]</code></td> + </tr> + </tbody></table> + <h2 id="advertising-packet-content-filter">广告包内容过滤器</h2> + <p>å¯å€Ÿæ¤åœ¨æŽ§åˆ¶å™¨ä¸å¯ç”¨/åœç”¨/设置广告包内容过滤器 (APCF)。</p> + + <h3 id="le_apcf_command">LE_APCF_Command</h3> + <p>OCF:0x157</p> + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - APCF å¯ç”¨<br /> + 0x01 - APCF 设置过滤å‚æ•°<br /> + 0x02 - APCF 广æ’地å€<br /> + 0x03 - APCF æœåŠ¡ UUID<br /> + 0x04 - APCF æœåŠ¡è¯·æ±‚ UUID<br /> + 0x05 - APCF 本地å称<br /> + 0x06 - APCF åˆ¶é€ å•†æ•°æ®<br /> + 0x07 - APCF æœåŠ¡æ•°æ®</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>返回状æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - APCF å¯ç”¨<br /> + 0x01 - APCF 设置过滤å‚æ•°<br /> + 0x02 - APCF 广æ’地å€<br /> + 0x03 - APCF æœåŠ¡ UUID<br /> + 0x04 - APCF æœåŠ¡è¯·æ±‚ UUID<br /> + 0x05 - APCF 本地å称<br /> + 0x06 - APCF åˆ¶é€ å•†æ•°æ®<br /> + 0x07 - APCF æœåŠ¡æ•°æ®</td> + </tr> + </tbody></table> + + <h4 id="le_apcf_command-enable_sub_cmd"> LE_APCF_Command:Enable_sub_cmd</h4> + <p>å OCF:0x00</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_enable</code></td> + <td>1 个八ä½å—节</td> + <td>0x01 - å¯ç”¨ APCF 功能<br /> + 0x00 - åœç”¨ APCF 功能</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x0 - APCF å¯ç”¨</td> + </tr> + <tr> + <td><code>APCF_Enable</code></td> + <td>1 个八ä½å—节</td> + <td>通过 <code>APCF_enable</code> 设置å¯ç”¨/åœç”¨</td> + </tr> + </tbody></table> + <h4 id="le_apcf_command-set_filtering_parameters_sub_cmd">LE_APCF_Command:set_filtering_parameters_sub_cmd</h4> + <p>该åå‘½ä»¤ç”¨äºŽæ·»åŠ æˆ–åˆ é™¤èŠ¯ç‰‡è¿‡æ»¤çš„æŸä¸ªè¿‡æ»¤å™¨è§„范或清除过滤器列表。</p> + <p>å OCF:0x01</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - æ·»åŠ <br /> + 0x01 - åˆ é™¤<br /> + 0x02 - 清除<br />æ‰§è¡Œåˆ é™¤æ“作会清除特定过滤器以åŠå…¶ä»–表ä¸çš„相关功能æ¡ç›®ã€‚<br /> + 执行清除æ“作会清除所有过滤器以åŠå…¶ä»–表ä¸çš„相关æ¡ç›®ã€‚</td> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> <td>过滤器索引 (0, <code>max_filter-1)</code></td> + </tr> + <tr> + <td><code>APCF_Feature_Selection</code></td> + <td>2 个八ä½å—节</td> + <td>所选功能的ä½æŽ©ç :<br /> + ä½ 0:设为å¯ç”¨å¹¿æ’地å€è¿‡æ»¤å™¨<br /> + ä½ 1:设为å¯ç”¨æœåŠ¡æ•°æ®æ›´æ”¹è¿‡æ»¤å™¨<br /> + ä½ 2:设为å¯ç”¨æœåŠ¡ UUID 检查<br /> + ä½ 3:设为å¯ç”¨æœåŠ¡è¯·æ±‚ UUID 检查<br /> + ä½ 4:设为å¯ç”¨æœ¬åœ°å称检查<br /> + ä½ 5:设为å¯ç”¨åˆ¶é€ 商数æ®æ£€æŸ¥<br /> + ä½ 6:设为å¯ç”¨æœåŠ¡æ•°æ®æ£€æŸ¥</td> + </tr> + <tr> + <td><code>APCF_List_Logic_Type</code></td> + <td>2 个八ä½å—节</td> + <td>针对 <code>APCF_Feature_Selection.</code> ä¸æŒ‡å®šçš„æ¯ä¸ªåŠŸèƒ½é€‰é¡¹ï¼ˆæŒ‰ä½ä½ç½®ï¼‰çš„逻辑æ“作<br /> + 仅在å¯ç”¨åŠŸèƒ½æ—¶æœ‰æ•ˆã€‚<br /> + ä½ä½ç½®å€¼ï¼š<br /> + 0:OR<br /> + 1:AND<br /> + 如果选择“ANDâ€é€»è¾‘,则广告包仅在其包å«åˆ—表ä¸çš„所有æ¡ç›®æ—¶ä¼ 递过滤器。<br /> + 如果选择“ORâ€é€»è¾‘,则广告包åªè¦åŒ…å«åˆ—表ä¸çš„任何æ¡ç›®ï¼Œå°±ä¼šä¼ 递过滤器。</td> + </tr> + <tr> + <td><code>APCF_Filter_Logic_Type</code></td> + <td>1 个八ä½å—节</td> + <td>0x00:OR<br /> + 0x01:AND<br /> + 注æ„:<code>APCF_Feature_Selection,</code> çš„å‰ä¸‰ä¸ªå—段的类型为“ä¸é€‚用â€ï¼Œè¿™å§‹ç»ˆæ˜¯â€œANDâ€é€»è¾‘。它们仅适用于 <code>APCF_Feature_Selection.</code> 的四个å—æ®µï¼ˆä½ 3 ä½ 6)</td> + </tr> + <tr> + <td><code>rssi_high_thresh</code></td> + <td>1 个八ä½å—节</td> + <td>[以 dBm 为å•ä½] åªæœ‰è¯¥ä¿¡å·é«˜äºŽ RSSI 高阈值时,广告主æ‰ä¼šè¢«è§†ä¸ºå¯è§ã€‚å¦åˆ™ï¼Œå›ºä»¶å¿…须表现得就åƒä»Žæœªè§è¿‡ä¸€æ ·ã€‚</td> + </tr> + <tr> + <td><code>delivery_mode</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - <code>immediate</code><br /> + 0x01 - <code>on_found</code><br /> + 0x02 - <code>batched</code></td> + </tr> + <tr> + <td><code>onfound_timeout</code></td> + <td>2 个八ä½å—节</td> + <td>仅当 <code>delivery_mode </code> 为 <code>on_found</code> 时有效<br /> + [以毫秒为å•ä½]<br /> + 固件在报告之å‰åœç•™å’Œæ”¶é›†å…¶ä»–广告所用的时间。</td> + </tr> + <tr> + <td><code>onfound_timeout_cnt</code></td> + <td>1 个八ä½å—节</td> + <td>仅当 <code>delivery_mode</code> 为 <code>on_found</code> 时有效<br /> + [计数]<br /> + 如果 <code>onFound</code> ä¸çš„广告在 <code>onfound_timeout </code>期间åœç•™åœ¨å›ºä»¶ä¸ï¼Œåˆ™ä¼šæ”¶é›†ä¸€äº›å¹¿å‘Šå¹¶æ£€æŸ¥è®¡æ•°ã€‚ + 如果计数超过 <code>onfound_timeout_cnt</code>,之åŽä¼šç«‹å³æŠ¥å‘Šä¸º <code>OnFound</code>。</td> + </tr> + <tr> + <td><code>rssi_low_thresh</code></td> + <td>1 个八ä½å—节</td> <td>仅当 <code>delivery_mode</code> 为 <code>on_found</code> 时有效 [以 dBm 为å•ä½]。<br /> + 如果已接收包的 RSSI 低于 RSSI 低阈值,则视为未看到该广告主包。</td> + </tr> + <tr> + <td><code>onlost_timeout</code></td> + <td>2 个八ä½å—节</td> + <td>仅当 <code>delivery_mode</code> 为 <code>on_found</code> 时有效<br /> + [以毫秒为å•ä½]<br /> + 如果系统在å‘现æŸä¸ªå¹¿å‘ŠåŽï¼Œåœ¨ <code>lost_timeout </code> 期间未连ç»çœ‹åˆ°è¯¥å¹¿å‘Šï¼Œåˆ™ä¼šå°†å…¶æŠ¥å‘Šä¸ºå·²ä¸¢å¤±ã€‚报告已丢失情况是å³æ—¶è¿›è¡Œçš„。</td> + </tr> + <tr> + <td><code>num_of_tracking_entries</code></td> + <td>2 个八ä½å—节</td> + <td>仅当 <code>delivery_mode</code> 为 <code>on_found</code> 时有效<br /> [计数]<br /> + æ ¹æ®è¿‡æ»¤å™¨è·Ÿè¸ªçš„广告主的总数。</td> + </tr> + </tbody></table> + + <p>RSSI 值必须使用二进制补ç æ¥è¡¨ç¤ºè´Ÿå€¼ã€‚</p> + + <p>主机应该能够é…置多个 <code>APCF_Application_Address_type</code> 设置为 0x02 的过滤器(适用于所有广æ’地å€ï¼‰ï¼Œä»¥ç®¡ç†å„ç§è¿‡æ»¤å™¨ç»„åˆã€‚</p> + + <p>过滤ã€æ‰¹å¤„ç†å’ŒæŠ¥å‘Šæ˜¯ç›¸äº’å…³è”的概念。 + æ¯ä¸ªå¹¿å‘ŠåŠç›¸å…³æ‰«æå“应都必须é€ä¸ªé€šè¿‡æ‰€æœ‰è¿‡æ»¤å™¨ã€‚å› æ¤ï¼Œç”Ÿæˆçš„æ“作 (<code>delivery_mode)</code>) 与过滤紧密关è”。 + ä¼ é€æ¨¡å¼å¦‚下所示:<code>report_immediately,</code>ã€<code>batch</code> å’Œ <code>onFound.</code> <code>OnLost</code> 值与 <code>OnFound</code> 相关,从æŸç§æ„义上说,该值丢失åŽï¼Œä¼šç´§è·Ÿ <code>OnFound</code>。</p> + + <p>下é¢çš„处ç†æµç¨‹ä»‹ç»äº†æ¦‚念模å¼ã€‚ + </p> + <img src="images/bt_filter_batch_report.png"/> + <p>收到广告(或扫æå“应)帧时,该帧会按åºåˆ—顺åºåº”用到所有过滤器。广告å¯èƒ½å¯¼è‡´ç³»ç»Ÿæ ¹æ®ä¸€ä¸ªè¿‡æ»¤å™¨ç«‹å³è¿›è¡ŒæŠ¥å‘Šå¹¶å› 其他过滤器æ“作立å³è¿›è¡Œæ‰¹å¤„ç†ã€‚</p> + + <p>RSSI 级别阈值(高和低)能够控制帧何时å¯è§ä»¥è¿›è¡Œè¿‡æ»¤å™¨å¤„ç†ï¼Œå³ä½¿æŽ§åˆ¶å™¨æ”¶åˆ°æœ‰æ•ˆçš„包也是如æ¤ã€‚åœ¨ä¼ é€æ¨¡å¼è®¾ç½®ä¸ºâ€œç«‹å³â€æˆ–“批处ç†â€æ—¶ï¼Œç³»ç»Ÿä¼šè€ƒè™‘æŸä¸ªå¸§çš„ RSSI,以进一æ¥è¿›è¡ŒæŽ§åˆ¶å™¨å¤„ç†ã€‚ä¸åŒçš„应用需è¦ä¸åŒçš„报告和批处ç†è¡Œä¸ºã€‚è¿™æ ·ä¸€æ¥ï¼Œå¤šä¸ªåº”用能够有直接报告和/或固件ä¸çš„批处ç†ç»“果。例如,一个应用已å¯ç”¨æ‰¹é‡æ‰«æ,之åŽå¦ä¸€ä¸ªåº”用å‘起常规 LE 扫æ。在å‘起批é‡æ‰«æ之å‰ï¼Œæ¡†æž¶/应用会设置相应的过滤器。之åŽï¼Œå½“第二个应用å‘起常规扫æ时,之å‰çš„批处ç†æ“作将继ç»ã€‚ + ä¸è¿‡ï¼Œç”±äºŽå¸¸è§„扫æï¼Œå› æ¤è¿™ç±»ä¼¼äºŽä»Žæ¦‚å¿µä¸Šæ·»åŠ ç©ºè¿‡æ»¤å™¨ï¼ˆä»¥åŠæ‰€æœ‰çŽ°æœ‰è¿‡æ»¤å™¨ï¼‰å’Œ LE 扫æ命令。处于活动状æ€æ—¶ï¼ŒLE 扫æ命令å‚数的优先级更高。åœç”¨å¸¸è§„ LE 扫æ时,控制器将还原到之å‰çš„批é‡æ‰«æ(如果å˜åœ¨ï¼‰ã€‚ + </p> + <p><code>OnFound</code> ä¼ é€æ¨¡å¼å–决于é…置的过滤器。触å‘过滤器æ“作æˆåŠŸçš„组åˆè¢«è®¤ä¸ºæ˜¯è·Ÿè¸ª <code>onLost</code> 的实体。相应的事件是 LE 广告跟踪å事件。</p> + <p>过滤器的 <code>OnFound/OnLost</code> 转æ¢ï¼ˆå¦‚æžœå¯ç”¨ï¼‰å°†å¦‚下所示:</p> + <img src="images/bt_onfound_onlost.png"/> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x02 - APCF 设置过滤å‚æ•°</td> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>回声返回命令的 <code>APCF_Action</code></td> + </tr> + <tr> + <td><code>APCF_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器表ä¸çš„å¯ç”¨æ¡ç›®æ•°</td> + </tr> + </tbody></table> + + <h4 id="le_apcf_command-broadcast_address_sub_cmd">LE_APCF_Command:broadcast_address_sub_cmd</h4> + <p>该åå‘½ä»¤ç”¨äºŽæ·»åŠ æˆ–åˆ é™¤èŠ¯ç‰‡è¿‡æ»¤çš„æŸä¸ªå¹¿å‘Šä¸»åœ°å€æˆ–清除广告主地å€åˆ—表。</p> + <p>å OCF:0x02</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - æ·»åŠ <br /> + 0x01 - åˆ é™¤<br /> + 0x02 - 清除<br /> + æ‰§è¡Œåˆ é™¤æ“ä½œä¼šåˆ é™¤æŒ‡å®šè¿‡æ»¤å™¨ä¸çš„指定广æ’地å€ã€‚<br /> + 执行清除æ“作会清除指定过滤器ä¸çš„所有广æ’地å€ã€‚</td> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器索引 (0, <code>max_filter-1)</code></td> + </tr> + <tr> + <td><code>APCF_Broadcaster_Address</code></td> + <td>6 个八ä½å—节</td> + <td>è¦æ·»åŠ 到广æ’地å€åˆ—表或从ä¸åˆ 除的 6 å—节设备地å€</td> + </tr> + <tr> + <td><code>APCF_Application_Address_type</code></td> + <td>1 个八ä½å—节</td> + <td>0x00:公开<br /> + 0x01:éšæœº<br /> + 0x02:ä¸é€‚用(地å€ç±»åž‹ä¸é€‚用)</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x02 - APCF 广æ’地å€</td> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>回声返回命令的 <code>APCF_Action</code></td> + </tr> + <tr> + <td><code>APCF_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>广æ’地å€è¡¨ä¸ä»å¯ç”¨çš„空闲æ¡ç›®æ•°</td> + </tr> + </tbody></table> + + <h4 id="le_apcf_command-service_uuid_sub_cmd">LE_APCF_Command:service_uuid_sub_cmd</h4> + <p>该åå‘½ä»¤ç”¨äºŽæ·»åŠ æˆ–åˆ é™¤èŠ¯ç‰‡è¿‡æ»¤çš„æŸä¸ªæœåŠ¡ UUID 或清除æœåŠ¡ UUID 列表。</p> + <p>å OCF:0x03</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - æ·»åŠ <br /> + 0x01 - åˆ é™¤<br /> + 0x02 - 清除<br /> + æ‰§è¡Œåˆ é™¤æ“ä½œä¼šåˆ é™¤æŒ‡å®šè¿‡æ»¤å™¨ä¸çš„指定æœåŠ¡ UUID。<br /> + 执行清除æ“作会清除指定过滤器ä¸çš„所有æœåŠ¡ UUID。</td> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器索引 (0, <code>max_filter</code>-1)</td> + </tr> + <tr> + <td><code>APCF_UUID</code></td> + <td>2 个ã€4 个ã€16 个八ä½å—节</td> + <td>è¦æ·»åŠ 到列表或从ä¸åˆ 除的æœåŠ¡ UUID(16 ä½ã€32 ä½æˆ– 128 ä½ï¼‰ã€‚</td> + </tr> + <tr> + <td><code>APCF_UUID_MASK</code></td> + <td>2 个ã€4 个ã€16 个八ä½å—节</td> + <td>è¦æ·»åŠ 到列表ä¸çš„æœåŠ¡ UUID 掩ç (16 ä½ã€32 ä½æˆ– 128 ä½ï¼‰ã€‚其长度应与 <code>APCF_UUID.</code> 相åŒã€‚</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x03 - APCF æœåŠ¡ UUID</td> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>回声返回命令的 <code>APCF_Action</code></td> + </tr> + <tr> + <td><code>APCF_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>æœåŠ¡ UUID 表ä¸ä»å¯ç”¨çš„空闲æ¡ç›®æ•°</td> + </tr> + </tbody></table> + + <h4 id="le_apcf_command-solicitation_uuid_sub_cmd">LE_APCF_Command:solicitation_uuid_sub_cmd</h4> + <p>该åå‘½ä»¤ç”¨äºŽæ·»åŠ æˆ–åˆ é™¤èŠ¯ç‰‡è¿‡æ»¤çš„æŸä¸ªè¯·æ±‚ UUID 或清除请求 UUID 列表。</p> + <p>å OCF:0x04</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - æ·»åŠ <br /> + 0x01 - åˆ é™¤<br /> + 0x02 - 清除<br /> + æ‰§è¡Œåˆ é™¤æ“ä½œä¼šåˆ é™¤æŒ‡å®šè¿‡æ»¤å™¨ä¸çš„请求 UUID 地å€ã€‚<br /> + 执行清除æ“作会清除指定过滤器ä¸çš„所有请求 UUID。</td> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器索引 (0, <code>max_filter</code>-1)</td> + </tr> + <tr> + <td><code>APCF_UUID</code></td> + <td>2 个ã€4 个ã€16 个八ä½å—节</td> + <td>è¦æ·»åŠ 到列表或从ä¸åˆ 除的请求 UUID(16 ä½ã€32 ä½æˆ– 128 ä½ï¼‰ã€‚</td> + </tr> + <tr> + <td><code>APCF_UUID_MASK</code></td> + <td>2 个ã€4 个ã€16 个八ä½å—节</td> + <td>è¦æ·»åŠ 到列表ä¸çš„请求 UUID 掩ç (16 ä½ã€32 ä½æˆ– 128 ä½ï¼‰ã€‚其长度应与 <code>APCF_UUID.</code> 相åŒã€‚</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x04 - APCF 请求 UUID</td> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>回声返回命令的 <code>APCF_Action</code></td> + </tr> + <tr> + <td><code>APCF_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>请求 UUID 表ä¸ä»å¯ç”¨çš„空闲æ¡ç›®æ•°</td> + </tr> + </tbody></table> + + <h4 id="le_apcf_command-local_name_sub_cmd">LE_APCF_Command:local_name_sub_cmd</h4> + <p>该åå‘½ä»¤ç”¨äºŽæ·»åŠ æˆ–åˆ é™¤èŠ¯ç‰‡è¿‡æ»¤çš„æŸä¸ªæœ¬åœ°å称å—符串或清除本地å称å—符串列表。</p> + <p>å OCF:0x05</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - æ·»åŠ <br /> + 0x01 - åˆ é™¤<br /> + 0x02 - 清除<br /> + æ‰§è¡Œåˆ é™¤æ“ä½œä¼šåˆ é™¤æŒ‡å®šè¿‡æ»¤å™¨ä¸çš„指定本地å称å—符串。<br /> + 执行清除æ“作会清除指定过滤器ä¸çš„所有本地å称å—符串。</td> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器索引 (0, <code>max_filter</code>-1)</td> + </tr> + <tr> + <td><code>APCF_LocName_Mandata_or_SerData</code></td> + <td>大å°å¯å˜</td> + <td>本地å称å—符串。<br /> + <br /> + 注æ„:<br /> + i) ç›®å‰æœ¬åœ°å称å—符串ä¸çš„å—符数上é™ä¸º 29<br /> + ii) 执行“清除â€æ“作时ä¸é€‚用 (0x2)</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x05 - APCF 本地å称</td> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>回声返回命令的 <code>APCF_Action</code></td> + </tr> + <tr> + <td><code>APCF_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>本地å称表ä¸ä»å¯ç”¨çš„空闲æ¡ç›®æ•°</td> + </tr> + </tbody></table> + + <h4 id="le_apcf_command-manf_data_sub_cmd">LE_APCF_Command:manf_data_sub_cmd</h4> + <p>该åå‘½ä»¤ç”¨äºŽæ·»åŠ æˆ–åˆ é™¤èŠ¯ç‰‡è¿‡æ»¤çš„æŸä¸ªåˆ¶é€ 商数æ®å—ç¬¦ä¸²æˆ–æ¸…é™¤åˆ¶é€ å•†æ•°æ®å—符串列表。</p> + <p>å OCF:0x06</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - æ·»åŠ <br /> + 0x01 - åˆ é™¤<br /> + 0x02 - 清除<br /> + æ‰§è¡Œåˆ é™¤æ“ä½œä¼šåˆ é™¤æŒ‡å®šè¿‡æ»¤å™¨ä¸çš„æŒ‡å®šåˆ¶é€ å•†æ•°æ®å—符串。<br /> + 执行清除æ“作会清除指定过滤器ä¸çš„æ‰€æœ‰åˆ¶é€ å•†æ•°æ®å—符串。</td> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器索引 (0, <code>max_filter</code>-1)</td> + </tr> + <tr> + <td><code>APCF_LocName_Mandata_or_SerData</code></td> + <td>大å°å¯å˜</td> + <td>åˆ¶é€ å•†æ•°æ®å—符串。<br /> + <br /> + 注æ„:<br /> + i) ç›®å‰æœ¬åœ°å称å—符串ä¸çš„å—符数上é™ä¸º 29<br /> + ii) 执行“清除â€æ“作时ä¸é€‚用 (0x2)</td> + </tr> + <tr> + <td><code>APCF_ManData_Mask</code></td> + <td>大å°å¯å˜</td> + <td>è¦æ·»åŠ 到列表ä¸çš„åˆ¶é€ å•†æ•°æ®æŽ©ç 。其长度应与 <code>APCF_LocName_or_ManData_or_SerData</code> 相åŒã€‚</td> + </tr> + </tbody></table> + + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x06 - APCF åˆ¶é€ å•†æ•°æ®</td> + </tr> + <tr> + <td><code>APCF_Action</code></td> <td>1 个八ä½å—节</td> + <td>回声返回命令的 <code>APCF_Action</code></td> + </tr> + <tr> + <td><code>APCF_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>åˆ¶é€ å•†æ•°æ®è¡¨ä¸ä»å¯ç”¨çš„空闲æ¡ç›®æ•°ã€‚</td> + </tr> + </tbody></table> + + <h4 id="le_apcf_command-service_data_sub_cmd">LE_APCF_Command:service_data_sub_cmd</h4> + <p>该åå‘½ä»¤ç”¨äºŽæ·»åŠ æˆ–åˆ é™¤èŠ¯ç‰‡è¿‡æ»¤çš„æŸä¸ªæœåŠ¡æ•°æ®å—符串或清除æœåŠ¡æ•°æ®å—符串列表。</p> + <p>å OCF:0x07</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - æ·»åŠ <br /> + 0x01 - åˆ é™¤<br /> + 0x02 - 清除<br /> + æ‰§è¡Œåˆ é™¤æ“ä½œä¼šåˆ é™¤æŒ‡å®šè¿‡æ»¤å™¨ä¸çš„指定æœåŠ¡æ•°æ®å—符串。<br /> + 执行清除æ“作会清除指定过滤器ä¸çš„所有æœåŠ¡æ•°æ®å—符串。</td> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器索引 (0, <code>max_filter</code>-1)</td> + </tr> + <tr> + <td><code>APCF_LocName_Mandata_or_SerData</code></td> + <td>大å°å¯å˜</td> + <td>æœåŠ¡æ•°æ®å—符串。<br /> + <br /> + 注æ„:<br /> + i) ç›®å‰æœ¬åœ°å称å—符串ä¸çš„å—符数上é™ä¸º 29<br /> + ii) 执行“清除â€æ“作时ä¸é€‚用 (0x2)</td> + </tr> + <tr> + <td><code>APCF_LocName_Mandata_or_SerData_Mask</code></td> + <td>大å°å¯å˜</td> + <td>è¦æ·»åŠ 到列表ä¸çš„æœåŠ¡æ•°æ®æŽ©ç 。其长度应与 <code>APCF_LocName_or_ManData_or_SerData.</code> 相åŒã€‚</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>APCF_opcode</code></td> + <td>1 个八ä½å—节</td> + <td>0x07 - APCF æœåŠ¡æ•°æ®</td> + </tr> + <tr> + <td><code>APCF_Action</code></td> + <td>1 个八ä½å—节</td> + <td>回声返回命令的 <code>APCF_Action</code></td> + </tr> + <tr> + <td><code>APCF_AvailableSpaces</code></td> + <td>1 个八ä½å—节</td> + <td>æœåŠ¡æ•°æ®è¡¨ä¸ä»å¯ç”¨çš„空闲æ¡ç›®æ•°ã€‚</td> + </tr> + </tbody></table> + + <h2 id="controller-activity-and-energy-information-command">控制器活动和功耗信æ¯å‘½ä»¤</h2> + <p>这些信æ¯çš„目的是æ高主机系统功能,以分æžæ‰€æœ‰ç»„件的总活动,包括 BT 控制器åŠå…¶å®çŠ¶æ€ï¼Œä»¥åŠåº”用和框架ä¸æ‰€å‘生的情况。为æ¤ï¼ŒBT å †æ ˆå’ŒæŽ§åˆ¶å™¨éœ€è¦æ供以下信æ¯ï¼š</p> + <ul> + <li>BT å †æ ˆï¼šæŠ¥å‘Šè¯¥æŽ§åˆ¶å™¨å½“å‰çš„å®æ“作状æ€</li> + <li>固件:报告总活动和功耗信æ¯</li> + </ul> + <p>BT ä¸»æœºå †æ ˆå®çŠ¶æ€ï¼Œå…·ä½“在用户级确定:</p> + <ul> + <li>闲置:[page scan, LE advt, inquiry scan]</li> + <li>扫æ:[paging/inquiry/trying to connect]</li> + <li>活动:[ACL link on, SCO link ongoing, sniff mode]</li> + </ul> + <p>控制器在其生命周期跟踪的活动包括 Tx 时间ã€Rx 时间ã€é—²ç½®æ—¶é—´ï¼Œä»¥åŠæ¶ˆè€—的总功率。从主机读å–这些信æ¯æ—¶ï¼Œç³»ç»Ÿä¼šå°†å…¶æ¸…除。</p> + <p>特定于供应商的命令:<code>LE_Get_Controller_Activity_Energy_Info</code> </p> + <p>OCF:0x159</p> + <table> + <tbody><tr> + <th>å命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td></td> + <td>ä¸é€‚用</td> + <td>空命令å‚æ•°</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + <tr> + <td><code>total_tx_time_ms</code></td> + <td>4 个八ä½å—节</td> + <td>执行 Tx 所需的总时间</td> + </tr> + <tr> + <td><code>total_rx_time_ms</code></td> + <td>4 个八ä½å—节</td> + <td>执行 Rx 所需的总时间</td> + </tr> + <tr> + <td><code>total_idle_time_ms</code></td> + <td>4 个八ä½å—节</td> + <td>总闲置时间(éžä¼‘çœ ä½ŽåŠŸè€—çŠ¶æ€ï¼‰</td> + </tr> + <tr> + <td><code>total_energy_used</code></td> + <td>4 个八ä½å—节</td> + <td>使用的总功率 [ç”µæµ (mA)ã€ç”µåŽ‹ (V) 和时间(毫秒)的乘积]</td> + </tr> + </tbody></table> + + <h2 id="le-extended-set-scan-parameters-command">LE 扩展设置扫æå‚数命令</h2> + <p>该命令å¯ç”¨äºŽåœ¨æŽ§åˆ¶å™¨ä¸å»¶é•¿æ‰«ææ—¶æ®µå’Œé—´éš”ã€‚æ ¹æ® BT 4.1 æ ¸å¿ƒè§„èŒƒï¼Œæ‰«æ时段和间隔的上é™ä¸º 10.24 秒,而这会é™åˆ¶æ‰«æ间隔超过 10.24 秒的应用。</p> + <p>基础å‚考:BT 4.1 æ ¸å¿ƒè§„èŒƒï¼Œç¬¬ 973 页(LE 设置扫æå‚数命令)</p> + <p>OCF:0x15A</p> + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>LE_Ex_Scan_Type</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - 被动扫æ。ä¸åº”å‘é€ <code>SCAN_REQ </code>包(默认)。<br /> + 0x01 - 主动扫æ。 + å¯ä»¥å‘é€ <code>SCAN_REQ</code> 包。</td> + </tr> + <tr> + <td><code>LE_Ex_Scan_Interval</code></td> + <td>4 个八ä½å—节</td> + <td>指的是从控制器开始其最åŽä¸€æ¬¡ LE 扫æ到开始åŽç» LE 扫æ的时间间隔。<br /> + 范围:0x0004 到 0x00FFFFFF<br /> + 默认值:0x0010(10 毫秒)<br /> + 时间 = N * 0.625 毫秒<br /> + 时间范围:2.5 毫秒到 10442.25 秒</td> + </tr> + <tr> + <td><code>LE_Ex_Scan_Window</code></td> + <td>4 个八ä½å—节</td> + <td>LE 扫ææŒç»çš„时间。<code>LE_Scan_Window</code> 应å°äºŽæˆ–ç‰äºŽ <code>LE_Scan_Interval</code>。<br /> + 范围:0x0004 到 0xFFFF<br /> + 默认值:0x0010(10 毫秒)<br /> + 时间 = N * 0.625 毫秒<br /> + 时间范围:2.5 毫秒到 40.95 秒</td> + </tr> + <tr> + <td><code>Own_Address_Type</code></td> + <td>1 个八ä½å—节</td> + <td>0x00 - 公共设备地å€ï¼ˆé»˜è®¤ï¼‰<br /> + 0x01 - éšæœºè®¾å¤‡åœ°å€</td> + </tr> + <tr> + <td><code>LE_Ex_Scan_Filter_Policy</code></td> + <td></td> + <td>0x00 - 接å—所有广告包(默认)。 + 应该忽略未针对æ¤è®¾å¤‡å¤„ç†çš„已定ä½å¹¿å‘ŠåŒ…。<br /> + 0x01 - 忽略设备ä¸æœªåœ¨ä»…é™ç™½åå•åˆ—表ä¸çš„广告包。<br /> + 应该忽略未针对æ¤è®¾å¤‡å¤„ç†çš„已定ä½å¹¿å‘ŠåŒ…。</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Status</code></td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + </tbody></table> + + <h2 id="get-controller-debug-info-command">获å–控制器调试信æ¯å‘½ä»¤</h2> + <p>该信æ¯å…ƒç´ 的目的是以二进制的形å¼é€šè¿‡ä¸»æœºèŽ·å–控制器调试信æ¯ï¼Œä»¥è¿›è¡ŒåŽå¤„ç†å’Œåˆ†æžã€‚这有助于调试现场问题,并为工程师æ供工具包æ¥è®°å½•ä¿¡æ¯ä»¥è¿›è¡Œåˆ†æžã€‚控制器å¯ä»¥åœ¨ä¸»æœºé€šè¿‡äº‹ä»¶ï¼ˆæŽ§åˆ¶å™¨è°ƒè¯•ä¿¡æ¯å事件)请求时æ供信æ¯ï¼Œä¹Ÿå¯ä»¥åœ¨æŽ§åˆ¶å™¨éœ€è¦æ—¶è‡ªä¸»æ供信æ¯ã€‚例如,报告固件状æ€ä¿¡æ¯ã€å´©æºƒè½¬å‚¨ä¿¡æ¯ã€è®°å½•ä¿¡æ¯ç‰ã€‚</p> + <p>OCF:0x15B</p> + <table> + <tbody><tr> + <th>命令å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td></td> + <td>ä¸é€‚用</td> + <td>空命令å‚数列表</td> + </tr> + </tbody></table> + <p>系统将针对æ¤å‘½ä»¤ç”Ÿæˆä¸€ä¸ªå‘½ä»¤å®Œæˆäº‹ä»¶ã€‚</p> + <table> + <tbody><tr> + <th>返回å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td>状æ€</td> + <td>1 个八ä½å—节</td> + <td>命令完æˆçŠ¶æ€</td> + </tr> + </tbody></table> + <h2 id="hci-event-vendor-specific">HCI 事件(特定于供应商)</h2> + <p>在æŸäº›æƒ…况下,需è¦ç‰¹å®šäºŽä¾›åº”商的 HCI 事件。请å‚考 BT 4.1 æ ¸å¿ƒè§„èŒƒç¬¬ 486 页的图 5.4。事件å‚æ•° 0 将始终包å«ç¬¬ä¸€ä¸ªå事件代ç ,系统æ®æ¤å¯¹ HCI 事件的其余部分进行解ç 。</p> + <table> + <tbody><tr> + <th>事件å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>HCI_vendor_specific_event_code</code></td> + <td>1 个八ä½å—节</td> + <td>0xFF</td> + </tr> + <tr> + <td><code>sub_event_code</code></td> + <td>1 个八ä½å—节</td> + <td>å事件代ç 的大å°ä¸º 1 个八ä½å—节,该å—节紧跟在 HCI 事件包ä¸çš„å‚数长度åŽã€‚</td> + </tr> + </tbody></table> + + <h3 id="storage-threshold-breach-subevent">å˜å‚¨é˜ˆå€¼è¿è§„å事件</h3> + <p>æ¤äº‹ä»¶è¡¨ç¤ºè¶…出了å˜å‚¨é˜ˆå€¼ã€‚ + </p> + <p>å事件代ç = 0x54</p> + <table> + <tbody><tr> + <th>å事件å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td>æ— </td> + <td></td> + <td></td> + </tr> </tbody></table> + + <h3 id="le-multi-advertising-state-change-subevent">LE 多广告状æ€æ›´æ”¹å事件</h3> + + <p>æ¤äº‹ä»¶è¡¨ç¤ºå¹¿å‘Šå®žä¾‹å·²æ›´æ”¹å…¶çŠ¶æ€ã€‚ç›®å‰ï¼Œè¯¥äº‹ä»¶ä»…ç”¨äºŽè¡¨ç¤ºå› è¿žæŽ¥è€Œåœæ¢çš„广告实例。</p> + <p>å事件代ç = 0x55</p> + <table> + <tbody><tr> + <th>å事件å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>Advertising_instance</code></td> + <td>1 个八ä½å—节</td> + <td>æ ‡è¯†ç‰¹å®šå¹¿å‘Šå®žä¾‹ã€‚<br /> + 有效值为 0 到 <code>max_advt_instances</code> -1</td> + </tr> + <tr> + <td><code>State_Change_Reason</code></td> + <td>1 个八ä½å—节</td> + <td>0x00:收到的连接</td> + </tr> + <tr> + <td><code>Connection_handle</code></td> + <td>2 个八ä½å—节</td> + <td>æ ‡è¯†å¯¼è‡´ <code>advt</code> 实例被åœç”¨çš„è¿žæŽ¥ï¼ˆå¦‚æžœæ— æ•ˆï¼Œåˆ™ä¸º 0xFFFF)</td> + </tr> + </tbody></table> + + <h3 id="le-advertisement-tracking-subevent">LE 广告跟踪å事件</h3> + <p>æ¤äº‹ä»¶è¡¨ç¤ºå¹¿å‘Šä¸»ä½•æ—¶è¢«å‘现或丢失。</p> + <p>å事件代ç = 0x56</p> + <table> + <tbody><tr> + <th>å事件å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>APCF_Filter_Index</code></td> + <td>1 个八ä½å—节</td> + <td>过滤器索引 (0, <code>max_filter-1)</code></td> + </tr> + <tr> + <td><code>Advertiser_State</code></td> + <td>1 个八ä½å—节</td> + <td>0x00:已找到广告主<br /> + 0x01:广告主已丢失</td> + </tr> + <tr> + <td><code>Advt_Info_Present</code></td> + <td>1 个八ä½å—节</td> + <td>0x00:å˜åœ¨å¹¿å‘Šä¸»ä¿¡æ¯ (<code>Advt_Info)</code><br /> + 0x01:ä¸å˜åœ¨å¹¿å‘Šä¸»ä¿¡æ¯ (<code>Advt_Info)</code></td> + </tr> + <tr> + <td><code>Advertiser_Address</code></td> + <td>6 个八ä½å—节</td> + <td>公开地å€æˆ–éšæœºåœ°å€</td> + </tr> + <tr> + <td><code>Advertiser_Address_Type </code></td> + <td>1 个八ä½å—节</td> + <td>0x00:公开地å€<br /> + 0x01:éšæœºåœ°å€</td> + </tr> + <tr> + <td><code>Advt_Info</code></td> + <td></td> + <td><code>Tx_Pwr[0]</code>:1 个八ä½å—节<br /> + <code>RSSI[0]</code>:1 个八ä½å—节<br /> + <code>Timestamp[0]</code>:2 个八ä½å—节<br /> + <code>Adv packet_len[0]</code>:1 个八ä½å—节<br /> + <code>Adv_packet[0]</code>:<code>Adv_packet_len</code> 个八ä½å—节<br /> + <code>Scan_data_resp_len[0]</code>:1 个八ä½å—节<br /> + <code>Scan_data_resp[0]</code>:<code>Scan_data_resp </code>个八ä½å—节</td> + </tr> + </tbody></table> + + <h3 id="controller-debug-info-subevent">控制器调试信æ¯å事件</h3> + <p>控制器使用æ¤äº‹ä»¶æ¥å‘主机æ供二进制文件调试信æ¯ã€‚</p> + <p>å事件代ç = 0x57</p> + <table> + <tbody><tr> + <th>å事件å‚æ•°</th> + <th>大å°</th> + <th>用途</th> + </tr> + <tr> + <td><code>debug_block_byte_offset_start</code></td> + <td>2 个八ä½å—节</td> + <td>从头调试å—å—节å移é‡</td> + </tr> + <tr> + <td><code>last_block</code></td> + <td>1 个八ä½å—节</td> + <td>0x00:å˜åœ¨æ›´å¤šè°ƒè¯•æ•°æ®<br /> + 0x01:最åŽä¸€ä¸ªäºŒè¿›åˆ¶æ–‡ä»¶å—;没有更多调试数æ®</td> + </tr> + <tr> + <td><code>cur_pay_load_sz</code></td> + <td>2 个八ä½å—节</td> + <td>当å‰äº‹ä»¶ä¸çš„二进制文件å—大å°</td> + </tr> + <tr> + <td><code>Debug_Data</code></td> + <td>å˜é‡</td> + <td><code>cur_payload_sz</code> 的调试数æ®</td> + </tr> + </tbody></table> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/devices/camera/camera3_error_stream.html b/zh-cn/devices/camera/camera3_error_stream.html index 4d804031..7dfa739a 100644 --- a/zh-cn/devices/camera/camera3_error_stream.html +++ b/zh-cn/devices/camera/camera3_error_stream.html @@ -21,44 +21,62 @@ --> <h2 id="error-mgmt">错误管ç†</h2> -<p>如果出现严é‡é”™è¯¯ï¼Œåˆ™å…·æœ‰è¿”回值的相机 HAL 设备æ“作函数将全部返回 -ENODEV/NULL。这æ„味ç€è¯¥è®¾å¤‡æ— 法继ç»æ“作,必须由框架进行关é—。一旦æŸç§æ–¹æ³•è¿”回了æ¤é”™è¯¯ï¼Œæˆ–者如果调用 notify() 且返回 ERROR_DEVICE,则åªèƒ½æˆåŠŸè°ƒç”¨ close() 方法。所有其他方法都将返回 -ENODEV/NULL。<br />如果以错误顺åºè°ƒç”¨äº†è®¾å¤‡æ“作,例如如果框架先调用 configure_streams() åŽè°ƒç”¨ initialize(),则该设备将会从调用ä¸è¿”回 -ENOSYS,且ä¸æ‰§è¡Œä»»ä½•æ“作。<br />图片æ‹æ‘„过程ä¸çš„瞬时错误必须通过 notify() 进行报告,如下所述:</p> +<p>如果出现严é‡é”™è¯¯ï¼Œåˆ™å…·æœ‰è¿”回值的相机 HAL 设备æ“作函数将全部返回 <code>-ENODEV + / NULL</code>。这æ„味ç€è¯¥è®¾å¤‡æ— 法继ç»æ“作,必须由框架进行关é—。一旦æŸç§æ–¹æ³•è¿”回了æ¤é”™è¯¯ï¼Œæˆ–者如果调用 <code>notify()</code> 且返回 <code>ERROR_DEVICE</code>,则åªèƒ½æˆåŠŸè°ƒç”¨ <code>close()</code> 方法。所有其他方法都将返回 <code>-ENODEV / NULL</code>。</p> +<p>如果以错误顺åºè°ƒç”¨äº†è®¾å¤‡æ“作,例如如果框架先调用 <code>configure_streams()</code> åŽè°ƒç”¨ <code>initialize()</code>,则该设备将会从调用ä¸è¿”回 <code>-ENOSYS</code>,且ä¸æ‰§è¡Œä»»ä½•æ“作。</p> +<p>图片æ‹æ‘„过程ä¸çš„瞬时错误必须通过 <code>notify()</code> 进行报告,如下所述:</p> <ul> - <li>如果整个æ‹æ‘„过程失败,则必须由 HAL 进行报告,具体方法是调用 notify() 且返回 ERROR_REQUEST。在这ç§æƒ…况下,ä¸èƒ½æŠ¥å‘Šç»“果元数æ®æˆ–输出缓冲区的å•ä¸ªé”™è¯¯ã€‚</li> - <li>å¦‚æžœæ— æ³•ç”Ÿæˆæ‹æ‘„的元数æ®ï¼Œä½†å·²å¡«å……æŸäº›å›¾åƒç¼“冲区,则 HAL 必须调用 notify() 且返回 ERROR_RESULT。</li> - <li>å¦‚æžœæ— æ³•å¡«å……è¾“å‡ºå›¾åƒç¼“冲区,但已生æˆå…ƒæ•°æ®æˆ–已填充其他一些缓冲区,则 HAL 必须为å„个失败的缓冲区调用 notify() 且返回 ERROR_BUFFER。</li> + <li>如果整个æ‹æ‘„过程失败,则必须由 HAL 进行报告,具体方法是调用 <code>notify()</code> 且返回 <code>ERROR_REQUEST</code>。在这ç§æƒ…况下,ä¸èƒ½æŠ¥å‘Šç»“果元数æ®æˆ–输出缓冲区的å•ä¸ªé”™è¯¯ã€‚</li> + <li>å¦‚æžœæ— æ³•ç”Ÿæˆæ‹æ‘„的元数æ®ï¼Œä½†å·²å¡«å……æŸäº›å›¾åƒç¼“冲区,则 HAL 必须调用 <code>notify()</code> 且返回 <code>ERROR_RESULT</code>。</li> + <li>å¦‚æžœæ— æ³•å¡«å……è¾“å‡ºå›¾åƒç¼“冲区,但已生æˆå…ƒæ•°æ®æˆ–已填充其他一些缓冲区,则 HAL 必须为å„个失败的缓冲区调用 <code>notify()</code> 且返回 <code>ERROR_BUFFER</code>。</li> </ul> -<p>在å‘生æ¤ç±»çž¬æ—¶å¤±è´¥çš„情况下,HAL å¿…é¡»ä»ç„¶è°ƒç”¨ process_capture_result 且返回有效的输出 buffer_handle_tã€‚å¦‚æžœæ— æ³•ç”Ÿæˆç»“果元数æ®ï¼Œåˆ™åº”该为 NULLã€‚å¦‚æžœæ— æ³•å¡«å……æŸäº›ç¼“冲区,则其åŒæ¥æ …æ 必须设为错误状æ€ã€‚<br />æ— æ•ˆçš„è¾“å…¥å‚数会导致相应方法返回 -EINVAL。在这ç§æƒ…况下,框架必须表现为如åŒä»Žæœªè¿›è¡Œè¿‡è¯¥è°ƒç”¨ä¸€æ ·ã€‚</p> +<p>在å‘生æ¤ç±»çž¬æ—¶å¤±è´¥çš„情况下,HAL å¿…é¡»ä»ç„¶è°ƒç”¨ <code>process_capture_result</code> 且返回有效的输出 <code>buffer_handle_t</code>ã€‚å¦‚æžœæ— æ³•ç”Ÿæˆç»“果元数æ®ï¼Œåˆ™åº”该为 <code>NULL</code>ã€‚å¦‚æžœæ— æ³•å¡«å……æŸäº›ç¼“冲区,则其åŒæ¥æ …æ 必须设为错误状æ€ã€‚</p> +<p>æ— æ•ˆçš„è¾“å…¥å‚数会导致相应方法返回 <code>-EINVAL</code>。在这ç§æƒ…况下,框架必须表现为如åŒä»Žæœªè¿›è¡Œè¿‡è¯¥è°ƒç”¨ä¸€æ ·ã€‚</p> <h2 id="stream-mgmt">ä¿¡æ¯æµç®¡ç†</h2> <h3 id="configure_streams">configure_streams</h3> -<p>é‡ç½® HAL 相机设备的处ç†ç®¡é“,并设置新的输入和输出信æ¯æµã€‚æ¤è°ƒç”¨å°†ä½¿ç”¨ stream_list ä¸å®šä¹‰çš„ä¿¡æ¯æµæ¥æ›¿æ¢ä»»ä½•çŽ°æœ‰çš„ä¿¡æ¯æµé…置。在使用 process_capture_request() æ交请求之å‰ï¼Œæ¤æ–¹æ³•ä¼šåœ¨ initialize() 之åŽè‡³å°‘被调用一次。<br />stream_list 必须包å«è‡³å°‘一个支æŒè¾“出的信æ¯æµï¼Œä½†ä¸å¾—包å«å¤šä¸ªæ”¯æŒè¾“入的信æ¯æµã€‚<br />stream_list å¯åŒ…å«åŒæ—¶å±žäºŽå½“å‰æœ‰æ•ˆçš„ä¿¡æ¯æµç»„(æºè‡ªå…ˆå‰å¯¹ configure_stream() 的调用)ä¸çš„ä¿¡æ¯æµã€‚æ¤ç±»ä¿¡æ¯æµå·²å…·æœ‰ç”¨æ³•ã€maxbuffer å’Œç§æœ‰æŒ‡é’ˆçš„有效值。如果æ¤ç±»ä¿¡æ¯æµå·²æ³¨å†Œç¼“冲区,则系统ä¸ä¼šé’ˆå¯¹è¿™æ ·çš„ä¿¡æ¯æµå†æ¬¡è°ƒç”¨ register_stream_buffers(),信æ¯æµä¸çš„缓冲区å¯ç«‹å³åˆ—入输入请求ä¸ã€‚<br />HAL 如果需è¦å°†çŽ°æœ‰ä¿¡æ¯æµçš„æµé…置更改为新的é…置,å¯èƒ½ä¼šåœ¨é…置调用期间é‡å†™ç”¨æ³•å’Œ/或 maxbuffer 的值。该框架会检测到æ¤ç±»æ›´æ”¹ï¼Œç„¶åŽé‡æ–°åˆ†é…ä¿¡æ¯æµç¼“冲区,并且在请求ä¸ä½¿ç”¨è¯¥ä¿¡æ¯æµä¸çš„缓冲区之å‰ä¼šå†æ¬¡è°ƒç”¨ register_stream_buffers()。<br />如果 stream_list ä¸ä¸åŒ…å«å½“å‰æœ‰æ•ˆçš„ä¿¡æ¯æµï¼Œåˆ™ HAL å¯ä»¥å®‰å…¨åœ°ç§»é™¤å¯¹è¯¥ä¿¡æ¯æµçš„任何引用。在框架ç¨åŽè°ƒç”¨ configure() 期间也ä¸ä¼šé‡å¤ä½¿ç”¨è¯¥ä¿¡æ¯æµï¼Œå¹¶ä¸”在 configure_streams() 调用返回之åŽï¼Œå®ƒçš„所有 gralloc 缓冲区都将被释放。<br />stream_list 结构归框架所有,在æ¤è°ƒç”¨å®ŒæˆåŽå¯èƒ½å°±æ— 法被访问了。å•ä¸ª camera3streamt 结构的地å€å°†ä»ç„¶å¯ä¾› HAL 访问,直到第一个 configure_stream() 调用结æŸï¼ˆè¯¥è°ƒç”¨çš„ stream_list å‚æ•°ä¸ä¸å†åŒ…å«è¯¥ camera3streamt)。除了在 configure_streams() 调用期间的用法和 maxbuffer çš„æˆå‘˜ä¹‹å¤–,HAL å¯èƒ½ä¸ä¼šæ›´æ”¹ç§æœ‰æŒ‡é’ˆä¹‹å¤–çš„ä¿¡æ¯æµç»“æž„ä¸çš„值。<br />如果是新的信æ¯æµï¼Œåˆ™å…¶ç»“构的用法ã€maxbuffer å’Œç§æœ‰æŒ‡é’ˆå—段都将被设为 0。HAL 设备必须在 configure_streams() 调用返回之å‰è®¾ç½®è¿™äº›å—段。éšåŽï¼Œæ¡†æž¶å’Œå¹³å° gralloc 模å—将使用这些å—段为å„个信æ¯æµåˆ†é… gralloc 缓冲区。<br />框架使用æ¤ç±»æ–°ä¿¡æ¯æµæ¥è°ƒç”¨ register_stream_buffers() 之åŽï¼Œä¿¡æ¯æµçš„缓冲区便å¯ä»¥åˆ—å…¥æ‹æ‘„请求ä¸ã€‚ä¸è¿‡ï¼Œåœ¨æ交请求之å‰ï¼Œå¹¶ä¸è¦æ±‚框架为所有信æ¯æµæ³¨å†Œç¼“å†²åŒºã€‚è¿™æ ·ä¸€æ¥ï¼Œé¢„览信æ¯æµå°±å¯ä»¥å¿«é€Ÿå¯åŠ¨ï¼ˆä¸¾ä¾‹è¯´æ˜Žï¼‰ï¼Œè€Œå…¶ä»–ä¿¡æ¯æµçš„分é…则ç¨åŽæˆ–åŒæ—¶å‘生。</p> +<p>é‡ç½® HAL 相机设备的处ç†ç®¡é“,并设置新的输入和输出信æ¯æµã€‚æ¤è°ƒç”¨å°†ä½¿ç”¨ <code>stream_list</code> ä¸å®šä¹‰çš„ä¿¡æ¯æµæ¥æ›¿æ¢ä»»ä½•çŽ°æœ‰çš„ä¿¡æ¯æµé…置。在使用 <code>process_capture_request()</code> æ交请求之å‰ï¼Œæ¤æ–¹æ³•ä¼šåœ¨ <code>initialize()</code> 之åŽè‡³å°‘被调用一次。</p> +<p><code>stream_list</code> 必须包å«è‡³å°‘一个支æŒè¾“出的信æ¯æµï¼Œä½†ä¸å¾—包å«å¤šä¸ªæ”¯æŒè¾“入的信æ¯æµã€‚ +<code>stream_list</code> å¯åŒ…å«åŒæ—¶å±žäºŽå½“å‰æœ‰æ•ˆçš„ä¿¡æ¯æµç»„(æºè‡ªå…ˆå‰å¯¹ <code>configure_stream()</code> 的调用)ä¸çš„ä¿¡æ¯æµã€‚æ¤ç±»ä¿¡æ¯æµå·²å…·æœ‰ç”¨æ³•ã€maxbuffer å’Œç§æœ‰æŒ‡é’ˆçš„有效值。如果æ¤ç±»ä¿¡æ¯æµå·²æ³¨å†Œç¼“冲区,则系统ä¸ä¼šé’ˆå¯¹è¿™æ ·çš„ä¿¡æ¯æµå†æ¬¡è°ƒç”¨ <code>register_stream_buffers()</code>,信æ¯æµä¸çš„缓冲区å¯ç«‹å³åˆ—入输入请求ä¸ã€‚</p> +<p>HAL 如果需è¦å°†çŽ°æœ‰ä¿¡æ¯æµçš„æµé…置更改为新的é…置,å¯èƒ½ä¼šåœ¨é…置调用期间é‡å†™ç”¨æ³•å’Œ/或 maxbuffer 的值。该框架会检测到æ¤ç±»æ›´æ”¹ï¼Œç„¶åŽé‡æ–°åˆ†é…ä¿¡æ¯æµç¼“冲区,并且在请求ä¸ä½¿ç”¨è¯¥ä¿¡æ¯æµä¸çš„缓冲区之å‰ä¼šå†æ¬¡è°ƒç”¨ <code>register_stream_buffers()</code>。</p> +<p>如果 <code>stream_list</code> ä¸ä¸åŒ…å«å½“å‰æœ‰æ•ˆçš„ä¿¡æ¯æµï¼Œåˆ™ HAL å¯ä»¥å®‰å…¨åœ°ç§»é™¤å¯¹è¯¥ä¿¡æ¯æµçš„任何引用。在框架ç¨åŽè°ƒç”¨ <code>configure()</code> 期间也ä¸ä¼šé‡å¤ä½¿ç”¨è¯¥ä¿¡æ¯æµï¼Œå¹¶ä¸”在 <code>configure_streams()</code> 调用返回之åŽï¼Œå®ƒçš„所有 gralloc 缓冲区都将被释放。</p> +<p><code>stream_list</code> 结构归框架所有,在æ¤è°ƒç”¨å®ŒæˆåŽå¯èƒ½å°±æ— 法被访问了。å•ä¸ª <code>camera3streamt</code> 结构的地å€å°†ä»ç„¶å¯ä¾› HAL 访问,直到第一个 <code>configure_stream()</code> 调用结æŸï¼ˆè¯¥è°ƒç”¨çš„ <code>stream_list</code> å‚æ•°ä¸ä¸å†åŒ…å«è¯¥ <code>camera3streamt</code>)。除了在 <code>configure_streams()</code> 调用期间的用法和 maxbuffer çš„æˆå‘˜ä¹‹å¤–,HAL å¯èƒ½ä¸ä¼šæ›´æ”¹ç§æœ‰æŒ‡é’ˆä¹‹å¤–çš„ä¿¡æ¯æµç»“æž„ä¸çš„值。</p> +<p>如果是新的信æ¯æµï¼Œåˆ™å…¶ç»“构的用法ã€maxbuffer å’Œç§æœ‰æŒ‡é’ˆå—段都将被设为 0。HAL 设备必须在 <code>configure_streams()</code> 调用返回之å‰è®¾ç½®è¿™äº›å—段。éšåŽï¼Œæ¡†æž¶å’Œå¹³å° gralloc 模å—将使用这些å—段为å„个信æ¯æµåˆ†é… gralloc 缓冲区。</p> +<p>框架使用æ¤ç±»æ–°ä¿¡æ¯æµæ¥è°ƒç”¨ <code>register_stream_buffers()</code> 之åŽï¼Œä¿¡æ¯æµçš„缓冲区便å¯ä»¥åˆ—å…¥æ‹æ‘„请求ä¸ã€‚ä¸è¿‡ï¼Œåœ¨æ交请求之å‰ï¼Œå¹¶ä¸è¦æ±‚框架为所有信æ¯æµæ³¨å†Œç¼“å†²åŒºã€‚è¿™æ ·ä¸€æ¥ï¼Œé¢„览信æ¯æµå°±å¯ä»¥å¿«é€Ÿå¯åŠ¨ï¼ˆä¸¾ä¾‹è¯´æ˜Žï¼‰ï¼Œè€Œå…¶ä»–ä¿¡æ¯æµçš„分é…则ç¨åŽæˆ–åŒæ—¶å‘生。</p> <h4><strong>å‰ææ¡ä»¶</strong></h4> -<p>仅当没有æ£åœ¨å¤„ç†çš„æ‹æ‘„时,框架æ‰ä¼šè°ƒç”¨æ¤æ–¹æ³•ã€‚也就是说,所有结果已返回到框架,所有进行ä¸çš„输入和输出缓冲区已返回,且其释放åŒæ¥æ …æ 已收到 HAL å‘出的信å·ã€‚在 configure_streams() 调用过程ä¸ï¼Œæ¡†æž¶ä¸ä¼šæ交新的æ‹æ‘„请求。</p> +<p>仅当没有æ£åœ¨å¤„ç†çš„æ‹æ‘„时,框架æ‰ä¼šè°ƒç”¨æ¤æ–¹æ³•ã€‚ +也就是说,所有结果已返回到框架,所有进行ä¸çš„输入和输出缓冲区已返回,且其释放åŒæ¥æ …æ 已收到 HAL å‘出的信å·ã€‚在 <code>configure_streams()</code> 调用过程ä¸ï¼Œæ¡†æž¶ä¸ä¼šæ交新的æ‹æ‘„请求。</p> <h4><strong>åŽç½®æ¡ä»¶</strong></h4> <p>如相机设备的é™æ€å…ƒæ•°æ®ä¸æ‰€è¿°ï¼ŒHAL 设备必须自行é…ç½®ï¼Œä»Žè€Œæ ¹æ®ç»™å®šçš„输出信æ¯æµå¤§å°å’Œæ ¼å¼æ供尽å¯èƒ½é«˜çš„输出帧速率。</p> <h4><strong>效果预期</strong></h4> <p>æ¤è°ƒç”¨é¢„计为é‡åž‹è°ƒç”¨ï¼Œç”±äºŽå¯èƒ½éœ€è¦é‡ç½®å’Œé‡æ–°é…ç½®å›¾ç‰‡ä¼ æ„Ÿå™¨å’Œç›¸æœºå¤„ç†ç®¡é“ï¼Œå› æ¤å¯èƒ½éœ€è¦å‡ 百毫秒æ‰èƒ½å®Œæˆã€‚ä¸è¿‡ï¼ŒHAL 设备应尽é‡é¿å…é‡æ–°é…置延迟,以尽å¯èƒ½é¿å…在应用æ“作模å¼æ”¹å˜ï¼ˆä¾‹å¦‚从é™æ€æ‹æ‘„切æ¢åˆ°è§†é¢‘录制)期间出现用户å¯è§çš„åœé¡¿ã€‚</p> <h4><strong>返回值</strong></h4> <ul> - <li>0:信æ¯æµé…ç½®æˆåŠŸæ—¶è¿”回</li> - <li>未定义的返回值</li> - <li>-EINVAL:如果请求的信æ¯æµé…ç½®æ— æ•ˆï¼Œåˆ™è¿”å›žæ¤å€¼ã€‚ä»¥ä¸‹æ˜¯ä¸€äº›æ— æ•ˆä¿¡æ¯æµé…置的示例:<ul> - <li>包括多个支æŒè¾“入的信æ¯æµï¼ˆINPUT 或 BIDIRECTIONAL)</li> - <li>ä¸åŒ…括任何支æŒè¾“出的信æ¯æµï¼ˆOUTPUT 或 BIDIRECTIONAL)</li> + <li><code>0</code>:信æ¯æµé…ç½®æˆåŠŸæ—¶è¿”回</li> + <li><code>undefined</code></li> + <li><code>-EINVAL</code>:如果请求的信æ¯æµé…ç½®æ— æ•ˆï¼Œåˆ™è¿”å›žæ¤å€¼ã€‚ä»¥ä¸‹æ˜¯ä¸€äº›æ— æ•ˆä¿¡æ¯æµé…置的示例: + <ul> + <li>包括多个支æŒè¾“入的信æ¯æµï¼ˆ<code>INPUT</code> 或 <code>BIDIRECTIONAL</code>)</li> + <li>ä¸åŒ…括任何支æŒè¾“出的信æ¯æµï¼ˆ<code>OUTPUT</code> 或 <code>BIDIRECTIONAL</code>)</li> <li>包括采用ä¸å—支æŒæ ¼å¼ï¼ˆæˆ–è€…æ ¼å¼çš„ä¸å—支æŒå¤§å°ï¼‰çš„ä¿¡æ¯æµã€‚</li> <li>åŒ…æ‹¬è¿‡å¤šç‰¹å®šæ ¼å¼çš„输出信æ¯æµã€‚</li> <li>请注æ„,鉴于信æ¯æµé…置在é…置之å‰ç»è¿‡æ£€æŸ¥ç¡®è®¤ï¼Œå› æ¤æ¡†æž¶æäº¤æ— æ•ˆä¿¡æ¯æµé…ç½®ä¸å±žäºŽæ£å¸¸æ“ä½œã€‚æ— æ•ˆé…ç½®æ„味ç€æ¡†æž¶ä»£ç ä¸å˜åœ¨é”™è¯¯ï¼Œæˆ–者 HAL çš„é™æ€å…ƒæ•°æ®ä¸Žå¯¹ä¿¡æ¯æµçš„è¦æ±‚ä¸ç›¸ç¬¦ã€‚</li> </ul> </li> - <li>-ENODEV:如果出现致命错误且设备ä¸å†è¿è¡Œï¼Œåˆ™è¿”回æ¤å€¼ã€‚返回æ¤é”™è¯¯åŽï¼Œæ¡†æž¶åªèƒ½æˆåŠŸè°ƒç”¨ close()。</li> + <li><code>-ENODEV</code>:如果出现致命错误且设备ä¸å†è¿è¡Œï¼Œåˆ™è¿”回æ¤å€¼ã€‚返回æ¤é”™è¯¯åŽï¼Œæ¡†æž¶åªèƒ½æˆåŠŸè°ƒç”¨ <code>close()</code>。</li> </ul> <h3 id="register-stream">register_stream_buffers</h3> -<p>通过 HAL 设备为指定的信æ¯æµæ³¨å†Œç¼“冲区。框架调用æ¤æ–¹æ³•å‘生在 configure_streams 定义新信æ¯æµä¹‹åŽã€è¯¥ä¿¡æ¯æµçš„缓冲区被列入æ‹æ‘„请求之å‰ã€‚如果éšåŽçš„ configure_streams() 调用ä¸åˆ—出了åŒä¸€ä¿¡æ¯æµï¼Œæ¡†æž¶å°†ä¸ä¼šä¸ºè¯¥ä¿¡æ¯æµå†æ¬¡è°ƒç”¨ register_stream_buffers。<br />框架ä¸éœ€è¦åœ¨æ交第一个æ‹æ‘„请求之å‰ï¼Œä¸ºé…置的所有信æ¯æµæ³¨å†Œç¼“å†²åŒºã€‚è¿™æ ·å¯ä»¥åœ¨å…¶ä»–ä¿¡æ¯æµä»ç„¶å¤„于分é…过程ä¸æ—¶å¿«é€Ÿå¯åŠ¨é¢„览(或类似用例)。<br />æ¤æ–¹æ³•æ—¨åœ¨è®© HAL è®¾å¤‡æ˜ å°„æˆ–ä»¥å…¶ä»–æ–¹å¼å‡†å¤‡ç¼“冲区以供ç¨åŽä½¿ç”¨ã€‚ä¼ å…¥çš„ç¼“å†²åŒºå°†è¢«é”定以供使用。在调用结æŸæ—¶ï¼Œæ‰€æœ‰ç¼“冲区都必须准备好返回到信æ¯æµã€‚bufferset å‚数仅在æ¤è°ƒç”¨æœŸé—´æœ‰æ•ˆã€‚<br />如果信æ¯æµæ ¼å¼è®¾ä¸º HAL_PIXEL_FORMAT_IMPLEMENTATION_DEFINED,则相机 HAL 应在æ¤å¤„æ£€æŸ¥ä¼ å…¥çš„ç¼“å†²åŒºï¼Œä»¥ç¡®å®šä»»ä½•å¹³å°ä¸“用的åƒç´ æ ¼å¼ä¿¡æ¯ã€‚</p> +<p>通过 HAL 设备为指定的信æ¯æµæ³¨å†Œç¼“冲区。框架调用æ¤æ–¹æ³•å‘生在 <code>configure_streams</code> 定义新信æ¯æµä¹‹åŽã€è¯¥ä¿¡æ¯æµçš„缓冲区被列入æ‹æ‘„请求之å‰ã€‚如果éšåŽçš„ <code>configure_streams()</code> 调用ä¸åˆ—出了åŒä¸€ä¿¡æ¯æµï¼Œæ¡†æž¶å°†ä¸ä¼šä¸ºè¯¥ä¿¡æ¯æµå†æ¬¡è°ƒç”¨ <code>register_stream_buffers</code>。</p> +<p>框架ä¸éœ€è¦åœ¨æ交第一个æ‹æ‘„请求之å‰ï¼Œä¸ºé…置的所有信æ¯æµæ³¨å†Œç¼“å†²åŒºã€‚è¿™æ ·å¯ä»¥åœ¨å…¶ä»–ä¿¡æ¯æµä»ç„¶å¤„于分é…过程ä¸æ—¶å¿«é€Ÿå¯åŠ¨é¢„览(或类似用例)。</p> +<p>æ¤æ–¹æ³•æ—¨åœ¨è®© HAL è®¾å¤‡æ˜ å°„æˆ–ä»¥å…¶ä»–æ–¹å¼å‡†å¤‡ç¼“冲区以供ç¨åŽä½¿ç”¨ã€‚ä¼ å…¥çš„ç¼“å†²åŒºå°†è¢«é”定以供使用。在调用结æŸæ—¶ï¼Œæ‰€æœ‰ç¼“冲区都必须准备好返回到信æ¯æµã€‚ +bufferset å‚数仅在æ¤è°ƒç”¨æœŸé—´æœ‰æ•ˆã€‚</p> +<p>如果信æ¯æµæ ¼å¼è®¾ä¸º <code>HAL_PIXEL_FORMAT_IMPLEMENTATION_DEFINED</code>,则相机 HAL 应在æ¤å¤„æ£€æŸ¥ä¼ å…¥çš„ç¼“å†²åŒºï¼Œä»¥ç¡®å®šä»»ä½•å¹³å°ä¸“用的åƒç´ æ ¼å¼ä¿¡æ¯ã€‚</p> <h4><strong>返回值</strong></h4> <ul> - <li>0:新信æ¯æµçš„缓冲区注册æˆåŠŸæ—¶è¿”回。</li> - <li>-EINVAL:如果 streambufferset ä¸å¼•ç”¨æœ‰æ•ˆçš„活动信æ¯æµæˆ–è€…ç¼“å†²åŒºæ•°ç»„æ— æ•ˆï¼Œåˆ™è¿”å›žæ¤å€¼ã€‚</li> - <li>-ENOMEM:如果注册缓冲区时出错,则返回æ¤å€¼ã€‚框架必须将所有信æ¯æµç¼“冲区视为未注册,并且å¯å°è¯•ç¨åŽé‡æ–°æ³¨å†Œã€‚</li> - <li>-ENODEV:如果出现致命错误且设备ä¸å†è¿è¡Œï¼Œåˆ™è¿”回æ¤å€¼ã€‚返回æ¤é”™è¯¯åŽï¼Œæ¡†æž¶åªèƒ½æˆåŠŸè°ƒç”¨ close()。</li> + <li><code>0</code>:新信æ¯æµçš„缓冲区注册æˆåŠŸæ—¶è¿”回</li> + <li><code>-EINVAL</code>:如果 streambufferset ä¸å¼•ç”¨æœ‰æ•ˆçš„活动信æ¯æµæˆ–è€…ç¼“å†²åŒºæ•°ç»„æ— æ•ˆï¼Œåˆ™è¿”å›žæ¤å€¼ã€‚</li> + <li><code>-ENOMEM</code>:如果注册缓冲区时出错,则返回æ¤å€¼ã€‚框架必须将所有信æ¯æµç¼“冲区视为未注册,并且å¯å°è¯•ç¨åŽé‡æ–°æ³¨å†Œã€‚</li> + <li><code>-ENODEV</code>:如果出现致命错误且设备ä¸å†è¿è¡Œï¼Œåˆ™è¿”回æ¤å€¼ã€‚ +返回æ¤é”™è¯¯åŽï¼Œæ¡†æž¶åªèƒ½æˆåŠŸè°ƒç”¨ <code>close()</code>。</li> </ul> </body></html>
\ No newline at end of file diff --git a/zh-cn/devices/graphics/run-tests.html b/zh-cn/devices/graphics/run-tests.html index b8117cc5..a0b6dc3f 100644 --- a/zh-cn/devices/graphics/run-tests.html +++ b/zh-cn/devices/graphics/run-tests.html @@ -254,6 +254,7 @@ python android/scripts/debug.py \ <p class="note"><strong>注æ„</strong>:在 Windows 上,GDB 二进制文件需è¦ä½¿ç”¨ <code>libpython2.7.dll</code>。在å¯åŠ¨ <code>debug.py</code> å‰ï¼Œè¯·å°† <code><path-to-ndk>/prebuilt/windows/bin</code> æ·»åŠ åˆ° PATH å˜é‡ä¸ã€‚</p> -<p class="note"><strong>注æ„</strong>:本机代ç 调试ä¸é€‚用于 Android 4.3。有关解决方法,请å‚考<a href="https://issuetracker.google.com/issues/36976703">æ¤å…¬å¼€é”™è¯¯</a>。Android 4.4 åŠæ›´é«˜ç‰ˆæœ¬ä¸åŒ…å«æ¤é”™è¯¯ã€‚</p> +<p class="note"><strong>注æ„</strong>:本机代ç 调试ä¸é€‚用于 Android 4.3。有关解决方法,请å‚考<a href="https://issuetracker.google.com/issues/36976703">æ¤å…¬å¼€é”™è¯¯</a>。 +Android 4.4 åŠæ›´é«˜ç‰ˆæœ¬ä¸åŒ…å«æ¤é”™è¯¯ã€‚</p> </body></html>
\ No newline at end of file diff --git a/zh-cn/devices/sensors/hal-interface.html b/zh-cn/devices/sensors/hal-interface.html index 8128fa19..7945ff5e 100644 --- a/zh-cn/devices/sensors/hal-interface.html +++ b/zh-cn/devices/sensors/hal-interface.html @@ -20,7 +20,7 @@ limitations under the License. --> -<p><a href="/devices/halref/sensors_8h.html">sensors.h</a> ä¸å£°æ˜Žçš„ HAL 接å£è¡¨ç¤º Android <a href="sensor-stack.html#framework">框架</a>与特定于硬件的软件之间的接å£ã€‚HAL 实现必须定义 sensors.h ä¸å£°æ˜Žçš„æ¯ä¸ªå‡½æ•°ã€‚主è¦å‡½æ•°å¦‚下:</p> +<p><a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/sensors.h">sensors.h</a> ä¸å£°æ˜Žçš„ HAL 接å£è¡¨ç¤º Android <a href="sensor-stack.html#framework">框架</a>与特定于硬件的软件之间的接å£ã€‚HAL 实现必须定义 sensors.h ä¸å£°æ˜Žçš„æ¯ä¸ªå‡½æ•°ã€‚主è¦å‡½æ•°å¦‚下:</p> <ul> <li><code>get_sensors_list</code> - è¿”å›žæ‰€æœ‰ä¼ æ„Ÿå™¨çš„åˆ—è¡¨ã€‚</li> <li><code>activate</code> - å¯åŠ¨æˆ–åœæ¢ä¼ 感器。</li> @@ -37,7 +37,7 @@ <li><code>sensor_t</code></li> <li><code>sensors_event_t</code></li> </ul> -<p>除了下é¢çš„部分,还å¯å‚阅 <a href="/devices/halref/sensors_8h.html">sensors.h</a> 详细了解这些类型。</p> +<p>除了下é¢çš„部分,还å¯å‚阅 <a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/sensors.h">sensors.h</a> 详细了解这些类型。</p> <h2 id="get_sensors_list_list">get_sensors_list(list)</h2> <pre class="prettyprint">int (*get_sensors_list)(struct sensors_module_t* module, struct sensor_t const** list);</pre> @@ -147,7 +147,7 @@ int (*setDelay)( <p>å½“ä¼ æ„Ÿå™¨ç¦ç”¨æ—¶ï¼Œå°†è°ƒç”¨ <code>activate(..., enable=0)</code>。</p> <p>在上述调用的åŒæ—¶ï¼Œåå¤è°ƒç”¨ <code>poll</code> 函数以请求数æ®ã€‚å³ä½¿åœ¨æ²¡æœ‰æ¿€æ´»ä»»ä½•ä¼ 感器的情况下,ä»å¯ä»¥è°ƒç”¨ <code>poll</code>。</p> <h2 id="sensors_module_t">sensors_module_t</h2> -<p><code>sensors_module_t</code> æ˜¯ç”¨äºŽä¸ºä¼ æ„Ÿå™¨åˆ›å»º Android 硬件模å—的类型。HAL 的实现必须定义一个该类型的对象 <code>HAL_MODULE_INFO_SYM</code>,以æä¾› <a href="#get_sensors_list_list">get_sensors_list</a> 函数。è¦äº†è§£è¯¦æƒ…,请å‚阅 <a href="/devices/halref/sensors_8h.html">sensors.h</a> ä¸ <code>sensors_module_t</code> 的定义和 <code>hw_module_t</code> 的定义。</p> +<p><code>sensors_module_t</code> æ˜¯ç”¨äºŽä¸ºä¼ æ„Ÿå™¨åˆ›å»º Android 硬件模å—的类型。HAL 的实现必须定义一个该类型的对象 <code>HAL_MODULE_INFO_SYM</code>,以æä¾› <a href="#get_sensors_list_list">get_sensors_list</a> 函数。è¦äº†è§£è¯¦æƒ…,请å‚阅 <a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/sensors.h">sensors.h</a> ä¸çš„ <code>sensors_module_t</code> 的定义和 <code>hw_module_t</code> 的定义。</p> <h2 id="sensors_poll_device_t_sensors_poll_device_1_t">sensors_poll_device_t/sensors_poll_device_1_t</h2> <p><code>sensors_poll_device_1_t</code> 包å«ä¸Šæ–‡å®šä¹‰çš„方法的剩余部分:<code>activate</code>ã€<code>batch</code>ã€<code>flush</code> å’Œ <code>poll</code>。其 <code>common</code> å—段(类型为 <a href="/devices/halref/structhw__device__t.html">hw_device_t</a>)定义 HAL 的版本å·ã€‚</p> <h2 id="sensor_t">sensor_t</h2> @@ -155,7 +155,7 @@ int (*setDelay)( <p><strong>name</strong>ï¼šè¡¨ç¤ºä¼ æ„Ÿå™¨çš„ç”¨æˆ·å¯è§å—符串。该å—ç¬¦ä¸²é€šå¸¸åŒ…æ‹¬åº•å±‚ä¼ æ„Ÿå™¨çš„éƒ¨ä»¶å称ã€ä¼ 感器的类型以åŠæ˜¯å¦ä¸ºå”¤é†’ä¼ æ„Ÿå™¨ã€‚ä¾‹å¦‚ï¼Œâ€œLIS2HH12 Accelerometerâ€ã€â€œMAX21000 Uncalibrated Gyroscopeâ€ã€â€œBMP280 Wake-up Barometerâ€ã€â€œMPU6515 Game Rotation Vectorâ€ã€‚</p> <p><strong>handle</strong>ï¼šç”¨äºŽåœ¨æ³¨å†Œåˆ°ä¼ æ„Ÿå™¨æˆ–ä»Žä¼ æ„Ÿå™¨ç”Ÿæˆäº‹ä»¶æ—¶è¡¨ç¤ºä¼ 感器的整数。</p> <p><strong>type</strong>ï¼šä¼ æ„Ÿå™¨çš„ç±»åž‹ã€‚è¦è¯¦ç»†äº†è§£ä¼ 感器类型的解释,请å‚阅<a href="index.html">什么是 Android ä¼ æ„Ÿå™¨ï¼Ÿ</a>ï¼› è¦äº†è§£å®˜æ–¹ä¼ 感器类型,请å‚阅<a href="sensor-types.html">ä¼ æ„Ÿå™¨ç±»åž‹</a>。对于éžå®˜æ–¹ä¼ 感器类型,<code>type</code> 必须以 <code>SENSOR_TYPE_DEVICE_PRIVATE_BASE</code> 开头。</p> -<p><strong>stringType</strong>ï¼šä¼ æ„Ÿå™¨çš„ç±»åž‹ï¼ˆä»¥å—ç¬¦ä¸²è¡¨ç¤ºï¼‰ã€‚å¦‚æžœä¼ æ„Ÿå™¨ä¸ºå®˜æ–¹ç±»åž‹ï¼Œåˆ™è®¾ç½®ä¸º <code>SENSOR_STRING_TYPE_*</code>ã€‚å¦‚æžœä¼ æ„Ÿå™¨ä¸ºåˆ¶é€ å•†ç‰¹å®šç±»åž‹ï¼Œ<code>stringType</code> å¿…é¡»ä»¥åˆ¶é€ å•†çš„åå‘域å开头。例如,由 Fictional-Company çš„ Cool-product å›¢é˜Ÿå®šä¹‰çš„ä¼ æ„Ÿå™¨ï¼ˆä¾‹å¦‚ unicorn 检测器)å¯ä»¥ä½¿ç”¨ <code>stringType=â€com.fictional_company.cool_product.unicorn_detectorâ€</code>。<em></em><code>stringType</code> ç”¨äºŽå”¯ä¸€æ ‡è¯†éžå®˜æ–¹ä¼ 感器类型。è¦è¯¦ç»†äº†è§£ä¼ 感器类型和å—符串类型,请å‚阅 <a href="/devices/halref/sensors_8h.html">sensors.h</a>。</p> +<p><strong>stringType</strong>ï¼šä¼ æ„Ÿå™¨çš„ç±»åž‹ï¼ˆä»¥å—ç¬¦ä¸²è¡¨ç¤ºï¼‰ã€‚å¦‚æžœä¼ æ„Ÿå™¨ä¸ºå®˜æ–¹ç±»åž‹ï¼Œåˆ™è®¾ç½®ä¸º <code>SENSOR_STRING_TYPE_*</code>ã€‚å¦‚æžœä¼ æ„Ÿå™¨ä¸ºåˆ¶é€ å•†ç‰¹å®šç±»åž‹ï¼Œ<code>stringType</code> å¿…é¡»ä»¥åˆ¶é€ å•†çš„åå‘域å开头。例如,由 Fictional-Company çš„ Cool-product å›¢é˜Ÿå®šä¹‰çš„ä¼ æ„Ÿå™¨ï¼ˆä¾‹å¦‚ unicorn 检测器)å¯ä»¥ä½¿ç”¨ <code>stringType=â€com.fictional_company.cool_product.unicorn_detectorâ€</code>。<em></em><code>stringType</code> ç”¨äºŽå”¯ä¸€æ ‡è¯†éžå®˜æ–¹ä¼ 感器类型。è¦è¯¦ç»†äº†è§£ä¼ 感器类型和å—符串类型,请å‚阅 <a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/sensors.h">sensors.h</a>。</p> <p><strong>requiredPermission</strong>:表示应用必须拥有的æƒé™ï¼ˆæŸ¥çœ‹ä¼ 感器ã€æ³¨å†Œåˆ°ä¼ æ„Ÿå™¨å’ŒæŽ¥æ”¶ä¼ æ„Ÿå™¨æ•°æ®ï¼‰çš„å—符串。空å—符串表明应用ä¸éœ€è¦èŽ·å–è¯¥ä¼ æ„Ÿå™¨çš„ä»»ä½•è®¿é—®æƒé™ã€‚<a href="sensor-types.html#heart_rate">心率监测器</a>ç‰ä¼ 感器类型具有强制性的 <code>requiredPermission</code>。æä¾›æ•æ„Ÿç”¨æˆ·ä¿¡æ¯ï¼ˆä¾‹å¦‚å¿ƒçŽ‡ï¼‰çš„æ‰€æœ‰ä¼ æ„Ÿå™¨å¿…é¡»å—到æƒé™ä¿æŠ¤ã€‚</p> <p><strong>flags</strong>ï¼šä¼ æ„Ÿå™¨çš„æ ‡è®°ï¼Œç”¨äºŽå®šä¹‰ä¼ æ„Ÿå™¨çš„æŠ¥å‘Šæ¨¡å¼ä»¥åŠä¼ 感器是å¦ä¸ºå”¤é†’ä¼ æ„Ÿå™¨ã€‚ä¾‹å¦‚ï¼Œå¯¹äºŽå•æ¬¡å”¤é†’ä¼ æ„Ÿå™¨ï¼Œ<code>flags = SENSOR_FLAG_ONE_SHOT_MODE | SENSOR_FLAG_WAKE_UP</code>。当å‰ç‰ˆæœ¬çš„ HAL ä¸æœªä½¿ç”¨çš„æ ‡è®°çš„ä½å¿…é¡»ç‰äºŽ 0。</p> <p><strong>maxRange</strong>ï¼šä¼ æ„Ÿå™¨å¯æŠ¥å‘Šçš„最大值,与已报告值的å•ä½ç›¸åŒã€‚ä¼ æ„Ÿå™¨å¿…é¡»èƒ½å¤ŸæŠ¥å‘Š <code>[-maxRange; maxRange]</code> 范围内(未过载)的值。请注æ„,这æ„味ç€ä»Žå¸¸è§„æ„义上æ¥è¯´ä¼ 感器的总范围是 <code>2*maxRange</code>ã€‚å½“ä¼ æ„Ÿå™¨æŠ¥å‘Šå‡ æ¡è½´ä¸Šçš„值时,该范围适用于æ¯æ¡è½´ã€‚例如,“+/- 2gâ€åŠ 速度计会报告 <code>maxRange = 2*9.81 = 2g</code>。</p> @@ -172,7 +172,7 @@ int (*setDelay)( <p><strong>sensor</strong>:生æˆäº‹ä»¶çš„ä¼ æ„Ÿå™¨çš„å¥æŸ„,由 <code>sensor_t.handle</code> 定义。</p> <p><strong>type</strong>:生æˆäº‹ä»¶çš„ä¼ æ„Ÿå™¨çš„ä¼ æ„Ÿå™¨ç±»åž‹ï¼Œç”± <code>sensor_t.type</code> 定义。</p> <p><strong>timestamp</strong>:事件的时间戳,以纳秒为å•ä½ã€‚这是事件(采å–了æ¥éª¤ï¼Œæˆ–æ˜¯è¿›è¡Œäº†åŠ é€Ÿåº¦è®¡æµ‹é‡ï¼‰å‘生的时间,而ä¸æ˜¯äº‹ä»¶æŠ¥å‘Šçš„时间。<code>timestamp</code> 必须与 <code>elapsedRealtimeNano</code> 时钟åŒæ¥ï¼Œå¹¶ä¸”对于连ç»ä¼ 感器,抖动必须很å°ã€‚有时需è¦è¿›è¡Œæ—¶é—´æˆ³è¿‡æ»¤ä»¥æ»¡è¶³ CDD è¦æ±‚ï¼Œå› ä¸ºä»…ä½¿ç”¨ SoC ä¸æ–时间æ¥è®¾ç½®æ—¶é—´æˆ³ä¼šå¯¼è‡´æŠ–åŠ¨è¿‡å¤§ï¼Œå¹¶ä¸”ä»…ä½¿ç”¨ä¼ æ„Ÿå™¨èŠ¯ç‰‡æ—¶é—´æ¥è®¾ç½®æ—¶é—´æˆ³å¯èƒ½ä¼šç”±äºŽä¼ æ„Ÿå™¨æ—¶é’Ÿæ¼‚ç§»è€Œæ— æ³•ä¸Ž <code>elapsedRealtimeNano</code> 时钟åŒæ¥ã€‚</p> -<p><strong>æ•°æ®å’Œé‡å å—段</strong>ï¼šç”±ä¼ æ„Ÿå™¨æµ‹é‡çš„值。这些å—段的å«ä¹‰å’Œå•ä½ç‰¹å®šäºŽæ¯ç§ä¼ 感器类型。è¦äº†è§£æ•°æ®å—段的说明,请å‚阅 <a href="/devices/halref/sensors_8h.html">sensors.h</a> å’Œä¸åŒ<a href="sensor-types.html">ä¼ æ„Ÿå™¨ç±»åž‹</a>的定义。对于æŸäº›ä¼ 感器,也å¯ä»¥é€šè¿‡ <code>status</code> å—段在数æ®ä¸åŒæ—¶æŠ¥å‘Šè¯»æ•°ç²¾åº¦ã€‚该å—段åªèƒ½é’ˆå¯¹é€‰å®šä¼ 感器类型通过管é“ä¼ é€’ï¼Œä½œä¸ºç²¾åº¦å€¼å‡ºçŽ°åœ¨ SDK å±‚ã€‚å¯¹äºŽè¿™ç±»ä¼ æ„Ÿå™¨ï¼Œå…¶<a href="sensor-types.html">ä¼ æ„Ÿå™¨ç±»åž‹</a>定义ä¸ä¼šæåŠå¿…须设置 status å—段。</p> +<p><strong>æ•°æ®å’Œé‡å å—段</strong>ï¼šç”±ä¼ æ„Ÿå™¨æµ‹é‡çš„值。这些å—段的å«ä¹‰å’Œå•ä½ç‰¹å®šäºŽæ¯ç§ä¼ 感器类型。è¦äº†è§£æ•°æ®å—段的说明,请å‚阅 <a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/sensors.h">sensors.h</a> å’Œä¸åŒ<a href="sensor-types.html">ä¼ æ„Ÿå™¨ç±»åž‹</a>的定义。对于æŸäº›ä¼ 感器,也å¯ä»¥é€šè¿‡ <code>status</code> å—段在数æ®ä¸åŒæ—¶æŠ¥å‘Šè¯»æ•°ç²¾åº¦ã€‚该å—段åªèƒ½é’ˆå¯¹é€‰å®šä¼ 感器类型通过管é“ä¼ é€’ï¼Œä½œä¸ºç²¾åº¦å€¼å‡ºçŽ°åœ¨ SDK å±‚ã€‚å¯¹äºŽè¿™ç±»ä¼ æ„Ÿå™¨ï¼Œå…¶<a href="sensor-types.html">ä¼ æ„Ÿå™¨ç±»åž‹</a>定义ä¸ä¼šæåŠå¿…须设置 status å—段。</p> <h3 id="metadata_flush_complete_events">元数æ®åˆ·å†™å®Œæˆäº‹ä»¶</h3> <p>元数æ®äº‹ä»¶çš„ç±»åž‹ä¸Žå¸¸è§„ä¼ æ„Ÿå™¨äº‹ä»¶çš„ç±»åž‹ç›¸åŒï¼š<code>sensors_event_meta_data_t = sensors_event_t</code>。元数æ®äº‹ä»¶é€šè¿‡ poll ä¸Žå…¶ä»–ä¼ æ„Ÿå™¨äº‹ä»¶ä¸€èµ·è¿”å›žï¼Œä¸”æ‹¥æœ‰å¦‚ä¸‹å—段:</p> <p><strong>version</strong>:必须是 <code>META_DATA_VERSION</code></p> diff --git a/zh-cn/devices/sensors/sensor-types.html b/zh-cn/devices/sensors/sensor-types.html index fe2379a3..c205daf7 100644 --- a/zh-cn/devices/sensors/sensor-types.html +++ b/zh-cn/devices/sensors/sensor-types.html @@ -97,7 +97,7 @@ <li>åœ¨çº¿å°ºåº¦æ ¡å‡†</li> </ul> <p>ä»…å½“ä¼ æ„Ÿå™¨å·²ç¦ç”¨æ—¶ï¼Œæ‰å¯æ›´æ–°åå·®æ ¡å‡†å’Œå°ºåº¦æ ¡å‡†ï¼Œä»¥é¿å…æµå¼ä¼ 输时出现值激增。</p> -<p>åŠ é€Ÿåº¦è®¡è¿˜é€šè¿‡ <code>sensors_event_t.acceleration.status</code> 报告其预测的读数精度。è¦è¯¦ç»†äº†è§£æ¤å—段的å¯èƒ½å€¼ï¼Œè¯·å‚阅 <a href="https://developer.android.com/reference/android/hardware/SensorManager.html">SensorManager</a> çš„ <a href="https://developer.android.com/reference/android/hardware/SensorManager.html#SENSOR_STATUS_ACCURACY_HIGH"><code>SENSOR_STATUS_* </code></a>常é‡ã€‚</p> +<p>åŠ é€Ÿåº¦è®¡è¿˜é€šè¿‡ <code>sensors_event_t.acceleration.status</code> 报告其预测的读数精度。è¦è¯¦ç»†äº†è§£æ¤å—段的å¯èƒ½å€¼ï¼Œè¯·å‚阅 <a href="https://developer.android.com/reference/android/hardware/SensorManager.html">SensorManager</a> çš„ <a href="https://developer.android.com/reference/android/hardware/SensorManager.html#SENSOR_STATUS_ACCURACY_HIGH"><code>SENSOR_STATUS_* </code></a> 常é‡ã€‚</p> <h3 id="ambient_temperature">çŽ¯å¢ƒæ¸©åº¦ä¼ æ„Ÿå™¨</h3> <p>报告模å¼ï¼š<em><a href="report-modes.html#on-change">å˜åŒ–模å¼</a></em></p> <p><code>getDefaultSensor(SENSOR_TYPE_AMBIENT_TEMPERATURE)</code> 返回一个éžå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> @@ -143,7 +143,7 @@ <h3 id="proximity">è¿‘ç¨‹ä¼ æ„Ÿå™¨</h3> <p>报告模å¼ï¼š<em><a href="report-modes.html#on-change">å˜åŒ–模å¼</a></em></p> <p>é€šå¸¸å®šä¹‰ä¸ºå”¤é†’ä¼ æ„Ÿå™¨</p> -<p><code>getDefaultSensor(SENSOR_TYPE_PROXIMITY)</code> è¿”å›žå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> +<p><code>getDefaultSensor(SENSOR_TYPE_PROXIMITY)</code> è¿”å›žä¸€ä¸ªå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>è¿‘ç¨‹ä¼ æ„Ÿå™¨å¯æŠ¥å‘Šä»Žä¼ 感器到最近的å¯è§è¡¨é¢çš„è·ç¦»ã€‚</p> <p>在 Android KitKat 版本或更早版本ä¸ï¼Œè¿‘ç¨‹ä¼ æ„Ÿå™¨ä¸€ç›´æ˜¯å”¤é†’ä¼ æ„Ÿå™¨ï¼Œä¹Ÿå°±æ˜¯è¯´ï¼Œæ¤ç±»ä¼ 感器在检测到近程è·ç¦»å‘生å˜åŒ–时会唤醒 SoC。对于 Android KitKat 之åŽçš„ç‰ˆæœ¬ï¼Œæˆ‘ä»¬å»ºè®®æ‚¨é¦–å…ˆå®žçŽ°è¯¥ä¼ æ„Ÿå™¨çš„å”¤é†’ç‰ˆæœ¬ï¼Œå› ä¸ºè¯¥ç‰ˆæœ¬åœ¨æ‰“ç”µè¯æ—¶ç”¨äºŽå¼€å¯å’Œå…³é—å±å¹•ã€‚</p> <p>测é‡ç»“果在 <code>sensors_event_t.distance</code> ä¸æŠ¥å‘Šï¼ˆä»¥åŽ˜ç±³ä¸ºå•ä½ï¼‰ã€‚请注æ„ï¼Œä¸€äº›è¿‘ç¨‹ä¼ æ„Ÿå™¨ä»…æ”¯æŒäºŒå…ƒâ€œè¿‘â€æˆ–“远â€æµ‹é‡ç»“果。在æ¤æƒ…å†µä¸‹ï¼Œä¼ æ„Ÿå™¨æ£€æµ‹åˆ°â€œè¿œâ€çŠ¶æ€æ—¶æŠ¥å‘Šå€¼ <code>sensor_t.maxRange</code>,检测到“近â€çŠ¶æ€æ—¶æŠ¥å‘Šä¸€ä¸ªå°äºŽ <code>sensor_t.maxRange</code> 的值。</p> @@ -195,8 +195,8 @@ <td><p>è¿žç»æ¨¡å¼</p></td> </tr> <tr> - <td><a href="#glance_gesture">å¿«è§ˆä¼ æ„Ÿå™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/><p></p></td> - <td><p>互动类</p></td> + <td><a href="#glance_gesture">å¿«è§ˆæ‰‹åŠ¿ä¼ æ„Ÿå™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/><p></p></td> + <td><p>交互性</p></td> <td><p>未定义</p></td> <td><p>å•æ¬¡æ¨¡å¼</p></td> </tr> @@ -214,8 +214,8 @@ </tr> <tr> <td><p><a href="#linear_acceleration">çº¿æ€§åŠ é€Ÿåº¦ä¼ æ„Ÿå™¨</a></p></td> - <td><p>动作类</p></td> - <td><p>åŠ é€Ÿåº¦è®¡ã€é™€èžºä»ªï¼ˆå¦‚有)或ç£åŠ›è®¡ï¼ˆå¦‚果没有陀螺仪)</p></td> + <td><p>活动</p></td> + <td><p>åŠ é€Ÿåº¦è®¡ã€é™€èžºä»ªï¼ˆå¦‚有)或ç£åŠ›è®¡ï¼ˆå¦‚果陀螺仪ä¸å˜åœ¨ï¼‰</p></td> <td><p>è¿žç»æ¨¡å¼</p></td> </tr> <tr> @@ -232,42 +232,42 @@ </tr> <tr> <td><p><a href="#pick_up_gesture">æ‹¿èµ·æ‰‹åŠ¿ä¼ æ„Ÿå™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> - <td><p>互动类</p></td> + <td><p>交互性</p></td> <td><p>未定义</p></td> <td><p>å•æ¬¡æ¨¡å¼</p></td> </tr> <tr> <td><p><a href="#rotation_vector">旋转矢é‡ä¼ 感器</a></p></td> <td><p>姿势类</p></td> - <td><p>åŠ é€Ÿåº¦è®¡ã€ç£åŠ›è®¡å’Œé™€èžºä»ªï¼ˆå¦‚有)<em></em></p></td> + <td><p>åŠ é€Ÿåº¦è®¡ã€ç£åŠ›è®¡å’Œâ€œé™€èžºä»ªâ€ï¼ˆå¦‚有)<em></em></p></td> <td><p>è¿žç»æ¨¡å¼</p></td> </tr> <tr> <td><p><a href="#significant_motion">å¤§å¹…åº¦åŠ¨ä½œä¼ æ„Ÿå™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> - <td><p>动作类</p></td> + <td><p>活动</p></td> <td><p>åŠ é€Ÿåº¦è®¡ï¼ˆæˆ–å…¶ä»–åŠŸè€—æžä½Žçš„ä¼ æ„Ÿå™¨ï¼‰</p></td> <td><p>å•æ¬¡æ¨¡å¼</p></td> </tr> <tr> <td><p><a href="#step_counter">计æ¥å™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> - <td><p>动作类</p></td> + <td><p>活动</p></td> <td><p>åŠ é€Ÿåº¦è®¡</p></td> <td><p>å˜åŒ–模å¼</p></td> </tr> <tr> - <td><p><a href="#step_detector">æ¥æµ‹å™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> <td><p>动作类</p></td> + <td><p><a href="#step_detector">æ¥æµ‹å™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> <td><p>活动</p></td> <td><p>åŠ é€Ÿåº¦è®¡</p></td> <td><p>特殊模å¼</p></td> </tr> <tr> - <td><p><a href="#tilt_detector">倾斜检测器</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> - <td><p>动作类</p></td> + <td><p><a href="#tilt_detector">倾斜探测器</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> + <td><p>活动</p></td> <td><p>åŠ é€Ÿåº¦è®¡</p></td> <td><p>特殊模å¼</p></td> </tr> <tr> <td><p><a href="#wake_up_gesture">å”¤é†’æ‰‹åŠ¿ä¼ æ„Ÿå™¨</a> <img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/></p></td> - <td><p>互动类</p></td> + <td><p>交互性</p></td> <td><p>未定义</p></td> <td><p>å•æ¬¡æ¨¡å¼</p></td> </tr> @@ -275,7 +275,7 @@ <p><img src="images/battery_icon.png" width="20" height="20" alt="ä½ŽåŠŸè€—ä¼ æ„Ÿå™¨"/> è¡¨ç¤ºä½ŽåŠŸè€—ä¼ æ„Ÿå™¨</p> <h2 id="activity_composite_sensors">动作å¤åˆä¼ 感器</h2> <h3 id="linear_acceleration">çº¿æ€§åŠ é€Ÿåº¦ä¼ æ„Ÿå™¨</h3> -<p>底层物ç†ä¼ æ„Ÿå™¨ï¼šåŠ é€Ÿåº¦è®¡å’Œï¼ˆå¦‚æœ‰ï¼‰é™€èžºä»ªï¼ˆæˆ–å¦‚æžœæ²¡æœ‰é™€èžºä»ªï¼Œåˆ™ä½¿ç”¨ç£åŠ›è®¡ï¼‰</p> +<p>底层物ç†ä¼ æ„Ÿå™¨ï¼šåŠ é€Ÿåº¦è®¡å’Œï¼ˆå¦‚æœ‰ï¼‰é™€èžºä»ªï¼ˆæˆ–å¦‚æžœé™€èžºä»ªä¸å˜åœ¨ï¼Œåˆ™ä½¿ç”¨ç£åŠ›è®¡ï¼‰</p> <p>报告模å¼ï¼š<em><a href="report-modes.html#continuous">è¿žç»æ¨¡å¼</a></em></p> <p><code>getDefaultSensor(SENSOR_TYPE_LINEAR_ACCELERATION)</code> 返回一个éžå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>çº¿æ€§åŠ é€Ÿåº¦ä¼ æ„Ÿå™¨å¯æŠ¥å‘Šä¼ æ„Ÿå™¨æ¡†æž¶å†…è®¾å¤‡çš„çº¿æ€§åŠ é€Ÿåº¦ï¼ˆä¸åŒ…括é‡åŠ›åŠ 速度)。</p> @@ -288,7 +288,7 @@ <p>报告模å¼ï¼š<em><a href="report-modes.html#one-shot">å•æ¬¡æ¨¡å¼</a></em></p> <p>低功耗</p> <p>ä»…å®žçŽ°è¯¥ä¼ æ„Ÿå™¨çš„å”¤é†’ç‰ˆæœ¬ã€‚</p> -<p><code>getDefaultSensor(SENSOR_TYPE_SIGNIFICANT_MOTION)</code> è¿”å›žå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> +<p><code>getDefaultSensor(SENSOR_TYPE_SIGNIFICANT_MOTION)</code> è¿”å›žä¸€ä¸ªå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>当检测到“大幅度动作â€æ—¶ï¼Œä¼šè§¦å‘å¤§å¹…åº¦åŠ¨ä½œä¼ æ„Ÿå™¨ï¼›å¤§å¹…åº¦åŠ¨ä½œæ˜¯æŒ‡å¯èƒ½å¯¼è‡´ç”¨æˆ·ä½ç½®å‘生å˜åŒ–的动作。</p> <p>æ¤ç±»å¤§å¹…度动作示例如下:</p> <ul> @@ -310,7 +310,7 @@ <p>æ¯ä¸ªä¼ 感器事件在 <code>sensors_event_t.data[0]</code> ä¸æŠ¥å‘Š 1</p> <h3 id="step_detector">æ¥æµ‹å™¨</h3> <p>底层物ç†ä¼ æ„Ÿå™¨ï¼šåŠ é€Ÿåº¦è®¡ï¼ˆå¯èƒ½è¿˜æœ‰å…¶ä»–低功耗计é‡å™¨ï¼‰</p> -<p>报告模å¼ï¼š<em>特殊模å¼<a href="report-modes.html#special"></a>(一æ¥è§¦å‘一个事件)</em></p> +<p>报告模å¼ï¼š<em><a href="report-modes.html#special">特殊模å¼</a>(一æ¥è§¦å‘一个事件)</em></p> <p>低功耗</p> <p><code>getDefaultSensor(SENSOR_TYPE_STEP_DETECTOR)</code> 返回一个éžå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>用户æ¯èµ°ä¸€æ¥ï¼Œæ¥æµ‹å™¨å°±è§¦å‘一个事件。</p> @@ -338,7 +338,7 @@ <p>报告模å¼ï¼š<em><a href="report-modes.html#special">特殊模å¼</a></em></p> <p>低功耗</p> <p>ä»…å®žçŽ°è¯¥ä¼ æ„Ÿå™¨çš„å”¤é†’ç‰ˆæœ¬ã€‚</p> -<p><code>getDefaultSensor(SENSOR_TYPE_TILT_DETECTOR)</code> è¿”å›žå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> +<p><code>getDefaultSensor(SENSOR_TYPE_TILT_DETECTOR)</code> è¿”å›žä¸€ä¸ªå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>æ¯æ¬¡æ£€æµ‹åˆ°å€¾æ–œäº‹ä»¶æ—¶ï¼Œå€¾æ–œæ£€æµ‹å™¨ä¼šç”Ÿæˆä¸€ä¸ªäº‹ä»¶ã€‚</p> <p>å€¾æ–œäº‹ä»¶å®šä¹‰å¦‚ä¸‹ï¼šè‡ªæ¿€æ´»æˆ–è‡ªä¼ æ„Ÿå™¨ç”Ÿæˆçš„最åŽä¸€æ¬¡äº‹ä»¶èµ·ï¼Œ2 秒时隙内平å‡é‡åŠ›åŠ 速度方å‘å˜åŒ–至少 35 度。算法如下:</p> <ul> @@ -468,7 +468,7 @@ <p>报告模å¼ï¼š<em><a href="report-modes.html#one-shot">å•æ¬¡æ¨¡å¼</a></em></p> <p>低功耗</p> <p>ä»…å®žçŽ°è¯¥ä¼ æ„Ÿå™¨çš„å”¤é†’ç‰ˆæœ¬ã€‚</p> -<p><code>getDefaultSensor(SENSOR_TYPE_WAKE_GESTURE)</code> è¿”å›žå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> +<p><code>getDefaultSensor(SENSOR_TYPE_WAKE_GESTURE)</code> è¿”å›žä¸€ä¸ªå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>å”¤é†’æ‰‹åŠ¿ä¼ æ„Ÿå™¨å¯ä»¥ä½¿ç”¨ç‰¹å®šè®¾å¤‡åŠ¨ä½œæ¥å”¤é†’è®¾å¤‡ã€‚å½“è¯¥ä¼ æ„Ÿå™¨è¢«è§¦å‘时,设备会开å¯å±å¹•ï¼Œå°±å¦‚åŒæŒ‰ä¸‹ç”µæºæŒ‰é’®ä¸€æ ·ã€‚用户å¯åœ¨è®¾å¤‡è®¾ç½®ä¸ç¦ç”¨è¿™ç§è®¾å¤‡è¡Œä¸ºï¼ˆå½“è¯¥ä¼ æ„Ÿå™¨è¢«è§¦å‘时开å¯å±å¹•ï¼‰ã€‚更改设置ä¸ä¼šå½±å“ä¼ æ„Ÿå™¨çš„è¡Œä¸ºï¼šä»…æ”¹å˜å½“è¯¥ä¼ æ„Ÿå™¨è¢«è§¦å‘时,Android 框架是å¦å¼€å¯å±å¹•ã€‚未指定待检测的实际手势,å¯ç”±è®¾å¤‡åˆ¶é€ 商进行选择。</p> <p>è¯¥ä¼ æ„Ÿå™¨å¿…é¡»å…·å¤‡ä½ŽåŠŸè€—ç‰¹æ€§ï¼Œå› ä¸ºå®ƒå¯èƒ½å…¨å¤©å€™å¼€å¯ã€‚</p> <p>æ¯ä¸ªä¼ 感器事件在 <code>sensors_event_t.data[0]</code> ä¸æŠ¥å‘Š 1。</p> @@ -477,7 +477,7 @@ <p>报告模å¼ï¼š<em><a href="report-modes.html#one-shot">å•æ¬¡æ¨¡å¼</a></em></p> <p>低功耗</p> <p>ä»…å®žçŽ°è¯¥ä¼ æ„Ÿå™¨çš„å”¤é†’ç‰ˆæœ¬ã€‚</p> -<p><code>getDefaultSensor(SENSOR_TYPE_PICK_UP_GESTURE)</code> è¿”å›žå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> +<p><code>getDefaultSensor(SENSOR_TYPE_PICK_UP_GESTURE)</code> è¿”å›žä¸€ä¸ªå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>æ‹¿èµ·æ‰‹åŠ¿ä¼ æ„Ÿå™¨ä»…åœ¨æ‹¿èµ·è®¾å¤‡æ—¶è¢«è§¦å‘,并且ä¸è€ƒè™‘设备在拿起å‰çš„所在ä½ç½®ï¼ˆæ¡Œé¢ã€å£è¢‹é‡Œæˆ–袋å里)。</p> <p>æ¯ä¸ªä¼ 感器事件在 <code>sensors_event_t.data[0]</code> ä¸æŠ¥å‘Š 1。</p> <h3 id="glance_gesture">å¿«è§ˆæ‰‹åŠ¿ä¼ æ„Ÿå™¨</h3> @@ -485,7 +485,7 @@ <p>报告模å¼ï¼š<em><a href="report-modes.html#one-shot">å•æ¬¡æ¨¡å¼</a></em></p> <p>低功耗</p> <p>ä»…å®žçŽ°è¯¥ä¼ æ„Ÿå™¨çš„å”¤é†’ç‰ˆæœ¬ã€‚</p> -<p><code>getDefaultSensor(SENSOR_TYPE_GLANCE_GESTURE)</code> è¿”å›žå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> +<p><code>getDefaultSensor(SENSOR_TYPE_GLANCE_GESTURE)</code> è¿”å›žä¸€ä¸ªå”¤é†’ä¼ æ„Ÿå™¨<em></em></p> <p>å¿«è§ˆæ‰‹åŠ¿ä¼ æ„Ÿå™¨å¯çŸæš‚å¼€å¯å±å¹•ï¼Œæ–¹ä¾¿ç”¨æˆ·ä½¿ç”¨ç‰¹å®šåŠ¨ä½œæµè§ˆå±å¹•å†…å®¹ã€‚å½“è¯¥ä¼ æ„Ÿå™¨è¢«è§¦å‘时,设备将çŸæš‚å¼€å¯å±å¹•ï¼Œè®©ç”¨æˆ·å¯ä»¥åœ¨è®¾å¤‡å¤„于é”定且éžäº’动状æ€ï¼ˆä½Žç”µè€—模å¼ï¼‰æ—¶æµè§ˆé€šçŸ¥æˆ–其他内容,然åŽå±å¹•å°†å†æ¬¡å…³é—。用户å¯åœ¨è®¾å¤‡è®¾ç½®ä¸ç¦ç”¨è¿™ç§è¡Œä¸ºï¼ˆå½“è¯¥ä¼ æ„Ÿå™¨è¢«è§¦å‘时,çŸæš‚å¼€å¯å±å¹•ï¼‰ã€‚更改设置ä¸ä¼šå½±å“ä¼ æ„Ÿå™¨çš„è¡Œä¸ºï¼šä»…æ”¹å˜å½“è¯¥ä¼ æ„Ÿå™¨è¢«è§¦å‘时,Android 框架是å¦çŸæš‚å¼€å¯å±å¹•ã€‚未指定待检测的实际手势,å¯ç”±è®¾å¤‡åˆ¶é€ 商进行选择。</p> <p>è¯¥ä¼ æ„Ÿå™¨å¿…é¡»å…·å¤‡ä½ŽåŠŸè€—ç‰¹æ€§ï¼Œå› ä¸ºå®ƒå¯èƒ½å…¨å¤©å€™å¼€å¯ã€‚æ¯ä¸ªä¼ 感器事件在 <code>sensors_event_t.data[0]</code> ä¸æŠ¥å‘Š 1。</p> diff --git a/zh-cn/devices/sensors/versioning.html b/zh-cn/devices/sensors/versioning.html index 69a89bd2..2041550d 100644 --- a/zh-cn/devices/sensors/versioning.html +++ b/zh-cn/devices/sensors/versioning.html @@ -107,18 +107,18 @@ SENSOR_FLAG_CONTINUOUS_MODE, <p>如果您ä¸å®žæ–½æ‰¹å¤„ç†ï¼Œåªæ˜¯ä»Ž 1.0 å‡çº§åˆ° 1.3,请将æ¤å—段设置为:</p> -<p><code>SENSOR_FLAG_WAKE_UP | SENSOR_FLAG_ONE_SHOT_MODE</code> - <a href="/devices/sensors/report-modes.html#one-shot">å•æ¬¡ (one-shot) </a>模å¼ä¸‹çš„ä¼ æ„Ÿå™¨</p> +<p><code>SENSOR_FLAG_WAKE_UP | SENSOR_FLAG_ONE_SHOT_MODE</code> - <a href="/devices/sensors/report-modes.html#one-shot">å•æ¬¡ (one-shot)</a> 模å¼ä¸‹çš„ä¼ æ„Ÿå™¨</p> -<p><code>SENSOR_FLAG_CONTINUOUS_MODE</code> - <a href="/devices/sensors/report-modes.html#continuous">è¿žç» (continuous)</a> 模å¼ä¸‹çš„ä¼ æ„Ÿå™¨ï¼›<code>SENSOR_FLAG_ON_CHANGE_MODE</code> - <a href="/devices/sensors/report-modes.html#on-change">ä¸æ– (on-change) </a>模å¼ä¸‹çš„ä¼ æ„Ÿå™¨ï¼ˆ<a href="#proximity">近程</a>ä¼ æ„Ÿå™¨é™¤å¤–ï¼‰ï¼›<code>SENSOR_FLAG_SPECIAL_REPORTING_MODE</code> - <a href="/devices/sensors/report-modes.html#special">特殊 (special) </a>报告模å¼ä¸‹çš„ä¼ æ„Ÿå™¨ï¼ˆ<a href="/devices/sensors/sensor-types.html#tilt_detector">倾斜检测器</a>ä¼ æ„Ÿå™¨é™¤å¤–ï¼‰ã€‚</p> +<p><code>SENSOR_FLAG_CONTINUOUS_MODE</code> - <a href="/devices/sensors/report-modes.html#continuous">è¿žç» (continuous)</a> 模å¼ä¸‹çš„ä¼ æ„Ÿå™¨ï¼›<code>SENSOR_FLAG_ON_CHANGE_MODE</code> - <a href="/devices/sensors/report-modes.html#on-change">ä¸æ– (on-change)</a> 模å¼ä¸‹çš„ä¼ æ„Ÿå™¨ï¼ˆ<a href="#proximity">近程</a>ä¼ æ„Ÿå™¨é™¤å¤–ï¼‰ï¼›<code>SENSOR_FLAG_SPECIAL_REPORTING_MODE</code> - <a href="/devices/sensors/report-modes.html#special">特殊 (special)</a> 报告模å¼ä¸‹çš„ä¼ æ„Ÿå™¨ï¼ˆ<a href="/devices/sensors/sensor-types.html#tilt_detector">倾斜探测器</a>ä¼ æ„Ÿå™¨é™¤å¤–ï¼‰ã€‚</p> -<p><code>SENSOR_FLAG_WAKE_UP | SENSOR_FLAG_ON_CHANGE_MODE</code> - <a href="/devices/sensors/sensor-types.html#proximity">近程</a>ä¼ æ„Ÿå™¨å’Œ Android 官方<a href="/devices/sensors/sensor-types.html#tilt_detector">倾斜检测器</a>ä¼ æ„Ÿå™¨ã€‚</p> +<p><code>SENSOR_FLAG_WAKE_UP | SENSOR_FLAG_ON_CHANGE_MODE</code> - <a href="/devices/sensors/sensor-types.html#proximity">近程</a>ä¼ æ„Ÿå™¨å’Œ Android 官方<a href="/devices/sensors/sensor-types.html#tilt_detector">倾斜探测器</a>ä¼ æ„Ÿå™¨ã€‚</p> <h2>从 1_1 或 1_2 å‡çº§æ—¶çš„注æ„事项</h2> <ul> - <li>现在,å³ä½¿æ˜¯ä¸æ”¯æŒæ‰¹å¤„ç†çš„ä¼ æ„Ÿå™¨ï¼Œ<code>batch</code> å‡½æ•°å‡ ä¹Žä¹Ÿæ€»èƒ½æˆåŠŸï¼Œè€Œä¸”ä¸å—超时å‚数值的影å“。å¯èƒ½å¯¼è‡´ <code>batch </code> 函数失败的情形仅包括:内部错误ã€<code>sensor_handle,</code> ä¸è‰¯ã€<code>sampling_period_ns </code>值为负或 <code>max_report_latency_ns</code> 值为负。 + <li>现在,å³ä½¿æ˜¯ä¸æ”¯æŒæ‰¹å¤„ç†çš„ä¼ æ„Ÿå™¨ï¼Œ<code>batch</code> å‡½æ•°å‡ ä¹Žä¹Ÿæ€»èƒ½æˆåŠŸï¼Œè€Œä¸”ä¸å—超时å‚数值的影å“。å¯èƒ½å¯¼è‡´ <code>batch </code>函数失败的情形仅包括:内部错误ã€<code>sensor_handle,</code> ä¸è‰¯ã€<code>sampling_period_ns </code>值为负或 <code>max_report_latency_ns</code> 值为负。 </li><li>ä¼ æ„Ÿå™¨æ˜¯å¦æ”¯æŒæ‰¹å¤„ç†å–决于它是å¦å…·æœ‰å¤§äºŽ 0 çš„ <code>fifoMaxEventCount </code>。(在以å‰çš„版本ä¸ï¼Œå®ƒæ˜¯ä»¥ <code>batch()</code> 的返回值为ä¾æ®ã€‚) </li><li>支æŒæ‰¹å¤„ç†çš„ä¼ æ„Ÿå™¨åœ¨ä»¥å‰çš„版本ä¸å§‹ç»ˆå¤„于“批处ç†æ¨¡å¼â€ï¼šå³ä½¿ <code>max_report_latency_ns</code> å‚数为 0,ä»å¿…é¡»å¯¹ä¼ æ„Ÿå™¨è¿›è¡Œæ‰¹å¤„ç†æ“作,这æ„味ç€å½“ SoC 进入挂起模å¼æ—¶ï¼Œäº‹ä»¶å¿…é¡»å˜å‚¨åœ¨ FIFO ä¸ã€‚ - </li><li>å°†ä¸å†ä½¿ç”¨ <code>batch</code> 函数的 <code>flags </code> å‚数。<code>DRY_RUN</code> å’Œ <code>WAKE_UPON_FIFO_FULL</code> 两者都已弃用,将永远ä¸ä¼šè¢«ä¼ 递给 <code>batch</code> 函数。 + </li><li>å°†ä¸å†ä½¿ç”¨ <code>batch</code> 函数的 <code>flags </code>å‚数。<code>DRY_RUN</code> å’Œ <code>WAKE_UPON_FIFO_FULL</code> 两者都已弃用,将永远ä¸ä¼šè¢«ä¼ 递给 <code>batch</code> 函数。 </li><li>批处ç†è¶…æ—¶å‚数现称为 <code>max_report_latency</code> å‚数。 </li></ul> diff --git a/zh-cn/devices/tech/config/runtime_perms.html b/zh-cn/devices/tech/config/runtime_perms.html index 1eb5a8e1..fa146583 100644 --- a/zh-cn/devices/tech/config/runtime_perms.html +++ b/zh-cn/devices/tech/config/runtime_perms.html @@ -33,7 +33,8 @@ <h2 id="affected-permissions">å—å½±å“çš„æƒé™</h2> <p>Android 6.0 åŠæ›´é«˜ç‰ˆæœ¬è¦æ±‚å±é™©æƒé™å¿…须使用è¿è¡Œæ—¶æƒé™æ¨¡å¼ã€‚å±é™©æƒé™æ˜¯å…·æœ‰æ›´é«˜é£Žé™©çš„æƒé™ï¼ˆä¾‹å¦‚ <code>READ_CALENDAR</code>),æ¤ç±»æƒé™å…许寻求授æƒçš„应用访问用户ç§äººæ•°æ®æˆ–获å–å¯å¯¹ç”¨æˆ·é€ æˆä¸åˆ©å½±å“的设备控制æƒã€‚è¦æŸ¥çœ‹å±é™©æƒé™åˆ—表,请è¿è¡Œä»¥ä¸‹å‘½ä»¤ï¼š</p> -<pre> + +<pre class="devsite-terminal devsite-click-to-copy"> adb shell pm list permissions -g -d </pre> @@ -76,16 +77,20 @@ adb shell pm list permissions -g -d <p>è¿™æ ·åšæ˜¯ä¸ºäº†é¿å…çªå…€çš„æƒé™è¯·æ±‚让用户迷惑。</p> <h3 id="customizing-package-install">自定义 PackageInstaller</h3> -<p>如有需è¦ï¼Œæ‚¨å¯ä»¥æ›´æ–° PackageInstaller 所用的默认设备主题背景,以æ¤è‡ªå®šä¹‰æƒé™ç•Œé¢<strong>主题背景</strong>(<code>Theme.DeviceDefault.Settings</code> å’Œ <code>Theme.DeviceDefault.Light.Dialog.NoActionBar</code>)。但是,由于一致性对应用开å‘者æ¥è¯´è‡³å…³é‡è¦ï¼Œæ‚¨ä¸å¯ä»¥è‡ªå®šä¹‰æƒé™ç•Œé¢å‡ºçŽ°æ—¶çš„ä½ç½®ã€å®šä½å’Œè§„则。</p> +<p>如有需è¦ï¼Œæ‚¨å¯ä»¥æ›´æ–° PackageInstaller 所用的默认设备主题背景(<code>Theme.DeviceDefault.Settings</code> å’Œ <code>Theme.DeviceDefault.Light.Dialog.NoActionBar</code>),以æ¤è‡ªå®šä¹‰æƒé™ç•Œé¢<strong>主题背景</strong>。但是,由于一致性对应用开å‘者æ¥è¯´è‡³å…³é‡è¦ï¼Œæ‚¨ä¸å¯ä»¥è‡ªå®šä¹‰æƒé™ç•Œé¢å‡ºçŽ°æ—¶çš„ä½ç½®ã€å®šä½å’Œè§„则。</p> <p>è¦åŒ…å«å…¶ä»–è¯è¨€çš„<strong>å—符串</strong>,请将æ¤ç±»å—符串æ交给 AOSP。</p> <h3 id="creating-exceptions">创建例外情况</h3> <p>通过使用 PackageManager ä¸çš„ <code>DefaultPermissionGrantPolicy.java</code>,您å¯ä»¥å‘æ ¸å¿ƒæ“作系统功能的默认处ç†ç¨‹åºæˆ–æ供程åºè¿›è¡Œé¢„授æƒã€‚例如:</p> -<p><code>ACTION_CALL (Dialer) Default</code><br /> -<code>Phone, Contacts, SMS, Microphone</code></p> -<p><code>SMS_DELIVER_ACTION (SMS/MMS) Default</code><br /> -<code>Phone, Contacts, SMS</code></p> +<pre class="devsite-click-to-copy"> +ACTION_CALL (Dialer) Default +Phone, Contacts, SMS, Microphone +</pre> +<pre class="devsite-click-to-copy"> +SMS_DELIVER_ACTION (SMS/MMS) Default +Phone, Contacts, SMS +</pre> <h3 id="defining-custom-perms">自定义æƒé™</h3> <p>您å¯ä»¥å°†è‡ªå®šä¹‰æƒé™å’Œç»„定义为常规或å±é™©çº§åˆ«ï¼Œå¹¶å°† OEM/è¿è¥å•†ç‰¹æœ‰çš„æƒé™æ·»åŠ 到现有æƒé™ç»„ä¸ï¼Œè¯¥åŠŸèƒ½ä¸Ž Android 5.x 和更低版本ä¸çš„功能相åŒã€‚<em></em><em></em></p> diff --git a/zh-cn/devices/tech/connect/emergency-affordance.html b/zh-cn/devices/tech/connect/emergency-affordance.html index 67b3196a..f7c19e38 100644 --- a/zh-cn/devices/tech/connect/emergency-affordance.html +++ b/zh-cn/devices/tech/connect/emergency-affordance.html @@ -20,16 +20,17 @@ limitations under the License. --> -<p>从 2017 å¹´ 1 月 1 日开始,在å°åº¦åœ°åŒºé”€å”®çš„所有移动设备都需è¦åº”å°åº¦ç”µä¿¡éƒ¨é—¨ (DoT) çš„è¦æ±‚æ供紧急呼å«æŒ‰é’®ã€‚</p> +<p>从 2017 å¹´ 1 月 1 日开始,在å°åº¦åœ°åŒºé”€å”®çš„所有移动设备都必须应å°åº¦ç”µä¿¡éƒ¨é—¨ (DoT) çš„è¦æ±‚æ供紧急呼å«æŒ‰é’®ã€‚为å“应这些监管è¦æ±‚,Android 包å«äº†â€œæ供紧急呼å«â€åŠŸèƒ½çš„å‚考实现,以å¯ç”¨ Android 设备上的紧急呼å«æŒ‰é’®ã€‚</p> -<p>为符åˆæ¤ç±»æ³•è§„è¦æ±‚,我们开å‘了“æ供紧急呼å«â€åŠŸèƒ½ï¼Œä»¥ä¾¿ä¸º Android 设备æ供紧急呼å«æŒ‰é’®çš„å‚考实现。这项功能将在未æ¥çš„ Android 版本ä¸é»˜è®¤å¯ç”¨ï¼Œä¸è¿‡çŽ°æœ‰ç‰ˆæœ¬ä¸å¿…须安装相应的补ä¸ç¨‹åºã€‚ç›®å‰ï¼Œè¯¥åŠŸèƒ½ä¸“门针对在å°åº¦å¸‚场销售的设备;ä¸è¿‡ï¼Œé‰´äºŽè¯¥åŠŸèƒ½åœ¨å°åº¦å¢ƒå¤–æ— æ•ˆï¼Œå› æ¤ä¹Ÿå¯ä»¥åœ¨å…¨çƒèŒƒå›´é”€å”®çš„所有设备上æ供。</p> +<p>æ¤åŠŸèƒ½åœ¨ Android 8.0 和更高版本ä¸é»˜è®¤å¯ç”¨ï¼Œä½†è¾ƒæ—©ç‰ˆæœ¬ä¸å¿…须安装相应的补ä¸ç¨‹åºã€‚ç›®å‰ï¼Œè¯¥åŠŸèƒ½ä¸“门针对在å°åº¦å¸‚场销售的设备;ä¸è¿‡ï¼Œé‰´äºŽè¯¥åŠŸèƒ½åœ¨å°åº¦å¢ƒå¤–æ— æ•ˆï¼Œå› æ¤ä¹Ÿå¯ä»¥åœ¨å…¨çƒèŒƒå›´é”€å”®çš„所有设备上æ供。</p> -<h2 id="examples-source">示例和æºä»£ç </h2> <p>“æ供紧急呼å«â€åŠŸèƒ½åœ¨ Android 开放æºä»£ç 项目 (AOSP) çš„ <a href="https://android.googlesource.com/platform/frameworks/base/">frameworks/base</a> 项目ä¸å®žçŽ°ã€‚它在 master 分支ä¸æ供,并将在未æ¥çš„ Android 版本ä¸é»˜è®¤å¯ç”¨ã€‚</p> +<h2 id="examples-source">示例和æºä»£ç </h2> +<p>“æ供紧急呼å«â€åŠŸèƒ½åœ¨ Android 开放æºä»£ç 项目 (AOSP) çš„ <a href="https://android.googlesource.com/platform/frameworks/base/">frameworks/base</a> 项目ä¸å®žçŽ°ã€‚它在 master 分支ä¸æ供,并将在未æ¥çš„ Android 版本ä¸é»˜è®¤å¯ç”¨ã€‚</p> <p>ç›®å‰ï¼Œä»¥ä¸‹åˆ†æ”¯å’Œæ交ä¸å·²æ供该功能。æ供这些信æ¯æ˜¯ä¸ºäº†æ–¹ä¾¿è®¾å¤‡åˆ¶é€ 商轻æ¾å°†å¿…è¦çš„更改以补ä¸ç¨‹åºçš„å½¢å¼æ·»åŠ 到现有版本ä¸ã€‚想è¦å®žçŽ° AOSP å‚考“æ供紧急呼å«â€åŠŸèƒ½çš„è®¾å¤‡åˆ¶é€ å•†å¯ä»¥ä»Žé€‚用的分支ä¸æŒ‘选æäº¤å¹¶åŠ å…¥åˆ°è‡ªå·±çš„ç‰ˆæœ¬ä¸ã€‚</p> <p class="table-caption" id="cherry-picks-reference-implementation"> - <strong>表 1. </strong> 挑选 AOSP å‚考“æ供紧急呼å«â€åŠŸèƒ½</p> +<strong>表 1.</strong> 挑选 AOSP å‚考“æ供紧急呼å«â€åŠŸèƒ½</p> <table> <tbody> <tr> @@ -55,7 +56,7 @@ <a href="https://android-review.googlesource.com/#/c/287241/">6531666</a> ä¿®å¤äº†â€œæ供紧急呼å«â€åœ¨å¹³æ¿ç”µè„‘上显示的问题</td> </tr> <tr> -<td class="style1">lollipop-mr1-dev</td> +<td>lollipop-mr1-dev</td> <td><a href="https://android-review.googlesource.com/#/c/284743/">5fbc86b</a> æ·»åŠ äº†â€œæ供紧急呼å«â€åŠŸèƒ½<br /> <a href="https://android-review.googlesource.com/#/c/287382/">1b60879</a> æ·»åŠ äº†ç´§æ€¥æ“作å—符串的翻译<br /> <a href="https://android-review.googlesource.com/#/c/286856/">d74366f</a> ä¿®å¤äº†â€œæ供紧急呼å«â€åœ¨å¹³æ¿ç”µè„‘上显示的问题</td> @@ -64,21 +65,30 @@ </tbody> </table> -<h2 id="implementation">实现</h2> <p>“æ供紧急呼å«â€åŠŸèƒ½ä¸ä¼šæ›´æ”¹é€šè¿‡ Android SDK 公开的 API。该功能å¯ç”¨å¹¶æ¿€æ´»åŽï¼Œä¼šæ供两个å¯å¯åŠ¨ 112 紧急呼救(å°åº¦çš„唯一紧急呼救å·ç ,由å°åº¦ç”µä¿¡éƒ¨é—¨å¼ºåˆ¶å®žæ–½ï¼‰çš„触å‘器。<br />紧急呼救有两ç§å¯åŠ¨æ–¹å¼ï¼š</p> <ul> -<li>长按é”定å±å¹•ä¸Šçš„<strong>紧急呼救</strong>按钮(图 1)</li> <li>长按电æºæŒ‰é’®ï¼Œç„¶åŽä»Žæ˜¾ç¤ºçš„全局æ“作èœå•ä¸ç‚¹æŒ‰<strong>紧急呼救</strong>选项(图 2)。<em></em></li> </ul> +<h2 id="implementation">实现</h2> +<p>“æ供紧急呼å«â€åŠŸèƒ½ä¸ä¼šæ›´æ”¹é€šè¿‡ Android SDK 公开的 API。该功能å¯ç”¨å¹¶æ¿€æ´»åŽï¼Œä¼šæ供两个å¯å¯åŠ¨ 112 紧急呼救(å°åº¦çš„唯一紧急呼救å·ç ,由å°åº¦ç”µä¿¡éƒ¨é—¨å¼ºåˆ¶å®žæ–½ï¼‰çš„触å‘器。</p> +<p>紧急呼救有两ç§å¯åŠ¨æ–¹å¼ï¼š</p> +<div style="width:80%"> <table> - <tbody><tr> - <td width="50%"><img src="/devices/tech/connect/images/emergency-button.png" alt="紧急呼å«æŒ‰é’®" width="246" id="emergency-button"/> -<p class="img-caption"> - <strong>图 1. </strong> 长按é”定å±å¹•ä¸Šçš„<strong>紧急呼救</strong>按钮(已用红框çªæ˜¾ï¼‰ã€‚</p></td> - <td width="50%"><img src="/devices/tech/connect/images/emergency-option.png" alt="紧急呼å«é€‰é¡¹" width="247" id="emergency-option"/> -<p class="img-caption"> - <strong>图 2. </strong> 点按全局æ“作èœå•ä¸çš„<strong>紧急呼救</strong>æ“作项。<em></em></p></td> - </tr> +<tbody><tr> +<th width="50%">长按é”定å±å¹•ä¸Šçš„<strong>紧急呼救</strong><br />按钮</th> +<th width="50%">点按全局æ“作èœå•ä¸çš„<strong>紧急呼救</strong><br />选项</th> +</tr> +<tr> +<td style="text-align: center"> +<img src="/devices/tech/connect/images/emergency-button.png" alt="紧急呼å«æŒ‰é’®"/> +<figcaption><strong>图 1</strong> é”定å±å¹•ä¸Šçš„<strong>紧急呼救</strong>按钮。</figcaption></td> +<td style="text-align: center"> +<img src="/devices/tech/connect/images/emergency-option.png" alt="紧急呼å«é€‰é¡¹"/> +<figcaption><strong>图 2.</strong> 全局æ“作èœå•ä¸Šçš„<strong>紧急呼救</strong>动作(长按电æºé”®å¯è®¿é—®ï¼‰ã€‚ +</figcaption></td> +</tr> </tbody></table> +</div> -<p>该功能引入了以下内部组件:</p> <ul> +<p>该功能引入了以下内部组件:</p> +<ul> <li>EmergencyAffordanceManager <pre class="devsite-click-to-copy"> frameworks/base/core/java/com/android/internal/policy/EmergencyAffordanceManager.java @@ -91,16 +101,26 @@ frameworks/base/services/core/java/com/android/server/emergency/EmergencyAfforda </li> </ul> -<h3 id="EmergencyAffordanceManager">EmergencyAffordanceManager</h3> <p>EmergencyAffordanceManager æ供使用“æ供紧急呼å«â€åŠŸèƒ½çš„内部 API。它æä¾›å¯åŠ¨ç´§æ€¥å‘¼æ•‘的方法,并在è¿è¡Œæ—¶æŸ¥è¯¢æ˜¯å¦åº”å¯ç”¨è¯¥åŠŸèƒ½ã€‚</p> <ul> <li><code>void -performEmergencyCall()</code> - å¯åŠ¨ç´§æ€¥å‘¼æ•‘</li> -<li><code>boolean needsEmergencyAffordance()</code> - 确定是å¦åº”å¯ç”¨è¯¥åŠŸèƒ½</li> </ul> <p>该功能å¯åœ¨æž„建时永久ç¦ç”¨ï¼Œå…·ä½“方法是将 <code>EmergencyAffordanceManager.ENABLED</code> 常é‡æ”¹ä¸º <code>false</code>。这会导致 <code>needsEmergencyAffordance()</code> 始终返回 false å¹¶é˜»æ¢ <code>EmergencyAffordanceService</code> å¯åŠ¨ã€‚</p> +<h3 id="EmergencyAffordanceManager">EmergencyAffordanceManager</h3> +<p>EmergencyAffordanceManager æ供使用“æ供紧急呼å«â€åŠŸèƒ½çš„内部 API。它æä¾›å¯åŠ¨ç´§æ€¥å‘¼æ•‘的方法,并在è¿è¡Œæ—¶æŸ¥è¯¢æ˜¯å¦åº”å¯ç”¨è¯¥åŠŸèƒ½ã€‚</p> +<ul> +<li><code>void performEmergencyCall()</code>。å¯åŠ¨ç´§æ€¥å‘¼æ•‘。</li> +<li><code>boolean needsEmergencyAffordance()</code>。确定是å¦åº”å¯ç”¨è¯¥åŠŸèƒ½ã€‚</li> +</ul> + +<p>该功能å¯åœ¨æž„建时永久ç¦ç”¨ï¼Œå…·ä½“方法是将 <code>EmergencyAffordanceManager.ENABLED</code> 常é‡æ”¹ä¸º <code>false</code>。这会导致 <code>needsEmergencyAffordance()</code> 始终返回 false å¹¶é˜»æ¢ <code>EmergencyAffordanceService</code> å¯åŠ¨ã€‚</p> -<h3 id="EmergencyAffordanceService">EmergencyAffordanceService</h3> <p><code>EmergencyAffordanceService</code> 是一ç§ç³»ç»ŸæœåŠ¡ï¼Œç”¨äºŽç›‘控所有检测到的移动网络的移动设备国家/地区代ç (MCC) 和安装的 SIM å¡çš„ MCC。如果任何安装的 SIM å¡æˆ–检测到的移动网络的 MCC 与å°åº¦çš„å…¶ä¸ä¸€ä¸ª MCC(404ã€405)相匹é…,则该功能将会å¯ç”¨ã€‚è¿™æ„味ç€ï¼Œå³ä½¿æ²¡æœ‰ SIM å¡ï¼Œè¯¥åŠŸèƒ½ä¹Ÿå¯ä»¥åœ¨å°åº¦å¯ç”¨ã€‚å‰æ是,å‡è®¾åœ¨æ²¡æœ‰å®‰è£… SIM å¡çš„情况下,移动网络å…许注册紧急呼救。该功能将ä¿æŒå¯ç”¨çŠ¶æ€ï¼Œç›´åˆ°å®‰è£…了éžå°åº¦ SIM å¡ä¸”æ²¡æœ‰æ£€æµ‹åˆ°å…·æœ‰åŒ¹é… MCC 的网络。</p> +<h3 id="EmergencyAffordanceService">EmergencyAffordanceService</h3> +<p><code>EmergencyAffordanceService</code> 是一ç§ç³»ç»ŸæœåŠ¡ï¼Œç”¨äºŽç›‘控所有检测到的移动网络的移动设备国家/地区代ç (MCC) 和安装的 SIM å¡çš„ MCC。如果任何安装的 SIM å¡æˆ–检测到的移动网络的 MCC 与å°åº¦çš„å…¶ä¸ä¸€ä¸ª MCC(404ã€405)相匹é…,则该功能将会å¯ç”¨ã€‚è¿™æ„味ç€ï¼Œå³ä½¿æ²¡æœ‰ SIM å¡ï¼Œè¯¥åŠŸèƒ½ä¹Ÿå¯ä»¥åœ¨å°åº¦å¯ç”¨ã€‚å‰æ是,å‡è®¾åœ¨æ²¡æœ‰å®‰è£… SIM å¡çš„情况下,移动网络å…许注册紧急呼救。该功能将ä¿æŒå¯ç”¨çŠ¶æ€ï¼Œç›´åˆ°å®‰è£…了éžå°åº¦ SIM å¡ä¸”æ²¡æœ‰æ£€æµ‹åˆ°å…·æœ‰åŒ¹é… MCC 的网络。</p> -<p>以下资æºå’Œè®¾ç½®ä¼šå½±å““æ供紧急呼å«â€åŠŸèƒ½çš„行为。如果é…置类型是“资æºâ€ï¼Œåˆ™æ˜¯åœ¨ <code>frameworks/base/core/res/res/values/config.xml</code> ä¸å®šä¹‰çš„内部资æºã€‚如果é…置类型为“设置â€ï¼Œåˆ™æ˜¯åœ¨ç³»ç»Ÿè®¾ç½®æ供程åºä¸å˜å‚¨çš„设置。</p> +<p>以下资æºå’Œè®¾ç½®ä¼šå½±å““æ供紧急呼å«â€åŠŸèƒ½çš„行为。如果é…置类型是:</p> +<ul> +<li><strong>资æº</strong>,则是在 <code>frameworks/base/core/res/res/values/config.xml</code> ä¸å®šä¹‰çš„内部资æºã€‚</li> +<li><strong>设置</strong>,则是在系统设置æ供程åºä¸å˜å‚¨çš„设置。</li> +</ul> <p class="table-caption" id="settings-affecting behavior"> - <strong>表 2. </strong> 影哓æ供紧急呼å«â€åŠŸèƒ½è¡Œä¸ºçš„设置</p> +<strong>表 2. </strong> 影哓æ供紧急呼å«â€åŠŸèƒ½è¡Œä¸ºçš„设置</p> <table> <tbody> <tr> @@ -131,9 +151,19 @@ performEmergencyCall()</code> - å¯åŠ¨ç´§æ€¥å‘¼æ•‘</li> </tbody> </table> -<h3 id="112">å¯ç”¨â€œ112â€ç´§æ€¥å‘¼æ•‘</h3> <p>“æ供紧急呼å«â€åŠŸèƒ½ä½¿ç”¨ç´§æ€¥æ‹¨å·å™¨è¿žæŽ¥é€šè¯ï¼Œå› æ¤é€šè¯å¯ä»¥åœ¨é”å±çŠ¶æ€ä¸‹è¿žæŽ¥ã€‚紧急拨å·å™¨åªèƒ½å°†é€šè¯è¿žæŽ¥åˆ°æ— 线界é¢å±‚ (RIL) æ供的å·ç 列表:如果未安装 SIM å¡ï¼Œåˆ™é€šè¿‡ç³»ç»Ÿå±žæ€§â€œril.ecclistâ€è¿žæŽ¥ï¼›å¦‚果已æ’å…¥ SIM å¡ä¸” <code><i><SimSlotNumber></i></code> æ˜¯é»˜è®¤è®¢é˜…è€…çš„æ§½ä½ ID,则通过“<code>ril.ecclist<<i>SimSlotNumber</i>></code>â€è¿žæŽ¥ã€‚<br />使用“æ供紧急呼å«â€åŠŸèƒ½çš„è®¾å¤‡åˆ¶é€ å•†å¿…é¡»ç¡®ä¿åœ¨å°åº¦åœ°åŒºé”€å”®çš„设备始终将 112 作为 RIL ä¸çš„紧急呼救å·ç 。</p> +<h3 id="112">å¯ç”¨ 112 紧急呼救</h3> +<p>“æ供紧急呼å«â€åŠŸèƒ½ä½¿ç”¨ç´§æ€¥æ‹¨å·å™¨è¿žæŽ¥é€šè¯ï¼Œå› æ¤é€šè¯å¯ä»¥åœ¨é”å±çŠ¶æ€ä¸‹è¿žæŽ¥ã€‚紧急拨å·å™¨åªèƒ½å°†é€šè¯è¿žæŽ¥åˆ°æ— 线界é¢å±‚ (RIL) æ供的å·ç 列表:</p> -<h2 id="validation">验è¯</h2> <p>在å¯è°ƒå¼çš„构建上测试时,å¯ä»¥ä½¿ç”¨ä»¥ä¸‹å‘½ä»¤æ›´æ”¹å‘¼å«çš„å·ç :</p> +<ul> +<li>在未安装 SIM å¡æ—¶ï¼Œé€šè¿‡ç³»ç»Ÿå±žæ€§ <code>ril.ecclist</code> 连接;</li> +<li>在æ’å…¥ SIM å¡ä¸” <code><var>SimSlotNumber</var></code> +æ˜¯é»˜è®¤è®¢é˜…è€…çš„æ§½ä½ ID 时,通过系统属性 <code>ril.ecclist<var>SimSlotNumber</var></code> 连接。</li> +</ul> + +<p>使用“æ供紧急呼å«â€åŠŸèƒ½çš„è®¾å¤‡åˆ¶é€ å•†å¿…é¡»ç¡®ä¿åœ¨å°åº¦åœ°åŒºé”€å”®çš„设备始终将 112 作为 RIL ä¸çš„紧急呼救å·ç 。</p> + +<h2 id="validation">验è¯</h2> +<p>在å¯è°ƒå¼çš„构建上测试时,å¯ä»¥ä½¿ç”¨ä»¥ä¸‹å‘½ä»¤æ›´æ”¹å‘¼å«çš„å·ç :</p> <pre class="devsite-terminal devsite-click-to-copy"> adb shell settings put global emergency_affordance_number <var>NUMBER_TO_CALL</var> </pre> @@ -148,20 +178,25 @@ setprop ril.ecclist "$(getprop ril.ecclist),<var>NUMBER_TO_CALL</var>" adb shell settings put global force_emergency_affordance 1 </pre> -<p>在测试期间,建议至少对以下情况进行测试。</p> +<p>建议至少对以下情况进行测试:</p> -<ul> <li>激活之åŽï¼Œé•¿æŒ‰é”定å±å¹•ä¸Šçš„<strong>紧急呼救</strong>按钮(图 1)å¯å‘¼å«æŒ‡å®šç´§æ€¥å‘¼æ•‘å·ç 。</li> -<li>激活之åŽï¼Œå…¨å±€æ“作èœå•ä¸ä¼šæ˜¾ç¤º<strong>紧急呼救</strong>选项,点按该选项å¯å‘¼å«æŒ‡å®šç´§æ€¥å‘¼æ•‘å·ç 。</li> <li>在未检测到å°åº¦ç§»åŠ¨ç½‘络且安装了éžå°åº¦ SIM å¡çš„情况下,该功能<b>ä¸ä¼š</b><b>激活</b>。</li> -<li>在安装å°åº¦ SIM å¡çš„æƒ…å†µä¸‹ï¼Œæ— è®ºæ˜¯å¦æ£€æµ‹åˆ°ç§»åŠ¨ç½‘络,该功能都<b>会激活</b>。</li> <li>在检测到å°åº¦ç§»åŠ¨ç½‘ç»œçš„æƒ…å†µä¸‹ï¼Œæ— è®ºæ˜¯å¦å®‰è£…了 SIM å¡ï¼Œè¯¥åŠŸèƒ½éƒ½<b>会激活</b><b></b>。</li> </ul> +<ul> +<li>激活之åŽï¼Œé•¿æŒ‰é”定å±å¹•ä¸Šçš„<strong>紧急呼救</strong>按钮(图 1)å¯å‘¼å«æŒ‡å®šç´§æ€¥å‘¼æ•‘å·ç 。 +</li> +<li>激活之åŽï¼Œå…¨å±€æ“作èœå•ä¸ä¼šæ˜¾ç¤º<strong>紧急呼救</strong>选项,点按该选项å¯å‘¼å«æŒ‡å®šç´§æ€¥å‘¼æ•‘å·ç 。</li> +<li>在未检测到å°åº¦ç§»åŠ¨ç½‘络且安装了éžå°åº¦ SIM å¡çš„情况下,该功能<strong>ä¸ä¼š</strong>激活。</li> +<li>在安装å°åº¦ SIM å¡çš„æƒ…å†µä¸‹ï¼Œæ— è®ºæ˜¯å¦æ£€æµ‹åˆ°ç§»åŠ¨ç½‘络,该功能都<strong>会激活</strong>。</li> +<li>在检测到å°åº¦ç§»åŠ¨ç½‘ç»œçš„æƒ…å†µä¸‹ï¼Œæ— è®ºæ˜¯å¦å®‰è£…了 SIM å¡ï¼Œè¯¥åŠŸèƒ½éƒ½<strong>会激活</strong>。</li> +</ul> -<p>如果设备支æŒå¤šä¸ª SIM å¡ï¼Œåˆ™æµ‹è¯•åº”ç¡®ä¿ SIM å¡ MCC 检测功能在æ¯ä¸ª SIM å¡æ’槽ä¸éƒ½èƒ½æ£å¸¸è¿è¡Œã€‚该功能ä¸å— Android 兼容性影å“ï¼Œå› æ¤ä¸ç”¨è¿›è¡Œ CTS 测试。</p> +<p>如果设备支æŒå¤šä¸ª SIM å¡ï¼Œåˆ™æµ‹è¯•åº”ç¡®ä¿ SIM å¡ MCC 检测功能在æ¯ä¸ª SIM å¡æ’槽ä¸éƒ½èƒ½æ£å¸¸è¿è¡Œã€‚“æ供紧急呼å«â€åŠŸèƒ½ä¸å— Android 兼容性影å“ï¼Œå› æ¤ä¸ç”¨è¿›è¡Œ CTS 测试。</p> <h2 id="faq">常è§é—®é¢˜è§£ç”</h2> -<h5 id="q-112">问:紧急呼救å·ç “112â€å°šæœªåœ¨å°åº¦æŽˆæƒä½¿ç”¨ï¼Œä»ç„¶ä½¿ç”¨è¯¥å·ç å—?</h5> - -<p>æ ¹æ®é›†æˆç´§æ€¥é€šä¿¡ä¸Žåº”ç”系统 (IECRS) 的定义,“112â€æ˜¯å³å°†åœ¨å°åº¦ç”¨äºŽå…¬å…±å®‰å…¨åº”ç”点 (PSAP) çš„å·ç 。在 PSAP 获得授æƒä¹‹å‰ï¼Œæ‰€æœ‰å¯¹â€œ112â€çš„呼å«éƒ½å°†è½¬æŽ¥åˆ°çŽ°æœ‰çš„“100â€ç´§æ€¥å‘¼æ•‘å·ç 。</p> +<h5 id="q-112">问:紧急呼救å·ç 112 尚未在å°åº¦æŽˆæƒä½¿ç”¨ï¼Œä»ç„¶ä½¿ç”¨è¯¥å·ç å—?</h5> +<p>æ ¹æ®é›†æˆç´§æ€¥é€šä¿¡ä¸Žåº”ç”系统 (IECRS) 的定义,112 是å³å°†åœ¨å°åº¦ç”¨äºŽå…¬å…±å®‰å…¨åº”ç”点 (PSAP) çš„å·ç 。在 PSAP 获得授æƒä¹‹å‰ï¼Œæ‰€æœ‰å¯¹ 112 的呼å«éƒ½å°†è½¬æŽ¥åˆ°çŽ°æœ‰çš„ 100 紧急呼救å·ç (尽管是è¿è¥å•†çš„è´£ä»»è€Œéž Android 的责任)。</p> -<h5 id="q-other-triggers">问:使用其他触å‘æ“ä½œæ€Žä¹ˆæ ·ï¼Ÿæ¯”å¦‚æŒ‰ç”µæºæŒ‰é’®ä¸‰æ¬¡ï¼Ÿ</h5> <p>è®¾å¤‡åˆ¶é€ å•†å¯ä»¥é€‰æ‹©å®žæ–½å…¶ä»–触å‘æ“作。点按硬件电æºæŒ‰é’®ä¸‰æ¬¡ä¹Ÿæ˜¯å°åº¦ç”µä¿¡éƒ¨é—¨æ‰¹å‡†çš„触å‘æ“作。ä¸è¿‡ï¼Œè¿™ç§è§¦å‘æ“作在 AOSP å‚考实现ä¸ä¸å—支æŒï¼Œå› 为有大é‡å…¶ä»–广泛使用的应用使用电æºæŒ‰é’®æ‰‹åŠ¿ï¼ŒåŒ…括é‡å¤ç‚¹æŒ‰ç”µæºæŒ‰é’®ã€‚这些应用å¯èƒ½ä¼šå¹²æ‰°ç´§æ€¥æ‹¨å·å™¨ï¼Œæˆ–者用户在å°è¯•è§¦å‘这些应用ä¸çš„æ“作时å¯èƒ½ä¼šæ„外触å‘紧急呼å«æŒ‰é’®ã€‚</p> +<h5 id="q-other-triggers">问:使用其他触å‘æ“ä½œæ€Žä¹ˆæ ·ï¼Ÿæ¯”å¦‚æŒ‰ç”µæºæŒ‰é’®ä¸‰æ¬¡ï¼Ÿ</h5> +<p>è®¾å¤‡åˆ¶é€ å•†å¯ä»¥é€‰æ‹©å®žæ–½å…¶ä»–触å‘æ“作。然而,虽然点按硬件电æºæŒ‰é’®ä¸‰æ¬¡ä¹Ÿæ˜¯å°åº¦ç”µä¿¡éƒ¨é—¨æ‰¹å‡†çš„触å‘æ“作,但这ç§è§¦å‘æ“作在 AOSP å‚考实现ä¸<strong>ä¸å—支æŒ</strong>ï¼Œå› ä¸ºæœ‰éƒ¨åˆ†å…¶ä»–å¹¿æ³›ä½¿ç”¨çš„åº”ç”¨ï¼ˆå¦‚ç›¸æœºåº”ç”¨ï¼‰ä½¿ç”¨ç”µæºæŒ‰é’®æ‰‹åŠ¿ï¼ŒåŒ…括é‡å¤ç‚¹æŒ‰ç”µæºæŒ‰é’®ã€‚这些应用å¯èƒ½ä¼šå¹²æ‰°ç´§æ€¥æ‹¨å·å™¨ï¼Œæˆ–者用户在å°è¯•è§¦å‘这些应用ä¸çš„æ“作时å¯èƒ½ä¼šæ„外触å‘紧急呼å«æŒ‰é’®ã€‚</p> </body></html>
\ No newline at end of file diff --git a/zh-cn/devices/tech/debug/kasan-kcov.html b/zh-cn/devices/tech/debug/kasan-kcov.html new file mode 100644 index 00000000..160b80b6 --- /dev/null +++ b/zh-cn/devices/tech/debug/kasan-kcov.html @@ -0,0 +1,291 @@ +<html devsite><head> + <title>使用 KASAN+KCOV 编译 Pixel å†…æ ¸</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p> +Kernel Address Sanitizer (<a href="https://www.kernel.org/doc/html/latest/dev-tools/kasan.html">KASAN</a>) å¯ä»¥å¸®åŠ©å†…æ ¸å¼€å‘者和测试人员找出与è¿è¡Œæ—¶å†…å˜ç›¸å…³çš„错误,例如出界读å–或写入æ“作问题,以åŠâ€œé‡Šæ”¾åŽä½¿ç”¨â€ç›¸å…³é—®é¢˜ã€‚虽然 KASAN å› å…¶è¿è¡Œæ—¶æ€§èƒ½ä½Žä»¥åŠå¯¼è‡´å†…å˜ä½¿ç”¨é‡å¢žåŠ 而未在æ£å¼ç‰ˆä¸å¯ç”¨ï¼Œä½†å®ƒä»ç„¶æ˜¯ç”¨æ¥æµ‹è¯•è°ƒè¯•ç‰ˆæœ¬çš„é‡è¦å·¥å…·ã€‚ +</p> +<p> +在与å¦ä¸€ä¸ªå为 Kernel Coverage (<a href="https://lwn.net/Articles/671640/">KCOV</a>) çš„è¿è¡Œæ—¶å·¥å…·æé…使用时,ç»è¿‡ KASAN 排错和 KCOV 检测的代ç å¯ä»¥å¸®åŠ©å¼€å‘者与测试人员检测è¿è¡Œæ—¶å†…å˜é”™è¯¯ä»¥åŠèŽ·å–代ç 覆盖率信æ¯ã€‚åœ¨å†…æ ¸æ¨¡ç³Šæµ‹è¯•ï¼ˆä¾‹å¦‚é€šè¿‡ <a href="https://github.com/google/syzkaller">syzkaller</a>)的情景ä¸ï¼ŒKASAN å¯ä»¥ååŠ©ç¡®å®šå´©æºƒçš„æ ¹æœ¬åŽŸå› ï¼Œè€Œ KCOV 则会å‘模糊引擎æ供代ç 覆盖率信æ¯ï¼Œä»¥åœ¨æµ‹è¯•ç”¨ä¾‹æˆ–è¯æ–™åº“é‡å¤æ•°æ®åˆ 除方é¢æ供帮助。 +</p> +<p> +本页ä¸è®¨è®º KASAN 的内部工作原ç†æˆ–机制,而是指导您编译和修改 Android 开放æºä»£ç 项目 (AOSP) å’Œ Pixel çš„å†…æ ¸æºä»£ç ï¼Œä»¥ä¾¿åœ¨å¼€å¯ KASAN å’Œ KCOV 的情况下å¯åŠ¨ã€‚ +</p> +<h2 id="setting-up-your-build-environment">设置编译环境</h2> +<p> +请éµå¾ª<a href="/source/requirements">下载和编译</a>部分的æ¥éª¤æ¥è®¾ç½®ç¼–译环境。 +</p> +<h2 id="building-aosp">编译 AOSP</h2> +<p> +下载 <a href="/source/downloading">Android æºä»£ç </a>。为了编译 KASAN æ˜ åƒï¼Œè¯·é€‰æ‹©æœªå¤„于积æžå¼€å‘阶段的稳定版本。通常,最新的å‘布版本/稳定分支是ä¸é”™çš„选择。有关版本和分支的更多信æ¯ï¼Œè¯·å‚阅<a href="/source/build-numbers#source-code-tags-and-builds">æºä»£ç æ ‡è®°å’Œç»†åˆ†ç‰ˆæœ¬</a>。 +</p> + +<p> +æˆåŠŸæ£€å‡ºæºä»£ç åŽï¼Œè¯·ä»Ž <a href="https://developers.google.com/android/drivers">Nexus å’Œ Pixel 设备的驱动程åºäºŒè¿›åˆ¶æ–‡ä»¶</a>下载与目å‰æ‰€ç”¨è®¾å¤‡å’Œåˆ†æ”¯å¯¹åº”çš„å¿…è¦è®¾å¤‡ Blob。从系统芯片 (SOC) åˆ¶é€ å•†å¤„åŒæ—¶ä¸‹è½½ä¾›åº”å•†æ˜ åƒå’ŒäºŒè¿›åˆ¶æ–‡ä»¶é›†ã€‚然åŽï¼Œè§£åŽ‹ä¸‹è½½çš„压缩包,è¿è¡Œå…¶ä¸åŒ…å«çš„脚本,并接å—许å¯ã€‚ +</p> +<aside class="note"> +<strong>æ示</strong>:请先仔细检查系统上是å¦å®‰è£…了<a href="/source/initializing#installing-the-jdk">æ£ç¡®ç‰ˆæœ¬çš„ JDK</a>,然åŽå†ç»§ç»ä¸‹ä¸€æ¥æ“作。 +</aside> +<p> +接下æ¥ï¼Œè¯·æŒ‰ç…§<a href="/source/building#cleaning-up">编译准备工作</a>ä¸çš„æ¥éª¤ï¼Œæ¸…ç†å¹¶è®¾ç½®æ‚¨çš„编译环境,然åŽé€‰æ‹©æ‚¨çš„ç¼–è¯‘ç›®æ ‡ã€‚ +</p> + +<p> +è¦åˆ›å»ºä¸€ä¸ªåŸºå‡†å·¥ä½œç‰ˆæœ¬ï¼Œè¯·ç¡®ä¿ä¸è¦å¯¹ç¬¬ä¸€ä¸ªç‰ˆæœ¬è¿›è¡Œä»»ä½•ä¿®æ”¹ï¼š</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal" data-terminal-prefix="~/src/aosp$ ">make -j48</code> +</pre> +<p> +将您的编译结果刷入测试设备(例如 marlin),并使其å¯åŠ¨ï¼š +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal" data-terminal-prefix="~/src/aosp$ ">cd out/target/product/marlin</code> +<code class="devsite-terminal" data-terminal-prefix="~/src/aosp/out/target/product/marlin$ ">ANDROID_PRODUCT_OUT=`pwd` fastboot flashall -w</code> +</pre> +<p> +å¯åŠ¨ä¸»å±å¹•åŽï¼Œæ‚¨å¯èƒ½ä¼šçœ‹åˆ°ä¸€ä¸ªæ˜¾ç¤ºä»¥ä¸‹ä¿¡æ¯çš„弹出å¼çª—å£ï¼š +</p> +<p> +<code>There's an internal problem with your device. Contact your manufacturer +for details.</code> 该弹出å¼çª—å£çš„消æ¯å¯èƒ½è¡¨ç¤ºï¼Œæ‚¨ä¾›åº”商的版本指纹与您系统分区的版本指纹ä¸ä¸€è‡´ã€‚由于æ¤ç‰ˆæœ¬ä»…用于开å‘和测试,而éžç”¨äºŽå‘å¸ƒï¼Œå› æ¤æ‚¨å¯ä»¥å¿½ç•¥æ¤æ¶ˆæ¯ã€‚ +</p> +<h2 id="building-the-kernel">ç¼–è¯‘å†…æ ¸</h2> +<p>è¦ç¼–è¯‘å†…æ ¸ï¼Œæ‚¨éœ€è¦æ£€å‡ºæ£ç¡®çš„æºä»£ç ,对其进行交å‰ç¼–译,然åŽåœ¨æ£ç¡®çš„ AOSP 目录ä¸ç¼–è¯‘å†…æ ¸æ˜ åƒã€‚</p> +<h3 id="checking-out-kernel-source-code">æ£€å‡ºå†…æ ¸æºä»£ç </h3> +<p> +创建一个目录æ¥å˜å‚¨å†…æ ¸æºä»£ç ,并将 AOSP å†…æ ¸ Git 代ç 库克隆到本地å˜å‚¨ã€‚ +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy">mkdir ~/src/marlin-kernel-src</code> +<code class="devsite-terminal devsite-click-to-copy">cd ~/src/marlin-kernel-src</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/marlin-kernel-src$ ">git clone https://android.googlesource.com/kernel/msm</code> +</pre> +<p> +完æˆåŽï¼Œæ‚¨åº”该会看到一个å为 <code>msm</code> 的空目录。 +</p> +<p> +进入 <code>msm</code> 目录并 <code>git checkout</code> 与您æ£åœ¨ç¼–译的æºä»£ç 对应的分支。è¦æŸ¥çœ‹å¯ç”¨åˆ†æ”¯å’Œæ ‡è®°çš„列表,请å‚阅 <a href="https://android.googlesource.com/kernel/msm/">Android msm å†…æ ¸æºä»£ç æ ‘</a>。 +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/marlin-kernel-src$ ">cd msm</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/marlin-kernel-src$ ">git checkout <var>TAG_NAME</var></code> +</pre> +<p> +完æˆæ¤æ¥éª¤åŽï¼Œ<code>msm</code> 目录ä¸åº”该会有相关内容。 +</p> +<h3 id="performing-cross-compilation">执行交å‰ç¼–译</h3> +<p> +接下æ¥ï¼Œæ‚¨éœ€è¦ç¼–译 Android å†…æ ¸ã€‚ +</p> +<h5 id="setting-up-your-cross-compiler">设置交å‰ç¼–译器</h5> +<p> +è¦ç¼–è¯‘å†…æ ¸ï¼Œæ‚¨éœ€è¦è®¾ç½®äº¤å‰ç¼–译器。目å‰æŽ¨èçš„å·²ç»è¿‡æµ‹è¯•çš„工具链是 Android çš„ NDK 工具链的最新稳定版本。è¦ä¸‹è½½ Android NDK,请访问官方 <a href="https://developer.android.com/ndk/downloads/index.html">Android NDK 网站</a>。为您的平å°ä¸‹è½½ç›¸åº”çš„ zip 文件,然åŽå°†å…¶è§£åŽ‹ç¼©ã€‚这会产生类似于 <code>android-ndk-<var>NDK_VERSION</var></code> 的目录。 +</p> +<h5 id="downloading-the-lz4c-tool">下载 LZ4c 工具</h5> +<p> +Pixel å†…æ ¸ä½¿ç”¨ <a hre="//lz4.github.io/lz4/">LZ4 压缩</a>ç®—æ³•ï¼Œå› æ¤åœ¨ç¼–è¯‘å†…æ ¸æ—¶éœ€è¦ä½¿ç”¨ <code>lz4c</code> 工具。如果您使用 Ubuntu,请使用以下命令安装 <code>lz4c</code> 工具:</p> + +<pre class="devsite-terminal devsite-click-to-copy">sudo apt-get install liblz4-tool +</pre> +<h4 id="building-your-kernel">ç¼–è¯‘å†…æ ¸</h4> +<p> +在 <code>marlin-kernel-src/msm</code> 目录ä¸ä½¿ç”¨ä»¥ä¸‹å‘½ä»¤è®¾ç½®ç¼–译环境: +</p> + +<pre> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">export ARCH=arm64</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">export CROSS_COMPILE=<var>PATH_TO_NDK</var>/android-ndk-<var>NDK_VERSION</var>/toolchains/aarch64-linux-android-<var>TOOLCHAIN_VERSION</var>/prebuilt/linux-x86_64/bin/aarch64-linux-android-</code> +</pre> +<p> +然åŽï¼Œç¼–译一个未ç»ä¿®æ”¹çš„å†…æ ¸ç‰ˆæœ¬ä»¥åˆ›å»ºåŸºå‡†å·¥ä½œç‰ˆæœ¬ï¼š +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">make marlin_defconfig</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">make -j48</code> +</pre> +<p> +编译æµç¨‹çš„结果å¯ä»¥åœ¨ä»¥ä¸‹ä½ç½®æ‰¾åˆ°ï¼š<code>arch/arm64/boot/Image.lz4-dtb</code> +</p> +<h4 id="rebuilding-the-boot-image-in-aosp">在 AOSP ä¸é‡æ–°ç¼–译å¯åŠ¨æ˜ åƒ</h4> +<p> +ç¼–è¯‘å†…æ ¸æ˜ åƒä¹‹åŽï¼Œè¯·ä½¿ç”¨ä»¥ä¸‹å‘½ä»¤å°†ç»“æžœå¤åˆ¶åˆ° AOSP çš„ <code>device/google/marlin-kernel</code> 目录下: +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp$ ">cp ${marlin-kernel-src}/msm/arch/arm64/boot/Image.lz4-dtb device/google/marlin-kernel</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp$ ">source build/envsetup.sh</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp$ ">lunch aosp_marlin-userdebug</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp$ ">make -j48</code> +</pre> +<p> +编译æˆåŠŸåŽï¼Œè¯·ä½¿ç”¨ä»¥ä¸‹å‘½ä»¤åˆ·å…¥ç›®æ ‡è®¾å¤‡ï¼š +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp$ ">cd out/target/product/marlin</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp/out/target/product/marlin$ ">fastboot flashall -w</code> +</pre> +<p>刷入之åŽï¼Œæ‚¨çš„设备应该会å¯åŠ¨ã€‚在设备完æˆå¯åŠ¨åŽï¼Œæ£€æŸ¥ <code>Settings -> System -> About phone</code> 下的 <code>Kernel +version</code>,验è¯æ‚¨åˆ·å…¥è®¾å¤‡çš„æ˜ åƒæ˜¯å¦æ˜¯æ‚¨ç¼–è¯‘çš„å†…æ ¸æ˜ åƒã€‚ +</p> +<h2 id="modifying-the-kernel">ä¿®æ”¹å†…æ ¸</h2> +<h3 id="enabling-kasan-and-kcov-compile-options">å¯ç”¨ KASAN å’Œ KCOV 编译选项</h3> +<p> +KASAN å’Œ KCOV 代ç å—ç¼–è¯‘æ ‡è®°ä¿æŠ¤ï¼Œä¸ä¼šé’ˆå¯¹æ™®é€šç‰ˆæœ¬å¯ç”¨ã€‚è¦å¯ç”¨è¿™äº›ä»£ç ,请将 KASAN å’Œ KCOV é€‰é¡¹æ·»åŠ åˆ°é…置文件ä¸ï¼Œä½†æ˜¯è¦è®°å¾—åˆ é™¤ LZ4 é…置。 +</p> +<p> +为æ¤ï¼Œè¯·åˆ›å»ºé»˜è®¤é…置文件的副本,例如 <code>marlin_defconfig</code>: +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">cd arch/arm64/configs</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm/arch/arm64/configs$ ">cp marlin_defconfig marlin-kasan_defconfig</code> +</pre> +<p> +在新的é…置文件ä¸ï¼Œç§»é™¤ <code>CONFIG_KERNEL_LZ4=y</code> è¿™ä¸€æ ‡è®°å¹¶æ·»åŠ ä»¥ä¸‹æ ‡è®°ï¼š +</p> + +<pre class="devsite-click-to-copy">CONFIG_KASAN=y +CONFIG_KASAN_INLINE=y +CONFIG_KCOV=y +CONFIG_SLUB=y +CONFIG_SLUB_DEBUG=y +</pre> + +<h2 id="recompiling-the-kernel-with-new-configuration">使用新é…ç½®é‡æ–°ç¼–è¯‘å†…æ ¸</h2> +<p> +修改完é…置文件的副本åŽï¼Œè¯·é‡æ–°ç¼–è¯‘è¯¥å†…æ ¸ã€‚ +</p> +<h3 id="reconfiguring-the-kernel">é‡æ–°é…ç½®å†…æ ¸</h3> +<p> +设置您的<a href="/source/building-kernels#building">编译环境</a>。编译您修改的 <code>defconfig</code>,并检查生æˆçš„ <code>.config</code> 文件ä¸æ˜¯å¦å˜åœ¨æ–°æ·»åŠ çš„æ ‡è®°ã€‚ +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">make marlin-kasan_defconfig</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">grep KASAN .config +CONFIG_HAVE_ARCH_<strong>KASAN</strong>=y +CONFIG_<strong>KASAN</strong>=y +# CONFIG_<strong>KASAN</strong>_OUTLINE is not set +CONFIG_<strong>KASAN</strong>_INLINE=y</code> +</pre> +<p> +您应该会看到 KASAN æ ‡è®°ã€‚ç¼–è¯‘æ‚¨çš„å†…æ ¸ï¼š</p> + +<pre class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">make -j48 +</pre> +<h3 id="checking-the-modified-kernel-image">查看修改åŽçš„å†…æ ¸æ˜ åƒ</h3> +<p> +编译æˆåŠŸåŽï¼Œè½¬åˆ° <code>arch/arm64/boot</code> 目录查看编译结果。一般而言,<code>Image.gz-dtb</code> 大约为 23MBï¼Œæ¯”æ ‡å‡†ç‰ˆæœ¬å¤§ã€‚ +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm$ ">cd arch/arm64/boot</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src/msm/arch/arm64/boot$ ">ls -lh Image.gz-dtb +-rw-r--r-- 1 username groupname 23M Aug 11 13:59 Image.gz-dtb</code> +</pre> +<p> +è¦äº†è§£ KCOV 是å¦å·²ç»è¿‡æ£ç¡®ç¼–译,请针对生æˆçš„ <code>vmlinux</code>(ä½äºŽå†…æ ¸æºä»£ç æ ‘çš„æ ¹ç›®å½•ï¼‰æ‰§è¡Œè¿›ä¸€æ¥çš„分æžã€‚如果您在 vmlinux 上è¿è¡Œ <code>objdump</code>,应该会看到对 <code>__sanitizer_cov_trace_pc()</code> 的大é‡è°ƒç”¨ã€‚ +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="marlin-kernel-src$ ">sh -c '${CROSS_COMPILE}objdump -d vmlinux' | grep sanitizer +ffffffc000082030: 94040658 bl ffffffc000183990 <__sanitizer_cov_trace_pc> +ffffffc000082050: 94040650 bl ffffffc000183990 <__sanitizer_cov_trace_pc> +ffffffc000082078: 94040646 bl ffffffc000183990 <__sanitizer_cov_trace_pc> +ffffffc000082080: 94040644 bl ffffffc000183990 <__sanitizer_cov_trace_pc> +ffffffc0000820ac: 94040639 bl ffffffc000183990 <__sanitizer_cov_trace_pc> +</code></pre> +<h2 id="modifying-aosp-code">修改 AOSP 代ç </h2> +<p> +您需è¦å…ˆè°ƒæ•´ AOSP æºä»£ç ä¸ç”¨äºŽæŽ§åˆ¶è®¾å¤‡å¯åŠ¨æ–¹å¼çš„特定å‚数,然åŽå†æ’入新的å¯åŠ¨æ˜ åƒã€‚è¿™æ ·åšä¸»è¦æ˜¯ä¸ºäº†ç¡®ä¿æ–°ï¼ˆå·²æ‰©å®¹ï¼‰æ˜ åƒæ£å¸¸å¯åŠ¨ã€‚ +</p> +<h3 id="adjusting-board-parameters">调整æ¿å‚æ•°</h3> +<p> +调整设备的 <code>BoardConfig.mk</code> 文件ä¸å®šä¹‰çš„å¯åŠ¨å‚数。该文件ä½äºŽ <code>device/google/marlin/marlin</code>(AOSP æºä»£ç æ ¹ç›®å½•çš„ç›¸å¯¹è·¯å¾„ï¼‰ä¸‹ã€‚ +</p> + +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp$ ">cd device/google/marlin/marlin</code> +<code class="devsite-terminal devsite-click-to-copy" data-terminal-prefix="~/src/aosp/device/google/marlin/marlin$ ">vim BoardConfig.mk</code> +</pre> +<aside class="caution"> +<p> +<strong>注æ„</strong>:请务必先备份原始的 <code>BoardConfig.mk</code> 文件,然åŽå†ç»§ç»æ“作,以防出现问题。 +</p> +<p> +è¦è¿›è¡Œçš„调整å¯å€ŸåŠ© <code>git diff</code> 结果总结如下: +</p> + +<pre>diff --git a/marlin/BoardConfig.mk b/marlin/BoardConfig.mk +index 31533fb9..81caf05d 100644 +--- a/marlin/BoardConfig.mk ++++ b/marlin/BoardConfig.mk +@@ -116,15 +116,10 @@ BOARD_EGL_CFG := device/google/marlin/egl.cfg + + BOARD_KERNEL_BASE := 0x80000000 + BOARD_KERNEL_PAGESIZE := 4096 +<var>-ifneq ($(filter marlin_kasan, $(TARGET_PRODUCT)),)</var> + BOARD_KERNEL_OFFSET := 0x80000 + BOARD_KERNEL_TAGS_OFFSET := 0x02500000 + BOARD_RAMDISK_OFFSET := 0x02700000 + BOARD_MKBOOTIMG_ARGS := --kernel_offset $(BOARD_KERNEL_OFFSET) --ramdisk_offset $(BOARD_RAMDISK_OFFSET) --tags_offset $(BOARD_KERNEL_TAGS_OFFSET) +<var>-else +-BOARD_KERNEL_TAGS_OFFSET := 0x02000000 +-BOARD_RAMDISK_OFFSET := 0x02200000 +-endif</var> + + TARGET_KERNEL_ARCH := arm64 + TARGET_KERNEL_HEADER_ARCH := arm64 +</pre> +</aside> + +<p> +如果您ä¸æƒ³ä¿®æ”¹ <code>BoardConfig.mk</code> 文件,则å¯ä»¥æ”¹ä¸ºåˆ›å»ºä¸€ä¸ªåŒ…å«å称 <code>marlin_kasan</code> çš„æ–°å¯åŠ¨ç›®æ ‡ã€‚è¦è¯¦ç»†äº†è§£æ¤è¿‡ç¨‹ï¼Œè¯·å‚阅<a href="/source/add-device">æ·»åŠ æ–°è®¾å¤‡</a>。 +</p> + +<h3 id="adjusting-the-kernel-target-in-the-local-makefile">调整本地 Makefile ä¸çš„å†…æ ¸ç›®æ ‡</h3> +<p> +æ–°å†…æ ¸ä½¿ç”¨ LZ4 压缩算法æ¥æå‡é€Ÿåº¦ï¼Œä½† KASAN è¦æ±‚使用 gzip æ¥å®žçŽ°æ›´å¥½çš„压缩比。为了解决这个问题,您å¯ä»¥åœ¨ <code>device/google/marlin/device-common.mk</code> ä¸ä¿®æ”¹ <code>LOCAL_KERNEL</code> å˜é‡æŒ‡å‘çš„ä½ç½®ï¼Œä»Žè€ŒæŒ‡ç¤ºç¼–译系统è¦å°†å“ªä¸ªå†…æ ¸ä¸Žæœ€ç»ˆç›®æ ‡ç»‘å®šã€‚ +</p> +<h2 id="rebuilding-boot-image">é‡æ–°ç¼–译å¯åŠ¨æ˜ åƒ</h2> +<p> +è¦é‡æ–°ç¼–译å¯åŠ¨æ˜ åƒï¼Œè¯·å°†æ–°çš„å†…æ ¸æ˜ åƒå¤åˆ¶åˆ° AOSP æ ‘ä¸çš„设备专用文件夹(例如 <code>device/google/marlin-kernel</code>)。请确ä¿è¿™æ˜¯ç¼–è¯‘ç³»ç»Ÿé¢„æœŸçš„å†…æ ¸ç›®æ ‡æ˜ åƒä½ç½®ï¼ˆæ ¹æ®æ‚¨ä¹‹å‰çš„修改)。 +</p> +<p> +接下æ¥ï¼Œè¯·é‡æ–°ç¼–译å¯åˆ·å…¥çš„æ˜ åƒï¼Œå…·ä½“æ–¹å¼ç±»ä¼¼äºŽæ‚¨ä¹‹å‰<a href="#building-aosp">编译 AOSP</a> çš„æ–¹å¼ã€‚æˆåŠŸç¼–译åŽï¼Œè¯·ç…§å¸¸åˆ·å…¥æ‰€æœ‰ç¼–è¯‘æ˜ åƒã€‚ +</p> +<h2 id="booting-your-device-with-a-modified-kernel-image">使用ç»è¿‡ä¿®æ”¹çš„å†…æ ¸æ˜ åƒå¯åŠ¨è®¾å¤‡</h2> +<p> +您现在应该有一个å¯å¯åŠ¨å¹¶èƒ½è¿›å…¥ä¸»å±å¹•çš„版本。在该版本ä¸ï¼Œæ‚¨å¯ä»¥åœ¨æ—©æœŸå¯åŠ¨é˜¶æ®µæ£€æŸ¥è®¾å¤‡çš„ <code>dmesg</code> 输出ä¸æ˜¯å¦å˜åœ¨â€œ<code>KernelAddressSanitizer +initialized</code>â€æ¶ˆæ¯ã€‚该消æ¯è¡¨ç¤º KASAN 已在å¯åŠ¨æœŸé—´åˆå§‹åŒ–。æ¤å¤–,您还å¯ä»¥ç¡®è®¤è®¾å¤‡ä¸Šæ˜¯å¦å˜åœ¨ <code>/sys/kernel/debug/kcov</code>(è¦æ‰§è¡Œæ¤æ“ä½œï¼Œæ‚¨éœ€è¦ root æƒé™ï¼‰ã€‚ +</p> +<h2 id="troubleshooting">问题排查</h2> +<p> +您å¯ä»¥ä½¿ç”¨ä¸åŒçš„å†…æ ¸ç‰ˆæœ¬è¿›è¡Œå®žéªŒï¼Œå…ˆå°†æ ‡å‡†ç‰ˆæœ¬ç”¨ä½œåŸºå‡†å·¥ä½œç‰ˆæœ¬ï¼Œç„¶åŽå†å¯ç”¨ KASAN+KCOV 编译选项。如果æµç¨‹ä¸æ–ï¼Œè¯·å…ˆæ£€æŸ¥æ‚¨è®¾å¤‡ä¸Šçš„å¼•å¯¼åŠ è½½ç¨‹åºå’ŒåŸºå¸¦ç‰ˆæœ¬æ˜¯å¦ä¸Žæ–°ç‰ˆæœ¬è¦æ±‚的一致。最åŽï¼Œå¦‚æžœæ‚¨ä½¿ç”¨çš„å†…æ ¸ç‰ˆæœ¬è¿‡é«˜ï¼Œé‚£ä¹ˆæ‚¨å¯èƒ½éœ€è¦ä½¿ç”¨ Android æ ‘ä¸Šçš„è¾ƒæ–°çš„åˆ†æ”¯ã€‚ +</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/devices/tech/debug/storaged.html b/zh-cn/devices/tech/debug/storaged.html new file mode 100644 index 00000000..e955bcf6 --- /dev/null +++ b/zh-cn/devices/tech/debug/storaged.html @@ -0,0 +1,69 @@ +<html devsite><head> + <title>实现 storaged</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android O æ·»åŠ äº†å¯¹ <code>storaged</code> 的支æŒï¼Œå®ƒæ˜¯ä¸€ä¸ª Android 本机守护进程,å¯åœ¨ Android 设备上收集和å‘布å˜å‚¨æŒ‡æ ‡ã€‚</p> + +<ul> +<li>对于日常ç£ç›˜ç»Ÿè®¡ä¿¡æ¯ï¼Œ<code>storaged</code> ä¼šå®šæœŸè§£æž <code>/sys/block/mmcblk0/stat</code>(eMMC å˜å‚¨è®¾å¤‡ï¼‰æˆ– <code>/sys/block/sda/stat</code>ï¼ˆéž eMMC 设备)。</li> + +<li>对于 eMMC 生命周期,<code>storaged</code> ä¼šè§£æž <code>/d/mmc0/mmc0:001/ext_csd</code>(如果å¯ç”¨ï¼‰ã€‚</li> + +<li>对于应用 I/O 问题,<code>storaged</code> 会定期é历 <code>/proc/uid_io/stats</code> 并维护已解æžçš„æ•°æ®ï¼ŒåŒ…括æ¥è‡ªæ‰€æœ‰åº”用(ä¸ä»…仅是æ£åœ¨è¿è¡Œçš„应用)的数æ®ã€‚<code>dumpsys</code> å¯ä»¥è°ƒç”¨ <code>storaged</code>,以在错误报告ä¸è®°å½•åº”用 I/O 使用情况。</li> +</ul> + +<p>ç£ç›˜ç»Ÿè®¡ä¿¡æ¯ï¼ˆåŒ…括已终æ¢çš„ç£ç›˜ç»Ÿè®¡ä¿¡æ¯ï¼‰å’Œ eMMC ä¿¡æ¯ä¼šè®°å½•åˆ° Android 事件日志ä¸ï¼Œè€Œå¹³å°ç™»è®°æœåŠ¡ä¼šä»Žæ¤å¤„收集日志。</p> + +<p><code>storaged</code> æ“作会自动å‘生,并且完全由 Android 框架处ç†ï¼Œå› æ¤æ‚¨æ— 需执行任何实现工作。本页介ç»äº† <code>storaged</code>(包括新接å£ï¼‰çš„设计以åŠå¦‚ä½•ä½¿ç”¨å®ƒä»Žå†…æ ¸èŽ·å– I/O 状æ€ã€‚</p> + +<h2 id="storaged-design">storaged 设计</h2> + +<p>出于计算和æƒé™çš„çµæ´»æ€§è€ƒè™‘,<code>storaged</code> 是作为会返回æ¯ä¸ª UID çš„ I/O ä¿¡æ¯çš„å†…æ ¸æ¨¡å—实现的(而ä¸æ˜¯ä½¿ç”¨æ ‡å‡† <code>proc/PID/io</code>)。æ¯ä¸ª I/O 请求的原始 I/O æ•°æ®ä»ç„¶åœ¨å†…æ ¸ <code>task_struct</code> ä¸å˜å‚¨å’Œæ›´æ–°ï¼Œä¸”è¯¥å†…æ ¸ä¼šè®°å½•è¿›ç¨‹çš„é€€å‡ºæ—¶é—´ï¼Œå› æ¤ä¸ä¼šé”™è¿‡è‡ªä¸Šä¸€æ¬¡ <code>storaged</code> 轮询事件以æ¥çš„ I/O 使用情况。</p> + +<p>åªæœ‰å½“框架通知该模å—关于 UID å‰å°/åŽå°åˆ‡æ¢çš„情况或 <code>storaged</code> 守护进程请求报告时,它æ‰ä¼šè¯»å–原始数æ®å¹¶è¿›è¡Œå¤„ç†ã€‚届时,该模å—ä¼šä»Žå†…æ ¸å¯¼å‡ºä¸€ä¸ªæ–‡ä»¶èŠ‚ç‚¹ï¼Œç”¨äºŽä¸Žæ¡†æž¶å’Œ <code>storaged</code> 守护进程进行通信。</p> + +<p><code>storaged</code> 引入了 <code>/proc/uid_io/stats</code> 接å£ï¼Œå®ƒå¯ä¸ºç³»ç»Ÿä¸çš„æ¯ä¸ª UID 返回 I/O 统计信æ¯åˆ—è¡¨ã€‚æ ¼å¼ä¸ºï¼š</p> + +<pre><uid>: <foreground read bytes> <foreground write bytes> <foreground read chars> <foreground write chars> <background read bytes> <background write bytes> <background read chars> <background write chars> +</pre> + +<ul> +<li>读/写å—节是æ¥è‡ªå˜å‚¨è®¾å¤‡çš„ I/O 事件。</li> +<li>读/写å—符(也以å—节为å•ä½ï¼‰æ˜¯ç”±è¯»/写系统调用请求的数æ®ã€‚</li> +</ul> + +<h2 id="getting-i-o-status-from-the-kernel">ä»Žå†…æ ¸èŽ·å– I/O 状æ€</h2> + +<p>è¦ä»Žå†…æ ¸è½¬å‚¨ I/O 使用情况,请使用带有 <strong><code>-u</code></strong> 选项的 <code>storaged</code> 命令。</p> + +<p>命令:<code>storaged -u</code></p> + +<p>å‘½ä»¤è¾“å‡ºæ ¼å¼ï¼š<code>name/uid fg_rchar fg_wchar fg_rbytes fg_wbytes +bg_rchar bg_wchar bg_rbytes bg_wbytes fg_fsync bg_fsync</code></p> + +<p class="note"><strong>注æ„</strong>:æ¤è¾“出类似于 <code>proc/uid_io/stats</code> çš„è¾“å‡ºã€‚è¿™æ˜¯å› ä¸º <code>storaged</code> 会处ç†æ¥è‡ª <code>/proc/uid_io/stats</code> çš„æ•°æ®å¹¶ç”Ÿæˆè‡ªå·±çš„æ•°æ®ã€‚</p> + +<p>输出示例:</p> + +<pre>com.google.android.backuptransport 2269 60 0 0 1719845663 143912573 149065728 184180736 +com.android.vending 2170 60 0 0 219904796 38693092 174436352 18944000</pre> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/devices/tech/display/hdr.html b/zh-cn/devices/tech/display/hdr.html index edddca9a..ca57cfde 100644 --- a/zh-cn/devices/tech/display/hdr.html +++ b/zh-cn/devices/tech/display/hdr.html @@ -132,13 +132,13 @@ <h4>æœæ¯”视界</h4> -<p><code>MediaFormat</code> mime 常é‡ï¼š -</p><blockquote><pre> +<p><code>MediaFormat</code> mime 常é‡ï¼š</p> +<pre class="devsite-click-to-copy"> String MIMETYPE_VIDEO_DOLBY_VISION -</pre></blockquote><p></p> +</pre> <p><code>MediaCodecInfo.CodecProfileLevel</code> é…置文件常é‡ï¼š</p> -<blockquote><pre> +<pre class="devsite-click-to-copy"> int DolbyVisionProfileDvavPen int DolbyVisionProfileDvavPer int DolbyVisionProfileDvheDen @@ -147,24 +147,24 @@ int DolbyVisionProfileDvheDtb int DolbyVisionProfileDvheDth int DolbyVisionProfileDvheDtr int DolbyVisionProfileDvheStn -</pre></blockquote> +</pre> <p>æœæ¯”视界视频层和元数æ®å¿…须通过视频应用é€å¸§è¿žæŽ¥åˆ°å•ä¸ªç¼“冲区。æ¤è¿‡ç¨‹å¯é€šè¿‡å…·æœ‰æœæ¯”视界功能的 MediaExtractor 自动完æˆã€‚</p> <h4>HEVC HDR 10</h4> -<p><code>MediaCodecInfo.CodecProfileLevel</code> é…置文件常é‡ï¼š</p><p> -</p><blockquote><pre> +<p><code>MediaCodecInfo.CodecProfileLevel</code> é…置文件常é‡ï¼š</p> +<pre class="devsite-click-to-copy"> int HEVCProfileMain10HDR10 -</pre></blockquote> +</pre> <h4>VP9 HLG 与 VP9 PQ</h4> <p><code>MediaCodecInfo.CodecProfileLevel</code> é…置文件常é‡ï¼š</p> -<blockquote><pre> +<pre class="devsite-click-to-copy"> int VP9Profile2HDR int VP9Profile3HDR -</pre></blockquote> +</pre> <p>如果æŸä¸ªå¹³å°æ”¯æŒå…·å¤‡ HDR 功能的解ç 器,则该平å°è¿˜åº”该支æŒå…·å¤‡ HDR 功能的æå–器。</p> @@ -280,7 +280,7 @@ VP9Profile3HDR <h2 id="enablinghdr">å¯ç”¨ HDR å¹³å°æ”¯æŒ</h2> -<p>SoC ä¾›åº”å•†å’ŒåŽŸå§‹è®¾å¤‡åˆ¶é€ å•†(OEM) 必须采å–进一æ¥æŽªæ–½ï¼Œæ‰èƒ½è®©æŸæ¬¾è®¾å¤‡æ”¯æŒ HDR å¹³å°ã€‚</p> +<p>SoC ä¾›åº”å•†å’ŒåŽŸå§‹è®¾å¤‡åˆ¶é€ å•† (OEM) 必须采å–进一æ¥æŽªæ–½ï¼Œæ‰èƒ½è®©æŸæ¬¾è®¾å¤‡æ”¯æŒ HDR å¹³å°ã€‚</p> <h3 id="platformchanges">Android 7.0 版本ä¸é’ˆå¯¹ HDR 所åšçš„å¹³å°æ›´æ”¹</h3> @@ -298,9 +298,12 @@ VP9Profile3HDR <li>进行åˆæˆã€‚</li> <li>如果是通过 HDMI 显示,则需è¦ï¼š<ol style="list-style-type: lower-alpha"> <li>确定åˆæˆåœºæ™¯çš„颜色ã€æ¯å¸¦å’Œæ½œåœ¨çš„动æ€å…ƒæ•°æ®ã€‚</li> -<li>将产生的åˆæˆåœºæ™¯è½¬æ¢ä¸ºå¯¼å‡ºçš„色彩空间/色域。</li></ol></li> +<li>将产生的åˆæˆåœºæ™¯è½¬æ¢ä¸ºå¯¼å‡ºçš„色彩空间/色域。</li> +</ol> +</li> <li>如果直接在显示å±ä¸æ˜¾ç¤ºï¼Œåˆ™å°†äº§ç”Ÿçš„åˆæˆåœºæ™¯è½¬æ¢ä¸ºæ‰€éœ€çš„显示信å·ï¼Œä»¥ç”Ÿæˆè¯¥åœºæ™¯ã€‚ -</li></ol> +</li> +</ol> <h4>Display Discovery</h4> @@ -310,12 +313,16 @@ VP9Profile3HDR <ul> <li>æ ¹æ® <a href="https://standards.cta.tech/kwspub/published_docs/CTA-861.3-Preview.pdf">CTA-861.3</a> 第 4.2 节ä¸å®šä¹‰çš„内容,连接的 HDMI 显示å±é€šè¿‡ HDMI EDID æ’å‘å…¶ HDR 功能。</li> -<li>以下是应使用的 EOTF æ˜ å°„ï¼š<ul> +<li>以下是应使用的 EOTF æ˜ å°„ï¼š +<ul> <li>ET_0 ä¼ ç»Ÿç°åº¦ç³»æ•° - SDR äº®åº¦èŒƒå›´ï¼šæœªæ˜ å°„åˆ°ä»»ä½• HDR 类型</li> <li>ET_1 ä¼ ç»Ÿç°åº¦ç³»æ•° - HDR äº®åº¦èŒƒå›´ï¼šæœªæ˜ å°„åˆ°ä»»ä½• HDR 类型</li> -<li>ET_2 SMPTE ST 2084 - æ˜ å°„åˆ° HDR 类型 HDR10</li></ul></li> +<li>ET_2 SMPTE ST 2084 - æ˜ å°„åˆ° HDR 类型 HDR10</li> +</ul> +</li> <li>通过 HDMI 实现æœæ¯”视界或 HLG çš„ä¿¡å·æ”¯æŒï¼ˆæ ¹æ®å…¶ç›¸å…³æœºæž„的定义)。</li> -<li>请注æ„,HWC2 API ä¼šä½¿ç”¨æµ®ç‚¹æœŸæœ›äº®åº¦å€¼ï¼Œå› æ¤ 8 ä½ EDID 值必须以åˆé€‚çš„æ–¹å¼è¿›è¡Œè½¬æ¢ã€‚</li></ul> +<li>请注æ„,HWC2 API ä¼šä½¿ç”¨æµ®ç‚¹æœŸæœ›äº®åº¦å€¼ï¼Œå› æ¤ 8 ä½ EDID 值必须以åˆé€‚çš„æ–¹å¼è¿›è¡Œè½¬æ¢ã€‚</li> +</ul> <h3 id="decoders">解ç 器</h3> @@ -343,7 +350,7 @@ VP9Profile3HDR <ul> <li>æä¾›æœæ¯”视界感知æå–器(å³ä½¿è¯¥å¹³å°ä¸æ”¯æŒ HDR æ’放)。</li> -<li>æ供至少支æŒæœæ¯”视界é…置文件 X/级别 Y 的解ç 器。</li> +<li>æ供支æŒç”±æœæ¯”实验室定义的视界é…置文件的解ç 器。</li> </ul> <h4>HDR10 解ç 器支æŒ</h4> @@ -398,7 +405,7 @@ VP9Profile3HDR <h3 id="hdr10decoder">HDR10 解ç 器通é“</h3> -<p><img src="../images/hdr10_decoder_pipeline.png"/></p> +<p><img src="/devices/tech/images/hdr10_decoder_pipeline.png"/></p> <p class="img-caption"><strong>图 1.</strong> HDR10 通é“</p> @@ -425,7 +432,7 @@ HDR ä¿¡æ¯ä½äºŽ SEI 或 SPS ä¸ã€‚HEVC 解ç å™¨ä¼šé¦–å…ˆæŽ¥æ”¶åŒ…å« HDR ä¿¡æ <h3 id="dvdecoder">æœæ¯”视界解ç 器通é“</h3> -<p><img src="../images/dolby_vision_decoder_pipleline.png"/></p> +<p><img src="/devices/tech/images/dolby_vision_decoder_pipleline.png"/></p> <p class="img-caption"><strong>图 2.</strong> æœæ¯”视界通é“</p> @@ -467,7 +474,7 @@ HDR ä¿¡æ¯ä½äºŽ SEI 或 SPS ä¸ã€‚HEVC 解ç å™¨ä¼šé¦–å…ˆæŽ¥æ”¶åŒ…å« HDR ä¿¡æ <h3 id="v9decoder">VP9 解ç 器通é“</h3> -<p><img src="../images/vp9-pq_decoder_pipleline.png"/></p> +<p><img src="/devices/tech/images/vp9-pq_decoder_pipleline.png"/></p> <p class="img-caption"><strong>图 3.</strong> VP9-PQ 通é“</p> diff --git a/zh-cn/devices/tech/display/night-light.html b/zh-cn/devices/tech/display/night-light.html index 44d221a5..2798b32b 100644 --- a/zh-cn/devices/tech/display/night-light.html +++ b/zh-cn/devices/tech/display/night-light.html @@ -20,16 +20,20 @@ limitations under the License. --> -<p>ç ”ç©¶è¡¨æ˜Žï¼Œå±å¹•çš„è“光会对ç¡çœ è´¨é‡é€ æˆä¸è‰¯å½±å“。Android 7.1.1 具备一ç§ç§°ä¸ºâ€œå¤œé—´æ¨¡å¼â€çš„功能,å¯å‡å°‘设备显示å±å‘出的è“å…‰é‡ï¼Œä»¥ä¾¿è¾¾åˆ°æ›´æŽ¥è¿‘用户当å‰æ—¶é—´å’Œåœ°ç‚¹çš„自然光效果。 +<p> +ç ”ç©¶è¡¨æ˜Žï¼Œå±å¹•çš„è“光会对ç¡çœ è´¨é‡é€ æˆä¸è‰¯å½±å“。Android 7.1.1 具备一ç§ç§°ä¸ºâ€œå¤œé—´æ¨¡å¼â€çš„功能,å¯å‡å°‘设备显示å±å‘出的è“å…‰é‡ï¼Œä»¥ä¾¿è¾¾åˆ°æ›´æŽ¥è¿‘用户当å‰æ—¶é—´å’Œåœ°ç‚¹çš„自然光效果。Android 8.0 æ供一项功能,å¯è®©ç”¨æˆ·æ›´å¥½åœ°æŽ§åˆ¶å¤œé—´æ¨¡å¼æ•ˆæžœçš„强度。 </p> -<p>夜间模å¼éœ€è¦ä½¿ç”¨ <a href="/devices/graphics/implement-hwc.html">Hardware Composer HAL 2.0</a> (HWC 2) æ¥å®žçŽ°ï¼Œå®ƒå¯åº”ç”¨ä¼ é€’åˆ° <code>setColorTransform</code> 的矩阵以执行ç€è‰²ï¼Œè€Œä¸ä¼šå½±å“耗电é‡ã€æ€§èƒ½å’Œåº”用兼容性。 +<p> +夜间模å¼éœ€è¦ä½¿ç”¨ <a href="/devices/graphics/implement-hwc.html">Hardware Composer HAL 2.0</a> (HWC 2) æ¥å®žçŽ°ï¼Œå®ƒå¯åº”ç”¨ä¼ é€’åˆ° <code>setColorTransform</code> 的矩阵以执行ç€è‰²ï¼Œè€Œä¸ä¼šå½±å“耗电é‡ã€æ€§èƒ½å’Œåº”用兼容性。 </p> <h2 id="implementation">实现</h2> -<p>è®¾å¤‡åˆ¶é€ å•†å¯ä»¥ä½¿ç”¨ä»¥ä¸‹è·¯å¾„ä¸å®šä¹‰çš„ä¸‹åˆ—æ ‡è®°å¯ç”¨è¯¥åŠŸèƒ½çš„默认实现: +<p> +è®¾å¤‡åˆ¶é€ å•†å¯ä»¥ä½¿ç”¨ä»¥ä¸‹è·¯å¾„ä¸å®šä¹‰çš„ä¸‹åˆ—æ ‡è®°å¯ç”¨è¯¥åŠŸèƒ½çš„默认实现: <code><a href="https://android.googlesource.com/platform/frameworks/base/+/master/core/res/res/values/config.xml"> /android/frameworks/base/core/res/res/values/config.xml</a></code> -</p><pre><!-- Control whether Night display is available. This should only be enabled +</p><pre class="devsite-click-to-copy"> +<!-- Control whether Night display is available. This should only be enabled on devices with HWC 2 color transform support. --> <bool name="config_nightDisplayAvailable">false</bool> <!-- Default mode to control how Night display is automatically activated. @@ -45,11 +49,20 @@ <!-- Default time when Night display is automatically deactivated. Represented as milliseconds from midnight (e.g. 21600000 == 6am). --> <integer name="config_defaultNightDisplayCustomEndTime">21600000</integer> + + <!-- Minimum color temperature, in Kelvin, supported by Night display. --> + <integer name="config_nightDisplayColorTemperatureMin">2596</integer> + <!-- Default color temperature, in Kelvin, to tint the screen when Night display is + activated. --> + <integer name="config_nightDisplayColorTemperatureDefault">2850</integer> + <!-- Maximum color temperature, in Kelvin, supported by Night display. --> + <integer name="config_nightDisplayColorTemperatureMax">4082</integer> </pre> <p> 这段代ç 包å«ç”¨äºŽæ¡†æž¶ã€ç³»ç»ŸæœåŠ¡ã€SystemUI 和设置的代ç : </p> -<pre>platform/frameworks/base/core +<pre class="devsite-click-to-copy"> +platform/frameworks/base/core ├ java/android/provider/Settings.java ├ java/com/android/internal/app/NightDisplayController.java â”” res/res/values/config.xml @@ -77,13 +90,13 @@ platform/packages/apps/Settings ├ src/com/android/settings/Settings.java ├ src/com/android/settings/dashboard/conditional/NightDisplayCondition.java ├ src/com/android/settings/display/NightDisplayPreference.java +├ src/com/android/settings/display/NightDisplayPreferenceController.java â”” src/com/android/settings/display/NightDisplaySettings.java </pre> <h2 id="ui-features">ç•Œé¢åŠŸèƒ½</h2> <p> -由于夜间模å¼æ˜¯é¢å‘ç”¨æˆ·çš„åŠŸèƒ½ï¼Œå› æ¤ç”¨æˆ·éœ€è¦èƒ½å¤ŸæŽŒæŽ§è¿™é¡¹åŠŸèƒ½ã€‚ - Android 开放æºä»£ç 项目 (AOSP) <a href="https://android.googlesource.com/platform/packages/apps/Settings/">packages/apps/Settings</a> 项目ä¸æ供了全é¢çš„è®¾ç½®å®žçŽ°æ–¹æ³•ï¼Œä»¥ä¾›è®¾å¤‡åˆ¶é€ å•†åœ¨å®žçŽ°å…¶è®¾ç½®æ—¶å‚考。 +由于夜间模å¼æ˜¯é¢å‘ç”¨æˆ·çš„åŠŸèƒ½ï¼Œå› æ¤ç”¨æˆ·éœ€è¦èƒ½å¤ŸæŽŒæŽ§è¿™é¡¹åŠŸèƒ½ã€‚Android 开放æºä»£ç 项目 (AOSP) <a href="https://android.googlesource.com/platform/packages/apps/Settings/">packages/apps/Settings</a> 项目ä¸æ供了全é¢çš„è®¾ç½®å®žçŽ°æ–¹æ³•ï¼Œä»¥ä¾›è®¾å¤‡åˆ¶é€ å•†åœ¨å®žçŽ°å…¶è®¾ç½®æ—¶å‚è€ƒã€‚å®žçŽ°äººå‘˜å¿…é¡»å¤„ç† <code><a href="https://developer.android.com/reference/android/provider/Settings.html#ACTION_NIGHT_DISPLAY_SETTINGS">Settings.ACTION_NIGHT_DISPLAY_SETTINGS</a></code> intent 以显示æ¤è®¾ç½®ã€‚ </p> <h3 id="settings">设置</h3> <p>用户å¯ä»¥åœ¨â€œè®¾ç½®â€>“显示â€>“夜间模å¼â€ä¸è®¾ç½®å¤œé—´æ¨¡å¼ã€‚<em></em>在设置页é¢ä¸ï¼Œç”¨æˆ·å¯ä»¥äº†è§£å¤œé—´æ¨¡å¼ï¼Œè®¾ç½®å…¶æ—¶é—´å®‰æŽ’以åŠå¼€å¯æˆ–å…³é—夜间模å¼ã€‚ @@ -97,6 +110,7 @@ platform/packages/apps/Settings </ul> </li> <li><strong>å¼€å¯/å…³é—</strong>:用于控制夜间模å¼å½“å‰çŠ¶æ€çš„切æ¢å¼€å…³ã€‚æ¤çŠ¶æ€éµå¾ªçŽ°æœ‰çš„è‡ªåŠ¨è§„åˆ™ã€‚ä¾‹å¦‚ï¼Œå¦‚æžœç”¨æˆ·åœ¨ä¸‹åˆ 5:30 å¼€å¯å¤œé—´æ¨¡å¼ï¼ˆæ—©äºŽè‡ªåŠ¨è§„则的开å¯æ—¶é—´ï¼Œå³æ™šä¸Š 10:30),则系统ä¾ç„¶ä¼šåœ¨æ—©ä¸Š 6:30 å…³é—夜间模å¼ã€‚如果用户在早上 5:30 å…³é—夜间模å¼ï¼ˆæ—©äºŽè‡ªåŠ¨è§„则的关é—时间,å³æ—©ä¸Š 6:30),则系统ä¾ç„¶ä¼šåœ¨æ™šä¸Š 10:30 å¼€å¯å¤œé—´æ¨¡å¼ã€‚</li> + <li><strong>强度</strong>:通过从暖色调滑动到冷色调æ¥æŽ§åˆ¶ç€è‰²ç¨‹åº¦çš„<a href="https://developer.android.com/reference/android/widget/SeekBar.html">拖动æ¡</a>。在未å¯ç”¨å¤œé—´æ¨¡å¼æ—¶ï¼Œå¯ä»¥åœç”¨æ‹–动æ¡ã€‚</li> <li><strong>ä¿¡æ¯æ€§æ–‡æœ¬</strong>:å‘用户介ç»å¤œé—´æ¨¡å¼çš„功能和原ç†ã€‚</li> </ul> <h3 id="settings-conditional">设置æ¡ä»¶è¯å¥</h3> diff --git a/zh-cn/devices/tech/display/retail-mode.html b/zh-cn/devices/tech/display/retail-mode.html index a20cf409..b637ac39 100644 --- a/zh-cn/devices/tech/display/retail-mode.html +++ b/zh-cn/devices/tech/display/retail-mode.html @@ -20,7 +20,8 @@ limitations under the License. --> -<p>Android 7.1.1 åŠæ›´é«˜ç‰ˆæœ¬å¯ä¸ºé›¶å”®æ¨¡å¼æ供系统级支æŒï¼Œä»¥ä¾¿ç”¨æˆ·å¯ä»¥è½»æ¾æ£€æµ‹è¿è¡Œä¸çš„设备。通过该功能,零售环境ä¸çš„任何人都å¯ä»¥è§‚看快速ã€å®‰å…¨ã€ä¸€è‡´çš„ Android è®¾å¤‡æ¼”ç¤ºï¼Œè€ŒåŽŸå§‹è®¾å¤‡åˆ¶é€ å•† (OEM) 也å¯ä»¥å€Ÿæ¤å¤§å¹…é™ä½Žé›¶å”®æ¨¡å¼çš„æˆæœ¬å’Œå¤æ‚度,实现演示设备的普通化。 +<p> +Android 7.1.1 åŠæ›´é«˜ç‰ˆæœ¬å¯ä¸ºé›¶å”®æ¨¡å¼æ供系统级支æŒï¼Œä»¥ä¾¿ç”¨æˆ·å¯ä»¥è½»æ¾æ£€æµ‹è¿è¡Œä¸çš„设备。通过该功能,零售环境ä¸çš„任何人都å¯ä»¥è§‚看快速ã€å®‰å…¨ã€ä¸€è‡´çš„ Android è®¾å¤‡æ¼”ç¤ºï¼Œè€ŒåŽŸå§‹è®¾å¤‡åˆ¶é€ å•† (OEM) 也å¯ä»¥å€Ÿæ¤å¤§å¹…é™ä½Žé›¶å”®æ¨¡å¼çš„æˆæœ¬å’Œå¤æ‚度,实现演示设备的普通化。 </p> <h2 id="key-use-cases">关键用例</h2> @@ -33,7 +34,7 @@ <h2 id="lifecycle">生命周期</h2> -<img src="images/retail-demo-flow.png" alt="零售演示模å¼æµç¨‹" width="XXX" id="retail-demo-flow"/> +<img src="/devices/tech/display/images/retail-demo-flow.png" alt="零售演示模å¼æµç¨‹" width="XXX" id="retail-demo-flow"/> <p class="img-caption"> <strong>图 1.</strong> è¯è¨€é€‰æ‹©ä¸çš„零售演示模å¼é€‰é¡¹</p> @@ -42,7 +43,7 @@ <p>零售员工å¯ä»¥ä»Žä»»ä½•è®¾ç½®å‘导的首å±ç›´æŽ¥å¯ç”¨é›¶å”®æ¨¡å¼ï¼Œå…·ä½“方法是选择列表底部的è¯è¨€ <strong>Retail demo</strong>。æ¤é€‰é¡¹é€‚用于全新出厂的设备。一旦消费者完æˆè®¾ç½®ï¼Œé›¶å”®æ¨¡å¼å°†ä¸å†å¯ç”¨ã€‚选择åŽï¼Œè®¾å¤‡å°†å®Œæˆå…·æœ‰ç®€çŸæµç¨‹çš„ SUW。 </p> -<img src="images/retail-demo-wizard.png" alt="零售演示模å¼å‘导用法" width="XXX" id="retail-demo-wizard"/> +<img src="/devices/tech/display/images/retail-demo-wizard.png" alt="零售演示模å¼å‘导用法" width="XXX" id="retail-demo-wizard"/> <p class="img-caption"> <strong>图 2.</strong> è¯è¨€é€‰æ‹©ä¸çš„零售演示模å¼é€‰é¡¹</p> @@ -76,15 +77,17 @@ <h2 id="examples-and-source">示例和æºä»£ç </h2> -<p>从以下ä½ç½®æŸ¥æ‰¾å¾ªçŽ¯æ’放视频的自定义å¯åŠ¨å™¨ï¼š<br /> -<code>/packages/apps/RetailDemo</code> -</p> +<p>从以下ä½ç½®æŸ¥æ‰¾å¾ªçŽ¯æ’放视频的自定义å¯åŠ¨å™¨ï¼š</p> +<pre class="devsite-click-to-copy"> +/packages/apps/RetailDemo +</pre> <h2 id="implementation">实现</h2> <h3 id="enabling-retaildemomodeservice">å¯ç”¨ RetailDemoModeService</h3> -<p>设置å‘导设置全局设置 <code>Global.DEVICE_DEMO_MODE=true</code>,以表示设备已进入零售模å¼ã€‚一é‡åˆ°æ¤è®¾ç½®ï¼Œ<code>RetailDemoModeService</code> 便会在用户 0 å·²å¯åŠ¨æ—¶åˆ›å»ºå¹¶åˆ‡æ¢è‡³æ¼”示用户,å¯ç”¨è¦†ç›–层资æºä¸æŒ‡å®šçš„自定义å¯åŠ¨å™¨ï¼Œå¹¶åœç”¨ SUW。系统æœåŠ¡å™¨å’Œ SystemUI 也会使用æ¤æ ‡è®°æ¥ç®¡ç†é›¶å”®æ¨¡å¼çš„å„个方é¢ã€‚ +<p> +设置å‘导设置全局设置 <code>Global.DEVICE_DEMO_MODE=true</code>,以表示设备已进入零售模å¼ã€‚一é‡åˆ°æ¤è®¾ç½®ï¼Œ<code>RetailDemoModeService</code> 便会在用户 0 å·²å¯åŠ¨æ—¶åˆ›å»ºå¹¶åˆ‡æ¢è‡³æ¼”示用户,å¯ç”¨è¦†ç›–层资æºä¸æŒ‡å®šçš„自定义å¯åŠ¨å™¨ï¼Œå¹¶åœç”¨ SUW。系统æœåŠ¡å™¨å’Œ SystemUI 也会使用æ¤æ ‡è®°æ¥ç®¡ç†é›¶å”®æ¨¡å¼çš„å„个方é¢ã€‚ </p> <h3 id="setting-custom-launcher-or-video-player">设置自定义å¯åŠ¨å™¨æˆ–视频æ’放器</h3> @@ -94,7 +97,7 @@ <p>例如,使用以下代ç :</p> -<pre> +<pre class="devsite-click-to-copy"> <!-- Component that is the default launcher when Retail Mode is enabled. --> <string name="config_demoModeLauncherComponent">com.android.retaildemo/.DemoPlayer</string> </pre> @@ -110,7 +113,8 @@ <p>如果有 A/B 两个系统分区,则 B 系统分区的 <code>/preloads/demo</code> ä¸å¿…须包å«æ¼”示视频。在首次å¯åŠ¨æ—¶ï¼Œç³»ç»Ÿä¼šå°†è¯¥è§†é¢‘å¤åˆ¶åˆ° <code>/data/preloads/demo</code>。 </p> -<p>è¦è®¾ç½®ç‰¹å®šäºŽé›¶å”®æ¨¡å¼çš„设置,请使用:<code>Settings.Global.retail_demo_mode_constants</code>。例如:<code>user_inactivity_timeout_ms=90000,warning_dialog_timeout_ms=10000</code> +<p> +è¦è®¾ç½®ç‰¹å®šäºŽé›¶å”®æ¨¡å¼çš„设置,请使用:<code>Settings.Global.retail_demo_mode_constants</code>。例如:<code>user_inactivity_timeout_ms=90000,warning_dialog_timeout_ms=10000</code> </p> <p class="note"><strong>注æ„</strong>:目å‰çš„超时默认值为 90000 毫秒,但å¯å¯¹å…¶è¿›è¡Œé…置。 @@ -163,7 +167,7 @@ <p>åªè¦æœ‰ç½‘络连接,<code>/packages/apps/RetailDemo</code> ä¸çš„ RetailDemo 应用便å¯ä»¥æ›´æ–°æ¼”示视频。通过在 RetailDemo 应用ä¸æ›¿æ¢ä»¥ä¸‹å—符串值,å¯é…置下载视频的网å€ï¼š</p> -<pre> +<pre class="devsite-click-to-copy"> <!-- URL where the retail demo video can be downloaded from. --> <string name="retail_demo_video_download_url"></string> </pre> @@ -173,13 +177,13 @@ <p>在 <code>res/values-en-rUS/strings.xml</code> ä¸ï¼š</p> -<pre> +<pre class="devsite-click-to-copy"> <string name="retail_demo_video_download_url">download URL for US video goes here</string> </pre> <p>åŒæ ·ï¼Œåœ¨ <code>res/values-en-rGB/strings.xml</code> ä¸ï¼š</p> -<pre> +<pre class="devsite-click-to-copy"> <string name="retail_demo_video_download_url">download URL for UK video goes here</string> </pre> diff --git a/zh-cn/devices/tech/ota/ab_implement.html b/zh-cn/devices/tech/ota/ab_implement.html new file mode 100644 index 00000000..36b88b71 --- /dev/null +++ b/zh-cn/devices/tech/ota/ab_implement.html @@ -0,0 +1,236 @@ +<html devsite><head> + <title>实现 A/B æ›´æ–°</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>想è¦å®žçŽ° A/B ç³»ç»Ÿæ›´æ–°çš„åŽŸå§‹è®¾å¤‡åˆ¶é€ å•† (OEM) å’Œ SoC 供应商必须确ä¿å…¶å¼•å¯¼åŠ 载程åºå®žçŽ° boot_control HAL,并将<a href="#kernel">æ£ç¡®çš„å‚æ•°</a>ä¼ é€’åˆ°å†…æ ¸ã€‚</p> + +<h2 id="bootcontrol">实现å¯åŠ¨æŽ§ä»¶ HAL</h2> +<p>æ”¯æŒ A/B çš„å¼•å¯¼åŠ è½½ç¨‹åºå¿…须在 <code><a href="https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/boot_control.h" class="external">hardware/libhardware/include/hardware/boot_control.h</a></code> 实现 <code>boot_control</code> HAL。您å¯ä»¥ä½¿ç”¨ <code><a href="https://android.googlesource.com/platform/system/extras/+/master/bootctl/" class="external">system/extras/bootctl</a></code> 实用工具和 <code><a href="https://android.googlesource.com/platform/system/extras/+/refs/heads/master/tests/bootloader/" class="external">system/extras/tests/bootloader/</a></code> æ¥æµ‹è¯•å®žçŽ°ã€‚ +</p> + +<p>您还必须实现状æ€æœºï¼Œå¦‚下所示:</p> +<img src="images/ab-updates-state-machine.png"/> +<figcaption><strong>图 1.</strong> å¼•å¯¼åŠ è½½ç¨‹åºçŠ¶æ€æœº</figcaption> + +<h2 id="kernel">è®¾ç½®å†…æ ¸</h2> +<p>è¦å®žçŽ° A/B 系统更新,请执行以下æ“作:</p> +<ol> +<li>æ‹©ä¼˜æŒ‘é€‰ä¸‹åˆ—å†…æ ¸è¡¥ä¸ç¨‹åºç³»åˆ—(如果需è¦ï¼‰ï¼š + <ul> + <li>如果在没有使用 ramdisk 的情况下å¯åŠ¨å¹¶ä½¿ç”¨â€œä»¥æ¢å¤æ–¹å¼å¯åŠ¨â€ï¼Œè¯·æ‹©ä¼˜æŒ‘选 <a href="https://android-review.googlesource.com/#/c/158491/" class="external">android-review.googlesource.com/#/c/158491/</a>。</li> + <li>è¦åœ¨æ²¡æœ‰ä½¿ç”¨ ramdisk 的情况下设置 dm-verity,请择优挑选 <a href="https://android-review.googlesource.com/#/q/status:merged+project:kernel/common+branch:android-3.18+topic:A_B_Changes_3.18" class="external">android-review.googlesource.com/#/q/status:merged+project:kernel/common+branch:android-3.18+topic:A_B_Changes_3.18</a>。</li> + </ul> +</li> +<li>ç¡®ä¿å†…æ ¸å‘½ä»¤è¡Œå‚数包å«ä¸ä»¥ä¸‹é¢å¤–å‚数: +<pre class="devsite-click-to-copy"> +<code class="devsite-terminal">skip_initramfs rootwait ro init=/init root="/dev/dm-0 dm=system none ro,0 1 android-verity <public-key-id> <path-to-system-partition>"</code></pre> +â€¦å…¶ä¸ <code><public-key-id></code> å€¼æ˜¯ç”¨äºŽéªŒè¯ verity 表ç¾å的公钥 ID(è¦äº†è§£è¯¦æƒ…,请å‚阅 <a href="/security/verifiedboot/dm-verity.html">dm-verity</a>)。</li> +<li>将包å«å…¬é’¥çš„ .X509 è¯ä¹¦æ·»åŠ 到系统密钥环: + <ol> + <li>将设置为 <code>.der</code> æ ¼å¼çš„ .X509 è¯ä¹¦å¤åˆ¶åˆ° <code>kernel</code> çš„æ ¹ç›®å½•ã€‚å¦‚æžœ .X509 è¯ä¹¦çš„æ ¼å¼ä¸º <code>.pem</code> 文件,请使用以下 <code>openssl</code> 命令将è¯ä¹¦æ ¼å¼ä»Ž <code>.pem</code> 转æ¢ä¸º <code>.der</code>: + <pre class="devsite-terminal devsite-click-to-copy"> +openssl x509 -in <x509-pem-certificate> -outform der -out <x509-der-certificate></pre> + </li> + <li>构建 <code>zImage</code> 以将该è¯ä¹¦æ·»åŠ 为系统密钥环的一部分。è¦éªŒè¯ï¼Œè¯·æ£€æŸ¥ <code>procfs</code> æ¡ç›®ï¼ˆéœ€è¦å¯ç”¨ <code>KEYS_CONFIG_DEBUG_PROC_KEYS</code>): +<pre class="devsite-click-to-copy"> +angler:/# cat /proc/keys + +1c8a217e I------ 1 perm 1f010000 0 0 asymmetri +Android: 7e4333f9bba00adfe0ede979e28ed1920492b40f: X509.RSA 0492b40f [] +2d454e3e I------ 1 perm 1f030000 0 0 keyring +.system_keyring: 1/4</pre> +如果 .X509 è¯ä¹¦æ·»åŠ æˆåŠŸï¼Œåˆ™è¡¨ç¤ºç³»ç»Ÿå¯†é’¥çŽ¯ä¸å˜åœ¨ç›¸åº”公钥(çªå‡ºæ˜¾ç¤ºéƒ¨åˆ†è¡¨ç¤ºå…¬é’¥ ID)。</li> + <li>å°†ç©ºæ ¼æ›¿æ¢ä¸º <code>#</code>,并将其作为 <code><public-key-id></code> åœ¨å†…æ ¸å‘½ä»¤è¡Œä¸ä¼ é€’ã€‚ä¾‹å¦‚ï¼Œä¼ é€’ <code>Android:#7e4333f9bba00adfe0ede979e28ed1920492b40f</code> è€Œéž <code><public-key-id></code>。</li> + </ol> +</li> +</ol> + +<h2 id="build-variables">设置构建å˜é‡</h2> + +<p>æ”¯æŒ A/B çš„å¼•å¯¼åŠ è½½ç¨‹åºå¿…须满足以下构建å˜é‡æ¡ä»¶ï¼š</p> + +<table> +<tbody><tr> +<th>必须针对 A/B ç›®æ ‡å®šä¹‰çš„å˜é‡</th> +<td> +<ul> +<li><code>AB_OTA_UPDATER := true</code></li> +<li><code>AB_OTA_PARTITIONS := \</code><br /> +<code> boot \</code><br /> +<code> system \</code><br /> +<code> vendor</code><br /> +以åŠé€šè¿‡ <code>update_engine</code> æ›´æ–°çš„å…¶ä»–åˆ†åŒºï¼ˆæ— çº¿è£…ç½®ã€å¼•å¯¼åŠ 载程åºç‰ï¼‰ã€‚</li> +<li><code>BOARD_BUILD_SYSTEM_ROOT_IMAGE := true</code></li> +<li><code>TARGET_NO_RECOVERY := true</code></li> +<li><code>BOARD_USES_RECOVERY_AS_BOOT := true</code></li> +<li><code>PRODUCT_PACKAGES += \</code><br /> +<code> update_engine \</code><br /> +<code> update_verifier</code></li> +</ul> + +è¦æŸ¥çœ‹ç¤ºä¾‹ï¼Œè¯·å‚阅 <code><a href="https://android.googlesource.com/device/google/marlin/+/android-7.1.0_r1/device-common.mk" class="external">/device/google/marlin/+/android-7.1.0_r1/device-common.mk</a></code>。 +您å¯ä»¥é€‰æ‹©æ‰§è¡Œ<a href="#compilation">编译</a>ä¸æ‰€è¿°çš„安装åŽï¼ˆä½†åœ¨é‡æ–°å¯åŠ¨å‰ï¼‰dex2oat æ¥éª¤ã€‚ +</td> +</tr> +<tr><th>æ— æ³•é’ˆå¯¹ A/B ç›®æ ‡å®šä¹‰çš„å˜é‡</th> +<td> +<ul> +<li><code>BOARD_RECOVERYIMAGE_PARTITION_SIZE</code></li> +<li><code>BOARD_CACHEIMAGE_PARTITION_SIZE</code></li> +<li><code>BOARD_CACHEIMAGE_FILE_SYSTEM_TYPE</code></li> +</ul> +</td> +</tr> +<tr> +<th>(å¯é€‰ï¼‰é’ˆå¯¹è°ƒè¯•ç‰ˆæœ¬å®šä¹‰çš„å˜é‡</th> +<td><code>PRODUCT_PACKAGES_DEBUG += update_engine_client</code></td> +</tr> +<tr> +</tr></tbody></table> + +<h2 id="partitions">设置分区(æ’槽)</h2> +<p>A/B 设备ä¸éœ€è¦æ¢å¤åˆ†åŒºæˆ–缓å˜åˆ†åŒºï¼Œå› 为 Android å·²ä¸å†ä½¿ç”¨è¿™äº›åˆ†åŒºã€‚æ•°æ®åˆ†åŒºçŽ°åœ¨ç”¨äºŽå˜å‚¨ä¸‹è½½çš„ OTA 软件包,而æ¢å¤æ˜ åƒä»£ç ä½äºŽå¯åŠ¨åˆ†åŒºã€‚ +A/B 化的所有分区应命å如下(æ’槽始终被命å为 <code>a</code>ã€<code>b</code> ç‰ï¼‰ï¼š<code>boot_a</code>ã€<code>boot_b</code>ã€<code>system_a</code>ã€<code>system_b</code>ã€<code>vendor_a</code>ã€<code>vendor_b</code>。</p> + +<h3 id="cache">缓å˜</h3> + +<p>å¯¹äºŽéž A/B 更新,缓å˜åˆ†åŒºç”¨äºŽå˜å‚¨ä¸‹è½½çš„ OTA 软件包,并在应用更新时暂时éšè—å—。调整缓å˜åˆ†åŒºå¤§å°ä»Žæ¥æ²¡æœ‰å¥½åŠžæ³•ï¼šå…¶ç¼“å˜æ‰€éœ€çš„大å°å–决于您想è¦åº”用的更新。最糟糕的情况是缓å˜åˆ†åŒºä¸Žç³»ç»Ÿæ˜ åƒä¸€æ ·å¤§ã€‚如果使用 A/B æ›´æ–°ï¼Œåˆ™æ— éœ€éšè—å—ï¼ˆå› ä¸ºæ‚¨å§‹ç»ˆåœ¨å†™å…¥å½“å‰æœªä½¿ç”¨çš„分区);如果æµå¼ä¼ 输 A/Bï¼Œåˆ™æ— éœ€åœ¨åº”ç”¨ä¹‹å‰ä¸‹è½½æ•´ä¸ª OTA 软件包。</p> + +<h3 id="recovery">æ¢å¤</h3> + +<p>æ¢å¤ RAM ç£ç›˜çŽ°å·²åŒ…å«åœ¨ <code>boot.img</code> 文件ä¸ã€‚ +进入æ¢å¤æ¨¡å¼æ—¶ï¼Œå¼•å¯¼åŠ 载程åº<strong>æ— æ³•</strong>åœ¨å†…æ ¸å‘½ä»¤è¡Œä¸æ·»åŠ <code>skip_initramfs</code> 选项。</p> + +<p>å¯¹äºŽéž A/B更新,æ¢å¤åˆ†åŒºåŒ…å«ç”¨äºŽåº”用更新的代ç 。A/B 更新由在æ£å¸¸å¯åŠ¨çš„ç³»ç»Ÿæ˜ åƒä¸è¿è¡Œçš„ <code>update_engine</code> 应用。ä»æœ‰ä¸€ç§ç”¨äºŽå®žçŽ°æ¢å¤å‡ºåŽ‚设置和æ—åŠ è½½æ›´æ–°è½¯ä»¶åŒ…çš„æ¢å¤æ¨¡å¼ï¼ˆâ€œæ¢å¤â€å°±ç”±æ¤è€Œæ¥ï¼‰ã€‚æ¢å¤æ¨¡å¼çš„代ç 和数æ®å˜å‚¨åœ¨ ramdisk 的常规å¯åŠ¨åˆ†åŒºä¸ï¼›ä¸ºå¯åŠ¨è¿›å…¥ç³»ç»Ÿæ˜ åƒï¼Œå¼•å¯¼åŠ 载程åºä¼šæŒ‡ç¤ºå†…æ ¸è·³è¿‡ ramdisk(å¦åˆ™ï¼Œè®¾å¤‡ä¼šå¯åŠ¨è¿›å…¥æ¢å¤æ¨¡å¼ï¼‰ã€‚æ¢å¤æ¨¡å¼å¾ˆå°ï¼ˆå…¶ä¸å¤§éƒ¨åˆ†å·²åœ¨å¯åŠ¨åˆ†åŒºä¸Šï¼‰ï¼Œæ‰€ä»¥å¯åŠ¨åˆ†åŒºçš„大å°ä¸ä¼šå¢žåŠ 。</p> + +<h3 id="fstab">Fstab</h3> + +<p><code>slotselect</code> å‚æ•°<strong>å¿…é¡»</strong>ä½äºŽ A/B 化分区的行ä¸ã€‚例如:</p> + +<pre class="devsite-click-to-copy"> +<path-to-block-device>/vendor /vendor ext4 ro +wait,verify=<path-to-block-device>/metadata,slotselect +</pre> + +<p>ä¸åº”选择å称为 <code>vendor</code> 的分区,而应选择分区 <code>vendor_a</code> 或 <code>vendor_b</code> 并将其装载到 <code>/vendor</code> 装载点上。</p> + +<h3 id="kernel-slot-arguments">å†…æ ¸æ’槽å‚æ•°</h3> + +<p>åº”é€šè¿‡ç‰¹å®šçš„è®¾å¤‡æ ‘ (DT) 节点 (<code>/firmware/android/slot_suffix</code>) 或 <code>androidboot.slot_suffix</code> 命令行å‚æ•°ä¼ é€’å½“å‰æ’槽åŽç¼€ã€‚</p> + +<p>默认情况下,fastboot åªä¼šé—ªå˜ A/B 设备上的æ’槽 <code>a</code>,并将当å‰æ’槽设置为 <code>a</code>。如果更新软件包还包å«æ’槽 <code>b</code> çš„æ˜ åƒï¼Œåˆ™ fastboot 也会闪å˜è¿™äº›æ˜ åƒã€‚å¯ç”¨é€‰é¡¹åŒ…括:</p> + +<ul> +<li><code>--slot</code>。æ示 fastboot 使用æ’槽 <code>b</code>,而éžæ’槽 <code>a</code>。</li> +<li><code>--set-active</code>。将æ’槽设置为活动æ’槽。</li> +<li><code>fastboot --help</code>。获å–有关命令的详细信æ¯ã€‚</li> +</ul> + +<p>å¦‚æžœå¼•å¯¼åŠ è½½ç¨‹åºå®žçŽ° fastboot,则应该支æŒå‘½ä»¤ <code>set_active <slot></code>,该命令将当å‰æ´»åŠ¨æ’槽设置为指定æ’槽(æ¤å¤–,还必须清除该æ’槽的ä¸å¯å¯åŠ¨æ ‡è®°ï¼Œå¹¶å°†é‡è¯•è®¡æ•°é‡ç½®ä¸ºé»˜è®¤å€¼ï¼‰ã€‚å¼•å¯¼åŠ è½½ç¨‹åºè¿˜åº”支æŒä»¥ä¸‹å˜é‡ï¼š</p> + +<ul> +<li><code>has-slot:<partition-base-name-without-suffix></code>。如果指定分区支æŒæ’槽,则返回“yesâ€ï¼Œå¦åˆ™è¿”回“noâ€ã€‚</li> +<li><code>current-slot</code>。返回接下æ¥å°†ä»Žä¸å¯åŠ¨çš„æ’槽åŽç¼€ã€‚</li> +<li><code>slot-count</code>。返回一个表示å¯ç”¨æ’槽数é‡çš„整数。目å‰æ”¯æŒä¸¤ä¸ªæ’æ§½ï¼Œå› æ¤è¯¥å€¼ä¸º <code>2</code>。</li> +<li><code>slot-successful:<slot-suffix></code>。如果指定æ’æ§½å·²æ ‡è®°ä¸ºæˆåŠŸå¯åŠ¨ï¼Œåˆ™è¿”回“yesâ€ï¼Œå¦åˆ™è¿”回“noâ€ã€‚</li> +<li><code>slot-unbootable:<slot-suffix></code>。如果指定æ’æ§½å·²æ ‡è®°ä¸ºä¸å¯å¼•å¯¼ï¼Œåˆ™è¿”回“yesâ€ï¼Œå¦åˆ™è¿”回“noâ€ã€‚</li> +<li><code>slot-retry-count<slot suffix></slot></code>。å¯ä»¥å°è¯•å¯åŠ¨æŒ‡å®šæ’槽的剩余é‡è¯•æ¬¡æ•°ã€‚</li> +</ul> + +<p>è¦æŸ¥çœ‹æ‰€æœ‰å˜é‡ï¼Œè¯·è¿è¡Œ <code class="devsite-terminal devsite-click-to-copy">fastboot getvar all</code>。 +</p> + +<h2 id="ota-package-generation">ç”Ÿæˆ OTA 软件包</h2> + +<p><a href="/devices/tech/ota/tools.html">OTA 软件包工具</a>éµå¾ªä¸Žéž A/B è®¾å¤‡ä¸€æ ·çš„å‘½ä»¤ã€‚<code>target_files.zip</code> 文件必须通过为 A/B ç›®æ ‡å®šä¹‰æž„å»ºå˜é‡ç”Ÿæˆã€‚OTA 软件包工具会自动识别并生æˆæ ¼å¼é€‚用于 A/B 更新程åºçš„软件包。</p> + +<p>例如:</p> +<ul> +<li>è¦ç”Ÿæˆå®Œæ•´ OTA: +<pre class="devsite-terminal devsite-click-to-copy"> +./build/tools/releasetools/ota_from_target_files \ + dist_output/tardis-target_files.zip ota_update.zip +</pre> +</li> +<li>è¦ç”Ÿæˆå¢žé‡ OTA:<pre class="devsite-terminal devsite-click-to-copy"> +./build/tools/releasetools/ota_from_target_files \ + -i PREVIOUS-tardis-target_files.zip \ + dist_output/tardis-target_files.zip incremental_ota_update.zip +</pre> +</li> +</ul> + +<h2 id="configuration">é…置分区</h2> + +<p><code>update_engine</code> å¯ä»¥æ›´æ–°åŒä¸€ç£ç›˜ä¸å®šä¹‰çš„任何一对 A/B 分区。一对分区有一个公共å‰ç¼€ï¼ˆä¾‹å¦‚ <code>system</code> 或 <code>boot</code>)åŠæŒ‰æ’槽划分的åŽç¼€ï¼ˆä¾‹å¦‚ <code>_a</code>)。有效负è·ç”Ÿæˆå™¨ä¸ºå…¶å®šä¹‰æ›´æ–°çš„分区列表由 <code>AB_OTA_PARTITIONS</code> make å˜é‡é…置。</p> + +<p>例如,如果ç£ç›˜ä¸æœ‰ä¸€å¯¹åˆ†åŒº <code>bootloader_a</code> å’Œ <code>booloader_b</code>(<code>_a</code> å’Œ <code>_b</code> 为æ’槽åŽç¼€ï¼‰ï¼Œåˆ™æ‚¨å¯ä»¥é€šè¿‡åœ¨äº§å“或å•æ¿é…ç½®ä¸æŒ‡å®šä»¥ä¸‹å˜é‡æ¥æ›´æ–°è¿™äº›åˆ†åŒºï¼š</p> + +<pre class="devsite-click-to-copy"> +AB_OTA_PARTITIONS := \ + boot \ + system \ + bootloader +</pre> + +<p>ç”± <code>update_engine</code> 更新的所有分区ä¸å¾—由系统的其余部分修改。在增é‡æ›´æ–°æœŸé—´ï¼Œæ¥è‡ªå½“å‰æ’槽的二进制数æ®å°†ç”¨äºŽåœ¨æ–°æ’槽ä¸ç”Ÿæˆæ•°æ®ã€‚<em></em>任何修改都å¯èƒ½å¯¼è‡´æ–°æ’槽数æ®åœ¨æ›´æ–°è¿‡ç¨‹ä¸æ— 法通过验è¯ï¼Œä»Žè€Œå¯¼è‡´æ›´æ–°å¤±è´¥ã€‚</p> + +<h2 id="post-install">é…置安装åŽæ¥éª¤</h2> + +<p>对于æ¯ä¸ªå·²æ›´æ–°çš„分区,您å¯ä»¥ä½¿ç”¨ä¸€ç»„键值对é…ç½®ä¸åŒçš„安装åŽæ¥éª¤ã€‚è¦åœ¨æ–°æ˜ åƒä¸è¿è¡Œä½äºŽ <code>/system/usr/bin/postinst</code> 的程åºï¼Œè¯·æŒ‡å®šä¸Žç³»ç»Ÿåˆ†åŒºä¸ç›¸åº”æ–‡ä»¶ç³»ç»Ÿçš„æ ¹ç›®å½•å¯¹åº”çš„è·¯å¾„ã€‚</p> + +<p>例如,<code>usr/bin/postinst</code> 的对应路径为 <code>system/usr/bin/postinst</code>(如果未使用 RAM ç£ç›˜ï¼‰ã€‚æ¤å¤–,请指定è¦ä¼ 递到 <code>mount(2)</code> 系统调用的文件系统类型。 +å°†ä»¥ä¸‹å†…å®¹æ·»åŠ åˆ°äº§å“或设备的 <code>.mk</code> 文件(如果适用):</p> + +<pre class="devsite-click-to-copy"> +AB_OTA_POSTINSTALL_CONFIG += \ + RUN_POSTINSTALL_system=true \ + POSTINSTALL_PATH_system=usr/bin/postinst \ + FILESYSTEM_TYPE_system=ext4 +</pre> + +<h2 id="compilation">编译</h2> +<p>出于安全考虑,<code>system_server</code> æ— æ³•ä½¿ç”¨<a href="/devices/tech/dalvik/jit-compiler">å³æ—¶ (JIT)</a> 编译。 +è¿™æ„味ç€ï¼Œæ‚¨å¿…须至少为 <code>system_server</code> åŠå…¶ä¾èµ–项æå‰ç¼–译 odex 文件;对其他所有内容的编译则是å¯é€‰çš„。</p> + +<p>è¦åœ¨åŽå°ç¼–è¯‘åº”ç”¨ï¼Œæ‚¨å¿…é¡»å°†ä»¥ä¸‹å†…å®¹æ·»åŠ åˆ°äº§å“的设备é…置(ä½äºŽäº§å“çš„ device.mk ä¸ï¼‰ï¼š</p> + +<ol> +<li>å‘版本ä¸æ·»åŠ 原生组件,以确ä¿ç¼–è¯‘è„šæœ¬å’ŒäºŒè¿›åˆ¶æ–‡ä»¶èƒ½å¤Ÿç¼–è¯‘å¹¶æ·»åŠ åˆ°ç³»ç»Ÿæ˜ åƒä¸ã€‚ +<pre class="devsite-click-to-copy"> + # A/B OTA dexopt package + PRODUCT_PACKAGES += otapreopt_script +</pre></li> +<li>将编译脚本与 <code>update_engine</code> 相关è”,以便它å¯ä»¥ä½œä¸ºå®‰è£…åŽæ¥éª¤è¿è¡Œã€‚ +<pre class="devsite-click-to-copy"> + # A/B OTA dexopt update_engine hookup + AB_OTA_POSTINSTALL_CONFIG += \ + RUN_POSTINSTALL_system=true \ + POSTINSTALL_PATH_system=system/bin/otapreopt_script \ + FILESYSTEM_TYPE_system=ext4 \ + POSTINSTALL_OPTIONAL_system=true +</pre> +</li> +</ol> + +<p>è¦èŽ·å–将预选文件安装到未使用的第二个系统分区ä¸çš„相关帮助,请å‚阅 <a href="/devices/tech/dalvik/configure.html#other_odex">DEX_PREOPT 文件的首次å¯åŠ¨å®‰è£…</a>。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/devices/tech/ota/index.html b/zh-cn/devices/tech/ota/index.html index 0568cd4f..e4fa88fb 100644 --- a/zh-cn/devices/tech/ota/index.html +++ b/zh-cn/devices/tech/ota/index.html @@ -20,89 +20,20 @@ limitations under the License. --> -<p>在实际应用ä¸çš„ Android 设备å¯ä»¥æŽ¥æ”¶å’Œå®‰è£…ç³»ç»Ÿå’Œåº”ç”¨è½¯ä»¶çš„æ— çº¿ (OTA) 更新。设备å¯åœ¨ç‰¹æ®Šçš„æ¢å¤åˆ†åŒºä¸ä½¿ç”¨è½¯ä»¶è§£åŽ‹ç¼©ä¸‹è½½çš„更新包并将其应用于系统的其余部分。</p> -<p>本节介ç»è¿™äº›è½¯ä»¶åŒ…的结构,并æ供用于构建软件包的工具。它适用于希望将 OTA 更新系统用于新的 Android 设备以åŠæ£åœ¨æž„建更新软件包以用于已å‘布设备的开å‘人员。OTA 更新旨在å‡çº§åŸºç¡€æ“作系统和系统分区上安装的åªè¯»åº”用;这些更新ä¸ä¼šå½±å“用户从 Google Play 安装的应用。<i></i> -</p> -<p>æœ¬èŠ‚ä»‹ç» Android 5.x 版本ä¸çš„ OTA ç³»ç»Ÿã€‚æœ‰å…³ä»Žæ—§ç‰ˆæœ¬ç§»æ¤ OTA 相关代ç 的帮助信æ¯ï¼Œè¯·å‚阅<a href="#migrating">从以往版本ä¸è¿ç§»</a>。 -</p> + <p> + æ£å¸¸ä½¿ç”¨çš„ Android 设备å¯ä»¥æŽ¥æ”¶å’Œå®‰è£…ç³»ç»Ÿå’Œåº”ç”¨è½¯ä»¶çš„æ— çº¿ (OTA) 更新。本部分介ç»äº†æ›´æ–°åŒ…的结构以åŠæž„建更新包时所用的工具。它适用于希望将 OTA 更新系统用于新的 Android 设备以åŠæ£åœ¨ç¼–译更新软件包以用于已å‘布设备的开å‘者。OTA 更新旨在å‡çº§åŸºç¡€æ“作系统和系统分区上安装的åªè¯»åº”用;这些更新<em>ä¸ä¼š</em>å½±å“用户从 Google Play 安装的应用。 + </p> -<h2 id="android-device-layout">Android 设备布局</h2> -<p>Android 设备上的闪å˜ç©ºé—´é€šå¸¸åŒ…å«ä»¥ä¸‹åˆ†åŒºã€‚</p> + <h2 id="ab_updates">A/B æ›´æ–°</h2> -<dl> -<dt>引导</dt> -<dd>åŒ…å« Linux å†…æ ¸å’Œæœ€å°çš„æ ¹æ–‡ä»¶ç³»ç»Ÿï¼ˆåŠ è½½åˆ° RAM ç£ç›˜ï¼‰ã€‚它装载了系统和其它分区,并å¯åŠ¨ä½äºŽç³»ç»Ÿåˆ†åŒºä¸Šçš„è¿è¡Œæ—¶ã€‚</dd> -<dt>系统</dt> -<dd>包å«åœ¨ Android å¼€æºé¡¹ç›® (AOSP) 上æä¾›æºä»£ç 的系统应用和库。在æ£å¸¸æ“作期间,æ¤åˆ†åŒºè¢«è£…载为åªè¯»åˆ†åŒºï¼›å…¶å†…容仅在 OTA 更新期间更改。</dd> -<dt>供应商</dt> -<dd>包å«åœ¨ Android å¼€æºé¡¹ç›® (AOSP) 上未æä¾›æºä»£ç 的系统应用和库。<em></em>在æ£å¸¸æ“作期间,æ¤åˆ†åŒºè¢«è£…载为åªè¯»åˆ†åŒºï¼›å…¶å†…容仅在 OTA 更新期间更改。</dd> -<dt>用户数æ®</dt> -<dd>å˜å‚¨ç”±ç”¨æˆ·å®‰è£…的应用所ä¿å˜çš„æ•°æ®ç‰ã€‚OTA 更新过程通常ä¸ä¼šè§¦åŠè¯¥åˆ†åŒºã€‚</dd> -<dt>缓å˜</dt> -<dd>å‡ ä¸ªåº”ç”¨ä½¿ç”¨çš„ä¸´æ—¶ä¿ç•™åŒºåŸŸï¼ˆè®¿é—®æ¤åˆ†åŒºéœ€è¦ä½¿ç”¨ç‰¹æ®Šçš„应用æƒé™ï¼‰ï¼Œç”¨äºŽå˜å‚¨ä¸‹è½½çš„ OTA 更新包。其他程åºä¹Ÿå¯ä½¿ç”¨è¯¥ç©ºé—´ï¼Œä½†æ˜¯æ¤ç±»æ–‡ä»¶å¯èƒ½ä¼šéšæ—¶æ¶ˆå¤±ã€‚安装æŸäº› OTA 更新包å¯èƒ½ä¼šå¯¼è‡´æ¤åˆ†åŒºè¢«å®Œå…¨æ“¦é™¤ã€‚</dd> -<dt>æ¢å¤</dt> -<dd>包å«ç¬¬äºŒä¸ªå®Œæ•´çš„ Linux 系统,其ä¸åŒ…æ‹¬ä¸€ä¸ªå†…æ ¸å’Œç‰¹æ®Šçš„æ¢å¤äºŒè¿›åˆ¶æ–‡ä»¶ï¼ˆè¯¥æ–‡ä»¶å¯è¯»å–一个软件包并使用其内容æ¥æ›´æ–°å…¶ä»–分区。)</dd> -<dt>其他</dt> -<dd>执行æ¢å¤æ“作时使用的微å°åˆ†åŒºï¼Œå¯åœ¨åº”用 OTA 更新包并é‡æ–°å¯åŠ¨è®¾å¤‡æ—¶ï¼Œéšè—æŸäº›è¿›ç¨‹çš„ä¿¡æ¯ã€‚</dd></dl> + <p> + 现代 A/B 设备ä¸çš„æ¯ä¸ªåˆ†åŒºéƒ½æœ‰ä¸¤ä¸ªå‰¯æœ¬ï¼ˆA å’Œ B)。当系统è¿è¡Œä½†å¤„于空闲状æ€æ—¶ï¼Œè®¾å¤‡ä¼šå°†æ›´æ–°åº”用到当å‰æœªä½¿ç”¨çš„分区。A/B 设备ä¸éœ€è¦ç©ºé—´æ¥ä¸‹è½½æ›´æ–°è½¯ä»¶åŒ…ï¼Œå› ä¸ºå®ƒä»¬å¯ä»¥åœ¨ä»Žç½‘络ä¸è¯»å–更新时应用该更新。这被称为<em>æµå¼ä¼ 输 A/B</em>。A/B 更新也被称为<em>æ— ç¼æ›´æ–°</em>。è¦è¯¦ç»†äº†è§£æœ‰å…³ A/B 设备的 OTA 更新,请å‚阅 <a href="/devices/tech/ota/ab_updates.html">A/Bï¼ˆæ— ç¼ï¼‰ç³»ç»Ÿæ›´æ–°</a>。 + </p> -<h2 id="life-ota-update">OTA 更新过程</h2> -<p>典型 OTA 更新包å«ä»¥ä¸‹æ¥éª¤ï¼š</p> -<ol> -<li>设备会与 OTA æœåŠ¡å™¨è¿›è¡Œå®šæœŸç¡®è®¤ï¼Œå¹¶è¢«å‘ŠçŸ¥æ˜¯å¦æœ‰æ›´æ–°å¯ç”¨ï¼ŒåŒ…括更新软件包的 URL å’Œå‘用户显示的æè¿°å—符串。</li> -<li>将更新下载到缓å˜æˆ–æ•°æ®åˆ†åŒºï¼Œå¹¶æ ¹æ® <code>/system/etc/security/otacerts.zip</code> ä¸çš„è¯ä¹¦éªŒè¯åŠ 密ç¾å。系统æ示用户安装更新。</li> -<li>设备é‡æ–°å¯åŠ¨è¿›å…¥æ¢å¤æ¨¡å¼ï¼Œå¼•å¯¼æ¢å¤åˆ†åŒºä¸çš„å†…æ ¸å’Œç³»ç»Ÿå¯åŠ¨ï¼Œè€Œéžå¼•å¯¼åˆ†åŒºä¸çš„å†…æ ¸ã€‚</li> -<li>æ¢å¤åˆ†åŒºçš„二进制文件由 init å¯åŠ¨ã€‚它会在 <code>/cache/recovery/command</code> ä¸å¯»æ‰¾å°†å…¶æŒ‡å‘下载软件包的命令行å‚数。 -</li> -<li>æ¢å¤æ“ä½œä¼šæ ¹æ® <code>/res/keys</code> (包å«åœ¨æ¢å¤åˆ†åŒºä¸çš„ RAM ç£ç›˜çš„一部分)ä¸çš„公钥æ¥éªŒè¯è½¯ä»¶åŒ…çš„åŠ å¯†ç¾å。</li> -<li>从软件包ä¸æå–æ•°æ®ï¼Œå¹¶æ ¹æ®éœ€è¦ä½¿ç”¨è¯¥æ•°æ®æ›´æ–°å¼•å¯¼ã€ç³»ç»Ÿå’Œ/或供应商分区。系统分区上其ä¸ä¸€ä¸ªæ–°æ–‡ä»¶åŒ…å«æ–°æ¢å¤åˆ†åŒºå†…容。</li> -<li>设备æ£å¸¸é‡å¯ã€‚<ol style="list-style-type:lower-alpha"> -<li>åŠ è½½æœ€æ–°æ›´æ–°çš„å¼•å¯¼åˆ†åŒºï¼Œåœ¨æœ€æ–°æ›´æ–°çš„ç³»ç»Ÿåˆ†åŒºä¸è£…载并开始执行二进制文件。</li> -<li>作为æ£å¸¸å¯åŠ¨çš„ä¸€éƒ¨åˆ†ï¼Œç³»ç»Ÿä¼šæ ¹æ®æ‰€éœ€å†…容(预先å˜å‚¨ä¸º <code>/system</code> ä¸çš„一个文件)检查æ¢å¤åˆ†åŒºçš„内容。二者内容ä¸åŒï¼Œæ‰€ä»¥æ¢å¤åˆ†åŒºä¼šè¢«æ‰€éœ€å†…容é‡æ–°åˆ·å†™ã€‚(在åŽç»å¼•å¯¼ä¸ï¼Œæ¢å¤åˆ†åŒºå·²ç»åŒ…å«æ–°å†…å®¹ï¼Œå› æ¤æ— 需é‡æ–°åˆ·å†™ã€‚)</li> -</ol></li> -</ol> -<p>系统更新完æˆï¼</p> + <h2 id="nonab_updates">éž A/B æ›´æ–°</h2> -<h2 id="migrating">从更早版本è¿ç§»</h2> - -<p>当从 Android 2.3/3.0/4.0 版本进行è¿ç§»æ—¶ï¼Œä¸»è¦å˜åŒ–是将设备专属的功能从一组具有预定义å称的 C 函数转æ¢ä¸º C++ 对象。下表列出了用途大致相åŒçš„旧函数和新方法:</p> - -<table> -<tbody> -<tr> -<th>C 函数</th> -<th>C ++ 方法</th> -</tr> -<tr> -<td>device_recovery_start()</td> -<td>Device::RecoveryStart()</td> -</tr> -<tr> -<td>device_toggle_display()<br /> -device_reboot_now()<br /> -</td> -<td>RecoveryUI::CheckKey()<br /> -(also RecoveryUI::IsKeyPressed())<br /> -</td> -</tr> -<tr> -<td>device_handle_key()</td> -<td>Device::HandleMenuKey()</td> -</tr> -<tr> -<td>device_perform_action()</td> -<td>Device::InvokeMenuItem()</td> -</tr> -<tr> -<td>device_wipe_data()</td> -<td>Device::WipeData()</td> -</tr> -<tr> -<td>device_ui_init()</td> -<td>ScreenRecoveryUI::Init()</td> -</tr> -</tbody> -</table> - -<p>将旧函数转化为新方法应尽é‡ç®€å•ç›´è§‚。ä¸è¦å¿˜è®°æ·»åŠ æ–°çš„ <code>make_device()</code> 函数æ¥åˆ›å»ºå¹¶è¿”回新设备å类的实例。</p> + <p> + è€æ¬¾è®¾å¤‡å¯åœ¨ç‰¹æ®Šçš„æ¢å¤åˆ†åŒºä¸ä½¿ç”¨è½¯ä»¶è§£åŽ‹ç¼©ä¸‹è½½çš„更新包并将其应用于其他分区。有关详细信æ¯ï¼Œè¯·æŸ¥çœ‹<a href="/devices/tech/ota/nonab_updates.html">éž A/B 系统更新</a>。 + </p> </body></html>
\ No newline at end of file diff --git a/zh-cn/devices/tech/ota/inside_packages.html b/zh-cn/devices/tech/ota/inside_packages.html index ee40ad3d..c0ccf15b 100644 --- a/zh-cn/devices/tech/ota/inside_packages.html +++ b/zh-cn/devices/tech/ota/inside_packages.html @@ -73,8 +73,8 @@ tgt_size</i>, <i>patch1_sha1</i>, <i>patch1_blob</i>, [...])</code></dt> <p>支æŒç‰¹æ®Šè¯æ³•å°†å†…å˜æŠ€æœ¯è®¾å¤‡ (MTD) 分区的内容作为文件处ç†ï¼Œä»¥ä¾¿ä¸ºå¼•å¯¼åˆ†åŒºè¿™æ ·çš„原始分区打补ä¸ã€‚由于 MTD 分区没有文件结æŸæ ‡è®°ï¼Œå› æ¤è¦è¯»å–该分区,您必须知é“您è¦è¯»å–çš„æ•°æ®é‡ã€‚您å¯ä»¥ä½¿ç”¨å—符串“MTD:partition:size_1:sha1_1:size_2:sha1_2â€ä½œä¸ºæ–‡ä»¶åæ¥è¯»å–给定的分区。<i></i><i></i><i></i><i></i><i></i>您必须至少指定一个(size,sha-1)对;如果您希望读å–的内容有多ç§å¯èƒ½ï¼Œåˆ™å¯ä»¥æŒ‡å®šå¤šä¸ªå¯¹ã€‚<i></i></p></dd> <dt><code>apply_patch_check(<i>filename</i>, <i>sha1</i>[, <i>sha1</i>, ...]) </code></dt> -<dd>如果 filename 的内容或缓å˜åˆ†åŒºä¸çš„临时副本(如果å˜åœ¨ï¼‰ä¸çš„内容具有与给定的 sha1 值之一相ç‰çš„ SHA1 æ ¡éªŒå’Œï¼Œåˆ™è¿”å›ž True。sha1 值指定为 40 ä½åå…进制数å—。<i></i><i></i><i></i>æ¤å‡½æ•°ä¸Ž <code>sha1_check(read_file(<i>filename</i>), -<i>sha1</i> [, ...])</code> çš„ä¸åŒä¹‹å¤„在于,它知é“检查缓å˜åˆ†åŒºå‰¯æœ¬ã€‚å› æ¤ï¼Œå³ä½¿æ–‡ä»¶è¢«ä¸æ–çš„ <code>apply_patch() update</code> æŸå,<code>apply_patch_check()</code> 也会æˆåŠŸæ‰§è¡Œã€‚</dd> +<dd>如果 filename 的内容或缓å˜åˆ†åŒºä¸çš„临时副本(如果å˜åœ¨ï¼‰ä¸çš„内容具有与给定的 sha1 值之一相ç‰çš„ SHA1 æ ¡éªŒå’Œï¼Œåˆ™è¿”å›ž True。sha1 值指定为 40 ä½åå…进制数å—。<i></i><i></i><i></i>该函数ä¸åŒäºŽ <code>sha1_check(read_file(<i>filename</i>), +<i>sha1</i> [, ...])</code>ï¼Œå› ä¸ºå®ƒçŸ¥é“è¦æ£€æŸ¥ç¼“å˜åˆ†åŒºå‰¯æœ¬ï¼Œå› æ¤å³ä½¿æ–‡ä»¶è¢«ä¸æ–çš„ <code>apply_patch() update</code> æŸå,<code>apply_patch_check()</code> 也将æˆåŠŸã€‚</dd> <dt><code>apply_patch_space(<i>bytes</i>)</code></dt> <dd>å¦‚æžœè‡³å°‘æœ‰å‡ å—节暂å˜ç©ºé—´å¯ç”¨äºŽåº”用二进制补ä¸ç¨‹åºï¼Œåˆ™è¿”回 True。<i></i></dd> <dt><code>concat(<i>expr</i>[, <i>expr</i>, ...])</code></dt> diff --git a/zh-cn/devices/tech/ota/nonab_updates.html b/zh-cn/devices/tech/ota/nonab_updates.html new file mode 100644 index 00000000..5e773aa6 --- /dev/null +++ b/zh-cn/devices/tech/ota/nonab_updates.html @@ -0,0 +1,150 @@ +<html devsite><head> + <title>éž A/B 系统更新</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + + <p>在è€æ¬¾çš„没有 A/B 分区的 Android 设备上,闪å˜ç©ºé—´é€šå¸¸åŒ…å«ä»¥ä¸‹åˆ†åŒºï¼š</p> + + <dl> + <dt>引导</dt> + <dd> + åŒ…å« Linux å†…æ ¸å’Œæœ€å°çš„æ ¹æ–‡ä»¶ç³»ç»Ÿï¼ˆåŠ è½½åˆ° RAM ç£ç›˜ï¼‰ã€‚它装载了系统和其它分区,并å¯åŠ¨ä½äºŽç³»ç»Ÿåˆ†åŒºä¸Šçš„è¿è¡Œæ—¶ã€‚ + </dd> + + <dt>系统</dt> + <dd> + 包å«åœ¨ Android å¼€æºé¡¹ç›® (AOSP) 上æä¾›æºä»£ç 的系统应用和库。在æ£å¸¸æ“作期间,æ¤åˆ†åŒºè¢«è£…载为åªè¯»åˆ†åŒºï¼›å…¶å†…容仅在 OTA 更新期间更改。 + </dd> + + <dt>供应商</dt> + <dd> + 包å«åœ¨ Android å¼€æºé¡¹ç›® (AOSP) 上<em>未</em>æä¾›æºä»£ç 的系统应用和库。在æ£å¸¸æ“作期间,æ¤åˆ†åŒºè¢«è£…载为åªè¯»åˆ†åŒºï¼›å…¶å†…容仅在 OTA 更新期间更改。 + </dd> + + <dt>用户数æ®</dt> + <dd> + å˜å‚¨ç”±ç”¨æˆ·å®‰è£…的应用所ä¿å˜çš„æ•°æ®ç‰ã€‚OTA 更新过程通常ä¸ä¼šè§¦åŠè¯¥åˆ†åŒºã€‚ + </dd> + + <dt>缓å˜</dt> + <dd> + å‡ ä¸ªåº”ç”¨ä½¿ç”¨çš„ä¸´æ—¶ä¿ç•™åŒºåŸŸï¼ˆè®¿é—®æ¤åˆ†åŒºéœ€è¦ä½¿ç”¨ç‰¹æ®Šçš„应用æƒé™ï¼‰ï¼Œç”¨äºŽå˜å‚¨ä¸‹è½½çš„ OTA 更新包。其他程åºä¹Ÿå¯ä½¿ç”¨è¯¥ç©ºé—´ï¼Œä½†æ˜¯æ¤ç±»æ–‡ä»¶å¯èƒ½ä¼šéšæ—¶æ¶ˆå¤±ã€‚安装æŸäº› OTA 更新包å¯èƒ½ä¼šå¯¼è‡´æ¤åˆ†åŒºè¢«å®Œå…¨æ“¦é™¤ã€‚ + </dd> + + <dt>æ¢å¤</dt> + <dd> + 包å«ç¬¬äºŒä¸ªå®Œæ•´çš„ Linux 系统,其ä¸åŒ…æ‹¬ä¸€ä¸ªå†…æ ¸å’Œç‰¹æ®Šçš„æ¢å¤äºŒè¿›åˆ¶æ–‡ä»¶ï¼ˆè¯¥æ–‡ä»¶å¯è¯»å–一个软件包并使用其内容æ¥æ›´æ–°å…¶ä»–分区)。 + </dd> + + <dt>其他</dt> + <dd> + 执行æ¢å¤æ“作时使用的微å°åˆ†åŒºï¼Œå¯åœ¨åº”用 OTA 更新包并é‡æ–°å¯åŠ¨è®¾å¤‡æ—¶ï¼Œéšè—æŸäº›è¿›ç¨‹çš„ä¿¡æ¯ã€‚ + </dd> + </dl> + + <h2 id="life-ota-update">OTA 更新过程</h2> + + <p>典型 OTA 更新包å«ä»¥ä¸‹æ¥éª¤ï¼š</p> + + <ol> + <li> + 设备会与 OTA æœåŠ¡å™¨è¿›è¡Œå®šæœŸç¡®è®¤ï¼Œå¹¶è¢«å‘ŠçŸ¥æ˜¯å¦æœ‰æ›´æ–°å¯ç”¨ï¼ŒåŒ…括更新软件包的 URL å’Œå‘用户显示的æè¿°å—符串。 + </li> + <li> + 将更新下载到缓å˜æˆ–æ•°æ®åˆ†åŒºï¼Œå¹¶æ ¹æ® <code>/system/etc/security/otacerts.zip</code> ä¸çš„è¯ä¹¦éªŒè¯åŠ 密ç¾å。系统æ示用户安装更新。 + </li> + <li> + 设备é‡æ–°å¯åŠ¨è¿›å…¥æ¢å¤æ¨¡å¼ï¼Œå¼•å¯¼æ¢å¤åˆ†åŒºä¸çš„å†…æ ¸å’Œç³»ç»Ÿå¯åŠ¨ï¼Œè€Œéžå¼•å¯¼åˆ†åŒºä¸çš„å†…æ ¸ã€‚ + </li> + <li> + æ¢å¤åˆ†åŒºçš„二进制文件由 init å¯åŠ¨ã€‚它会在 <code>/cache/recovery/command</code> ä¸å¯»æ‰¾å°†å…¶æŒ‡å‘下载软件包的命令行å‚数。 + </li> + <li> + æ¢å¤æ“ä½œä¼šæ ¹æ® <code>/res/keys</code> (包å«åœ¨æ¢å¤åˆ†åŒºä¸çš„ RAM ç£ç›˜çš„一部分)ä¸çš„公钥æ¥éªŒè¯è½¯ä»¶åŒ…çš„åŠ å¯†ç¾å。 + </li> + <li> + 从软件包ä¸æå–æ•°æ®ï¼Œå¹¶æ ¹æ®éœ€è¦ä½¿ç”¨è¯¥æ•°æ®æ›´æ–°å¼•å¯¼ã€ç³»ç»Ÿå’Œ/或供应商分区。系统分区上其ä¸ä¸€ä¸ªæ–°æ–‡ä»¶åŒ…å«æ–°æ¢å¤åˆ†åŒºå†…容。 + </li> + <li>设备æ£å¸¸é‡å¯ã€‚ + <ol style="list-style-type:lower-alpha"> + <li> + åŠ è½½æœ€æ–°æ›´æ–°çš„å¼•å¯¼åˆ†åŒºï¼Œåœ¨æœ€æ–°æ›´æ–°çš„ç³»ç»Ÿåˆ†åŒºä¸è£…载并开始执行二进制文件。 + </li> + <li> + 作为æ£å¸¸å¯åŠ¨çš„ä¸€éƒ¨åˆ†ï¼Œç³»ç»Ÿä¼šæ ¹æ®æ‰€éœ€å†…容(预先å˜å‚¨ä¸º <code>/system</code> ä¸çš„一个文件)检查æ¢å¤åˆ†åŒºçš„内容。二者内容ä¸åŒï¼Œæ‰€ä»¥æ¢å¤åˆ†åŒºä¼šè¢«æ‰€éœ€å†…容é‡æ–°åˆ·å†™ï¼ˆåœ¨åŽç»å¼•å¯¼ä¸ï¼Œæ¢å¤åˆ†åŒºå·²ç»åŒ…å«æ–°å†…å®¹ï¼Œå› æ¤æ— 需é‡æ–°åˆ·å†™ï¼‰ã€‚ + </li> + </ol> + </li> + </ol> + + <p>系统更新完æˆï¼</p> + + <h2 id="migrating">从更早版本è¿ç§»</h2> + + <p> + 当从 Android 2.3/3.0/4.0 版本进行è¿ç§»æ—¶ï¼Œä¸»è¦å˜åŒ–是将设备专属的功能从一组具有预定义å称的 C 函数转æ¢ä¸º C++ 对象。下表列出了用途大致相åŒçš„旧函数和新方法: + </p> + + <table> + <tbody><tr> + <th>C 函数</th> + <th>C ++ 方法</th> + </tr> + + <tr> + <td>device_recovery_start()</td> + <td>Device::RecoveryStart()</td> + </tr> + + <tr> + <td>device_toggle_display()<br /> + device_reboot_now()<br /> + </td> + <td>RecoveryUI::CheckKey()<br /> + (also RecoveryUI::IsKeyPressed())<br /> + </td> + </tr> + + <tr> + <td>device_handle_key()</td> + <td>Device::HandleMenuKey()</td> + </tr> + + <tr> + <td>device_perform_action()</td> + <td>Device::InvokeMenuItem()</td> + </tr> + + <tr> + <td>device_wipe_data()</td> + <td>Device::WipeData()</td> + </tr> + + <tr> + <td>device_ui_init()</td> + <td>ScreenRecoveryUI::Init()</td> + </tr> + </tbody></table> + + <p> + 将旧函数转化为新方法应尽é‡ç®€å•ç›´è§‚。ä¸è¦å¿˜è®°æ·»åŠ æ–°çš„ <code>make_device()</code> 函数æ¥åˆ›å»ºå¹¶è¿”回新设备å类的实例。 + </p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/devices/tech/perf/boot-times.html b/zh-cn/devices/tech/perf/boot-times.html new file mode 100644 index 00000000..a86269fb --- /dev/null +++ b/zh-cn/devices/tech/perf/boot-times.html @@ -0,0 +1,516 @@ +<html devsite><head> + <title>优化å¯åŠ¨æ—¶é—´</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p> +本文档æ供了有关改进特定 Android 设备的å¯åŠ¨æ—¶é—´çš„åˆä½œä¼™ä¼´æŒ‡å—。å¯åŠ¨æ—¶é—´æ˜¯ç³»ç»Ÿæ€§èƒ½çš„é‡è¦ç»„æˆéƒ¨åˆ†ï¼Œå› 为用户必须ç‰å¾…å¯åŠ¨å®ŒæˆåŽæ‰èƒ½ä½¿ç”¨è®¾å¤‡ã€‚对于较常进行冷å¯åŠ¨çš„汽车ç‰è®¾å¤‡è€Œè¨€ï¼Œè¾ƒçŸçš„å¯åŠ¨æ—¶é—´è‡³å…³é‡è¦ï¼ˆæ²¡æœ‰äººå–œæ¬¢åœ¨ç‰å¾…å‡ å秒åŽæ‰èƒ½è¾“入导航目的地)。 +</p> + +<p> +Android 8.0 支æŒä¸€ç³»åˆ—ç»„ä»¶çš„å¤šé¡¹æ”¹è¿›ï¼Œå› è€Œå¯ä»¥ç¼©çŸå¯åŠ¨æ—¶é—´ã€‚下表对这些性能改进(在 Google Pixel å’Œ Pixel XL 设备上测得)进行了总结。 +</p> + +<table> + <tbody><tr> + <th>组件</th> + <th>改进</th> + </tr> + <tr> + <td>å¼•å¯¼åŠ è½½ç¨‹åº + </td> + <td> + <ul> + <li>通过移除 UART 日志节çœäº† 1.6 秒 + </li><li>通过从 GZIP 更改为 LZ4 节çœäº† 0.4 秒</li> + </ul> + </td> + </tr> + <tr> + <td>è®¾å¤‡å†…æ ¸ + </td> + <td> + <ul> + <li>通过移除ä¸ä½¿ç”¨çš„å†…æ ¸é…置和å‡å°‘驱动程åºå¤§å°èŠ‚çœäº† 0.3 秒 + </li><li>通过 dm-verity 预æå–优化节çœäº† 0.3 秒 + </li><li>通过移除驱动程åºä¸ä¸å¿…è¦çš„ç‰å¾…/测试,节çœäº† 0.15 秒 + </li><li>通过移除 CONFIG_CC_OPTIMIZE_FOR_SIZE,节çœäº† 0.12 秒</li> + </ul> + </td> + </tr> + <tr> + <td>I/O 调整 + </td> + <td> + <ul> + <li>æ£å¸¸å¯åŠ¨æ—¶é—´èŠ‚çœäº† 2 秒 + </li><li>首次å¯åŠ¨æ—¶é—´èŠ‚çœäº† 25 秒</li> + </ul> + </td> + </tr> + <tr> + <td>init.*.rc + </td> + <td> + <ul> + <li>通过并行è¿è¡Œ init 命令节çœäº† 1.5 秒 + </li><li>通过åŠæ—©å¯åŠ¨ zygote 节çœäº† 0.25 秒 + </li><li>通过 cpuset 调整节çœäº† 0.22 秒</li> + </ul> + </td> + </tr> + <tr> + <td>å¯åŠ¨åŠ¨ç”» + </td> + <td> + <ul> + <li>åœ¨æœªè§¦å‘ fsck 的情况下,å¯åŠ¨åŠ¨ç”»çš„开始时间æå‰äº† 2 ç§’ï¼Œè€Œè§¦å‘ fsck æ—¶å¯åŠ¨åŠ¨ç”»åˆ™å¤§å¾—多 + </li><li>通过立å³å…³é—å¯åŠ¨åŠ¨ç”»åœ¨ Pixel XL 上节çœäº† 5 秒</li> + </ul> + </td> + </tr> + <tr> + <td>SELinux æ”¿ç– + </td> + <td>通过 genfscon 节çœäº† 0.2 秒 + </td> + </tr> +</tbody></table> + +<h2 id="optimizing-bootloader">ä¼˜åŒ–å¼•å¯¼åŠ è½½ç¨‹åº</h2> + +<p> +è¦ä¼˜åŒ–å¼•å¯¼åŠ è½½ç¨‹åºä»¥ç¼©çŸå¯åŠ¨æ—¶é—´ï¼Œè¯·éµå¾ªä»¥ä¸‹åšæ³•ï¼š +</p> +<ul> +<li>对于日志记录: + <ul> + <li>åœæ¢å‘ UART å†™å…¥æ—¥å¿—ï¼Œå› ä¸ºå¦‚æžœæ—¥å¿—è®°å½•å¾ˆå¤šï¼Œåˆ™å¯èƒ½éœ€è¦å¾ˆé•¿æ—¶é—´æ¥å¤„ç†ã€‚(在 Google Pixel 设备上,我们å‘çŽ°è¿™ä¼šä½¿å¼•å¯¼åŠ è½½ç¨‹åºçš„速度å‡æ…¢ 1.5 秒)。</li> + <li>仅记录错误情况,并考虑将其他信æ¯å˜å‚¨åˆ°å…·æœ‰å•ç‹¬æ£€ç´¢æœºåˆ¶çš„内å˜ä¸ã€‚</li> + </ul> +</li> +<li>å¯¹äºŽå†…æ ¸è§£åŽ‹ç¼©ï¼Œè¯·è€ƒè™‘ä¸ºå½“ä»£ç¡¬ä»¶ä½¿ç”¨ LZ4 è€Œéž GZIP(例如<a class="external" href="https://patchwork.kernel.org/patch/6810841/">è¡¥ä¸ç¨‹åº</a>)。请注æ„,ä¸åŒçš„å†…æ ¸åŽ‹ç¼©é€‰é¡¹å…·æœ‰ä¸åŒçš„åŠ è½½å’Œè§£åŽ‹ç¼©æ—¶é—´ï¼Œå¯¹äºŽç‰¹å®šç¡¬ä»¶ï¼ŒæŸäº›é€‰é¡¹å¯èƒ½æ¯”其他选项更适åˆã€‚</li> +<li>检查进入去抖动/特殊模å¼è¿‡ç¨‹ä¸æ˜¯å¦æœ‰ä¸å¿…è¦çš„ç‰å¾…时间,并最大é™åº¦åœ°å‡å°‘æ¤ç±»æ—¶é—´ã€‚</li> +<li>å°†åœ¨å¼•å¯¼åŠ è½½ç¨‹åºä¸èŠ±è´¹çš„å¯åŠ¨æ—¶é—´ä»¥å‘½ä»¤è¡Œçš„å½¢å¼ä¼ é€’åˆ°å†…æ ¸ã€‚</li> +<li>检查 CPU æ—¶é’Ÿå¹¶è€ƒè™‘å†…æ ¸åŠ è½½å’Œåˆå§‹åŒ– I/O 并行进行(需è¦å¤šæ ¸æ”¯æŒï¼‰ã€‚</li> +</ul> + +<h2 id="optimizing-kernel">ä¼˜åŒ–å†…æ ¸</h2> + +<p> +请按照以下æç¤ºä¼˜åŒ–å†…æ ¸ä»¥ç¼©çŸå¯åŠ¨æ—¶é—´ã€‚ +</p> + +<h3 id="minimizing-device-defconfig">最大é™åº¦åœ°å‡å°‘设备 defconfig</h3> + +<p> +最大é™åº¦åœ°å‡å°‘å†…æ ¸é…ç½®å¯ä»¥å‡å°å†…æ ¸å¤§å°ï¼Œä»Žè€Œæ›´å¿«é€Ÿåœ°è¿›è¡ŒåŠ è½½ã€è§£åŽ‹ç¼©ã€åˆå§‹åŒ–并缩å°å—攻击é¢ã€‚è¦ä¼˜åŒ–设备 defconfig,请执行以下æ“作: +</p> + +<ul> +<li><strong>识别未使用的驱动程åº</strong>。查看 <code>/dev</code> å’Œ <code>/sys</code> 目录,并查找带有常规 SELinux æ ‡ç¾çš„节点(这ç§æ ‡ç¾è¡¨ç¤ºç›¸åº”节点未é…置为å¯ç”±ç”¨æˆ·ç©ºé—´è®¿é—®ï¼‰ã€‚ +如果找到æ¤ç±»èŠ‚点,请将其移除。 +</li><li><strong>å–消设置未使用的é…ç½®</strong>ã€‚æŸ¥çœ‹ç”±å†…æ ¸ç‰ˆæœ¬ç”Ÿæˆçš„ .config 文件,以明确å–消设置所有已默认å¯ç”¨ä½†å¹¶æœªä½¿ç”¨çš„é…置。例如,我们从 Google Pixel ä¸ç§»é™¤äº†ä»¥ä¸‹æœªä½¿ç”¨çš„é…置: + +<pre class="prettyprint"> +CONFIG_ANDROID_LOGGER=y +CONFIG_IMX134=y +CONFIG_IMX132=y +CONFIG_OV9724=y +CONFIG_OV5648=y +CONFIG_GC0339=y +CONFIG_OV8825=y +CONFIG_OV8865=y +CONFIG_s5k4e1=y +CONFIG_OV12830=y +CONFIG_USB_EHCI_HCD=y +CONFIG_IOMMU_IO_PGTABLE_FAST_SELFTEST=y +CONFIG_IKCONFIG=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_TI_DRV2667=y +CONFIG_CHR_DEV_SCH=y +CONFIG_MMC=y +CONFIG_MMC_PERF_PROFILING=y +CONFIG_MMC_CLKGATE=y +CONFIG_MMC_PARANOID_SD_INIT=y +CONFIG_MMC_BLOCK_MINORS=32 +CONFIG_MMC_TEST=y +CONFIG_MMC_SDHCI=y +CONFIG_MMC_SDHCI_PLTFM=y +CONFIG_MMC_SDHCI_MSM=y +CONFIG_MMC_SDHCI_MSM_ICE=y +CONFIG_MMC_CQ_HCI=y +CONFIG_MSDOS_FS=y +# CONFIG_SYSFS_SYSCALL is not set +CONFIG_EEPROM_AT24=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_HBTP_INPUT=y +# CONFIG_VGA_ARB is not set +CONFIG_USB_MON=y +CONFIG_USB_STORAGE_DATAFAB=y +CONFIG_USB_STORAGE_FREECOM=y +CONFIG_USB_STORAGE_ISD200=y +CONFIG_USB_STORAGE_USBAT=y +CONFIG_USB_STORAGE_SDDR09=y +CONFIG_USB_STORAGE_SDDR55=y +CONFIG_USB_STORAGE_JUMPSHOT=y +CONFIG_USB_STORAGE_ALAUDA=y +CONFIG_USB_STORAGE_KARMA=y +CONFIG_USB_STORAGE_CYPRESS_ATACB=y +CONFIG_SW_SYNC_USER=y +CONFIG_SEEMP_CORE=y +CONFIG_MSM_SMEM_LOGGING=y +CONFIG_IOMMU_DEBUG=y +CONFIG_IOMMU_DEBUG_TRACKING=y +CONFIG_IOMMU_TESTS=y +CONFIG_MOBICORE_DRIVER=y +# CONFIG_DEBUG_PREEMPT is not set +</pre> +</li> +</ul> + +<ul> +<li><strong>移除导致æ¯æ¬¡å¯åŠ¨æ—¶è¿è¡Œä¸å¿…è¦æµ‹è¯•çš„é…ç½®</strong>。虽然æ¤ç±»é…ç½®ï¼ˆå³ CONFIG_IOMMU_IO_PGTABLE_FAST_SELFTEST)在开å‘过程ä¸å¾ˆæœ‰ç”¨ï¼Œä½†åº”从æ£å¼ç‰ˆå†…æ ¸ä¸ç§»é™¤ã€‚ +</li> +</ul> + +<h3 id="minimizing-driver-size">最大é™åº¦åœ°å‡å°é©±åŠ¨ç¨‹åºå¤§å°</h3> + +<p> +如果未使用相应功能,则å¯ä»¥ç§»é™¤è®¾å¤‡å†…æ ¸ä¸çš„æŸäº›é©±åŠ¨ç¨‹åºï¼Œä»¥ä¾¿è¿›ä¸€æ¥å‡å°å†…æ ¸å¤§å°ã€‚例如,如果 WLAN 通过 PCIe 连接,则ä¸ä¼šç”¨åˆ° SDIO 支æŒï¼Œå› æ¤åº”在编译时将其移除。有关详情,请å‚阅 Google Pixel å†…æ ¸ï¼šç½‘ç»œï¼šæ— çº¿ï¼šCNSSï¼šæ·»åŠ é€‰é¡¹ä»¥åœç”¨ SDIO 支æŒã€‚ + +</p> + +<h3 id="removing-compiler-optimization-for-size">移除针对大å°çš„编译器优化</h3> + +<p> +移除 CONFIG_CC_OPTIMIZE_FOR_SIZE çš„å†…æ ¸é…置。æ¤æ ‡è®°æ˜¯åœ¨æœ€åˆå‡è®¾è¾ƒå°çš„代ç 大å°ä¼šäº§ç”Ÿçƒç¼“å˜å‘½ä¸ï¼ˆå› æ¤é€Ÿåº¦æ›´å¿«ï¼‰æ—¶å¼•å…¥çš„。然而,éšç€çŽ°ä»£ç§»åŠ¨ SoC å˜å¾—æ›´åŠ å¼ºå¤§ï¼Œè¿™ä¸€å‡è®¾ä¸å†æˆç«‹ã€‚ +</p> + +<p> +æ¤å¤–,移除æ¤æ ‡è®°å¯ä»¥ä½¿ç¼–译器针对未åˆå§‹åŒ–çš„å˜é‡å‘出è¦å‘Šï¼Œå½“å˜åœ¨ CONFIG_CC_OPTIMIZE_FOR_SIZE æ ‡è®°æ—¶ï¼Œè¿™ä¸€åŠŸèƒ½åœ¨ Linux å†…æ ¸ä¸æ˜¯åœç”¨çš„(仅这一项更改就已帮助我们在æŸäº› Android 设备驱动程åºä¸å‘现了很多有æ„义的错误)。 +</p> + +<h3 id="deferring-initialization">延迟åˆå§‹åŒ–</h3> + +<p> +很多进程都在设备å¯åŠ¨æœŸé—´å¯åŠ¨ï¼Œä½†åªæœ‰å…³é”®è·¯å¾„ (bootloader > kernel > init > file system mount > zygote > system server) ä¸çš„组件æ‰ä¼šç›´æŽ¥å½±å“å¯åŠ¨æ—¶é—´ã€‚ä½¿ç”¨æ—©æœŸå†…æ ¸æ—¥å¿—æ¥è¯†åˆ«å¯¹å¯åŠ¨ init 进程ä¸é‡è¦çš„外设/组件,然åŽå°†è¿™äº›å¤–设/组件延迟到å¯åŠ¨è¿‡ç¨‹çš„åŽæœŸæ¥å¯åŠ¨ã€‚ +</p> + +<h2 id="optimizing-i-o-efficiency">优化 I/O 效率</h2> + +<p> +æ高 I/O 效率对缩çŸå¯åŠ¨æ—¶é—´æ¥è¯´è‡³å…³é‡è¦ï¼Œå¯¹ä»»ä½•ä¸å¿…è¦å†…容的读å–都应推迟到å¯åŠ¨ä¹‹åŽå†è¿›è¡Œï¼ˆåœ¨ Google Pixel 上,å¯åŠ¨æ—¶å¤§çº¦è¦è¯»å– 1.2GB çš„æ•°æ®ï¼‰ã€‚ +</p> + +<h3 id="tuning-the-filesystem">调整文件系统</h3> + +<p> +当从头开始读å–æŸä¸ªæ–‡ä»¶æˆ–ä¾åºè¯»å–å—时,预读的 Linux å†…æ ¸ä¾¿ä¼šå¯åŠ¨ï¼Œè¿™å°±éœ€è¦è°ƒæ•´ä¸“门用于å¯åŠ¨çš„ I/O 调度程åºå‚数(与普通应用的工作负载特性ä¸åŒï¼‰ã€‚ +</p> + +<p> +支æŒæ— ç¼ (A/B) 更新的设备在首次å¯åŠ¨æ—¶ä¼šæžå¤§åœ°å—益于文件系统调整(例如,Google Pixel çš„å¯åŠ¨æ—¶é—´ç¼©çŸäº† 20 秒)。例如,我们为 Google Pixel 调整了以下å‚数: +</p> + +<pre class="prettyprint"> +on late-fs + # boot time fs tune + # boot time fs tune + write /sys/block/sda/queue/iostats 0 + write /sys/block/sda/queue/scheduler cfq + write /sys/block/sda/queue/iosched/slice_idle 0 + write /sys/block/sda/queue/read_ahead_kb 2048 + write /sys/block/sda/queue/nr_requests 256 + write /sys/block/dm-0/queue/read_ahead_kb 2048 + write /sys/block/dm-1/queue/read_ahead_kb 2048 + +on property:sys.boot_completed=1 + # end boot time fs tune + write /sys/block/sda/queue/read_ahead_kb 512 + ... +</pre> + +<h3 id="miscellaneous">其他</h3> + +<ul> +<li>ä½¿ç”¨å†…æ ¸é…ç½® DM_VERITY_HASH_PREFETCH_MIN_SIZE(默认大å°ä¸º 128)æ¥å¯ç”¨ dm-verity 哈希预æå–大å°ã€‚ +</li><li>为了æå‡æ–‡ä»¶ç³»ç»Ÿç¨³å®šæ€§åŠå–消æ¯æ¬¡å¯åŠ¨æ—¶çš„强制检查,请在 BoardConfig.mk ä¸è®¾ç½® TARGET_USES_MKE2FS,以使用新的 ext4 生æˆå·¥å…·ã€‚</li> +</ul> + +<h3 id="analyzing-i-o">åˆ†æž I/O</h3> + +<p> +è¦äº†è§£å¯åŠ¨è¿‡ç¨‹ä¸çš„ I/O æ´»åŠ¨ï¼Œè¯·ä½¿ç”¨å†…æ ¸ ftrace æ•°æ®ï¼ˆsystrace 也使用该数æ®ï¼‰ï¼š +</p> + +<pre class="prettyprint">trace_event=block,ext4 in BOARD_KERNEL_CMDLINE</pre> +<p> +è¦é’ˆå¯¹æ¯ä¸ªæ–‡ä»¶ç»†åˆ†æ–‡ä»¶è®¿é—®æƒé™ï¼Œè¯·å¯¹å†…æ ¸è¿›è¡Œä»¥ä¸‹æ›´æ”¹ï¼ˆä»…é™å¼€å‘ç‰ˆå†…æ ¸ï¼›è¯·å‹¿åœ¨æ£å¼ç‰ˆå†…æ ¸ä¸åº”用这些更改): +</p> + +<pre class="prettyprint"> +diff --git a/fs/open.c b/fs/open.c +index 1651f35..a808093 100644 +--- a/fs/open.c ++++ b/fs/open.c +@@ -981,6 +981,25 @@ + } + EXPORT_SYMBOL(file_open_root); + ++static void _trace_do_sys_open(struct file *filp, int flags, int mode, long fd) ++{ ++ char *buf; ++ char *fname; ++ ++ buf = kzalloc(PAGE_SIZE, GFP_KERNEL); ++ if (!buf) ++ return; ++ fname = d_path(&filp-<f_path, buf, PAGE_SIZE); ++ ++ if (IS_ERR(fname)) ++ goto out; ++ ++ trace_printk("%s: open(\"%s\", %d, %d) fd = %ld, inode = %ld\n", ++ current-<comm, fname, flags, mode, fd, filp-<f_inode-<i_ino); ++out: ++ kfree(buf); ++} ++ +long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) + { + struct open_flags op; +@@ -1003,6 +1022,7 @@ + } else { + fsnotify_open(f); + fd_install(fd, f); ++ _trace_do_sys_open(f, flags, mode, fd); +</pre> + +<p> +使用以下脚本æ¥å¸®åŠ©åˆ†æžå¯åŠ¨æ€§èƒ½ã€‚ +</p> +<ul> +<li><code>packages/services/Car/tools/bootanalyze/bootanalyze.py</code>:借助对å¯åŠ¨è¿‡ç¨‹ä¸çš„é‡è¦æ¥éª¤è¿›è¡Œç»†åˆ†æ¥è¡¡é‡å¯åŠ¨æ—¶é—´ã€‚ +</li><li><code>packages/services/Car/tools/io_analysis/check_file_read.py +boot_trace</code>:æä¾›æ¯ä¸ªæ–‡ä»¶çš„访问信æ¯ã€‚ +</li><li><code>packages/services/Car/tools/io_analysis/check_io_trace_all.py +boot_trace</code>:æ供系统级细分。</li> +</ul> + +<h2 id="optimizing-init-*-rc">优化 init.*.rc</h2> + +<p> +Init æ˜¯ä»Žå†…æ ¸åˆ°æ¡†æž¶å»ºç«‹ä¹‹å‰çš„衔接过程,设备通常会在ä¸åŒçš„ init é˜¶æ®µèŠ±è´¹å‡ ç§’é’Ÿæ—¶é—´ã€‚ +</p> + +<h3 id="running-tasks-in-parallel">并行è¿è¡Œä»»åŠ¡</h3> + +<p> +虽然当å‰çš„ Android init å·®ä¸å¤šç®—是一ç§å•çº¿ç¨‹è¿›ç¨‹ï¼Œä½†æ‚¨ä»ç„¶å¯ä»¥å¹¶è¡Œæ‰§è¡Œä¸€äº›ä»»åŠ¡ã€‚ +</p> + +<ul> +<li>在 Shell 脚本æœåŠ¡ä¸æ‰§è¡Œç¼“慢命令,然åŽé€šè¿‡ç‰å¾…特定属性,在ç¨åŽåŠ 入。Android 8.0 通过新的 <code>wait_for_property</code> 命令支æŒæ¤ç”¨ä¾‹ã€‚ +</li><li>识别 init ä¸çš„缓慢æ“作。系统会记录 init 命令 exec/wait_for_prop 或任何所需时间较长的æ“作(在 Android 8.0 ä¸ï¼ŒæŒ‡æ‰€éœ€æ—¶é—´è¶…过 50 毫秒的任何命令)。例如: + +<pre class="prettyprint">init: Command 'wait_for_coldboot_done' action=wait_for_coldboot_done returned 0 took 585.012ms</pre> + +<p> +查看æ¤æ—¥å¿—å¯èƒ½ä¼šå‘现å¯ä»¥æ”¹è¿›çš„机会。 +</p> + +</li><li>å¯åŠ¨æœåŠ¡å¹¶åŠæ—©å¯ç”¨å…³é”®è·¯å¾„ä¸çš„外围设备。例如,有些 SOC 需è¦å…ˆå¯åŠ¨å®‰å…¨ç›¸å…³æœåŠ¡ï¼Œç„¶åŽå†å¯åŠ¨ SurfaceFlinger。在 ServiceManager 返回“wait for serviceâ€ï¼ˆç‰å¾…æœåŠ¡ï¼‰æ—¶æŸ¥çœ‹ç³»ç»Ÿæ—¥å¿— - 这通常表明必须先å¯åŠ¨ä¾èµ–æœåŠ¡ã€‚ +</li><li>移除 init.*.rc ä¸æ‰€æœ‰æœªä½¿ç”¨çš„æœåŠ¡å’Œå‘½ä»¤ã€‚åªè¦æ˜¯æ—©æœŸé˜¶æ®µçš„ init ä¸æ²¡æœ‰ä½¿ç”¨çš„æœåŠ¡å’Œå‘½ä»¤ï¼Œéƒ½åº”推迟到å¯åŠ¨å®ŒæˆåŽå†ä½¿ç”¨ã€‚</li></ul> + +<h3 id="using-scheduler-tuning">使用调度程åºè°ƒæ•´</h3> + +<p> +使用调度程åºè°ƒæ•´ï¼Œä»¥ä¾¿åŠæ—©å¯åŠ¨è®¾å¤‡ã€‚以下是å–自 Google Pixel 的示例: +</p> + +<pre class="prettyprint">on init + # update cpusets now that processors are up + write /dev/cpuset/top-app/cpus 0-3 + write /dev/cpuset/foreground/cpus 0-3 + write /dev/cpuset/foreground/boost/cpus 0-3 + write /dev/cpuset/background/cpus 0-3 + write /dev/cpuset/system-background/cpus 0-3 + # set default schedTune value for foreground/top-app (only affects EAS) + write /dev/stune/foreground/schedtune.prefer_idle 1 + write /dev/stune/top-app/schedtune.boost 10 + write /dev/stune/top-app/schedtune.prefer_idle 1</pre> + +<p> +部分æœåŠ¡åœ¨å¯åŠ¨è¿‡ç¨‹ä¸å¯èƒ½éœ€è¦è¿›è¡Œä¼˜å…ˆçº§æå‡ã€‚例如: +</p> + +<pre class="prettyprint"> +init.zygote64.rc: +service zygote /system/bin/app_process64 -Xzygote /system/bin --zygote --start-system-server + class main + priority -20 + user root +...</pre> + +<h3 id="starting-zygote-early">åŠæ—©å¯åŠ¨ zygote</h3> + +<p> +é‡‡ç”¨æ–‡ä»¶çº§åŠ å¯†çš„è®¾å¤‡å¯ä»¥åœ¨ zygote-start 触å‘器的早期阶段å¯åŠ¨ zygote(默认情况下,zygote 会在 main ç±»ä¸å¯åŠ¨ï¼Œæ¯” zygote-start æ™šå¾—å¤šï¼‰ã€‚è¿™æ ·åšæ—¶ï¼Œè¯·ç¡®ä¿å…许 zygote 在所有 CPU ä¸è¿è¡Œï¼ˆå› 为错误的 cpuset 设置å¯èƒ½ä¼šå¼ºåˆ¶ zygote 在特定 CPU ä¸è¿è¡Œï¼‰ã€‚ +</p> + +<h2 id="optimizing-boot-animation">优化å¯åŠ¨åŠ¨ç”»</h2> + +<p> +请按照以下æ示æ¥ä¼˜åŒ–å¯åŠ¨åŠ¨ç”»ã€‚ +</p> + +<h3 id="configuring-early-start">é…置为åŠæ—©å¯åŠ¨</h3> + +<p> +Android 8.0 支æŒåœ¨è£…载用户数æ®åˆ†åŒºä¹‹å‰ï¼ŒåŠæ—©å¯åŠ¨åŠ¨ç”»ã€‚然而,å³ä½¿ Android 8.0 ä¸ä½¿ç”¨äº†æ–°çš„ ext4 å·¥å…·é“¾ï¼Œç³»ç»Ÿä¹Ÿä¼šå‡ºäºŽå®‰å…¨åŽŸå› å®šæœŸè§¦å‘ fsck,导致å¯åŠ¨ bootanimation æœåŠ¡æ—¶å‡ºçŽ°å»¶è¿Ÿã€‚ +</p> + +<p> +为了使 bootanimation åŠæ—©å¯åŠ¨ï¼Œè¯·å°† fstab 装载分为以下两个阶段: +</p> + +<ul> + <li>在早期阶段,仅装载ä¸éœ€è¦è¿è¡Œæ£€æŸ¥çš„分区(例如 <code>system/</code> å’Œ <code>vendor/</code>),然åŽå¯åŠ¨ bootanimation æœåŠ¡åŠå…¶ä¾èµ–æœåŠ¡ï¼ˆä¾‹å¦‚ servicemanager å’Œ surfaceflinger)。 + </li><li>在第二个阶段,装载需è¦è¿è¡Œæ£€æŸ¥çš„分区(例如 <code>data/</code>)。</li> +</ul> + +<p> +å¯åŠ¨åŠ¨ç”»å°†ä¼šæ›´å¿«é€Ÿåœ°å¯åŠ¨ï¼ˆä¸”å¯åŠ¨æ—¶é—´æ’定),ä¸å— fsck å½±å“。 +</p> + +<h3 id="finishing-clean">干净利è½åœ°ç»“æŸ</h3> + +<p> +在收到退出信å·åŽï¼Œbootanimation 会æ’放最åŽä¸€éƒ¨åˆ†ï¼Œè€Œè¿™ä¸€éƒ¨åˆ†çš„长度会延长å¯åŠ¨æ—¶é—´ã€‚快速å¯åŠ¨çš„系统ä¸éœ€è¦å¾ˆé•¿çš„动画,如果å¯åŠ¨åŠ¨ç”»å¾ˆé•¿ï¼Œåœ¨å¾ˆå¤§ç¨‹åº¦ä¸Šå°±ä½“现ä¸å‡ºæ‰€åšçš„任何改进。我们建议缩çŸå¾ªçŽ¯æ’放和结尾的时间。 +</p> + +<h2 id="optimizing-selinux">优化 SELinux</h2> + +<p> +请按照以下æ示优化 SELinux 以缩çŸå¯åŠ¨æ—¶é—´ã€‚ +</p> + +<ul> +<li><strong>使用简æ´çš„æ£åˆ™è¡¨è¾¾å¼ (regex)</strong>。在为 <code>file_contexts</code> ä¸çš„ <code>sys/devices</code> åŒ¹é… SELinux 政ç–æ—¶ï¼Œæ ¼å¼ä¸æ£ç¡®çš„æ£åˆ™è¡¨è¾¾å¼å¯èƒ½ä¼šå¯¼è‡´å¤§é‡å¼€é”€ã€‚例如,æ£åˆ™è¡¨è¾¾å¼ <code>/sys/devices/.*abc.*(/.*)?</code> 错误地强制扫æ包å«â€œabcâ€çš„所有 <code>/sys/devices</code> å目录,导致 <code>/sys/devices/abc</code> å’Œ <code>/sys/devices/xyz/abc</code> 都æˆä¸ºåŒ¹é…项。 +如果将æ¤æ£åˆ™è¡¨è¾¾å¼ä¿®æ£ä¸º <code>/sys/devices/[^/]*abc[^/]*(/.*)?</code> ,则åªæœ‰ <code>/sys/devices/abc</code> 会æˆä¸ºåŒ¹é…项。 +</li><li><strong>å°†æ ‡ç¾ç§»åŠ¨åˆ° </strong><a href="https://selinuxproject.org/page/FileStatements#genfscon">genfscon</a>。 +这一现有的 SELinux 功能会将文件匹é…å‰ç¼€ä¼ 递到 SELinux äºŒè¿›åˆ¶æ–‡ä»¶çš„å†…æ ¸ä¸ï¼Œè€Œå†…æ ¸ä¼šå°†è¿™äº›å‰ç¼€åº”ç”¨äºŽå†…æ ¸ç”Ÿæˆçš„文件系统。这也有助于修å¤é”™è¯¯æ ‡è®°çš„å†…æ ¸åˆ›å»ºçš„æ–‡ä»¶ï¼Œä»Žè€Œé˜²æ¢ç”¨æˆ·ç©ºé—´è¿›ç¨‹ä¹‹é—´å¯èƒ½å‡ºçŽ°çš„争用情况(试图在é‡æ–°æ ‡è®°ä¹‹å‰è®¿é—®è¿™äº›æ–‡ä»¶ï¼‰ã€‚</li> +</ul> + +<h2 id="tool-and-methods">工具和方法</h2> + +<p> +请使用以下工具æ¥å¸®åŠ©æ‚¨æ”¶é›†ç”¨äºŽä¼˜åŒ–ç›®æ ‡çš„æ•°æ®ã€‚ +</p> + +<h3 id="bootchart">bootchart</h3> + +<p> +bootchart å¯ä¸ºæ•´ä¸ªç³»ç»Ÿæ供所有进程的 CPU å’Œ I/O 负载细分。该工具ä¸éœ€è¦é‡å»ºç³»ç»Ÿæ˜ åƒï¼Œå¯ä»¥ç”¨ä½œè¿›å…¥ systrace 之å‰çš„快速å¥å…¨æ€§æ£€æŸ¥ã€‚ +</p> + +<p> +è¦å¯ç”¨ bootchart,请è¿è¡Œä»¥ä¸‹å‘½ä»¤ï¼š +</p> + +<pre> +<code class="devsite-terminal">adb shell 'touch /data/bootchart/enabled'</code> +<code class="devsite-terminal">adb reboot</code> +</pre> + +<p> +在设备å¯åŠ¨åŽï¼ŒèŽ·å–å¯åŠ¨å›¾è¡¨ï¼š +</p> + +<pre class="prettyprint">$ANDROID_BUILD_TOP/system/core/init/grab-bootchart.sh</pre> + +<p> +完æˆåŽï¼Œè¯·åˆ 除 <code>/data/bootchart/enabled</code> 以防æ¢æ¯æ¬¡éƒ½æ”¶é›†æ—¥æœŸæ•°æ®ã€‚ +</p> + +<h3 id="systrace">systrace</h3> + +<p> +systrace å…许在å¯åŠ¨æœŸé—´æ”¶é›†å†…æ ¸å’Œ Android 跟踪记录。 +systrace çš„å¯è§†åŒ–å¯ä»¥å¸®åŠ©åˆ†æžå¯åŠ¨è¿‡ç¨‹ä¸çš„具体问题。(ä¸è¿‡ï¼Œè¦æŸ¥çœ‹æ•´ä¸ªå¯åŠ¨è¿‡ç¨‹ä¸çš„å¹³å‡æ•°é‡æˆ–累计数é‡ï¼Œç›´æŽ¥æŸ¥çœ‹å†…æ ¸è·Ÿè¸ªè®°å½•æ›´ä¸ºæ–¹ä¾¿ï¼‰ã€‚ +</p> + +<p> +è¦åœ¨å¯åŠ¨è¿‡ç¨‹ä¸å¯ç”¨ systrace,请执行以下æ“作:</p> + +<ul> + <li>在 <code>frameworks/native/atrace/atrace.rc</code> ä¸ï¼Œå°† + +<pre class="prettyprint">write /sys/kernel/debug/tracing/tracing_on 0</pre> +<p> +更改为: +</p> + +<pre class="prettyprint">#write /sys/kernel/debug/tracing/tracing_on 0</pre> + </li> + +<p> +这将å¯ç”¨è·Ÿè¸ªåŠŸèƒ½ï¼ˆé»˜è®¤å¤„于åœç”¨çŠ¶æ€ï¼‰ã€‚ +</p> + +<li>在 <code>device.mk</code> 文件ä¸ï¼Œæ·»åŠ 下é¢ä¸€è¡Œå†…容: + +<pre class="prettyprint">PRODUCT_PROPERTY_OVERRIDES += debug.atrace.tags.enableflags=802922</pre> +</li> + +<li>在设备 <code>BoardConfig.mk</code> 文件ä¸ï¼Œæ·»åŠ 以下内容: + +<pre class="prettyprint">BOARD_KERNEL_CMDLINE := ... trace_buf_size=64M trace_event=sched_wakeup,sched_switch,sched_blocked_reason,sched_cpu_hotplug</pre> +</li> + +<p> +è¦èŽ·å¾—详细的 I/O 分æžï¼Œè¿˜éœ€è¦æ·»åŠ å—å’Œ ext4。 +</p> + +<li>在设备专用的 <code>init.rc</code> 文件ä¸ï¼Œè¿›è¡Œä»¥ä¸‹æ›´æ”¹ï¼š + <ul> + <li><code>on property:sys.boot_completed=1</code>(这会在å¯åŠ¨å®ŒæˆåŽåœæ¢è·Ÿè¸ªï¼‰</li> + <li><code>write /d/tracing/tracing_on 0</code></li> + <li><code>write /d/tracing/events/ext4/enable 0</code></li> + <li><code>write /d/tracing/events/block/enable 0</code></li> + </ul> +</li> +</ul> + +<p> +在设备å¯åŠ¨åŽï¼ŒèŽ·å–跟踪记录: +</p> + +<pre class="devsite-terminal">adb root && adb shell "cat /d/tracing/trace" < boot_trace +./external/chromium-trace/catapult/tracing/bin/trace2html boot_trace --output boot_trace.html +</pre> + +<p class="note"> +<strong>注æ„</strong>:Chrome æ— æ³•å¤„ç†è¿‡å¤§çš„文件。请考虑使用 <code>tail</code>ã€<code>head</code> 或 <code>grep</code> 分割 <code>boot_trace</code> 文件,以获得必需部分。由于事件过多,I/O 分æžé€šå¸¸éœ€è¦ç›´æŽ¥åˆ†æžèŽ·å–çš„ <code>boot_trace</code>。 +</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/license.html b/zh-cn/license.html index 7e9204e7..d431cf58 100644 --- a/zh-cn/license.html +++ b/zh-cn/license.html @@ -45,7 +45,8 @@ <ul> <li>å°½ç®¡æˆ‘ä»¬æ ¹æ® Apache 2.0 许å¯å‘您æ供文档本身,但请注æ„,该许å¯å¹¶æœªæ¶µç›–ä¸“æœ‰å•†æ ‡å’Œå“牌特å¾ã€‚</li> -<li>该许å¯æœªæ¶µç›– Google çš„å•†æ ‡å’Œå…¶ä»–å“牌特å¾ï¼ˆåŒ…括 <img src="https://developer.android.com/images/android-logo.png" alt="Android" style="margin:0;padding:0 2px;vertical-align:baseline"/> è¿™ç§ç‰¹æ®Šæ ·å¼çš„å—ä½“å¾½æ ‡ï¼‰ã€‚è¦äº†è§£å…·ä½“使用情况的相关信æ¯ï¼Œè¯·å‚阅<a href="https://developer.android.com/distribute/marketing-tools/brand-guidelines.html">å“牌指å—</a>。</li> +<li>该许å¯æœªæ¶µç›– Google çš„å•†æ ‡å’Œå…¶ä»–å“牌特å¾ï¼ˆåŒ…括 <img src="https://developer.android.com/images/android-logo.png" alt="Android" style="margin:0;padding:0 2px;vertical-align:baseline"/> è¿™ç§ç‰¹æ®Šæ ·å¼çš„å—ä½“å¾½æ ‡ï¼‰ã€‚ +è¦äº†è§£å…·ä½“使用情况的相关信æ¯ï¼Œè¯·å‚阅<a href="https://developer.android.com/distribute/marketing-tools/brand-guidelines.html">å“牌指å—</a>。</li> <li>在æŸäº›æƒ…况下,网页ä¸å¯èƒ½ä¼šåŒ…å«è¯¥è®¸å¯æœªæ¶µç›–的内容(例如图片)。在这ç§æƒ…况下,我们会为未许å¯çš„å†…å®¹æ·»åŠ æ ‡ç¾ã€‚</li> @@ -63,14 +64,15 @@ 如果您的在线作å“åŽŸæ ·å¤åˆ¶æœ¬ç½‘ç«™ä¸çš„全部或部分文å—或图片,请在网页底部附上以下这段内容:<em></em> </p> <p style="margin-left:20px;font-style:italic"> - 本网页的部分内容是从 <a href="https://code.google.com/p/android/">Android 开放æºä»£ç 项目</a>原创åŠå…±äº«ä½œå“ä¸å¤åˆ¶çš„,须éµç…§ <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 许å¯</a>所述æ¡æ¬¾ä»˜è¯¸åº”用。 +本网页的部分内容是从 <a href="https://code.google.com/p/android/">Android 开放æºä»£ç 项目</a>原创åŠå…±äº«ä½œå“ä¸å¤åˆ¶çš„,须éµç…§ <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 许å¯</a>所述æ¡æ¬¾ä»˜è¯¸åº”用。 </p> <p>æ¤å¤–,请æ供指å‘原始æ¥æºç½‘页的链接,以便用户å¯ä»¥å‚阅相应网页,了解更多信æ¯ã€‚ </p> <h3>ç»è¿‡ä¿®æ”¹çš„版本</h3> <p>如果您的在线作å“会显示在本网站内容的基础上修改的文å—或图片,请在您的网页底部附上以下这段内容:<em></em></p> -<p style="margin-left:20px;font-style:italic">本网页的部分内容是在 <a href="https://code.google.com/p/android/">Android 开放æºä»£ç 项目</a>原创åŠå…±äº«ä½œå“的基础上修改而æˆçš„,须éµç…§ <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 许å¯</a>所述æ¡æ¬¾ä»˜è¯¸åº”用。 +<p style="margin-left:20px;font-style:italic"> +本网页的部分内容是在 <a href="https://code.google.com/p/android/">Android 开放æºä»£ç 项目</a>原创åŠå…±äº«ä½œå“的基础上修改而æˆçš„,须éµç…§ <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 许å¯</a>所述æ¡æ¬¾ä»˜è¯¸åº”用。 </p> <p>å†æ¬¡æ醒,请æ供指å‘原始æ¥æºç½‘页的链接,以便用户å¯ä»¥å‚阅相应网页,了解更多信æ¯ã€‚在对相应内容完æˆä¿®æ”¹åŽï¼Œå°¤å…¶è¦è°¨è®°è¿™ä¸€ç‚¹ã€‚ </p> diff --git a/zh-cn/security/bulletin/2016-04-02.html b/zh-cn/security/bulletin/2016-04-02.html index 54542e21..accac11a 100644 --- a/zh-cn/security/bulletin/2016-04-02.html +++ b/zh-cn/security/bulletin/2016-04-02.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Nexus 安全公告 - 2016 å¹´ 4 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,816 +20,763 @@ limitations under the License. --> +<p><em>å‘布时间:2016 å¹´ 4 月 4 æ—¥ | 更新时间:2016 å¹´ 12 月 19 æ—¥</em></p> +<p>在æ¯æœˆå‘布 Android 安全公告的åŒæ—¶ï¼Œæˆ‘ä»¬éƒ½ä¼šé€šè¿‡æ— çº¿ (OTA) æ›´æ–°çš„æ–¹å¼å‘布针对 Nexus 设备的安全更新。我们还会在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上å‘布 Nexus å›ºä»¶æ˜ åƒã€‚安全补ä¸ç¨‹åºçº§åˆ«ä¸º 2016 å¹´ 4 月 2 日(或之åŽçš„日期)的系统都已解决本文所列的安全问题(请å‚阅 <a href="https://support.google.com/nexus/answer/4457705">Nexus 文档</a>ä¸æ供的相关说明,了解如何检查安全补ä¸ç¨‹åºçº§åˆ«ï¼‰ã€‚</p> +<p>我们的åˆä½œä¼™ä¼´åœ¨ 2016 å¹´ 3 月 16 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼ˆå¦‚果适用)。</p> +<p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œå®ƒå¯èƒ½ä¼šå¯¼è‡´åœ¨å¤„ç†åª’体文件的过程ä¸ï¼Œå¯é€šè¿‡ç”µå邮件ã€ç½‘页和彩信ç‰å¤šç§æ–¹å¼åœ¨å—å½±å“的设备上执行远程代ç 。<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚</p> + +<p>《<a href="/security/advisory/2016-03-18.html">Android 安全公告 - 2016 å¹´ 3 月 18 æ—¥</a>》先å‰è®¨è®ºè¿‡ Root 应用利用 <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 的问题。<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 已在本次更新ä¸å¾—ä»¥è§£å†³ã€‚æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› å…¶ä»–æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅<a href="#mitigations">缓解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤åŠŸèƒ½</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> -<p><em>å‘布时间:2016 å¹´ 4 月 4 æ—¥ | 更新时间:2016 å¹´ 4 月 6 æ—¥</em></p> -<p>在æ¯æœˆå‘布 Android 安全公告的åŒæ—¶ï¼Œæˆ‘ä»¬éƒ½ä¼šé€šè¿‡æ— çº¿ (OTA) æ›´æ–°çš„æ–¹å¼å‘布针对 Nexus 设备的安全更新。我们还会在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上å‘布 Nexus å›ºä»¶æ˜ åƒã€‚安全补ä¸ç¨‹åºçº§åˆ«ä¸º 2016 å¹´ 4 月 2 日(或之åŽçš„日期)的系统都已解决本文所列的安全问题(请å‚阅 <a href="https://support.google.com/nexus/answer/4457705">Nexus 文档</a>ä¸æ供的相关说明,了解如何检查安全补ä¸ç¨‹åºçº§åˆ«ï¼‰ã€‚</p> -<p>我们的åˆä½œä¼™ä¼´åœ¨ 2016 å¹´ 3 月 16 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼ˆå¦‚果适用)。</p> -<p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œå®ƒå¯èƒ½ä¼šå¯¼è‡´åœ¨å¤„ç†åª’体文件的过程ä¸ï¼Œå¯é€šè¿‡ç”µå邮件ã€ç½‘页和彩信ç‰å¤šç§æ–¹å¼åœ¨å—å½±å“的设备上执行远程代ç 。</p> -<p><a href="/security/advisory/2016-03-18.html">Android 安全公告 - 2016 å¹´ 3 月 18 æ—¥</a>之å‰è®¨è®ºè¿‡ Root 应用利用 <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 的问题。<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 已在本次更新ä¸å¾—ä»¥è§£å†³ã€‚æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› å…¶ä»–æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅<a href="#mitigations">缓解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> -<h2 id="security_vulnerability_summary">安全æ¼æ´žæ‘˜è¦</h2> -<p>下表列出了安全æ¼æ´žã€å¯¹åº”çš„ CVE(常è§æ¼æ´žå’Œé£Žé™©è¯†åˆ«ç )以åŠè¯„估得出的严é‡ç¨‹åº¦ã€‚<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚</p> -<table> -<tr> -<th>问题</th> -<th>CVE</th> -<th>严é‡ç¨‹åº¦</th> -</tr> -<tr> -<td>DHCPCD ä¸çš„远程代ç 执行æ¼æ´ž</td> -<td>CVE-2016-1503<br/>CVE-2014-6060</td> -<td>严é‡</td> -</tr> -<tr> -<td>媒体编解ç 器ä¸çš„远程代ç 执行æ¼æ´ž</td> -<td>CVE-2016-0834</td> -<td>严é‡</td> -</tr> -<tr> -<td>Mediaserver ä¸çš„远程代ç 执行æ¼æ´ž</td> -<td>CVE-2016-0835<br/>CVE-2016-0836<br/>CVE-2016-0837<br/>CVE-2016-0838<br/>CVE-2016-0839<br/>CVE-2016-0840<br/>CVE-2016-0841</td> -<td>严é‡</td> -</tr> -<tr> -<td>libstagefright ä¸çš„远程代ç 执行æ¼æ´ž</td> -<td>CVE-2016-0842</td> -<td>严é‡</td> -</tr> -<tr> -<td>å†…æ ¸ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2015-1805</td> -<td>严é‡</td> -</tr> -<tr> -<td>Qualcomm 效能模å—ä¸çš„ææƒæ¼æ´ž<br/></td> -<td>CVE-2016-0843</td> -<td>严é‡</td> -</tr> -<tr> -<td>Qualcomm RF 组件ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-0844</td> -<td>严é‡</td> -</tr> -<tr> -<td>å†…æ ¸ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2014-9322</td> -<td>严é‡</td> -</tr> -<tr> -<td>IMemory 本机界é¢ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-0846</td> -<td>高</td> -</tr> -<tr> -<td>Telecom 组件ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-0847</td> -<td>高</td> -</tr> -<tr> -<td>下载管ç†å™¨ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-0848</td> -<td>高</td> -</tr> -<tr> -<td>æ¢å¤ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-0849</td> -<td>高</td> -</tr> -<tr> -<td>è“牙ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-0850</td> -<td>高</td> -</tr> -<tr> -<td>德州仪器触感驱动程åºä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2409</td> -<td>高</td> -</tr> -<tr> -<td>è§†é¢‘å†…æ ¸é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2410</td> -<td>高</td> -</tr> -<tr> -<td>Qualcomm 电æºç®¡ç†ç»„件ä¸çš„ææƒæ¼æ´ž<br/></td> -<td>CVE-2016-2411</td> -<td>高</td> -</tr> -<tr> -<td>System_server ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2412</td> -<td>高</td> -</tr> -<tr> -<td>Mediaserver ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2413</td> -<td>高</td> -</tr> -<tr> -<td>Minikin ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> -<td>CVE-2016-2414</td> -<td>高</td> -</tr> -<tr> -<td>Exchange ActiveSync ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> -<td>CVE-2016-2415</td> -<td>高</td> -</tr> -<tr> -<td>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> -<td>CVE-2016-2416<br/>CVE-2016-2417<br/>CVE-2016-2418<br/>CVE-2016-2419</td> -<td>高</td> -</tr> -<tr> -<td>Debuggerd 组件ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2420</td> -<td>ä¸</td> -</tr> -<tr> -<td>设置å‘导ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2421</td> -<td>ä¸</td> -</tr> -<tr> -<td>WLAN ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2422</td> -<td>ä¸</td> -</tr> -<tr> -<td>Telephony ä¸çš„ææƒæ¼æ´ž</td> -<td>CVE-2016-2423</td> -<td>ä¸</td> -</tr> -<tr> -<td>SyncStorageEngine ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> -<td>CVE-2016-2424</td> -<td>ä¸</td> -</tr> -<tr> -<td>AOSP 邮件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> -<td>CVE-2016-2425</td> -<td>ä¸</td> -</tr> -<tr> -<td>Framework ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> -<td>CVE-2016-2426</td> -<td>ä¸</td> -</tr> -<tr> -<td>BouncyCastle ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> -<td>CVE-2016-2427</td> -<td>ä¸</td> -</tr> -</table> <h2 id="mitigations">缓解措施</h2> + <p>本部分概括总结了 <a href="/security/enhancements/index.html">Android 安全平å°</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet)æ供的缓解措施。这些功能å¯é™ä½Ž Android 上的安全æ¼æ´žè¢«æˆåŠŸåˆ©ç”¨çš„å¯èƒ½æ€§ã€‚</p> + <ul> -<li>新版 Android å¹³å°ä¸çš„å¢žå¼ºåŠŸèƒ½è®©æ”»å‡»è€…æ›´åŠ éš¾ä»¥åˆ©ç”¨ Android 上å˜åœ¨çš„许多问题。我们建议所有用户都尽å¯èƒ½æ›´æ–°åˆ°æœ€æ–°ç‰ˆ Android。 + <li>新版 Android å¹³å°ä¸çš„å¢žå¼ºåŠŸèƒ½è®©æ”»å‡»è€…æ›´åŠ éš¾ä»¥åˆ©ç”¨ Android 上å˜åœ¨çš„许多问题。我们建议所有用户都尽å¯èƒ½æ›´æ–°åˆ°æœ€æ–°ç‰ˆ Android。 </li><li>Android 安全团队会积æžåˆ©ç”¨â€œéªŒè¯åº”用â€å’Œ SafetyNet æ¥ç›‘控滥用行为,这些功能会在用户å³å°†å®‰è£…å¯èƒ½æœ‰å®³çš„应用时å‘出è¦å‘Šã€‚Google Play ä¸ç¦æ¢æ供设备 Root æƒé™èŽ·å–工具。为了ä¿æŠ¤ä»Ž Google Play 之外的æ¥æºå®‰è£…应用的用户,“验è¯åº”用â€åœ¨é»˜è®¤æƒ…况下将处于å¯ç”¨çŠ¶æ€ï¼Œå¹¶åœ¨å‘现已知的 Root 应用时è¦å‘Šç”¨æˆ·ã€‚“验è¯åº”用â€ä¼šå°è¯•è¯†åˆ«å¹¶é˜»æ¢ç”¨æˆ·å®‰è£…会利用ææƒæ¼æ´žçš„已知æ¶æ„应用。如果用户已安装æ¤ç±»åº”用,那么“验è¯åº”用â€å°†ä¼šé€šçŸ¥ç”¨æˆ·å¹¶å°è¯•ç§»é™¤æ‰€æœ‰æ¤ç±»åº”用。 </li><li>由于已åšäº†é€‚å½“æ›´æ–°ï¼Œå› æ¤ Google 环èŠå’Œ Messenger 应用ä¸ä¼šè‡ªåŠ¨å°†åª’ä½“å†…å®¹ä¼ é€’ç»™ mediaserver 这类进程。 </li></ul> + <h2 id="acknowledgements">致谢</h2> + <p>Android 安全团队éžå¸¸æ„Ÿè°¢ä»¥ä¸‹ç ”究人员åšå‡ºçš„贡献:</p> + <ul> -<li>Google Chrome 安全团队的 Abhishek Aryaã€Oliver Chang å’Œ Martin Barbella:CVE-2016-0834ã€CVE-2016-0841ã€CVE-2016-0840ã€CVE-2016-0839ã€CVE-2016-0838</li><li>CENSUS S.A. çš„ Anestis Bechtsoudis (<a href="https://twitter.com/anestisb">@anestisb</a>):CVE-2016-0842ã€CVE-2016-0836ã€CVE-2016-0835</li><li>Google Telecom 团队的 Brad Ebinger å’Œ Santos Cordon:CVE-2016-0847</li><li>布伦瑞克工业大å¦<a href="https://www.ibr.cs.tu-bs.de">æ“作系统和计算机网络å¦é™¢</a>çš„ Dominik Schürmann:CVE-2016-2425</li><li>奇虎 360 IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a> å’Œ Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>):CVE-2016-0844</li><li> <a href="https://www.epfl.ch">École polytechnique fédérale de Lausanne</a> çš„ <a href="mailto:gpiskas@gmail.com">George Piskas</a>:CVE-2016-2426</li><li><a href="http://www.360.com/">奇虎 360 科技有é™å…¬å¸</a>的龚广 (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2016-2412ã€CVE-2016-2416</li><li>Google Project Zero çš„ James Forshaw:CVE-2016-2417ã€CVE-2016-0846</li><li>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a> å’Œ Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>):CVE-2016-2410ã€CVE-2016-2411</li><li>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-2409</li><li>Vertu Corporation LTD çš„ Nancy Wang:CVE-2016-0837</li><li> <a href="mailto:nasim@zamir.ca">Nasim Zamir</a>:CVE-2016-2409</li><li>Qualcomm 产å“安全计划的 Nico Golde (<a href="https://twitter.com/iamnion">@iamnion</a>):CVE-2016-2420ã€CVE-2016-0849</li><li>趋势科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>):CVE-2016-2418ã€CVE-2016-2413ã€CVE-2016-2419</li><li>Google ä¿¡æ¯å®‰å…¨å›¢é˜Ÿçš„ Quan Nguyen:CVE-2016-2427</li><li>Richard Shupak:CVE-2016-2415</li><li><a href="https://labs.mwrinfosecurity.com/">MWR 实验室</a>çš„ Romain Trouvé (<a href="https://twitter.com/bouuntyyy">@bouuntyyy)</a>:CVE-2016-0850</li><li>Stuart Henderson:CVE-2016-2422</li><li>Android 安全团队的 Vishwath Mohan:CVE-2016-2424</li><li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2016-2414</li><li>趋势科技的å´æ½æµ (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2016-0843</li><li> å°ç¬¬å®‰çº³å¤§å¦å¸ƒå¢æ˜Žé¡¿åˆ†æ ¡çš„ <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a> å’Œ <a href="mailto:xw7@indiana.edu">Xiaofeng Wang</a>;北京大å¦çš„ <a href="mailto:litongxin1991@gmail.com">Tongxin Li</a> å’Œ <a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>:CVE-2016-0848</li></ul> + <li>Google Chrome 安全团队的 Abhishek Aryaã€Oliver Chang å’Œ Martin Barbella:CVE-2016-0834ã€CVE-2016-0841ã€CVE-2016-0840ã€CVE-2016-0839ã€CVE-2016-0838</li><li>CENSUS S.A. çš„ Anestis Bechtsoudis (<a href="https://twitter.com/anestisb">@anestisb</a>):CVE-2016-0842ã€CVE-2016-0836ã€CVE-2016-0835</li><li>Google Telecom 团队的 Brad Ebinger å’Œ Santos Cordon:CVE-2016-0847</li><li>布伦瑞克工业大å¦<a href="https://www.ibr.cs.tu-bs.de">æ“作系统和计算机网络å¦é™¢</a>çš„ Dominik Schürmann:CVE-2016-2425</li><li>奇虎 360 IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a> å’Œ Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>):CVE-2016-0844</li><li> <a href="https://www.epfl.ch">École polytechnique fédérale de Lausanne</a> çš„ <a href="mailto:gpiskas@gmail.com">George Piskas</a>:CVE-2016-2426</li><li><a href="http://www.360.com/">奇虎 360 科技有é™å…¬å¸</a>的龚广 (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2016-2412ã€CVE-2016-2416</li><li>Google Project Zero çš„ James Forshaw:CVE-2016-2417ã€CVE-2016-0846</li><li>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a> å’Œ Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>):CVE-2016-2410ã€CVE-2016-2411</li><li>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-2409</li><li>Vertu Corporation LTD çš„ Nancy Wang:CVE-2016-0837</li><li> <a href="mailto:nasim@zamir.ca">Nasim Zamir</a>:CVE-2016-2409</li><li>Qualcomm 产å“安全计划的 Nico Golde (<a href="https://twitter.com/iamnion">@iamnion</a>):CVE-2016-2420ã€CVE-2016-0849</li><li>趋势科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>):CVE-2016-2418ã€CVE-2016-2413ã€CVE-2016-2419</li><li>Richard Shupak:CVE-2016-2415</li><li><a href="https://labs.mwrinfosecurity.com/">MWR 实验室</a>çš„ RomainTrouvé:CVE-2016-0850</li><li>Stuart Henderson:CVE-2016-2422</li><li>Android 安全团队的 Vishwath Mohan:CVE-2016-2424</li><li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2016-2414</li><li>趋势科技的å´æ½æµ (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2016-0843</li><li> å°ç¬¬å®‰çº³å¤§å¦å¸ƒå¢æ˜Žé¡¿åˆ†æ ¡çš„ <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a> å’Œ <a href="mailto:xw7@indiana.edu">Xiaofeng Wang{/1;北京大å¦çš„ </a><a href="mailto:litongxin1991@gmail.com">Tongxin Li</a> å’Œ <a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>:CVE-2016-0848 +</li></ul> + <p>æ¤å¤–,Android 安全团队还由衷地感谢 <a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang ä»¥åŠ <a href="https://www.zimperium.com/">Zimperium</a> 对 CVE-2015-1805 åšå‡ºçš„贡献。</p> + <h2 id="security_vulnerability_details">安全æ¼æ´žè¯¦æƒ…</h2> -<p>我们在下é¢æ供了上述<a href="#security_vulnerability_summary">安全æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³ Bugã€ä¸¥é‡ç¨‹åº¦ã€å—å½±å“版本åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚å¦‚æžœæœ‰è§£å†³ Bug ID 所对应问题的 AOSP 代ç æ交记录,我们也将æ供相应链接。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„代ç 更改记录,我们还将通过 Bug ID åŽé¢çš„æ•°å—链接到更多 AOSP å‚考信æ¯ã€‚</p> + +<p>以下部分介ç»äº† 2016-04-02 è¡¥ä¸ç¨‹åºçº§åˆ«æ¶µç›–çš„æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³é”™è¯¯ã€ä¸¥é‡ç¨‹åº¦ã€å—å½±å“版本åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚å¦‚æžœæœ‰è§£å†³ Bug ID 所对应问题的 AOSP 代ç æ交记录,我们也将æ供相应链接。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„代ç 更改记录,我们还将通过 Bug ID åŽé¢çš„æ•°å—链接到更多 AOSP å‚考信æ¯ã€‚</p> + <h3 id="remote_code_execution_vulnerability_in_dhcpcd">DHCPCD ä¸çš„远程代ç 执行æ¼æ´ž</h3> + <p>攻击者å¯èƒ½ä¼šé€šè¿‡åŠ¨æ€ä¸»æœºé…ç½®åè®®æœåŠ¡ä¸çš„æ¼æ´žç ´å内å˜ï¼Œä»Žè€Œæ‰§è¡Œè¿œç¨‹ä»£ç 。由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡ DHCP 客户端执行远程代ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚DHCP æœåŠ¡å¯ä»¥èŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–çš„æƒé™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243">ANDROID-15268738</a></td> -<td>严é‡</td> -<td>4.4.4</td> -<td>2014 å¹´ 7 月 30 æ—¥</td> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8">ANDROID-16677003</a></td> -<td>严é‡</td> -<td>4.4.4</td> -<td>2014 å¹´ 7 月 30 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-1503</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09">ANDROID-26461634</a></td> -<td>严é‡</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 4 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243">ANDROID-15268738</a></td> + <td>严é‡</td> + <td>4.4.4</td> + <td>2014 å¹´ 7 月 30 æ—¥</td> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8">ANDROID-16677003</a></td> + <td>严é‡</td> + <td>4.4.4</td> + <td>2014 å¹´ 7 月 30 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-1503</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09">ANDROID-26461634</a></td> + <td>严é‡</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 4 æ—¥</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_media_codec">媒体编解ç 器ä¸çš„远程代ç 执行æ¼æ´ž</h3> + <p>对于特制的文件,系统在处ç†å…¶åª’体文件和数æ®æ—¶ï¼Œæ”»å‡»è€…å¯é€šè¿‡ mediaserver 使用的媒体编解ç 器ä¸çš„æ¼æ´žç ´å内å˜å¹¶é€šè¿‡ mediaserver 进程执行远程代ç 。</p> + <p>å—å½±å“的功能是æ“ä½œç³»ç»Ÿçš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œæœ‰å¤šä¸ªåº”ç”¨å…许通过远程内容(最主è¦æ˜¯å½©ä¿¡å’Œæµè§ˆå™¨åª’体æ’放)使用该功能。</p> + <p>由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡ mediaserver æœåŠ¡æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚mediaserver æœåŠ¡å¯ä»¥è®¿é—®éŸ³é¢‘和视频æµï¼Œè¿˜å¯ä»¥èŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–çš„æƒé™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0834</td> -<td>ANDROID-26220548*</td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 16 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0834</td> + <td>ANDROID-26220548*</td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 16 æ—¥</td> + </tr> +</tbody></table> + <p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> + <h3 id="remote_code_execution_vulnerability_in_mediaserver">Mediaserver ä¸çš„远程代ç 执行æ¼æ´ž</h3> + <p>对于特制的文件,系统在处ç†å…¶åª’体文件和数æ®æ—¶ï¼Œæ”»å‡»è€…å¯é€šè¿‡ mediaserver ä¸çš„æ¼æ´žç ´å内å˜å¹¶é€šè¿‡ mediaserver 进程执行远程代ç 。</p> + <p>å—å½±å“的功能是æ“ä½œç³»ç»Ÿçš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œæœ‰å¤šä¸ªåº”ç”¨å…许通过远程内容(最主è¦æ˜¯å½©ä¿¡å’Œæµè§ˆå™¨åª’体æ’放)使用该功能。</p> + <p>由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡ mediaserver æœåŠ¡æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚mediaserver æœåŠ¡å¯ä»¥è®¿é—®éŸ³é¢‘和视频æµï¼Œè¿˜å¯ä»¥èŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–çš„æƒé™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0835</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301">ANDROID-26070014</a>[<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>]</td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 6 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0836</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985">ANDROID-25812590</a></td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 19 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0837</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf">ANDROID-27208621</a></td> -<td>严é‡</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 11 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0838</td> -<td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49">ANDROID-26366256</a>[<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> -<td>严é‡</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -<tr> -<td>CVE-2016-0839</td> -<td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351">ANDROID-25753245</a></td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -<tr> -<td>CVE-2016-0840</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1">ANDROID-26399350</a></td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -<tr> -<td>CVE-2016-0841</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252">ANDROID-26040840</a></td> -<td>严é‡</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0835</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> + ANDROID-26070014</a> + [<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>] + </td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 6 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0836</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985">ANDROID-25812590</a></td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 19 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0837</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf">ANDROID-27208621</a></td> + <td>严é‡</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 11 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0838</td> + <td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> + ANDROID-26366256</a> + [<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> + <td>严é‡</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> + <tr> + <td>CVE-2016-0839</td> + <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351">ANDROID-25753245</a></td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> + <tr> + <td>CVE-2016-0840</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1">ANDROID-26399350</a></td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> + <tr> + <td>CVE-2016-0841</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252">ANDROID-26040840</a></td> + <td>严é‡</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_libstagefright">libstagefright ä¸çš„远程代ç 执行æ¼æ´ž</h3> + <p>对于特制的文件,系统在处ç†å…¶åª’体文件和数æ®æ—¶ï¼Œæ”»å‡»è€…å¯é€šè¿‡ libstagefright ä¸çš„æ¼æ´žç ´å内å˜å¹¶é€šè¿‡ mediaserver 进程执行远程代ç 。</p> + <p>å—å½±å“的功能是æ“ä½œç³»ç»Ÿçš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œæœ‰å¤šä¸ªåº”ç”¨å…许通过远程内容(最主è¦æ˜¯å½©ä¿¡å’Œæµè§ˆå™¨åª’体æ’放)使用该功能。</p> + <p>由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡ mediaserver æœåŠ¡æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚mediaserver æœåŠ¡å¯ä»¥è®¿é—®éŸ³é¢‘和视频æµï¼Œè¿˜å¯ä»¥èŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–çš„æƒé™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0842</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db">ANDROID-25818142</a></td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 23 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0842</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db">ANDROID-25818142</a></td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 23 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_kernel">å†…æ ¸ä¸çš„ææƒæ¼æ´ž</h3> + <p>å†…æ ¸ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而您å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚<a href="/security/advisory/2016-03-18.html">Android 安全公告 - 2016 å¹´ 3 月 18 æ—¥</a>对æ¤é—®é¢˜è¿›è¡Œäº†æ述。</p> + <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2015-1805</td> -<td>ANDROID-27275324*</td> -<td>严é‡</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 19 æ—¥</td> -</tr> -</table> -<p>* AOSP ä¸çš„è¡¥ä¸ç¨‹åºé€‚ç”¨äºŽç‰¹å®šçš„å†…æ ¸ç‰ˆæœ¬ï¼š<a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>ã€<a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a> å’Œ <a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a>。</p> + <tbody><tr> + <th>CVE</th> + <th>Bug</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2015-1805</td> + <td>ANDROID-27275324*</td> + <td>严é‡</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 19 æ—¥</td> + </tr> +</tbody></table> +<p>*AOSP ä¸çš„è¡¥ä¸ç¨‹åºé€‚ç”¨äºŽç‰¹å®šçš„å†…æ ¸ç‰ˆæœ¬ï¼š<a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>ã€<a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a> å’Œ <a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a>。</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module">Qualcomm 效能模å—ä¸çš„ææƒæ¼æ´ž</h3> + <p>Qualcomm ARM 处ç†å™¨çš„效能事件管ç†å™¨ç»„件ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而您å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0843</td> -<td>ANDROID-25801197*</td> -<td>严é‡</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 19 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0843</td> + <td>ANDROID-25801197*</td> + <td>严é‡</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 19 æ—¥</td> + </tr> +</tbody></table> + <p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> + <h3 id="elevation_of_privilege_in_qualcomm_rf_component">Qualcomm RF 组件ä¸çš„ææƒæ¼æ´ž</h3> + <p>Qualcomm RF 驱动程åºä¸æœ‰ä¸€é¡¹æ¼æ´žï¼Œæœ¬åœ°æ¶æ„应用å¯åˆ©ç”¨è¿™é¡¹æ¼æ´žé€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而您å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> + <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0844</td> -<td>ANDROID-26324307*</td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> -<p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布,而是<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa">ä½äºŽ Linux Upstream ä¸</a>。</p> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0844</td> + <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/57531cacb40682be4b1189c721fd1e7f25bf3786"> + ANDROID-26324307</a>*</td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> +<p>*针对该问题的å¦ä¸€ä¸ªè¡¥ä¸ç¨‹åºä½äºŽ <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa">Linux 上游</a>代ç ä¸ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_kernel12">å†…æ ¸ä¸çš„ææƒæ¼æ´ž</h3> + <p>常è§å†…æ ¸ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而您å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2014-9322</td> -<td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a>[<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>][<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br/>[<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>][<a href="https://android.googlesource.com/kernel/common/+/44d057a37868a60bc2eb6e7d1dcea701f234d56a">5</a>][<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>][<a href="https://android.googlesource.com/kernel/common/+/e068734f9e7344997a61022629b92d142a985ab3">7</a>][<a href="https://android.googlesource.com/kernel/common/+/fdc6c1052bc7d89a5826904fbb4318677e8442ce">8</a>][<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>][<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>][<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> -<td>严é‡</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2014-9322</td> + <td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> + [<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>] + [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br /> + [<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>] + [<a href="https://android.googlesource.com/kernel/common/+/44d057a37868a60bc2eb6e7d1dcea701f234d56a">5</a>] + [<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>] + [<a href="https://android.googlesource.com/kernel/common/+/e068734f9e7344997a61022629b92d142a985ab3">7</a>] + [<a href="https://android.googlesource.com/kernel/common/+/fdc6c1052bc7d89a5826904fbb4318677e8442ce">8</a>] + [<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>] + [<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>] + [<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> + <td>严é‡</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_imemory_native_interface">IMemory 本机界é¢ä¸çš„ææƒæ¼æ´ž</h3> + <p>IMemory 本机界é¢ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过ææƒåŽçš„系统应用执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0846</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149">ANDROID-26877992</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0846</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149">ANDROID-26877992</a></td> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_telecom_component">Telecom 组件ä¸çš„ææƒæ¼æ´ž</h3> + <p>Telecom 组件ä¸çš„ææƒæ¼æ´žå¯è®©æ”»å‡»è€…å°†æ¥ç”µæ˜¾ç¤ºä¸ºä»»æ„å·ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰çš„本地使用æƒé™ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0847</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444">ANDROID-26864502</a>[<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>]</td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0847</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> + ANDROID-26864502</a> + [<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>] + </td> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_download_manager">下载管ç†å™¨ä¸çš„ææƒæ¼æ´ž</h3> + <p>下载管ç†å™¨ä¸çš„ææƒæ¼æ´žå¯è®©æ”»å‡»è€…获å–对ç§äººå˜å‚¨ç©ºé—´ä¸æœªç»æŽˆæƒæ–‡ä»¶çš„访问æƒé™ã€‚由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰çš„本地使用æƒé™ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> + <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0848</td> -<td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9">ANDROID-26211054</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 14 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0848</td> + <td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9">ANDROID-26211054</a></td> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 14 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_recovery_procedure">æ¢å¤ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> + <p>æ¢å¤ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过ææƒåŽçš„系统应用执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0849</td> -<td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad">ANDROID-26960931</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 3 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0849</td> + <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad">ANDROID-26960931</a></td> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 3 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_bluetooth">è“牙ä¸çš„ææƒæ¼æ´ž</h3> + <p>è“牙ä¸çš„ææƒæ¼æ´žå¯è®©ä¸å—信任的设备在åˆå§‹é…对æµç¨‹ä¸ä¸Žæ‰‹æœºé…对。这å¯èƒ½ä¼šå¯¼è‡´æ”»å‡»è€…未ç»æŽˆæƒè®¿é—®è®¾å¤‡èµ„æºï¼ˆä¾‹å¦‚互è”网连接)。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ä¸å—ä¿¡ä»»çš„è®¾å¤‡æ— æ³•èŽ·å–的特æƒï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-0850</td> -<td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a">ANDROID-26551752</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 13 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-0850</td> + <td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a">ANDROID-26551752</a></td> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 13 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_texas_instruments_haptic_driver">德州仪器触感驱动程åºä¸çš„ææƒæ¼æ´ž</h3> + <p>å¾·å·žä»ªå™¨è§¦æ„Ÿå†…æ ¸é©±åŠ¨ç¨‹åºä¸æœ‰ä¸€é¡¹ææƒæ¼æ´žï¼Œæœ¬åœ°æ¶æ„应用å¯åˆ©ç”¨è¿™é¡¹æ¼æ´žé€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。通常,我们会将æ¤ç±»å†…æ ¸ä»£ç 执行 Bug 的严é‡ç¨‹åº¦è¯„为“严é‡â€ï¼Œä½†ç”±äºŽè¯¥æ¼æ´žéœ€è¦å…ˆç ´å能够调用驱动程åºçš„æœåŠ¡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦æ”¹è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2409</td> -<td>ANDROID-25981545*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2409</td> + <td>ANDROID-25981545*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_kernel_driver">Qualcomm è§†é¢‘å†…æ ¸é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> + <p>Qualcomm è§†é¢‘å†…æ ¸é©±åŠ¨ç¨‹åºä¸æœ‰ä¸€é¡¹ææƒæ¼æ´žï¼Œæœ¬åœ°æ¶æ„应用å¯åˆ©ç”¨è¿™é¡¹æ¼æ´žé€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç ã€‚é€šå¸¸ï¼Œæˆ‘ä»¬ä¼šå°†å†…æ ¸ä»£ç 执行æ¼æ´žçš„严é‡ç¨‹åº¦è¯„为“严é‡â€ï¼Œä½†ç”±äºŽè¯¥æ¼æ´žéœ€è¦å…ˆç ´å能够调用驱动程åºçš„æœåŠ¡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦æ”¹è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2410</td> -<td>ANDROID-26291677*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 21 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2410</td> + <td>ANDROID-26291677*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 21 æ—¥</td> + </tr> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_power_management_component">Qualcomm 电æºç®¡ç†ç»„件ä¸çš„ææƒæ¼æ´ž</h3> + <p>Qualcomm 电æºç®¡ç†å†…æ ¸é©±åŠ¨ç¨‹åºä¸æœ‰ä¸€é¡¹ææƒæ¼æ´žï¼Œæœ¬åœ°æ¶æ„应用å¯åˆ©ç”¨è¿™é¡¹æ¼æ´žé€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。通常,我们会将æ¤ç±»å†…æ ¸ä»£ç 执行 Bug 的严é‡ç¨‹åº¦è¯„为“严é‡â€ï¼Œä½†ç”±äºŽè¯¥æ¼æ´žéœ€è¦å…ˆç ´å设备并将æƒé™æå‡ä¸º rootï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦æ”¹è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2411</td> -<td>ANDROID-26866053*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 28 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2411</td> + <td>ANDROID-26866053*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 28 æ—¥</td> + </tr> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> + <h3 id="elevation_of_privilege_vulnerability_in_system_server">System_server ä¸çš„ææƒæ¼æ´ž</h3> + <p>System_server ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过ææƒåŽçš„系统应用执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2412</td> -<td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac">ANDROID-26593930</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 15 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2412</td> + <td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac">ANDROID-26593930</a></td> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 15 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_mediaserver">Mediaserver ä¸çš„ææƒæ¼æ´ž</h3> + <p>Mediaserver ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过ææƒåŽçš„系统应用执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2413</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48">ANDROID-26403627</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 5 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2413</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48">ANDROID-26403627</a></td> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 5 æ—¥</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_vulnerability_in_minikin">Minikin ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> + <p>Minikin 库ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æœ¬åœ°æ”»å‡»è€…暂时阻æ¢ç”¨æˆ·ä½¿ç”¨å—å½±å“的设备。攻击者å¯ä½¿ç³»ç»ŸåŠ è½½ä¸å¯ä¿¡çš„å—ä½“ï¼Œé€ æˆ Minikin 组件ä¸å‘生溢出现象,从而导致崩溃。由于拒ç»æœåŠ¡æ¼æ´žä¼šå¯¼è‡´ç³»ç»Ÿä¸æ–é‡æ–°å¯åŠ¨ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2414</td> -<td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6">ANDROID-26413177</a>[<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>]</td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 3 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2414</td> + <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> + ANDROID-26413177</a> + [<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>] + </td> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 3 æ—¥</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_exchange_activesync">Exchange ActiveSync ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> + <p>Exchange ActiveSync ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–对用户éšç§ä¿¡æ¯çš„访问æƒé™ã€‚由于该æ¼æ´žå¯ç”¨äºŽè¿œç¨‹è®¿é—®å—ä¿æŠ¤çš„æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2415</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2">ANDROID-26488455</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 11 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2415</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2">ANDROID-26488455</a></td> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 11 æ—¥</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_mediaserver">Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> -<p>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯ç”¨äºŽç»•è¿‡ç›¸åº”的安全措施(这类措施å¯å¢žåŠ 攻击者利用平å°çš„难度)。由于这类æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> + +<p>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯ç”¨äºŽç»•è¿‡ç›¸åº”的安全措施(这类措施å¯å¢žåŠ 攻击者利用平å°çš„难度)。由于这类æ¼æ´žè¿˜å¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2416</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd">ANDROID-27046057</a>[<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>]</td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 5 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2417</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84">ANDROID-26914474</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 1 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2418</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3">ANDROID-26324358</a></td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 24 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2419</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34">ANDROID-26323455</a></td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 24 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2416</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> + ANDROID-27046057</a> + [<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>] + </td> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 5 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2417</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84">ANDROID-26914474</a></td> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 1 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2418</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3">ANDROID-26324358</a></td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 24 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2419</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34">ANDROID-26323455</a></td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 24 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_debuggerd_component">Debuggerd 组件ä¸çš„ææƒæ¼æ´ž</h3> + <p>Debuggerd 组件ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用执行任æ„代ç ,从而å¯èƒ½å¯¼è‡´è®¾å¤‡æ°¸ä¹…æŸåã€‚è¿™æ ·ä¸€æ¥ï¼Œæ‚¨å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ã€‚通常,我们会将æ¤ç±»ä»£ç 执行 Bug 的严é‡ç¨‹åº¦è¯„为“严é‡â€ï¼Œä½†ç”±äºŽè¯¥æ¼æ´žåªèƒ½åœ¨ Android 4.4.4 版ä¸å°†æƒé™ä»Ž system æå‡ä¸º rootï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦æ”¹è¯„为“ä¸â€ã€‚在 Android 5.0 åŠä»¥ä¸Šç‰ˆæœ¬ä¸ï¼ŒSELinux 规则会阻æ¢ç¬¬ä¸‰æ–¹åº”用获å–å—å½±å“的代ç 。</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2420</td> -<td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98">ANDROID-26403620</a>[<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>]</td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 5 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2420</td> + <td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> + ANDROID-26403620</a> + [<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>] + </td> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 5 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard">设置å‘导ä¸çš„ææƒæ¼æ´ž</h3> + <p>设置å‘导ä¸çš„æ¼æ´žå¯è®©æ”»å‡»è€…绕过“æ¢å¤å‡ºåŽ‚设置ä¿æŠ¤â€æœºåˆ¶ï¼Œå¹¶èŽ·å–对设备的访问æƒé™ã€‚由于该æ¼æ´žå¯è®©å®žé™…拿到设备的人绕过“æ¢å¤å‡ºåŽ‚设置ä¿æŠ¤â€æœºåˆ¶ï¼Œä»Žè€Œä½¿æ”»å‡»è€…å¯ä»¥æˆåŠŸé‡ç½®è®¾å¤‡å¹¶æ¸…除所有数æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2421</td> -<td>ANDROID-26154410*</td> -<td>ä¸</td> -<td>5.1.1ã€6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2421</td> + <td>ANDROID-26154410*</td> + <td>ä¸</td> + <td>5.1.1ã€6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> +</tbody></table> + <p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制版本ä¸åŒ…å«ç›¸åº”更新。</p> + <h3 id="elevation_of_privilege_in_wi-fi">WLAN ä¸çš„ææƒæ¼æ´ž</h3> + <p>WLAN ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过ææƒåŽçš„系统应用执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2422</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c">ANDROID-26324357</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 23 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2422</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c">ANDROID-26324357</a></td> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 23 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_telephony">Telephony ä¸çš„ææƒæ¼æ´ž</h3> + <p>Telephony ä¸çš„æ¼æ´žå¯è®©æ”»å‡»è€…绕过“æ¢å¤å‡ºåŽ‚设置ä¿æŠ¤â€æœºåˆ¶ï¼Œå¹¶èŽ·å–对设备的访问æƒé™ã€‚由于该æ¼æ´žå¯è®©å®žé™…拿到设备的人绕过“æ¢å¤å‡ºåŽ‚设置ä¿æŠ¤â€æœºåˆ¶ï¼Œä»Žè€Œä½¿æ”»å‡»è€…å¯ä»¥æˆåŠŸé‡ç½®è®¾å¤‡å¹¶æ¸…除所有数æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2423</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa">ANDROID-26303187</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2423</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa">ANDROID-26303187</a></td> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_in_syncstorageengine">SyncStorageEngine ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> + <p>本地æ¶æ„应用å¯åˆ©ç”¨ SyncStorageEngine ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žè®©ç³»ç»Ÿä¸æ–é‡æ–°å¯åŠ¨ã€‚由于该æ¼æ´žå¯å¯¼è‡´æœ¬åœ°æœåŠ¡æš‚时被拒,而该问题å¯èƒ½éœ€è¦é€šè¿‡æ¢å¤å‡ºåŽ‚设置æ‰èƒ½å¾—到修æ£ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2424</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb">ANDROID-26513719</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2424</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb">ANDROID-26513719</a></td> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 内部</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_aosp_mail">AOSP 邮件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> + <p>AOSP 邮件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–对用户éšç§ä¿¡æ¯çš„访问æƒé™ã€‚由于该æ¼æ´žå¯ç”¨äºŽä»¥ä¸æ£å½“çš„æ–¹å¼èŽ·å–“dangerousâ€æƒé™ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f">ANDROID-26989185</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td>ANDROID-7154234*</td> -<td>ä¸</td> -<td>5.0.2</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f">ANDROID-26989185</a></td> + <td>ä¸</td> + <td>4.4.4ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td>ANDROID-7154234*</td> + <td>ä¸</td> + <td>5.0.2</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> +</tbody></table> + <p>*针对该问题的补ä¸ç¨‹åºæœªåœ¨ AOSP ä¸å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制版本ä¸åŒ…å«ç›¸åº”更新。</p> + <h3 id="information_disclosure_vulnerability_in_framework">Framework ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> + <p>Framework 组件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©åº”用获å–æ•æ„Ÿä¿¡æ¯ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下以ä¸æ£å½“çš„æ–¹å¼èŽ·å–æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2426</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0">ANDROID-26094635</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 8 æ—¥</td> -</tr> -</table> -<h3 id="information_disclosure_vulnerability_in_bouncycastle">BouncyCastle ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> -<p>BouncyCastle ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯èƒ½ä¼šå¯¼è‡´èº«ä»½éªŒè¯å¯†é’¥é到泄露。由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下,利用设备上安装的应用获å–“dangerousâ€çº§åˆ«çš„æ•°æ®æˆ–æƒé™ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> -<table> -<tr> -<th>CVE</th> -<th>Bug(附 AOSP 链接)</th> -<th>严é‡ç¨‹åº¦</th> -<th>已更新的版本</th> -<th>报告日期</th> -</tr> -<tr> -<td>CVE-2016-2427</td> -<td><a href="https://android.googlesource.com/platform/libcore/+/efd369d996fd38c50a50ea0de8f20507253cb6de">ANDROID-26234568</a>[<a href="https://android.googlesource.com/platform/external/bouncycastle/+/b3bddea0f33c0459293c6419569ad151b4a7b44b">2</a>]</td> -<td>ä¸</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 内部</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>Bug(附 AOSP 链接)</th> + <th>严é‡ç¨‹åº¦</th> + <th>已更新的版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-2426</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0">ANDROID-26094635</a></td> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 8 æ—¥</td> + </tr> +</tbody></table> + <h2 id="common_questions_and_answers">常è§é—®é¢˜å’Œè§£ç”</h2> + <p>本部分针对阅读本公告åŽå¯èƒ½äº§ç”Ÿçš„常è§é—®é¢˜æ供了相应的解ç”。</p> + <p><strong>1. 如何确定我的设备是å¦å·²æ›´æ–°åˆ°è§£å†³äº†è¿™äº›é—®é¢˜çš„版本?</strong></p> + <p>2016 å¹´ 4 月 2 日(或之åŽçš„日期)的安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æœ¬æ–‡æ‰€åˆ—的这些问题(请å‚阅 <a href="https://support.google.com/nexus/answer/4457705">Nexus 文档</a>ä¸æ供的相关说明,了解如何检查安全补ä¸ç¨‹åºçº§åˆ«ï¼‰ã€‚æä¾›è¿™äº›æ›´æ–°çš„è®¾å¤‡åˆ¶é€ å•†åº”å°†è¡¥ä¸ç¨‹åºå—符串级别设为 [ro.build.version.security_patch]:[2016-04-02]</p> + <p><strong>2. 为什么æ¤å®‰å…¨è¡¥ä¸ç¨‹åºçº§åˆ«æ˜¯ 2016 å¹´ 4 月 2 日? </strong></p> + <p>通常情况下,æ¯æœˆå®‰å…¨æ›´æ–°çš„安全补ä¸ç¨‹åºçº§åˆ«ä¼šè®¾ç½®ä¸ºå½“月的第一天。以 4 月为例,2016 å¹´ 4 月 1 日的安全补ä¸ç¨‹åºçº§åˆ«è¡¨ç¤ºï¼Œæœ¬å…¬å‘Šä¸æ‰€åˆ—问题å‡å·²å¾—到解决(CVE-2015-1805 除外,如 <a href="/security/advisory/2016-03-18.html">Android 安全公告 - 2016 å¹´ 3 月 18 æ—¥</a>ä¸æ‰€è¿°ï¼‰ã€‚2016 å¹´ 4 月 2 日的安全补ä¸ç¨‹åºçº§åˆ«è¡¨ç¤ºï¼Œæœ¬å…¬å‘Šä¸æ‰€åˆ—问题å‡å·²å¾—到解决(包括 CVE-2015-1805,如 <a href="/security/advisory/2016-03-18.html">Android 安全公告 - 2016 å¹´ 3 月 18 æ—¥</a>ä¸æ‰€è¿°ï¼‰ã€‚</p> + <h2 id="revisions">修订版本</h2> + <ul> -<li>2016 å¹´ 4 月 4 日:å‘布了本公告。 - </li><li>2016 å¹´ 4 月 6 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº† AOSP 链接。 + <li>2016 å¹´ 4 月 4 日:å‘布了本公告。 + </li><li>2016 å¹´ 4 月 6 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº†å¤šä¸ª AOSP 链接。 + </li><li>2016 å¹´ 4 月 7 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº†ä¸€ä¸ªé¢å¤–çš„ AOSP 链接。 + </li><li>2016 å¹´ 7 月 11 日:更新了 CVE-2016-2427 的说明。 + </li><li>2016 å¹´ 8 月 1 日:更新了 CVE-2016-2427 的说明。</li><li>2016 å¹´ 12 月 19 日:更新了本公告,移除了之å‰æ¢å¤çš„ CVE-2016-2427。 </li></ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/bulletin/2016-07-01.html b/zh-cn/security/bulletin/2016-07-01.html index c04179b9..cb0a911c 100644 --- a/zh-cn/security/bulletin/2016-07-01.html +++ b/zh-cn/security/bulletin/2016-07-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android 安全公告 - 2016 å¹´ 7 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,384 +20,22 @@ limitations under the License. --> - - <p><em>å‘布时间:2016 å¹´ 7 月 6 æ—¥ | 更新时间:2016 å¹´ 7 月 14 æ—¥</em></p> <p>Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚é™¤äº†å…¬å‘Šä¹‹å¤–ï¼Œæˆ‘ä»¬è¿˜é€šè¿‡æ— çº¿ä¸‹è½½ (OTA) æ›´æ–°çš„æ–¹å¼å‘布了针对 Nexus 设备的安全更新。<a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上也å‘布了 Nexus å›ºä»¶æ˜ åƒã€‚2016 å¹´ 7 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æœ¬å…¬å‘Šä¸çš„所有相关问题。请å‚阅æ¤<a href="https://support.google.com/nexus/answer/4457705#nexus_devices">文档</a>,了解如何检查安全补ä¸ç¨‹åºçº§åˆ«ã€‚</p> <p>我们的åˆä½œä¼™ä¼´åœ¨ 2016 å¹´ 6 月 6 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼ˆå¦‚果适用)。本公告还æ供了 AOSP 之外的补ä¸ç¨‹åºçš„链接。</p> -<p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œå®ƒå¯èƒ½ä¼šå¯¼è‡´åœ¨å¤„ç†åª’体文件的过程ä¸ï¼Œå¯é€šè¿‡ç”µå邮件ã€ç½‘页和彩信ç‰å¤šç§æ–¹å¼åœ¨å—å½±å“的设备上执行远程代ç 。</p> -<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> +<p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œå®ƒå¯èƒ½ä¼šå¯¼è‡´åœ¨å¤„ç†åª’体文件的过程ä¸ï¼Œå¯é€šè¿‡ç”µå邮件ã€ç½‘页和彩信ç‰å¤šç§æ–¹å¼åœ¨å—å½±å“的设备上执行远程代ç 。<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚</p> +<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤åŠŸèƒ½</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> <p>我们建议所有用户在自己的设备上接å—这些更新。</p> <h2 id="announcements">公告</h2> <ul> <li>本公告定义了两个安全补ä¸ç¨‹åºçº§åˆ«å—符串,目的是让 Android åˆä½œä¼™ä¼´èƒ½å¤Ÿçµæ´»åœ°ã€æ›´å¿«é€Ÿåœ°é‡‡å–措施,以修å¤æ‰€æœ‰ Android 设备上类似的一系列æ¼æ´žã€‚如需了解详情,请å‚阅<a href="#common-questions-and-answers">常è§é—®é¢˜å’Œè§£ç”</a>:<ul> <li><strong>2016-07-01</strong>:部分安全补ä¸ç¨‹åºçº§åˆ«å—符串。æ¤å®‰å…¨è¡¥ä¸ç¨‹åºçº§åˆ«å—符串表明与 2016-07-01 相关的所有问题å‡å·²å¾—到解决。 - <li><strong>2016-07-05</strong>:完整的安全补ä¸ç¨‹åºçº§åˆ«å—符串。æ¤å®‰å…¨è¡¥ä¸ç¨‹åºçº§åˆ«å—符串表明与 2016-07-01 å’Œ 2016-07-05 相关的所有问题å‡å·²å¾—到解决。</li> - </li></ul> + </li><li><strong>2016-07-05</strong>:完整的安全补ä¸ç¨‹åºçº§åˆ«å—符串。æ¤å®‰å…¨è¡¥ä¸ç¨‹åºçº§åˆ«å—符串表明与 2016-07-01 å’Œ 2016-07-05 相关的所有问题å‡å·²å¾—到解决。</li> + </ul> </li> <li>å—支æŒçš„ Nexus 设备将收到一个安全补ä¸ç¨‹åºçº§åˆ«ä¸º 2016 å¹´ 7 月 5 日的 OTA 更新。</li> </ul> -<h2 id="security_vulnerability_summary">安全æ¼æ´žæ‘˜è¦</h2> -<p>下表列出了安全æ¼æ´žã€å¯¹åº”çš„ CVE(常è§æ¼æ´žå’Œé£Žé™©è¯†åˆ«ç )ã€è¯„估得出的严é‡ç¨‹åº¦ä»¥åŠæ˜¯å¦ä¼šå½±å“ Nexus 设备。<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚</p> - -<h3 id="2016-07-01_summary">2016-07-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</h3> -<p>2016-07-01(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«éƒ½å¿…须解决以下问题。</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>问题</th> - <th>CVE</th> - <th>严é‡ç¨‹åº¦</th> - <th>是å¦ä¼šå½±å“ Nexus 设备?</th> - </tr> - <tr> - <td>Mediaserver ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2016-2506ã€CVE-2016-2505ã€CVE-2016-2507ã€CVE-2016-2508ã€CVE-2016-3741ã€CVE-2016-3742ã€CVE-2016-3743</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>OpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2016-2108</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>è“牙ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2016-3744</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libpng ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3751</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3745ã€CVE-2016-3746ã€CVE-2016-3747</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>套接å—ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3748</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>LockSettingsService ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3749</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Framework API ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3750</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>ChooserTarget æœåŠ¡ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3752</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-3753</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>OpenSSL ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-2107</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-3754ã€CVE-2016-3755ã€CVE-2016-3756</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libc ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-3818</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>lsof ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3757</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>DexClassLoader ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3758</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Framework API ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3759</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>è“牙ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3760</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NFC ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3761</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>套接å—ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-3762</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>代ç†è‡ªåŠ¨é…ç½®ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-3763</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-3764ã€CVE-2016-3765</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-3766</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> -<p>*已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Nexus 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - - -<h3 id="2016-07-05_summary">2016-07-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</h3> -<p>2016-07-05(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«éƒ½å¿…须解决 2016-07-01 的所有问题以åŠä»¥ä¸‹é—®é¢˜ã€‚</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>问题</th> - <th>CVE</th> - <th>严é‡ç¨‹åº¦</th> - <th>是å¦ä¼šå½±å“ Nexus 设备?</th> - </tr> - <tr> - <td>Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-2503ã€CVE-2016-2067</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek WLAN 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3767</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 效能组件ä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3768</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3769</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸æ–‡ä»¶ç³»ç»Ÿä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3775</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>USB 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2015-8816</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 组件ä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2014-9794ã€CVE-2014-9795ã€CVE-2015-8892ã€CVE-2013-7457ã€CVE-2014-9781ã€CVE-2014-9786ã€CVE-2014-9788ã€CVE-2014-9779ã€CVE-2014-9780ã€CVE-2014-9789ã€CVE-2014-9793ã€CVE-2014-9782ã€CVE-2014-9783ã€CVE-2014-9785ã€CVE-2014-9787ã€CVE-2014-9784ã€CVE-2014-9777ã€CVE-2014-9778ã€CVE-2014-9790ã€CVE-2014-9792ã€CVE-2014-9797ã€CVE-2014-9791ã€CVE-2014-9796ã€CVE-2014-9800ã€CVE-2014-9799ã€CVE-2014-9801ã€CVE-2014-9802ã€CVE-2015-8891ã€CVE-2015-8888ã€CVE-2015-8889ã€CVE-2015-8890</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm USB 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-2502</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3792</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-2501</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 相机驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3793</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 电æºé©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3795ã€CVE-2016-3796</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3797</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek ç¡¬ä»¶ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3798</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 视频驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3799ã€CVE-2016-3800</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek GPS 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3801</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸æ–‡ä»¶ç³»ç»Ÿä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3802ã€CVE-2016-3803</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 电æºç®¡ç†é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3804ã€CVE-2016-3805</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3806</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>串行外设接å£é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3807ã€CVE-2016-3808</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-2068</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2014-9803</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>网络组件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3809</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek WLAN 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3810</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸è§†é¢‘é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3811</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 视频编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3812</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm USB 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3813</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3814ã€CVE-2016-3815</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-3816</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ç”µä¼ é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2016-0723</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žï¼ˆç‰¹å®šäºŽè®¾å¤‡ï¼‰</td> - <td>CVE-2014-9798ã€CVE-2015-8893</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> <h2 id="mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</h2> <p>本部分总结了 <a href="/security/enhancements/index.html">Android 安全平å°</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet)æ供的缓解措施。这些功能å¯é™ä½Ž Android 上的安全æ¼æ´žè¢«æˆåŠŸåˆ©ç”¨çš„å¯èƒ½æ€§ã€‚</p> @@ -411,24 +48,24 @@ <h2 id="acknowledgements">致谢</h2> <p>éžå¸¸æ„Ÿè°¢ä»¥ä¸‹ç ”究人员åšå‡ºçš„贡献:</p> <ul> - <li>Google Chrome 安全团队的 Abhishek Aryaã€Oliver Chang å’Œ Martin Barbella:CVE-2016-3756ã€CVE-2016-3741ã€CVE-2016-3743ã€CVE-2016-3742<li>Check Point 软件技术有é™å…¬å¸çš„ Adam Donenfeld et al.:CVE-2016-2503<li>Google çš„ Adam Powell:CVE-2016-3752<li>Context Information Security çš„ Alex Chapman å’Œ Paul Stone:CVE-2016-3763<li><a href="https://www.e2e-assure.com/">e2e-assure</a> çš„ Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>):CVE-2016-2457<li>Google Project Zero çš„ Ben Hawkes:CVE-2016-3775<li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) å’Œ Xuxian Jiang:CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774<li>Google çš„ Christopher Tate:CVE-2016-3759<li>腾讯 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2016-3762<li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>):CVE-2016-3806ã€CVE-2016-3816ã€CVE-2016-3805ã€CVE-2016-3804ã€CVE-2016-3767ã€CVE-2016-3810ã€CVE-2016-3795ã€CVE-2016-3796<li>Google Android 团队的 Greg Kaiser:CVE-2016-3758<li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a>移动安全团队的 Guang Gong(龚广)(<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2016-3764<li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a>移动安全团队的 Hao Chen å’Œ Guang Gong(龚广):CVE-2016-3792ã€CVE-2016-3768<li><a href="http://www.cmcm.com">猎豹移动公å¸</a>å®‰å…¨ç ”ç©¶å®žéªŒå®¤çš„ Hao Qin:CVE-2016-3754ã€CVE-2016-3766<li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>):CVE-2016-3814ã€CVE-2016-3802ã€CVE-2016-3769ã€CVE-2016-3807ã€CVE-2016-3808<li>Google çš„ Marco Nelissen:CVE-2016-3818<li>Google Project Zero çš„ Mark Brand:CVE-2016-3757<li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>:CVE-2016-3750<li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-3747ã€CVE-2016-3746ã€CVE-2016-3765<li>阿里巴巴移动安全团队的 Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yang å’Œ Yang Ssong:CVE-2016-3800ã€CVE-2016-3799ã€CVE-2016-3801ã€CVE-2016-3812ã€CVE-2016-3798<li>趋势科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>):CVE-2016-3793<li>Google çš„ Ricky Wai:CVE-2016-3749<li>Roeland Krak:CVE-2016-3753<li>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2016-3797ã€CVE-2016-3813ã€CVE-2016-3815ã€CVE-2016-2501ã€CVE-2016-2502<li>Vasily Vasilev:CVE-2016-2507<li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2016-2508ã€CVE-2016-3755<li>腾讯 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>):CVE-2016-3809<li>腾讯安全平å°éƒ¨é—¨çš„ Xiling Gong:CVE-2016-3745<li>ä¸å›½ç§‘å¦é™¢è½¯ä»¶ç ”究所 TCA 实验室的 Yacong Gu:CVE-2016-3761<li>腾讯玄æ¦å®žéªŒå®¤çš„ Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>):CVE-2016-2505<li>腾讯玄æ¦å®žéªŒå®¤çš„ Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) å’Œ Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>):CVE-2016-2506<li>百度 X-Lab çš„ Yulong Zhang å’Œ Tao (Lenx) Wei:CVE-2016-3744</li> -</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> + <li>Google Chrome 安全团队的 Abhishek Aryaã€Oliver Chang å’Œ Martin Barbella:CVE-2016-3756ã€CVE-2016-3741ã€CVE-2016-3743ã€CVE-2016-3742</li><li>Check Point 软件技术有é™å…¬å¸çš„ Adam Donenfeld et al.:CVE-2016-2503</li><li>Google çš„ Adam Powell:CVE-2016-3752</li><li>Context Information Security çš„ Alex Chapman å’Œ Paul Stone:CVE-2016-3763</li><li><a href="https://www.e2e-assure.com/">e2e-assure</a> çš„ Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>):CVE-2016-2457</li><li>Google Project Zero çš„ Ben Hawkes:CVE-2016-3775</li><li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) å’Œ Xuxian Jiang:CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774</li><li>Google çš„ Christopher Tate:CVE-2016-3759</li><li>腾讯科æ©å®žéªŒå®¤ (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2016-3762</li><li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>):CVE-2016-3806ã€CVE-2016-3816ã€CVE-2016-3805ã€CVE-2016-3804ã€CVE-2016-3767ã€CVE-2016-3810ã€CVE-2016-3795ã€CVE-2016-3796</li><li>Google Android 团队的 Greg Kaiser:CVE-2016-3758</li><li><a href="https://twitter.com/oldfresher">奇虎 360 科技有é™å…¬å¸</a>移动安全团队的龚广 (<a href="http://www.360.com">@oldfresher</a>):CVE-2016-3764</li><li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> Alpha 团队的 Hao Chen 和龚广:CVE-2016-3792ã€CVE-2016-3768</li><li><a href="http://www.cmcm.com">猎豹移动公å¸</a>å®‰å…¨ç ”ç©¶å®žéªŒå®¤çš„ Hao Qin:CVE-2016-3754ã€CVE-2016-3766</li><li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> IceSword 实验室的 Jianqiang Zhao <a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>):CVE-2016-3814ã€CVE-2016-3802ã€CVE-2016-3769ã€CVE-2016-3807ã€CVE-2016-3808</li><li>Google çš„ Marco Nelissen:CVE-2016-3818</li><li>Google Project Zero çš„ Mark Brand:CVE-2016-3757</li><li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>:CVE-2016-3750</li><li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-3747ã€CVE-2016-3746ã€CVE-2016-3765</li><li>阿里巴巴移动安全团队的 Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yang å’Œ Yang Ssong:CVE-2016-3800ã€CVE-2016-3799ã€CVE-2016-3801ã€CVE-2016-3812ã€CVE-2016-3798</li><li>趋势科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>):CVE-2016-3793</li><li>Google çš„ Ricky Wai:CVE-2016-3749</li><li>Roeland Krak:CVE-2016-3753</li><li>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2016-3797ã€CVE-2016-3813ã€CVE-2016-3815ã€CVE-2016-2501ã€CVE-2016-2502</li><li>Vasily Vasilev:CVE-2016-2507</li><li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2016-2508ã€CVE-2016-3755</li><li>腾讯科æ©å®žéªŒå®¤ (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>):CVE-2016-3809</li><li>腾讯安全平å°éƒ¨é—¨çš„ Xiling Gong:CVE-2016-3745</li><li>ä¸å›½ç§‘å¦é™¢è½¯ä»¶ç ”究所 TCA 实验室的 Yacong Gu:CVE-2016-3761</li><li>腾讯玄æ¦å®žéªŒå®¤çš„ Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>):CVE-2016-2505</li><li>腾讯玄æ¦å®žéªŒå®¤çš„ Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) å’Œ Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>):CVE-2016-2506</li><li>百度 X-Lab çš„ Yulong Zhang å’Œ Tao (Lenx) Wei:CVE-2016-3744</li> +</ul> -<h2 id="2016-07-01_details">2016-07-01 安全补ä¸ç¨‹åºçº§åˆ« - 安全æ¼æ´žè¯¦æƒ…</h2> -<p>我们在下é¢æ供了上述 <a href="#2016-07-01_summary">2016-07-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ã€‚å…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Nexus 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚å¦‚æžœæœ‰è§£å†³ Bug ID 所对应问题的公开更改记录(如 AOSP 代ç 更改列表记录),我们也将æ供相应链接。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> +<h2 id="2016-07-01-details">2016-07-01 安全补ä¸ç¨‹åºçº§åˆ« - 安全æ¼æ´žè¯¦æƒ…</h2> +<p>我们在下é¢æ供了 2017-07-01 è¡¥ä¸ç¨‹åºçº§åˆ«æ¶µç›–çš„æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Nexus 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表记录)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> <h3 id="remote-code-execution-vulnerability-in-mediaserver">Mediaserver ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p>系统在处ç†åª’体文件和数æ®æ—¶ï¼ŒMediaserver ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶ç ´å内å˜ã€‚由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡ Mediaserver 进程执行远程代ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚Mediaserver 进程å¯ä»¥è®¿é—®éŸ³é¢‘和视频æµï¼Œè¿˜å¯ä»¥èŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–çš„æƒé™ã€‚</p> <p>å—å½±å“的功能是æ“ä½œç³»ç»Ÿçš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œæœ‰å¤šä¸ªåº”ç”¨å…许通过远程内容(最主è¦æ˜¯å½©ä¿¡å’Œæµè§ˆå™¨åª’体æ’放)使用该功能。</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -462,7 +99,10 @@ </tr> <tr> <td>CVE-2016-2508</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f">A-28799341</a>[<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/f81038006b4c59a5a148dcad887371206033c28f"> + A-28799341</a> + [<a href="https://android.googlesource.com/platform/frameworks/av/+/d112f7d0c1dbaf0368365885becb11ca8d3f13a4">2</a>] + </td> <td>严é‡</td> <td><a href="#all_nexus">所有 Nexus 设备</a></td> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> @@ -470,7 +110,10 @@ </tr> <tr> <td>CVE-2016-3741</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795">A-28165661</a>[<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/e629194c62a9a129ce378e08cb1059a8a53f1795"> + A-28165661</a> + [<a href="https://android.googlesource.com/platform/external/libavc/+/cc676ebd95247646e67907ccab150fb77a847335">2</a>] + </td> <td>严é‡</td> <td><a href="#all_nexus">所有 Nexus 设备</a></td> <td>6.0ã€6.0.1</td> @@ -494,20 +137,19 @@ <td>6.0ã€6.0.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> - -<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl">OpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´ž</h3> +<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl">OpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p>系统在处ç†æ–‡ä»¶å’Œæ•°æ®æ—¶ï¼ŒOpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶ç ´å内å˜ã€‚由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡å—å½±å“的进程执行远程代ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -524,19 +166,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 5 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="remote-code-execution-vulnerability-in-bluetooth">è“牙ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p>è“牙ä¸çš„远程代ç 执行æ¼æ´žå¯è®©é‚»è¿‘的攻击者在é…对过程ä¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽåœ¨è“牙设备的åˆå§‹åŒ–过程ä¸æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -552,19 +194,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 30 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-libpng">libpng ä¸çš„ææƒæ¼æ´ž</h3> <p>libpng ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过ææƒåŽçš„系统应用执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰çš„本地使用æƒé™ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -581,19 +223,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2015 å¹´ 12 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-mediaserver">Mediaserver ä¸çš„ææƒæ¼æ´ž</h3> <p>Mediaserver ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过ææƒåŽçš„系统应用执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨æ— æ³•èŽ·å–的特æƒï¼ˆå¦‚ <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> æƒé™ï¼‰çš„本地使用æƒé™ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -628,19 +270,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets">套接å—ä¸çš„ææƒæ¼æ´ž</h3> <p>套接å—ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用访问超出其æƒé™èŒƒå›´çš„系统调用。由于该æ¼æ´žå…许绕过相应的安全措施(这类措施å¯å¢žåŠ 攻击者利用平å°çš„éš¾åº¦ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -657,19 +299,19 @@ <td>6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice">LockSettingsService ä¸çš„ææƒæ¼æ´ž</h3> <p>LockSettingsService ä¸çš„ææƒæ¼æ´žå¯è®©æ¶æ„应用在未获得用户授æƒçš„情况下é‡ç½®å±å¹•é”定密ç 。由于该æ¼æ´žå…许在本地绕过任何开å‘者的用户互动è¦æ±‚æˆ–ç¯¡æ”¹å®‰å…¨è®¾ç½®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -686,19 +328,19 @@ <td>6.0ã€6.0.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis">Framework API ä¸çš„ææƒæ¼æ´ž</h3> <p>Parcels Framework API ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用绕过将应用数æ®ä¸Žå…¶ä»–应用分离开æ¥çš„æ“作系统防护功能。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç›¸åº”åº”ç”¨æ— æ³•èŽ·å–çš„æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -715,19 +357,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2015 å¹´ 12 月 16 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service">ChooserTarget æœåŠ¡ä¸çš„ææƒæ¼æ´ž</h3> <p>ChooserTarget æœåŠ¡ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过其他应用执行代ç 。由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„æƒ…å†µä¸‹è®¿é—®å±žäºŽå…¶ä»–åº”ç”¨çš„æ´»åŠ¨ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -744,19 +386,19 @@ <td>6.0ã€6.0.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver">Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©è¿œç¨‹æ”»å‡»è€…获å–通常åªèƒ½ç”±è¯·æ±‚相应æƒé™çš„本地安装应用获å–çš„å—ä¿æŠ¤æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下获å–æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -772,20 +414,20 @@ <td>4.4.4</td> <td>2016 å¹´ 2 月 15 æ—¥</td> </tr> -</table> +</tbody></table> <p>*已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Nexus 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> <h3 id="information-disclosure-vulnerability-in-openssl">OpenSSL ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>OpenSSL ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©è¿œç¨‹æ”»å‡»è€…获å–通常åªèƒ½ç”±è¯·æ±‚相应æƒé™çš„本地安装应用获å–çš„å—ä¿æŠ¤æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下获å–æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -801,20 +443,20 @@ <td>4.4.4ã€5.0.2ã€5.1.1</td> <td>2016 å¹´ 4 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p>*已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Nexus 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> <h3 id="denial-of-service-vulnerability-in-mediaserver">Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件挂起或é‡å¯è®¾å¤‡ã€‚由于该æ¼æ´žå¯ç”¨äºŽè¿œç¨‹å‘起暂时拒ç»æœåŠ¡æ”»å‡»ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -824,7 +466,10 @@ </tr> <tr> <td>CVE-2016-3754</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e">A-28615448</a>[<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> + A-28615448</a> + [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] + </td> <td>高</td> <td><a href="#all_nexus">所有 Nexus 设备</a></td> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> @@ -848,19 +493,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-libc">libc ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>libc ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件挂起或é‡å¯è®¾å¤‡ã€‚由于该æ¼æ´žå¯ç”¨äºŽè¿œç¨‹å‘èµ·æ‹’ç»æœåŠ¡æ”»å‡»ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -876,20 +521,20 @@ <td>4.4.4</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>*已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Nexus 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> <h3 id="elevation-of-privilege-vulnerability-in-lsof">lsof ä¸çš„ææƒæ¼æ´ž</h3> <p>lsof ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用执行任æ„代ç ,从而å¯èƒ½å¯¼è‡´è®¾å¤‡æ°¸ä¹…æŸå。由于该æ¼æ´žéœ€è¦æ‰‹åŠ¨æ‰§è¡Œä¸å¸¸è§çš„æ“ä½œï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -906,19 +551,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader">DexClassLoader ä¸çš„ææƒæ¼æ´ž</h3> <p>DexClassLoader ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特æƒè¿›ç¨‹æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦æ‰‹åŠ¨æ‰§è¡Œä¸å¸¸è§çš„æ“ä½œï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -935,19 +580,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2">Framework API ä¸çš„ææƒæ¼æ´ž</h3> <p>Framework API ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用请求备份æƒé™å¹¶æ‹¦æˆªæ‰€æœ‰å¤‡ä»½æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦ç‰¹å®šæƒé™ä»¥ç»•è¿‡å°†åº”用数æ®ä¸Žå…¶ä»–应用分离开æ¥çš„æ“ä½œç³»ç»Ÿé˜²æŠ¤åŠŸèƒ½ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -964,19 +609,19 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-bluetooth">è“牙ä¸çš„ææƒæ¼æ´ž</h3> <p>è“牙组件ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ”»å‡»è€…æ·»åŠ ä¾›ä¸»ç”¨æˆ·ä½¿ç”¨çš„ç»è¿‡èº«ä»½éªŒè¯çš„è“牙设备。由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–特æƒï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -988,25 +633,26 @@ <td>CVE-2016-3760</td> <td><a href="https://android.googlesource.com/platform/hardware/libhardware/+/8b3d5a64c3c8d010ad4517f652731f09107ae9c5">A-27410683</a> [<a href="https://android.googlesource.com/platform/system/bt/+/37c88107679d36c419572732b4af6e18bb2f7dce">2</a>] -[<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>]</td> +[<a href="https://android.googlesource.com/platform/packages/apps/Bluetooth/+/122feb9a0b04290f55183ff2f0384c6c53756bd8">3</a>] + </td> <td>ä¸</td> <td><a href="#all_nexus">所有 Nexus 设备</a></td> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 2 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-nfc">NFC ä¸çš„ææƒæ¼æ´ž</h3> <p>NFC ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åŽå°åº”用获å–å‰å°åº”用ä¸çš„ä¿¡æ¯ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–特æƒï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1023,19 +669,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 20 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets-2">套接å—ä¸çš„ææƒæ¼æ´ž</h3> <p>套接å—ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用访问æŸäº›å¯èƒ½é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç çš„ä¸å¸¸è§å¥—接å—类型。由于该æ¼æ´žå¯ç”¨äºŽç»•è¿‡ç›¸åº”的安全措施(这类措施å¯å¢žåŠ 攻击者利用平å°çš„éš¾åº¦ï¼‰ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1052,20 +698,20 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> 代ç†è‡ªåŠ¨é…ç½®ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>代ç†è‡ªåŠ¨é…置组件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©åº”用获å–æ•æ„Ÿä¿¡æ¯ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下获å–æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1082,19 +728,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver-2">Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–æ•æ„Ÿä¿¡æ¯ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下获å–æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1120,20 +766,20 @@ <td>6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件挂起或é‡å¯è®¾å¤‡ã€‚由于该æ¼æ´žå¯ç”¨äºŽè¿œç¨‹å‘èµ·æ‹’ç»æœåŠ¡æ”»å‡»ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1143,28 +789,31 @@ Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3766</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e">A-28471206</a>[<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6fdee2a83432b3b150d6a34f231c4e2f7353c01e"> + A-28471206</a> + [<a href="https://android.googlesource.com/platform/frameworks/av/+/e7142a0703bc93f75e213e96ebc19000022afed9">2</a>] + </td> <td>ä¸</td> <td><a href="#all_nexus">所有 Nexus 设备</a></td> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 29 æ—¥</td> </tr> -</table> +</tbody></table> -<h2 id="2016-07-05_details">2016-07-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žè¯¦æƒ…</h2> -<p>我们在下é¢æ供了上述 <a href="2016-07-05_summary">2016-07-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ã€‚å…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Nexus 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表记录)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> +<h2 id="2016-07-05-details">2016-07-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žè¯¦æƒ…</h2> +<p>我们在下é¢æ供了 2017-07-05 è¡¥ä¸ç¨‹åºçº§åˆ«æ¶µç›–çš„æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Nexus 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表记录)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> -<p>Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> +<p>Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1185,7 +834,7 @@ Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 20 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> @@ -1193,12 +842,12 @@ MediaTek WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek WLAN 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1207,12 +856,12 @@ MediaTek WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3767</td> - <td>A-28169363*<br>M-ALPS02689526</td> + <td>A-28169363*<br />M-ALPS02689526</td> <td>严é‡</td> <td>Android One</td> <td>2016 å¹´ 4 月 6 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> @@ -1220,12 +869,12 @@ Qualcomm 效能组件ä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm 效能组件ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1239,20 +888,20 @@ Qualcomm 效能组件ä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 5ã€Nexus 6ã€Nexus 5Xã€Nexus 6Pã€Nexus 7 (2013)</td> <td>2016 å¹´ 4 月 9 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´ž</h3> -<p>NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> +<p>NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1261,12 +910,12 @@ NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3769</td> - <td>A-28376656*<br>N-CVE20163769</td> + <td>A-28376656*<br />N-CVE20163769</td> <td>严é‡</td> <td>Nexus 9</td> <td>2016 å¹´ 4 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific"> @@ -1274,12 +923,12 @@ MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆä¸Žç‰¹å®šè®¾å¤‡æœ‰å…³ï¼‰</h3> <p>多个 MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1288,40 +937,40 @@ MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆä¸Žç‰¹å®šè®¾å¤‡æœ‰å…³ï¼‰</h3> </tr> <tr> <td>CVE-2016-3770</td> - <td>A-28346752*<br>M-ALPS02703102</td> + <td>A-28346752*<br />M-ALPS02703102</td> <td>严é‡</td> <td>Android One</td> <td>2016 å¹´ 4 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-3771</td> - <td>A-29007611*<br>M-ALPS02703102</td> + <td>A-29007611*<br />M-ALPS02703102</td> <td>严é‡</td> <td>Android One</td> <td>2016 å¹´ 4 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-3772</td> - <td>A-29008188*<br>M-ALPS02703102</td> + <td>A-29008188*<br />M-ALPS02703102</td> <td>严é‡</td> <td>Android One</td> <td>2016 å¹´ 4 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-3773</td> - <td>A-29008363*<br>M-ALPS02703102</td> + <td>A-29008363*<br />M-ALPS02703102</td> <td>严é‡</td> <td>Android One</td> <td>2016 å¹´ 4 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-3774</td> - <td>A-29008609*<br>M-ALPS02703102</td> + <td>A-29008609*<br />M-ALPS02703102</td> <td>严é‡</td> <td>Android One</td> <td>2016 å¹´ 4 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> @@ -1329,12 +978,12 @@ MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆä¸Žç‰¹å®šè®¾å¤‡æœ‰å…³ï¼‰</h3> <p>å†…æ ¸æ–‡ä»¶ç³»ç»Ÿä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1348,7 +997,7 @@ MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆä¸Žç‰¹å®šè®¾å¤‡æœ‰å…³ï¼‰</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6P å’Œ Nexus Playerã€Pixel C</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> @@ -1356,12 +1005,12 @@ USB 驱动程åºä¸çš„ææƒæ¼æ´žserena</h3> <p>USB 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1375,21 +1024,21 @@ USB 驱动程åºä¸çš„ææƒæ¼æ´žserena</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Nexus Playerã€Pixel C</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> <p>ä¸‹è¡¨åˆ—å‡ºäº†å½±å“ Qualcomm ç»„ä»¶ï¼ˆåŒ…æ‹¬å¼•å¯¼åŠ è½½ç¨‹åºã€ç›¸æœºé©±åŠ¨ç¨‹åºã€å—符驱动程åºã€ç½‘络ã€å£°éŸ³é©±åŠ¨ç¨‹åºå’Œè§†é¢‘驱动程åºï¼‰çš„安全æ¼æ´žã€‚</p> -<p>由于这些问题ä¸æœ€ä¸¥é‡çš„问题å¯èƒ½ä¼šè®©æœ‰å¿ƒäººå£«æ‰§è¡Œä»»æ„代ç ,从而导致本地设备永久æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将æ¤ç±»é—®é¢˜çš„严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> +<p>由于这些问题ä¸å±é™©æ€§æœ€é«˜çš„问题å¯èƒ½ä¼šè®©æœ‰å¿ƒäººå£«æ‰§è¡Œä»»æ„代ç ,进而导致本地设备永久æŸå,且用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将æ¤ç±»é—®é¢˜çš„严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦*</th> @@ -1398,7 +1047,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9795</td> - <td>A-28820720<br> + <td>A-28820720<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] </td> @@ -1408,7 +1057,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9794</td> - <td>A-28821172<br> + <td>A-28821172<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> </td> <td>严é‡</td> @@ -1417,7 +1066,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8892</td> - <td>A-28822807<br> + <td>A-28822807<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> </td> <td>严é‡</td> @@ -1426,8 +1075,8 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9781</td> - <td>A-28410333<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> + <td>A-28410333<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> </td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1435,7 +1084,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9786</td> - <td>A-28557260<br> + <td>A-28557260<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1443,7 +1092,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9788</td> - <td>A-28573112<br> + <td>A-28573112<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> <td>高</td> <td>Nexus 5</td> @@ -1451,15 +1100,15 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9779</td> - <td>A-28598347<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> + <td>A-28598347<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> <td>高</td> <td>Nexus 5</td> <td>2014 å¹´ 3 月 13 æ—¥</td> </tr> <tr> <td>CVE-2014-9780</td> - <td>A-28602014<br> + <td>A-28602014<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> <td>高</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6P</td> @@ -1467,7 +1116,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9789</td> - <td>A-28749392<br> + <td>A-28749392<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> <td>高</td> <td>Nexus 5</td> @@ -1475,7 +1124,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9793</td> - <td>A-28821253<br> + <td>A-28821253<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1483,7 +1132,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9782</td> - <td>A-28431531<br> + <td>A-28431531<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1491,15 +1140,16 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9783</td> - <td>A-28441831<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> + <td>A-28441831<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> + [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> <td>高</td> <td>Nexus 7 (2013)</td> <td>2014 å¹´ 3 月 31 æ—¥</td> </tr> <tr> <td>CVE-2014-9785</td> - <td>A-28469042<br> + <td>A-28469042<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1507,7 +1157,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9787</td> - <td>A-28571496<br> + <td>A-28571496<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1515,7 +1165,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9784</td> - <td>A-28442449<br> + <td>A-28442449<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1523,7 +1173,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9777</td> - <td>A-28598501<br> + <td>A-28598501<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1531,7 +1181,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9778</td> - <td>A-28598515<br> + <td>A-28598515<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1539,15 +1189,16 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9790</td> - <td>A-28769136<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a>[<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> + <td>A-28769136<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> + [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> <td>2014 å¹´ 4 月 30 æ—¥</td> </tr> <tr> <td>CVE-2014-9792</td> - <td>A-28769399<br> + <td>A-28769399<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> <td>高</td> <td>Nexus 5</td> @@ -1555,7 +1206,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9797</td> - <td>A-28821090<br> + <td>A-28821090<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> <td>高</td> <td>Nexus 5</td> @@ -1563,15 +1214,15 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9791</td> - <td>A-28803396<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> + <td>A-28803396<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> <td>高</td> <td>Nexus 7 (2013)</td> <td>2014 å¹´ 8 月 29 æ—¥</td> </tr> <tr> <td>CVE-2014-9796</td> - <td>A-28820722<br> + <td>A-28820722<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1579,7 +1230,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9800</td> - <td>A-28822150<br> + <td>A-28822150<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1587,7 +1238,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9799</td> - <td>A-28821731<br> + <td>A-28821731<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1595,7 +1246,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9801</td> - <td>A-28822060<br> + <td>A-28822060<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> <td>高</td> <td>Nexus 5</td> @@ -1603,7 +1254,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9802</td> - <td>A-28821965<br> + <td>A-28821965<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1611,7 +1262,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8891</td> - <td>A-28842418<br> + <td>A-28842418<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1619,7 +1270,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8888</td> - <td>A-28822465<br> + <td>A-28822465<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> <td>高</td> <td>Nexus 5</td> @@ -1627,7 +1278,7 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8889</td> - <td>A-28822677<br> + <td>A-28822677<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> <td>高</td> <td>Nexus 6P</td> @@ -1635,13 +1286,13 @@ Qualcomm 组件ä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8890</td> - <td>A-28822878<br> + <td>A-28822878<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> <td>2015 å¹´ 8 月 19 æ—¥</td> </tr> -</table> +</tbody></table> <p> *这些问题的严é‡ç¨‹åº¦è¯„级由 Qualcomm 直接æ供。</p> @@ -1650,12 +1301,12 @@ Qualcomm USB 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm USB 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1670,19 +1321,19 @@ Qualcomm USB 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 3 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1697,19 +1348,19 @@ Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 7 (2013)</td> <td>2016 å¹´ 3 月 17 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1724,7 +1375,7 @@ Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)</td> <td>2016 å¹´ 3 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> @@ -1732,12 +1383,12 @@ NVIDIA 相机驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>NVIDIA 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1746,13 +1397,13 @@ NVIDIA 相机驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3793</td> - <td>A-28026625*<br> + <td>A-28026625*<br /> N-CVE20163793</td> <td>高</td> <td>Nexus 9</td> <td>2016 å¹´ 4 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> @@ -1760,12 +1411,12 @@ MediaTek 电æºé©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek 电æºé©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1774,19 +1425,19 @@ MediaTek 电æºé©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3795</td> - <td>A-28085222*<br>M-ALPS02677244</td> + <td>A-28085222*<br />M-ALPS02677244</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 7 æ—¥</td> </tr> <tr> <td>CVE-2016-3796</td> - <td>A-29008443*<br>M-ALPS02677244</td> + <td>A-29008443*<br />M-ALPS02677244</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 7 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> @@ -1794,12 +1445,12 @@ Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1814,7 +1465,7 @@ Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 5X</td> <td>2016 å¹´ 4 月 7 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> @@ -1822,12 +1473,12 @@ MediaTek ç¡¬ä»¶ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek ç¡¬ä»¶ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1836,13 +1487,13 @@ MediaTek ç¡¬ä»¶ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3798</td> - <td>A-28174490*<br> + <td>A-28174490*<br /> M-ALPS02703105</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> @@ -1850,12 +1501,12 @@ MediaTek 视频驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek 视频驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1864,7 +1515,7 @@ MediaTek 视频驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3799</td> - <td>A-28175025*<br> + <td>A-28175025*<br /> M-ALPS02693738</td> <td>高</td> <td>Android One</td> @@ -1872,13 +1523,13 @@ MediaTek 视频驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3800</td> - <td>A-28175027*<br> + <td>A-28175027*<br /> M-ALPS02693739</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> @@ -1886,12 +1537,12 @@ MediaTek GPS 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek GPS 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1900,13 +1551,13 @@ MediaTek GPS 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3801</td> - <td>A-28174914*<br> + <td>A-28174914*<br /> M-ALPS02688853</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> @@ -1914,12 +1565,12 @@ MediaTek GPS 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸æ–‡ä»¶ç³»ç»Ÿä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1940,7 +1591,7 @@ MediaTek GPS 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> @@ -1948,12 +1599,12 @@ MediaTek 电æºç®¡ç†é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek 电æºç®¡ç†é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1962,7 +1613,7 @@ MediaTek 电æºç®¡ç†é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3804</td> - <td>A-28332766*<br> + <td>A-28332766*<br /> M-ALPS02694410</td> <td>高</td> <td>Android One</td> @@ -1970,13 +1621,13 @@ MediaTek 电æºç®¡ç†é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3805</td> - <td>A-28333002*<br> + <td>A-28333002*<br /> M-ALPS02694412</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> @@ -1984,12 +1635,12 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1998,13 +1649,13 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3806</td> - <td>A-28402341*<br> + <td>A-28402341*<br /> M-ALPS02715341</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> @@ -2012,12 +1663,12 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>串行外设接å£é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2038,7 +1689,7 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <td>Pixel C</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> @@ -2046,12 +1697,12 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2061,23 +1712,23 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <tr> <td>CVE-2016-2068</td> <td>A-28470967 - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> <td>高</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-kernel">å†…æ ¸ä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2086,26 +1737,26 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9803</td> - <td>A-28557020<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> + <td>A-28557020<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6P</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-networking-component"> 网络组件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>网络组件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2119,19 +1770,19 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td><a href="#all_nexus">所有 Nexus 设备</a></td> <td>2016 å¹´ 3 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver">MediaTek WLAN 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>MediaTek WLAN 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2140,13 +1791,13 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3810</td> - <td>A-28175522*<br> + <td>A-28175522*<br /> M-ALPS02694389</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> @@ -2154,12 +1805,12 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸è§†é¢‘é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2173,7 +1824,7 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <td>Nexus 9</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> @@ -2181,12 +1832,12 @@ MediaTek 视频编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>MediaTek 视频编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2195,12 +1846,12 @@ MediaTek 视频编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3812</td> - <td>A-28174833*<br>M-ALPS02688832</td> + <td>A-28174833*<br />M-ALPS02688832</td> <td>ä¸</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> @@ -2208,12 +1859,12 @@ Qualcomm USB 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Qualcomm USB 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2227,7 +1878,7 @@ Qualcomm USB 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> @@ -2235,12 +1886,12 @@ NVIDIA 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>NVIDIA 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2249,19 +1900,19 @@ NVIDIA 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3814</td> - <td>A-28193342*<br>N-CVE20163814</td> + <td>A-28193342*<br />N-CVE20163814</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 4 月 14 æ—¥</td> </tr> <tr> <td>CVE-2016-3815</td> - <td>A-28522274*<br>N-CVE20163815</td> + <td>A-28522274*<br />N-CVE20163815</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 5 月 1 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> @@ -2269,12 +1920,12 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2288,7 +1939,7 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <td>Android One</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>*针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> @@ -2296,12 +1947,12 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>ç”µä¼ é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2310,25 +1961,25 @@ MediaTek 显å¡é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-0723</td> - <td>A-28409131<br> + <td>A-28409131<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439">ä¸Šæ¸¸å†…æ ¸</a></td> <td>ä¸</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Nexus Playerã€Pixel C</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2349,7 +2000,7 @@ Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <td>Nexus 5ã€Nexus 7 (2013)</td> <td>2015 å¹´ 8 月 19 æ—¥</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">常è§é—®é¢˜å’Œè§£ç”</h2> <p>本部分针对阅读本公告åŽå¯èƒ½äº§ç”Ÿçš„常è§é—®é¢˜æ供了相应的解ç”。</p> @@ -2362,7 +2013,7 @@ Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>使用 2016 å¹´ 7 月 1 日安全补ä¸ç¨‹åºçº§åˆ«çš„设备必须包å«è¯¥å®‰å…¨è¡¥ä¸ç¨‹åºçº§åˆ«å¯¹åº”的所有问题的修å¤æ–¹æ¡ˆï¼Œä»¥åŠé’ˆå¯¹ä¹‹å‰çš„安全公告ä¸æŠ¥å‘Šçš„所有问题的修å¤æ–¹æ¡ˆã€‚使用 2016 å¹´ 7 月 1 日安全补ä¸ç¨‹åºçº§åˆ«çš„设备å¯èƒ½è¿˜åŒ…å«ä¸Ž 2016 å¹´ 7 月 5 日安全补ä¸ç¨‹åºçº§åˆ«ç›¸å…³çš„一系列修å¤æ–¹æ¡ˆã€‚</p> <p id="all_nexus"><strong>3. 如何确定å„个问题都会影å“哪些 Nexus 设备?</strong></p> -<p>在 <a href="#2016-07-01_details">2016-07-01</a> å’Œ <a href="#2016-07-05_details">2016-07-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Nexus 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜æ›´æ–°è¿‡çš„å—å½±å“çš„ Nexus 设备系列。æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> +<p>在 <a href="#2016-07-01-details">2016-07-01</a> å’Œ <a href="#2016-07-05-details">2016-07-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Nexus 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜è¿›è¡Œäº†æ›´æ–°çš„å—å½±å“ Nexus 设备系列。æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> <ul> <li><strong>所有 Nexus 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus 设备,则相应表的“已更新的 Nexus 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰ Nexus 设备â€ã€‚<em></em>“所有 Nexus 设备â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/nexus/answer/4457705#nexus_devices">å—支æŒçš„设备</a>:Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Player å’Œ Pixel C。</li> <li><strong>部分 Nexus 设备</strong>:如果æŸä¸ªé—®é¢˜ä»…会影å“部分 Nexus 设备,则“已更新的 Nexus 设备â€åˆ—ä¸ä¼šåˆ—出å—å½±å“çš„ Nexus 设备。<em></em></li> @@ -2373,7 +2024,7 @@ Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p><em></em>æ¼æ´žè¯¦æƒ…表的“å‚考信æ¯â€åˆ—ä¸çš„æ¡ç›®å¯èƒ½å¤ŸåŒ…å«ç”¨äºŽæ ‡è¯†å‚考值所属组织的å‰ç¼€ã€‚这些å‰ç¼€å¯¹åº”的内容如下:</p> <table> - <tr> + <tbody><tr> <th>å‰ç¼€</th> <th>å‚考信æ¯</th> </tr> @@ -2393,18 +2044,17 @@ Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <td>N-</td> <td>NVIDIA å‚考编å·</td> </tr> -</table> +</tbody></table> <h2 id="revisions">修订版本</h2> <ul> <li>2016 å¹´ 7 月 6 日:å‘布了本公告。</li> <li>2016 å¹´ 7 月 7 日:<ul> <li>æ·»åŠ äº† AOSP 链接。 - <li>CVE-2016-3794 å› ä¸Ž CVE-2016-3814 é‡å¤è€Œè¢«ç§»é™¤<li>æ·»åŠ äº† CVE-2016-2501 å’Œ CVE-2016-2502 的致谢信æ¯</li></li></li></ul> + </li><li>CVE-2016-3794 å› ä¸Ž CVE-2016-3814 é‡å¤è€Œè¢«ç§»é™¤</li><li>æ·»åŠ äº† CVE-2016-2501 å’Œ CVE-2016-2502 的致谢信æ¯</li></ul> </li> <li>2016 å¹´ 7 月 11 日:更新了 CVE-2016-3750 的致谢信æ¯</li> <li>2016 å¹´ 7 月 14 日:更新了 CVE-2016-2503 的致谢信æ¯</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/bulletin/2016-12-01.html b/zh-cn/security/bulletin/2016-12-01.html index 4bab8ebf..490c4cf4 100644 --- a/zh-cn/security/bulletin/2016-12-01.html +++ b/zh-cn/security/bulletin/2016-12-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android 安全公告 - 2016 å¹´ 12 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,21 +20,18 @@ limitations under the License. --> - - -<p><em>å‘布时间:2016 å¹´ 12 月 5 æ—¥ | 更新时间:2016 å¹´ 12 月 7 æ—¥</em></p> +<p><em>å‘布时间:2016 å¹´ 12 月 5 æ—¥ | 更新时间:2016 å¹´ 12 月 21 æ—¥</em></p> <p> -Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚é™¤äº†å…¬å‘Šä¹‹å¤–ï¼Œæˆ‘ä»¬è¿˜é€šè¿‡æ— çº¿ä¸‹è½½ (OTA) æ–¹å¼å‘布了针对 Google 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developer 网站</a>上å‘布了 Google è®¾å¤‡å›ºä»¶æ˜ åƒã€‚2016 å¹´ 12 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æ‰€æœ‰è¿™äº›é—®é¢˜ã€‚请å‚阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>,了解如何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ã€‚ +Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚é™¤äº†å…¬å‘Šä¹‹å¤–ï¼Œæˆ‘ä»¬è¿˜é€šè¿‡æ— çº¿ä¸‹è½½ (OTA) æ–¹å¼å‘布了针对 Google 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developer 网站</a>上å‘布了 Google è®¾å¤‡å›ºä»¶æ˜ åƒã€‚2016 å¹´ 12 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æ‰€æœ‰è¿™äº›é—®é¢˜ã€‚请å‚阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>,了解如何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ã€‚ </p> <p> -我们的åˆä½œä¼™ä¼´åœ¨ 2016 å¹´ 11 月 7 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼Œå¹¶åœ¨æœ¬å…¬å‘Šä¸æ供了相应链接。 -本公告还æ供了 AOSP 之外的补ä¸ç¨‹åºçš„链接。 +我们的åˆä½œä¼™ä¼´åœ¨ 2016 å¹´ 11 月 7 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼Œå¹¶åœ¨æœ¬å…¬å‘Šä¸æ供了相应链接。本公告还æ供了 AOSP 之外的补ä¸ç¨‹åºçš„链接。 </p> <p> -这些问题ä¸å±é™©æ€§æœ€é«˜çš„是严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„设备专属代ç ä¸çš„安全æ¼æ´žï¼Œæ¤ç±»æ¼æ´žå¯ç”¨äºŽé€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç ï¼Œè¿›è€Œå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ã€‚ +这些问题ä¸å±é™©æ€§æœ€é«˜çš„是设备专属代ç ä¸ä¸¥é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œæ¤ç±»æ¼æ´žå¯èƒ½ä¼šè®©æœ‰å¿ƒäººå£«é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç ,进而导致本地设备永久æŸå,且用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ã€‚<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚ </p> <p> -æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能å¯æ高 Android å¹³å°çš„安全性。 +æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤åŠŸèƒ½</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能å¯æ高 Android å¹³å°çš„安全性。 </p> <p> 我们建议所有用户都在自己的设备上接å—这些更新。 @@ -49,288 +45,6 @@ Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚除 </li> <li>å—支æŒçš„ Google 设备将收到一项安全补ä¸ç¨‹åºçº§åˆ«ä¸º 2016 å¹´ 12 月 5 日的 OTA 更新。</li> </ul> -<h2 id="security-vulnerability-summary">安全æ¼æ´žæ‘˜è¦</h2> -<p> -下表列出了安全æ¼æ´žã€å¯¹åº”çš„ CVE(通用æ¼æ´žå’Œé£Žé™©è¯†åˆ«ç )ã€è¯„估得出的严é‡ç¨‹åº¦ä»¥åŠæ˜¯å¦ä¼šå½±å“ Google 设备。<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚ -</p> -<h3 id="2016-12-01-summary">2016-12-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</h3> -<p> -2016-12-01(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«éƒ½å¿…须解决下列问题。 -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>问题</th> - <th>CVE</th> - <th>严é‡ç¨‹åº¦</th> - <th>是å¦ä¼šå½±å“ Google 设备?</th> - </tr> - <tr> - <td>CURL/LIBCURL ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2016-5419ã€CVE-2016-5420ã€CVE-2016-5421</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libziparchive ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6762</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Telephony ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-6763</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-6766ã€CVE-2016-6765ã€CVE-2016-6764ã€CVE-2016-6767</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Framesequence 库ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2016-6768</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Smart Lock ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6769</td> - <td>ä¸</td> - <td>å¦*</td> - </tr> - <tr> - <td>Framework API ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6770</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Telephony ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6771</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>WLAN ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6772</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-6773</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>软件包管ç†å™¨ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-6774</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> -<p> -* æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 -</p> -<h3 id="2016-12-05-summary">2016-12-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</h3> -<p> -2016-12-05(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«éƒ½å¿…须解决 2016-12-01 的所有问题以åŠä¸‹åˆ—问题。 -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>问题</th> - <th>CVE</th> - <th>严é‡ç¨‹åº¦</th> - <th>是å¦ä¼šå½±å“ Google 设备?</th> - </tr> - <tr> - <td>å†…æ ¸å†…å˜å系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-4794ã€CVE-2016-5195</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6775ã€CVE-2016-6776ã€CVE-2016-6777</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2015-8966</td> - <td>严é‡</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6915ã€CVE-2016-6916ã€CVE-2016-6917</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ ION 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-9120</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 组件ä¸çš„æ¼æ´ž</td> - <td>CVE-2016-8411</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸æ–‡ä»¶ç³»ç»Ÿä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2014-4014</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2015-8967</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>HTC 声音编解ç 器驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6778ã€CVE-2016-6779ã€CVE-2016-6780</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6492ã€CVE-2016-6781ã€CVE-2016-6782ã€CVE-2016-6783ã€CVE-2016-6784ã€CVE-2016-6785</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm 媒体编解ç 器ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6761ã€CVE-2016-6760ã€CVE-2016-6759ã€CVE-2016-6758</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6755</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸æ•ˆèƒ½å系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6786ã€CVE-2016-6787</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek I2C 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6788</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA libomx 库ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6789ã€CVE-2016-6790</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-6791ã€CVE-2016-8391ã€CVE-2016-8392</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸å®‰å…¨å系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2015-7872</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-8393ã€CVE-2016-8394</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Broadcom WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2014-9909ã€CVE-2014-9910</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>MediaTek 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8396</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8397</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>GPS ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-5341</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 相机驱动程åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-8395</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ç½‘ç»œå系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-8399</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 组件ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-6756ã€CVE-2016-6757</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA librm 库ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8400</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ç»„ä»¶ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8401ã€CVE-2016-8402ã€CVE-2016-8403ã€CVE-2016-8404ã€CVE-2016-8405ã€CVE-2016-8406ã€CVE-2016-8407</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8408ã€CVE-2016-8409</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 声音驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8410</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> -<p> -* æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 -</p> <h2 id="mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</h2> <p> 本部分总结了 <a href="/security/enhancements/index.html">Android 安全平å°</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet)æ供的缓解措施。这些功能å¯é™ä½Ž Android 上的安全æ¼æ´žè¢«æˆåŠŸåˆ©ç”¨çš„å¯èƒ½æ€§ã€‚ @@ -371,7 +85,7 @@ Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚除 <li>趋势科技移动å¨èƒç ”究团队的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2016-6757</li> <li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2016-6773</li> <li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a>ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-6765</li> - <li><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">移动å¨èƒå“应团队</a>çš„å´æ½æµ (<a href="https://twitter.com/wish_wu">@wish_wu</a>)<a href="http://weibo.com/wishlinux"></a>:CVE-2016-6704</li> + <li><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">移动å¨èƒå“应团队</a>çš„<a href="http://weibo.com/wishlinux">å´æ½æµ </a> (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2016-6704</li> <li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-6786ã€CVE-2016-6780ã€CVE-2016-6775</li> <li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:wisedd@gmail.com">Xiaodong Wang</a>ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-6777</li> <li>腾讯安全平å°éƒ¨é—¨çš„ Yuxiang Li:CVE-2016-6771</li> @@ -383,9 +97,7 @@ Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚除 </p> <h2 id="2016-12-01-details">2016-12-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žè¯¦æƒ…</h2> -<p> -我们在下é¢æ供了上述 <a href="#2016-12-01-summary">2016-12-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ã€‚å…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> - +<p>我们在下é¢æ供了 2016-12-01 è¡¥ä¸ç¨‹åºçº§åˆ«æ¶µç›–çš„æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> <h3 id="rce-in-curl-libcurl">CURL/LIBCURL ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p> @@ -393,13 +105,13 @@ Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚除 </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -431,8 +143,7 @@ Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚除 <td>7.0</td> <td>2016 å¹´ 8 月 3 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-libziparchive">libziparchive ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -440,13 +151,13 @@ libziparchive 库ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执 </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -456,14 +167,16 @@ libziparchive 库ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执 </tr> <tr> <td>CVE-2016-6762</td> - <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c">A-31251826</a> [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c"> + A-31251826</a> + [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>] + </td> <td>高</td> <td>所有</td> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 8 月 28 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-telephony">Telephony ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p> @@ -471,13 +184,13 @@ Telephony ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用使用特制文件挂è </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -493,8 +206,7 @@ Telephony ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用使用特制文件挂è <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p> @@ -502,13 +214,13 @@ Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶æŒ‚èµ·æˆ–é‡ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -548,26 +260,25 @@ Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶æŒ‚èµ·æˆ–é‡ <td>4.4.4</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p> * æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 </p> - <h3 id="rce-in-framesequence-library">Framesequence 库ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p> Framesequence 库ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件通过éžç‰¹è®¸è¿›ç¨‹æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽåœ¨ä½¿ç”¨ Framesequence 库的应用ä¸æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -583,8 +294,7 @@ Framesequence 库ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件 <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-smart-lock">Smart Lock ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -592,13 +302,13 @@ Smart Lock ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„ç”¨æˆ·åœ¨æ— éœ€è¾“å…¥ PIN ç çš„æ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -614,25 +324,24 @@ Smart Lock ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„ç”¨æˆ·åœ¨æ— éœ€è¾“å…¥ PIN ç çš„æ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 5 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p> * æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 </p> - <h3 id="eop-in-framework-apis">Framework API ä¸çš„ææƒæ¼æ´ž</h3> <p> Framework API ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用访问超出其访问æƒé™çº§åˆ«çš„系统功能。由于该æ¼æ´žå…许在本地绕过对å—é™è¿›ç¨‹çš„é™åˆ¶ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -648,8 +357,7 @@ Framework API ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨è®¿é—®è¶…å‡ºå…¶è®¿é—®æƒ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 7 月 16 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-telephony">Telephony ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -657,13 +365,13 @@ Telephony ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用访问超出其访问æƒé™ç </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -679,8 +387,7 @@ Telephony ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用访问超出其访问æƒé™ç <td>6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 17 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">WLAN ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -688,13 +395,13 @@ WLAN ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执行任æ„代 </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -704,14 +411,15 @@ WLAN ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执行任æ„代 </tr> <tr> <td>CVE-2016-6772</td> - <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484">A-31856351</a> [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484"> + A-31856351</a> + [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td> <td>ä¸</td> <td>所有</td> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 30 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p> @@ -719,13 +427,13 @@ Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -735,14 +443,15 @@ Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™ </tr> <tr> <td>CVE-2016-6773</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0">A-30481714</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0"> + A-30481714</a> + [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td> <td>ä¸</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 7 月 27 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-package-manager">软件包管ç†å™¨ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p> @@ -750,13 +459,13 @@ Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -772,12 +481,10 @@ Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™ <td>7.0</td> <td>2016 å¹´ 8 月 29 æ—¥</td> </tr> -</table> - +</tbody></table> <h2 id="2016-12-05-details">2016-12-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žè¯¦æƒ…</h2> -<p> -我们在下é¢æ供了上述 <a href="#2016-12-05-summary">2016-12-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ã€‚å…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> +<p>我们在下é¢æ供了 2016-12-05 è¡¥ä¸ç¨‹åºçº§åˆ«æ¶µç›–çš„æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> <h3 id="eop-in-kernel-memory-subsystem">å†…æ ¸å†…å˜å系统ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -785,12 +492,12 @@ Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -799,35 +506,38 @@ Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™ </tr> <tr> <td>CVE-2016-4794</td> - <td>A-31596597<br> - <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28">ä¸Šæ¸¸å†…æ ¸</a> [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> + <td>A-31596597<br /> + <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"> + ä¸Šæ¸¸å†…æ ¸</a> + [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> <td>严é‡</td> <td>Pixel Cã€Pixelã€Pixel XL</td> <td>2016 å¹´ 4 月 17 æ—¥</td> </tr> <tr> <td>CVE-2016-5195</td> - <td>A-32141528<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1">ä¸Šæ¸¸å†…æ ¸</a> [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> + <td>A-32141528<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> + ä¸Šæ¸¸å†…æ ¸</a> + [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> <td>严é‡</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p> -NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚ +NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -836,26 +546,26 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </tr> <tr> <td>CVE-2016-6775</td> - <td>A-31222873*<br>N-CVE-2016-6775</td> + <td>A-31222873*<br />N-CVE-2016-6775</td> <td>严é‡</td> <td>Nexus 9</td> <td>2016 å¹´ 8 月 25 æ—¥</td> </tr> <tr> <td>CVE-2016-6776</td> - <td>A-31680980*<br>N-CVE-2016-6776</td> + <td>A-31680980*<br />N-CVE-2016-6776</td> <td>严é‡</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-6777</td> - <td>A-31910462*<br>N-CVE-2016-6777</td> + <td>A-31910462*<br />N-CVE-2016-6777</td> <td>严é‡</td> <td>Nexus 9</td> <td>2016 å¹´ 10 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -866,12 +576,12 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -880,29 +590,28 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </tr> <tr> <td>CVE-2015-8966</td> - <td>A-31435731<br> + <td>A-31435731<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42">ä¸Šæ¸¸å†…æ ¸</a></td> <td>严é‡</td> <td>æ— *</td> <td>2016 å¹´ 9 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <p> * æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 </p> - <h3 id="eop-in-nvidia-video-driver">NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>NVIDIA 视频驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šé€ æˆæœ¬åœ°è®¾å¤‡æ°¸ä¹…æŸå,而用户å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -911,26 +620,26 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </tr> <tr> <td>CVE-2016-6915</td> - <td>A-31471161*<br>N-CVE-2016-6915</td> + <td>A-31471161*<br />N-CVE-2016-6915</td> <td>严é‡</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> <tr> <td>CVE-2016-6916</td> - <td>A-32072350*<br>N-CVE-2016-6916</td> + <td>A-32072350*<br />N-CVE-2016-6916</td> <td>严é‡</td> <td>Nexus 9ã€Pixel C</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> <tr> <td>CVE-2016-6917</td> - <td>A-32072253*<br>N-CVE-2016-6917</td> + <td>A-32072253*<br />N-CVE-2016-6917</td> <td>严é‡</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -941,12 +650,12 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -955,25 +664,25 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </tr> <tr> <td>CVE-2016-9120</td> - <td>A-31568617<br> + <td>A-31568617<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7">ä¸Šæ¸¸å†…æ ¸</a></td> <td>严é‡</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixel Cã€Nexus Player</td> <td>2016 å¹´ 9 月 16 æ—¥</td> </tr> -</table> +</tbody></table> -<h3>Qualcomm 组件ä¸çš„æ¼æ´ž</h3> +<h3 id="vulnerabilities-in-qc-components">Qualcomm 组件ä¸çš„æ¼æ´ž</h3> <p> -下列æ¼æ´žä¼šå½±å“ Qualcomm 组件;æ¤å¤–,2015 å¹´ 11 月的 Qualcomm AMSS 安全公告也对这些安全æ¼æ´žè¿›è¡Œäº†è¯¦ç»†è¯´æ˜Žã€‚ +下列æ¼æ´žä¼šå½±å“ Qualcomm 组件;2015 å¹´ 11 月的 Qualcomm AMSS 安全公告对这些安全æ¼æ´žè¿›è¡Œäº†è¯¦ç»†è¯´æ˜Žã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦*</th> @@ -987,7 +696,7 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ <td>Nexus 6ã€Nexus 6Pã€Android One</td> <td>Qualcomm 内部</td> </tr> -</table> +</tbody></table> <p>* 这些æ¼æ´žçš„严é‡ç¨‹åº¦è¯„级由供应商决定。</p> <p>** 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -998,12 +707,12 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1012,14 +721,13 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </tr> <tr> <td>CVE-2014-4014</td> - <td>A-31252187<br> + <td>A-31252187<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03">ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Nexus 6ã€Nexus Player</td> <td>2014 å¹´ 6 月 10 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-2">å†…æ ¸ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -1027,12 +735,12 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1041,14 +749,13 @@ NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§ </tr> <tr> <td>CVE-2015-8967</td> - <td>A-31703084<br> + <td>A-31703084<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04">ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixel Cã€Pixelã€Pixel XL</td> <td>2015 å¹´ 1 月 8 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-htc-sound-codec-driver">HTC 声音编解ç 器驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -1056,12 +763,12 @@ HTC 声音编解ç 器驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通è </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1089,7 +796,7 @@ HTC 声音编解ç 器驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通è <td>Nexus 9</td> <td>2016 å¹´ 8 月 30 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1100,12 +807,12 @@ MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1114,64 +821,63 @@ MediaTek 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡ </tr> <tr> <td>CVE-2016-6492</td> - <td>A-28175122<br>MT-ALPS02696413</td> + <td>A-28175122<br />MT-ALPS02696413</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> <tr> <td>CVE-2016-6781</td> - <td>A-31095175<br>MT-ALPS02943455</td> + <td>A-31095175<br />MT-ALPS02943455</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 8 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-6782</td> - <td>A-31224389<br>MT-ALPS02943506</td> + <td>A-31224389<br />MT-ALPS02943506</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 8 月 24 æ—¥</td> </tr> <tr> <td>CVE-2016-6783</td> - <td>A-31350044<br>MT-ALPS02943437</td> + <td>A-31350044<br />MT-ALPS02943437</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 9 月 6 æ—¥</td> </tr> <tr> <td>CVE-2016-6784</td> - <td>A-31350755<br>MT-ALPS02961424</td> + <td>A-31350755<br />MT-ALPS02961424</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 9 月 6 æ—¥</td> </tr> <tr> <td>CVE-2016-6785</td> - <td>A-31748056<br>MT-ALPS02961400</td> + <td>A-31748056<br />MT-ALPS02961400</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 9 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p> * æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 </p> - <h3 id="eop-in-qualcomm-media-codecs">Qualcomm 媒体编解ç 器ä¸çš„ææƒæ¼æ´ž</h3> <p> Qualcomm 媒体编解ç 器ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–的本地特æƒï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1180,33 +886,33 @@ Qualcomm 媒体编解ç 器ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡ç‰¹è® </tr> <tr> <td>CVE-2016-6761</td> - <td>A-29421682*<br>QC-CR#1055792</td> + <td>A-29421682*<br />QC-CR#1055792</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 16 æ—¥</td> </tr> <tr> <td>CVE-2016-6760</td> - <td>A-29617572*<br>QC-CR#1055783</td> + <td>A-29617572*<br />QC-CR#1055783</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 23 æ—¥</td> </tr> <tr> <td>CVE-2016-6759</td> - <td>A-29982686*<br>QC-CR#1055766</td> + <td>A-29982686*<br />QC-CR#1055766</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 4 æ—¥</td> </tr> <tr> <td>CVE-2016-6758</td> - <td>A-30148882*<br>QC-CR#1071731</td> + <td>A-30148882*<br />QC-CR#1071731</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1217,12 +923,12 @@ Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过内æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1231,14 +937,13 @@ Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过内æ </tr> <tr> <td>CVE-2016-6755</td> - <td>A-30740545<br> + <td>A-30740545<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0">QC-CR#1065916</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 3 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-performance-subsystem">å†…æ ¸æ•ˆèƒ½å系统ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -1246,12 +951,12 @@ Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过内æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1274,8 +979,7 @@ Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过内æ <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 22 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -1283,12 +987,12 @@ MediaTek I2C 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1297,29 +1001,28 @@ MediaTek I2C 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ </tr> <tr> <td>CVE-2016-6788</td> - <td>A-31224428<br>MT-ALPS02943467</td> + <td>A-31224428<br />MT-ALPS02943467</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 8 月 24 æ—¥</td> </tr> -</table> +</tbody></table> <p> * æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 </p> - <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx 库ä¸çš„ææƒæ¼æ´ž</h3> <p> NVIDIA libomx 库 (libnvomx) ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–的本地特æƒï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1329,7 +1032,7 @@ NVIDIA libomx 库 (libnvomx) ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特 <tr> <td>CVE-2016-6789</td> <td>A-31251973* -<br>N-CVE-2016-6789</td> +<br />N-CVE-2016-6789</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 29 æ—¥</td> @@ -1337,12 +1040,12 @@ NVIDIA libomx 库 (libnvomx) ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特 <tr> <td>CVE-2016-6790</td> <td>A-31251628* -<br>N-CVE-2016-6790</td> +<br />N-CVE-2016-6790</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1353,12 +1056,12 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过内æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1367,7 +1070,7 @@ Qualcomm 声音驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过内æ </tr> <tr> <td>CVE-2016-6791</td> - <td>A-31252384<br> + <td>A-31252384<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1071809</a></td> <td>高</td> @@ -1376,7 +1079,7 @@ QC-CR#1071809</a></td> </tr> <tr> <td>CVE-2016-8391</td> - <td>A-31253255<br> + <td>A-31253255<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1072166</a></td> <td>高</td> @@ -1385,15 +1088,14 @@ QC-CR#1072166</a></td> </tr> <tr> <td>CVE-2016-8392</td> - <td>A-31385862<br> + <td>A-31385862<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1073136</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-security-subsystem">å†…æ ¸å®‰å…¨å系统ä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -1401,12 +1103,12 @@ QC-CR#1073136</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1415,15 +1117,14 @@ QC-CR#1073136</a></td> </tr> <tr> <td>CVE-2015-7872</td> - <td>A-31253168<br> + <td>A-31253168<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 31 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p> @@ -1431,12 +1132,12 @@ Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过å </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1457,7 +1158,7 @@ Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过å <td>Nexus 9ã€Android One</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1468,12 +1169,12 @@ Broadcom WLAN 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1482,36 +1183,35 @@ Broadcom WLAN 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸ </tr> <tr> <td>CVE-2014-9909</td> - <td>A-31676542<br>B-RB#26684</td> + <td>A-31676542<br />B-RB#26684</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 9 月 21 æ—¥</td> </tr> <tr> <td>CVE-2014-9910</td> - <td>A-31746399<br>B-RB#26710</td> + <td>A-31746399<br />B-RB#26710</td> <td>高</td> <td>æ— *</td> <td>2016 å¹´ 9 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p> * æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 </p> - <h3 id="id-in-mediatek-video-driver">MediaTek 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p> MediaTek 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1525,24 +1225,23 @@ MediaTek 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å <td>æ— *</td> <td>2016 å¹´ 8 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p> * æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。 </p> - <h3 id="id-in-nvidia-video-driver">NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p> NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1551,13 +1250,13 @@ NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–è </tr> <tr> <td>CVE-2016-8397</td> - <td>A-31385953*<br> + <td>A-31385953*<br /> N-CVE-2016-8397</td> <td>高</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1568,12 +1267,12 @@ Qualcomm GPS 组件ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©è¿œç¨‹æ”»å‡»è€…挂起或é‡å¯è </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1587,7 +1286,7 @@ Qualcomm GPS 组件ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©è¿œç¨‹æ”»å‡»è€…挂起或é‡å¯è <td>Nexus 6ã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1598,12 +1297,12 @@ NVIDIA 相机驱动程åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…在本地å‘èµ·æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1613,12 +1312,12 @@ NVIDIA 相机驱动程åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…在本地å‘èµ·æ <tr> <td>CVE-2016-8395</td> <td>A-31403040* -<br>N-CVE-2016-8395</td> +<br />N-CVE-2016-8395</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 9 月 9 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1629,12 +1328,12 @@ NVIDIA 相机驱动程åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…在本地å‘èµ·æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1648,7 +1347,7 @@ NVIDIA 相机驱动程åºä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…在本地å‘èµ·æ <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1659,12 +1358,12 @@ Qualcomm 组件(包括相机驱动程åºå’Œè§†é¢‘驱动程åºï¼‰ä¸çš„ä¿¡æ¯æŠ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1673,24 +1372,24 @@ Qualcomm 组件(包括相机驱动程åºå’Œè§†é¢‘驱动程åºï¼‰ä¸çš„ä¿¡æ¯æŠ </tr> <tr> <td>CVE-2016-6756</td> - <td>A-29464815<br> + <td>A-29464815<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> -QC-CR#1042068</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> + QC-CR#1042068</a> + [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 17 æ—¥</td> </tr> <tr> <td>CVE-2016-6757</td> - <td>A-30148242<br> + <td>A-30148242<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> QC-CR#1052821</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 13 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-librm-library">NVIDIA librm 库ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p> @@ -1698,12 +1397,12 @@ NVIDIA librm 库 (libnvrm) ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1713,12 +1412,12 @@ NVIDIA librm 库 (libnvrm) ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å <tr> <td>CVE-2016-8400</td> <td>A-31251599* -<br>N-CVE-2016-8400</td> +<br />N-CVE-2016-8400</td> <td>ä¸</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1729,12 +1428,12 @@ NVIDIA librm 库 (libnvrm) ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1790,7 +1489,7 @@ NVIDIA librm 库 (libnvrm) ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1801,12 +1500,12 @@ NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–è </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1816,7 +1515,7 @@ NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–è <tr> <td>CVE-2016-8408</td> <td>A-31496571* -<br>N-CVE-2016-8408</td> +<br />N-CVE-2016-8408</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> @@ -1824,12 +1523,12 @@ NVIDIA 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–è <tr> <td>CVE-2016-8409</td> <td>A-31495687* -<br>N-CVE-2016-8409</td> +<br />N-CVE-2016-8409</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。 </p> @@ -1840,12 +1539,12 @@ Qualcomm 声音驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1854,14 +1553,14 @@ Qualcomm 声音驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å </tr> <tr> <td>CVE-2016-8410</td> - <td>A-31498403<br> + <td>A-31498403<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> QC-CR#987010</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android One</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">常è§é—®é¢˜å’Œè§£ç”</h2> <p> @@ -1872,7 +1571,7 @@ QC-CR#987010</a></td> </strong> </p> <p> -è¦äº†è§£å¦‚何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ï¼Œè¯·é˜…读 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>ä¸çš„说明。 +è¦äº†è§£å¦‚何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ï¼Œè¯·é˜…读 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>ä¸çš„说明。 </p> <ul> <li>2016-12-01(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«è§£å†³äº†ä¸Ž 2016-12-01 安全补ä¸ç¨‹åºçº§åˆ«ç›¸å…³çš„所有问题。</li> @@ -1885,10 +1584,10 @@ QC-CR#987010</a></td> <li>[ro.build.version.security_patch]:[2016-12-05]</li> </ul> <p> -<strong>2. 为何æ¤å…¬å‘Šæœ‰ 2 个安全补ä¸ç¨‹åºçº§åˆ«ï¼Ÿ</strong> +<strong>2. 为何本公告会有 2 个安全补ä¸ç¨‹åºçº§åˆ«ï¼Ÿ</strong> </p> <p> -本公告有 2 个安全补ä¸ç¨‹åºçº§åˆ«ï¼Œç›®çš„是让 Android åˆä½œä¼™ä¼´èƒ½å¤Ÿçµæ´»åœ°ã€æ›´å¿«é€Ÿåœ°ä¿®å¤æ‰€æœ‰ Android 设备上类似的一系列æ¼æ´žã€‚我们建议 Android åˆä½œä¼™ä¼´ä¿®å¤æœ¬å…¬å‘Šä¸çš„所有问题并使用最新的安全补ä¸ç¨‹åºçº§åˆ«ã€‚ +本公告之所以会有 2 个安全补ä¸ç¨‹åºçº§åˆ«ï¼Œç›®çš„是让 Android åˆä½œä¼™ä¼´èƒ½å¤Ÿçµæ´»åœ°ã€æ›´å¿«é€Ÿåœ°ä¿®å¤æ‰€æœ‰ Android 设备上的一系列类似æ¼æ´žã€‚我们建议 Android åˆä½œä¼™ä¼´ä¿®å¤æœ¬å…¬å‘Šä¸çš„所有问题并使用最新的安全补ä¸ç¨‹åºçº§åˆ«ã€‚ </p> <ul> <li>使用 2016 å¹´ 12 月 1 日安全补ä¸ç¨‹åºçº§åˆ«çš„设备必须包å«è¯¥å®‰å…¨è¡¥ä¸ç¨‹åºçº§åˆ«å¯¹åº”的所有问题的修å¤æ–¹æ¡ˆï¼Œä»¥åŠé’ˆå¯¹ä¹‹å‰çš„安全公告ä¸æŠ¥å‘Šçš„所有问题的修å¤æ–¹æ¡ˆã€‚</li> @@ -1901,10 +1600,10 @@ QC-CR#987010</a></td> <strong>3. 如何确定å„个问题都会影å“哪些 Google 设备?</strong> </p> <p> -在 <a href="#2016-12-01-details">2016-12-01</a> å’Œ <a href="#2016-12-05-details">2016-12-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜æ›´æ–°è¿‡çš„å—å½±å“çš„ Google 设备系列。<em></em>æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形: +在 <a href="#2016-12-01-details">2016-12-01</a> å’Œ <a href="#2016-12-05-details">2016-12-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜è¿›è¡Œäº†æ›´æ–°çš„å—å½±å“ Google 设备系列。<em></em>æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形: </p> <ul> - <li><strong>所有 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus å’Œ Pixel 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰â€ã€‚<em></em>“所有â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">å—支æŒçš„设备</a>:Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> + <li><strong>所有 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus å’Œ Pixel 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰â€ã€‚<em></em>“所有â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">å—支æŒçš„设备</a>:Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> <li><strong>部分 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä»…会影å“部分 Google 设备,则“已更新的 Google 设备â€åˆ—ä¸ä¼šåˆ—出å—å½±å“çš„ Google 设备。<em></em></li> <li><strong>æ— Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¸ä¼šå½±å“任何è¿è¡Œ Android 7.0 çš„ Google 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ— â€ã€‚<em></em></li> </ul> @@ -1915,7 +1614,7 @@ QC-CR#987010</a></td> æ¼æ´žè¯¦æƒ…表的“å‚考信æ¯â€åˆ—ä¸çš„æ¡ç›®å¯èƒ½åŒ…å«ç”¨äºŽæ ‡è¯†å‚考值所属组织的å‰ç¼€ã€‚<em></em>这些å‰ç¼€å¯¹åº”的内容如下: </p> <table> - <tr> + <tbody><tr> <th>å‰ç¼€</th> <th>å‚考信æ¯</th> </tr> @@ -1939,12 +1638,12 @@ QC-CR#987010</a></td> <td>B-</td> <td>Broadcom å‚考编å·</td> </tr> -</table> +</tbody></table> <h2 id="revisions">修订版本</h2> <ul> <li>2016 å¹´ 12 月 5 日:å‘布了本公告。</li> - <li>2016 å¹´ 12 月 7 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº† AOSP 链接,并更新了 CVE-2016-6915ã€CVE-2016-6916 å’Œ CVE-2016-6917 的致谢信æ¯ã€‚</li> + <li>2016 å¹´ 12 月 7 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº†å¤šä¸ª AOSP 链接,并更新了 CVE-2016-6915ã€CVE-2016-6916 å’Œ CVE-2016-6917 的致谢信æ¯ã€‚</li> + <li>2016 å¹´ 12 月 21 日:更æ£äº† CVE-2016-8411 说明以åŠå¸¸è§é—®é¢˜å’Œè§£ç”ä¸çš„拼写错误。</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/bulletin/2017-03-01.html b/zh-cn/security/bulletin/2017-03-01.html index 26d065c4..04a1957e 100644 --- a/zh-cn/security/bulletin/2017-03-01.html +++ b/zh-cn/security/bulletin/2017-03-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android 安全公告 - 2017 å¹´ 3 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -22,11 +21,10 @@ --> <p><em>å‘布时间:2017 å¹´ 3 月 6 æ—¥ | 更新时间:2017 å¹´ 3 月 7 æ—¥</em></p> -<p>Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚é™¤äº†å…¬å‘Šä¹‹å¤–ï¼Œæˆ‘ä»¬è¿˜é€šè¿‡æ— çº¿ä¸‹è½½ (OTA) æ›´æ–°çš„æ–¹å¼å‘布了针对 Google 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上å‘布了 Google è®¾å¤‡å›ºä»¶æ˜ åƒã€‚2017 å¹´ 3 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æ‰€æœ‰è¿™äº›é—®é¢˜ã€‚请å‚阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>,了解如何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ã€‚</p> -<p>我们的åˆä½œä¼™ä¼´åœ¨ 2017 å¹´ 2 月 6 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼Œå¹¶åœ¨æœ¬å…¬å‘Šä¸æ供了相应链接。 -本公告还æ供了 AOSP 之外的补ä¸ç¨‹åºçš„链接。</p> -<p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œå®ƒå¯èƒ½ä¼šå¯¼è‡´åœ¨å¤„ç†åª’体文件的过程ä¸ï¼Œå¯é€šè¿‡ç”µå邮件ã€ç½‘页和彩信ç‰å¤šç§æ–¹å¼åœ¨å—å½±å“的设备上执行远程代ç 。</p> -<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="{@docRoot}security/enhancements/index.html">Android 安全平å°é˜²æŠ¤</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> +<p>Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚é™¤äº†å…¬å‘Šä¹‹å¤–ï¼Œæˆ‘ä»¬è¿˜é€šè¿‡æ— çº¿ä¸‹è½½ (OTA) æ›´æ–°çš„æ–¹å¼å‘布了针对 Google 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上å‘布了 Google è®¾å¤‡å›ºä»¶æ˜ åƒã€‚2017 å¹´ 3 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æ‰€æœ‰è¿™äº›é—®é¢˜ã€‚请å‚阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>,了解如何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ã€‚</p> +<p>我们的åˆä½œä¼™ä¼´åœ¨ 2017 å¹´ 2 月 6 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼Œå¹¶åœ¨æœ¬å…¬å‘Šä¸æ供了相应链接。本公告还æ供了 AOSP 之外的补ä¸ç¨‹åºçš„链接。</p> +<p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œå®ƒå¯èƒ½ä¼šå¯¼è‡´åœ¨å¤„ç†åª’体文件的过程ä¸ï¼Œå¯é€šè¿‡ç”µå邮件ã€ç½‘页和彩信ç‰å¤šç§æ–¹å¼åœ¨å—å½±å“的设备上执行远程代ç 。<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚</p> +<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤åŠŸèƒ½</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> <p>我们建议所有用户都在自己的设备上接å—这些更新。</p> <h2 id="announcements">公告</h2> <ul> @@ -37,388 +35,8 @@ </li> <li>å—支æŒçš„ Google 设备将收到一项安全补ä¸ç¨‹åºçº§åˆ«ä¸º 2017 å¹´ 3 月 5 日的 OTA 更新。</li> </ul> -<h2 id="security-vulnerability-summary">安全æ¼æ´žæ‘˜è¦</h2> -<p>下表列出了安全æ¼æ´žã€å¯¹åº”çš„ CVE(常è§æ¼æ´žå’Œé£Žé™©è¯†åˆ«ç )ã€è¯„估得出的严é‡ç¨‹åº¦ä»¥åŠæ˜¯å¦ä¼šå½±å“ Google 设备。<a href="{@docRoot}security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚</p> -<h3 id="2017-03-01-summary">2017-03-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</h3> -<p>2017-03-01(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«éƒ½å¿…须解决下列问题。</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>问题</th> - <th>CVE</th> - <th>严é‡ç¨‹åº¦</th> - <th>是å¦ä¼šå½±å“ Google 设备?</th> - </tr> - <tr> - <td>OpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2016-2182</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0474</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>recovery 验è¯ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0475</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>AOSP çŸä¿¡ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2017-0476</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libgdx ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2017-0477</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Framesequence 库ä¸çš„远程代ç 执行æ¼æ´ž</td> - <td>CVE-2017-0478</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NFC ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0481</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Audioserver ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0479ã€CVE-2017-0480</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2017-0482ã€CVE-2017-0483ã€CVE-2017-0484ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0488</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>地ç†ä½ç½®ä¿¡æ¯ç®¡ç†å™¨ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0489</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>WLAN ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0490</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>软件包管ç†å™¨ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0491</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>系统界é¢ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0492</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>AOSP çŸä¿¡ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0494</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0495</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>设置å‘导ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2017-0496</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2017-0497</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>设置å‘导ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2017-0498</td> - <td>ä¸</td> - <td>å¦*</td> - </tr> - <tr> - <td>Audioserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2017-0499</td> - <td>低</td> - <td>是</td> - </tr> -</table> -<p>* æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> -<h3 id="2017-03-05-summary">2017-03-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</h3> -<p>2017-03-05(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«éƒ½å¿…须解决 2017-03-01 的所有问题以åŠä¸‹åˆ—问题。</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>问题</th> - <th>CVE</th> - <th>严é‡ç¨‹åº¦</th> - <th>是å¦ä¼šå½±å“ Google 设备?</th> - </tr> - <tr> - <td>MediaTek 组件ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0504ã€CVE-2017-0505ã€CVE-2017-0506</td> - <td>严é‡</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0337ã€CVE-2017-0338ã€CVE-2017-0333ã€CVE-2017-0306ã€CVE-2017-0335</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ ION å系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0507ã€CVE-2017-0508</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>Broadcom WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0509</td> - <td>严é‡</td> - <td>å¦*</td> - </tr> - <tr> - <td>å†…æ ¸ FIQ 调试程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0510</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-8479</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ç½‘ç»œå系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-9806ã€CVE-2016-10200</td> - <td>严é‡</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 组件ä¸çš„æ¼æ´ž</td> - <td>CVE-2016-8484ã€CVE-2016-8485ã€CVE-2016-8486ã€CVE-2016-8487ã€CVE-2016-8488</td> - <td>严é‡</td> - <td>å¦*</td> - </tr> - <tr> - <td>å†…æ ¸ç½‘ç»œå系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-8655ã€CVE-2016-9793</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 输入硬件驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0516</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek ç¡¬ä»¶ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0517</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm ADSPRPC 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0457</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm æŒ‡çº¹ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0518ã€CVE-2017-0519</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm åŠ å¯†å¼•æ“Žé©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0520</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0458ã€CVE-2017-0521</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek APK ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0522</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0464ã€CVE-2017-0453ã€CVE-2017-0523</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0524</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm IPA 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0456ã€CVE-2017-0525</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>HTC ä¼ æ„Ÿå™¨ä¸æž¢é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0526ã€CVE-2017-0527</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0307</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm 网络驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0463ã€CVE-2017-0460</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸å®‰å…¨å系统ä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2017-0528</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm SPCom 驱动程åºä¸çš„ææƒæ¼æ´ž</td> - <td>CVE-2016-5856ã€CVE-2016-5857</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>å†…æ ¸ç½‘ç»œå系统ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2014-8709</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0529</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0455</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 电æºé©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8483</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA GPU 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0334ã€CVE-2017-0336</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸åŠ å¯†å系统ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</td> - <td>CVE-2016-8650</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆä»…特定设备)</td> - <td>CVE-2016-8417</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm WLAN 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0461ã€CVE-2017-0459ã€CVE-2017-0531</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 视频编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0532</td> - <td>ä¸</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0533ã€CVE-2017-0534ã€CVE-2016-8416ã€CVE-2016-8478</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2016-8413ã€CVE-2016-8477</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>HTC 声音编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0535</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0536</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>å†…æ ¸ USB å°å·¥å…·é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0537</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</td> - <td>CVE-2017-0452</td> - <td>低</td> - <td>是</td> - </tr> -</table> -<p>* æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> <h2 id="mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</h2> -<p>本部分总结了 <a href="{@docRoot}security/enhancements/index.html">Android 安全平å°</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet)æ供的缓解措施。这些功能å¯é™ä½Ž Android 上的安全æ¼æ´žè¢«æˆåŠŸåˆ©ç”¨çš„å¯èƒ½æ€§ã€‚</p> +<p>本部分总结了 <a href="/security/enhancements/index.html">Android 安全平å°</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ SafetyNet)æ供的缓解措施。这些功能å¯é™ä½Ž Android 上的安全æ¼æ´žè¢«æˆåŠŸåˆ©ç”¨çš„å¯èƒ½æ€§ã€‚</p> <ul> <li>新版 Android å¹³å°ä¸çš„å¢žå¼ºåŠŸèƒ½è®©æ”»å‡»è€…æ›´åŠ éš¾ä»¥åˆ©ç”¨ Android 上å˜åœ¨çš„许多问题。我们建议所有用户都尽å¯èƒ½æ›´æ–°åˆ°æœ€æ–°ç‰ˆ Android。</li> <li>Android 安全团队会积æžåˆ©ç”¨<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">“验è¯åº”用â€å’Œ SafetyNet</a> æ¥ç›‘控滥用行为,这些功能会在å‘现<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„应用</a>æ—¶å‘用户å‘出è¦å‘Šã€‚在预装有 <a href="http://www.android.com/gms">Google 移动æœåŠ¡</a>的设备上,“验è¯åº”用â€åœ¨é»˜è®¤æƒ…况下处于å¯ç”¨çŠ¶æ€ã€‚对于安装æ¥è‡ª Google Play 以外的应用的用户æ¥è¯´ï¼Œè¿™é¡¹åŠŸèƒ½å°¤ä¸ºé‡è¦ã€‚虽然 Google Play ä¸ç¦æ¢æ供设备 Root 应用,但用户å¯èƒ½ä¼šå°è¯•å®‰è£… Root 应用,而“验è¯åº”用â€ä¼šåœ¨æ£€æµ‹åˆ°è¿™ç±»åº”ç”¨ï¼ˆæ— è®ºåº”ç”¨æ¥è‡ªä½•å¤„)时å‘用户å‘出è¦å‘Šã€‚å¦å¤–,“验è¯åº”用â€ä¼šå°è¯•è¯†åˆ«å¹¶é˜»æ¢ç”¨æˆ·å®‰è£…会利用ææƒæ¼æ´žçš„已知æ¶æ„应用。如果用户已安装æ¤ç±»åº”用,那么“验è¯åº”用â€å°†ä¼šé€šçŸ¥ç”¨æˆ·å¹¶å°è¯•ç§»é™¤æ‰€æ£€æµ‹åˆ°çš„应用。</li> @@ -428,58 +46,60 @@ <p>éžå¸¸æ„Ÿè°¢ä»¥ä¸‹ç ”究人员åšå‡ºçš„贡献:</p> <ul> <li>Google 动æ€å·¥å…·å›¢é˜Ÿçš„ Alexander Potapenko:CVE-2017-0537 -<li>阿里巴巴移动安全团队的 Baozeng Dingã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0506 -<li>阿里巴巴移动安全团队的 Baozeng Dingã€Ning Youã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0463 -<li>Android 安全团队的 Billy Lau:CVE-2017-0335ã€CVE-2017-0336ã€CVE-2017-0338ã€CVE-2017-0460 -<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>):CVE-2016-8413ã€CVE-2016-8477ã€CVE-2017-0531 -<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) å’Œ <a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0521 -<li>腾讯科æ©å®žéªŒå®¤ (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2017-0334ã€CVE-2017-0456ã€CVE-2017-0457ã€CVE-2017-0525 -<li><a href="http://www.ms509.com">MS509Team</a> çš„ En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) å’Œ Bo Liu:CVE-2017-0490 -<li>奇虎 360 科技有é™å…¬å¸ IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0509ã€CVE-2017-0524ã€CVE-2017-0529ã€CVE-2017-0536 -<li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的 Hao Chen å’Œ Guang Gong:CVE-2017-0453ã€CVE-2017-0461ã€CVE-2017-0464 -<li>索尼移动通信股份有é™å…¬å¸çš„ Hiroki Yamamoto å’Œ Fang Chen:CVE-2017-0481 -<li>IBM X-Force å®‰å…¨ç ”ç©¶å‘˜ Sagi Kedmi å’Œ Roee Hay:CVE-2017-0510 -<li><a href="https://skyeye.360safe.com">奇虎 360 天眼实验室</a>çš„ Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>):CVE-2017-0478 -<li>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-8416ã€CVE-2016-8478ã€CVE-2017-0458ã€CVE-2017-0459ã€CVE-2017-0518ã€CVE-2017-0519ã€CVE-2017-0533ã€CVE-2017-0534 -<li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2016-8479 -<li>Google çš„ Makoto Onuki:CVE-2017-0491 -<li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€<a href="mailto:arnow117@gmail.com">Hanxiang Wen</a> å’Œ Xuxian Jiang:CVE-2017-0479ã€CVE-2017-0480 -<li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0535 -<li>特斯拉汽车公å¸äº§å“安全团队的 Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0306 -<li>百度安全实验室的ä¸é¹é£žã€åŒ…沉浮和韦韬:CVE-2016-8417 -<li>腾讯科æ©å®žéªŒå®¤çš„何淇丹 (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0337ã€CVE-2017-0476 -<li>奇虎 360 çš„ Qing Zhang å’Œæ–°åŠ å¡ç†å·¥å¤§å¦ (SIT) çš„ Guangdong Bai:CVE-2017-0496 -<li>èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤çš„ Quhe å’Œ wanchouchou:CVE-2017-0522 -<li>DarkMatter 安全通信部门的 <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a>:CVE-2017-0528 -<li>åŠ åˆ©ç¦å°¼äºšå¤§å¦åœ£å·´å·´æ‹‰åˆ†æ ¡ Shellphish Grill 团队的 salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>):CVE-2017-0505 -<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0504ã€CVE-2017-0516 -<li>Sean Beaupre (beaups):CVE-2017-0455 -<li>趋势科技的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0452 -<li>富士通的 Shinichi Matsumoto:CVE-2017-0498 -<li><a href="http://www.byterev.com">ByteRev</a> çš„ <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>:CVE-2017-0489 -<li>Google çš„ Svetoslav Ganov:CVE-2017-0492 -<li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0333 -<li><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">移动å¨èƒå“应团队</a>çš„ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0482ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0494ã€CVE-2017-0495 -<li>èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤çš„å´æ½æµ (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2017-0477 -<li>奇虎 360 科技有é™å…¬å¸ Vulpecker 团队的 Yu Pan:CVE-2017-0517ã€CVE-2017-0532 -<li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0526ã€CVE-2017-0527 -<li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>ã€Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) å’Œ Xuxian Jiang:CVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> +</li><li>阿里巴巴移动安全团队的 Baozeng Dingã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0506 +</li><li>阿里巴巴移动安全团队的 Baozeng Dingã€Ning Youã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0463 +</li><li>Android 安全团队的 Billy Lau:CVE-2017-0335ã€CVE-2017-0336ã€CVE-2017-0338ã€CVE-2017-0460 +</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>):CVE-2016-8413ã€CVE-2016-8477ã€CVE-2017-0531 +</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) å’Œ <a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0521 +</li><li>腾讯科æ©å®žéªŒå®¤ (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2017-0334ã€CVE-2017-0456ã€CVE-2017-0457ã€CVE-2017-0525 +</li><li><a href="http://www.ms509.com">MS509Team</a> çš„ En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) å’Œ Bo Liu:CVE-2017-0490 +</li><li>奇虎 360 科技有é™å…¬å¸ IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0509ã€CVE-2017-0524ã€CVE-2017-0529ã€CVE-2017-0536 +</li><li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的 Hao Chen å’Œ Guang Gong:CVE-2017-0453ã€CVE-2017-0461ã€CVE-2017-0464 +</li><li>索尼移动通信股份有é™å…¬å¸çš„ Hiroki Yamamoto å’Œ Fang Chen:CVE-2017-0481 +</li><li>IBM X-Force å®‰å…¨ç ”ç©¶å‘˜ Sagi Kedmi å’Œ Roee Hay:CVE-2017-0510 +</li><li><a href="https://skyeye.360safe.com">奇虎 360 天眼实验室</a> çš„ Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>):CVE-2017-0478 +</li><li>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-8416ã€CVE-2016-8478ã€CVE-2017-0458ã€CVE-2017-0459ã€CVE-2017-0518ã€CVE-2017-0519ã€CVE-2017-0533ã€CVE-2017-0534 +</li><li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2016-8479 +</li><li>Google çš„ Makoto Onuki:CVE-2017-0491 +</li><li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€<a href="mailto:arnow117@gmail.com">Hanxiang Wen</a> å’Œ Xuxian Jiang:CVE-2017-0479ã€CVE-2017-0480 +</li><li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0535 +</li><li>特斯拉汽车公å¸äº§å“安全团队的 Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0306 +</li><li>百度安全实验室的ä¸é¹é£žã€åŒ…沉浮和韦韬:CVE-2016-8417 +</li><li>腾讯科æ©å®žéªŒå®¤çš„何淇丹 (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0337ã€CVE-2017-0476 +</li><li>奇虎 360 çš„ Qing Zhang å’Œæ–°åŠ å¡ç†å·¥å¤§å¦ (SIT) çš„ Guangdong Bai:CVE-2017-0496 +</li><li>èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤çš„ Quhe å’Œ wanchouchou:CVE-2017-0522 +</li><li>DarkMatter 安全通信部门的 <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a>:CVE-2017-0528 +</li><li>åŠ åˆ©ç¦å°¼äºšå¤§å¦åœ£å·´å·´æ‹‰åˆ†æ ¡ Shellphish Grill 团队的 salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>):CVE-2017-0505 +</li><li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0504ã€CVE-2017-0516 +</li><li>Sean Beaupre (beaups):CVE-2017-0455 +</li><li>趋势科技的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0452 +</li><li>富士通的 Shinichi Matsumoto:CVE-2017-0498 +</li><li><a href="http://www.byterev.com">ByteRev</a> çš„ <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>:CVE-2017-0489 +</li><li>Google çš„ Svetoslav Ganov:CVE-2017-0492 +</li><li><a href="mailto:segfault5514@gmail.com">C0RE 团队</a>çš„ <a href="mailto:computernik@gmail.com">Tong Lin</a>ã€<a href="http://c0reteam.org">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0333 +</li><li><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">移动å¨èƒå“应团队</a>çš„ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>): +CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0482ã€CVE-2017-0484ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0494ã€CVE-2017-0495 +</li><li>èš‚èšé‡‘æœå·´æ–¯å…‰å¹´å®‰å…¨å®žéªŒå®¤çš„å´æ½æµ (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2017-0477 +</li><li>奇虎 360 科技有é™å…¬å¸ Vulpecker 团队的 Yu Pan:CVE-2017-0517ã€CVE-2017-0532 +</li><li><a href="http://c0reteam.org">C0RE 团队</a>çš„ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0526ã€CVE-2017-0527 +</li><li><a href="http://c0reteam.org">C0RE 团队</a>çš„ Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>ã€Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) å’Œ Xuxian Jiang:CVE-2017-0483</li> +<li>奇虎 360 科技有é™å…¬å¸æˆéƒ½å®‰å…¨å“应ä¸å¿ƒçš„ Zinuo Han (<a href="https://weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>):CVE-2017-0475ã€CVE-2017-0497 +</li></ul> <h2 id="2017-03-01-details">2017-03-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žè¯¦æƒ…</h2> -<p>我们在下é¢æ供了上述 <a href="#2017-03-01-summary">2017-03-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ã€‚å…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> +<p>我们在下é¢æ供了 2017-03-01 è¡¥ä¸ç¨‹åºçº§åˆ«æ¶µç›–çš„æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决相应问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> - -<h3 id="rce-in-openssl-&-boringssl">OpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´ž</h3> +<h3 id="rce-in-openssl-&-boringssl">OpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p>系统在处ç†æ–‡ä»¶å’Œæ•°æ®æ—¶ï¼ŒOpenSSL å’Œ BoringSSL ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶ç ´å内å˜ã€‚由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡ç‰¹è®¸è¿›ç¨‹æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -495,21 +115,20 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 8 月 5 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-mediaserver-">Mediaserver ä¸çš„远程代ç 执行æ¼æ´ž </h3> <p>系统在处ç†åª’体文件和数æ®æ—¶ï¼ŒMediaserver ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶ç ´å内å˜ã€‚由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡ Mediaserver 进程执行远程代ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -519,7 +138,9 @@ </tr> <tr> <td>CVE-2017-0466</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33139050</a> +[<a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">2</a>] + </td> <td>严é‡</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -527,7 +148,9 @@ </tr> <tr> <td>CVE-2017-0467</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">A-33250932</a> +[<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] + </td> <td>严é‡</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -535,7 +158,9 @@ </tr> <tr> <td>CVE-2017-0468</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">A-33351708</a> + [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">2</a>] + </td> <td>严é‡</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -589,19 +214,19 @@ <td>7.0ã€7.1.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-recovery-verifier">recovery 验è¯ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>recovery 验è¯ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -617,20 +242,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 10 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-aosp-messaging">AOSP çŸä¿¡ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p>系统在处ç†åª’体文件和数æ®æ—¶ï¼ŒAOSP çŸä¿¡ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶ç ´å内å˜ã€‚由于该æ¼æ´žå¯ç”¨äºŽé€šè¿‡éžç‰¹è®¸è¿›ç¨‹æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -646,20 +270,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 6 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-libgdx">libgdx ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p>libgdx ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件通过éžç‰¹è®¸è¿›ç¨‹æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽåœ¨ä½¿ç”¨æ¤åº“的应用ä¸æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -675,20 +298,19 @@ <td>7.1.1</td> <td>2016 å¹´ 12 月 14 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-framesequence-library">Framesequence 库ä¸çš„远程代ç 执行æ¼æ´ž</h3> <p>Framesequence 库ä¸çš„远程代ç 执行æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件通过éžç‰¹è®¸è¿›ç¨‹æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽåœ¨ä½¿ç”¨ Framesequence 库的应用ä¸æ‰§è¡Œè¿œç¨‹ä»£ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -704,19 +326,19 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 16 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-nfc">NFC ä¸çš„ææƒæ¼æ´ž</h3> <p>NFC ä¸çš„ææƒæ¼æ´žå¯è®©é‚»è¿‘区域内的攻击者通过特许进程执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–的本地特æƒï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -732,19 +354,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 6 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-audioserver">Audioserver ä¸çš„ææƒæ¼æ´ž</h3> <p>Audioserver ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执行任æ„代ç 。由于该æ¼æ´žå¯ç”¨äºŽèŽ·å–ç¬¬ä¸‰æ–¹åº”ç”¨é€šå¸¸æ— æ³•èŽ·å–的本地特æƒï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -754,7 +376,7 @@ </tr> <tr> <td>CVE-2017-0479</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32707507</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32707507</a> [ <a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a> ]</td> <td>高</td> <td>所有</td> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -762,26 +384,25 @@ </tr> <tr> <td>CVE-2017-0480</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32705429</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/22e26d8ee73488c58ba3e7928e5da155151abfd0">A-32705429</a> [ <a href="https://android.googlesource.com/platform/frameworks/av/+/8415635765380be496da9b4578d8f134a527d86b">2</a> ]</td> <td>高</td> <td>所有</td> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 7 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件挂起或é‡æ–°å¯åŠ¨è®¾å¤‡ã€‚由于该æ¼æ´žå¯ç”¨äºŽè¿œç¨‹å‘èµ·æ‹’ç»æœåŠ¡æ”»å‡»ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -791,7 +412,13 @@ </tr> <tr> <td>CVE-2017-0482</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c">A-33090864</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>] [<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/ec9ab83ac437d31f484a86643e2cc66db8efae4c"> + A-33090864</a> +[<a href="https://android.googlesource.com/platform/external/libavc/+/0e8b1dff88e08b9d738d2360f05b96108e190995">2</a>] +[<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">3</a>] +[<a href="https://android.googlesource.com/platform/external/libavc/+/3695b6bdaa183bb2852da06b63ebd5b9c2cace36">4</a>] +[<a href="https://android.googlesource.com/platform/external/libavc/+/c4f152575bd6d8cc6db1f89806e2ba1fd1bb314f">5</a>] +[<a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">6</a>]</td> <td>高</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -799,7 +426,9 @@ </tr> <tr> <td>CVE-2017-0483</td> - <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976">A-33137046</a> [<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bc62c086e9ba7530723dc8874b83159f4d77d976"> + A-33137046</a> +[<a href="https://android.googlesource.com/platform/frameworks/av/+/5cabe32a59f9be1e913b6a07a23d4cfa55e3fb2f">2</a>]</td> <td>高</td> <td>所有</td> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -807,7 +436,7 @@ </tr> <tr> <td>CVE-2017-0484</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">A-33298089</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/fd9a12f9fdd9dd3e66c59dd7037e864b948085f7">A-33298089</a> [ <a href="https://android.googlesource.com/platform/external/libavc/+/a467b1fb2956fdcee5636ab63573a4bca8150dbe">2</a> ]</td> <td>高</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -845,19 +474,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-location-manager">地ç†ä½ç½®ä¿¡æ¯ç®¡ç†å™¨ä¸çš„ææƒæ¼æ´ž</h3> <p>地ç†ä½ç½®ä¿¡æ¯ç®¡ç†å™¨ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用绕过针对地ç†ä½ç½®æ•°æ®çš„æ“作系统防护功能。由于该æ¼æ´žå¯ç”¨äºŽç”Ÿæˆä¸å‡†ç¡®çš„æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -873,20 +502,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 20 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">WLAN ä¸çš„ææƒæ¼æ´ž</h3> <p>WLAN ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨åˆ é™¤ç”¨æˆ·æ•°æ®ã€‚由于该æ¼æ´žå…许在本地绕过通常需è¦ç”¨æˆ·å‘起或ç»è¿‡ç”¨æˆ·è®¸å¯çš„用户互动è¦æ±‚ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -896,26 +524,29 @@ </tr> <tr> <td>CVE-2017-0490</td> - <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95">A-33178389</a> [<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>] [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>]</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1166ca8adba9b49c9185dad11b28b02e72124d95"> + A-33178389</a> +[<a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/1ad3b1e3256a226be362de1a4959f2a642d349b7">2</a>] +[<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/41c42f5bb544acf8bede2d05c6325657d92bd83c">3</a>] + </td> <td>ä¸</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 25 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-package-manager">软件包管ç†å™¨ä¸çš„ææƒæ¼æ´ž</h3> <p>软件包管ç†å™¨ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用阻æ¢ç”¨æˆ·å¸è½½åº”用或移除应用æƒé™ã€‚由于该æ¼æ´žå…许在本地绕过用户互动è¦æ±‚ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -932,20 +563,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 内部</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-system-ui">系统界é¢ä¸çš„ææƒæ¼æ´ž</h3> <p>系统界é¢ä¸çš„æå–æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用创建覆盖整个å±å¹•çš„ç•Œé¢å åŠ å±‚ã€‚ç”±äºŽè¯¥æ¼æ´žå…许在本地绕过通常需è¦ç”¨æˆ·å‘起或ç»è¿‡ç”¨æˆ·è®¸å¯çš„用户互动è¦æ±‚ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -962,20 +592,19 @@ <td>7.1.1</td> <td>Google 内部</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-aosp-messaging">AOSP çŸä¿¡ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>AOSP çŸä¿¡ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©è¿œç¨‹æ”»å‡»è€…使用特制文件获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -991,20 +620,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 9 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Mediaserver ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1020,20 +648,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 11 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard">设置å‘导ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>设置å‘导ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用暂时阻æ¢ç”¨æˆ·ä½¿ç”¨å—å½±å“的设备。由于该æ¼æ´žå¯èƒ½å¯¼è‡´ç”¨æˆ·éœ€è¦é€šè¿‡æ¢å¤å‡ºåŽ‚设置æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1049,21 +676,21 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 9 月 14 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Google 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> <h3 id="dos-in-mediaserver-2">Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> -<p>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件挂起或é‡æ–°å¯åŠ¨è®¾å¤‡ã€‚由于该æ¼æ´žéœ€è¦æ‰§è¡Œä¸å¸¸è§çš„设备é…ç½®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> +<p>Mediaserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æ”»å‡»è€…使用特制文件挂起或é‡æ–°å¯åŠ¨è®¾å¤‡ã€‚由于该æ¼æ´žåªèƒ½é’ˆå¯¹ç½•è§çš„设备é…ç½®èµ·ä½œç”¨ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1079,20 +706,19 @@ <td>7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard-2">设置å‘导ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>设置å‘导ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æœ¬åœ°æ”»å‡»è€…在æ¢å¤å‡ºåŽ‚设置之åŽè¦æ±‚登录 Google å¸å·ã€‚由于该æ¼æ´žå¯èƒ½å¯¼è‡´ç”¨æˆ·éœ€è¦é€šè¿‡æ¢å¤å‡ºåŽ‚设置æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1102,26 +728,28 @@ </tr> <tr> <td>CVE-2017-0498</td> - <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b">A-30352311</a>[<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b"> + A-30352311</a> +[<a href="https://android.googlesource.com/platform/frameworks/base/+/5f621b5b1549e8379aee05807652d5111382ccc6">2</a>] + </td> <td>ä¸</td> <td>所有</td> <td>5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 内部</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-audioserver">Audioserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>Audioserver ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用挂起或é‡æ–°å¯åŠ¨è®¾å¤‡ã€‚由于该æ¼æ´žå¯ç”¨äºŽå‘起暂时拒ç»æœåŠ¡æ”»å‡»ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“低â€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1137,23 +765,21 @@ <td>5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 10 月 11 æ—¥</td> </tr> -</table> - +</tbody></table> <h2 id="2017-03-05-details">2017-03-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žè¯¦æƒ…</h2> -<p>我们在下é¢æ供了上述 <a href="#2017-03-05-summary">2017-03-05 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ã€‚å…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> - +<p>我们在下é¢æ供了 2017-03-05 è¡¥ä¸ç¨‹åºçº§åˆ«æ¶µç›–çš„æ¯ä¸ªå®‰å…¨æ¼æ´žçš„详细信æ¯ï¼Œå…¶ä¸åŒ…括问题æè¿°ã€ä¸¥é‡ç¨‹åº¦é˜è¿°ä»¥åŠä¸€ä¸ªåŒ…å« CVEã€ç›¸å…³å‚考信æ¯ã€ä¸¥é‡ç¨‹åº¦ã€å·²æ›´æ–°çš„ Google 设备ã€å·²æ›´æ–°çš„ AOSP 版本(如果适用)åŠæŠ¥å‘Šæ—¥æœŸçš„è¡¨æ ¼ã€‚åœ¨é€‚ç”¨çš„æƒ…å†µä¸‹ï¼Œæˆ‘ä»¬ä¼šå°† Bug ID 链接到解决相应问题的公开更改记录(如 AOSP 代ç 更改列表)。如果æŸä¸ª Bug 有多æ¡ç›¸å…³çš„更改记录,我们还通过 Bug ID åŽé¢çš„æ•°å—链接到了更多å‚考信æ¯ã€‚</p> <h3 id="eop-in-mediatek-components">MediaTek 组件ä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek 组件(包括 M4U 驱动程åºã€å£°éŸ³é©±åŠ¨ç¨‹åºã€è§¦æ‘¸å±é©±åŠ¨ç¨‹åºã€GPU 驱动程åºå’Œå‘½å队列驱动程åºï¼‰ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1162,68 +788,67 @@ </tr> <tr> <td>CVE-2017-0500</td> - <td>A-28429685*<br>M-ALPS02710006</td> + <td>A-28429685*<br />M-ALPS02710006</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 4 月 27 æ—¥</td> </tr> <tr> <td>CVE-2017-0501</td> - <td>A-28430015*<br>M-ALPS02708983</td> + <td>A-28430015*<br />M-ALPS02708983</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 4 月 27 æ—¥</td> </tr> <tr> <td>CVE-2017-0502</td> - <td>A-28430164*<br>M-ALPS02710027</td> + <td>A-28430164*<br />M-ALPS02710027</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 4 月 27 æ—¥</td> </tr> <tr> <td>CVE-2017-0503</td> - <td>A-28449045*<br>M-ALPS02710075</td> + <td>A-28449045*<br />M-ALPS02710075</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 4 月 28 æ—¥</td> </tr> <tr> <td>CVE-2017-0504</td> - <td>A-30074628*<br>M-ALPS02829371</td> + <td>A-30074628*<br />M-ALPS02829371</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 7 月 9 æ—¥</td> </tr> <tr> <td>CVE-2017-0505</td> - <td>A-31822282*<br>M-ALPS02992041</td> + <td>A-31822282*<br />M-ALPS02992041</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 9 月 28 æ—¥</td> </tr> <tr> <td>CVE-2017-0506</td> - <td>A-32276718*<br>M-ALPS03006904</td> + <td>A-32276718*<br />M-ALPS03006904</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 10 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1232,53 +857,52 @@ </tr> <tr> <td>CVE-2017-0337</td> - <td>A-31992762*<br>N-CVE-2017-0337</td> + <td>A-31992762*<br />N-CVE-2017-0337</td> <td>严é‡</td> <td>Pixel C</td> <td>2016 å¹´ 10 月 6 æ—¥</td> </tr> <tr> <td>CVE-2017-0338</td> - <td>A-33057977*<br>N-CVE-2017-0338</td> + <td>A-33057977*<br />N-CVE-2017-0338</td> <td>严é‡</td> <td>Pixel C</td> <td>2016 å¹´ 11 月 21 æ—¥</td> </tr> <tr> <td>CVE-2017-0333</td> - <td>A-33899363*<br>N-CVE-2017-0333</td> + <td>A-33899363*<br />N-CVE-2017-0333</td> <td>严é‡</td> <td>Pixel C</td> <td>2016 å¹´ 12 月 25 æ—¥</td> </tr> <tr> <td>CVE-2017-0306</td> - <td>A-34132950*<br>N-CVE-2017-0306</td> + <td>A-34132950*<br />N-CVE-2017-0306</td> <td>严é‡</td> <td>Nexus 9</td> <td>2017 å¹´ 1 月 6 æ—¥</td> </tr> <tr> <td>CVE-2017-0335</td> - <td>A-33043375*<br>N-CVE-2017-0335</td> + <td>A-33043375*<br />N-CVE-2017-0335</td> <td>严é‡</td> <td>Pixel C</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-kernel-ion-subsystem">å†…æ ¸ ION å系统ä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸ ION å系统ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1299,20 +923,19 @@ <td>Pixel C</td> <td>2016 å¹´ 12 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Broadcom WLAN 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1321,26 +944,25 @@ </tr> <tr> <td>CVE-2017-0509</td> - <td>A-32124445*<br>B-RB#110688</td> + <td>A-32124445*<br />B-RB#110688</td> <td>严é‡</td> <td>æ— **</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="eop-in-kernel-fiq-debugger">å†…æ ¸ FIQ 调试程åºä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸ FIQ 调试程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1354,20 +976,19 @@ <td>Nexus 9</td> <td>2016 å¹´ 10 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1376,25 +997,24 @@ </tr> <tr> <td>CVE-2016-8479</td> - <td>A-31824853*<br>QC-CR#1093687</td> + <td>A-31824853*<br />QC-CR#1093687</td> <td>严é‡</td> <td>Android Oneã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-kernel-networking-subsystem">å†…æ ¸ç½‘ç»œå系统ä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸ç½‘ç»œå系统ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1403,7 +1023,7 @@ </tr> <tr> <td>CVE-2016-9806</td> - <td>A-33393474<br> + <td>A-33393474<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520">ä¸Šæ¸¸å†…æ ¸</a></td> <td>严é‡</td> <td>Pixel Cã€Pixelã€Pixel XL</td> @@ -1411,25 +1031,24 @@ </tr> <tr> <td>CVE-2016-10200</td> - <td>A-33753815<br> + <td>A-33753815<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef">ä¸Šæ¸¸å†…æ ¸</a></td> <td>严é‡</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 组件ä¸çš„æ¼æ´ž</h3> <p>下列æ¼æ´žä¼šå½±å“ Qualcomm 组件;æ¤å¤–,2016 å¹´ 9 月的 Qualcomm AMSS 安全公告也对这些安全æ¼æ´žè¿›è¡Œäº†è¯¦ç»†è¯´æ˜Žã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1471,22 +1090,21 @@ <td>æ— ***</td> <td>Qualcomm 内部</td> </tr> -</table> +</tbody></table> <p>* 这些æ¼æ´žçš„严é‡ç¨‹åº¦è¯„级由供应商决定。</p> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>*** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="eop-in-kernel-networking-subsystem-2">å†…æ ¸ç½‘ç»œå系统ä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸ç½‘ç»œå系统ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1495,7 +1113,7 @@ </tr> <tr> <td>CVE-2016-8655</td> - <td>A-33358926<br> + <td>A-33358926<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c">ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Android Oneã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL</td> @@ -1503,25 +1121,24 @@ </tr> <tr> <td>CVE-2016-9793</td> - <td>A-33363517<br> + <td>A-33363517<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290">ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Android Oneã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-input-hardware-driver">Qualcomm 输入硬件驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm 输入硬件驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1530,25 +1147,24 @@ </tr> <tr> <td>CVE-2017-0516</td> - <td>A-32341680*<br>QC-CR#1096301</td> + <td>A-32341680*<br />QC-CR#1096301</td> <td>高</td> <td>Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-mediatek-hardware-sensor-driver">MediaTek ç¡¬ä»¶ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek ç¡¬ä»¶ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1557,26 +1173,25 @@ </tr> <tr> <td>CVE-2017-0517</td> - <td>A-32372051*<br>M-ALPS02973195</td> + <td>A-32372051*<br />M-ALPS02973195</td> <td>高</td> <td>æ— **</td> <td>2016 å¹´ 10 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm ADSPRPC 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1585,25 +1200,24 @@ </tr> <tr> <td>CVE-2017-0457</td> - <td>A-31695439*<br>QC-CR#1086123<br>QC-CR#1100695</td> + <td>A-31695439*<br />QC-CR#1086123<br />QC-CR#1100695</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Qualcomm æŒ‡çº¹ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm æŒ‡çº¹ä¼ æ„Ÿå™¨é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1612,32 +1226,31 @@ </tr> <tr> <td>CVE-2017-0518</td> - <td>A-32370896*<br>QC-CR#1086530</td> + <td>A-32370896*<br />QC-CR#1086530</td> <td>高</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 24 æ—¥</td> </tr> <tr> <td>CVE-2017-0519</td> - <td>A-32372915*<br>QC-CR#1086530</td> + <td>A-32372915*<br />QC-CR#1086530</td> <td>高</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 24 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm åŠ å¯†å¼•æ“Žé©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm åŠ å¯†å¼•æ“Žé©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1646,25 +1259,24 @@ </tr> <tr> <td>CVE-2017-0520</td> - <td>A-31750232<br> + <td>A-31750232<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd">QC-CR#1082636</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 24 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver">Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1673,7 +1285,7 @@ </tr> <tr> <td>CVE-2017-0458</td> - <td>A-32588962<br> + <td>A-32588962<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4">QC-CR#1089433</a></td> <td>高</td> <td>Pixelã€Pixel XL</td> @@ -1681,25 +1293,24 @@ </tr> <tr> <td>CVE-2017-0521</td> - <td>A-32919951<br> + <td>A-32919951<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8">QC-CR#1097709</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 15 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-apk">MediaTek APK ä¸çš„ææƒæ¼æ´ž</h3> <p>MediaTek APK ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执行任æ„代ç 。由于该æ¼æ´žå¯é€šè¿‡ç‰¹è®¸è¿›ç¨‹åœ¨æœ¬åœ°æ‰§è¡Œä»»æ„代ç ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1708,26 +1319,25 @@ </tr> <tr> <td>CVE-2017-0522</td> - <td>A-32916158*<br>M-ALPS03032516</td> + <td>A-32916158*<br />M-ALPS03032516</td> <td>高</td> <td>æ— **</td> <td>2016 å¹´ 11 月 15 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm WLAN 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1736,7 +1346,7 @@ </tr> <tr> <td>CVE-2017-0464</td> - <td>A-32940193<br> + <td>A-32940193<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f">QC-CR#1102593</a></td> <td>高</td> <td>Nexus 5Xã€Pixelã€Pixel XL</td> @@ -1744,7 +1354,7 @@ </tr> <tr> <td>CVE-2017-0453</td> - <td>A-33979145<br> + <td>A-33979145<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513">QC-CR#1105085</a></td> <td>高</td> <td>Nexus 5Xã€Android One</td> @@ -1752,26 +1362,25 @@ </tr> <tr> <td>CVE-2017-0523</td> - <td>A-32835279<br> + <td>A-32835279<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582">QC-CR#1096945</a></td> <td>高</td> <td>æ— *</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>* æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1785,20 +1394,19 @@ <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-qualcomm-ipa-driver">Qualcomm IPA 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm IPA 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1807,32 +1415,31 @@ </tr> <tr> <td>CVE-2017-0456</td> - <td>A-33106520*<br>QC-CR#1099598</td> + <td>A-33106520*<br />QC-CR#1099598</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 23 æ—¥</td> </tr> <tr> <td>CVE-2017-0525</td> - <td>A-33139056*<br>QC-CR#1097714</td> + <td>A-33139056*<br />QC-CR#1097714</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-htc-sensor-hub-driver">HTC ä¼ æ„Ÿå™¨ä¸æž¢é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´ž</h3> <p>HTC ä¼ æ„Ÿå™¨ä¸æž¢é©±åŠ¨ç¨‹åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1853,20 +1460,19 @@ <td>Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>NVIDIA GPU 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1875,26 +1481,25 @@ </tr> <tr> <td>CVE-2017-0307</td> - <td>A-33177895*<br>N-CVE-2017-0307</td> + <td>A-33177895*<br />N-CVE-2017-0307</td> <td>高</td> <td>æ— **</td> <td>2016 å¹´ 11 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="eop-in-qualcomm-networking-driver">Qualcomm 网络驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm 网络驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1903,7 +1508,7 @@ </tr> <tr> <td>CVE-2017-0463</td> - <td>A-33277611<br> + <td>A-33277611<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2">QC-CR#1101792</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> @@ -1911,25 +1516,24 @@ </tr> <tr> <td>CVE-2017-0460</td> - <td>A-31252965*<br>QC-CR#1098801</td> + <td>A-31252965*<br />QC-CR#1098801</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixelã€Pixel XL</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-kernel-security-subsystem">å†…æ ¸å®‰å…¨å系统ä¸çš„ææƒæ¼æ´ž</h3> <p>å†…æ ¸å®‰å…¨å系统ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用通过特许进程执行代ç 。由于该æ¼æ´žå…许全é¢æ·±å…¥åœ°ç»•è¿‡å†…æ ¸çº§é˜²æŠ¤æˆ–åˆ©ç”¨ç¼“è§£æŠ€æœ¯ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1943,20 +1547,19 @@ <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="eop-in-qualcomm-spcom-driver">Qualcomm SPCom 驱动程åºä¸çš„ææƒæ¼æ´ž</h3> <p>Qualcomm SPCom 驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -1965,7 +1568,7 @@ </tr> <tr> <td>CVE-2016-5856</td> - <td>A-32610665<br> + <td>A-32610665<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368">QC-CR#1094078</a></td> <td>高</td> <td>æ— *</td> @@ -1973,26 +1576,25 @@ </tr> <tr> <td>CVE-2016-5857</td> - <td>A-34386529<br> + <td>A-34386529<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5">QC-CR#1094140</a></td> <td>高</td> <td>æ— *</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>* æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="id-in-kernel-networking-subsystem">å†…æ ¸ç½‘ç»œå系统ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>å†…æ ¸ç½‘ç»œå系统ä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°é‚»è¿‘区域内的攻击者获å–æ•æ„Ÿä¿¡æ¯ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»è®¸å¯çš„情况下获å–æ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2001,25 +1603,24 @@ </tr> <tr> <td>CVE-2014-8709</td> - <td>A-34077221<br> + <td>A-34077221<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f">ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Nexus Player</td> <td>2014 å¹´ 11 月 9 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-driver">MediaTek 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>MediaTek 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2028,26 +1629,25 @@ </tr> <tr> <td>CVE-2017-0529</td> - <td>A-28449427*<br>M-ALPS02710042</td> + <td>A-28449427*<br />M-ALPS02710042</td> <td>高</td> <td>æ— **</td> <td>2016 å¹´ 4 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="id-in-qualcomm-bootloader">Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Qualcomm å¼•å¯¼åŠ è½½ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å¼•å¯¼åŠ è½½ç¨‹åºæ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žå…许全é¢æ·±å…¥åœ°ç»•è¿‡å¼•å¯¼åŠ 载程åºçº§é˜²æŠ¤æˆ–åˆ©ç”¨ç¼“è§£æŠ€æœ¯ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2056,25 +1656,24 @@ </tr> <tr> <td>CVE-2017-0455</td> - <td>A-32370952<br> + <td>A-32370952<br /> <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f">QC-CR#1082755</a></td> <td>高</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-power-driver">Qualcomm 电æºé©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Qualcomm 电æºé©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2083,25 +1682,24 @@ </tr> <tr> <td>CVE-2016-8483</td> - <td>A-33745862<br> + <td>A-33745862<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a">QC-CR#1035099</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 12 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>NVIDIA GPU 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žå¯ç”¨äºŽåœ¨æœªç»ç”¨æˆ·æ˜Žç¡®è®¸å¯çš„情况下获å–æ•æ„Ÿæ•°æ®ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2110,32 +1708,31 @@ </tr> <tr> <td>CVE-2017-0334</td> - <td>A-33245849*<br>N-CVE-2017-0334</td> + <td>A-33245849*<br />N-CVE-2017-0334</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 11 月 30 æ—¥</td> </tr> <tr> <td>CVE-2017-0336</td> - <td>A-33042679*<br>N-CVE-2017-0336</td> + <td>A-33042679*<br />N-CVE-2017-0336</td> <td>高</td> <td>Pixel C</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="dos-in-kernel-cryptographic-subsystem">å†…æ ¸åŠ å¯†å系统ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´ž</h3> <p>å†…æ ¸åŠ å¯†å系统ä¸çš„æ‹’ç»æœåŠ¡æ¼æ´žå¯è®©è¿œç¨‹æ”»å‡»è€…使用特制网络数æ®åŒ…起或é‡å¯è®¾å¤‡ã€‚由于该æ¼æ´žå¯ç”¨äºŽè¿œç¨‹å‘èµ·æ‹’ç»æœåŠ¡æ”»å‡»ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“高â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2144,25 +1741,24 @@ </tr> <tr> <td>CVE-2016-8650</td> - <td>A-33401771<br> + <td>A-33401771<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073">ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žï¼ˆå–决于具体设备)</h3> <p>Qualcomm 相机驱动程åºä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žéœ€è¦å…ˆç ´å特许进程,而且å¯ç”±å½“å‰å¹³å°é…ç½®ç¼“è§£ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2171,25 +1767,24 @@ </tr> <tr> <td>CVE-2016-8417</td> - <td>A-32342399<br> + <td>A-32342399<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0">QC-CR#1088824</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm WLAN 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Qualcomm WLAN 驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2198,7 +1793,7 @@ </tr> <tr> <td>CVE-2017-0461</td> - <td>A-32073794<br> + <td>A-32073794<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65">QC-CR#1100132</a></td> <td>ä¸</td> <td>Android Oneã€Nexus 5Xã€Pixelã€Pixel XL</td> @@ -2206,33 +1801,32 @@ </tr> <tr> <td>CVE-2017-0459</td> - <td>A-32644895<br> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7">QC-CR#1091939</a></td> + <td>A-32644895<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7">QC-CR#1091939</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 3 æ—¥</td> </tr> <tr> <td>CVE-2017-0531</td> - <td>A-32877245<br> + <td>A-32877245<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302">QC-CR#1087469</a></td> <td>ä¸</td> <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 13 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-video-codec-driver">MediaTek 视频编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>MediaTek 视频编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2241,26 +1835,25 @@ </tr> <tr> <td>CVE-2017-0532</td> - <td>A-32370398*<br>M-ALPS03069985</td> + <td>A-32370398*<br />M-ALPS03069985</td> <td>ä¸</td> <td>æ— **</td> <td>2016 å¹´ 10 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <p>** æè½½ Android 7.0(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> - <h3 id="id-in-qualcomm-video-driver">Qualcomm 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Qualcomm 视频驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2269,7 +1862,7 @@ </tr> <tr> <td>CVE-2017-0533</td> - <td>A-32509422<br> + <td>A-32509422<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> @@ -2277,7 +1870,7 @@ </tr> <tr> <td>CVE-2017-0534</td> - <td>A-32508732<br> + <td>A-32508732<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> @@ -2285,7 +1878,7 @@ </tr> <tr> <td>CVE-2016-8416</td> - <td>A-32510746<br> + <td>A-32510746<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> @@ -2293,25 +1886,24 @@ </tr> <tr> <td>CVE-2016-8478</td> - <td>A-32511270<br> + <td>A-32511270<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f">QC-CR#1088206</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 28 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-camera-driver">Qualcomm 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Qualcomm 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2320,7 +1912,7 @@ </tr> <tr> <td>CVE-2016-8413</td> - <td>A-32709702<br> + <td>A-32709702<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d">QC-CR#518731</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> @@ -2328,25 +1920,26 @@ </tr> <tr> <td>CVE-2016-8477</td> - <td>A-32720522<br> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508">QC-CR#1090007</a>[<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> + <td>A-32720522<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"> +QC-CR#1090007</a> +[<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 7 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-htc-sound-codec-driver">HTC 声音编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>HTC 声音编解ç 器驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2360,20 +1953,19 @@ <td>Nexus 9</td> <td>2016 å¹´ 12 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="id-in-synaptics-touchscreen-driver">Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Synaptics 触摸å±é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2387,20 +1979,19 @@ <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="id-in-kernel-usb-gadget-driver">å†…æ ¸ USB å°å·¥å…·é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>å†…æ ¸ USB å°å·¥å…·é©±åŠ¨ç¨‹åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“ä¸â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2414,20 +2005,19 @@ <td>Pixel C</td> <td>Google 内部</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> - <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´ž</h3> <p>Qualcomm 相机驱动程åºä¸çš„ä¿¡æ¯æŠ«éœ²æ¼æ´žå¯è®©æœ¬åœ°æ¶æ„应用获å–超出其æƒé™èŒƒå›´çš„æ•°æ®ã€‚由于该æ¼æ´žéœ€è¦å…ˆç ´åç‰¹è®¸è¿›ç¨‹ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“低â€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>å‚考信æ¯</th> <th>严é‡ç¨‹åº¦</th> @@ -2436,18 +2026,18 @@ </tr> <tr> <td>CVE-2017-0452</td> - <td>A-32873615*<br>QC-CR#1093693</td> + <td>A-32873615*<br />QC-CR#1093693</td> <td>低</td> <td>Nexus 5Xã€Nexus 6Pã€Android One</td> <td>2016 å¹´ 11 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 针对该问题的补ä¸ç¨‹åºæœªå…¬å¼€å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸åŒ…å«ç›¸åº”更新。</p> <h2 id="common-questions-and-answers">常è§é—®é¢˜å’Œè§£ç”</h2> <p>本部分针对阅读本公告åŽå¯èƒ½äº§ç”Ÿçš„常è§é—®é¢˜æ供了相应的解ç”。</p> <p><strong>1. 如何确定我的设备是å¦å·²æ›´æ–°åˆ°è§£å†³äº†è¿™äº›é—®é¢˜çš„版本? </strong></p> -<p>è¦äº†è§£å¦‚何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ï¼Œè¯·é˜…读 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>ä¸çš„说明。</p> +<p>è¦äº†è§£å¦‚何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ï¼Œè¯·é˜…读 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>ä¸çš„说明。</p> <ul> <li>2017-03-01(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«è§£å†³äº†ä¸Ž 2017-03-01 安全补ä¸ç¨‹åºçº§åˆ«ç›¸å…³çš„所有问题。</li> <li>2017-03-05(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«è§£å†³äº†ä¸Ž 2017-03-05 安全补ä¸ç¨‹åºçº§åˆ«ä»¥åŠä¹‹å‰çš„所有补ä¸ç¨‹åºçº§åˆ«ç›¸å…³çš„所有问题。 @@ -2466,16 +2056,16 @@ </ul> <p>我们建议åˆä½œä¼™ä¼´åœ¨ä¸€æ¬¡æ›´æ–°ä¸æ±‡æ€»è¦è§£å†³çš„所有问题的修å¤æ–¹æ¡ˆã€‚</p> <p><strong>3. 如何确定å„个问题都会影å“哪些 Google 设备?</strong></p> -<p>在 <a href="#2017-03-01-details">2017-03-01</a> å’Œ <a href="#2017-03-05-details">2017-03-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜æ›´æ–°è¿‡çš„å—å½±å“çš„ Google 设备系列。<em></em>æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> +<p>在 <a href="#2017-03-01-details">2017-03-01</a> å’Œ <a href="#2017-03-05-details">2017-03-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜è¿›è¡Œäº†æ›´æ–°çš„å—å½±å“ Google 设备系列。<em></em>æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> <ul> -<li><strong>所有 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus å’Œ Pixel 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰â€ã€‚<em></em>“所有â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">å—支æŒçš„设备</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> +<li><strong>所有 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus å’Œ Pixel 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰â€ã€‚<em></em>“所有â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">å—支æŒçš„设备</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> <li><strong>部分 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä»…会影å“部分 Google 设备,则“已更新的 Google 设备â€åˆ—ä¸ä¼šåˆ—出å—å½±å“çš„ Google 设备。<em></em></li> <li><strong>æ— Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¸ä¼šå½±å“任何è¿è¡Œ Android 7.0 çš„ Google 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ— â€ã€‚<em></em></li> </ul> <p><strong>4.“å‚考信æ¯â€åˆ—ä¸çš„æ¡ç›®å¯¹åº”的是什么内容?</strong></p> <p>æ¼æ´žè¯¦æƒ…表的“å‚考信æ¯â€åˆ—ä¸çš„æ¡ç›®å¯èƒ½åŒ…å«ç”¨äºŽæ ‡è¯†å‚考值所属组织的å‰ç¼€ã€‚<em></em>这些å‰ç¼€çš„å«ä¹‰å¦‚下:</p> <table> - <tr> + <tbody><tr> <th>å‰ç¼€</th> <th>å‚考信æ¯</th> </tr> @@ -2499,11 +2089,11 @@ <td>B-</td> <td>Broadcom å‚考编å·</td> </tr> -</table> +</tbody></table> <h2 id="revisions">修订版本</h2> <ul> <li>2017 å¹´ 3 月 6 日:å‘布了本公告。</li> <li>2017 å¹´ 3 月 7 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº† AOSP 链接。</li> </ul> -</body> -</html> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/bulletin/2017-04-01.html b/zh-cn/security/bulletin/2017-04-01.html index 83679e18..0284440c 100644 --- a/zh-cn/security/bulletin/2017-04-01.html +++ b/zh-cn/security/bulletin/2017-04-01.html @@ -19,11 +19,11 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>å‘布时间:2017 å¹´ 4 月 3 æ—¥ | 更新时间:2017 å¹´ 4 月 5 æ—¥</em></p> +<p><em>å‘布时间:2017 å¹´ 4 月 3 æ—¥ | 更新时间:2017 å¹´ 8 月 17 æ—¥</em></p> <p>Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚é™¤äº†å…¬å‘Šä¹‹å¤–ï¼Œæˆ‘ä»¬è¿˜é€šè¿‡æ— çº¿ä¸‹è½½ (OTA) æ›´æ–°çš„æ–¹å¼å‘布了针对 Nexus 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上å‘布了 Google è®¾å¤‡å›ºä»¶æ˜ åƒã€‚2017 å¹´ 4 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æ‰€æœ‰è¿™äº›é—®é¢˜ã€‚请å‚阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>,了解如何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ã€‚</p> <p>我们的åˆä½œä¼™ä¼´åœ¨ 2017 å¹´ 3 月 6 日(或之å‰ï¼‰å°±å·²æ”¶åˆ°æœ¬å…¬å‘Šä¸è¯´æ˜Žçš„这些问题的相关通知。我们已在 Android 开放æºä»£ç 项目 (AOSP) 代ç 库ä¸å‘布了针对相关问题的æºä»£ç è¡¥ä¸ç¨‹åºï¼Œå¹¶åœ¨æœ¬å…¬å‘Šä¸æ供了相应链接。本公告还æ供了 AOSP 之外的补ä¸ç¨‹åºçš„链接。</p> <p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œå®ƒå¯èƒ½ä¼šå¯¼è‡´åœ¨å¤„ç†åª’体文件的过程ä¸ï¼Œå¯é€šè¿‡ç”µå邮件ã€ç½‘页和彩信ç‰å¤šç§æ–¹å¼åœ¨å—å½±å“的设备上执行远程代ç 。<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被åœç”¨ï¼‰ã€‚</p> -<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> +<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google æœåŠ¡ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤åŠŸèƒ½</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能å¯æ高 Android å¹³å°çš„安全性。</p> <p>我们建议所有用户都在自己的设备上接å—这些更新。</p> <h2 id="announcements">公告</h2> @@ -52,9 +52,9 @@ <li>腾讯玄æ¦å®žéªŒå®¤çš„ Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>):CVE-2017-0585ã€CVE-2017-0553</li> <li><a href="mailto:derrek.haxx@gmail.com">Derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) å’Œ Scott Bauer:CVE-2017-0576</li> <li>Project Zero çš„ Gal Beniamini:CVE-2017-0571ã€CVE-2017-0570ã€CVE-2017-0572ã€CVE-2017-0569ã€CVE-2017-0561</li> - <li>奇虎 360 科技有é™å…¬å¸ IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf </a>:CVE-2017-6426ã€CVE-2017-0581ã€CVE-2017-0329ã€CVE-2017-0332ã€CVE-2017-0566</li> + <li>奇虎 360 科技有é™å…¬å¸ IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf </a>:CVE-2017-6426ã€CVE-2017-0581ã€CVE-2017-0329ã€CVE-2017-0332ã€CVE-2017-0566ã€CVE-2017-0573</li> <li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的龚广 (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2017-0547</li> - <li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的 Hao Chen å’Œ Guang Gong:CVE-2017-6424ã€CVE-2017-0584ã€CVE-2017-0454ã€CVE-2017-0575ã€CVE-2017-0567</li> + <li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的 Hao Chen 和龚广:CVE-2017-6424ã€CVE-2017-0584ã€CVE-2017-0454ã€CVE-2017-0574ã€CVE-2017-0575ã€CVE-2017-0567</li> <li>Ian Foster (<a href="https://twitter.com/lanrat">@lanrat</a>):CVE-2017-0554</li> <li>趋势科技的 Jack Tang:CVE-2017-0579</li> <li><a href="https://skyeye.360safe.com">奇虎 360 天眼实验室</a>çš„ Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>):CVE-2017-0559ã€CVE-2017-0541</li> @@ -64,16 +64,15 @@ <li>特斯拉产å“安全团队的 Mike Anderson (<a href="https://twitter.com/manderbot">@manderbot</a>) å’Œ Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0327ã€CVE-2017-0328</li> <li>阿里巴巴移动安全团队的 Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yangã€å’Œ Yang song:CVE-2017-0565</li> <li>百度安全实验室的ä¸é¹é£žã€åŒ…沉浮和韦韬:CVE-2016-10236</li> - <li>腾讯科æ©å®žéªŒå®¤çš„何淇丹 (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0544ã€CVE-2016-10231ã€CVE-2017-0325</li> + <li>腾讯科æ©å®žéªŒå®¤çš„何淇丹 (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0544ã€CVE-2017-0325</li> <li>HCL ç§‘æŠ€å…¬å¸ Aleph ç ”ç©¶å›¢é˜Ÿçš„ Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>):CVE-2017-0582ã€CVE-2017-0563</li> <li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0562ã€CVE-2017-0339</li> - <li>趋势科技移动å¨èƒç ”究团队的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0578</li> + <li>趋势科技移动å¨èƒç ”究团队的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2016-10231ã€CVE-2017-0578ã€CVE-2017-0586</li> <li>Tim Becker:CVE-2017-0546</li> <li>Uma Sankar Pradhan (<a href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>):CVE-2017-0560</li> - <li><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">移动å¨èƒå“应团队</a>çš„ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0555ã€CVE-2017-0538ã€CVE-2017-0539ã€CVE-2017-0540ã€CVE-2017-0557ã€CVE-2017-0556</li> + <li><a href="http://www.trendmicro.com">趋势科技</a>çš„<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">移动å¨èƒå“应团队</a>çš„ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0555ã€CVE-2017-0538ã€CVE-2017-0539ã€CVE-2017-0557ã€CVE-2017-0556</li> <li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2017-0549</li> - <li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的 Wenlin Yang (<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)ã€Guang Gong (<a href="https://twitter.com/oldfresher">@oldfresher</a>) å’Œ Hao Chen:CVE-2017-0580ã€CVE-2017-0577</li> - <li>奇虎 360 科技有é™å…¬å¸ IceSword 实验室的 Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>):CVE-2017-0586</li> + <li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的 Wenlin Yang (<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)ã€é¾šå¹¿ (<a href="https://twitter.com/oldfresher">@oldfresher</a>) å’Œ Hao Chen:CVE-2017-0580ã€CVE-2017-0577</li> <li>奇虎 360 科技有é™å…¬å¸æˆéƒ½å®‰å…¨å“应ä¸å¿ƒçš„ <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>:CVE-2017-0548</li> <li>Google çš„ Zubin Mithra:CVE-2017-0462</li> </ul> @@ -116,14 +115,6 @@ <td>2016 å¹´ 12 月 23 æ—¥</td> </tr> <tr> - <td>CVE-2017-0540</td> - <td><a href="https://android.googlesource.com/platform/external/libhevc/+/01ca88bb6c5bdd44e071f8effebe12f1d7da9853">A-33966031</a></td> - <td>严é‡</td> - <td>所有</td> - <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> - <td>2016 å¹´ 12 月 29 æ—¥</td> - </tr> - <tr> <td>CVE-2017-0541</td> <td><a href="https://android.googlesource.com/platform/external/sonivox/+/56d153259cc3e16a6a0014199a2317dde333c978">A-34031018</a></td> <td>严é‡</td> @@ -325,7 +316,8 @@ </tr> <tr> <td>CVE-2017-0551</td> - <td><a href="https://android.googlesource.com/platform/external/libavc/+/8b5fd8f24eba5dd19ab2f80ea11a9125aa882ae2">A-34097231</a> [<a href="https://android.googlesource.com/platform/external/libavc/+/494561291a503840f385fbcd11d9bc5f4dc502b8">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/8b5fd8f24eba5dd19ab2f80ea11a9125aa882ae2">A-34097231</a> + [<a href="https://android.googlesource.com/platform/external/libavc/+/494561291a503840f385fbcd11d9bc5f4dc502b8">2</a>]</td> <td>高</td> <td>所有</td> <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -389,7 +381,8 @@ </tr> <tr> <td>CVE-2017-0554</td> - <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/aeb795ef2290af1a0e4b14909363bc574e6b3ee7">A-33815946</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/3294256ba5b9e2ba2d8619d617e3d900e5386564">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/aeb795ef2290af1a0e4b14909363bc574e6b3ee7">A-33815946</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/3294256ba5b9e2ba2d8619d617e3d900e5386564">2</a>]</td> <td>ä¸</td> <td>所有</td> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> @@ -1175,7 +1168,9 @@ <tr> <td>CVE-2016-10232</td> <td>A-34386696<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=21e0ead58e47798567d846b84f16f89cf69a57ae">QC-CR#1024872</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=27f7b3b3059f6181e2786f886f4cd92f413bc30c">[2]</a></td> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=21e0ead58e47798567d846b84f16f89cf69a57ae"> +QC-CR#1024872</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=27f7b3b3059f6181e2786f886f4cd92f413bc30c"> +[2]</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XLã€Android One</td> <td>2017 å¹´ 1 月 10 æ—¥</td> @@ -1328,7 +1323,7 @@ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121">ä¸Šæ¸¸å†…æ ¸</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XLã€Pixel Cã€Android Oneã€Nexus Player</td> - <td>Google 内部</td> + <td>2014 å¹´ 10 月 24 æ—¥</td> </tr> </tbody></table> @@ -1377,7 +1372,9 @@ <tr> <td>CVE-2014-3145</td> <td>A-34469585<br /> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=314760e66c35c8ffa51b4c4ca6948d207e783079">ä¸Šæ¸¸å†…æ ¸</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3">[2]</a></td> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=314760e66c35c8ffa51b4c4ca6948d207e783079"> +ä¸Šæ¸¸å†…æ ¸</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"> +[2]</a></td> <td>高</td> <td>Nexus 6ã€Nexus Player</td> <td>2014 å¹´ 5 月 9 æ—¥</td> @@ -1403,7 +1400,11 @@ <tr> <td>CVE-2016-5349</td> <td>A-29083830<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=7c3bf6557c62d904b15507eb451fda8fd7ef750c">QC-CR#1021945</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=03853a58952834ac3e1e3007c9c680dd4c001a2f">[2]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e3d969000fb60ecb9bc01667fa89957f67763514">[3]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=9bd398661cae758ffc557adc7de74ba32654e1f9">[4]</a></td> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=7c3bf6557c62d904b15507eb451fda8fd7ef750c"> +QC-CR#1021945</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=03853a58952834ac3e1e3007c9c680dd4c001a2f"> +[2]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e3d969000fb60ecb9bc01667fa89957f67763514"> +[3]</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=9bd398661cae758ffc557adc7de74ba32654e1f9"> +[4]</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XLã€Android One</td> <td>2016 å¹´ 6 月 1 æ—¥</td> @@ -1429,7 +1430,9 @@ <tr> <td>CVE-2016-10234</td> <td>A-34390017<br /> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=c7d7492c1e329fdeb28a7901c4cd634d41a996b1">QC-CR#1069060</a> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=d12370c7f3ecded1867fbd6b70ded35db55cab1d">[2]</a></td> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=c7d7492c1e329fdeb28a7901c4cd634d41a996b1"> +QC-CR#1069060</a> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=d12370c7f3ecded1867fbd6b70ded35db55cab1d"> +[2]</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2017 å¹´ 1 月 10 æ—¥</td> @@ -1879,119 +1882,119 @@ </tr> <tr> <td>CVE-2014-9931</td> - <td>A-35445101**<br />QC-CR#612410</td> + <td>A-35445101**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2014-9932</td> - <td>A-35434683**<br />QC-CR#626734</td> + <td>A-35434683**</td> <td>严é‡</td> <td>Pixelã€Pixel XL</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2014-9933</td> - <td>A-35442512<br />QC-CR#675463</td> + <td>A-35442512**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2014-9934</td> - <td>A-35439275**<br />QC-CR#658249</td> + <td>A-35439275**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2014-9935</td> - <td>A-35444951**<br />QC-CR#717626</td> + <td>A-35444951**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2014-9936</td> - <td>A-35442420**<br />QC-CR#727389</td> + <td>A-35442420**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2014-9937</td> - <td>A-35445102**<br />QC-CR#734095</td> + <td>A-35445102**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-8995</td> - <td>A-35445002**<br />QC-CR#733690</td> + <td>A-35445002**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-8996</td> - <td>A-35444658**<br />QC-CR#734698</td> + <td>A-35444658**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-8997</td> - <td>A-35432947**<br />QC-CR#734707</td> + <td>A-35432947**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-8998</td> - <td>A-35441175**<br />QC-CR#735337</td> + <td>A-35441175**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-8999</td> - <td>A-35445401**<br />QC-CR#736119</td> + <td>A-35445401**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-9000</td> - <td>A-35441076**<br />QC-CR#740632</td> + <td>A-35441076**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-9001</td> - <td>A-35445400**<br />QC-CR#736083</td> + <td>A-35445400**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-9002</td> - <td>A-35442421**<br />QC-CR#748428</td> + <td>A-35442421**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2015-9003</td> - <td>A-35440626**<br />QC-CR#749215</td> + <td>A-35440626**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> </tr> <tr> <td>CVE-2016-10242</td> - <td>A-35434643**<br />QC-CR#985139</td> + <td>A-35434643**</td> <td>严é‡</td> <td>æ— **</td> <td>Qualcomm 内部</td> @@ -2023,11 +2026,11 @@ </ul> <p>我们建议åˆä½œä¼™ä¼´åœ¨ä¸€æ¬¡æ›´æ–°ä¸æ±‡æ€»è¦è§£å†³çš„所有问题的修å¤æ–¹æ¡ˆã€‚</p> <p><strong>3. 如何确定å„个问题都会影å“哪些 Google 设备?</strong></p> -<p>在 <a href="#2017-04-01-details">2017-04-01</a> å’Œ <a href="#2017-04-05-details">2017-04-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜æ›´æ–°è¿‡çš„å—å½±å“çš„ Google 设备系列。<em></em>æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> +<p>在 <a href="#2017-04-01-details">2017-04-01</a> å’Œ <a href="#2017-04-05-details">2017-04-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜è¿›è¡Œäº†æ›´æ–°çš„å—å½±å“ Google 设备系列。<em></em>æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> <ul> - <li><strong>所有 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus å’Œ Pixel 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰â€ã€‚<em></em>“所有â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">å—支æŒçš„设备</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> + <li><strong>所有 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus å’Œ Pixel 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰â€ã€‚<em></em>“所有â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">å—支æŒçš„设备</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> <li><strong>部分 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä»…会影å“部分 Google 设备,则“已更新的 Google 设备â€åˆ—ä¸ä¼šåˆ—出å—å½±å“çš„ Google 设备。<em></em></li> - <li><strong>æ— Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¸ä¼šå½±å“任何è¿è¡Œ Android 7.0 çš„ Google è®¾å¤‡ï¼Œåˆ™ç›¸åº”è¡¨æ ¼çš„â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ— â€ã€‚<em></em></li> + <li><strong>æ— Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¸ä¼šå½±å“任何è¿è¡Œ Android 7.0 çš„ Google 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ— â€ã€‚<em></em></li> </ul> <p><strong>4.“å‚考信æ¯â€åˆ—ä¸çš„æ¡ç›®å¯¹åº”的是什么内容?</strong></p> <p>æ¼æ´žè¯¦æƒ…表的“å‚考信æ¯â€åˆ—ä¸çš„æ¡ç›®å¯èƒ½åŒ…å«ç”¨äºŽæ ‡è¯†å‚考值所属组织的å‰ç¼€ã€‚<em></em>这些å‰ç¼€çš„å«ä¹‰å¦‚下:</p> @@ -2061,7 +2064,10 @@ <h2 id="revisions">修订版本</h2> <ul> <li>2017 å¹´ 4 月 3 日:å‘布了本公告。</li> - <li>2017 å¹´ 4 月 5 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº† AOSP 链接。</li> + <li>2017 å¹´ 4 月 5 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº†å¤šä¸ª AOSP 链接。</li> + <li>2017 å¹´ 4 月 21 日:更æ£äº† CVE-2016-10231 å’Œ CVE-2017-0586 的致谢信æ¯ã€‚</li> + <li>2017 å¹´ 4 月 27 日:从本公告ä¸ç§»é™¤äº† CVE-2017-0540。</li> + <li>2017 å¹´ 8月 17 日:修订了本公告,更新了å‚考编å·ã€‚</li> </ul> </body></html>
\ No newline at end of file diff --git a/zh-cn/security/bulletin/2017-05-01.html b/zh-cn/security/bulletin/2017-05-01.html index 5480e546..09b599ba 100644 --- a/zh-cn/security/bulletin/2017-05-01.html +++ b/zh-cn/security/bulletin/2017-05-01.html @@ -20,7 +20,7 @@ limitations under the License. --> -<p><em>å‘布时间:2017 å¹´ 5 月 1 æ—¥ | 更新时间:2017 å¹´ 8 月 17 æ—¥</em></p> +<p><em>å‘布时间:2017 å¹´ 5 月 1 æ—¥ | 更新时间:2017 å¹´ 10 月 3 æ—¥</em></p> <p>Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚é™¤äº†å…¬å‘Šä¹‹å¤–ï¼Œæˆ‘ä»¬è¿˜é€šè¿‡æ— çº¿ä¸‹è½½ (OTA) æ›´æ–°çš„æ–¹å¼å‘布了针对 Nexus 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上å‘布了 Google è®¾å¤‡å›ºä»¶æ˜ åƒã€‚2017 å¹´ 5 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æ‰€æœ‰è¿™äº›é—®é¢˜ã€‚请å‚阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>,了解如何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ã€‚</p> @@ -63,7 +63,8 @@ <li><a href="https://twrp.me/">Team Win Recovery Project</a> çš„ Ethan Yonker:CVE-2017-0493</li> <li>奇虎 360 科技有é™å…¬å¸ IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-10285ã€CVE-2016-10288ã€CVE-2016-10290ã€CVE-2017-0624ã€CVE-2017-0616ã€CVE-2017-0617ã€CVE-2016-10294ã€CVE-2016-10295ã€CVE-2016-10296</li> <li>腾讯电脑管家的郑文选 (<a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>):CVE-2017-0602</li> -<li><a href="http://tuncay2.web.engr.illinois.edu">伊利诺伊大å¦åŽ„巴纳-尚佩æ©åˆ†æ ¡</a>çš„ <a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz Seray Tuncay</a>:CVE-2017-0593</li> +<li><a href="http://tuncay2.web.engr.illinois.edu">伊利诺伊大å¦åŽ„巴纳-尚佩æ©åˆ†æ ¡</a>çš„ <a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz +Seray Tuncay</a>:CVE-2017-0593</li> <li>奇虎 360 科技有é™å…¬å¸ Alpha 团队的 Hao Chen å’Œ Guang Gong:CVE-2016-10283</li> <li>å°ç±³å…¬å¸çš„ Juhu Nieã€Yang Chengã€Nan Li å’Œ Qiwu Huang:CVE-2016-10276</li> <li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>:CVE-2017-0598</li> @@ -280,8 +281,7 @@ </tr> <tr> <td>CVE-2017-0598</td> - <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> - [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> <td>高</td> <td>所有</td> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1ã€7.1.2</td> @@ -376,9 +376,7 @@ </tr> <tr> <td>CVE-2017-0493</td> - <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> - [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>] - [<a href="https://android.googlesource.com/platform/frameworks/base/+/58552f814a03d978b4a6507f3c16f71964f9b28f">3</a>]</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>] [<a href="https://android.googlesource.com/platform/frameworks/base/+/58552f814a03d978b4a6507f3c16f71964f9b28f">3</a>]</td> <td>ä¸</td> <td>所有</td> <td>7.0ã€7.1.1</td> @@ -713,33 +711,6 @@ <p>* æè½½ Android 7.1.1(或更高版本)且已安装所有å¯ç”¨æ›´æ–°çš„å—支æŒçš„ Google 设备ä¸å—æ¤æ¼æ´žçš„å½±å“。</p> -<h3 id="eop-in-kernel-trace-subsystem">å†…æ ¸è·Ÿè¸ªå系统ä¸çš„ææƒæ¼æ´ž</h3> - -<p>å†…æ ¸è·Ÿè¸ªå系统ä¸çš„ææƒæ¼æ´žå¯è®©æœ¬åœ°æ¶æ„åº”ç”¨é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。由于该æ¼æ´žæœ‰å¯èƒ½ä¼šå¯¹æœ¬åœ°è®¾å¤‡é€ æˆæ°¸ä¹…性æŸå®³ï¼Œè€Œç”¨æˆ·å¯èƒ½éœ€è¦é€šè¿‡é‡å†™æ“作系统æ¥ä¿®å¤è®¾å¤‡ï¼Œå› æ¤æˆ‘们将其严é‡ç¨‹åº¦è¯„为“严é‡â€ã€‚</p> - -<table> - <colgroup><col width="19%" /> - <col width="20%" /> - <col width="10%" /> - <col width="23%" /> - <col width="17%" /> - </colgroup><tbody><tr> - <th>CVE</th> - <th>å‚考信æ¯</th> - <th>严é‡ç¨‹åº¦</th> - <th>已更新的 Google 设备</th> - <th>报告日期</th> - </tr> - <tr> - <td>CVE-2017-0605</td> - <td>A-35399704<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477">QC-CR#1048480</a></td> - <td>严é‡</td> - <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XLã€Pixel Cã€Android Oneã€Nexus Player</td> - <td>2017 å¹´ 2 月 15 æ—¥</td> - </tr> -</tbody></table> - <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 组件ä¸çš„æ¼æ´ž</h3> <p>下列æ¼æ´žä¼šå½±å“ Qualcomm 组件;æ¤å¤–,2016 å¹´ 8 月ã€9 月ã€10 月和 12 月的 Qualcomm AMSS 安全公告也对这些安全æ¼æ´žè¿›è¡Œäº†è¯¦ç»†è¯´æ˜Žã€‚</p> @@ -1555,9 +1526,7 @@ <tr> <td>CVE-2017-7184</td> <td>A-36565222<br /> - <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> -ä¸Šæ¸¸å†…æ ¸</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> -[2]</a></td> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a">ä¸Šæ¸¸å†…æ ¸</a><a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> [2]</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XLã€Android One</td> <td>2017 å¹´ 3 月 23 æ—¥</td> @@ -1954,9 +1923,7 @@ <tr> <td>CVE-2016-5858</td> <td>A-35400153<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> -QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> -[2]</a></td> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711">QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6">[2]</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XLã€Android One</td> <td>2017 å¹´ 2 月 15 æ—¥</td> @@ -2363,7 +2330,7 @@ QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.1 <p><strong>3. 如何确定å„个问题都会影å“哪些 Google 设备?</strong></p> -<p>在 <a href="#2017-05-01-details">2017-05-01</a> å’Œ <a href="#2017-05-05-details">2017-05-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€<em></em>列,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜æ›´æ–°è¿‡çš„å—å½±å“çš„ Google 设备系列。æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> +<p>在 <a href="#2017-05-01-details">2017-05-01</a> å’Œ <a href="#2017-05-05-details">2017-05-05</a> 安全æ¼æ´žè¯¦æƒ…部分,æ¯ä¸ªè¡¨å‡åŒ…å«â€œå·²æ›´æ–°çš„ Google 设备â€åˆ—,其ä¸åˆ—出了已针对æ¯ä¸ªé—®é¢˜æ›´æ–°è¿‡çš„å—å½±å“çš„ Google 设备系列。<em></em>æ¤åˆ—æœ‰ä»¥ä¸‹å‡ ç§æƒ…形:</p> <ul> <li><strong>所有 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä¼šå½±å“所有 Nexus å’Œ Pixel 设备,则相应表的“已更新的 Google 设备â€åˆ—ä¸ä¼šæ˜¾ç¤ºâ€œæ‰€æœ‰â€ã€‚<em></em>“所有â€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">å—支æŒçš„设备</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> <li><strong>部分 Google 设备</strong>:如果æŸä¸ªé—®é¢˜ä»…会影å“部分 Google 设备,则“已更新的 Google 设备â€åˆ—ä¸ä¼šåˆ—出å—å½±å“çš„ Google 设备。<em></em></li> @@ -2404,7 +2371,8 @@ QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.1 <li>2017 å¹´ 5 月 1 日:å‘布了本公告。</li> <li>2017 å¹´ 5 月 2 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº† AOSP 链接。</li> <li>2017 å¹´ 8 月 10 æ—¥ï¼šä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº†å…³äºŽ CVE-2017-0493 çš„é™„åŠ AOSP 链接。</li> -<li>2017 å¹´ 8月 17 日:修订了本公告,更新了å‚考编å·ã€‚</li> +<li>2017 å¹´ 8 月 17 日:修订了本公告,更新了å‚考编å·ã€‚</li> +<li>2017 å¹´ 10 月 3 日:修订了本公告,移除了 CVE-2017-0605。</li> </ul> </body></html>
\ No newline at end of file diff --git a/zh-cn/security/bulletin/2017-06-01.html b/zh-cn/security/bulletin/2017-06-01.html index 026af023..52a287b4 100644 --- a/zh-cn/security/bulletin/2017-06-01.html +++ b/zh-cn/security/bulletin/2017-06-01.html @@ -19,7 +19,7 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>å‘布时间:2017 å¹´ 6 月 5 æ—¥ | 更新时间:2017 å¹´ 6 月 7 æ—¥</em></p> +<p><em>å‘布时间:2017 å¹´ 6 月 5 æ—¥ | 更新时间:2017 å¹´ 8 月 17 æ—¥</em></p> <p>Android 安全公告详细介ç»äº†ä¼šå½±å“ Android 设备的安全æ¼æ´žã€‚2017 å¹´ 6 月 5 日(或之åŽï¼‰çš„安全补ä¸ç¨‹åºçº§åˆ«å‡å·²è§£å†³æ‰€æœ‰è¿™äº›é—®é¢˜ã€‚请å‚阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新时间表</a>,了解如何检查设备的安全补ä¸ç¨‹åºçº§åˆ«ã€‚</p> @@ -27,11 +27,11 @@ <p>这些问题ä¸å±é™©æ€§æœ€é«˜çš„是媒体框架ä¸çš„一个严é‡ç¨‹åº¦ä¸ºâ€œä¸¥é‡â€çš„安全æ¼æ´žï¼Œåœ¨ç³»ç»Ÿå¤„ç†æ–‡ä»¶å’Œæ•°æ®æ—¶ï¼Œè¯¥æ¼æ´žå¯è®©è¿œç¨‹æ”»å‡»è€…ä½¿ç”¨ç‰¹åˆ¶æ–‡ä»¶ç ´å内å˜ã€‚<a href="/security/overview/updates-resources.html#severity">严é‡ç¨‹åº¦è¯„ä¼°</a>çš„ä¾æ®æ˜¯æ¼æ´žè¢«åˆ©ç”¨åŽå¯èƒ½ä¼šå¯¹å—å½±å“è®¾å¤‡é€ æˆçš„å½±å“大å°ï¼ˆå‡è®¾ç›¸å…³å¹³å°å’ŒæœåŠ¡ç¼“解措施被æˆåŠŸè§„é¿æˆ–出于开å‘目的而被关é—)。</p> -<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google Play ä¿æŠ¤æœºåˆ¶ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤åŠŸèƒ½</a>å’Œ <a href="https://www.android.com/play-protect">Google Play ä¿æŠ¤æœºåˆ¶</a>;这些功能å¯æ高 Android å¹³å°çš„安全性。</p> +<p>æˆ‘ä»¬å°šæœªæ”¶åˆ°ç”¨æˆ·å› è¿™äº›æ–°æŠ¥å‘Šçš„é—®é¢˜è€Œé到主动攻击或这些问题é到滥用的报告。请å‚阅 <a href="#mitigations">Android å’Œ Google Play ä¿æŠ¤æœºåˆ¶ç¼“解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平å°é˜²æŠ¤åŠŸèƒ½</a>å’Œ <a href="https://www.android.com/play-protect">Google Play ä¿æŠ¤æœºåˆ¶</a>;它们å¯æ高 Android å¹³å°çš„安全性。</p> <p>我们建议所有用户都在自己的设备上接å—这些更新。</p> -<p class="note"><strong>注æ„</strong>ï¼šå¦‚éœ€äº†è§£ä¸Žæœ€æ–°çš„æ— çº¿æ›´æ–° (OTA) 和适用于 Google è®¾å¤‡çš„å›ºä»¶æ˜ åƒæœ‰å…³çš„ä¿¡æ¯ï¼Œè¯·å‚阅 <a href="#google-device-updates">Google 设备更新</a>部分。</p> +<p class="note"><strong>注æ„</strong>ï¼šå¦‚éœ€äº†è§£ä¸Žæœ€æ–°çš„æ— çº¿ä¸‹è½½æ›´æ–° (OTA) 和适用于 Google è®¾å¤‡çš„å›ºä»¶æ˜ åƒæœ‰å…³çš„ä¿¡æ¯ï¼Œè¯·å‚阅 <a href="#google-device-updates">Google 设备更新</a>部分。</p> <h2 id="announcements">公告</h2> <ul> @@ -48,7 +48,7 @@ <p>本部分总结了 <a href="/security/enhancements/index.html">Android 安全平å°</a>å’ŒæœåŠ¡é˜²æŠ¤åŠŸèƒ½ï¼ˆå¦‚ <a href="https://www.android.com/play-protect">Google Play ä¿æŠ¤æœºåˆ¶</a>)æ供的缓解措施。这些功能å¯é™ä½Ž Android 上的安全æ¼æ´žè¢«æˆåŠŸåˆ©ç”¨çš„å¯èƒ½æ€§ã€‚</p> <ul> <li>新版 Android å¹³å°ä¸çš„å¢žå¼ºåŠŸèƒ½è®©æ”»å‡»è€…æ›´åŠ éš¾ä»¥åˆ©ç”¨ Android 上å˜åœ¨çš„许多问题。我们建议所有用户都尽å¯èƒ½æ›´æ–°åˆ°æœ€æ–°ç‰ˆ Android。</li> - <li>Android 安全团队会积æžåˆ©ç”¨ <a href="https://www.android.com/play-protect">Google Play ä¿æŠ¤æœºåˆ¶</a>æ¥ç›‘控滥用行为,并在å‘现<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„应用</a>æ—¶å‘用户å‘出è¦å‘Šã€‚在预装有 <a href="http://www.android.com/gms">Google 移动æœåŠ¡</a>的设备上,Google Play ä¿æŠ¤æœºåˆ¶åœ¨é»˜è®¤æƒ…况下处于å¯ç”¨çŠ¶æ€ã€‚对于安装æ¥è‡ª Google Play 以外的应用的用户æ¥è¯´ï¼Œè¿™é¡¹åŠŸèƒ½å°¤ä¸ºé‡è¦ã€‚</li> + <li>Android 安全团队会积æžåˆ©ç”¨ <a href="https://www.android.com/play-protect">Google Play ä¿æŠ¤æœºåˆ¶</a>æ¥ç›‘控滥用行为,并会在å‘现<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„应用</a>æ—¶å‘用户å‘出è¦å‘Šã€‚在预装有 <a href="http://www.android.com/gms">Google 移动æœåŠ¡</a>的设备上,Google Play ä¿æŠ¤æœºåˆ¶åœ¨é»˜è®¤æƒ…况下处于å¯ç”¨çŠ¶æ€ã€‚对于安装æ¥è‡ª Google Play 以外的应用的用户æ¥è¯´ï¼Œè¿™é¡¹åŠŸèƒ½å°¤ä¸ºé‡è¦ã€‚</li> </ul> <h2 id="2017-06-01-details">2017-06-01 安全补ä¸ç¨‹åºçº§åˆ« - æ¼æ´žè¯¦æƒ…</h2> @@ -392,6 +392,14 @@ <td>ä¸</td> <td>声音驱动程åº</td> </tr> + <tr> + <td>CVE-2017-6249</td> + <td>A-34373711<a href="#asterisk">*</a><br /> + N-CVE-2017-6249</td> + <td>EoP</td> + <td>ä¸</td> + <td>声音驱动程åº</td> + </tr> </tbody></table> <h3 id="qualcomm-components">Qualcomm 组件</h3> <p>这一部分ä¸æœ€ä¸¥é‡çš„æ¼æ´žå¯è®©é‚»è¿‘åŒºåŸŸå†…çš„æ”»å‡»è€…é€šè¿‡å†…æ ¸æ‰§è¡Œä»»æ„代ç 。</p> @@ -561,7 +569,7 @@ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6a3b8afdf97e77c0b64005b23fa6d32025d922e5">QC-CR#2009231</a></td> <td>EoP</td> <td>ä¸</td> - <td>安全执行环境通讯驱动程åº</td> + <td>安全执行环境通讯器驱动程åº</td> </tr> <tr> <td>CVE-2017-8239</td> @@ -630,403 +638,351 @@ </tr> <tr> <td>CVE-2014-9960</td> - <td>A-37280308<a href="#asterisk">*</a><br /> - QC-CR#381837</td> - <td>N/A</td> + <td>A-37280308<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9961</td> - <td>A-37279724<a href="#asterisk">*</a><br /> - QC-CR#581093</td> - <td>N/A</td> + <td>A-37279724<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9953</td> - <td>A-36714770<a href="#asterisk">*</a><br /> - QC-CR#642173</td> - <td>N/A</td> + <td>A-36714770<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9967</td> - <td>A-37281466<a href="#asterisk">*</a><br /> - QC-CR#739110</td> - <td>N/A</td> + <td>A-37281466<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9026</td> - <td>A-37277231<a href="#asterisk">*</a><br /> - QC-CR#748397</td> - <td>N/A</td> + <td>A-37277231<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9027</td> - <td>A-37279124<a href="#asterisk">*</a><br /> - QC-CR#748407</td> - <td>N/A</td> + <td>A-37279124<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9008</td> - <td>A-36384689<a href="#asterisk">*</a><br /> - QC-CR#762111</td> - <td>N/A</td> + <td>A-36384689<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9009</td> - <td>A-36393600<a href="#asterisk">*</a><br /> - QC-CR#762182</td> - <td>N/A</td> + <td>A-36393600<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9010</td> - <td>A-36393101<a href="#asterisk">*</a><br /> - QC-CR#758752</td> - <td>N/A</td> + <td>A-36393101<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9011</td> - <td>A-36714882<a href="#asterisk">*</a><br /> - QC-CR#762167</td> - <td>N/A</td> + <td>A-36714882<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9024</td> - <td>A-37265657<a href="#asterisk">*</a><br /> - QC-CR#740680</td> - <td>N/A</td> + <td>A-37265657<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9012</td> - <td>A-36384691<a href="#asterisk">*</a><br /> - QC-CR#746617</td> - <td>N/A</td> + <td>A-36384691<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9013</td> - <td>A-36393251<a href="#asterisk">*</a><br /> - QC-CR#814373</td> - <td>N/A</td> + <td>A-36393251<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9014</td> - <td>A-36393750<a href="#asterisk">*</a><br /> - QC-CR#855220</td> - <td>N/A</td> + <td>A-36393750<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9015</td> - <td>A-36714120<a href="#asterisk">*</a><br /> - QC-CR#701858</td> - <td>N/A</td> + <td>A-36714120<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9029</td> - <td>A-37276981<a href="#asterisk">*</a><br /> - QC-CR#827837</td> - <td>N/A</td> + <td>A-37276981<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10338</td> - <td>A-37277738<a href="#asterisk">*</a><br /> - QC-CR#987699</td> - <td>N/A</td> + <td>A-37277738<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10336</td> - <td>A-37278436<a href="#asterisk">*</a><br /> - QC-CR#973605</td> - <td>N/A</td> + <td>A-37278436<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10333</td> - <td>A-37280574<a href="#asterisk">*</a><br /> - QC-CR#947438</td> - <td>N/A</td> + <td>A-37280574<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10341</td> - <td>A-37281667<a href="#asterisk">*</a><br /> - QC-CR#991476</td> - <td>N/A</td> + <td>A-37281667<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10335</td> - <td>A-37282802<a href="#asterisk">*</a><br /> - QC-CR#961142</td> - <td>N/A</td> + <td>A-37282802<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10340</td> - <td>A-37280614<a href="#asterisk">*</a><br /> - QC-CR#989028</td> - <td>N/A</td> + <td>A-37280614<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10334</td> - <td>A-37280664<a href="#asterisk">*</a><br /> - QC-CR#949933</td> - <td>N/A</td> + <td>A-37280664<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10339</td> - <td>A-37280575<a href="#asterisk">*</a><br /> - QC-CR#988502</td> - <td>N/A</td> + <td>A-37280575<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10298</td> - <td>A-36393252<a href="#asterisk">*</a><br /> - QC-CR#1020465</td> - <td>N/A</td> + <td>A-36393252<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10299</td> - <td>A-32577244<a href="#asterisk">*</a><br /> - QC-CR#1058511</td> - <td>N/A</td> + <td>A-32577244<a href="#asterisk">*</a></td> + <td>æ— </td> <td>严é‡</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9954</td> - <td>A-36388559<a href="#asterisk">*</a><br /> - QC-CR#552880</td> - <td>N/A</td> + <td>A-36388559<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9955</td> - <td>A-36384686<a href="#asterisk">*</a><br /> - QC-CR#622701</td> - <td>N/A</td> + <td>A-36384686<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9956</td> - <td>A-36389611<a href="#asterisk">*</a><br /> - QC-CR#638127</td> - <td>N/A</td> + <td>A-36389611<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9957</td> - <td>A-36387564<a href="#asterisk">*</a><br /> - QC-CR#638984</td> - <td>N/A</td> + <td>A-36387564<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9958</td> - <td>A-36384774<a href="#asterisk">*</a><br /> - QC-CR#638135</td> - <td>N/A</td> + <td>A-36384774<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9962</td> - <td>A-37275888<a href="#asterisk">*</a><br /> - QC-CR#656267</td> - <td>N/A</td> + <td>A-37275888<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9963</td> - <td>A-37276741<a href="#asterisk">*</a><br /> - QC-CR#657771</td> - <td>N/A</td> + <td>A-37276741<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9959</td> - <td>A-36383694<a href="#asterisk">*</a><br /> - QC-CR#651900</td> - <td>N/A</td> + <td>A-36383694<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9964</td> - <td>A-37280321<a href="#asterisk">*</a><br /> - QC-CR#680778</td> - <td>N/A</td> + <td>A-37280321<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9965</td> - <td>A-37278233<a href="#asterisk">*</a><br /> - QC-CR#711585</td> - <td>N/A</td> + <td>A-37278233<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2014-9966</td> - <td>A-37282854<a href="#asterisk">*</a><br /> - QC-CR#727398</td> - <td>N/A</td> + <td>A-37282854<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9023</td> - <td>A-37276138<a href="#asterisk">*</a><br /> - QC-CR#739802</td> - <td>N/A</td> + <td>A-37276138<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9020</td> - <td>A-37276742<a href="#asterisk">*</a><br /> - QC-CR#733455</td> - <td>N/A</td> + <td>A-37276742<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9021</td> - <td>A-37276743<a href="#asterisk">*</a><br /> - QC-CR#735148</td> - <td>N/A</td> + <td>A-37276743<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9025</td> - <td>A-37276744<a href="#asterisk">*</a><br /> - QC-CR#743985</td> - <td>N/A</td> + <td>A-37276744<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9022</td> - <td>A-37280226<a href="#asterisk">*</a><br /> - QC-CR#736146</td> - <td>N/A</td> + <td>A-37280226<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9028</td> - <td>A-37277982<a href="#asterisk">*</a><br /> - QC-CR#762764</td> - <td>N/A</td> + <td>A-37277982<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9031</td> - <td>A-37275889<a href="#asterisk">*</a><br /> - QC-CR#866015</td> - <td>N/A</td> + <td>A-37275889<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9032</td> - <td>A-37279125<a href="#asterisk">*</a><br /> - QC-CR#873202</td> - <td>N/A</td> + <td>A-37279125<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9033</td> - <td>A-37276139<a href="#asterisk">*</a><br /> - QC-CR#892541</td> - <td>N/A</td> + <td>A-37276139<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2015-9030</td> - <td>A-37282907<a href="#asterisk">*</a><br /> - QC-CR#854667</td> - <td>N/A</td> + <td>A-37282907<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10332</td> - <td>A-37282801<a href="#asterisk">*</a><br /> - QC-CR#906713<br /> - QC-CR#917701<br /> - QC-CR#917702</td> - <td>N/A</td> + <td>A-37282801<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10337</td> - <td>A-37280665<a href="#asterisk">*</a><br /> - QC-CR#977632</td> - <td>N/A</td> + <td>A-37280665<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> <tr> <td>CVE-2016-10342</td> - <td>A-37281763<a href="#asterisk">*</a><br /> - QC-CR#988941</td> - <td>N/A</td> + <td>A-37281763<a href="#asterisk">*</a></td> + <td>æ— </td> <td>高</td> <td>é—æºç»„件</td> </tr> @@ -1102,7 +1058,7 @@ </tr> <tr> <td>CVE-2017-8233</td> - <td>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a></td> + <td>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf </a></td> </tr> <tr> <td>CVE-2017-7368</td> @@ -1130,7 +1086,7 @@ </tr> <tr> <td>CVE-2017-0640</td> - <td><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">移动å¨èƒå“应团队</a>çš„ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)</td> + <td><a href="http://www.trendmicro.com">趋势科技</a>çš„<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">移动å¨èƒå“应团队</a>çš„ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)</td> </tr> <tr> <td>CVE-2017-8236</td> @@ -1241,7 +1197,7 @@ </tbody></table> <p id="asterisk"><strong>5.<em></em>“å‚考信æ¯â€åˆ—ä¸çš„“Android Bug IDâ€æ—边的 <a href="#asterisk">*</a> 表示什么æ„æ€ï¼Ÿ</strong></p> -<p><em></em>如果“å‚考信æ¯â€åˆ—的“Android Bug IDâ€æ—è¾¹æ ‡æœ‰ <a href="#asterisk">*</a>,则表示相应问题未公开å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸é€šå¸¸åŒ…å«é’ˆå¯¹æ¤é—®é¢˜çš„更新。</p> +<p><em></em>如果“å‚考信æ¯â€åˆ—ä¸çš„“Android Bug IDâ€æ—è¾¹æ ‡æœ‰ <a href="#asterisk">*</a>,则表示相应问题未公开å‘布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上æ供的 Nexus 设备的最新二进制驱动程åºä¸é€šå¸¸åŒ…å«é’ˆå¯¹æ¤é—®é¢˜çš„更新。</p> <h2 id="versions">版本</h2> <table> @@ -1261,7 +1217,17 @@ <tr> <td>1.1</td> <td>2017 å¹´ 6 月 7 æ—¥</td> - <td>ä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº† AOSP 链接。</td> + <td>ä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº†å¤šä¸ª AOSP 链接。</td> + </tr> + <tr> + <td>1.2</td> + <td>2017 å¹´ 7 月 11 æ—¥</td> + <td>ä¿®è®¢äº†æœ¬å…¬å‘Šï¼Œæ·»åŠ äº† CVE-2017-6249。</td> + </tr> + <tr> + <td>1.3</td> + <td>2017 å¹´ 8 月 17 æ—¥</td> + <td>修订了本公告,更新了å‚考编å·ã€‚</td> </tr> </tbody></table> diff --git a/zh-tw/security/bulletin/2016-04-02.html b/zh-tw/security/bulletin/2016-04-02.html index 0f751176..487ce342 100644 --- a/zh-tw/security/bulletin/2016-04-02.html +++ b/zh-tw/security/bulletin/2016-04-02.html @@ -1,8 +1,7 @@ -<html devsite> - <head> - <title>Nexus 安全性公告 - 2016 å¹´ 4 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> +<html devsite><head> + <title>Nexus 安全性公告 — 2016 å¹´ 4 月</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,473 +20,317 @@ limitations under the License. --> +<p><em>發佈日期:2016 å¹´ 4 月 4 æ—¥ | 更新日期:2016 å¹´ 12 月 19 æ—¥</em></p> - - - -<p><em>發佈日期:2016 å¹´ 4 月 4 æ—¥ | 更新日期:2016 å¹´ 4 月 6 æ—¥</em></p> <p>Google å·²æ ¹æ“š Android 安全性公佈欄æ¯æœˆç™¼ä½ˆç¨‹åºï¼Œé€éŽ OTA 更新機制發佈了 Nexus è£ç½®çš„安全性更新。 æ¤å¤–,Nexus éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。 2016 å¹´ 4 月 2 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å•é¡Œ (è«‹åƒé–± <a href="https://support.google.com/nexus/answer/4457705">Nexus 說明文件</a>,çžè§£å¦‚何查看安全修補ç‰ç´š)。</p> + <p>åˆä½œå¤¥ä¼´æ˜¯åœ¨ 2016 å¹´ 3 月 16 日或之å‰æ”¶åˆ°æœ‰é—œå…¬å‘Šä¸æ‰€è¿°å•é¡Œçš„相關通知。在é©ç”¨æƒ…æ³ä¸‹ï¼Œé€™äº›å•é¡Œçš„所å°æ‡‰çš„原始碼修補程å¼å·²ç¶“發佈到 Android 開放原始碼計劃 (AOSP) å˜æ”¾å€ã€‚</p> -<p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚</p> -<p><a href="/security/advisory/2016-03-18.html"> -Android 安全性公告 2016-03-18</a> å…ˆå‰æ›¾æŽ¢è¨Žç ´è§£ç¨‹å¼ (用於å–å¾— Root 權é™çš„應用程å¼) 利用 <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> æ¼æ´žè€Œé€ æˆå®‰å…¨æ€§å•é¡Œï¼Œè€Œæœ¬æ¬¡æ›´æ–°å·²è§£æ±º <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 的安全性æ¼æ´žã€‚é‡å°å„æ–¹æ–°å›žå ±çš„å…¶ä»–æ¼æ´žï¼Œæˆ‘們並未收到任何客戶濫用檢舉。如果您想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 SafetyNet) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–±<a href="#mitigations">å› æ‡‰æŽªæ–½</a>一節。</p> -<h2 id="security_vulnerability_summary">安全性æ¼æ´žæ‘˜è¦</h2> -<p>下表列出å„é …å®‰å…¨æ€§æ¼æ´žã€å¸¸è¦‹å¼±é»žèˆ‡æ¼æ´žç·¨è™Ÿ (CVE) åŠè©•å®šçš„åš´é‡ç¨‹åº¦ã€‚ -<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> -<table> -<tr> -<th>å•é¡Œ</th> -<th>CVE</th> -<th>åš´é‡ç¨‹åº¦</th> -</tr> -<tr> -<td>DHCPCD ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> -<td>CVE-2016-1503<br/> - CVE-2014-6060</td> -<td>最高</td> -</tr> -<tr> -<td>媒體轉碼器ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> -<td>CVE-2016-0834</td> -<td>最高</td> -</tr> -<tr> -<td>媒體伺æœå™¨ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> -<td>CVE-2016-0835<br/> - CVE-2016-0836<br/> - CVE-2016-0837<br/> - CVE-2016-0838<br/> - CVE-2016-0839<br/> - CVE-2016-0840<br/> - CVE-2016-0841</td> -<td>最高</td> -</tr> -<tr> -<td>libstagefright ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> -<td>CVE-2016-0842</td> -<td>最高</td> -</tr> -<tr> -<td>æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2015-1805</td> -<td>最高</td> -</tr> -<tr> -<td>Qualcomm 效能模組ä¸çš„<br/> -權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-0843</td> -<td>最高</td> -</tr> -<tr> -<td>Qualcomm RF 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-0844</td> -<td>最高</td> -</tr> -<tr> -<td>æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2014-9322</td> -<td>最高</td> -</tr> -<tr> -<td>IMemory Native Interface ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-0846</td> -<td>高</td> -</tr> -<tr> -<td>Telecom 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-0847</td> -<td>高</td> -</tr> -<tr> -<td>下載管ç†ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-0848</td> -<td>高</td> -</tr> -<tr> -<td>復原程åºä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-0849</td> -<td>高</td> -</tr> -<tr> -<td>è—牙ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-0850</td> -<td>高</td> -</tr> -<tr> -<td>Texas Instruments 觸動回饋驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2409</td> -<td>高</td> -</tr> -<tr> -<td>è¦–è¨Šæ ¸å¿ƒé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2410</td> -<td>高</td> -</tr> -<tr> -<td>Qualcomm é›»æºç®¡ç†å…ƒä»¶ä¸çš„<br/> -權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2411</td> -<td>高</td> -</tr> -<tr> -<td>System_server ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2412</td> -<td>高</td> -</tr> -<tr> -<td>媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2413</td> -<td>高</td> -</tr> -<tr> -<td>Minikin ä¸çš„拒絕æœå‹™æ¼æ´ž</td> -<td>CVE-2016-2414</td> -<td>高</td> -</tr> -<tr> -<td>Exchange ActiveSync ä¸çš„資訊外洩æ¼æ´ž</td> -<td>CVE-2016-2415</td> -<td>高</td> -</tr> -<tr> -<td>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</td> -<td>CVE-2016-2416<br/> - CVE-2016-2417<br/> - CVE-2016-2418<br/> - CVE-2016-2419</td> -<td>高</td> -</tr> -<tr> -<td>Debuggerd 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2420</td> -<td>ä¸</td> -</tr> -<tr> -<td>è¨å®šç²¾éˆä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2421</td> -<td>ä¸</td> -</tr> -<tr> -<td>Wi-Fi ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2422</td> -<td>ä¸</td> -</tr> -<tr> -<td>電話通訊系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> -<td>CVE-2016-2423</td> -<td>ä¸</td> -</tr> -<tr> -<td>SyncStorageEngine ä¸çš„拒絕æœå‹™æ¼æ´ž</td> -<td>CVE-2016-2424</td> -<td>ä¸</td> -</tr> -<tr> -<td>AOSP Mail ä¸çš„資訊外洩æ¼æ´ž</td> -<td>CVE-2016-2425</td> -<td>ä¸</td> -</tr> -<tr> -<td>架構ä¸çš„資訊外洩æ¼æ´ž</td> -<td>CVE-2016-2426</td> -<td>ä¸</td> -</tr> -<tr> -<td>BouncyCastle ä¸çš„資訊外洩æ¼æ´ž</td> -<td>CVE-2016-2427</td> -<td>ä¸</td> -</tr> -</table> +<p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> + +<p><a href="/security/advisory/2016-03-18.html">Android 安全性公告 2016-03-18</a> å…ˆå‰æ›¾è¨Žè«–ç ´è§£ç¨‹å¼ (用於å–å¾— Root 權é™çš„應用程å¼) 利用 <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> æ¼æ´žè€Œé€ æˆå®‰å…¨æ€§å•é¡Œï¼Œè€Œæœ¬æ¬¡æ›´æ–°å·²è§£æ±º <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a> 的安全性æ¼æ´žã€‚é‡å°å„æ–¹æ–°å›žå ±çš„å…¶ä»–æ¼æ´žï¼Œæˆ‘們並未收到任何客戶濫用檢舉。如果您想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 SafetyNet) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–±<a href="#mitigations">å› æ‡‰æŽªæ–½</a>一節。</p> + <h2 id="mitigations">å› æ‡‰æŽªæ–½</h2> -<p>本節概è¦èªªæ˜Ž <a href="/security/enhancements/index.html">Android 安全性平å°</a>å’Œ SafetyNet ç‰æœå‹™é˜²è·æ–¹æ¡ˆæ‰€æ供的å„é …å› æ‡‰æŽªæ–½ã€‚é€™äº›æŽªæ–½èƒ½æœ‰æ•ˆé˜²ç¯„æœ‰å¿ƒäººå£«åœ¨ Android 系統上惡æ„é‹ç”¨å®‰å…¨æ€§æ¼æ´žä¾†é”到他們的目的。</p> + +<p>本節概述 <a href="/security/enhancements/index.html">Android 安全性平å°</a>å’Œ SafetyNet ç‰æœå‹™é˜²è·æ–¹æ¡ˆé‡å°è³‡å®‰æ¼æ´žæ‰€æä¾›çš„å› æ‡‰æŽªæ–½ã€‚é€™äº›æŽªæ–½å¯æœ‰æ•ˆé˜²ç¯„有心人士在 Android 系統上惡æ„é‹ç”¨å®‰å…¨æ€§æ¼æ´žä¾†é”到特定目的。</p> + <ul> -<li>Android å¹³å°æŒçºŒæŽ¨å‡ºæ–°çš„ç‰ˆæœ¬ä¾†å¼·åŒ–å®‰å…¨æ€§ï¼Œå› æ¤æœ‰å¿ƒäººå£«è¶Šä¾†è¶Šé›£åœ¨ Android 系統上找出æ¼æ´žåŠ 以利用。我們建è°æ‰€æœ‰ä½¿ç”¨è€…盡å¯èƒ½æ›´æ–°è‡³æœ€æ–°ç‰ˆçš„ Android。 + <li>Android å¹³å°æŒçºŒæŽ¨å‡ºæ–°çš„ç‰ˆæœ¬ä¾†å¼·åŒ–å®‰å…¨æ€§ï¼Œå› æ¤æœ‰å¿ƒäººå£«è¶Šä¾†è¶Šé›£åœ¨ Android 系統上找出æ¼æ´žåŠ 以利用。我們建è°æ‰€æœ‰ä½¿ç”¨è€…盡å¯èƒ½æ›´æ–°è‡³æœ€æ–°ç‰ˆçš„ Android。 </li><li>Android 安全性å°çµ„採用「驗è‰æ‡‰ç”¨ç¨‹å¼ã€å’Œ SafetyNet 主動監控濫用情形;這些功能如果åµæ¸¬å‡ºæ‡‰ç”¨ç¨‹å¼å¯èƒ½æœ‰å®³ï¼Œå°‡åœ¨å®‰è£ä½œæ¥å‰è¦å‘Šä½¿ç”¨è€…。Google Play ç¦æ¢ç™¼ä½ˆä»»ä½•å¯ç”¨æ–¼ç²å–è£ç½® Root 權é™çš„工具。為了ä¿è·ä¸æ˜¯åœ¨ Google Play 安è£æ‡‰ç”¨ç¨‹å¼çš„使用者,「驗è‰æ‡‰ç”¨ç¨‹å¼ã€åœ¨é è¨ç‹€æ…‹ä¸‹æœƒè‡ªå‹•å•Ÿç”¨ä¸¦å‘使用者發出è¦å‘Šï¼Œæ醒他們留æ„ç›®å‰å·²çŸ¥çš„ç ´è§£ç¨‹å¼ (用於å–å¾— Root 權é™çš„應用程å¼)。「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒè¨æ³•æ‰¾å‡ºå·²çŸ¥æœƒåˆ©ç”¨æ¬Šé™å‡ç´šæ¼æ´žçš„惡æ„應用程å¼ï¼Œä¸¦å°éŽ–這類應用程å¼çš„安è£ä½œæ¥ã€‚如果使用者已安è£é€™é¡žæ‡‰ç”¨ç¨‹å¼ï¼Œã€Œé©—è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒé€šçŸ¥ä½¿ç”¨è€…並嘗試移除該應用程å¼ã€‚ </li><li>在é©ç”¨æƒ…æ³ä¸‹ï¼ŒGoogle Hangouts å’Œ Messenger 應用程å¼ä¸æœƒè‡ªå‹•å°‡åª’體內容傳é€çµ¦åª’體伺æœå™¨é€™é¡žçš„處ç†ç¨‹åºã€‚ </li></ul> + <h2 id="acknowledgements">特別銘è¬</h2> + <p>Android 安全性å°çµ„æ„Ÿè¬ä»¥ä¸‹ç ”究人員åšå‡ºçš„è²¢ç»ï¼š</p> + <ul> -<li>Google Chrome 安全性å°çµ„æˆå“¡ Abhishek Aryaã€Oliver Chang å’Œ + <li>Google Chrome 安全性å°çµ„æˆå“¡ Abhishek Aryaã€Oliver Chang å’Œ Martin Barbella:CVE-2016-0834ã€CVE-2016-0841ã€CVE-2016-0840ã€CVE-2016-0839ã€CVE-2016-0838 </li><li>CENSUS S.A. çš„ Anestis Bechtsoudis (<a href="https://twitter.com/anestisb">@anestisb</a>):CVE-2016-0842ã€CVE-2016-0836ã€CVE-2016-0835 </li><li>Google 電信å°çµ„æˆå“¡ Brad Ebinger å’Œ Santos Cordon:CVE-2016-0847 </li><li>布倫瑞克工æ¥å¤§å¸<a href="https://www.ibr.cs.tu-bs.de">作æ¥ç³»çµ± å’Œé›»è…¦ç¶²è·¯ç ”ç©¶æ‰€</a>çš„ Dominik Schürmann:CVE-2016-2425 - </li><li>奇虎 360 IceSword 實驗室 -çš„ Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)〠-<a href="http://weibo.com/jfpan ">pjf</a>ã€Jianqiang Zhao - (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>):CVE-2016-0844 - </li><li> <a href="https://www.epfl.ch">洛桑è¯é‚¦ç†å·¥å¸é™¢</a> -çš„ <a href="mailto:gpiskas@gmail.com">George Piskas</a>:CVE-2016-2426 - </li><li><a href="http://www.360.com/">奇虎 360 科技有é™å…¬å¸</a> -çš„ Guang Gong (龔廣) (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2016-2412ã€CVE-2016-2416 + </li><li>奇虎 360 IceSword 實驗室 çš„ Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€<a href="http://weibo.com/jfpan">pjf</a>ã€Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>):CVE-2016-0844 + </li><li> <a href="https://www.epfl.ch">洛桑è¯é‚¦ç†å·¥å¸é™¢</a>çš„ <a href="mailto:gpiskas@gmail.com">George Piskas</a>:CVE-2016-2426 + </li><li><a href="http://www.360.com/">奇虎 360 科技有é™å…¬å¸</a>çš„ Guang Gong (龔廣) (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2016-2412ã€CVE-2016-2416 </li><li>Google Project Zero æˆå“¡ James Forshaw:CVE-2016-2417ã€CVE-2016-0846 - </li><li>奇虎 360 IceSword 實驗室 -çš„ Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>)〠-<a href="http://weibo.com/jfpan ">pjf</a> å’Œ Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>): -CVE-2016-2410ã€CVE-2016-2411 - </li><li>奇虎 360 IceSword 實驗室 -çš„ Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan ">pjf</a>:CVE-2016-2409 + </li><li>奇虎 360 IceSword 實驗室的 Jianqiang Zhao(<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)ã€<a href="http://weibo.com/jfpan">pjf</a> å’Œ Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>):CVE-2016-2410ã€CVE-2016-2411 + </li><li>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-2409 </li><li>Vertu Corporation LTD çš„ Nancy Wang:CVE-2016-0837 </li><li> <a href="mailto:nasim@zamir.ca">Nasim Zamir</a>:CVE-2016-2409 </li><li>Qualcomm Product Security Initiative çš„ Nico Golde (<a href="https://twitter.com/iamnion">@iamnion</a>):CVE-2016-2420ã€CVE-2016-0849 - </li><li>趨勢科技的 Peter Pi - (<a href="https://twitter.com/heisecode">@heisecode</a>):CVE-2016-2418ã€CVE-2016-2413ã€CVE-2016-2419 - </li><li>Google 資訊安全性å°çµ„çš„ Quan Nguyen:CVE-2016-2427 + </li><li>趨勢科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>):CVE-2016-2418ã€CVE-2016-2413ã€CVE-2016-2419 </li><li>Richard Shupak:CVE-2016-2415 - </li><li><a href="https://labs.mwrinfosecurity.com/">MWR Labs</a> çš„ Romain Trouvé - (<a href="https://twitter.com/bouuntyyy">@bouuntyyy)</a>:CVE-2016-0850 + </li><li><a href="https://labs.mwrinfosecurity.com/">MWR Labs</a> çš„ Romain Trouvé:CVE-2016-0850 </li><li>Stuart Henderson:CVE-2016-2422 </li><li>Android 安全性å°çµ„æˆå“¡ Vishwath Mohan:CVE-2016-2424 </li><li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2016-2414 </li><li>趨勢科技股份有é™å…¬å¸ çš„ Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2016-0843 - </li><li> å°ç¬¬å®‰ç´å¤§å¸å¸ƒé¯æ˜Žé “æ ¡å€ -çš„ <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a> å’Œ <a href="mailto:xw7@indiana.edu">Xiaofeng Wang</a>ï¼Œä»¥åŠ -北京大å¸çš„ <a href="mailto:litongxin1991@gmail.com">Tongxin Li</a> å’Œ - <a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>:CVE-2016-0848 + </li><li> å°ç¬¬å®‰ç´å¤§å¸å¸ƒé¯æ˜Žé “æ ¡å€çš„ <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a> å’Œ <a href="mailto:xw7@indiana.edu">Xiaofeng Wang</a>,以åŠåŒ—京大å¸çš„ <a href="mailto:litongxin1991@gmail.com">Tongxin Li</a> å’Œ <a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a>:CVE-2016-0848 </li></ul> -<p>æ¤å¤–,Android 安全性å°çµ„æ„Ÿè¬ - <a href="http://c0reteam.org">C0RE å°çµ„</a>çš„ -<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>〠-<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>〠-Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) -å’Œ Xuxian Jiang ä»¥åŠ - <a href="https://www.zimperium.com/">Zimperium</a> å° CVE-2015-1805 所åšçš„è²¢ç»ã€‚</p> + +<p>æ¤å¤–,Android 安全性å°çµ„æ„Ÿè¬ <a href="http://c0reteam.org">C0RE å°çµ„</a>çš„ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang ä»¥åŠ <a href="https://www.zimperium.com/">Zimperium</a> å° CVE-2015-1805 所åšçš„è²¢ç»ã€‚</p> + <h2 id="security_vulnerability_details">安全性æ¼æ´žè©³æƒ…</h2> -<p>下列å„節é‡å°ä¸Šæ–¹<a href="#security_vulnerability_summary">安全性æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œéŒ¯èª¤ã€åš´é‡ç¨‹åº¦ã€å—å½±éŸ¿ç‰ˆæœ¬å’Œå›žå ±æ—¥æœŸã€‚ -如果相關錯誤有 AOSP ä¿®è¨‚é …ç›®ï¼Œè©²éŒ¯èª¤ç·¨è™Ÿæœƒé€£çµåˆ°ç›¸å°æ‡‰çš„ä¿®è¨‚é …ç›®åƒè€ƒè³‡æ–™ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå¯é€éŽè©²éŒ¯èª¤ç·¨è™Ÿå¾Œé¢çš„編號連çµé–‹å•Ÿå…¶ä»– AOSP åƒè€ƒè³‡æ–™ã€‚</p> + +<p>下列å„節é‡å° 2016-04-02 安全修補ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œéŒ¯èª¤ã€åš´é‡ç¨‹åº¦ã€å—å½±éŸ¿ç‰ˆæœ¬å’Œå›žå ±æ—¥æœŸã€‚å¦‚æžœç›¸é—œéŒ¯èª¤æœ‰ AOSP ä¿®è¨‚é …ç›®ï¼Œè©²éŒ¯èª¤ç·¨è™Ÿæœƒé€£çµåˆ°ç›¸å°æ‡‰çš„ä¿®è¨‚é …ç›®åƒè€ƒè³‡æ–™ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå¯é€éŽè©²éŒ¯èª¤ç·¨è™Ÿå¾Œé¢çš„編號連çµé–‹å•Ÿå…¶ä»– AOSP åƒè€ƒè³‡æ–™ã€‚</p> + <h3 id="remote_code_execution_vulnerability_in_dhcpcd">DHCPCD ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> + <p>動態主機組態通訊å”定 (Dynamic Host Configuration Protocol) æœå‹™ä¸çš„æ¼æ´žå¯è®“æ”»æ“Šè€…é€ æˆè¨˜æ†¶é«”出錯,進而執行é 端程å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨ DHCP ç”¨æˆ¶ç«¯ç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚DHCP æœå‹™èƒ½å¤ å˜å–第三方應用程å¼ä¸€èˆ¬ç„¡æ³•å˜å–的權é™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/38cb7a7feff88d58fb4a565ba7f12cd4469af243"> ANDROID-15268738</a></td> -<td>最高</td> -<td>4.4.4</td> -<td>2014 å¹´ 7 月 30 æ—¥</td> -</tr> -<tr> -<td>CVE-2014-6060</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> + <td>最高</td> + <td>4.4.4</td> + <td>2014 å¹´ 7 月 30 æ—¥</td> + </tr> + <tr> + <td>CVE-2014-6060</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/de806dfdb6dd3b9dec5d1d23c9029fb300799cf8"> ANDROID-16677003</a></td> -<td>最高</td> -<td>4.4.4</td> -<td>2014 å¹´ 7 月 30 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-1503</td> -<td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> + <td>最高</td> + <td>4.4.4</td> + <td>2014 å¹´ 7 月 30 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-1503</td> + <td><a href="https://android.googlesource.com/platform/external/dhcpcd/+/1390ace71179f04a09c300ee8d0300aa69d9db09"> ANDROID-26461634</a></td> -<td>最高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 4 æ—¥</td> -</tr> -</table> + <td>最高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 4 æ—¥</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_media_codec">媒體轉碼器ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> + <p>在處ç†æŸäº›ç‰¹æ®Šçš„媒體檔案和資料時,攻擊者å¯èƒ½æœƒåˆ©ç”¨åª’體伺æœå™¨æ‰€ç”¨åª’體轉碼器ä¸çš„æ¼æ´žé€ æˆè¨˜æ†¶é«”出錯,並執行é 端程å¼ç¢¼ç•¶åšåª’體伺æœå™¨è™•ç†ç¨‹åºã€‚</p> + <p>å—影響的功能是作æ¥ç³»çµ±çš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œè€Œå¤šæ¬¾æ‡‰ç”¨ç¨‹å¼éƒ½å…許é 端內容å˜å–é€™é …åŠŸèƒ½ï¼Œå…¶ä¸æœ€å¸¸è¦‹çš„內容是多媒體訊æ¯å’Œç€è¦½å™¨ä¸æ’放的媒體。</p> + <p>由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨åª’體伺æœå™¨æœå‹™ç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚媒體伺æœå™¨æœå‹™èƒ½å¤ å˜å–音訊和視訊串æµï¼Œä»¥åŠç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ä¸€èˆ¬ç„¡æ³•å˜å–的權é™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0834</td> -<td>ANDROID-26220548*</td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 16 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>錯誤</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0834</td> + <td>ANDROID-26220548*</td> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 16 æ—¥</td> + </tr> +</tbody></table> + <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨äºŒé€²ä½æª”驅動程å¼ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> + <h3 id="remote_code_execution_vulnerability_in_mediaserver">媒體伺æœå™¨ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> + <p>在處ç†æŸäº›ç‰¹æ®Šçš„媒體檔案åŠè³‡æ–™æ™‚,攻擊者å¯èƒ½æœƒåˆ©ç”¨åª’體伺æœå™¨ä¸çš„æ¼æ´žé€ æˆè¨˜æ†¶é«”出錯,並執行é 端程å¼ç¢¼ç•¶åšåª’體伺æœå™¨è™•ç†ç¨‹åºã€‚</p> + <p>å—影響的功能是作æ¥ç³»çµ±çš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œè€Œå¤šæ¬¾æ‡‰ç”¨ç¨‹å¼éƒ½å…許é 端內容å˜å–é€™é …åŠŸèƒ½ï¼Œå…¶ä¸æœ€å¸¸è¦‹çš„內容是多媒體訊æ¯å’Œç€è¦½å™¨ä¸æ’放的媒體。</p> + <p>由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨åª’體伺æœå™¨æœå‹™ç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚媒體伺æœå™¨æœå‹™èƒ½å¤ å˜å–音訊和視訊串æµï¼Œä»¥åŠç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ä¸€èˆ¬ç„¡æ³•å˜å–的權é™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0835</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0835</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301"> ANDROID-26070014</a> [<a href="https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1">2</a>] </td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 6 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0836</td> -<td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 6 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0836</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8b4ed5a23175b7ffa56eea4678db7287f825e985"> ANDROID-25812590</a></td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 19 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0837</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 19 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0837</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"> ANDROID-27208621</a></td> -<td>最高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 11 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-0838</td> -<td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> + <td>最高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 11 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-0838</td> + <td><a href="https://android.googlesource.com/platform/external/sonivox/+/3ac044334c3ff6a61cb4238ff3ddaf17c7efcf49"> ANDROID-26366256</a> [<a href="https://android.googlesource.com/platform/external/sonivox/+/24d7c408c52143bce7b49de82f3913fd8d1219cf">2</a>]</td> -<td>最高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -<tr> -<td>CVE-2016-0839</td> -<td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> + <td>最高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> + <tr> + <td>CVE-2016-0839</td> + <td><a href="https://android.googlesource.com/platform/hardware/qcom/audio/+/ebbb82365172337c6c250c6cac4e326970a9e351"> ANDROID-25753245</a></td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -<tr> -<td>CVE-2016-0840</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> + <tr> + <td>CVE-2016-0840</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/c57fc3703ae2e0d41b1f6580c50015937f2d23c1"> ANDROID-26399350</a></td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -<tr> -<td>CVE-2016-0841</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> + <tr> + <td>CVE-2016-0841</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/3097f364237fb552871f7639d37a7afa4563e252"> ANDROID-26040840</a></td> -<td>最高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -</table> + <td>最高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> + +</tbody></table> + <h3 id="remote_code_execution_vulnerability_in_libstagefright">libstagefright ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> + <p>在處ç†æŸäº›ç‰¹æ®Šçš„媒體檔案和資料時,攻擊者å¯èƒ½æœƒåˆ©ç”¨ libstagefright ä¸çš„æ¼æ´žé€ æˆè¨˜æ†¶é«”出錯,並執行é 端程å¼ç¢¼ç•¶åšåª’體伺æœå™¨è™•ç†ç¨‹åºã€‚</p> + <p>å—影響的功能是作æ¥ç³»çµ±çš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œè€Œå¤šæ¬¾æ‡‰ç”¨ç¨‹å¼éƒ½å…許é 端內容å˜å–é€™é …åŠŸèƒ½ï¼Œå…¶ä¸æœ€å¸¸è¦‹çš„內容是多媒體訊æ¯å’Œç€è¦½å™¨ä¸æ’放的媒體。</p> + <p>由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨åª’體伺æœå™¨æœå‹™ç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚媒體伺æœå™¨æœå‹™èƒ½å¤ å˜å–音訊和視訊串æµï¼Œä»¥åŠç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ä¸€èˆ¬ç„¡æ³•å˜å–的權é™ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0842</td> -<td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0842</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/943323f1d9d3dd5c2634deb26cbe72343ca6b3db"> ANDROID-25818142</a></td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 23 æ—¥</td> -</tr> -</table> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 23 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_kernel">æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒä¸åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒå°Žè‡´æœ¬æ©Ÿè£ç½®å—åˆ°æ°¸ä¹…æ€§ç ´å£žï¼Œè€Œåªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚您å¯ä»¥åƒè€ƒ <a href="/security/advisory/2016-03-18.html">Android 安全性公告 2016-03-18</a>,進一æ¥çžè§£é€™é …å•é¡Œã€‚</p> + <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2015-1805</td> -<td>ANDROID-27275324*</td> -<td>最高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 19 æ—¥</td> -</tr> -</table> -<p>* AOSP å·²é‡å°ä¸‹åˆ—ç‰¹å®šæ ¸å¿ƒç‰ˆæœ¬æ供修補程å¼ï¼š -<a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>〠-<a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a> å’Œ -<a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a>。</p> + <tbody><tr> + <th>CVE</th> + <th>錯誤</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2015-1805</td> + <td>ANDROID-27275324*</td> + <td>最高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 19 æ—¥</td> + </tr> +</tbody></table> +<p>* AOSP å·²é‡å°ä¸‹åˆ—ç‰¹å®šæ ¸å¿ƒç‰ˆæœ¬æ供修補程å¼ï¼š<a href="https://android.googlesource.com/kernel/common/+/bf010e99c9bc48002f6bfa1ad801a59bf996270f">3.14</a>ã€<a href="https://android.googlesource.com/kernel/common/+/4a5a45669796c5b4617109182e25b321f9f00beb">3.10</a> å’Œ <a href="https://android.googlesource.com/kernel/common/+/f7ebfe91b806501808413c8473a300dff58ddbb5">3.4</a>。</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_performance_module">Qualcomm 效能模組ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>Qualcomm ARM 處ç†å™¨çš„效能事件管ç†å…ƒä»¶å«æœ‰æ¬Šé™å‡ç´šæ¼æ´žï¼Œå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒå°Žè‡´æœ¬æ©Ÿè£ç½®å—åˆ°æ°¸ä¹…æ€§ç ´å£žï¼Œè€Œåªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0843</td> -<td>ANDROID-25801197*</td> -<td>最高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 19 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>錯誤</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0843</td> + <td>ANDROID-25801197*</td> + <td>最高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 19 æ—¥</td> + </tr> +</tbody></table> + <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨äºŒé€²ä½æª”驅動程å¼ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> + <h3 id="elevation_of_privilege_in_qualcomm_rf_component">Qualcomm RF 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>本機惡æ„應用程å¼å¯åˆ©ç”¨ Qualcomm RF 驅動程å¼ä¸çš„ä¸€é …æ¼æ´žï¼Œåœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒå°Žè‡´æœ¬æ©Ÿè£ç½®å—åˆ°æ°¸ä¹…æ€§ç ´å£žï¼Œè€Œåªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> + <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0844</td> -<td>ANDROID-26324307*</td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> -<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa">ä½æ–¼ Linux 上游程å¼åº«</a>ä¸ã€‚</p> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0844</td> + <td><a href="https://android.googlesource.com/platform/external/sepolicy/+/57531cacb40682be4b1189c721fd1e7f25bf3786"> + ANDROID-26324307</a>*</td> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> +<p>* 這個å•é¡Œçš„其他修補程å¼ä½æ–¼ <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=90a9da2ea95e86b4f0ff493cd891a11da0ee67aa">Linux 上游程å¼åº«</a>。</p> + <h3 id="elevation_of_privilege_vulnerability_in_kernel12">æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>å…±ç”¨æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒä¸åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒå°Žè‡´æœ¬æ©Ÿè£ç½®å—åˆ°æ°¸ä¹…æ€§ç ´å£žï¼Œè€Œåªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2014-9322</td> -<td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2014-9322</td> + <td><a href="https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb">ANDROID-26927260</a> [<a href="https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb">2</a>] - [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br/> + [<a href="https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee">3</a>]<br /> [<a href="https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105">4</a>] [<a href="https://android.googlesource.com/kernel/common/+/44d057a37868a60bc2eb6e7d1dcea701f234d56a">5</a>] [<a href="https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b">6</a>] @@ -496,484 +339,514 @@ Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) [<a href="https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5">9</a>] [<a href="https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850">10</a>] [<a href="https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829">11</a>]</td> -<td>最高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> + <td>最高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_imemory_native_interface"> IMemory Native Interface ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>IMemory Native Interface ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> + +<p>IMemory Native Interface ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0846</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0846</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/f3199c228aced7858b75a8070b8358c155ae0149"> ANDROID-26877992</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_telecom_component"> Telecom 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>Telecom 元件ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“攻擊者將通話來æºé¡¯ç¤ºç‚ºä»»ä½•è™Ÿç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™) 的本機å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> + +<p>Telecom 元件ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“攻擊者將通話來æºé¡¯ç¤ºç‚ºä»»ä½•è™Ÿç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™) 的本機å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0847</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0847</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/2750faaa1ec819eed9acffea7bd3daf867fda444"> ANDROID-26864502</a> [<a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a294ae5342410431a568126183efe86261668b5d">2</a>] </td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_download_manager"> 下載管ç†ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>下載管ç†ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“攻擊者å–å¾—ç§äººå„²å˜ç©ºé–“ä¸æœªç¶“授權檔案的å˜å–權。由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> -或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™) 的本機å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> + +<p>下載管ç†ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“攻擊者å–å¾—ç§äººå„²å˜ç©ºé–“ä¸æœªç¶“授權檔案的å˜å–權。由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™) 的本機å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> + <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0848</td> -<td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0848</td> + <td><a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/bdc831357e7a116bc561d51bf2ddc85ff11c01a9"> ANDROID-26211054</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 14 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 14 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_recovery_procedure"> 復原程åºä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>復原程åºä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內 -執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> +執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0849</td> -<td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0849</td> + <td><a href="https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"> ANDROID-26960931</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 3 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 3 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_bluetooth"> -è—牙ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>è—牙ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“ä¸å—信任的è£ç½®åœ¨åˆå§‹é…å°ç¨‹åºä¸èˆ‡æ‰‹æ©Ÿé…å°ã€‚這å¯èƒ½æœƒå°Žè‡´è£ç½®è³‡æº (例如網際網路連線) é到未經授權的å˜å–。由於這個å•é¡Œå¯ç”¨ä¾†ç²å–ä¸å—信任的è£ç½®ç„¡æ³•å˜å–的進階權é™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> +è—牙功能的權é™å‡ç´šæ¼æ´ž</h3> + +<p>è—牙功能的權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“ä¸å—信任的è£ç½®åœ¨åˆå§‹é…å°ç¨‹åºä¸èˆ‡æ‰‹æ©Ÿé…å°ã€‚這å¯èƒ½æœƒå°Žè‡´è£ç½®è³‡æº (例如網際網路連線) é到未經授權的å˜å–。由於這個å•é¡Œå¯ç”¨ä¾†ç²å–ä¸å—信任的è£ç½®ç„¡æ³•å˜å–的進階權é™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-0850</td> -<td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-0850</td> + <td><a href="https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/c677ee92595335233eb0e7b59809a1a94e7a678a"> ANDROID-26551752</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 13 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 13 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_texas_instruments_haptic_driver"> Texas Instruments 觸動回饋驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>Texas Instruments è§¸å‹•å›žé¥‹æ ¸å¿ƒé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚在æ£å¸¸æƒ…æ³ä¸‹ï¼Œé€™é¡žæ ¸å¿ƒç¨‹å¼ç¢¼åŸ·è¡ŒéŒ¯èª¤æ‡‰è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ç‰ç´šï¼Œä½†ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žå¯å‘¼å«è©²é©…動程å¼çš„æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦æ›´æ£ç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2409</td> -<td>ANDROID-25981545*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 25 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>錯誤</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2409</td> + <td>ANDROID-25981545*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 25 æ—¥</td> + </tr> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨äºŒé€²ä½æª”驅動程å¼ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_video_kernel_driver"> Qualcomm è¦–è¨Šæ ¸å¿ƒé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>Qualcomm è¦–è¨Šæ ¸å¿ƒé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚在æ£å¸¸æƒ…æ³ä¸‹ï¼Œæ ¸å¿ƒç¨‹å¼ç¢¼åŸ·è¡Œæ¼æ´žæ‡‰è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ç‰ç´šï¼Œä½†ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žå¯å‘¼å«è©²é©…動程å¼çš„æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦æ›´æ£ç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2410</td> -<td>ANDROID-26291677*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 21 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>錯誤</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2410</td> + <td>ANDROID-26291677*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 21 æ—¥</td> + </tr> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨äºŒé€²ä½æª”驅動程å¼ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_qualcomm_power_management_component"> Qualcomm é›»æºç®¡ç†å…ƒä»¶ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>Qualcomm é›»æºç®¡ç†æ ¸å¿ƒé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚在æ£å¸¸æƒ…æ³ä¸‹ï¼Œé€™é¡žæ ¸å¿ƒç¨‹å¼ç¢¼åŸ·è¡ŒéŒ¯èª¤æ‡‰è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ç‰ç´šï¼Œä½†ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žè£ç½®ä¸¦å‡ç´šè‡³ Root 權é™ï¼Œå› æ¤åš´é‡ç¨‹åº¦æ›´æ£ç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2411</td> -<td>ANDROID-26866053*</td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 28 æ—¥</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>錯誤</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2411</td> + <td>ANDROID-26866053*</td> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 28 æ—¥</td> + </tr> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨äºŒé€²ä½æª”驅動程å¼ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> + <h3 id="elevation_of_privilege_vulnerability_in_system_server"> System_server ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>System_server ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> + +<p>System_server ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2412</td> -<td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2412</td> + <td><a href="https://android.googlesource.com/platform/external/skia/+/b36c23b3e6b0b316075cc43e466d44c62508fcac"> ANDROID-26593930</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 15 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 15 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_mediaserver"> 媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> + +<p>媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2413</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2413</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48"> ANDROID-26403627</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 5 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 5 æ—¥</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_vulnerability_in_minikin">Minikin ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> + <p>Minikin 媒體庫ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“本機攻擊者暫時å°éŽ–å—影響è£ç½®çš„å˜å–權。攻擊者å¯ä»¥ä½¿ç³»çµ±è¼‰å…¥ä¸å—信任的å—åž‹ï¼Œé€ æˆ Minikin 元件發生溢ä½ç¾è±¡è€Œå°Žè‡´ç•¶æ©Ÿã€‚由於拒絕æœå‹™æœƒå°Žè‡´è£ç½®ä¸æ–·é‡æ–°å•Ÿå‹•ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2414</td> -<td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2414</td> + <td><a href="https://android.googlesource.com/platform/frameworks/minikin/+/ca8ac8acdad662230ae37998c6c4091bb39402b6"> ANDROID-26413177</a> [<a href="https://android.googlesource.com/platform/frameworks/minikin/+/f4785aa1947b8d22d5b19559ef1ca526d98e0e73">2</a>] </td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 11 月 3 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 11 月 3 æ—¥</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_exchange_activesync"> Exchange ActiveSync ä¸çš„資訊外洩æ¼æ´ž</h3> + <p>Exchange ActiveSync ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å–得使用者ç§äººè³‡è¨Šçš„å˜å–權。 由於這個å•é¡Œå¯ç”¨æ–¼é 端å–å¾—å—ä¿è·è³‡æ–™çš„å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2415</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2415</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2"> ANDROID-26488455</a></td> -<td>高</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 11 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 11 æ—¥</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_mediaserver">媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</h3> -<p>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“有心人士è¦é¿ç³»çµ±ç”¨æ–¼é˜²ç¯„攻擊者濫用平å°çš„安全措施。由於這些å•é¡Œä¹Ÿèƒ½ç”¨ä¾†å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> + +<p>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“有心人士è¦é¿ç³»çµ±ç”¨æ–¼é˜²ç¯„攻擊者濫用平å°çš„安全措施。由於這些å•é¡Œä¹Ÿèƒ½ç”¨ä¾†å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2416</td> -<td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2416</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/85d253fab5e2c01bd90990667c6de25c282fc5cd"> ANDROID-27046057</a> [<a href="https://android.googlesource.com/platform/frameworks/native/+/a40b30f5c43726120bfe69d41ff5aeb31fe1d02a">2</a>] </td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 5 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2417</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 5 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2417</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84"> ANDROID-26914474</a></td> -<td>高</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 2 月 1 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2418</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> + <td>高</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 2 月 1 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2418</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3"> ANDROID-26324358</a></td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 24 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2419</td> -<td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 24 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2419</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5a856f2092f7086aa0fea9ae06b9255befcdcd34"> ANDROID-26323455</a></td> -<td>高</td> -<td>6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 24 æ—¥</td> -</tr> -</table> + <td>高</td> + <td>6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 24 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_debuggerd_component"> Debuggerd 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>Debuggerd 元件ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ï¼Œé€²è€Œå°Žè‡´è£ç½®å—åˆ°æ°¸ä¹…æ€§ç ´å£žï¼Œä¸”åªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ã€‚在æ£å¸¸æƒ…æ³ä¸‹ï¼Œé€™é¡žç¨‹å¼ç¢¼åŸ·è¡ŒéŒ¯èª¤æ‡‰è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ç‰ç´šï¼Œä½†ç”±æ–¼é€™ç¨®æ”»æ“Šåªæœƒåœ¨ Android 4.4.4 版ä¸é€ æˆæ¬Šé™å¾žç³»çµ±å‡ç´šè‡³ Root çš„ç¾è±¡ï¼Œå› æ¤åš´é‡ç¨‹åº¦æ›´æ£ç‚ºã€Œä¸ã€ã€‚在 Android 5.0 以上版本ä¸ï¼ŒSELinux è¦å‰‡ å¯é˜²æ¢ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼æŽ¥è§¸å—影響的程å¼ç¢¼ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2420</td> -<td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2420</td> + <td><a href="https://android.googlesource.com/platform/system/core/+/669ecc2f5e80ff924fa20ce7445354a7c5bcfd98"> ANDROID-26403620</a> [<a href="https://android.googlesource.com/platform/system/core/+/81df1cc77722000f8d0025c1ab00ced123aa573c">2</a>] </td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 5 æ—¥</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 5 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_vulnerability_in_setup_wizard"> è¨å®šç²¾éˆä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>è¨å®šç²¾éˆä¸çš„æ¼æ´žå¯èƒ½æœƒè®“攻擊者è¦é¿æ¢å¾©åŽŸå» è¨å®šçš„防è·æ©Ÿåˆ¶ï¼Œä¸¦å–å¾—è£ç½®å˜å–權。由於這個å•é¡Œå¯èƒ½æœƒè®“èƒ½å¤ å¯¦éš›æ“作è£ç½®çš„人è¦é¿æ¢å¾©åŽŸå» è¨å®šçš„防è·æ©Ÿåˆ¶ï¼Œä½¿æ”»æ“Šè€…èƒ½å¤ é‡è¨è£ç½®ã€æ¸…é™¤æ‰€æœ‰è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2421</td> -<td>ANDROID-26154410*</td> -<td>ä¸</td> -<td>5.1.1ã€6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -</table> + <tbody><tr> + <th>CVE</th> + <th>錯誤</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2421</td> + <td>ANDROID-26154410*</td> + <td>ä¸</td> + <td>5.1.1ã€6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> +</tbody></table> + <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°ç‰ˆæœ¬çš„ Nexus è£ç½®å°ˆç”¨äºŒé€²ä½æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這個版本。</p> + <h3 id="elevation_of_privilege_in_wi-fi">Wi-Fi ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>Wi-Fi ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> + +<p>Wi-Fi ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="http://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2422</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2422</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/CertInstaller/+/70dde9870e9450e10418a32206ac1bb30f036b2c"> ANDROID-26324357</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 23 æ—¥</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 23 æ—¥</td> + </tr> +</tbody></table> + <h3 id="elevation_of_privilege_in_telephony">電話通訊系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> + <p>電話通訊系統ä¸çš„æ¼æ´žå¯èƒ½æœƒè®“攻擊者è¦é¿æ¢å¾©åŽŸå» è¨å®šçš„防è·æ©Ÿåˆ¶ï¼Œä¸¦å–å¾—è£ç½®å˜å–權。由於這個å•é¡Œå¯èƒ½æœƒè®“èƒ½å¤ å¯¦éš›æ“作è£ç½®çš„人è¦é¿æ¢å¾©åŽŸå» è¨å®šçš„防è·æ©Ÿåˆ¶ï¼Œä½¿æ”»æ“Šè€…èƒ½å¤ é‡è¨è£ç½®ã€æ¸…é™¤æ‰€æœ‰è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2423</td> -<td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2423</td> + <td><a href="https://android.googlesource.com/platform/packages/services/Telecomm/+/a06c9a4aef69ae27b951523cf72bf72412bf48fa"> ANDROID-26303187</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> +</tbody></table> + <h3 id="denial_of_service_in_syncstorageengine">SyncStorageEngine ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> + <p>SyncStorageEngine ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼é€ æˆè£ç½®ä¸æ–·é‡æ–°å•Ÿå‹•ã€‚由於這個å•é¡Œå¯ç”¨ä¾†é€ æˆæœ¬æ©Ÿæš«æ™‚拒絕æœå‹™ï¼Œè€Œä¸”å¯èƒ½é ˆé€éŽæ¢å¾©åŽŸå» è¨å®šçš„æ–¹å¼æ‰èƒ½ä¿®æ£ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2424</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2424</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/d3383d5bfab296ba3adbc121ff8a7b542bde4afb"> ANDROID-26513719</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>Google 內部</td> + </tr> +</tbody></table> + <h3 id="information_disclosure_vulnerability_in_aosp_mail">AOSP Mail ä¸çš„資訊外洩æ¼æ´ž</h3> + <p>AOSP Mail ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å–得使用者ç§äººè³‡è¨Šçš„å˜å–權。由於這個å•é¡Œå¯ç”¨æ–¼ä¸ç•¶å–得「å±éšªã€æ¬Šé™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/UnifiedEmail/+/0d9dfd649bae9c181e3afc5d571903f1eb5dc46f"> ANDROID-26989185</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -<tr> -<td>CVE-2016-2425</td> -<td>ANDROID-7154234*</td> -<td>ä¸</td> -<td>5.0.2</td> -<td>2016 å¹´ 1 月 29 æ—¥</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> + <tr> + <td>CVE-2016-2425</td> + <td>ANDROID-7154234*</td> + <td>ä¸</td> + <td>5.0.2</td> + <td>2016 å¹´ 1 月 29 æ—¥</td> + </tr> +</tbody></table> + <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªæ”¾åœ¨ AOSP ä¸ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°ç‰ˆæœ¬çš„ Nexus è£ç½®å°ˆç”¨äºŒé€²ä½æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這個版本。</p> + <h3 id="information_disclosure_vulnerability_in_framework">架構ä¸çš„資訊外洩æ¼æ´ž</h3> + <p>架構元件ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“應用程å¼å˜å–æ•æ„Ÿè³‡è¨Šã€‚由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹ä¸ç•¶å˜å–è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2426</td> -<td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> + <tbody><tr> + <th>CVE</th> + <th>錯誤 (附有 AOSP 連çµ)</th> + <th>åš´é‡ç¨‹åº¦</th> + <th>最新版本</th> + <th>å›žå ±æ—¥æœŸ</th> + </tr> + <tr> + <td>CVE-2016-2426</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/63363af721650e426db5b0bdfb8b2d4fe36abdb0"> ANDROID-26094635</a></td> -<td>ä¸</td> -<td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>2015 å¹´ 12 月 8 æ—¥</td> -</tr> -</table> -<h3 id="information_disclosure_vulnerability_in_bouncycastle">BouncyCastle ä¸çš„資訊外洩æ¼æ´ž</h3> -<p>BouncyCastle ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒé€ æˆé©—è‰é‡‘鑰外洩。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹ï¼Œåˆ©ç”¨å®‰è£åœ¨è£ç½®ä¸Šçš„應用程å¼å–å¾—å±éšªç‰ç´šçš„資料或權é™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> -<table> -<tr> -<th>CVE</th> -<th>錯誤 (附有 AOSP 連çµ)</th> -<th>åš´é‡ç¨‹åº¦</th> -<th>最新版本</th> -<th>å›žå ±æ—¥æœŸ</th> -</tr> -<tr> -<td>CVE-2016-2427</td> -<td><a href="https://android.googlesource.com/platform/libcore/+/efd369d996fd38c50a50ea0de8f20507253cb6de"> - ANDROID-26234568</a> - [<a href="https://android.googlesource.com/platform/external/bouncycastle/+/b3bddea0f33c0459293c6419569ad151b4a7b44b">2</a>] - </td> -<td>ä¸</td> -<td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> -<td>Google 內部</td> -</tr> -</table> + <td>ä¸</td> + <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> + <td>2015 å¹´ 12 月 8 æ—¥</td> + </tr> +</tbody></table> + <h2 id="common_questions_and_answers">常見å•é¡Œèˆ‡è§£ç”</h2> -<p>如果您在閱讀這篇公告後有任何疑å•ï¼Œå»ºè°æ‚¨æŸ¥çœ‹æœ¬ç¯€çš„ -常見å•ç”。</p> + +<p>如果您在閱讀這篇公告後有任何疑å•ï¼Œå»ºè°æ‚¨æŸ¥çœ‹æœ¬ç¯€çš„常見å•ç”。</p> + <p><strong>1. 如何判斷我目å‰çš„è£ç½®è»Ÿé«”版本是å¦å·²ä¿®æ£é€™äº›å•é¡Œï¼Ÿ</strong></p> + <p>2016 å¹´ 4 月 2 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å•é¡Œ (è«‹åƒé–± <a href="https://support.google.com/nexus/answer/4457705">Nexus 說明文件</a>,çžè§£å¦‚何查看安全修補ç‰ç´š)。æ供這些更新的è£ç½®è£½é€ 商應將修補程å¼å—串ç‰ç´šè¨å®šç‚ºï¼š [ro.build.version.security_patch]:[2016-04-02]</p> + <p><strong>2. 為什麼這一版安全修補ç‰ç´šçš„日期是 2016 å¹´ 4 月 2 日?</strong></p> -<p>在æ£å¸¸æƒ…æ³ä¸‹ï¼Œæ¯æœˆå®‰å…¨æ€§æ›´æ–°çš„安全修補ç‰ç´šæœƒè¨å®šç‚ºç•¶æœˆçš„第 1 天。在四月份,2016 å¹´ 4 月 1 日的安全修補ç‰ç´šè¡¨ç¤ºè©²å…¬å‘Šæ‰€åˆ—å•é¡Œå‡å·²ç²å¾—解決 -(如 <a href="/security/advisory/2016-03-18.html">Android 安全性公告 2016-03-18</a> ä¸æ‰€è¿°),但 CVE-2015-1805 除外。2016 å¹´ 4 月 2 日的安全修補ç‰ç´šå‰‡è¡¨ç¤ºè©²å…¬å‘Šæ‰€åˆ—å•é¡Œå‡å·²ç²å¾—解決 + +<p>在æ£å¸¸æƒ…æ³ä¸‹ï¼Œæ¯æœˆå®‰å…¨æ€§æ›´æ–°çš„安全修補ç‰ç´šæœƒè¨å®šç‚ºç•¶æœˆçš„第 1 天。在四月份,2016 å¹´ 4 月 1 日的安全修補ç‰ç´šè¡¨ç¤ºè©²å…¬å‘Šæ‰€åˆ—å•é¡Œå‡å·²ç²å¾—解決 +(如 <a href="/security/advisory/2016-03-18.html">Android 安全性公告 2016-03-18</a> ä¸æ‰€è¿°),但 CVE-2015-1805 除外。2016 å¹´ 4 月 2 日的安全修補ç‰ç´šå‰‡è¡¨ç¤ºè©²å…¬å‘Šæ‰€åˆ—å•é¡Œå‡å·²ç²å¾—解決 (如 <a href="/security/advisory/2016-03-18.html">Android 安全性公告 2016-03-18</a> ä¸æ‰€è¿°),包括 CVE-2015-1805。</p> + <h2 id="revisions">修訂版本</h2> + <ul> -<li>2016 å¹´ 4 月 4 日:發佈公告。 + <li>2016 å¹´ 4 月 4 日:發佈公告。 </li><li>2016 å¹´ 4 月 6 æ—¥ï¼šä¿®è¨‚å…¬å‘Šï¼ŒåŠ å…¥ AOSP 連çµã€‚ + </li><li>2016 å¹´ 4 月 7 æ—¥ï¼šä¿®è¨‚å…¬å‘Šï¼ŒåŠ å…¥å…¶ä»– AOSP 連çµã€‚ + </li><li>2016 å¹´ 7 月 11 日:更新 CVE-2016-2427 的說明。 + </li><li>2016 å¹´ 8 月 1 日:更新 CVE-2016-2427 的說明。</li><li>2016 å¹´ 12 月 19 日:移除 CVE-2016-2427,æ¤æ¼æ´žå·²å¾©åŽŸã€‚ </li></ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/zh-tw/security/bulletin/2016-07-01.html b/zh-tw/security/bulletin/2016-07-01.html index 3108ee91..0d80fb2a 100644 --- a/zh-tw/security/bulletin/2016-07-01.html +++ b/zh-tw/security/bulletin/2016-07-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android 安全性公告 — 2016 å¹´ 7 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,421 +20,29 @@ limitations under the License. --> - - <p><em>2016 å¹´ 7 月 6 日發佈 | 2016 å¹´ 7 月 14 日更新</em></p> <p>Android 安全性公告包å«æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦æ供相關的詳細資訊。在這篇公告發佈的åŒæ™‚,Google å·²é€éŽ OTA 更新機制發佈了 Nexus è£ç½®çš„安全性更新。æ¤å¤–,Nexus éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google 開發人員網站</a>上。2016 å¹´ 7 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†æœ¬å…¬å‘Šä¸çš„所有é©ç”¨å•é¡Œã€‚è¦çžè§£å¦‚何查看安全修補ç‰ç´šï¼Œè«‹åƒé–±<a href="https://support.google.com/nexus/answer/4457705#nexus_devices">說明文件</a>。</p> <p>åˆä½œå¤¥ä¼´æ˜¯åœ¨ 2016 å¹´ 6 月 6 日或之å‰æ”¶åˆ°æœ‰é—œå…¬å‘Šä¸æ‰€è¿°å•é¡Œçš„相關通知。這些å•é¡Œçš„åŽŸå§‹ç¢¼ä¿®è£œç¨‹å¼ (如果有å°æ‡‰çš„修補程å¼) 已發佈到 Android 開放原始碼計劃 (AOSP) å˜æ”¾å€ä¸ã€‚æ¤å¤–,本公告也æä¾› AOSP 以外的修補程å¼é€£çµã€‚</p> -<p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚</p> -<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果您想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 SafetyNet) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="å› æ‡‰æŽªæ–½">Android å’Œ Google æœå‹™å› 應措施</a>一節。</p> +<p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> +<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果您想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 SafetyNet) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="#mitigations">Android å’Œ Google æœå‹™å› 應措施</a>一節。</p> <p>我們建è°æ‰€æœ‰å®¢æˆ¶æŽ¥å—這些è£ç½®æ›´æ–°ã€‚</p> <h2 id="announcements">公告</h2> <ul> <li>本公告定義了兩個安全修補ç‰ç´šå—串,讓 Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£éƒ¨åˆ†ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚如需é¡å¤–資訊,請åƒé–±<a href="#common-questions-and-answers">常見å•é¡Œèˆ‡è§£ç”</a>: <ul> <li><strong>2016-07-01</strong>:部分安全修補ç‰ç´šå—串。這個安全修補ç‰ç´šå—串表示所有與 2016-07-01 相關的å•é¡Œéƒ½å·²ç²å¾—解決。 - <li><strong>2016-07-05</strong>:完整安全修補ç‰ç´šå—串。這個安全修補ç‰ç´šå—串表示所有與 2016-07-01 å’Œ 2016-07-05 相關的å•é¡Œéƒ½å·²ç²å¾—解決。</li> - </li></ul> + </li><li><strong>2016-07-05</strong>:完整安全修補ç‰ç´šå—串。這個安全修補ç‰ç´šå—串表示所有與 2016-07-01 å’Œ 2016-07-05 相關的å•é¡Œéƒ½å·²ç²å¾—解決。</li> + </ul> </li> <li>支æ´çš„ Nexus è£ç½®æœƒé€éŽ 2016 å¹´ 7 月 5 日的安全修補ç‰ç´šæŽ¥æ”¶ OTA 更新。</li> </ul> -<h2 id="security_vulnerability_summary">安全性æ¼æ´žæ‘˜è¦</h2> -<p>下表列出å„é …å®‰å…¨æ€§æ¼æ´žã€å¸¸è¦‹å¼±é»žèˆ‡æ¼æ´ž ID (CVE)ã€è©•å®šçš„åš´é‡ç¨‹åº¦åŠ Nexus è£ç½®æ˜¯å¦æœƒå—到影響。<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> - -<h3 id="2016-07-01_summary">2016-07-01 安全修補ç‰ç´šâ€”æ¼æ´žæ‘˜è¦</h3> -<p>2016-07-01 之後的安全修補ç‰ç´šå¿…é ˆè§£æ±ºä¸‹åˆ—å•é¡Œã€‚</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>åš´é‡ç¨‹åº¦</th> - <th>是å¦æœƒå½±éŸ¿ Nexus è£ç½®ï¼Ÿ</th> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2016-2506ã€CVE-2016-2505ã€CVE-2016-2507ã€CVE-2016-2508ã€CVE-2016-3741ã€CVE-2016-3742ã€CVE-2016-3743</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2016-2108</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>è—牙ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2016-3744</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libpng ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3751</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3745ã€CVE-2016-3746ã€CVE-2016-3747</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>通訊端ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3748</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>鎖定è¨å®šæœå‹™ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3749</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3750</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>ChooserTarget æœå‹™ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3752</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-3753</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>OpenSSL ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-2107</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-3754ã€CVE-2016-3755, CVE-2016-3756</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libc ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-3818</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>lsof ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3757</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>DexClassLoader ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3758</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3759</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>è—牙ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3760</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NFC ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3761</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>通訊端ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-3762</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Proxy 自動è¨å®šä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-3763</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-3764ã€CVE-2016-3765</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-3766</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> -<p>* æ¤æ¼æ´žä¸æœƒå°å·²å®‰è£æ‰€æœ‰å¯ç”¨æ›´æ–°çš„å—æ”¯æ´ Nexus è£ç½®ç”¢ç”Ÿå½±éŸ¿ã€‚</p> - - -<h3 id="2016-07-05_summary">2016-07-05 安全修補ç‰ç´šâ€”æ¼æ´žæ‘˜è¦</h3> -<p>2016-07-05 以後的安全修補ç‰ç´šå¿…é ˆè§£æ±º 2016-07-01 的所有å•é¡Œä»¥åŠä¸‹åˆ—å•é¡Œã€‚</p> - -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>åš´é‡ç¨‹åº¦</th> - <th>是å¦æœƒå½±éŸ¿ Nexus è£ç½®ï¼Ÿ</th> - </tr> - <tr> - <td>Qualcomm GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-2503ã€CVE-2016-2067</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3767</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 效能元件ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3768</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3769</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒæª”æ¡ˆç³»çµ±ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3775</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž (特定è£ç½®)</td> - <td>CVE-2015-8816</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2014-9794ã€CVE-2014-9795ã€CVE-2015-8892ã€CVE-2013-7457ã€CVE-2014-9781ã€CVE-2014-9786ã€CVE-2014-9788ã€CVE-2014-9779ã€CVE-2014-9780ã€CVE-2014-9789ã€CVE-2014-9793ã€CVE-2014-9782ã€CVE-2014-9783ã€CVE-2014-9785ã€CVE-2014-9787ã€CVE-2014-9784ã€CVE-2014-9777ã€CVE-2014-9778ã€CVE-2014-9790ã€CVE-2014-9792ã€CVE-2014-9797ã€CVE-2014-9791ã€CVE-2014-9796ã€CVE-2014-9800ã€CVE-2014-9799ã€CVE-2014-9801ã€CVE-2014-9802ã€CVE-2015-8891ã€CVE-2015-8888ã€CVE-2015-8889ã€CVE-2015-8890</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-2502</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3792</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-2501</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3793</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek é›»æºé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3795ã€CVE-2016-3796</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3797</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 硬體感測器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3798</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3799ã€CVE-2016-3800</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek GPS 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3801</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒæª”æ¡ˆç³»çµ±ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3802ã€CVE-2016-3803</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek é›»æºç®¡ç†é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3804ã€CVE-2016-3805</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 顯示驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3806</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>串列週邊介é¢é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3807ã€CVE-2016-3808</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 音訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-2068</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž (特定è£ç½®)</td> - <td>CVE-2014-9803</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>網路元件ä¸çš„資訊外洩æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3809</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3810</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒè¦–è¨Šé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3811</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 視訊轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3812</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm USB 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3813</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3814ã€CVE-2016-3815</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 顯示驅動程å¼ä¸çš„資訊外洩æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-3816</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒçµ‚ç«¯è¼¸å…¥é©…å‹•ç¨‹å¼ä¸çš„資訊外洩æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2016-0723</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 開機載入器ä¸çš„拒絕æœå‹™æ¼æ´ž - (特定è£ç½®)</td> - <td>CVE-2014-9798ã€CVE-2015-8893</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> - -<h2 id="mitigations">Android å’Œ Google æœå‹™å› 應措施</h2> +<h2 id="mitigations">Android å’Œ Google æœå‹™å•é¡Œå› 應措施</h2> <p>本節概è¦èªªæ˜Ž <a href="/security/enhancements/index.html">Android 安全性平å°</a>å’Œ SafetyNet ç‰æœå‹™é˜²è·æ–¹æ¡ˆæ‰€æ供的å„é …å› æ‡‰æŽªæ–½ã€‚é€™äº›æŽªæ–½èƒ½æœ‰æ•ˆé˜²ç¯„æœ‰å¿ƒäººå£«åœ¨ Android 系統上惡æ„é‹ç”¨å®‰å…¨æ€§æ¼æ´žä¾†é”到他們的目的。</p> <ul> <li>Android å¹³å°æŒçºŒæŽ¨å‡ºæ–°çš„ç‰ˆæœ¬ä¾†å¼·åŒ–å®‰å…¨æ€§ï¼Œå› æ¤æœ‰å¿ƒäººå£« 越來越難在 Android 系統上找出æ¼æ´žåŠ 以利用。我們建è°æ‰€æœ‰ä½¿ç”¨è€…盡å¯èƒ½æ›´æ–°è‡³æœ€æ–°ç‰ˆçš„ Android。</li> - <li>Android 安全性å°çµ„採用<a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf">「驗è‰æ‡‰ç”¨ç¨‹å¼ã€å’Œ SafetyNet</a> 主動監控濫用情形;使用這些功能的目的是在發ç¾<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„應用程å¼</a>時è¦å‘Šä½¿ç”¨è€…。「驗è‰æ‡‰ç”¨ç¨‹å¼ã€åœ¨æ載 <a href="http://www.android.com/gms">Google 行動æœå‹™</a>çš„è£ç½®ä¸Šéƒ½æœƒé è¨å•Ÿç”¨ï¼Œä¸”å°æ–¼è¦å¾ž Google Play 以外來æºå®‰è£æ‡‰ç”¨ç¨‹å¼çš„ä½¿ç”¨è€…ä¾†èªªæ ¼å¤–é‡è¦ã€‚Google Play ç¦æ¢ç™¼ä½ˆä»»ä½•å¯ç”¨æ–¼ç²å–è£ç½® Root 權é™çš„工具,但「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒåœ¨ä½¿ç”¨è€…嘗試安è£å·²åµæ¸¬åˆ°çš„ Root 權é™ç²å–æ‡‰ç”¨ç¨‹å¼ (無論其來æºç‚ºä½•) 時發出è¦å‘Šã€‚æ¤å¤–,「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒè¨æ³•æ‰¾å‡ºå·²çŸ¥æœƒåˆ©ç”¨æ¬Šé™å‡ç´šæ¼æ´žçš„惡æ„應用程å¼ï¼Œä¸¦å°éŽ–這類應用程å¼çš„安è£ä½œæ¥ã€‚如果使用者已安è£é€™é¡žæ‡‰ç”¨ç¨‹å¼ï¼Œã€Œé©—è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒé€šçŸ¥ä½¿ç”¨è€…並嘗試移除åµæ¸¬åˆ°çš„應用程å¼ã€‚</li> + <li>Android 安全性å°çµ„採用<a href="/security/reports/Google_Android_Security_2015_Report_Final.pdf">「驗è‰æ‡‰ç”¨ç¨‹å¼ã€å’Œ SafetyNet</a> 主動監控濫用情形;這些功能的用途是在發ç¾<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„應用程å¼</a>時è¦å‘Šä½¿ç”¨è€…。「驗è‰æ‡‰ç”¨ç¨‹å¼ã€åœ¨æ載 <a href="http://www.android.com/gms">Google 行動æœå‹™</a>çš„è£ç½®ä¸Šéƒ½æœƒé è¨å•Ÿç”¨ï¼Œä¸”å°æ–¼è¦å¾ž Google Play 以外來æºå®‰è£æ‡‰ç”¨ç¨‹å¼çš„ä½¿ç”¨è€…ä¾†èªªæ ¼å¤–é‡è¦ã€‚Google Play ç¦æ¢ç™¼ä½ˆä»»ä½•å¯ç”¨æ–¼ç²å–è£ç½® Root 權é™çš„工具,但「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒåœ¨ä½¿ç”¨è€…嘗試安è£å·²åµæ¸¬åˆ°çš„ Root 權é™ç²å–æ‡‰ç”¨ç¨‹å¼ (無論其來æºç‚ºä½•) 時發出è¦å‘Šã€‚æ¤å¤–,「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒè¨æ³•æ‰¾å‡ºå·²çŸ¥æœƒåˆ©ç”¨æ¬Šé™å‡ç´šæ¼æ´žçš„惡æ„應用程å¼ï¼Œä¸¦å°éŽ–這類應用程å¼çš„安è£ä½œæ¥ã€‚如果使用者已安è£é€™é¡žæ‡‰ç”¨ç¨‹å¼ï¼Œã€Œé©—è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒé€šçŸ¥ä½¿ç”¨è€…並嘗試移除åµæ¸¬åˆ°çš„應用程å¼ã€‚</li> <li>在é©ç”¨æƒ…æ³ä¸‹ï¼ŒGoogle Hangouts å’Œ Messenger 應用程å¼ä¸æœƒè‡ªå‹•å°‡åª’體內容傳é€çµ¦åª’體伺æœå™¨é€™é¡žçš„處ç†ç¨‹åºã€‚</li> </ul> @@ -444,48 +51,45 @@ <ul> <li>Google Chrome 安全性å°çµ„æˆå“¡ Abhishek Aryaã€Oliver Chang å’Œ Martin Barbella: CVE-2016-3756ã€CVE-2016-3741ã€CVE-2016-3743ã€CVE-2016-3742 - <li>Check Point Software Technologies Ltd. çš„ Adam Donenfeld et al.:CVE-2016-2503 - <li>Google çš„ Adam Powell:CVE-2016-3752 - <li>Context Information Security çš„ Alex Chapman å’Œ Paul Stone:CVE-2016-3763 - <li><a href="https://www.e2e-assure.com/">e2e-assure</a> çš„ Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>):CVE-2016-2457 - <li>Google Project Zero æˆå“¡ï¼šCVE-2016-3775 - <li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) å’Œ Xuxian Jiang:CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774 - <li>Google çš„ Christopher Tate:CVE-2016-3759 - <li>騰訊 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2016-3762 - <li><a href="http://www.360.com">奇虎 360</a> IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ pjf (<a href="http://weibo.com/jfpan ">weibo.com/jfpan</a>):CVE-2016-3806ã€CVE-2016-3816ã€CVE-2016-3805ã€CVE-2016-3804ã€CVE-2016-3767ã€CVE-2016-3810ã€CVE-2016-3795ã€CVE-2016-3796 - <li>Google Android å°çµ„çš„ Greg Kaiser:CVE-2016-3758 - <li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a>行動安全å°çµ„çš„ Guang Gong (龔廣) (<a href="https://twitter.com/oldfresher">@oldfresher</a>): - CVE-2016-3764 - <li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a>行動安全å°çµ„çš„ Hao Chen å’Œ Guang Gong:CVE-2016-3792ã€CVE-2016-3768 - <li><a href="http://www.cmcm.com">çµè±¹ç§»å‹•</a>å®‰å…¨æ€§ç ”ç©¶å¯¦é©—å®¤çš„ Hao Qin: - CVE-2016-3754ã€CVE-2016-3766 - <li><a href="http://www.360.com">奇虎 360</a> IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) å’Œ pjf (<a href="http://weibo.com/jfpan ">weibo.com/jfpan</a>):CVE-2016-3814ã€CVE-2016-3802ã€CVE-2016-3769ã€CVE-2016-3807ã€CVE-2016-3808 - <li>Google çš„ Marco Nelissen:CVE-2016-3818 - <li>Google Project Zero æˆå“¡ Mark Brand:CVE-2016-3757 - <li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>:CVE-2016-3750 - <li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-3747ã€CVE-2016-3746ã€CVE-2016-3765 - <li>阿里巴巴行動安全å°çµ„çš„ Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yang å’Œ Yang Ssong:CVE-2016-3800ã€CVE-2016-3799ã€CVE-2016-3801ã€CVE-2016-3812ã€CVE-2016-3798 - <li>趨勢科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>): + </li><li>Check Point Software Technologies Ltd. çš„ Adam Donenfeld et al.:CVE-2016-2503 + </li><li>Google çš„ Adam Powell:CVE-2016-3752 + </li><li>Context Information Security çš„ Alex Chapman å’Œ Paul Stone:CVE-2016-3763 + </li><li><a href="https://www.e2e-assure.com/">e2e-assure</a> çš„ Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>):CVE-2016-2457 + </li><li>Google Project Zero æˆå“¡ï¼šCVE-2016-3775 + </li><li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)ã€Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) å’Œ Xuxian Jiang:CVE-2016-3770ã€CVE-2016-3771ã€CVE-2016-3772ã€CVE-2016-3773ã€CVE-2016-3774 + </li><li>Google çš„ Christopher Tate:CVE-2016-3759 + </li><li>騰訊 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2016-3762 + </li><li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)ã€pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>):CVE-2016-3806ã€CVE-2016-3816ã€CVE-2016-3805ã€CVE-2016-3804ã€CVE-2016-3767ã€CVE-2016-3810ã€CVE-2016-3795ã€CVE-2016-3796 + </li><li>Google Android å°çµ„çš„ Greg Kaiser:CVE-2016-3758 + </li><li><a href="https://twitter.com/oldfresher">奇虎 360 科技有é™å…¬å¸</a>行動安全å°çµ„çš„ Guang Gong (龔廣) (<a href="http://www.360.com">@oldfresher</a>):CVE-2016-3764 + </li><li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> Alpha å°çµ„æˆå“¡ Hao Chen å’Œ Guang Gong:CVE-2016-3792ã€CVE-2016-3768 + </li><li><a href="http://www.cmcm.com">çµè±¹ç§»å‹•</a>å®‰å…¨æ€§ç ”ç©¶å¯¦é©—å®¤çš„ Hao Qin:CVE-2016-3754ã€CVE-2016-3766 + </li><li><a href="http://www.360.com">奇虎 360 科技有é™å…¬å¸</a> IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>):CVE-2016-3814ã€CVE-2016-3802ã€CVE-2016-3769ã€CVE-2016-3807ã€CVE-2016-3808 + </li><li>Google çš„ Marco Nelissen:CVE-2016-3818 + </li><li>Google Project Zero æˆå“¡ Mark Brand:CVE-2016-3757 + </li><li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>:CVE-2016-3750 + </li><li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-3747ã€CVE-2016-3746ã€CVE-2016-3765</li><li>阿里巴巴行動安全å°çµ„çš„ Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yang å’Œ Yang Ssong:CVE-2016-3800ã€CVE-2016-3799ã€CVE-2016-3801ã€CVE-2016-3812ã€CVE-2016-3798 + </li><li>趨勢科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>): CVE-2016-3793 - <li>Google çš„ Ricky Wai:CVE-2016-3749 - <li>Roeland Krak:CVE-2016-3753 - <li>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): + </li><li>Google çš„ Ricky Wai:CVE-2016-3749 + </li><li>Roeland Krak:CVE-2016-3753 + </li><li>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-3797ã€CVE-2016-3813ã€CVE-2016-3815ã€CVE-2016-2501ã€CVE-2016-2502 - <li>Vasily Vasilev:CVE-2016-2507 - <li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>): + </li><li>Vasily Vasilev:CVE-2016-2507 + </li><li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>): CVE-2016-2508ã€CVE-2016-3755 - <li>騰訊 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>):CVE-2016-3809 - <li>騰訊安全平å°éƒ¨é–€æˆå“¡ Xiling Gong:CVE-2016-3745 - <li>ä¸åœ‹ç§‘å¸é™¢è»Ÿé«”å¸é™¢ TCA 實驗室的 Yacong Gu: + </li><li>騰訊 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>):CVE-2016-3809 + </li><li>騰訊安全平å°éƒ¨é–€æˆå“¡ Xiling Gong:CVE-2016-3745 + </li><li>ä¸åœ‹ç§‘å¸é™¢è»Ÿé«”å¸é™¢ TCA 實驗室的 Yacong Gu: CVE-2016-3761 - <li>騰訊 Xuanwu 實驗室的 Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>):CVE-2016-2505 - <li>騰訊 Xuanwu 實驗室的 Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) å’Œ Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>):CVE-2016-2506 - <li>百度 X-實驗室的 Yulong Zhang å’Œ Tao (Lenx) Wei:CVE-2016-3744 + </li><li>騰訊 Xuanwu 實驗室的 Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>):CVE-2016-2505 + </li><li>騰訊 Xuanwu 實驗室的 Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>) å’Œ Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>):CVE-2016-2506 + </li><li>百度 X-實驗室的 Yulong Zhang å’Œ Tao (Lenx) Wei:CVE-2016-3744 </li> -</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> +</ul> -<h2 id="2016-07-01_details">2016-07-01 安全修補ç‰ç´šâ€”安全性æ¼æ´žè©³æƒ…</h2> -<p>下列å„節é‡å°ä¸Šæ–¹ <a href="#2016-07-01_summary">2016-07-01 安全修補ç‰ç´šâ€”安全性æ¼æ´žè©³æƒ…</a>ä¸åˆ—出的å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Nexus è£ç½®ã€AOSP 最新版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å¦‚æžœç›¸é—œéŒ¯èª¤æœ‰å…¬é–‹è®Šæ›´ï¼Œè©²éŒ¯èª¤ ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> +<h2 id="2016-07-01-details">2016-07-01 安全修補ç‰ç´šâ€”安全性æ¼æ´žè©³æƒ…</h2> +<p>下列å„節é‡å° 2016-07-01 安全性修補程å¼ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Nexus è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å¦‚æžœç›¸é—œéŒ¯èª¤æœ‰å…¬é–‹è®Šæ›´ï¼Œè©²éŒ¯èª¤ ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> <h3 id="remote-code-execution-vulnerability-in-mediaserver"> 媒體伺æœå™¨ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> @@ -493,13 +97,13 @@ <p>å—影響的功能是作æ¥ç³»çµ±çš„æ ¸å¿ƒéƒ¨åˆ†ï¼Œè€Œå¤šæ¬¾æ‡‰ç”¨ç¨‹å¼éƒ½å…許é ç«¯å…§å®¹é€£åˆ°é€™é …åŠŸèƒ½ï¼Œå…¶ä¸æœ€å¸¸è¦‹çš„內容是多媒體訊æ¯å’Œç€è¦½å™¨ä¸æ’放的媒體。</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -576,21 +180,20 @@ <td>6.0ã€6.0.1</td> <td>Google 內部</td> </tr> -</table> - +</tbody></table> -<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> +<h3 id="remote-code-execution-vulnerability-in-openssl-&-boringssl"> OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p>在檔案和資料的處ç†æœŸé–“,OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè¨˜æ†¶é«”出錯。由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨å—影響的程åºç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -608,20 +211,20 @@ OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 5 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="remote-code-execution-vulnerability-in-bluetooth"> -è—牙ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> -<p>è—牙ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“鄰近的攻擊者é€éŽé…å°ç¨‹åºåŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨è—牙è£ç½®å•Ÿå‹•æ™‚åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> +è—牙功能的é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> +<p>è—牙功能的é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“鄰近的攻擊者é€éŽé…å°ç¨‹åºåŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨è—牙è£ç½®å•Ÿå‹•æ™‚åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -638,20 +241,20 @@ OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 30 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-libpng"> libpng ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>libpng ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™) 的本機å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -669,20 +272,20 @@ libpng ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2015 å¹´ 12 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-mediaserver"> 媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™) 的本機å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> +<p>媒體伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨é€²éšŽç³»çµ±æ‡‰ç”¨ç¨‹å¼çš„環境內執行任何程å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽæ¬Šé™ (例如<a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">Signature</a> 或 <a href="https://developer.android.com/guide/topics/manifest/permission-element.html#plevel">SignatureOrSystem</a> ç‰ç¬¬ä¸‰æ–¹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–的權é™) 的本機å˜å–æ¬Šï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -720,20 +323,20 @@ libpng ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets"> 通訊端ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>通訊端ä¸çš„權é™å‡ç´šæ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的系統呼å«ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿ç³»çµ±ä¸ç”¨æ–¼é˜²ç¯„攻擊者惡æ„é‹ç”¨å¹³å°çš„å®‰å…¨æŽªæ–½ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -751,20 +354,20 @@ libpng ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-locksettingsservice"> 鎖定è¨å®šæœå‹™ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>鎖定è¨å®šæœå‹™ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“惡æ„應用程å¼åœ¨æœªç²å¾—使用者授權的情æ³ä¸‹é‡è¨èž¢å¹•éŽ–定密碼。由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿æœ¬æ©Ÿé‡å°ä»»ä½•é–‹ç™¼äººå“¡æˆ–安全性è¨å®šä¿®æ”¹ä½œæ¥æ‰€è¨çš„使用者互動è¦æ±‚ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -782,20 +385,20 @@ libpng ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>6.0ã€6.0.1</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis"> Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Parcels Framework API ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼è¦é¿ä½œæ¥ç³»çµ±ç‚ºäº†å°‡æ‡‰ç”¨ç¨‹å¼è³‡æ–™èˆ‡å…¶ä»–應用程å¼éš”離而採å–的防è·æŽªæ–½ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸå€‹æ‡‰ç”¨ç¨‹å¼ç„¡æ³•å˜å–çš„è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -813,20 +416,20 @@ Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2015 å¹´ 12 月 16 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-choosertarget-service"> ChooserTarget æœå‹™ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>ChooserTarget æœå‹™ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨å…¶ä»–應用程å¼ç’°å¢ƒå…§åŸ·è¡Œç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–屬於其他應用程å¼çš„「活動ã€ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -844,20 +447,20 @@ ChooserTarget æœå‹™ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>6.0ã€6.0.1</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver"> 媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</h3> <p>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“é 端攻擊者å˜å–一般åªé–‹æ”¾çµ¦ç²å¾—授權的本機安è£æ‡‰ç”¨ç¨‹å¼çš„å—ä¿è·è³‡æ–™ã€‚由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -873,7 +476,7 @@ ChooserTarget æœå‹™ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>4.4.4</td> <td>2016 å¹´ 2 月 15 æ—¥</td> </tr> -</table> +</tbody></table> <p>* æ¤æ¼æ´žä¸æœƒå°å·²å®‰è£æ‰€æœ‰å¯ç”¨æ›´æ–°çš„å—æ”¯æ´ Nexus è£ç½®ç”¢ç”Ÿå½±éŸ¿ã€‚</p> <h3 id="information-disclosure-vulnerability-in-openssl"> @@ -881,13 +484,13 @@ OpenSSL ä¸çš„資訊外洩æ¼æ´ž</h3> <p>OpenSSL ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“é 端攻擊者å˜å–一般åªé–‹æ”¾çµ¦ç²å¾—授權的本機安è£æ‡‰ç”¨ç¨‹å¼çš„å—ä¿è·è³‡æ–™ã€‚由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -903,7 +506,7 @@ OpenSSL ä¸çš„資訊外洩æ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1</td> <td>2016 å¹´ 4 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p>* æ¤æ¼æ´žä¸æœƒå°å·²å®‰è£æ‰€æœ‰å¯ç”¨æ›´æ–°çš„å—æ”¯æ´ Nexus è£ç½®ç”¢ç”Ÿå½±éŸ¿ã€‚</p> <h3 id="denial-of-service-vulnerability-in-mediaserver"> @@ -911,13 +514,13 @@ OpenSSL ä¸çš„資訊外洩æ¼æ´ž</h3> <p>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè£ç½®åœæ¢é‹ä½œæˆ–é‡æ–°é–‹æ©Ÿã€‚由於這個å•é¡Œå¯èƒ½æœƒé€ æˆæš«æ™‚性的é 端拒絕æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="19%"> - <col width="10%"> - <col width="16%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="19%" /> + <col width="10%" /> + <col width="16%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -956,20 +559,20 @@ OpenSSL ä¸çš„資訊外洩æ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-libc"> libc ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>libc ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè£ç½®åœæ¢é‹ä½œæˆ–é‡æ–°é–‹æ©Ÿã€‚由於這個å•é¡Œå¯èƒ½æœƒé€ æˆé 端拒絕æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -985,7 +588,7 @@ libc ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <td>4.4.4</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* æ¤æ¼æ´žä¸æœƒå°å·²å®‰è£æ‰€æœ‰å¯ç”¨æ›´æ–°çš„å—æ”¯æ´ Nexus è£ç½®ç”¢ç”Ÿå½±éŸ¿ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-lsof"> @@ -993,13 +596,13 @@ lsof ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>lsof ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ï¼Œé€²è€Œå°Žè‡´è£ç½®å—åˆ°æ°¸ä¹…æ€§ç ´å£žã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆé€éŽç½•è¦‹çš„手動æ¥é©Ÿæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1017,20 +620,20 @@ lsof ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-dexclassloader"> DexClassLoader ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>DexClassLoader ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆé€éŽç½•è¦‹çš„手動æ¥é©Ÿæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1048,20 +651,20 @@ DexClassLoader ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-framework-apis-2"> Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Framework API ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å–得備份權é™ï¼Œé€²è€Œæˆªç²æ‰€æœ‰å‚™ä»½è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå–得特定權é™æ‰èƒ½è¦é¿ä½œæ¥ç³»çµ±ç‚ºäº†å°‡æ‡‰ç”¨ç¨‹å¼è³‡æ–™èˆ‡å…¶ä»–應用程å¼éš”離而採å–的防è·æŽªæ–½ï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1079,20 +682,20 @@ Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-bluetooth"> -è—牙ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>è—牙ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機攻擊者新增經éŽé©—è‰ä¸”é©ç”¨æ–¼ä¸»è¦ä½¿ç”¨è€…çš„è—牙è£ç½®ã€‚由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å–得進階權é™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> +è—牙功能的權é™å‡ç´šæ¼æ´ž</h3> +<p>è—牙功能的權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機攻擊者新增經éŽé©—è‰ä¸”é©ç”¨æ–¼ä¸»è¦ä½¿ç”¨è€…çš„è—牙è£ç½®ã€‚由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å–得進階權é™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1111,20 +714,20 @@ Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 2 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-nfc"> NFC ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>NFC ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„背景應用程å¼å˜å–å‰æ™¯æ‡‰ç”¨ç¨‹å¼çš„資訊。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å–得進階權é™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1142,20 +745,20 @@ NFC ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 20 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-sockets-2"> 通訊端ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>通訊端ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–ç‰¹å®šç½•è¦‹é¡žåž‹çš„é€šè¨Šç«¯ï¼Œå› è€Œèƒ½åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿ç³»çµ±ä¸ç”¨æ–¼é˜²ç¯„攻擊者惡æ„é‹ç”¨å¹³å°çš„å®‰å…¨æŽªæ–½ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1173,20 +776,20 @@ NFC ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-proxy-auto-config"> Proxy 自動è¨å®šä¸çš„資訊外洩æ¼æ´ž</h3> <p>Proxy 自動è¨å®šå…ƒä»¶ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“應用程å¼å˜å–機密資訊。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1204,20 +807,20 @@ Proxy 自動è¨å®šä¸çš„資訊外洩æ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 3 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-mediaserver-2"> 媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</h3> <p>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–機密資訊。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1245,20 +848,20 @@ Proxy 自動è¨å®šä¸çš„資訊外洩æ¼æ´ž</h3> <td>6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-mediaserver-2"> 媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè£ç½®åœæ¢é‹ä½œæˆ–é‡æ–°é–‹æ©Ÿã€‚由於這個å•é¡Œå¯èƒ½æœƒé€ æˆé 端拒絕æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1277,22 +880,22 @@ Proxy 自動è¨å®šä¸çš„資訊外洩æ¼æ´ž</h3> <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 4 月 29 æ—¥</td> </tr> -</table> +</tbody></table> -<h2 id="2016-07-05_details">2016-07-05 安全修補ç‰ç´šâ€”æ¼æ´žæ‘˜è¦</h2> -<p>下列å„節é‡å°ä¸Šæ–¹ <a href="2016-07-05_summary">2016-07-05 安全修補ç‰ç´šâ€”安全性æ¼æ´žè©³æƒ…</a>ä¸åˆ—出的å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Nexus è£ç½®ã€AOSP 最新版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å¦‚æžœç›¸é—œéŒ¯èª¤æœ‰å…¬é–‹è®Šæ›´ï¼Œè©²éŒ¯èª¤ ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> +<h2 id="2016-07-05-details">2016-07-05 安全修補ç‰ç´šâ€”æ¼æ´žæ‘˜è¦</h2> +<p>下列å„節é‡å° 2016-07-05 安全性修補程å¼ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Nexus è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å¦‚æžœç›¸é—œéŒ¯èª¤æœ‰å…¬é–‹è®Šæ›´ï¼Œè©²éŒ¯èª¤ ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-gpu-driver"> Qualcomm GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1316,7 +919,7 @@ Qualcomm GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 20 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-wi-fi-driver"> @@ -1324,12 +927,12 @@ MediaTek Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1339,12 +942,12 @@ MediaTek Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <tr> <td>CVE-2016-3767</td> <td>A-28169363* - <br>M-ALPS02689526</td> + <br />M-ALPS02689526</td> <td>最高</td> <td>Android One</td> <td>2016 å¹´ 4 月 6 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-performance-component"> @@ -1352,12 +955,12 @@ Qualcomm 效能元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 效能元件ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1372,7 +975,7 @@ Qualcomm 效能元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5ã€Nexus 6ã€Nexus 5Xã€Nexus 6Pã€Nexus 7 (2013)</td> <td>2016 å¹´ 4 月 9 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-video-driver"> @@ -1380,12 +983,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1394,25 +997,25 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3769</td> - <td>A-28376656*<br> + <td>A-28376656*<br /> N-CVE20163769</td> <td>最高</td> <td>Nexus 9</td> <td>2016 å¹´ 4 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-drivers-device-specific">MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž (特定è£ç½®)</h3> <p>多個 MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1421,7 +1024,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3770</td> - <td>A-28346752*<br> + <td>A-28346752*<br /> M-ALPS02703102</td> <td>最高</td> <td>Android One</td> @@ -1429,7 +1032,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3771</td> - <td>A-29007611*<br> + <td>A-29007611*<br /> M-ALPS02703102</td> <td>最高</td> <td>Android One</td> @@ -1437,7 +1040,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3772</td> - <td>A-29008188*<br> + <td>A-29008188*<br /> M-ALPS02703102</td> <td>最高</td> <td>Android One</td> @@ -1445,7 +1048,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3773</td> - <td>A-29008363*<br> + <td>A-29008363*<br /> M-ALPS02703102</td> <td>最高</td> <td>Android One</td> @@ -1453,13 +1056,13 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3774</td> - <td>A-29008609*<br> + <td>A-29008609*<br /> M-ALPS02703102</td> <td>最高</td> <td>Android One</td> <td>2016 å¹´ 4 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system"> @@ -1467,12 +1070,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒæª”æ¡ˆç³»çµ±ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1486,20 +1089,20 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6P å’Œ Nexus Playerã€Pixel C</td> <td>2015 å¹´ 5 月 4 æ—¥</td> </tr> -</table> -<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> +</tbody></table> +<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-usb-driver"> USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1513,21 +1116,20 @@ USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Nexus Playerã€Pixel C</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> -<h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components"> -Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> +<h3 id="elevation-of-privilege-vulnerability-in-qualcomm-components">Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>ä¸‹æ–¹è¡¨æ ¼åˆ—å‡ºæœƒå½±éŸ¿ä»¥ä¸‹ Qualcomm 元件的安全性æ¼æ´žï¼ŒåŒ…括:開機載入器ã€ç›¸æ©Ÿé©…動程å¼ã€å—元驅動程å¼ã€ç¶²è·¯ã€éŸ³è¨Šé©…動程å¼å’Œè¦–訊驅動程å¼ã€‚</p> <p>由於這些å•é¡Œåœ¨æœ€åš´é‡çš„情æ³ä¸‹å¯èƒ½æœƒè®“有心人士執行任何程å¼ç¢¼ï¼Œé€²è€Œå°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œè€Œåªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦*</th> @@ -1536,7 +1138,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9795</td> - <td>A-28820720<br> + <td>A-28820720<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342">QC-CR681957</a> [<a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2e">2</a>] </td> @@ -1546,7 +1148,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9794</td> - <td>A-28821172<br> + <td>A-28821172<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=f39085971c8c4e36cadbf8a72aabe6c7ff538ffa">QC-CR646385</a> </td> <td>最高</td> @@ -1555,7 +1157,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8892</td> - <td>A-28822807<br> + <td>A-28822807<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23">QC-CR902998</a> </td> <td>最高</td> @@ -1564,8 +1166,8 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9781</td> - <td>A-28410333<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> + <td>A-28410333<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/video/?h=LA.BF.1.1.3_rb1.12&id=a2b5237ad265ec634489c8b296d870827b2a1b13&context=20&ignorews=0&dt=0">QC-CR556471</a> </td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1573,7 +1175,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9786</td> - <td>A-28557260<br> + <td>A-28557260<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b">QC-CR545979</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1581,7 +1183,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9788</td> - <td>A-28573112<br> + <td>A-28573112<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=73bfc22aa70cc0b7e6709381125a0a42aa72a4f2">QC-CR548872</a></td> <td>高</td> <td>Nexus 5</td> @@ -1589,15 +1191,15 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9779</td> - <td>A-28598347<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> + <td>A-28598347<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c?h=LA.BF.1.1.3_rb1.12&id=0b5f49b360afdebf8ef55df1e48ec141b3629621">QC-CR548679</a></td> <td>高</td> <td>Nexus 5</td> <td>2014 å¹´ 3 月 13 æ—¥</td> </tr> <tr> <td>CVE-2014-9780</td> - <td>A-28602014<br> + <td>A-28602014<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=b5bb13e1f738f90df11e0c17f843c73999a84a54">QC-CR542222</a></td> <td>高</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6P</td> @@ -1605,7 +1207,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9789</td> - <td>A-28749392<br> + <td>A-28749392<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=5720ed5c3a786e3ba0a2428ac45da5d7ec996b4e">QC-CR556425</a></td> <td>高</td> <td>Nexus 5</td> @@ -1613,7 +1215,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9793</td> - <td>A-28821253<br> + <td>A-28821253<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=0dcccecc4a6a9a9b3314cb87b2be8b52df1b7a81">QC-CR580567</a></td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1621,7 +1223,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9782</td> - <td>A-28431531<br> + <td>A-28431531<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/patch/?id=2e57a46ab2ba7299d99d9cdc1382bd1e612963fb">QC-CR511349</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1629,7 +1231,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9783</td> - <td>A-28441831<br> + <td>A-28441831<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=2b1050b49a9a5f7bb57006648d145e001a3eaa8b">QC-CR511382</a> [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a7502f4f801bb95bff73617309835bb7a016cde5">2</a>]</td> <td>高</td> @@ -1638,7 +1240,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9785</td> - <td>A-28469042<br> + <td>A-28469042<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=b4338420db61f029ca6713a89c41b3a5852b20ce">QC-CR545747</a></td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1646,7 +1248,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9787</td> - <td>A-28571496<br> + <td>A-28571496<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=528400ae4cba715f6c9ff4a2657dafd913f30b8b">QC-CR545764</a></td> <td>高</td> <td>Nexus 7 (2013)</td> @@ -1654,7 +1256,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9784</td> - <td>A-28442449<br> + <td>A-28442449<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=36503d639cedcc73880974ed92132247576e72ba">QC-CR585147</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1662,7 +1264,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9777</td> - <td>A-28598501<br> + <td>A-28598501<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43">QC-CR563654</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1670,7 +1272,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9778</td> - <td>A-28598515<br> + <td>A-28598515<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=af85054aa6a1bcd38be2354921f2f80aef1440e5">QC-CR563694</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1678,16 +1280,16 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9790</td> - <td>A-28769136<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> - [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> + <td>A-28769136<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=6ed921bda8cbb505e8654dfc1095185b0bccc38e">QC-CR545716</a> + [<a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit?h=LA.BF.1.1.3_rb1.12&id=9bc30c0d1832f7dd5b6fa10d5e48a29025176569">2</a>]</td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> <td>2014 å¹´ 4 月 30 æ—¥</td> </tr> <tr> <td>CVE-2014-9792</td> - <td>A-28769399<br> + <td>A-28769399<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=a3e3dd9fc0a2699ae053ffd3efb52cdc73ad94cd">QC-CR550606</a></td> <td>高</td> <td>Nexus 5</td> @@ -1695,7 +1297,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9797</td> - <td>A-28821090<br> + <td>A-28821090<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=3312737f3e1ec84dd67ee0622c7dd031083f71a4">QC-CR674071</a></td> <td>高</td> <td>Nexus 5</td> @@ -1703,15 +1305,15 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9791</td> - <td>A-28803396<br> - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> + <td>A-28803396<br /> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm/commit/?h=LA.BF.1.1.3_rb1.12&id=9aabfc9e7775abbbcf534cdecccc4f12ee423b27">QC-CR659364</a></td> <td>高</td> <td>Nexus 7 (2013)</td> <td>2014 å¹´ 8 月 29 æ—¥</td> </tr> <tr> <td>CVE-2014-9796</td> - <td>A-28820722<br> + <td>A-28820722<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=2e21b3a57cac7fb876bcf43244d7cc3dc1f6030d">QC-CR684756</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1719,7 +1321,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9800</td> - <td>A-28822150<br> + <td>A-28822150<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=6390f200d966dc13cf61bb5abbe3110447ca82b5">QC-CR692478</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1727,7 +1329,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9799</td> - <td>A-28821731<br> + <td>A-28821731<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=c2119f1fba46f3b6e153aa018f15ee46fe6d5b76">QC-CR691916</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1735,7 +1337,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9801</td> - <td>A-28822060<br> + <td>A-28822060<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=cf8f5a105bafda906ccb7f149d1a5b8564ce20c0">QC-CR705078</a></td> <td>高</td> <td>Nexus 5</td> @@ -1743,7 +1345,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9802</td> - <td>A-28821965<br> + <td>A-28821965<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=222e0ec9bc755bfeaa74f9a0052b7c709a4ad054">QC-CR705108</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1751,7 +1353,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8891</td> - <td>A-28842418<br> + <td>A-28842418<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=4f829bb52d0338c87bc6fbd0414b258f55cc7c62">QC-CR813930</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> @@ -1759,7 +1361,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8888</td> - <td>A-28822465<br> + <td>A-28822465<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=1321f34f1ebcff61ad7e65e507cfd3e9028af19b">QC-CR813933</a></td> <td>高</td> <td>Nexus 5</td> @@ -1767,7 +1369,7 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8889</td> - <td>A-28822677<br> + <td>A-28822677<br /> <a href="https://us.codeaurora.org/cgit/quic/la/kernel/lk/commit/?id=fa774e023554427ee14d7a49181e9d4afbec035e">QC-CR804067</a></td> <td>高</td> <td>Nexus 6P</td> @@ -1775,13 +1377,13 @@ Qualcomm 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2015-8890</td> - <td>A-28822878<br> + <td>A-28822878<br /> <a href="https://us.codeaurora.org/cgit/quic/la//kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4">QC-CR823461</a></td> <td>高</td> <td>Nexus 5ã€Nexus 7 (2013)</td> <td>2015 å¹´ 8 月 19 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這些å•é¡Œçš„åš´é‡ç¨‹åº¦æ˜¯ç”± Qualcomm 直接評定。</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-usb-driver"> @@ -1789,12 +1391,12 @@ Qualcomm USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1809,19 +1411,19 @@ Qualcomm USB 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 3 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver"> Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1836,19 +1438,19 @@ Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 7 (2013)</td> <td>2016 å¹´ 3 月 17 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-camera-driver"> Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1863,7 +1465,7 @@ Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)</td> <td>2016 å¹´ 3 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-nvidia-camera-driver"> @@ -1871,12 +1473,12 @@ NVIDIA 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>NVIDIA 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1885,13 +1487,13 @@ NVIDIA 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3793</td> - <td>A-28026625*<br> + <td>A-28026625*<br /> N-CVE20163793</td> <td>高</td> <td>Nexus 9</td> <td>2016 å¹´ 4 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-driver"> @@ -1899,12 +1501,12 @@ MediaTek é›»æºé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek é›»æºé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1913,7 +1515,7 @@ MediaTek é›»æºé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3795</td> - <td>A-28085222*<br> + <td>A-28085222*<br /> M-ALPS02677244</td> <td>高</td> <td>Android One</td> @@ -1921,26 +1523,26 @@ MediaTek é›»æºé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3796</td> - <td>A-29008443*<br> + <td>A-29008443*<br /> M-ALPS02677244</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 7 æ—¥</td> </tr> -</table> -<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> +</tbody></table> +<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-wi-fi-driver-2"> Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1955,7 +1557,7 @@ Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5X</td> <td>2016 å¹´ 4 月 7 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-hardware-sensor-driver"> @@ -1963,12 +1565,12 @@ MediaTek 硬體感測器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek 硬體感測器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1977,26 +1579,26 @@ MediaTek 硬體感測器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3798</td> - <td>A-28174490*<br> + <td>A-28174490*<br /> M-ALPS02703105</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> -<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> +</tbody></table> +<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-video-driver"> MediaTek 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2005,7 +1607,7 @@ MediaTek 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3799</td> - <td>A-28175025*<br> + <td>A-28175025*<br /> M-ALPS02693738</td> <td>高</td> <td>Android One</td> @@ -2013,13 +1615,13 @@ MediaTek 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3800</td> - <td>A-28175027*<br> + <td>A-28175027*<br /> M-ALPS02693739</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-gps-driver"> @@ -2027,12 +1629,12 @@ MediaTek GPS 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek GPS 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2041,13 +1643,13 @@ MediaTek GPS 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3801</td> - <td>A-28174914*<br> + <td>A-28174914*<br /> M-ALPS02688853</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-file-system-2"> @@ -2055,12 +1657,12 @@ MediaTek GPS 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒæª”æ¡ˆç³»çµ±ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2081,7 +1683,7 @@ MediaTek GPS 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 5 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-power-management-driver"> @@ -2089,12 +1691,12 @@ MediaTek é›»æºç®¡ç†é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek é›»æºç®¡ç†é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2103,7 +1705,7 @@ MediaTek é›»æºç®¡ç†é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3804</td> - <td>A-28332766*<br> + <td>A-28332766*<br /> M-ALPS02694410</td> <td>高</td> <td>Android One</td> @@ -2111,13 +1713,13 @@ MediaTek é›»æºç®¡ç†é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3805</td> - <td>A-28333002*<br> + <td>A-28333002*<br /> M-ALPS02694412</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-mediatek-display-driver"> @@ -2125,12 +1727,12 @@ MediaTek 顯示驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek 顯示驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2139,26 +1741,26 @@ MediaTek 顯示驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3806</td> - <td>A-28402341*<br> + <td>A-28402341*<br /> M-ALPS02715341</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> -<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> +</tbody></table> +<p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-serial-peripheral-interface-driver"> 串列週邊介é¢é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>串列週邊介é¢é©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2179,7 +1781,7 @@ MediaTek 顯示驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td>Pixel C</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-qualcomm-sound-driver"> @@ -2187,12 +1789,12 @@ Qualcomm 音訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 音訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2202,24 +1804,24 @@ Qualcomm 音訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <tr> <td>CVE-2016-2068</td> <td>A-28470967 - <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> + <a href="https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?h=APSS.FSM.3.0&id=01ee86da5a0cd788f134e360e2be517ef52b6b00">QC-CR1006609</a></td> <td>高</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="elevation-of-privilege-vulnerability-in-kernel"> æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2228,26 +1830,26 @@ Qualcomm 音訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> </tr> <tr> <td>CVE-2014-9803</td> - <td>A-28557020<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> + <td>A-28557020<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/arch/arm64/include/asm/pgtable.h?h=linux-3.10.y&id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6P</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="information-disclosure-vulnerability-in-networking-component"> 網路元件ä¸çš„資訊外洩æ¼æ´ž</h3> <p>網路元件ä¸çš„資訊外洩æ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2261,7 +1863,7 @@ Qualcomm 音訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <td><a href="#all_nexus">所有 Nexus è£ç½®</a></td> <td>2016 å¹´ 3 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="information-disclosure-vulnerability-in-mediatek-wi-fi-driver"> @@ -2269,12 +1871,12 @@ MediaTek Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>MediaTek Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2283,13 +1885,13 @@ MediaTek Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3810</td> - <td>A-28175522*<br> + <td>A-28175522*<br /> M-ALPS02694389</td> <td>高</td> <td>Android One</td> <td>2016 å¹´ 4 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="elevation-of-privilege-vulnerability-in-kernel-video-driver"> @@ -2297,12 +1899,12 @@ MediaTek Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>æ ¸å¿ƒè¦–è¨Šé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2316,7 +1918,7 @@ MediaTek Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <td>Nexus 9</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="information-disclosure-vulnerability-in-mediatek-video-codec-driver"> @@ -2324,12 +1926,12 @@ MediaTek 視訊轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>MediaTek 視訊轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2338,13 +1940,13 @@ MediaTek 視訊轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3812</td> - <td>A-28174833*<br> + <td>A-28174833*<br /> M-ALPS02688832</td> <td>ä¸</td> <td>Android One</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="information-disclosure-vulnerability-in-qualcomm-usb-driver"> @@ -2352,12 +1954,12 @@ Qualcomm USB 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>Qualcomm USB 驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2372,7 +1974,7 @@ Qualcomm USB 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6P</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="information-disclosure-vulnerability-in-nvidia-camera-driver"> @@ -2380,12 +1982,12 @@ NVIDIA 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>NVIDIA 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2394,7 +1996,7 @@ NVIDIA 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3814</td> - <td>A-28193342*<br> + <td>A-28193342*<br /> N-CVE20163814</td> <td>ä¸</td> <td>Nexus 9</td> @@ -2402,13 +2004,13 @@ NVIDIA 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-3815</td> - <td>A-28522274*<br> + <td>A-28522274*<br /> N-CVE20163815</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 5 月 1 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹å–用,而是包å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="information-disclosure-vulnerability-in-mediatek-display-driver"> @@ -2416,12 +2018,12 @@ MediaTek 顯示驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>MediaTek 顯示驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2435,7 +2037,7 @@ MediaTek 顯示驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <td>Android One</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªä¾›å…¬é–‹ä½¿ç”¨ï¼Œè€Œæ˜¯åŒ…å«åœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h3 id="information-disclosure-vulnerability-in-kernel-teletype-driver"> @@ -2443,12 +2045,12 @@ MediaTek 顯示驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>æ ¸å¿ƒçµ‚ç«¯è¼¸å…¥é©…å‹•ç¨‹å¼ä¸çš„資訊外洩æ¼æ´žå¯è®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2457,25 +2059,25 @@ MediaTek 顯示驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> </tr> <tr> <td>CVE-2016-0723</td> - <td>A-28409131<br> + <td>A-28409131<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439">上游程å¼åº«æ ¸å¿ƒ</a></td> <td>ä¸</td> <td>Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Nexus Playerã€Pixel C</td> <td>2016 å¹´ 4 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="denial-of-service-vulnerability-in-qualcomm-bootloader"> Qualcomm 開機載入器ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>Qualcomm 開機載入器ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒå°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="16%"> - <col width="10%"> - <col width="27%"> - <col width="16%"> - <tr> + <colgroup><col width="19%" /> + <col width="16%" /> + <col width="10%" /> + <col width="27%" /> + <col width="16%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2498,7 +2100,7 @@ Qualcomm 開機載入器ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <td>Nexus 5ã€Nexus 7 (2013)</td> <td>2015 å¹´ 8 月 19 æ—¥</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">常見å•é¡Œèˆ‡è§£ç”</h2> <p>如果您在閱讀這篇公告後有任何疑å•ï¼Œå¯åƒè€ƒæœ¬ç¯€çš„常見å•ç”。</p> @@ -2510,20 +2112,20 @@ Qualcomm 開機載入器ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>如果è£ç½®æ˜¯ä½¿ç”¨ 2016 å¹´ 7 月 5 日之後的安全修補ç‰ç´šï¼Œå°±å¿…é ˆåŠ å…¥æœ¬å®‰å…¨æ€§å…¬å‘Š (以åŠä¹‹å‰å…¬å‘Š) ä¸çš„所有é©ç”¨ä¿®è£œç¨‹å¼ã€‚</p> <p>使用 2016 å¹´ 7 月 1 日安全修補ç‰ç´šçš„è£ç½®å¿…é ˆç´å…¥æ‰€æœ‰èˆ‡è©²å®‰å…¨ä¿®è£œç‰ç´šç›¸é—œçš„å•é¡Œï¼Œä»¥åŠåœ¨ä¹‹å‰å®‰å…¨æ€§å…¬å‘Šä¸å›žå ±çš„所有å•é¡Œé©ç”¨çš„ä¿®æ£ç¨‹å¼ã€‚æ¤å¤–,使用 2016 å¹´ 7 月 1 日安全修補ç‰ç´šçš„è£ç½®ä¹Ÿå¿…é ˆåŠ å…¥èˆ‡ 2016 å¹´ 7 月 5 日安全修補ç‰ç´šç›¸é—œçš„部分修æ£ç¨‹å¼ã€‚</p> -<p id="all_nexus"><strong>3. 如何判斷哪些 Nexus è£ç½®æœƒå—到å„個å•é¡Œçš„影響?</strong></p> -<p>在 <a href="#2016-07-01_details">2016-07-01</a> å’Œ <a href="#2016-07-05_details">2016-07-05</a> 安全性æ¼æ´žè©³æƒ…çš„ç« ç¯€ä¸ï¼Œæ¯å€‹è¡¨æ ¼éƒ½åŒ…å«ã€Œæ›´æ–°çš„ Nexus è£ç½®ã€æ¬„,當ä¸åˆ—出已é‡å°å„個å•é¡Œé€²è¡Œæ›´æ–°çš„å—影響 Nexus è£ç½®ç¯„åœã€‚æ¤æ¬„ä¸çš„é¸é …包括:</p> +<p id="all_nexus"><strong>3. 如何判斷哪些 Nexus è£ç½®æœƒå—到哪種å•é¡Œçš„影響?</strong></p> +<p>在 <a href="#2016-07-01-details">2016-07-01</a> å’Œ <a href="#2016-07-05-details">2016-07-05</a> 安全性æ¼æ´žè©³æƒ…çš„ç« ç¯€ä¸ï¼Œæ¯å€‹è¡¨æ ¼éƒ½åŒ…å«ã€Œæ›´æ–°çš„ Nexus è£ç½®ã€æ¬„,當ä¸åˆ—出已é‡å°å„個å•é¡Œé€²è¡Œæ›´æ–°çš„å—影響 Nexus è£ç½®ç¯„åœã€‚æ¤æ¬„ä¸çš„é¸é …包括:</p> <ul> <li><strong>所有 Nexus è£ç½®</strong>:如果å•é¡Œæœƒå½±éŸ¿åˆ°æ‰€æœ‰ Nexus è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Nexus è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œæ‰€æœ‰ Nexus è£ç½®ã€å—樣。「所有 Nexus è£ç½®ã€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/nexus/answer/4457705#nexus_devices">支æ´çš„è£ç½®</a>: Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Player å’Œ Pixel C。</li> <li><strong>部分 Nexus è£ç½®</strong>:如果å•é¡Œä¸¦æœªå½±éŸ¿æ‰€æœ‰ Nexus è£ç½®ï¼Œã€Œæ›´æ–°çš„ Nexus è£ç½®ã€<em></em>欄ä¸å°±æœƒåˆ—出å—到影響的 Nexus è£ç½®ã€‚</li> - <li><strong>ç„¡ Nexus è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½• Nexus è£ç½®ï¼Œè¡¨æ ¼çš„「更新的 Nexus è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œç„¡ã€å—樣。</li> + <li><strong>ä¸å½±éŸ¿ä»»ä½• Nexus è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½• Nexus è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Nexus è£ç½®ã€<em></em>欄ä¸å°±æœƒæ¨™ç¤ºã€Œç„¡ã€å—樣。</li> </ul> <p><strong>4. åƒè€ƒè³‡æ–™æ¬„ä¸çš„é …ç›®æœƒå°æ‡‰åˆ°ä»€éº¼ï¼Ÿ</strong></p> <p>æ¼æ´žè©³æƒ…è¡¨æ ¼ä¸ã€Œåƒè€ƒè³‡æ–™ã€<em></em>æ¬„åº•ä¸‹çš„é …ç›®å¯èƒ½æœƒåŒ…å«ä¸€å€‹å‰ç½®å—元,表示該åƒè€ƒè³‡æ–™å€¼æ‰€å±¬çš„å…¬å¸ã€‚這些å‰ç½®å—元的å°æ‡‰æƒ…形如下:</p> <table> - <tr> + <tbody><tr> <th>å‰ç½®å—å…ƒ</th> <th>åƒè€ƒè³‡æ–™</th> </tr> @@ -2543,7 +2145,7 @@ Qualcomm 開機載入器ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <td>N-</td> <td>NVIDIA åƒè€ƒç·¨è™Ÿ</td> </tr> -</table> +</tbody></table> <h2 id="revisions">修訂版本</h2> <ul> @@ -2551,13 +2153,12 @@ Qualcomm 開機載入器ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <li>2016 å¹´ 7 月 7 日: <ul> <li>新增 AOSP 連çµã€‚ - <li>移除 CVE-2016-3794 (å› å…¶å…§å®¹èˆ‡ CVE-2016-3814 é‡è¤‡) - <li>新增 CVE-2016-2501 å’Œ CVE-2016-2502 çš„è²¢ç»äººå“¡æ¨™ç¤º - </li></li></li></ul> + </li><li>移除 CVE-2016-3794 (å› å…¶å…§å®¹èˆ‡ CVE-2016-3814 é‡è¤‡) + </li><li>新增 CVE-2016-2501 å’Œ CVE-2016-2502 çš„è²¢ç»äººå“¡æ¨™ç¤º + </li></ul> </li> <li>2016 å¹´ 7 月 11 日:更新 CVE-2016-3750 çš„è²¢ç»äººå“¡æ¨™ç¤º</li> <li>2016 å¹´ 7 月 14 日:更新 CVE-2016-2503 çš„è²¢ç»äººå“¡æ¨™ç¤º</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/zh-tw/security/bulletin/2016-12-01.html b/zh-tw/security/bulletin/2016-12-01.html index 3e7659b7..8a3df48a 100644 --- a/zh-tw/security/bulletin/2016-12-01.html +++ b/zh-tw/security/bulletin/2016-12-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> +<html devsite><head> <title>Android 安全性公告 — 2016 å¹´ 12 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -21,16 +20,13 @@ limitations under the License. --> - - -<p><em>發佈日期:2016 å¹´ 12 月 5 æ—¥ | 更新日期:2016 å¹´ 12 月 7 æ—¥</em></p> -<p>Android 安全性公告包å«æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦èªªæ˜Žå„é …ç›¸é—œç´°ç¯€ã€‚åœ¨é€™ç¯‡å…¬å‘Šç™¼ä½ˆçš„åŒæ™‚,Google å·²é€éŽ OTA 更新機制發佈了 Google è£ç½®çš„安全性更新。æ¤å¤–,Google éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2016 å¹´ 12 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å·²æåŠçš„所有å•é¡Œã€‚è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹åƒé–± <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>。 +<p><em>發佈日期:2016 å¹´ 12 月 5 æ—¥ | 更新日期:2016 å¹´ 12 月 21 æ—¥</em></p> +<p>Android å®‰å…¨æ€§å…¬å‘Šç¾…åˆ—äº†æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦èªªæ˜Žå„é …ç›¸é—œç´°ç¯€ã€‚åœ¨é€™ç¯‡å…¬å‘Šç™¼ä½ˆçš„åŒæ™‚,Google å·²é€éŽ OTA 更新機制發佈了 Google è£ç½®çš„安全性更新。æ¤å¤–,Google éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2016 å¹´ 12 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å·²æåŠçš„所有å•é¡Œã€‚è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹åƒé–± <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>。 </p> <p> åˆä½œå¤¥ä¼´æ˜¯åœ¨ 2016 å¹´ 11 月 7 日或之å‰æ”¶åˆ°å…¬å‘Šä¸æ‰€è¿°å•é¡Œçš„相關通知。這些å•é¡Œçš„原始碼修補程å¼å·²ç™¼ä½ˆåˆ° Android 開放原始碼計劃 (AOSP) å˜æ”¾å€ä¸ï¼Œä¸”公告ä¸äº¦æ供相關連çµã€‚æ¤å¤–,本公告也æä¾› AOSP 以外的修補程å¼é€£çµã€‚ </p> -<p> -由於這些å•é¡Œåœ¨æœ€åš´é‡çš„情æ³ä¸‹å¯èƒ½æœƒè®“è£ç½®å°ˆç”¨çš„程å¼ç¢¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ï¼Œé€²è€Œå°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œè€Œåªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ï¼Œå› æ¤è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ç‰ç´šçš„安全性æ¼æ´žã€‚ +<p>由於這些å•é¡Œåœ¨æœ€åš´é‡çš„情æ³ä¸‹å¯èƒ½æœƒè®“è£ç½®å°ˆç”¨çš„程å¼ç¢¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ï¼Œé€²è€Œå°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œè€Œåªèƒ½ä»¥é‚„原 (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼ä¿®å¾©ï¼Œå› æ¤è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ç‰ç´šçš„安全性æ¼æ´žã€‚<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚ </p> <p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果您想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="#mitigations">Android å’Œ Google æœå‹™å› 應措施</a>一節。 </p> @@ -46,289 +42,7 @@ </li> <li>支æ´çš„ Google è£ç½®æœƒé€éŽ 2016 å¹´ 12 月 5 日的安全修補ç‰ç´šæŽ¥æ”¶å–®ä¸€ OTA 更新。</li> </ul> -<h2 id="security-vulnerability-summary">安全性æ¼æ´žæ‘˜è¦</h2> -<p> -下表列出å„é …å®‰å…¨æ€§æ¼æ´žã€å¸¸è¦‹å¼±é»žèˆ‡æ¼æ´ž ID (CVE)ã€è©•å®šçš„åš´é‡ç¨‹åº¦åŠ Google è£ç½®æ˜¯å¦æœƒå—到影響。<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚ -</p> -<h3 id="2016-12-01-summary">2016-12-01 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</h3> -<p> -2016-12-01 之後的安全修補ç‰ç´šå¿…é ˆè§£æ±ºä¸‹åˆ—å•é¡Œã€‚ -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>åš´é‡ç¨‹åº¦</th> - <th>是å¦å½±éŸ¿ Google è£ç½®ï¼Ÿ</th> - </tr> - <tr> - <td>CURL/LIBCURL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2016-5419ã€CVE-2016-5420ã€CVE-2016-5421</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libziparchive ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6762</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>電話通訊系統ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-6763</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-6766ã€CVE-2016-6765ã€CVE-2016-6764ã€CVE-2016-6767</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Framesequence 程å¼åº«ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2016-6768</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Smart Lock ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6769</td> - <td>ä¸</td> - <td>å¦*</td> - </tr> - <tr> - <td>Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6770</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>電話通訊系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6771</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6772</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-6773</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>套件管ç†å“¡ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-6774</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> -<p> -* 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ -</p> -<h3 id="2016-12-05-summary">2016-12-05 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</h3> -<p> -2016-12-05 以後的安全修補ç‰ç´šå¿…é ˆè§£æ±º 2016-12-01 的所有å•é¡Œä»¥åŠä¸‹åˆ—å•é¡Œã€‚ -</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>åš´é‡ç¨‹åº¦</th> - <th>是å¦å½±éŸ¿ Google è£ç½®ï¼Ÿ</th> - </tr> - <tr> - <td>æ ¸å¿ƒè¨˜æ†¶é«”å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-4794ã€CVE-2016-5195</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6775ã€CVE-2016-6776ã€CVE-2016-6777</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2015-8966</td> - <td>最高</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6915ã€CVE-2016-6916ã€CVE-2016-6917</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒ ION 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-9120</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 元件ä¸çš„æ¼æ´ž</td> - <td>CVE-2016-8411</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒæª”æ¡ˆç³»çµ±ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2014-4014</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2015-8967</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>HTC 音效轉碼器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6778ã€CVE-2016-6779ã€CVE-2016-6780</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6492ã€CVE-2016-6781ã€CVE-2016-6782ã€CVE-2016-6783ã€CVE-2016-6784ã€CVE-2016-6785</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm 媒體轉碼器ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6761ã€CVE-2016-6760ã€CVE-2016-6759ã€CVE-2016-6758</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6755</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒæ•ˆèƒ½å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6786ã€CVE-2016-6787</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek I2C 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6788</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA libomx 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6789ã€CVE-2016-6790</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 音效驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-6791ã€CVE-2016-8391ã€CVE-2016-8392</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒå®‰å…¨å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2015-7872</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Synaptics 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-8393ã€CVE-2016-8394</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Broadcom Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2014-9909ã€CVE-2014-9910</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>MediaTek 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8396</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8397</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>GPS ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-5341</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 相機驅動程å¼ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-8395</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒç¶²è·¯å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-8399</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 元件ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-6756ã€CVE-2016-6757</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA librm 程å¼åº«ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8400</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒå…ƒä»¶ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8401ã€CVE-2016-8402ã€CVE-2016-8403ã€CVE-2016-8404ã€CVE-2016-8405ã€CVE-2016-8406ã€CVE-2016-8407</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8408ã€CVE-2016-8409</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 音效驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8410</td> - <td>ä¸</td> - <td>是</td> - </tr> -</table> -<p> -* 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ -</p> -<h2 id="mitigations">Android å’Œ Google æœå‹™å› 應措施</h2> +<h2 id="mitigations">Android å’Œ Google æœå‹™å•é¡Œå› 應措施</h2> <p> 本節概述 <a href="/security/enhancements/index.html">Android 安全性平å°</a>å’Œ SafetyNet ç‰æœå‹™é˜²è·æ–¹æ¡ˆæ‰€æä¾›çš„å› æ‡‰æŽªæ–½ã€‚é€™äº›æŽªæ–½å¯æœ‰æ•ˆé˜²ç¯„有心人士在 Android 系統上惡æ„é‹ç”¨å®‰å…¨æ€§æ¼æ´žä¾†é”到特定目的。 </p> @@ -349,8 +63,8 @@ <li>Google çš„ David Benjamin å’Œ Kenny Root:CVE-2016-6767</li> <li>騰訊 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2016-6776ã€CVE-2016-6787</li> <li><a href="http://www.ms509.com">MS509Team</a> çš„ En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>):CVE-2016-6763</li> - <li>奇虎 360 IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan ">pjf</a>:CVE-2016-6779ã€CVE-2016-6778ã€CVE-2016-8401ã€CVE-2016-8402ã€CVE-2016-8403ã€CVE-2016-8409ã€CVE-2016-8408ã€CVE-2016-8404</li> - <li>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao ">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan ">pjf</a>:CVE-2016-6788ã€CVE-2016-6781ã€CVE-2016-6782ã€CVE-2016-8396</li> + <li>奇虎 360 IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-6779ã€CVE-2016-6778ã€CVE-2016-8401ã€CVE-2016-8402ã€CVE-2016-8403ã€CVE-2016-8409ã€CVE-2016-8408ã€CVE-2016-8404</li> + <li>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-6788ã€CVE-2016-6781ã€CVE-2016-6782ã€CVE-2016-8396</li> <li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>ã€Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>) å’Œ Xuxian Jiang:CVE-2016-6791ã€CVE-2016-8391ã€CVE-2016-8392</li> <li>Google Project Zero æˆå“¡ Mark Brand:CVE-2016-6772</li> <li><a href="https://github.com/michalbednarski">MichaÅ‚ Bednarski</a>:CVE-2016-6770ã€CVE-2016-6774</li> @@ -375,14 +89,11 @@ <li>奇虎 360 æˆéƒ½å®‰å…¨æ€§æ‡‰è®Šä¸å¿ƒæˆå“¡ Zhe Jin (金哲):CVE-2016-6764ã€CVE-2016-6766</li> <li>奇虎 360 æˆéƒ½å®‰å…¨æ€§æ‡‰è®Šä¸å¿ƒæˆå“¡ <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>:CVE-2016-6762</li> </ul> -<p> -æ¤å¤–,還è¦æ„Ÿè¬ç“¶ç§‘技的 MengLuo Gou (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)ã€Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) å’Œ Google çš„ Zubin Mithra å°æœ¬å…¬å‘Šæ‰€åšçš„è²¢ç»ã€‚ +<p>æ¤å¤–,還è¦æ„Ÿè¬ç“¶ç§‘技的 MengLuo Gou (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)ã€Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) å’Œ Google çš„ Zubin Mithra å°æœ¬å…¬å‘Šæ‰€åšçš„è²¢ç»ã€‚ </p> <h2 id="2016-12-01-details">2016-12-01 安全修補ç‰ç´š — 資安æ¼æ´žè©³æƒ…</h2> -<p> -下列å„節é‡å°ä¸Šæ–¹ <a href="#2016-12-01-summary">2016-12-01 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> - +<p>下列å„節é‡å° 2016-12-01 安全性修補程å¼ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊。包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> <h3 id="rce-in-curl-libcurl">CURL/LIBCURL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p> @@ -390,13 +101,13 @@ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -428,8 +139,7 @@ <td>7.0</td> <td>2016 å¹´ 8 月 3 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-libziparchive">libziparchive ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -437,13 +147,13 @@ libziparchive 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -462,8 +172,7 @@ libziparchive 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 8 月 28 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-telephony">電話通訊系統ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p> @@ -471,13 +180,13 @@ libziparchive 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -494,8 +203,7 @@ libziparchive 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p> @@ -503,13 +211,13 @@ libziparchive 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -552,26 +260,25 @@ libziparchive 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 <td>4.4.4</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p> * 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ </p> - <h3 id="rce-in-framesequence-library">Framesequence 程å¼åº«ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p> Framesequence 程å¼åº«ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“攻擊者能利用特製檔案在未ç²æŽˆæ¬Šç¨‹åºçš„環境ä¸åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨ä½¿ç”¨ Framesequence 程å¼åº«çš„應用程å¼ä¸åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -588,8 +295,7 @@ Framesequence 程å¼åº«ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“攻擊者能 <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-smart-lock">Smart Lock ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -597,13 +303,13 @@ Smart Lock ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„使用者在沒有 PI </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -619,25 +325,24 @@ Smart Lock ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„使用者在沒有 PI <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 5 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ </p> - <h3 id="eop-in-framework-apis">Framework API ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> Framework API ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的系統功能。由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿æœ¬æ©Ÿå—é™ç¨‹åºçš„é™åˆ¶æ¢ä»¶ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -654,8 +359,7 @@ Framework API ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å– <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 7 月 16 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-telephony">電話通訊系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -663,13 +367,13 @@ Framework API ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å– </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -686,8 +390,7 @@ Framework API ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å– <td>6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 17 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -695,13 +398,13 @@ Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -719,8 +422,7 @@ Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 9 月 30 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</h3> <p> @@ -728,13 +430,13 @@ Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -752,8 +454,7 @@ Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾ <td>6.0ã€6.0.1ã€7.0</td> <td>2016 å¹´ 7 月 27 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-package-manager">套件管ç†å“¡ä¸çš„資訊外洩æ¼æ´ž</h3> <p> @@ -761,13 +462,13 @@ Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾ </p> <table> - <col width="18%"> - <col width="18%"> - <col width="10%"> - <col width="19%"> - <col width="17%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="18%" /> + <col width="10%" /> + <col width="19%" /> + <col width="17%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -784,25 +485,23 @@ Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾ <td>7.0</td> <td>2016 å¹´ 8 月 29 æ—¥</td> </tr> -</table> - +</tbody></table> <h2 id="2016-12-05-details">2016-12-05 安全修補ç‰ç´š — 資安æ¼æ´žè©³æƒ…</h2> -<p> -下列å„節é‡å°ä¸Šæ–¹ <a href="#2016-12-05-summary">2016-12-05 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> +<p>下列å„節é‡å° 2016-12-05 安全性修補程å¼ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊。包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> <h3 id="eop-in-kernel-memory-subsystem">æ ¸å¿ƒè¨˜æ†¶é«”å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> -æ ¸å¿ƒè¨˜æ†¶é«”å系統ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚ +æ ¸å¿ƒè¨˜æ†¶é«”å系統ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -811,24 +510,25 @@ Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾ </tr> <tr> <td>CVE-2016-4794</td> - <td>A-31596597<br> - <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28">上游程å¼åº«æ ¸å¿ƒ</a> -[<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> + <td>A-31596597<br /> + <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28"> + 上游程å¼åº«æ ¸å¿ƒ</a> + [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td> <td>最高</td> <td>Pixel Cã€Pixelã€Pixel XL</td> <td>2016 å¹´ 4 月 17 æ—¥</td> </tr> <tr> <td>CVE-2016-5195</td> - <td>A-32141528<br> - <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1">上游程å¼åº«æ ¸å¿ƒ</a> -[<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> + <td>A-32141528<br /> + <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"> + 上游程å¼åº«æ ¸å¿ƒ</a> + [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td> <td>最高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -836,12 +536,12 @@ NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -850,26 +550,26 @@ NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 </tr> <tr> <td>CVE-2016-6775</td> - <td>A-31222873*<br>N-CVE-2016-6775</td> + <td>A-31222873*<br />N-CVE-2016-6775</td> <td>最高</td> <td>Nexus 9</td> <td>2016 å¹´ 8 月 25 æ—¥</td> </tr> <tr> <td>CVE-2016-6776</td> - <td>A-31680980*<br>N-CVE-2016-6776</td> + <td>A-31680980*<br />N-CVE-2016-6776</td> <td>最高</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-6777</td> - <td>A-31910462*<br>N-CVE-2016-6777</td> + <td>A-31910462*<br />N-CVE-2016-6777</td> <td>最高</td> <td>Nexus 9</td> <td>2016 å¹´ 10 月 3 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -878,12 +578,12 @@ NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -892,31 +592,30 @@ NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 </tr> <tr> <td>CVE-2015-8966</td> - <td>A-31435731<br> + <td>A-31435731<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76cc404bfdc0d419c720de4daaf2584542734f42"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>最高</td> <td>ç„¡*</td> <td>2016 å¹´ 9 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ </p> - <h3 id="eop-in-nvidia-video-driver">NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -926,7 +625,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç <tr> <td>CVE-2016-6915</td> <td>A-31471161* - <br>N-CVE-2016-6915</td> + <br />N-CVE-2016-6915</td> <td>最高</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> @@ -934,7 +633,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç <tr> <td>CVE-2016-6916</td> <td>A-32072350* - <br>N-CVE-2016-6916</td> + <br />N-CVE-2016-6916</td> <td>最高</td> <td>Nexus 9ã€Pixel C</td> <td>2016 å¹´ 9 月 13 æ—¥</td> @@ -942,12 +641,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç <tr> <td>CVE-2016-6917</td> <td>A-32072253* - <br>N-CVE-2016-6917</td> + <br />N-CVE-2016-6917</td> <td>最高</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -957,12 +656,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -971,26 +670,25 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </tr> <tr> <td>CVE-2016-9120</td> - <td>A-31568617<br> + <td>A-31568617<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>最高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixel Cã€Nexus Player</td> <td>2016 å¹´ 9 月 16 æ—¥</td> </tr> -</table> +</tbody></table> -<h3>Qualcomm 元件ä¸çš„æ¼æ´ž</h3> -<p> -以下列出會影響 Qualcomm 元件的安全性æ¼æ´žï¼Œè©³æƒ…è«‹åƒè€ƒ 2015 å¹´ 11 月的 Qualcomm AMSS 安全性公告。 +<h3 id="vulnerabilities-in-qc-components">Qualcomm 元件ä¸çš„æ¼æ´ž</h3> +<p>以下列出會影響 Qualcomm 元件的安全性æ¼æ´žï¼Œè©³æƒ…è«‹åƒè€ƒ 2015 å¹´ 11 月的 Qualcomm AMSS 安全性公告。 </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦*</th> @@ -1004,7 +702,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç <td>Nexus 6ã€Nexus 6Pã€Android One</td> <td>Qualcomm 內部</td> </tr> -</table> +</tbody></table> <p>* 這些æ¼æ´žçš„åš´é‡ç¨‹åº¦æ˜¯ç”±å» 商自行評定。</p> <p>** 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1015,12 +713,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1029,15 +727,14 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </tr> <tr> <td>CVE-2014-4014</td> - <td>A-31252187<br> + <td>A-31252187<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23adbe12ef7d3d4195e80800ab36b37bee28cd03"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Nexus 6ã€Nexus Player</td> <td>2014 å¹´ 6 月 10 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-2">æ ¸å¿ƒä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -1045,12 +742,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1059,15 +756,14 @@ NVIDIA 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </tr> <tr> <td>CVE-2015-8967</td> - <td>A-31703084<br> + <td>A-31703084<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixel Cã€Pixelã€Pixel XL</td> <td>2015 å¹´ 1 月 8 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-htc-sound-codec-driver">HTC 音效轉碼器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -1075,12 +771,12 @@ HTC 音效轉碼器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1108,7 +804,7 @@ HTC 音效轉碼器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ <td>Nexus 9</td> <td>2016 å¹´ 8 月 30 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1118,12 +814,12 @@ MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç”¨ç¨‹å¼ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1132,63 +828,62 @@ MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç”¨ç¨‹å¼ </tr> <tr> <td>CVE-2016-6492</td> - <td>A-28175122<br>MT-ALPS02696413</td> + <td>A-28175122<br />MT-ALPS02696413</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 4 月 11 æ—¥</td> </tr> <tr> <td>CVE-2016-6781</td> - <td>A-31095175<br>MT-ALPS02943455</td> + <td>A-31095175<br />MT-ALPS02943455</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 8 月 22 æ—¥</td> </tr> <tr> <td>CVE-2016-6782</td> - <td>A-31224389<br>MT-ALPS02943506</td> + <td>A-31224389<br />MT-ALPS02943506</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 8 月 24 æ—¥</td> </tr> <tr> <td>CVE-2016-6783</td> - <td>A-31350044<br>MT-ALPS02943437</td> + <td>A-31350044<br />MT-ALPS02943437</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 9 月 6 æ—¥</td> </tr> <tr> <td>CVE-2016-6784</td> - <td>A-31350755<br>MT-ALPS02961424</td> + <td>A-31350755<br />MT-ALPS02961424</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 9 月 6 æ—¥</td> </tr> <tr> <td>CVE-2016-6785</td> - <td>A-31748056<br>MT-ALPS02961400</td> + <td>A-31748056<br />MT-ALPS02961400</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 9 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ </p> - <h3 id="eop-in-qualcomm-media-codecs">Qualcomm 媒體轉碼器ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 媒體轉碼器ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽåŠŸèƒ½çš„本機å˜å–權,第三方應用程å¼é€šå¸¸ç„¡æ³•å˜å–é€™é¡žåŠŸèƒ½ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1198,7 +893,7 @@ MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç”¨ç¨‹å¼ <tr> <td>CVE-2016-6761</td> <td>A-29421682* - <br>QC-CR#1055792</td> + <br />QC-CR#1055792</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 16 æ—¥</td> @@ -1206,7 +901,7 @@ MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç”¨ç¨‹å¼ <tr> <td>CVE-2016-6760</td> <td>A-29617572* - <br>QC-CR#1055783</td> + <br />QC-CR#1055783</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 23 æ—¥</td> @@ -1214,7 +909,7 @@ MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç”¨ç¨‹å¼ <tr> <td>CVE-2016-6759</td> <td>A-29982686* - <br>QC-CR#1055766</td> + <br />QC-CR#1055766</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 4 æ—¥</td> @@ -1222,12 +917,12 @@ MediaTek 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç”¨ç¨‹å¼ <tr> <td>CVE-2016-6758</td> <td>A-30148882* - <br>QC-CR#1071731</td> + <br />QC-CR#1071731</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1237,12 +932,12 @@ Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1251,15 +946,14 @@ Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </tr> <tr> <td>CVE-2016-6755</td> - <td>A-30740545<br> + <td>A-30740545<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=b5df02edbcdf53dbbab77903d28162772edcf6e0"> QC-CR#1065916</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 3 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-performance-subsystem">æ ¸å¿ƒæ•ˆèƒ½å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -1267,12 +961,12 @@ QC-CR#1065916</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1295,8 +989,7 @@ QC-CR#1065916</a></td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 22 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-i2c-driver">MediaTek I2C 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -1304,12 +997,12 @@ MediaTek I2C 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1318,29 +1011,28 @@ MediaTek I2C 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </tr> <tr> <td>CVE-2016-6788</td> - <td>A-31224428<br>MT-ALPS02943467</td> + <td>A-31224428<br />MT-ALPS02943467</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 8 月 24 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ </p> - <h3 id="eop-in-nvidia-libomx-library">NVIDIA libomx 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> NVIDIA libomx 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯ç”¨æ–¼å–å¾—æŸäº›é€²éšŽåŠŸèƒ½çš„本機å˜å–權,第三方應用程å¼é€šå¸¸ç„¡æ³•å˜å–é€™é¡žåŠŸèƒ½ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1350,7 +1042,7 @@ NVIDIA libomx 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 <tr> <td>CVE-2016-6789</td> <td>A-31251973* - <br>N-CVE-2016-6789</td> + <br />N-CVE-2016-6789</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 29 æ—¥</td> @@ -1358,12 +1050,12 @@ NVIDIA libomx 程å¼åº«ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程 <tr> <td>CVE-2016-6790</td> <td>A-31251628* - <br>N-CVE-2016-6790</td> + <br />N-CVE-2016-6790</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1373,12 +1065,12 @@ Qualcomm 音效驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1387,7 +1079,7 @@ Qualcomm 音效驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </tr> <tr> <td>CVE-2016-6791</td> - <td>A-31252384<br> + <td>A-31252384<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1071809</a></td> <td>高</td> @@ -1396,7 +1088,7 @@ QC-CR#1071809</a></td> </tr> <tr> <td>CVE-2016-8391</td> - <td>A-31253255<br> + <td>A-31253255<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1072166</a></td> <td>高</td> @@ -1405,15 +1097,14 @@ QC-CR#1072166</a></td> </tr> <tr> <td>CVE-2016-8392</td> - <td>A-31385862<br> + <td>A-31385862<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=62580295210b6c0bd809cde7088b45ebb65ace79"> QC-CR#1073136</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-kernel-security-subsystem">æ ¸å¿ƒå®‰å…¨å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p> @@ -1421,12 +1112,12 @@ QC-CR#1073136</a></td> </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1435,27 +1126,26 @@ QC-CR#1073136</a></td> </tr> <tr> <td>CVE-2015-7872</td> - <td>A-31253168<br> + <td>A-31253168<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 8 月 31 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Synaptics 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1476,7 +1166,7 @@ QC-CR#1073136</a></td> <td>Nexus 9ã€Android One</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1486,12 +1176,12 @@ Broadcom Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1500,36 +1190,35 @@ Broadcom Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </tr> <tr> <td>CVE-2014-9909</td> - <td>A-31676542<br>B-RB#26684</td> + <td>A-31676542<br />B-RB#26684</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 9 月 21 æ—¥</td> </tr> <tr> <td>CVE-2014-9910</td> - <td>A-31746399<br>B-RB#26710</td> + <td>A-31746399<br />B-RB#26710</td> <td>高</td> <td>ç„¡*</td> <td>2016 å¹´ 9 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ </p> - <h3 id="id-in-mediatek-video-driver">MediaTek 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p> MediaTek 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1543,24 +1232,23 @@ MediaTek 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” <td>ç„¡*</td> <td>2016 å¹´ 8 月 26 æ—¥</td> </tr> -</table> +</tbody></table> <p> * 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚ </p> - <h3 id="id-in-nvidia-video-driver">NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p> NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯ç”¨æ–¼åœ¨æœªç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1569,13 +1257,13 @@ NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </tr> <tr> <td>CVE-2016-8397</td> - <td>A-31385953*<br> + <td>A-31385953*<br /> N-CVE-2016-8397</td> <td>高</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 8 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1585,12 +1273,12 @@ Qualcomm GPS 元件ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“é ç«¯æ”»æ“Šè€…é€ æˆè£ç </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1604,7 +1292,7 @@ Qualcomm GPS 元件ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“é ç«¯æ”»æ“Šè€…é€ æˆè£ç <td>Nexus 6ã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 6 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1614,12 +1302,12 @@ NVIDIA 相機驅動程å¼ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…é€ æˆæœ¬æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1629,12 +1317,12 @@ NVIDIA 相機驅動程å¼ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…é€ æˆæœ¬æ <tr> <td>CVE-2016-8395</td> <td>A-31403040* - <br>N-CVE-2016-8395</td> + <br />N-CVE-2016-8395</td> <td>高</td> <td>Pixel C</td> <td>2016 å¹´ 9 月 9 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1644,12 +1332,12 @@ NVIDIA 相機驅動程å¼ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…é€ æˆæœ¬æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1663,7 +1351,7 @@ NVIDIA 相機驅動程å¼ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…é€ æˆæœ¬æ <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixel Cã€Nexus Playerã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 5 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1673,12 +1361,12 @@ Qualcomm 元件 (包括相機驅動程å¼å’Œè¦–訊驅動程å¼) ä¸çš„資訊外æ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1687,7 +1375,7 @@ Qualcomm 元件 (包括相機驅動程å¼å’Œè¦–訊驅動程å¼) ä¸çš„資訊外æ </tr> <tr> <td>CVE-2016-6756</td> - <td>A-29464815<br> + <td>A-29464815<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5"> QC-CR#1042068</a> [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td> @@ -1697,15 +1385,14 @@ Qualcomm 元件 (包括相機驅動程å¼å’Œè¦–訊驅動程å¼) ä¸çš„資訊外æ </tr> <tr> <td>CVE-2016-6757</td> - <td>A-30148242<br> + <td>A-30148242<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd99d3bbdb16899a425716e672485e0cdc283245"> QC-CR#1052821</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 7 月 13 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-librm-library">NVIDIA librm 程å¼åº«ä¸çš„資訊外洩æ¼æ´ž</h3> <p> @@ -1713,12 +1400,12 @@ NVIDIA librm 程å¼åº« (libnvrm) ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“æœ¬æ©Ÿæƒ¡æ„ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1728,12 +1415,12 @@ NVIDIA librm 程å¼åº« (libnvrm) ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“æœ¬æ©Ÿæƒ¡æ„ <tr> <td>CVE-2016-8400</td> <td>A-31251599* - <br>N-CVE-2016-8400</td> + <br />N-CVE-2016-8400</td> <td>ä¸</td> <td>Pixel C</td> <td>2016 å¹´ 8 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1743,12 +1430,12 @@ NVIDIA librm 程å¼åº« (libnvrm) ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“æœ¬æ©Ÿæƒ¡æ„ </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1804,7 +1491,7 @@ NVIDIA librm 程å¼åº« (libnvrm) ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“æœ¬æ©Ÿæƒ¡æ„ <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1814,12 +1501,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1829,7 +1516,7 @@ NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç <tr> <td>CVE-2016-8408</td> <td>A-31496571* - <br>N-CVE-2016-8408</td> + <br />N-CVE-2016-8408</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> @@ -1837,12 +1524,12 @@ NVIDIA 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用ç <tr> <td>CVE-2016-8409</td> <td>A-31495687* - <br>N-CVE-2016-8409</td> + <br />N-CVE-2016-8409</td> <td>ä¸</td> <td>Nexus 9</td> <td>2016 å¹´ 9 月 13 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªå…¬é–‹æ供,而是包å«åœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚ </p> @@ -1852,12 +1539,12 @@ Qualcomm 音效驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1866,14 +1553,14 @@ Qualcomm 音效驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„æ‡‰ç” </tr> <tr> <td>CVE-2016-8410</td> - <td>A-31498403<br> + <td>A-31498403<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?h=e2bbf665187a1f0a1248e4a088823cb182153ba9"> QC-CR#987010</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android One</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h2 id="common-questions-and-answers">常見å•é¡Œèˆ‡è§£ç”</h2> <p>如果您在閱讀這篇公告後有任何疑å•ï¼Œå¯åƒè€ƒæœ¬ç¯€çš„常見å•ç”。 @@ -1883,7 +1570,7 @@ QC-CR#987010</a></td> </strong> </p> <p> -è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹è©³è®€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新時間表</a>ä¸çš„æ“作說明。 +è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹è©³è®€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新時間表</a>ä¸çš„æ“作說明。 </p> <ul> <li>2016 å¹´ 12 月 1 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†æ‰€æœ‰èˆ‡ 2016-12-01 安全修補ç‰ç´šç›¸é—œçš„å•é¡Œã€‚</li> @@ -1897,7 +1584,7 @@ QC-CR#987010</a></td> <li>[ro.build.version.security_patch]:[2016-12-05]</li> </ul> <p> -<strong>2. 為什麼這篇公告有兩種安全修補ç‰ç´šï¼Ÿ</strong> +<strong>2. 為什麼這篇公告有兩種安全性修補程å¼ç‰ç´šï¼Ÿ</strong> </p> <p> 本公告有兩種安全修補ç‰ç´šï¼Œè®“ Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚æˆ‘å€‘å»ºè° Android åˆä½œå¤¥ä¼´ä¿®æ£æœ¬å…¬å‘Šæ‰€åˆ—的所有å•é¡Œï¼Œä¸¦ä½¿ç”¨æœ€æ–°çš„安全修補ç‰ç´šã€‚ @@ -1907,16 +1594,16 @@ QC-CR#987010</a></td> <li>如果è£ç½®çš„安全修補ç‰ç´šåœ¨ 2016 å¹´ 12 月 5 æ—¥ä¹‹å¾Œï¼Œå°±å¿…é ˆåŠ å…¥æœ¬å®‰å…¨æ€§å…¬å‘Š (以åŠä¹‹å‰å…¬å‘Š) ä¸çš„所有é©ç”¨ä¿®è£œç¨‹å¼ã€‚</li> </ul> <p> -我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€è¦è§£æ±ºçš„所有å•é¡Œé©ç”¨ä¿®è£œç¨‹å¼åŒ…è£åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚ +我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€æœ‰å•é¡Œé©ç”¨çš„修補程å¼éƒ½å½™æ•´åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚ </p> <p> <strong>3. 如何判斷哪些 Google è£ç½®æœƒå—到哪種å•é¡Œçš„影響?</strong> </p> <p>在 <a href="#2016-12-01-details">2016-12-01</a> å’Œ <a href="#2016-12-05-details">2016-12-05</a> 安全性æ¼æ´žè©³æƒ…çš„ç« ç¯€ä¸ï¼Œæ¯å€‹è¡¨æ ¼éƒ½åŒ…å«ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄,當ä¸åˆ—出已é‡å°å„個å•é¡Œé€²è¡Œæ›´æ–°çš„å—影響 Google è£ç½®ç¯„åœã€‚æ¤æ¬„ä¸çš„é¸é …包括:</p> <ul> - <li><strong>所有 Google è£ç½®</strong>:如果å•é¡Œæœƒå½±éŸ¿åˆ°ã€Œå…¨éƒ¨ã€å’Œ Pixel è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œå…¨éƒ¨ã€å—樣。「全部ã€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支æ´çš„è£ç½®</a>:Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> + <li><strong>所有 Google è£ç½®</strong>:如果å•é¡Œæœƒå½±éŸ¿åˆ° Pixel è£ç½®å’Œæ‰€æœ‰çš„ Google è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€æ¬„ä¸å°±æœƒæ¨™ç¤ºã€Œå…¨éƒ¨ã€å—樣。<em></em>「全部ã€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支æ´çš„è£ç½®</a>:Nexus 5ã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> <li><strong>部分 Google è£ç½®</strong>:如果å•é¡Œä¸¦æœªå½±éŸ¿åˆ°æ‰€æœ‰ Google è£ç½®ï¼Œå‰‡ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸æœƒåˆ—出å—影響的 Google è£ç½®ã€‚</li> - <li><strong>ç„¡ Google è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½•æ載 Android 7.0 çš„ Google è£ç½®ï¼Œã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œç„¡ã€å—樣。</li> + <li><strong>ä¸å½±éŸ¿ä»»ä½• Google è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½•æ載 Android 7.0 çš„ Google è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒæ¨™ç¤ºã€Œç„¡ã€å—樣。</li> </ul> <p> <strong>4. åƒè€ƒè³‡æ–™æ¬„ä¸çš„é …ç›®æœƒå°æ‡‰åˆ°ä»€éº¼ï¼Ÿ</strong> @@ -1924,7 +1611,7 @@ QC-CR#987010</a></td> <p>資安æ¼æ´žè©³æƒ…è¡¨æ ¼ä¸ã€Œåƒè€ƒè³‡æ–™ã€<em></em>æ¬„åº•ä¸‹çš„é …ç›®å¯èƒ½æœƒåŒ…å«ä¸€å€‹å‰ç½®å—串,用以表示該åƒè€ƒè³‡æ–™å€¼æ‰€å±¬çš„å…¬å¸ã€‚這些å‰ç½®å—元代表的æ„義如下: </p> <table> - <tr> + <tbody><tr> <th>å‰ç½®å—å…ƒ</th> <th>åƒè€ƒè³‡æ–™</th> </tr> @@ -1948,12 +1635,12 @@ QC-CR#987010</a></td> <td>B-</td> <td>Broadcom åƒè€ƒç·¨è™Ÿ</td> </tr> -</table> +</tbody></table> <h2 id="revisions">修訂版本</h2> <ul> <li>2016 å¹´ 12 月 5 日:發佈公告。</li> <li>2016 å¹´ 12 月 7 日:在公告ä¸åŠ å…¥ AOSP 連çµï¼Œä¸¦æ›´æ–° CVE-2016-6915ã€CVE-2016-6916 å’Œ CVE-2016-6917 的相關銘è¬å單。</li> + <li>2016 å¹´ 12 月 21 æ—¥ï¼šæ›´æ£ CVE-2016-8411 說明和常見å•é¡Œèˆ‡è§£ç”ä¸çš„錯å—。</li> </ul> - </body> -</html> +</body></html>
\ No newline at end of file diff --git a/zh-tw/security/bulletin/2017-03-01.html b/zh-tw/security/bulletin/2017-03-01.html index 0e6a389d..14a6dd36 100644 --- a/zh-tw/security/bulletin/2017-03-01.html +++ b/zh-tw/security/bulletin/2017-03-01.html @@ -1,8 +1,7 @@ -<html devsite> - <head> -<title>Android 安全性公告 — 2017 å¹´ 3 月</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> +<html devsite><head> + <title>Android 安全性公告 — 2017 å¹´ 3 月</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> </head> <body> <!-- @@ -20,11 +19,12 @@ See the License for the specific language governing permissions and limitations under the License. --> + <p><em>發佈日期:2017 å¹´ 3 月 6 æ—¥ | 更新日期:2017 å¹´ 3 月 7 æ—¥</em></p> -<p>Android å®‰å…¨æ€§å…¬å‘Šç¾…åˆ—äº†æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦èªªæ˜Žå„é …ç›¸é—œç´°ç¯€ã€‚åœ¨é€™ç¯‡å…¬å‘Šç™¼ä½ˆçš„åŒæ™‚,Google å·²é€éŽ OTA 更新機制發佈了 Google è£ç½®çš„安全性更新。æ¤å¤–,Google éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2017 å¹´ 3 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å·²æåŠçš„所有å•é¡Œã€‚è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹åƒé–± <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>。</p> +<p>Android å®‰å…¨æ€§å…¬å‘Šç¾…åˆ—äº†æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦èªªæ˜Žå„é …ç›¸é—œç´°ç¯€ã€‚åœ¨é€™ç¯‡å…¬å‘Šç™¼ä½ˆçš„åŒæ™‚,Google å·²é€éŽ OTA 更新機制發佈了 Google è£ç½®çš„安全性更新。æ¤å¤–,Google éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2017 å¹´ 3 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å·²æåŠçš„所有å•é¡Œã€‚è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹åƒé–± <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>。</p> <p>我們的åˆä½œå¤¥ä¼´åœ¨ 2017 å¹´ 2 月 6 日當天或更早之å‰å·²æ”¶åˆ°å…¬å‘Šä¸æ‰€è¿°å•é¡Œçš„相關通知。這些å•é¡Œçš„原始碼修補程å¼å·²ç™¼ä½ˆåˆ° Android 開放原始碼計劃 (AOSP) å˜æ”¾å€ä¸ï¼Œä¸”公告ä¸äº¦æ供相關連çµã€‚æ¤å¤–,本公告也æä¾› AOSP 以外的修補程å¼é€£çµã€‚</p> -<p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚</p> -<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果您想進一æ¥çžè§£ <a href="#mitigations">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="{@docRoot}security/enhancements/index.html">Android å’Œ Google æœå‹™å› 應措施</a>一節。</p> +<p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> +<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果您想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="#mitigations">Android å’Œ Google æœå‹™å› 應措施</a> 一節。</p> <p>我們建è°æ‰€æœ‰å®¢æˆ¶æŽ¥å—這些è£ç½®æ›´æ–°ã€‚</p> <h2 id="announcements">公告</h2> <ul> @@ -36,388 +36,8 @@ </li> <li>支æ´çš„ Google è£ç½®æœƒæ”¶åˆ°ä¸€é … OTA 更新,安全修補ç‰ç´šç‚º 2017-03-05。</li> </ul> -<h2 id="security-vulnerability-summary">安全性æ¼æ´žæ‘˜è¦</h2> -<p>下表列出å„é …å®‰å…¨æ€§æ¼æ´žã€å¸¸è¦‹å¼±é»žèˆ‡æ¼æ´ž ID (CVE)ã€è©•å®šçš„åš´é‡ç¨‹åº¦åŠ Google è£ç½®æ˜¯å¦æœƒå—到影響。<a href="{@docRoot}security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> -<h3 id="2017-03-01-summary">2017-03-01 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</h3> -<p>2017-03-01 之後的安全修補ç‰ç´šå¿…é ˆè§£æ±ºä¸‹åˆ—å•é¡Œã€‚</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>åš´é‡ç¨‹åº¦</th> - <th>是å¦å½±éŸ¿ Google è£ç½®ï¼Ÿ</th> - </tr> - <tr> - <td>OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2016-2182</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0474</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>復原驗è‰å™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0475</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>AOSP Messaging ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2017-0476</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>libgdx ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2017-0477</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Framesequence 程å¼åº«ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</td> - <td>CVE-2017-0478</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NFC ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0481</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>音訊伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0479ã€CVE-2017-0480</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2017-0482ã€CVE-2017-0483ã€CVE-2017-0484ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0488</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>ä½ç½®ç®¡ç†å“¡ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0489</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0490</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>套件管ç†å“¡ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0491</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>系統使用者介é¢ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0492</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>AOSP Messaging ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0494</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0495</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>è¨å®šç²¾éˆä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2017-0496</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2017-0497</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>è¨å®šç²¾éˆä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2017-0498</td> - <td>ä¸</td> - <td>å¦*</td> - </tr> - <tr> - <td>音訊伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2017-0499</td> - <td>低</td> - <td>是</td> - </tr> -</table> -<p>* 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚</p> -<h3 id="2017-03-05-summary">2017-03-05 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</h3> -<p>2017-03-05 以後的安全修補ç‰ç´šå¿…é ˆè§£æ±º 2017-03-01 的所有å•é¡Œä»¥åŠä¸‹åˆ—å•é¡Œã€‚</p> -<table> - <col width="55%"> - <col width="20%"> - <col width="13%"> - <col width="12%"> - <tr> - <th>å•é¡Œ</th> - <th>CVE</th> - <th>åš´é‡ç¨‹åº¦</th> - <th>是å¦å½±éŸ¿ Google è£ç½®ï¼Ÿ</th> - </tr> - <tr> - <td>MediaTek 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0504ã€CVE-2017-0505ã€CVE-2017-0506</td> - <td>最高</td> - <td>å¦*</td> - </tr> - <tr> - <td>NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0337ã€CVE-2017-0338ã€CVE-2017-0333ã€CVE-2017-0306ã€CVE-2017-0335</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒ ION å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0507ã€CVE-2017-0508</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>Broadcom Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0509</td> - <td>最高</td> - <td>å¦*</td> - </tr> - <tr> - <td>æ ¸å¿ƒ FIQ åµéŒ¯å·¥å…·ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0510</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-8479</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒç¶²è·¯å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-9806ã€CVE-2016-10200</td> - <td>最高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 元件ä¸çš„æ¼æ´ž</td> - <td>CVE-2016-8484ã€CVE-2016-8485ã€CVE-2016-8486ã€CVE-2016-8487ã€CVE-2016-8488</td> - <td>最高</td> - <td>å¦*</td> - </tr> - <tr> - <td>æ ¸å¿ƒç¶²è·¯å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-8655ã€CVE-2016-9793</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 輸入硬體驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0516</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 硬體感測器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0517</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm ADSPRPC 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0457</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 指紋感應器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0518ã€CVE-2017-0519</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm åŠ å¯†å¼•æ“Žé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0520</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0458ã€CVE-2017-0521</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek APK ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0522</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0464ã€CVE-2017-0453ã€CVE-2017-0523</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Synaptics 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0524</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm IPA 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0456ã€CVE-2017-0525</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>HTC 感應器ä¸æ¨žé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0526ã€CVE-2017-0527</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0307</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm 網路驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0463ã€CVE-2017-0460</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒå®‰å…¨å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2017-0528</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm SPCom 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</td> - <td>CVE-2016-5856ã€CVE-2016-5857</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>æ ¸å¿ƒç¶²è·¯å系統ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2014-8709</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0529</td> - <td>高</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm 系統啟動載入程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0455</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm é›»æºé©…動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8483</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>NVIDIA GPU 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0334ã€CVE-2017-0336</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒå¯†ç¢¼ç·¨è¯å系統ä¸çš„拒絕æœå‹™æ¼æ´ž</td> - <td>CVE-2016-8650</td> - <td>高</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž (特定è£ç½®)</td> - <td>CVE-2016-8417</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0461ã€CVE-2017-0459ã€CVE-2017-0531</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>MediaTek 視訊轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0532</td> - <td>ä¸</td> - <td>å¦*</td> - </tr> - <tr> - <td>Qualcomm 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0533ã€CVE-2017-0534ã€CVE-2016-8416ã€CVE-2016-8478</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2016-8413ã€CVE-2016-8477</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>HTC 音效轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0535</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Synaptics 觸控螢幕驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0536</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>æ ¸å¿ƒ USB å°å·¥å…·é©…動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0537</td> - <td>ä¸</td> - <td>是</td> - </tr> - <tr> - <td>Qualcomm 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</td> - <td>CVE-2017-0452</td> - <td>低</td> - <td>是</td> - </tr> -</table> -<p>* 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚</p> <h2 id="mitigations">Android å’Œ Google æœå‹™å•é¡Œå› 應措施</h2> -<p>本節概述 <a href="{@docRoot}security/enhancements/index.html">Android 安全性平å°</a>å’Œ SafetyNet ç‰æœå‹™é˜²è·æ–¹æ¡ˆé‡å°è³‡å®‰æ¼æ´žæ‰€æä¾›çš„å› æ‡‰æŽªæ–½ã€‚é€™äº›æŽªæ–½å¯æœ‰æ•ˆé˜²ç¯„有心人士在 Android 系統上惡æ„é‹ç”¨å®‰å…¨æ€§æ¼æ´žä¾†é”到特定目的。</p> +<p>本節概述 <a href="/security/enhancements/index.html">Android 安全性平å°</a>å’Œ SafetyNet ç‰æœå‹™é˜²è·æ–¹æ¡ˆé‡å°è³‡å®‰æ¼æ´žæ‰€æä¾›çš„å› æ‡‰æŽªæ–½ã€‚é€™äº›æŽªæ–½å¯æœ‰æ•ˆé˜²ç¯„有心人士在 Android 系統上惡æ„é‹ç”¨å®‰å…¨æ€§æ¼æ´žä¾†é”到特定目的。</p> <ul> <li>Android å¹³å°æŒçºŒæŽ¨å‡ºæ–°çš„ç‰ˆæœ¬ä¾†å¼·åŒ–å®‰å…¨æ€§ï¼Œå› æ¤æœ‰å¿ƒäººå£«è¶Šä¾†è¶Šé›£åœ¨ Android 系統上找出æ¼æ´žåŠ 以利用。我們建è°æ‰€æœ‰ä½¿ç”¨è€…盡å¯èƒ½æ›´æ–°è‡³æœ€æ–°ç‰ˆçš„ Android。</li> <li>Android 安全性å°çµ„採用<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf">「驗è‰æ‡‰ç”¨ç¨‹å¼ã€å’Œ SafetyNet</a> 主動監控濫用情形;使用這些功能的目的是在發ç¾<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„應用程å¼</a>時è¦å‘Šä½¿ç”¨è€…。「驗è‰æ‡‰ç”¨ç¨‹å¼ã€åœ¨æ載 <a href="http://www.android.com/gms">Google 行動æœå‹™</a>çš„è£ç½®ä¸Šéƒ½æœƒé è¨å•Ÿç”¨ï¼Œä¸”å°æ–¼è¦å¾ž Google Play 以外來æºå®‰è£æ‡‰ç”¨ç¨‹å¼çš„ä½¿ç”¨è€…ä¾†èªªæ ¼å¤–é‡è¦ã€‚Google Play ç¦æ¢ç™¼ä½ˆä»»ä½•å¯ç”¨æ–¼ç²å–è£ç½® Root 權é™çš„工具,但「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒåœ¨ä½¿ç”¨è€…嘗試安è£å·²åµæ¸¬åˆ°çš„ Root 權é™ç²å–æ‡‰ç”¨ç¨‹å¼ (無論其來æºç‚ºä½•) 時發出è¦å‘Šã€‚æ¤å¤–,「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒè¨æ³•æ‰¾å‡ºå·²çŸ¥æœƒåˆ©ç”¨æ¬Šé™å‡ç´šæ¼æ´žçš„惡æ„應用程å¼ï¼Œä¸¦å°éŽ–這類應用程å¼çš„安è£ä½œæ¥ã€‚如果使用者已安è£é€™é¡žæ‡‰ç”¨ç¨‹å¼ï¼Œã€Œé©—è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒé€šçŸ¥ä½¿ç”¨è€…並嘗試移除åµæ¸¬åˆ°çš„應用程å¼ã€‚</li> @@ -426,23 +46,23 @@ <h2 id="acknowledgements">特別銘è¬</h2> <p>æ„Ÿè¬ä»¥ä¸‹ç ”究人員åšå‡ºçš„è²¢ç»ï¼š</p> <ul> -<li>Google 動態工具å°çµ„æˆå“¡ Alexander Potapenko:CVE-2017-0537<li>阿里巴巴行動安全å°çµ„æˆå“¡ Baozeng Dingã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0506<li>阿里巴巴行動安全å°çµ„æˆå“¡ Baozeng Dingã€Ning Youã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0463<li>Android 安全性å°çµ„æˆå“¡ Billy Lau:CVE-2017-0335ã€CVE-2017-0336ã€CVE-2017-0338ã€CVE-2017-0460<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>):CVE-2016-8413ã€CVE-2016-8477ã€CVE-2017-0531<li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) å’Œ <a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0521<li>騰訊科æ©å¯¦é©—室 (<a href="https://twitter.com/returnsme">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/keen_lab">@returnsme</a>):CVE-2017-0334ã€CVE-2017-0456ã€CVE-2017-0457ã€CVE-2017-0525<li><a href="http://www.ms509.com">MS509Team</a> çš„ En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) å’Œ Bo Liu:CVE-2017-0490<li>奇虎 360 科技有é™å…¬å¸ IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0509ã€CVE-2017-0524ã€CVE-2017-0529ã€CVE-2017-0536<li>奇虎 360 科技有é™å…¬å¸ Alpha å°çµ„æˆå“¡ Hao Chen å’Œ Guang Gong:CVE-2017-0453ã€CVE-2017-0461ã€CVE-2017-0464<li>Sony Mobile Communications Inc. çš„ Hiroki Yamamoto å’Œ Fang Chen:CVE-2017-0481<li>IBM 安全性 X-Force ç ”ç©¶å“¡ Sagi Kedmi å’Œ Roee Hay:CVE-2017-0510<li><a href="https://skyeye.360safe.com">奇虎 360 Skyeye 實驗室</a>çš„ Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>):CVE-2017-0478<li>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan ">pjf</a>:CVE-2016-8416ã€CVE-2016-8478ã€CVE-2017-0458ã€CVE-2017-0459ã€CVE-2017-0518ã€CVE-2017-0519ã€CVE-2017-0533ã€CVE-2017-0534<li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2016-8479<li>Google çš„ Makoto Onuki:CVE-2017-0491<li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€<a href="mailto:arnow117@gmail.com">Hanxiang Wen</a> å’Œ Xuxian Jiang:CVE-2017-0479ã€CVE-2017-0480<li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0535<li>Tesla Motors Product 安全性å°çµ„æˆå“¡ Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0306<li>百度安全實驗室的 Pengfei Ding (ä¸é¹é£ž)ã€Chenfu Bao (包沉浮) å’Œ Lenx Wei (韦韬):CVE-2016-8417<li>騰訊科æ©å¯¦é©—室的 Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0337ã€CVE-2017-0476<li>奇虎 360 çš„ Qing Zhang å’Œæ–°åŠ å¡ç†å·¥å¤§å¸ (SIT) çš„ Guangdong Bai:CVE-2017-0496<li>螞蟻金æœå·´æ–¯å…‰å¹´å®‰å…¨å¯¦é©—室的 Quhe å’Œ wanchouchou:CVE-2017-0522<li>DarkMatter 安全通訊å°çµ„çš„ <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a>:CVE-2017-0528<li>åŠ å·žå¤§å¸è–å¡”èŠèŠæ‹‰åˆ†æ ¡ Shellphish Grill å°çµ„çš„ salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>):CVE-2017-0505<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0504ã€CVE-2017-0516<li>Sean Beaupre (beaups):CVE-2017-0455<li>趨勢科技的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0452<li>富士通的 Shinichi Matsumoto:CVE-2017-0498<li><a href="http://www.byterev.com">ByteRev</a> çš„ <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>:CVE-2017-0489<li>Google çš„ Svetoslav Ganov:CVE-2017-0492<li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0333<li><a href="http://www.trendmicro.com">趨勢科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">行動å¨è„…ç ”ç©¶å°çµ„</a>æˆå“¡ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0482ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0494ã€CVE-2017-0495<li>螞蟻金æœå·´æ–¯å…‰å¹´å®‰å…¨å¯¦é©—室的 Wish Wu (å´æ½æµ æ¤å½¼) (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2017-0477<li>奇虎 360 科技有é™å…¬å¸ Vulpecker å°çµ„æˆå“¡ Yu Pan:CVE-2017-0517ã€CVE-2017-0532<li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0526ã€CVE-2017-0527<li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>ã€Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) å’Œ Xuxian Jiang:CVE-2017-0483</li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></li></ul> +<li>Google 動態工具å°çµ„æˆå“¡ Alexander Potapenko:CVE-2017-0537</li><li>阿里巴巴行動安全å°çµ„æˆå“¡ Baozeng Dingã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0506</li><li>阿里巴巴行動安全å°çµ„æˆå“¡ Baozeng Dingã€Ning Youã€Chengming Yangã€Peng Xiao å’Œ Yang Song:CVE-2017-0463</li><li>Android 安全性å°çµ„æˆå“¡ Billy Lau:CVE-2017-0335ã€CVE-2017-0336ã€CVE-2017-0338ã€CVE-2017-0460</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>):CVE-2016-8413ã€CVE-2016-8477ã€CVE-2017-0531</li><li><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) å’Œ <a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0521</li><li>騰訊科æ©å¯¦é©—室 (<a href="https://twitter.com/keen_lab">@keen_lab</a>) çš„ Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2017-0334ã€CVE-2017-0456ã€CVE-2017-0457ã€CVE-2017-0525</li><li><a href="http://www.ms509.com">MS509Team</a> çš„ En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) å’Œ Bo Liu:CVE-2017-0490</li><li>奇虎 360 科技有é™å…¬å¸ IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-0500ã€CVE-2017-0501ã€CVE-2017-0502ã€CVE-2017-0503ã€CVE-2017-0509ã€CVE-2017-0524ã€CVE-2017-0529ã€CVE-2017-0536</li><li>奇虎 360 科技有é™å…¬å¸ Alpha å°çµ„æˆå“¡ Hao Chen å’Œ Guang Gong:CVE-2017-0453ã€CVE-2017-0461ã€CVE-2017-0464</li><li>Sony Mobile Communications Inc. çš„ Hiroki Yamamoto å’Œ Fang Chen:CVE-2017-0481</li><li>IBM 安全性 X-Force ç ”ç©¶å“¡ Sagi Kedmi å’Œ Roee Hay:CVE-2017-0510</li><li><a href="https://skyeye.360safe.com">奇虎 360 Skyeye 實驗室</a> çš„ Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>):CVE-2017-0478</li><li>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-8416ã€CVE-2016-8478ã€CVE-2017-0458ã€CVE-2017-0459ã€CVE-2017-0518ã€CVE-2017-0519ã€CVE-2017-0533ã€CVE-2017-0534</li><li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>ã€<a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2016-8479</li><li>Google çš„ Makoto Onuki:CVE-2017-0491</li><li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)ã€<a href="mailto:arnow117@gmail.com">Hanxiang Wen</a> å’Œ Xuxian Jiang:CVE-2017-0479ã€CVE-2017-0480</li><li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0535</li><li>Tesla Motors Product 安全性å°çµ„æˆå“¡ Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0306</li><li>百度安全實驗室的 Pengfei Ding (ä¸é¹é£ž)ã€Chenfu Bao (包沉浮) å’Œ Lenx Wei (韦韬):CVE-2016-8417</li><li>騰訊科æ©å¯¦é©—室的 Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0337ã€CVE-2017-0476</li><li>奇虎 360 çš„ Qing Zhang å’Œæ–°åŠ å¡ç†å·¥å¤§å¸ (SIT) çš„ Guangdong Bai:CVE-2017-0496</li><li>螞蟻金æœå·´æ–¯å…‰å¹´å®‰å…¨å¯¦é©—室的 Quhe å’Œ wanchouchou:CVE-2017-0522</li><li>DarkMatter 安全通訊å°çµ„çš„ <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a>:CVE-2017-0528</li><li>åŠ å·žå¤§å¸è–å¡”èŠèŠæ‹‰åˆ†æ ¡ Shellphish Grill å°çµ„çš„ salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>):CVE-2017-0505</li><li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0504ã€CVE-2017-0516</li><li>Sean Beaupre (beaups):CVE-2017-0455</li><li>趨勢科技的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0452</li><li>富士通的 Shinichi Matsumoto:CVE-2017-0498</li><li><a href="http://www.byterev.com">ByteRev</a> çš„ <a href="mailto:smarques84@gmail.com">Stéphane Marques</a>:CVE-2017-0489</li><li>Google çš„ Svetoslav Ganov:CVE-2017-0492</li><li><a href="mailto:segfault5514@gmail.com">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:computernik@gmail.com">Tong Lin</a>ã€<a href="http://c0reteam.org">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0333</li><li><a href="http://www.trendmicro.com">趨勢科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">行動å¨è„…ç ”ç©¶å°çµ„</a>æˆå“¡ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0466ã€CVE-2017-0467ã€CVE-2017-0468ã€CVE-2017-0469ã€CVE-2017-0470ã€CVE-2017-0471ã€CVE-2017-0472ã€CVE-2017-0473ã€CVE-2017-0482ã€CVE-2017-0484ã€CVE-2017-0485ã€CVE-2017-0486ã€CVE-2017-0487ã€CVE-2017-0494ã€CVE-2017-0495</li><li>螞蟻金æœå·´æ–¯å…‰å¹´å®‰å…¨å¯¦é©—室的 Wish Wu (å´æ½æµ æ¤å½¼) (<a href="https://twitter.com/wish_wu">@wish_wu</a>):CVE-2017-0477</li><li>奇虎 360 科技有é™å…¬å¸ Vulpecker å°çµ„æˆå“¡ Yu Pan:CVE-2017-0517ã€CVE-2017-0532</li><li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2017-0526ã€CVE-2017-0527</li><li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)ã€<a href="mailto:vancouverdou@gmail.com">Wenke Dou</a>ã€<a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>ã€Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) å’Œ Xuxian Jiang:CVE-2017-0483</li> +<li>奇虎 360 科技有é™å…¬å¸æˆéƒ½å®‰å…¨æ€§æ‡‰è®Šä¸å¿ƒæˆå“¡ Zinuo Han (<a href="https://weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>):CVE-2017-0475ã€CVE-2017-0497</li></ul> <h2 id="2017-03-01-details">2017-03-01 安全修補ç‰ç´š — 資安æ¼æ´žè©³æƒ…</h2> -<p>下列å„節é‡å°ä¸Šæ–¹ <a href="#2017-03-01-summary">2017-03-01 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> +<p>下列å„節é‡å° 2017-03-01 安全修補ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> - -<h3 id="rce-in-openssl-&-boringssl">OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> +<h3 id="rce-in-openssl-&-boringssl">OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p>在檔案和資料的處ç†æœŸé–“,OpenSSL å’Œ BoringSSL ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè¨˜æ†¶é«”出錯。由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -459,20 +79,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 8 月 5 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-mediaserver-">媒體伺æœå™¨ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p>在媒體檔案和資料的處ç†æœŸé–“,媒體伺æœå™¨ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè¨˜æ†¶é«”出錯。由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨åª’體伺æœå™¨ç¨‹åºç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -564,19 +183,19 @@ <td>7.0ã€7.1.1</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-recovery-verifier">復原驗è‰å™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>復原驗è‰å™¨ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -593,20 +212,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 10 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-aosp-messaging">AOSP Messaging ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p>在媒體檔案和資料的處ç†æœŸé–“,AOSP Messaging ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè¨˜æ†¶é«”出錯。由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨æœªç²æŽˆæ¬Šçš„程åºç’°å¢ƒå…§åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -623,20 +241,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 6 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-libgdx">libgdx ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p>libgdx ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“攻擊者能利用特製檔案在未ç²æŽˆæ¬Šçš„程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨ä½¿ç”¨é€™å€‹ç¨‹å¼åº«çš„應用程å¼ä¸åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -653,20 +270,19 @@ <td>7.1.1</td> <td>2016 å¹´ 12 月 14 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="rce-in-framesequence-library">Framesequence 程å¼åº«ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´ž</h3> <p>Framesequence 程å¼åº«ä¸çš„é 端程å¼ç¢¼åŸ·è¡Œæ¼æ´žå¯èƒ½æœƒè®“攻擊者能利用特製檔案在未ç²æŽˆæ¬Šçš„程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“é 端程å¼ç¢¼åœ¨ä½¿ç”¨ Framesequence 程å¼åº«çš„應用程å¼ä¸åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -683,19 +299,19 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 16 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-nfc">NFC ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>NFC ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“鄰近的攻擊者在ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯è¢«åˆ©ç”¨ä¾†å–å¾—æŸäº›é€²éšŽåŠŸèƒ½çš„本機å˜å–權,第三方應用程å¼é€šå¸¸ç„¡æ³•å˜å–é€™é¡žåŠŸèƒ½ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -712,19 +328,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 6 æ—¥</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-audioserver">音訊伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>音訊伺æœå™¨ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯è¢«åˆ©ç”¨ä¾†å–å¾—æŸäº›é€²éšŽåŠŸèƒ½çš„本機å˜å–權,第三方應用程å¼é€šå¸¸ç„¡æ³•å˜å–é€™é¡žåŠŸèƒ½ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -754,20 +370,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 7 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-mediaserver">媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè£ç½®åœæ¢é‹ä½œæˆ–é‡æ–°é–‹æ©Ÿã€‚由於這個å•é¡Œå¯èƒ½æœƒé€ æˆé 端拒絕æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -845,19 +460,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <h3 id="eop-in-location-manager">ä½ç½®ç®¡ç†å“¡ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>ä½ç½®ç®¡ç†å“¡ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼è¦é¿ä½œæ¥ç³»çµ±ç‚ºä½ç½®è³‡æ–™æŽ¡å–的防è·æŽªæ–½ã€‚由於這個å•é¡Œå¯èƒ½è®“有心人士產生ä¸æ£ç¢ºçš„è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -874,20 +489,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 20 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-wi-fi">Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Wi-Fi 連線ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åˆªé™¤ä½¿ç”¨è€…資料。由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿æœ¬æ©Ÿçš„使用者互動è¦æ±‚ (通常需è¦ä½¿ç”¨è€…啟動或使用者權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -907,20 +521,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 25 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-package-manager">套件管ç†å“¡ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>套件管ç†å“¡ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼é€ æˆä½¿ç”¨è€…無法解除安è£æ‡‰ç”¨ç¨‹å¼ï¼Œæˆ–無法移除應用程å¼çš„權é™ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿æœ¬æ©Ÿçš„使用者互動è¦æ±‚ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -938,20 +551,19 @@ <td>4.4.4ã€5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 內部</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-system-ui">系統使用者介é¢ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>系統使用者介é¢ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å»ºç«‹é‡ç–Šè¦†è“‹æ•´å€‹èž¢å¹•ç•«é¢çš„使用者介é¢ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿æœ¬æ©Ÿçš„使用者互動è¦æ±‚ (通常需è¦ä½¿ç”¨è€…啟動或使用者權é™)ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -969,20 +581,19 @@ <td>7.1.1</td> <td>Google 內部</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-aosp-messaging">AOSP Messaging ä¸çš„資訊外洩æ¼æ´ž</h3> <p>AOSP Messaging ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“é 端攻擊者é€éŽç‰¹è£½æª”案å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士在未ç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -999,20 +610,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 11 月 9 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediaserver">媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´ž</h3> <p>媒體伺æœå™¨ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士在未ç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1029,20 +639,19 @@ <td>6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 11 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard">è¨å®šç²¾éˆä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>è¨å®šç²¾éˆä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼æš«æ™‚å°éŽ–å—影響è£ç½®çš„å˜å–權。由於這個å•é¡Œå¯èƒ½éœ€è¦æ¢å¾©åŽŸå» è¨å®šæ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1058,7 +667,7 @@ <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1</td> <td>2016 å¹´ 9 月 14 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Google è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> @@ -1066,13 +675,13 @@ <p>媒體伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“æ”»æ“Šè€…èƒ½åˆ©ç”¨ç‰¹è£½æª”æ¡ˆé€ æˆè£ç½®åœæ¢é‹ä½œæˆ–é‡æ–°é–‹æ©Ÿã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆé€éŽç½•è¦‹çš„è£ç½®è¨å®šæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1089,20 +698,19 @@ <td>7.0ã€7.1.1</td> <td>2016 å¹´ 12 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-setup-wizard-2">è¨å®šç²¾éˆä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>è¨å®šç²¾éˆä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“本機攻擊者在æ¢å¾©åŽŸå» è¨å®šå¾Œè¦æ±‚登入 Google 帳戶。由於這個å•é¡Œå¯èƒ½éœ€è¦æ¢å¾©åŽŸå» è¨å®šæ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1121,20 +729,19 @@ <td>5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>Google 內部</td> </tr> -</table> - +</tbody></table> <h3 id="dos-in-audioserver">音訊伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>音訊伺æœå™¨ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼é€ æˆè£ç½®åœæ¢é‹ä½œæˆ–é‡æ–°é–‹æ©Ÿã€‚由於這個å•é¡Œå¯èƒ½æœƒå°Žè‡´æœ¬æ©Ÿæš«æ™‚拒絕æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä½Žã€ã€‚</p> <table> - <col width="18%"> - <col width="17%"> - <col width="10%"> - <col width="19%"> - <col width="18%"> - <col width="17%"> - <tr> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1151,23 +758,21 @@ <td>5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> <td>2016 å¹´ 10 月 11 æ—¥</td> </tr> -</table> - +</tbody></table> <h2 id="2017-03-05-details">2017-03-05 安全修補ç‰ç´š — 資安æ¼æ´žè©³æƒ…</h2> -<p>下列å„節é‡å°ä¸Šæ–¹ <a href="#2017-03-05-summary">2017-03-05 安全修補ç‰ç´š — 資安æ¼æ´žæ‘˜è¦</a>ä¸åˆ—出的å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> - +<p>下列å„節é‡å° 2017-03-05 安全性修補程å¼ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,包括å•é¡Œèªªæ˜Žã€åš´é‡ç¨‹åº¦è©•å®šåŽŸå› ,以åŠä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ï¼Œé¡¯ç¤ºæ¼æ´žçš„ CVEã€ç›¸é—œåƒè€ƒè³‡æ–™ã€åš´é‡ç¨‹åº¦ã€æ›´æ–°çš„ Google è£ç½®ã€æ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹) å’Œå›žå ±æ—¥æœŸã€‚å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œå…¶ä»–åƒè€ƒè³‡æ–™å¯é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿã€‚</p> <h3 id="eop-in-mediatek-components">MediaTek 元件ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek 元件 (包括 M4U 驅動程å¼ã€éŸ³æ•ˆé©…動程å¼ã€è§¸æŽ§èž¢å¹•é©…動程å¼ã€GPU 驅動程å¼å’ŒæŒ‡ä»¤ä½‡åˆ—驅動程å¼) ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1176,7 +781,7 @@ </tr> <tr> <td>CVE-2017-0500</td> - <td>A-28429685*<br> + <td>A-28429685*<br /> M-ALPS02710006</td> <td>最高</td> <td>ç„¡**</td> @@ -1184,7 +789,7 @@ </tr> <tr> <td>CVE-2017-0501</td> - <td>A-28430015*<br> + <td>A-28430015*<br /> M-ALPS02708983</td> <td>最高</td> <td>ç„¡**</td> @@ -1192,7 +797,7 @@ </tr> <tr> <td>CVE-2017-0502</td> - <td>A-28430164*<br> + <td>A-28430164*<br /> M-ALPS02710027</td> <td>最高</td> <td>ç„¡**</td> @@ -1200,7 +805,7 @@ </tr> <tr> <td>CVE-2017-0503</td> - <td>A-28449045*<br> + <td>A-28449045*<br /> M-ALPS02710075</td> <td>最高</td> <td>ç„¡**</td> @@ -1208,7 +813,7 @@ </tr> <tr> <td>CVE-2017-0504</td> - <td>A-30074628*<br> + <td>A-30074628*<br /> M-ALPS02829371</td> <td>最高</td> <td>ç„¡**</td> @@ -1216,7 +821,7 @@ </tr> <tr> <td>CVE-2017-0505</td> - <td>A-31822282*<br> + <td>A-31822282*<br /> M-ALPS02992041</td> <td>最高</td> <td>ç„¡**</td> @@ -1224,27 +829,26 @@ </tr> <tr> <td>CVE-2017-0506</td> - <td>A-32276718*<br> + <td>A-32276718*<br /> M-ALPS03006904</td> <td>最高</td> <td>ç„¡**</td> <td>2016 å¹´ 10 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - <h3 id="eop-in-nvidia-gpu-driver">NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1253,7 +857,7 @@ </tr> <tr> <td>CVE-2017-0337</td> - <td>A-31992762*<br> + <td>A-31992762*<br /> N-CVE-2017-0337</td> <td>最高</td> <td>Pixel C</td> @@ -1261,7 +865,7 @@ </tr> <tr> <td>CVE-2017-0338</td> - <td>A-33057977*<br> + <td>A-33057977*<br /> N-CVE-2017-0338</td> <td>最高</td> <td>Pixel C</td> @@ -1269,7 +873,7 @@ </tr> <tr> <td>CVE-2017-0333</td> - <td>A-33899363*<br> + <td>A-33899363*<br /> N-CVE-2017-0333</td> <td>最高</td> <td>Pixel C</td> @@ -1277,7 +881,7 @@ </tr> <tr> <td>CVE-2017-0306</td> - <td>A-34132950*<br> + <td>A-34132950*<br /> N-CVE-2017-0306</td> <td>最高</td> <td>Nexus 9</td> @@ -1285,26 +889,25 @@ </tr> <tr> <td>CVE-2017-0335</td> - <td>A-33043375*<br> + <td>A-33043375*<br /> N-CVE-2017-0335</td> <td>最高</td> <td>Pixel C</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-kernel-ion-subsystem">æ ¸å¿ƒ ION å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒ ION å系統ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1325,20 +928,19 @@ <td>Pixel C</td> <td>2016 å¹´ 12 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Broadcom Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1347,27 +949,26 @@ </tr> <tr> <td>CVE-2017-0509</td> - <td>A-32124445*<br> + <td>A-32124445*<br /> B-RB#110688</td> <td>最高</td> <td>ç„¡**</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - <h3 id="eop-in-kernel-fiq-debugger">æ ¸å¿ƒ FIQ åµéŒ¯å·¥å…·ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒ FIQ åµéŒ¯å·¥å…·ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1381,20 +982,19 @@ <td>Nexus 9</td> <td>2016 å¹´ 10 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-qualcomm-gpu-driver">Qualcomm GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œä½¿è£ç½®å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1403,26 +1003,25 @@ </tr> <tr> <td>CVE-2016-8479</td> - <td>A-31824853*<br> + <td>A-31824853*<br /> QC-CR#1093687</td> <td>最高</td> <td>Android Oneã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 29 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-kernel-networking-subsystem">æ ¸å¿ƒç¶²è·¯å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒç¶²è·¯å系統ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1431,7 +1030,7 @@ </tr> <tr> <td>CVE-2016-9806</td> - <td>A-33393474<br> + <td>A-33393474<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>最高</td> @@ -1440,26 +1039,25 @@ </tr> <tr> <td>CVE-2016-10200</td> - <td>A-33753815<br> + <td>A-33753815<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>最高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 元件ä¸çš„æ¼æ´ž</h3> <p>以下列出會影響 Qualcomm 元件的安全性æ¼æ´žï¼Œè©³æƒ…è«‹åƒè€ƒ 2016 å¹´ 9 月的 Qualcomm AMSS 安全性公告。</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1501,22 +1099,21 @@ <td>ç„¡***</td> <td>Qualcomm 內部</td> </tr> -</table> +</tbody></table> <p>* 這些æ¼æ´žçš„åš´é‡ç¨‹åº¦æ˜¯ç”±å» 商自行評定。</p> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>*** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - <h3 id="eop-in-kernel-networking-subsystem-2">æ ¸å¿ƒç¶²è·¯å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒç¶²è·¯å系統ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1525,7 +1122,7 @@ </tr> <tr> <td>CVE-2016-8655</td> - <td>A-33358926<br> + <td>A-33358926<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> @@ -1534,26 +1131,25 @@ </tr> <tr> <td>CVE-2016-9793</td> - <td>A-33363517<br> + <td>A-33363517<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Android Oneã€Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Nexus Playerã€Pixel Cã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 2 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-input-hardware-driver">Qualcomm 輸入硬體驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 輸入硬體驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1562,26 +1158,25 @@ </tr> <tr> <td>CVE-2017-0516</td> - <td>A-32341680*<br> + <td>A-32341680*<br /> QC-CR#1096301</td> <td>高</td> <td>Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-mediatek-hardware-sensor-driver">MediaTek 硬體感測器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek 硬體感測器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1590,27 +1185,26 @@ </tr> <tr> <td>CVE-2017-0517</td> - <td>A-32372051*<br> + <td>A-32372051*<br /> M-ALPS02973195</td> <td>高</td> <td>ç„¡**</td> <td>2016 å¹´ 10 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - <h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm ADSPRPC 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1619,27 +1213,26 @@ </tr> <tr> <td>CVE-2017-0457</td> - <td>A-31695439*<br> - QC-CR#1086123<br> + <td>A-31695439*<br /> + QC-CR#1086123<br /> QC-CR#1100695</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-qualcomm-fingerprint-sensor-driver">Qualcomm 指紋感應器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 指紋感應器驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1648,7 +1241,7 @@ </tr> <tr> <td>CVE-2017-0518</td> - <td>A-32370896*<br> + <td>A-32370896*<br /> QC-CR#1086530</td> <td>高</td> <td>Pixelã€Pixel XL</td> @@ -1656,26 +1249,25 @@ </tr> <tr> <td>CVE-2017-0519</td> - <td>A-32372915*<br> + <td>A-32372915*<br /> QC-CR#1086530</td> <td>高</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 24 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-qualcomm-crypto-engine-driver">Qualcomm åŠ å¯†å¼•æ“Žé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>Qualcomm åŠ å¯†å¼•æ“Žé©…å‹•ç¨‹å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> +<p>Qualcomm åŠ å¯†ç·¨è¯å¼•æ“Žé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1684,26 +1276,25 @@ </tr> <tr> <td>CVE-2017-0520</td> - <td>A-31750232<br> + <td>A-31750232<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd"> QC-CR#1082636</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 9 月 24 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver">Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1712,7 +1303,7 @@ QC-CR#1082636</a></td> </tr> <tr> <td>CVE-2017-0458</td> - <td>A-32588962<br> + <td>A-32588962<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=eba46cb98431ba1d7a6bd859f26f6ad03f1bf4d4"> QC-CR#1089433</a></td> <td>高</td> @@ -1721,26 +1312,25 @@ QC-CR#1089433</a></td> </tr> <tr> <td>CVE-2017-0521</td> - <td>A-32919951<br> + <td>A-32919951<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=dbe4f26f200db10deaf38676b96d8738afcc10c8"> QC-CR#1097709</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 15 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-mediatek-apk">MediaTek APK ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>MediaTek APK ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“本機任æ„程å¼ç¢¼åœ¨ç²å¾—授權的程åºä¸åŸ·è¡Œï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1749,27 +1339,26 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0522</td> - <td>A-32916158*<br> + <td>A-32916158*<br /> M-ALPS03032516</td> <td>高</td> <td>ç„¡**</td> <td>2016 å¹´ 11 月 15 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> -<p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - +<p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚</p> <h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm Wi-Fi 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1778,7 +1367,7 @@ QC-CR#1097709</a></td> </tr> <tr> <td>CVE-2017-0464</td> - <td>A-32940193<br> + <td>A-32940193<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f"> QC-CR#1102593</a></td> <td>高</td> @@ -1787,7 +1376,7 @@ QC-CR#1102593</a></td> </tr> <tr> <td>CVE-2017-0453</td> - <td>A-33979145<br> + <td>A-33979145<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05af1f34723939f477cb7d25adb320d016d68513"> QC-CR#1105085</a></td> <td>高</td> @@ -1796,27 +1385,26 @@ QC-CR#1105085</a></td> </tr> <tr> <td>CVE-2017-0523</td> - <td>A-32835279<br> + <td>A-32835279<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582"> QC-CR#1096945</a></td> <td>高</td> <td>ç„¡*</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚</p> - <h3 id="eop-in-synaptics-touchscreen-driver">Synaptics 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Synaptics 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1830,20 +1418,19 @@ QC-CR#1096945</a></td> <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 18 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-qualcomm-ipa-driver">Qualcomm IPA 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm IPA 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1852,7 +1439,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0456</td> - <td>A-33106520*<br> + <td>A-33106520*<br /> QC-CR#1099598</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> @@ -1860,26 +1447,25 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0525</td> - <td>A-33139056*<br> + <td>A-33139056*<br /> QC-CR#1097714</td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-htc-sensor-hub-driver">HTC 感應器ä¸æ¨žé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>HTC 感應器ä¸æ¨žé©…動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1900,20 +1486,19 @@ QC-CR#1096945</a></td> <td>Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 25 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-nvidia-gpu-driver-2">NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>NVIDIA GPU 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1922,27 +1507,26 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0307</td> - <td>A-33177895*<br> + <td>A-33177895*<br /> N-CVE-2017-0307</td> <td>高</td> <td>ç„¡**</td> <td>2016 å¹´ 11 月 28 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - <h3 id="eop-in-qualcomm-networking-driver">Qualcomm 網路驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm 網路驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1951,7 +1535,7 @@ QC-CR#1096945</a></td> </tr> <tr> <td>CVE-2017-0463</td> - <td>A-33277611<br> + <td>A-33277611<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=955bd7e7ac097bdffbadafab90e5378038fefeb2"> QC-CR#1101792</a></td> <td>高</td> @@ -1960,26 +1544,25 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2017-0460</td> - <td>A-31252965*<br> + <td>A-31252965*<br /> QC-CR#1098801</td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Pixelã€Pixel XL</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-kernel-security-subsystem">æ ¸å¿ƒå®‰å…¨å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>æ ¸å¿ƒå®‰å…¨å系統ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨ç²å¾—授權的程åºç’°å¢ƒå…§åŸ·è¡ŒæŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿ä¸€èˆ¬çš„æ ¸å¿ƒå±¤ç´šæ·±åº¦é˜²ç¦¦æŽªæ–½æˆ–é˜²ç¯„æ”»æ“ŠæŠ€è¡“ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -1993,20 +1576,19 @@ QC-CR#1101792</a></td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 4 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="eop-in-qualcomm-spcom-driver">Qualcomm SPCom 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> <p>Qualcomm SPCom 驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2015,7 +1597,7 @@ QC-CR#1101792</a></td> </tr> <tr> <td>CVE-2016-5856</td> - <td>A-32610665<br> + <td>A-32610665<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=0c0622914ba53cdcb6e79e85f64bfdf7762c0368"> QC-CR#1094078</a></td> <td>高</td> @@ -2024,27 +1606,26 @@ QC-CR#1094078</a></td> </tr> <tr> <td>CVE-2016-5857</td> - <td>A-34386529<br> + <td>A-34386529<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9d2c405d46ca27b25ed55a8dbd02bd1e633e2d5"> QC-CR#1094140</a></td> <td>高</td> <td>ç„¡*</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚</p> - <h3 id="id-in-kernel-networking-subsystem">æ ¸å¿ƒç¶²è·¯å系統ä¸çš„資訊外洩æ¼æ´ž</h3> <p>æ ¸å¿ƒç¶²è·¯å系統ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“鄰近本機的攻擊者å–得機密資訊的å˜å–權。由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ‰å¿ƒäººå£«åœ¨æœªç²æŽˆæ¬Šçš„情æ³ä¸‹å˜å–è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2053,26 +1634,25 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2014-8709</td> - <td>A-34077221<br> + <td>A-34077221<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=338f977f4eb441e69bb9a46eaa0ac715c931a67f"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Nexus Player</td> <td>2014 å¹´ 11 月 9 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-driver">MediaTek 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>MediaTek 驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯èƒ½è®“有心人士在未ç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2081,27 +1661,26 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2017-0529</td> - <td>A-28449427*<br> + <td>A-28449427*<br /> M-ALPS02710042</td> <td>高</td> <td>ç„¡**</td> <td>2016 å¹´ 4 月 27 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - <h3 id="id-in-qualcomm-bootloader">Qualcomm 系統啟動載入程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>Qualcomm 系統啟動載入程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼æ›´è¼•æ˜“在系統啟動載入程å¼çš„環境內執行任何指令。由於這個å•é¡Œå¯èƒ½æœƒè®“有心人士è¦é¿ä¸€èˆ¬ç³»çµ±å•Ÿå‹•è¼‰å…¥ç¨‹å¼å±¤ç´šçš„æ·±åº¦é˜²ç¦¦æŽªæ–½æˆ–é˜²ç¯„æ”»æ“ŠæŠ€è¡“ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2110,26 +1689,25 @@ QC-CR#1094140</a></td> </tr> <tr> <td>CVE-2017-0455</td> - <td>A-32370952<br> + <td>A-32370952<br /> <a href="https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"> QC-CR#1082755</a></td> <td>高</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-power-driver">Qualcomm é›»æºé©…動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>Qualcomm é›»æºé©…動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯èƒ½è®“有心人士在未ç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2138,26 +1716,25 @@ QC-CR#1082755</a></td> </tr> <tr> <td>CVE-2016-8483</td> - <td>A-33745862<br> + <td>A-33745862<br /> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6997dcb7ade1315474855821e64782205cb0b53a"> QC-CR#1035099</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6P</td> <td>2016 å¹´ 12 月 19 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-nvidia-gpu-driver">NVIDIA GPU 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>NVIDIA GPU 驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–的資料。由於這個å•é¡Œå¯èƒ½è®“有心人士在未ç²ä½¿ç”¨è€…明確授權的情æ³ä¸‹å˜å–æ©Ÿå¯†è³‡æ–™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2166,7 +1743,7 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0334</td> - <td>A-33245849*<br> + <td>A-33245849*<br /> N-CVE-2017-0334</td> <td>高</td> <td>Pixel C</td> @@ -2174,26 +1751,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2017-0336</td> - <td>A-33042679*<br> + <td>A-33042679*<br /> N-CVE-2017-0336</td> <td>高</td> <td>Pixel C</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="dos-in-kernel-cryptographic-subsystem">æ ¸å¿ƒå¯†ç¢¼ç·¨è¯å系統ä¸çš„拒絕æœå‹™æ¼æ´ž</h3> <p>æ ¸å¿ƒå¯†ç¢¼ç·¨è¯å系統ä¸çš„拒絕æœå‹™æ¼æ´žå¯èƒ½æœƒè®“é 端攻擊者能利用特製網路å°åŒ…é€ æˆè£ç½®åœæ¢é‹ä½œæˆ–é‡æ–°é–‹æ©Ÿã€‚由於這個å•é¡Œå¯èƒ½æœƒé€ æˆé 端拒絕æœå‹™ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2202,26 +1778,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2016-8650</td> - <td>A-33401771<br> + <td>A-33401771<br /> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 12 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="eop-in-qualcomm-camera-driver-(device-specific)">Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž (特定è£ç½®)</h3> <p>Qualcomm 相機驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œè€Œç›®å‰å¹³å°çš„è¨å®šå¯é€²è¡Œé˜²ç¯„ï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2230,26 +1805,25 @@ QC-CR#1035099</a></td> </tr> <tr> <td>CVE-2016-8417</td> - <td>A-32342399<br> + <td>A-32342399<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01dcc0a7cc23f23a89adf72393d5a27c6d576cd0"> QC-CR#1088824</a></td> <td>ä¸</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 21 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>Qualcomm Wi-Fi 驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2258,7 +1832,7 @@ QC-CR#1088824</a></td> </tr> <tr> <td>CVE-2017-0461</td> - <td>A-32073794<br> + <td>A-32073794<br /> <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=ce5d6f84420a2e6ca6aad6b866992970dd313a65"> QC-CR#1100132</a></td> <td>ä¸</td> @@ -2267,8 +1841,8 @@ QC-CR#1100132</a></td> </tr> <tr> <td>CVE-2017-0459</td> - <td>A-32644895<br> - <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> + <td>A-32644895<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?h=rel/msm-3.18&id=ffacf6e2dc41b6063c3564791ed7a2f903e7e3b7"> QC-CR#1091939</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> @@ -2276,26 +1850,25 @@ QC-CR#1091939</a></td> </tr> <tr> <td>CVE-2017-0531</td> - <td>A-32877245<br> + <td>A-32877245<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=530f3a0fd837ed105eddaf99810bc13d97dc4302"> QC-CR#1087469</a></td> <td>ä¸</td> <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 13 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-mediatek-video-codec-driver">MediaTek 視訊轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>MediaTek 視訊轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2304,27 +1877,26 @@ QC-CR#1087469</a></td> </tr> <tr> <td>CVE-2017-0532</td> - <td>A-32370398*<br> + <td>A-32370398*<br /> M-ALPS03069985</td> <td>ä¸</td> <td>ç„¡**</td> <td>2016 å¹´ 10 月 22 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <p>** 如果是æ載 Android 7.0 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žå½±éŸ¿ã€‚</p> - <h3 id="id-in-qualcomm-video-driver">Qualcomm 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> -<p>Qualcomm 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> +<p>Qualcomm 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç¯„åœä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2333,7 +1905,7 @@ QC-CR#1087469</a></td> </tr> <tr> <td>CVE-2017-0533</td> - <td>A-32509422<br> + <td>A-32509422<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> @@ -2342,7 +1914,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2017-0534</td> - <td>A-32508732<br> + <td>A-32508732<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> @@ -2351,7 +1923,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8416</td> - <td>A-32510746<br> + <td>A-32510746<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> @@ -2360,26 +1932,25 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8478</td> - <td>A-32511270<br> + <td>A-32511270<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"> QC-CR#1088206</a></td> <td>ä¸</td> <td>Pixelã€Pixel XL</td> <td>2016 å¹´ 10 月 28 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-qualcomm-camera-driver">Qualcomm 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> -<p>Qualcomm 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> +<p>Qualcomm 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç¯„åœä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2388,7 +1959,7 @@ QC-CR#1088206</a></td> </tr> <tr> <td>CVE-2016-8413</td> - <td>A-32709702<br> + <td>A-32709702<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=bc77232707df371ff6bab9350ae39676535c0e9d"> QC-CR#518731</a></td> <td>ä¸</td> @@ -2397,7 +1968,7 @@ QC-CR#518731</a></td> </tr> <tr> <td>CVE-2016-8477</td> - <td>A-32720522<br> + <td>A-32720522<br /> <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"> QC-CR#1090007</a> [<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb">2</a>]</td> @@ -2405,19 +1976,18 @@ QC-CR#1090007</a> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Android Oneã€Pixelã€Pixel XL</td> <td>2016 å¹´ 11 月 7 æ—¥</td> </tr> -</table> - +</tbody></table> <h3 id="id-in-htc-sound-codec-driver">HTC 音效轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>HTC 音效轉碼器驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2431,20 +2001,19 @@ QC-CR#1090007</a> <td>Nexus 9</td> <td>2016 å¹´ 12 月 11 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="id-in-synaptics-touchscreen-driver">Synaptics 觸控螢幕驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> -<p>Synaptics 觸控螢幕驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> +<p>Synaptics 觸控螢幕驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç¯„åœä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2458,20 +2027,19 @@ QC-CR#1090007</a> <td>Android Oneã€Nexus 5Xã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XL</td> <td>2016 å¹´ 12 月 12 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="id-in-kernel-usb-gadget-driver">æ ¸å¿ƒ USB å°å·¥å…·é©…動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>æ ¸å¿ƒ USB å°å·¥å…·é©…動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2485,20 +2053,19 @@ QC-CR#1090007</a> <td>Pixel C</td> <td>Google 內部</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> - <h3 id="id-in-qualcomm-camera-driver-2">Qualcomm 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> <p>Qualcomm 相機驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä½Žã€ã€‚</p> <table> - <col width="19%"> - <col width="20%"> - <col width="10%"> - <col width="23%"> - <col width="17%"> - <tr> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> <th>CVE</th> <th>åƒè€ƒè³‡æ–™</th> <th>åš´é‡ç¨‹åº¦</th> @@ -2507,19 +2074,19 @@ QC-CR#1090007</a> </tr> <tr> <td>CVE-2017-0452</td> - <td>A-32873615*<br> + <td>A-32873615*<br /> QC-CR#1093693</td> <td>低</td> <td>Nexus 5Xã€Nexus 6Pã€Android One</td> <td>2016 å¹´ 11 月 10 æ—¥</td> </tr> -</table> +</tbody></table> <p>* 這個å•é¡Œçš„修補程å¼ä¸¦æœªé–‹æ”¾çµ¦ä¸€èˆ¬ä½¿ç”¨è€…下載,而是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h2 id="common-questions-and-answers">常見å•é¡Œèˆ‡è§£ç”</h2> <p>如果您在閱讀這篇公告後有任何疑å•ï¼Œå¯åƒè€ƒæœ¬ç¯€çš„常見å•ç”。</p> <p><strong>1. 如何判斷我目å‰çš„è£ç½®è»Ÿé«”版本是å¦å·²ä¿®æ£é€™äº›å•é¡Œï¼Ÿ </strong></p> -<p>è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹è©³è®€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新時間表</a>ä¸çš„æ“作說明。</p> +<p>è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹è©³è®€ <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel å’Œ Nexus 更新時間表</a>ä¸çš„æ“作說明。</p> <ul> <li>2017 å¹´ 3 月 1 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†æ‰€æœ‰èˆ‡ 2017-03-01 安全修補ç‰ç´šç›¸é—œçš„å•é¡Œã€‚</li> <li>2017 å¹´ 3 月 5 日之後的安全修補ç‰ç´šå®Œå…¨è§£æ±ºäº†èˆ‡ 2017-03-05 安全修補ç‰ç´šåŠæ‰€æœ‰å…ˆå‰ä¿®è£œç‰ç´šç›¸é—œçš„å•é¡Œã€‚ @@ -2530,24 +2097,24 @@ QC-CR#1090007</a> <li>[ro.build.version.security_patch]:[2017-03-01]</li> <li>[ro.build.version.security_patch]:[2017-03-05]</li> </ul> -<p><strong>2. 為什麼這篇公告有兩種安全修補ç‰ç´šï¼Ÿ</strong></p> -<p>本公告有兩種安全修補ç‰ç´šï¼Œè®“ Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚æˆ‘å€‘å»ºè° Android åˆä½œå¤¥ä¼´ä¿®æ£æœ¬å…¬å‘Šæ‰€åˆ—的所有å•é¡Œï¼Œä¸¦ä½¿ç”¨æœ€æ–°çš„安全修補ç‰ç´šã€‚</p> +<p><strong>2. 為什麼這篇公告有兩種安全性修補程å¼ç‰ç´šï¼Ÿ</strong></p> +<p>本公告有兩種安全性修補程å¼ç‰ç´šï¼Œè®“ Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚æˆ‘å€‘å»ºè° Android åˆä½œå¤¥ä¼´ä¿®æ£æœ¬å…¬å‘Šæ‰€åˆ—的所有å•é¡Œï¼Œä¸¦ä½¿ç”¨æœ€æ–°çš„安全修補ç‰ç´šã€‚</p> <ul> <li>安全修補ç‰ç´šç‚º 2017 å¹´ 3 月 1 日的è£ç½®å¿…é ˆç´å…¥æ‰€æœ‰èˆ‡è©²å®‰å…¨ä¿®è£œç‰ç´šç›¸é—œçš„å•é¡Œï¼Œä»¥åŠåœ¨ä¹‹å‰å®‰å…¨æ€§å…¬å‘Šä¸å›žå ±çš„所有å•é¡Œé©ç”¨çš„ä¿®æ£ç¨‹å¼ã€‚</li> <li>如果è£ç½®çš„安全修補ç‰ç´šåœ¨ 2017 å¹´ 3 月 5 æ—¥ä¹‹å¾Œï¼Œå°±å¿…é ˆåŠ å…¥æœ¬å®‰å…¨æ€§å…¬å‘Š (以åŠä¹‹å‰å…¬å‘Š) ä¸çš„所有é©ç”¨ä¿®è£œç¨‹å¼ã€‚</li> </ul> -<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€è¦è§£æ±ºçš„所有å•é¡Œé©ç”¨ä¿®è£œç¨‹å¼åŒ…è£åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> +<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€æœ‰å•é¡Œé©ç”¨çš„修補程å¼éƒ½å½™æ•´åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> <p><strong>3. 如何判斷哪些 Google è£ç½®æœƒå—到哪種å•é¡Œçš„影響?</strong></p> <p>在 <a href="#2017-03-01-details">2017-03-01</a> å’Œ <a href="#2017-03-05-details">2017-03-05</a> 安全性æ¼æ´žè©³æƒ…çš„ç« ç¯€ä¸ï¼Œæ¯å€‹è¡¨æ ¼éƒ½åŒ…å«ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄,當ä¸åˆ—出已é‡å°å„個å•é¡Œé€²è¡Œæ›´æ–°çš„å—影響 Google è£ç½®ç¯„åœã€‚æ¤æ¬„ä¸çš„é¸é …包括:</p> <ul> -<li><strong>所有 Google è£ç½®</strong>:如果å•é¡Œæœƒå½±éŸ¿åˆ°ã€Œå…¨éƒ¨ã€å’Œ Pixel è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œå…¨éƒ¨ã€å—樣。「全部ã€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支æ´çš„è£ç½®</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> +<li><strong>所有 Google è£ç½®</strong>:如果å•é¡Œæœƒå½±éŸ¿åˆ° Pixel è£ç½®å’Œæ‰€æœ‰çš„ Google è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€æ¬„ä¸å°±æœƒæ¨™ç¤ºã€Œå…¨éƒ¨ã€å—樣。<em></em>「全部ã€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支æ´çš„è£ç½®</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> <li><strong>部分 Google è£ç½®</strong>:如果å•é¡Œä¸¦æœªå½±éŸ¿åˆ°æ‰€æœ‰ Google è£ç½®ï¼Œå‰‡ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸æœƒåˆ—出å—影響的 Google è£ç½®ã€‚</li> -<li><strong>ç„¡ Google è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½•æ載 Android 7.0 çš„ Google è£ç½®ï¼Œã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œç„¡ã€å—樣。</li> +<li><strong>ä¸å½±éŸ¿ä»»ä½• Google è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½•æ載 Android 7.0 çš„ Google è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒæ¨™ç¤ºã€Œç„¡ã€å—樣。</li> </ul> <p><strong>4. åƒè€ƒè³‡æ–™æ¬„ä¸çš„é …ç›®æœƒå°æ‡‰åˆ°ä»€éº¼ï¼Ÿ</strong></p> <p>資安æ¼æ´žè©³æƒ…è¡¨æ ¼ä¸ã€Œåƒè€ƒè³‡æ–™ã€<em></em>æ¬„åº•ä¸‹çš„é …ç›®å¯èƒ½æœƒåŒ…å«ä¸€å€‹å‰ç½®å—串,用以表示該åƒè€ƒè³‡æ–™å€¼æ‰€å±¬çš„å…¬å¸ã€‚這些å‰ç½®å—元代表的æ„義如下:</p> <table> - <tr> + <tbody><tr> <th>å‰ç½®å—å…ƒ</th> <th>åƒè€ƒè³‡æ–™</th> </tr> @@ -2571,11 +2138,11 @@ QC-CR#1090007</a> <td>B-</td> <td>Broadcom åƒè€ƒç·¨è™Ÿ</td> </tr> -</table> +</tbody></table> <h2 id="revisions">修訂版本</h2> <ul> <li>2017 å¹´ 3 月 6 日:發佈公告。</li> <li>2017 å¹´ 3 月 7 æ—¥ï¼šä¿®è¨‚å…¬å‘Šï¼ŒåŠ å…¥ AOSP 連çµã€‚</li> </ul> -</body> -</html> + +</body></html>
\ No newline at end of file diff --git a/zh-tw/security/bulletin/2017-04-01.html b/zh-tw/security/bulletin/2017-04-01.html index 656afe8a..81bc9485 100644 --- a/zh-tw/security/bulletin/2017-04-01.html +++ b/zh-tw/security/bulletin/2017-04-01.html @@ -19,7 +19,7 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>發佈日期:2017 å¹´ 4 月 3 æ—¥ | 更新日期:2017 å¹´ 4 月 5 æ—¥</em></p> +<p><em>發佈日期:2017 å¹´ 4 月 3 æ—¥ | 更新日期:2017 å¹´ 8 月 17 æ—¥</em></p> <p>Android å®‰å…¨æ€§å…¬å‘Šç¾…åˆ—äº†æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦èªªæ˜Žå„é …ç›¸é—œç´°ç¯€ã€‚åœ¨é€™ç¯‡å…¬å‘Šç™¼ä½ˆçš„åŒæ™‚,Google å·²é€éŽ OTA 更新機制發佈了 Google è£ç½®çš„安全性更新。æ¤å¤–,Google éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2017 å¹´ 4 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å·²æåŠçš„所有å•é¡Œã€‚è¦çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šï¼Œè«‹åƒé–± <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>。</p> <p>我們的åˆä½œå¤¥ä¼´åœ¨ 2017 å¹´ 3 月 6 日當天或更早之å‰å·²æ”¶åˆ°å…¬å‘Šä¸æ‰€è¿°å•é¡Œçš„相關通知。這些å•é¡Œçš„原始碼修補程å¼å·²ç™¼ä½ˆåˆ° Android 開放原始碼計劃 (AOSP) å˜æ”¾å€ä¸ï¼Œä¸”公告ä¸äº¦æ供相關連çµã€‚æ¤å¤–,本公告也æä¾› AOSP 以外的修補程å¼é€£çµã€‚</p> <p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> @@ -40,7 +40,7 @@ <p>本節概述 <a href="/security/enhancements/index.html">Android 安全性平å°</a>å’Œ SafetyNet ç‰æœå‹™é˜²è·æ–¹æ¡ˆé‡å°è³‡å®‰æ¼æ´žæ‰€æä¾›çš„å› æ‡‰æŽªæ–½ã€‚é€™äº›æŽªæ–½å¯æœ‰æ•ˆé˜²ç¯„有心人士在 Android 系統上惡æ„é‹ç”¨å®‰å…¨æ€§æ¼æ´žä¾†é”到特定目的。</p> <ul> <li>Android å¹³å°æŒçºŒæŽ¨å‡ºæ–°çš„ç‰ˆæœ¬ä¾†å¼·åŒ–å®‰å…¨æ€§ï¼Œå› æ¤æœ‰å¿ƒäººå£« 越來越難在 Android 系統上找出æ¼æ´žåŠ 以利用。我們建è°æ‰€æœ‰ä½¿ç”¨è€…盡å¯èƒ½æ›´æ–°è‡³æœ€æ–°ç‰ˆçš„ Android。</li> - <li>Android 安全性å°çµ„採用<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf">「驗è‰æ‡‰ç”¨ç¨‹å¼ã€å’Œ SafetyNet</a> 主動監控濫用情形;這些功能的用途是在發ç¾<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„應用程å¼</a>時è¦å‘Šä½¿ç”¨è€…。「驗è‰æ‡‰ç”¨ç¨‹å¼ã€åœ¨æ載 <a href="http://www.android.com/gms">Google 行動æœå‹™</a>çš„è£ç½®ä¸Šéƒ½æœƒé è¨å•Ÿç”¨ï¼Œä¸”å°æ–¼è¦å¾ž Google Play 以外來æºå®‰è£æ‡‰ç”¨ç¨‹å¼çš„ä½¿ç”¨è€…ä¾†èªªæ ¼å¤–é‡è¦ã€‚Google Play ç¦æ¢ç™¼ä½ˆä»»ä½•å¯ç”¨æ–¼ç²å–è£ç½® Root 權é™çš„工具,但「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒåœ¨ä½¿ç”¨è€…嘗試安è£å·²åµæ¸¬åˆ°çš„ Root 權é™ç²å–æ‡‰ç”¨ç¨‹å¼ (無論其來æºç‚ºä½•) 時發出è¦å‘Šã€‚æ¤å¤–,「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒè¨æ³•æ‰¾å‡ºå·²çŸ¥æœƒåˆ©ç”¨æ¬Šé™å‡ç´šæ¼æ´žçš„惡æ„應用程å¼ï¼Œä¸¦å°éŽ–這類應用程å¼çš„安è£ä½œæ¥ã€‚如果使用者已安è£é€™é¡žæ‡‰ç”¨ç¨‹å¼ï¼Œã€Œé©—è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒé€šçŸ¥ä½¿ç”¨è€…並嘗試移除åµæ¸¬åˆ°çš„應用程å¼ã€‚</li> + <li>Android 安全性å°çµ„採用<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf">「驗è‰æ‡‰ç”¨ç¨‹å¼ã€å’Œ SafetyNet</a> 主動監控濫用情形;使用這些功能的目的是在發ç¾<a href="http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf">å¯èƒ½æœ‰å®³çš„應用程å¼</a>時è¦å‘Šä½¿ç”¨è€…。「驗è‰æ‡‰ç”¨ç¨‹å¼ã€åœ¨æ載 <a href="http://www.android.com/gms">Google 行動æœå‹™</a>çš„è£ç½®ä¸Šéƒ½æœƒé è¨å•Ÿç”¨ï¼Œä¸”å°æ–¼è¦å¾ž Google Play 以外來æºå®‰è£æ‡‰ç”¨ç¨‹å¼çš„ä½¿ç”¨è€…ä¾†èªªæ ¼å¤–é‡è¦ã€‚Google Play ç¦æ¢ç™¼ä½ˆä»»ä½•å¯ç”¨æ–¼ç²å–è£ç½® Root 權é™çš„工具,但「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒåœ¨ä½¿ç”¨è€…嘗試安è£å·²åµæ¸¬åˆ°çš„ Root 權é™ç²å–æ‡‰ç”¨ç¨‹å¼ (無論其來æºç‚ºä½•) 時發出è¦å‘Šã€‚æ¤å¤–,「驗è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒè¨æ³•æ‰¾å‡ºå·²çŸ¥æœƒåˆ©ç”¨æ¬Šé™å‡ç´šæ¼æ´žçš„惡æ„應用程å¼ï¼Œä¸¦å°éŽ–這類應用程å¼çš„安è£ä½œæ¥ã€‚如果使用者已安è£é€™é¡žæ‡‰ç”¨ç¨‹å¼ï¼Œã€Œé©—è‰æ‡‰ç”¨ç¨‹å¼ã€æœƒé€šçŸ¥ä½¿ç”¨è€…並嘗試移除åµæ¸¬åˆ°çš„應用程å¼ã€‚</li> <li>在é©ç”¨æƒ…æ³ä¸‹ï¼ŒGoogle Hangouts å’Œ Messenger 應用程å¼ä¸æœƒè‡ªå‹•å°‡åª’體內容傳é€çµ¦åª’體伺æœå™¨é€™é¡žçš„處ç†ç¨‹åºã€‚</li> </ul> @@ -51,9 +51,9 @@ <li>騰訊玄æ¦å¯¦é©—室的 Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>):CVE-2017-0585ã€CVE-2017-0553</li> <li><a href="mailto:derrek.haxx@gmail.com">Derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>) 與 Scott Bauer:CVE-2017-0576</li> <li>Project Zero çš„ Gal Beniamini:CVE-2017-0571ã€CVE-2017-0570ã€CVE-2017-0572ã€CVE-2017-0569ã€CVE-2017-0561</li> - <li>奇虎 360 科技有é™å…¬å¸ IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-6426ã€CVE-2017-0581ã€CVE-2017-0329ã€CVE-2017-0332ã€CVE-2017-0566</li> + <li>奇虎 360 科技有é™å…¬å¸ IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a>:CVE-2017-6426ã€CVE-2017-0581ã€CVE-2017-0329ã€CVE-2017-0332ã€CVE-2017-0566ã€CVE-2017-0573</li> <li>奇虎 360 科技有é™å…¬å¸ Alpha å°çµ„çš„ Guang Gong (龔廣) (<a href="https://twitter.com/oldfresher">@oldfresher</a>):CVE-2017-0547</li> - <li>奇虎 360 科技有é™å…¬å¸ Alpha å°çµ„çš„ Hao Chen å’Œ Guang Gong:CVE-2017-6424ã€CVE-2017-0584ã€CVE-2017-0454ã€CVE-2017-0575ã€CVE-2017-0567</li> + <li>奇虎 360 科技有é™å…¬å¸ Alpha å°çµ„çš„ Hao Chen å’Œ Guang Gong:CVE-2017-6424ã€CVE-2017-0584ã€CVE-2017-0454ã€CVE-2017-0574ã€CVE-2017-0575ã€CVE-2017-0567</li> <li>Ian Foster (<a href="https://twitter.com/lanrat">@lanrat</a>):CVE-2017-0554</li> <li>趨勢科技的 Jack Tang:CVE-2017-0579</li> <li><a href="https://skyeye.360safe.com">奇虎 360 科技有é™å…¬å¸ Skyeye 實驗室</a>çš„ Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>):CVE-2017-0559ã€CVE-2017-0541</li> @@ -63,16 +63,15 @@ <li>特斯拉產å“安全å°çµ„çš„ Mike Anderson (<a href="https://twitter.com/manderbot">@manderbot</a>) å’Œ Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0327ã€CVE-2017-0328</li> <li>阿里巴巴行動安全å°çµ„çš„ Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yang å’Œ Yang Song:CVE-2017-0565</li> <li>Baidu X-Lab (百度安全實驗室) çš„ Pengfei Ding (ä¸é¹é£›)ã€Chenfu Bao (包沉浮) å’Œ Lenx Wei (韋韜):CVE-2016-10236</li> - <li>騰訊科æ©å¯¦é©—室的 Qidan He (何淇丹 - <a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0544ã€CVE-2016-10231ã€CVE-2017-0325</li> + <li>騰訊科æ©å¯¦é©—室的 Qidan He (何淇丹 - <a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>):CVE-2017-0544ã€CVE-2017-0325</li> <li>HCL 科技 Aleph ç ”ç©¶éƒ¨é–€çš„ Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>):CVE-2017-0582ã€CVE-2017-0563</li> <li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2017-0562ã€CVE-2017-0339</li> - <li>趨勢科技行動å¨è„…ç ”ç©¶å°çµ„æˆå“¡ Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2017-0578</li> + <li>趨勢科技行動å¨è„…ç ”ç©¶å°çµ„æˆå“¡ Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>):CVE-2016-10231ã€CVE-2017-0578ã€CVE-2017-0586</li> <li>Tim Becker:CVE-2017-0546</li> <li>Uma Sankar Pradhan (<a href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>):CVE-2017-0560</li> - <li><a href="http://www.trendmicro.com">趨勢科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">行動å¨è„…å°çµ„</a>æˆå“¡ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0555ã€CVE-2017-0538ã€CVE-2017-0539ã€CVE-2017-0540ã€CVE-2017-0557ã€CVE-2017-0556</li> + <li><a href="http://www.trendmicro.com">趨勢科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">行動å¨è„…å°çµ„</a>çš„ V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0555ã€CVE-2017-0538ã€CVE-2017-0539ã€CVE-2017-0557ã€CVE-2017-0556</li> <li>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>):CVE-2017-0549</li> <li>奇虎 360 科技有é™å…¬å¸ Alpha å°çµ„çš„ Wenlin Yang (<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)ã€Guang Gong (<a href="https://twitter.com/oldfresher">@oldfresher</a>) å’Œ Hao Chen:CVE-2017-0580ã€CVE-2017-0577</li> - <li>奇虎 360 科技有é™å…¬å¸ IceSword 實驗室的 Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>):CVE-2017-0586</li> <li>奇虎 360 科技有é™å…¬å¸æˆéƒ½å®‰å…¨æ€§æ‡‰è®Šä¸å¿ƒæˆå“¡ <a href="http://weibo.com/ele7enxxh">Zinuo Han</a>:CVE-2017-0548</li> <li>Google çš„ Zubin Mithra:CVE-2017-0462</li> </ul> @@ -115,14 +114,6 @@ <td>2016 å¹´ 12 月 23 æ—¥</td> </tr> <tr> - <td>CVE-2017-0540</td> - <td><a href="https://android.googlesource.com/platform/external/libhevc/+/01ca88bb6c5bdd44e071f8effebe12f1d7da9853">A-33966031</a></td> - <td>最高</td> - <td>全部</td> - <td>5.0.2ã€5.1.1ã€6.0ã€6.0.1ã€7.0ã€7.1.1</td> - <td>2016 å¹´ 12 月 29 æ—¥</td> - </tr> - <tr> <td>CVE-2017-0541</td> <td><a href="https://android.googlesource.com/platform/external/sonivox/+/56d153259cc3e16a6a0014199a2317dde333c978">A-34031018</a></td> <td>最高</td> @@ -1177,7 +1168,7 @@ QC-CR#1096799</a></td> </tbody></table> <h3 id="eop-in-qualcomm-video-driver">Qualcomm 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>Qualcomm 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•ç¨‹å¼ç¢¼ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> +<p>Qualcomm 視訊驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œé«˜ã€ã€‚</p> <table> <colgroup><col width="19%" /> @@ -1363,7 +1354,7 @@ QC-CR#1103158</a></td> 上游程å¼åº«æ ¸å¿ƒ</a></td> <td>高</td> <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XLã€Pixel Cã€Android Oneã€Nexus Player</td> - <td>Google 內部</td> + <td>2014 å¹´ 10 月 24 æ—¥</td> </tr> </tbody></table> @@ -1414,7 +1405,7 @@ QC-CR#1103158</a></td> <td>CVE-2014-3145</td> <td>A-34469585<br /> <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=314760e66c35c8ffa51b4c4ca6948d207e783079"> -上游程å¼åº«æ ¸å¿ƒ</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"> +Upstream kernel</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"> [2]</a></td> <td>高</td> <td>Nexus 6ã€Nexus Player</td> @@ -1779,7 +1770,7 @@ QC-CR#1097878</a></td> </tbody></table> <h3 id="id-in-qualcomm-video-driver">Qualcomm 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> -<p>Qualcomm 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> +<p>Qualcomm 視訊驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç¯„åœä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> <colgroup><col width="19%" /> @@ -1833,7 +1824,7 @@ QC-CR#1102418</a></td> </tbody></table> <h3 id="id-in-qualcomm-sound-driver">Qualcomm 音效驅動程å¼ä¸çš„資訊外洩æ¼æ´ž</h3> -<p>Qualcomm 音效驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç‰ç´šä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> +<p>Qualcomm 音效驅動程å¼ä¸çš„資訊外洩æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç¯„åœä»¥å¤–çš„è³‡æ–™ã€‚ç”±æ–¼é€™ç¨®æ”»æ“Šå¿…é ˆå…ˆç ´å£žç‰¹å®šç²æŽˆæ¬Šçš„程åºæ‰èƒ½åŸ·è¡Œï¼Œå› æ¤é€™å€‹å•é¡Œçš„åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œä¸ã€ã€‚</p> <table> <colgroup><col width="19%" /> @@ -1939,136 +1930,119 @@ QC-CR#1106842</a></td> </tr> <tr> <td>CVE-2014-9931</td> - <td>A-35445101**<br /> - QC-CR#612410</td> + <td>A-35445101**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2014-9932</td> - <td>A-35434683**<br /> - QC-CR#626734</td> + <td>A-35434683**</td> <td>最高</td> <td>Pixelã€Pixel XL</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2014-9933</td> - <td>A-35442512<br /> - QC-CR#675463</td> + <td>A-35442512**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2014-9934</td> - <td>A-35439275**<br /> - QC-CR#658249</td> + <td>A-35439275**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2014-9935</td> - <td>A-35444951**<br /> - QC-CR#717626</td> + <td>A-35444951**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2014-9936</td> - <td>A-35442420**<br /> - QC-CR#727389</td> + <td>A-35442420**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2014-9937</td> - <td>A-35445102**<br /> - QC-CR#734095</td> + <td>A-35445102**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-8995</td> - <td>A-35445002**<br /> - QC-CR#733690</td> + <td>A-35445002**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-8996</td> - <td>A-35444658**<br /> - QC-CR#734698</td> + <td>A-35444658**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-8997</td> - <td>A-35432947**<br /> - QC-CR#734707</td> + <td>A-35432947**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-8998</td> - <td>A-35441175**<br /> - QC-CR#735337</td> + <td>A-35441175**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-8999</td> - <td>A-35445401**<br /> - QC-CR#736119</td> + <td>A-35445401**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-9000</td> - <td>A-35441076**<br /> - QC-CR#740632</td> + <td>A-35441076**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-9001</td> - <td>A-35445400**<br /> - QC-CR#736083</td> + <td>A-35445400**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-9002</td> - <td>A-35442421**<br /> - QC-CR#748428</td> + <td>A-35442421**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2015-9003</td> - <td>A-35440626**<br /> - QC-CR#749215</td> + <td>A-35440626**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> </tr> <tr> <td>CVE-2016-10242</td> - <td>A-35434643**<br /> - QC-CR#985139</td> + <td>A-35434643**</td> <td>最高</td> <td>ç„¡**</td> <td>Qualcomm 內部</td> @@ -2092,19 +2066,19 @@ QC-CR#1106842</a></td> <li>[ro.build.version.security_patch]:[2017-04-05]</li> </ul> -<p><strong>2. 為什麼這篇公告有兩種安全修補ç‰ç´šï¼Ÿ</strong></p> -<p>本公告有兩種安全修補ç‰ç´šï¼Œè®“ Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚æˆ‘å€‘å»ºè° Android åˆä½œå¤¥ä¼´ä¿®æ£æœ¬å…¬å‘Šæ‰€åˆ—的所有å•é¡Œï¼Œä¸¦ä½¿ç”¨æœ€æ–°çš„安全修補ç‰ç´šã€‚</p> +<p><strong>2. 為什麼這篇公告有兩種安全性修補程å¼ç‰ç´šï¼Ÿ</strong></p> +<p>本公告有兩種安全性修補程å¼ç‰ç´šï¼Œè®“ Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚æˆ‘å€‘å»ºè° Android åˆä½œå¤¥ä¼´ä¿®æ£æœ¬å…¬å‘Šæ‰€åˆ—的所有å•é¡Œï¼Œä¸¦ä½¿ç”¨æœ€æ–°çš„安全修補ç‰ç´šã€‚</p> <ul> <li>安全修補ç‰ç´šç‚º 2017 å¹´ 4 月 1 日的è£ç½®å¿…é ˆç´å…¥æ‰€æœ‰èˆ‡è©²å®‰å…¨ä¿®è£œç‰ç´šç›¸é—œçš„å•é¡Œï¼Œä»¥åŠåœ¨ä¹‹å‰å®‰å…¨æ€§å…¬å‘Šä¸å›žå ±çš„所有å•é¡Œé©ç”¨çš„ä¿®æ£ç¨‹å¼ã€‚</li> <li>如果è£ç½®çš„安全修補ç‰ç´šåœ¨ 2017 å¹´ 4 月 5 æ—¥ä¹‹å¾Œï¼Œå°±å¿…é ˆåŠ å…¥æœ¬å®‰å…¨æ€§å…¬å‘Š (以åŠä¹‹å‰å…¬å‘Š) ä¸çš„所有é©ç”¨ä¿®è£œç¨‹å¼ã€‚</li> </ul> -<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€è¦è§£æ±ºçš„所有å•é¡Œé©ç”¨ä¿®è£œç¨‹å¼åŒ…è£åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> +<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€æœ‰å•é¡Œé©ç”¨çš„修補程å¼éƒ½å½™æ•´åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> <p><strong>3. 如何判斷哪些 Google è£ç½®æœƒå—到哪種å•é¡Œçš„影響?</strong></p> <p>在 <a href="#2017-04-01-details">2017-04-01</a> å’Œ <a href="#2017-04-05-details">2017-04-05</a> 安全性æ¼æ´žè©³æƒ…çš„ç« ç¯€ä¸ï¼Œæ¯å€‹è¡¨æ ¼éƒ½åŒ…å«ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄,當ä¸åˆ—出已é‡å°å„個å•é¡Œé€²è¡Œæ›´æ–°çš„å—影響 Google è£ç½®ç¯„åœã€‚æ¤æ¬„ä¸çš„é¸é …包括:</p> <ul> - <li><strong>所有 Google è£ç½®</strong>:如果å•é¡Œæœƒå½±éŸ¿åˆ°ã€Œå…¨éƒ¨ã€å’Œ Pixel è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œå…¨éƒ¨ã€å—樣。「全部ã€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支æ´çš„è£ç½®</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 7 (2013)ã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> + <li><strong>所有 Google è£ç½®</strong>:如果å•é¡Œæœƒå½±éŸ¿åˆ° Pixel è£ç½®å’Œæ‰€æœ‰çš„ Google è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€æ¬„ä¸å°±æœƒæ¨™ç¤ºã€Œå…¨éƒ¨ã€å—樣。<em></em>「全部ã€åŒ…å«ä¸‹åˆ—<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支æ´çš„è£ç½®</a>:Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Android Oneã€Nexus Playerã€Pixel Cã€Pixel å’Œ Pixel XL。</li> <li><strong>部分 Google è£ç½®</strong>:如果å•é¡Œä¸¦æœªå½±éŸ¿åˆ°æ‰€æœ‰ Google è£ç½®ï¼Œå‰‡ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸æœƒåˆ—出å—影響的 Google è£ç½®ã€‚</li> - <li><strong>ç„¡ Google è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½•æ載 Android 7.0 çš„ Google è£ç½®ï¼Œã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒé¡¯ç¤ºã€Œç„¡ã€å—樣。</li> + <li><strong>ä¸å½±éŸ¿ä»»ä½• Google è£ç½®</strong>:如果å•é¡Œä¸æœƒå½±éŸ¿åˆ°ä»»ä½•æ載 Android 7.0 çš„ Google è£ç½®ï¼Œè¡¨æ ¼å…§ã€Œæ›´æ–°çš„ Google è£ç½®ã€<em></em>欄ä¸å°±æœƒæ¨™ç¤ºã€Œç„¡ã€å—樣。</li> </ul> <p><strong>4. åƒè€ƒè³‡æ–™æ¬„ä¸çš„é …ç›®æœƒå°æ‡‰åˆ°ä»€éº¼ï¼Ÿ</strong></p> <p>資安æ¼æ´žè©³æƒ…è¡¨æ ¼ä¸ã€Œåƒè€ƒè³‡æ–™ã€<em></em>æ¬„åº•ä¸‹çš„é …ç›®å¯èƒ½æœƒåŒ…å«ä¸€å€‹å‰ç½®å—串,用以表示該åƒè€ƒè³‡æ–™å€¼æ‰€å±¬çš„å…¬å¸ã€‚這些å‰ç½®å—元代表的æ„義如下:</p> @@ -2139,6 +2113,9 @@ QC-CR#1106842</a></td> <ul> <li>2017 å¹´ 4 月 3 日:發佈公告。</li> <li>2017 å¹´ 4 月 5 日:在公告ä¸åŠ å…¥ AOSP 連çµã€‚</li> + <li>2017 å¹´ 4 月 21 æ—¥ï¼šæ›´æ£ CVE-2016-10231 å’Œ CVE-2017-0586 çš„è²¢ç»äººå“¡æ¨™ç¤ºã€‚</li> + <li>2017 å¹´ 4 月 27 日:從公告ä¸ç§»é™¤ CVE-2017-0540。</li> + <li>2017 å¹´ 8 月 17 日:修訂公告內容 (æ›´æ–°åƒè€ƒç·¨è™Ÿæ¸…å–®)。</li> </ul> </body></html>
\ No newline at end of file diff --git a/zh-tw/security/bulletin/2017-05-01.html b/zh-tw/security/bulletin/2017-05-01.html index f7efabce..9dfe9f2c 100644 --- a/zh-tw/security/bulletin/2017-05-01.html +++ b/zh-tw/security/bulletin/2017-05-01.html @@ -20,7 +20,7 @@ limitations under the License. --> -<p><em>2017 å¹´ 5 月 1 日發佈 | 2017 å¹´ 8 月 17 日更新</em></p> +<p><em>2017 å¹´ 5 月 1 日發佈 | 2017 å¹´ 10 月 3 日更新</em></p> <p>Android å®‰å…¨æ€§å…¬å‘Šç¾…åˆ—äº†æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦èªªæ˜Žå„é …ç›¸é—œç´°ç¯€ã€‚åœ¨é€™ç¯‡å…¬å‘Šç™¼ä½ˆçš„åŒæ™‚,Google å·²é€éŽ OTA 更新機制發佈了 Google è£ç½®çš„安全性更新。æ¤å¤–,Google éŸŒé«”æ˜ åƒæª”也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2017 å¹´ 5 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å•é¡Œã€‚è«‹åƒé–± <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>,çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šã€‚</p> @@ -28,14 +28,14 @@ <p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是「最高ã€ç‰ç´šçš„安全性æ¼æ´žã€‚當系統執行媒體檔案時,é 端程å¼ç¢¼å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œé€éŽé›»å郵件ã€ç¶²é ç€è¦½æ´»å‹•å’Œå¤šåª’體訊æ¯ç‰æ–¹æ³•ï¼Œè‡ªå‹•åœ¨å—影響的è£ç½®ä¸ŠåŸ·è¡Œã€‚<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被åœç”¨ï¼Œæˆ–是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> -<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果您想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="#mitigations">Android å’Œ Google æœå‹™å› 應措施</a>一節。</p> +<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果您想進一æ¥çžè§£ <a href="#mitigations">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œæœå‹™é˜²è·æŽªæ–½ (例如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="/security/enhancements/index.html">Android å’Œ Google æœå‹™å•é¡Œå› 應措施</a>一節。</p> <p>我們建è°æ‰€æœ‰å®¢æˆ¶æŽ¥å—這些è£ç½®æ›´æ–°ã€‚</p> -<h2 id="announcements">公告</h2> +<h2 id="announcements">å…¬å‘Šäº‹é …</h2> <ul> -<li>本公告有兩個安全修補ç‰ç´šå—串,讓 Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚如需查詢其他相關資訊,請åƒé–±<a href="#common-questions-and-answers">常見å•é¡Œèˆ‡è§£ç”</a>:<ul> - <li><strong>2017-05-01</strong>:部分安全修補ç‰ç´šå—串。這個安全修補ç‰ç´šå—串表示所有與 2017-05-01 相關的å•é¡Œ (以åŠæ‰€æœ‰å…ˆå‰çš„安全修補ç‰ç´šå—串) 都已ç²å¾—解決。</li> - <li><strong>2017-05-05</strong>:完整安全修補ç‰ç´šå—串。這個安全修補ç‰ç´šå—串表示所有與 2017-05-01 å’Œ 2017-05-05 相關的å•é¡Œ (以åŠæ‰€æœ‰å…ˆå‰çš„安全修補ç‰ç´šå—串) 都已ç²å¾—解決。</li> +<li>本公告有兩個安全性修補程å¼ç‰ç´šå—串,讓 Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚如需查詢其他相關資訊,請åƒé–±<a href="#common-questions-and-answers">常見å•é¡Œèˆ‡è§£ç”</a>:<ul> + <li><strong>2017-05-01</strong>:部分安全性修補程å¼ç‰ç´šå—串。這個安全性修補程å¼ç‰ç´šå—串表示所有與 2017-05-01 相關的å•é¡Œ (以åŠæ‰€æœ‰å…ˆå‰çš„安全性修補程å¼ç‰ç´šå—串) 都已ç²å¾—解決。</li> + <li><strong>2017-05-05</strong>:完整安全性修補程å¼ç‰ç´šå—串。這個安全修補ç‰ç´šå—串表示所有與 2017-05-01 å’Œ 2017-05-05 相關的å•é¡Œ (以åŠæ‰€æœ‰å…ˆå‰çš„安全修補ç‰ç´šå—串) 都已ç²å¾—解決。</li> </ul> </li> <li>支æ´çš„ Google è£ç½®æœƒæ”¶åˆ°ä¸€é … OTA 更新,安全修補ç‰ç´šç‚º 2017 å¹´ 5 月 5 日。</li> @@ -70,7 +70,7 @@ <li><a href="mailto:jiych.guru@gmail.com">Niky1235</a> (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>):CVE-2017-0603</li> <li>阿里巴巴行動安全å°çµ„çš„ Peng Xiaoã€Chengming Yangã€Ning Youã€Chao Yang å’Œ Yang song:CVE-2016-10281ã€CVE-2016-10280</li> <li><a href="https://alephsecurity.com/">Aleph ç ”ç©¶éƒ¨é–€</a>çš„ Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>):CVE-2016-10277</li> -<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2016-10274</li> +<li><a href="https://twitter.com/ScottyBauer1">Scott Bauer</a> (<a href="mailto:sbauer@plzdonthack.me">@ScottyBauer1</a>):CVE-2016-10274</li> <li><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ <a href="mailto:segfault5514@gmail.com">Tong Lin</a>ã€<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> å’Œ Xuxian Jiang:CVE-2016-10291</li> <li>Vasily Vasiliev:CVE-2017-0589</li> <li><a href="http://www.trendmicro.com">趨勢科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">行動å¨è„…ç ”ç©¶å°çµ„æˆå“¡</a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0590ã€CVE-2017-0587ã€CVE-2017-0600</li> @@ -536,7 +536,7 @@ <h3 id="eop-in-mediatek-touchscreen-driver">MediaTek 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> -<p>MediaTek 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Reflash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> +<p>MediaTek 觸控螢幕驅動程å¼ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Re-flash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> <table> <colgroup><col width="19%" /> @@ -718,34 +718,6 @@ QC-CR#826589</a></td> <p>* 如果是æ載 Android 7.1.1 以上版本的 Google è£ç½® (å¿…é ˆæ˜¯å—支æ´çš„機型,且已安è£æ‰€æœ‰å¯ç”¨æ›´æ–°),就ä¸æœƒå—到這個æ¼æ´žæ‰€å½±éŸ¿ã€‚</p> -<h3 id="eop-in-kernel-trace-subsystem">æ ¸å¿ƒè¿½è¹¤å系統ä¸çš„權é™å‡ç´šæ¼æ´ž</h3> - -<p>æ ¸å¿ƒè¿½è¹¤å系統ä¸çš„權é™å‡ç´šæ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚由於這個å•é¡Œå¯èƒ½å°Žè‡´æœ¬æ©Ÿè£ç½®çš„å®‰å…¨æ€§å¾¹åº•è¢«ç ´å£žï¼Œé€ æˆä½¿ç”¨è€…å¿…é ˆä»¥é‚„åŽŸ (Reflash) 作æ¥ç³»çµ±çš„æ–¹å¼æ‰èƒ½ä¿®å¾©è£ç½®ï¼Œå› æ¤åš´é‡ç¨‹åº¦è¢«è©•å®šç‚ºã€Œæœ€é«˜ã€ã€‚</p> - -<table> - <colgroup><col width="19%" /> - <col width="20%" /> - <col width="10%" /> - <col width="23%" /> - <col width="17%" /> - </colgroup><tbody><tr> - <th>CVE</th> - <th>åƒè€ƒè³‡æ–™</th> - <th>åš´é‡ç¨‹åº¦</th> - <th>æ›´æ–°çš„ Google è£ç½®</th> - <th>å›žå ±æ—¥æœŸ</th> - </tr> - <tr> - <td>CVE-2017-0605</td> - <td>A-35399704<br /> - <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> -QC-CR#1048480</a></td> - <td>最高</td> - <td>Nexus 5Xã€Nexus 6ã€Nexus 6Pã€Nexus 9ã€Pixelã€Pixel XLã€Pixel Cã€Android Oneã€Nexus Player</td> - <td>2017 å¹´ 2 月 15 æ—¥</td> - </tr> -</tbody></table> - <h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 元件ä¸çš„æ¼æ´ž</h3> <p>以下列出會影響 Qualcomm 元件的安全性æ¼æ´žï¼Œè©³æƒ…è«‹åƒè€ƒ 2016 å¹´ 8 月ã€9 月ã€10 月和 12 月的 Qualcomm AMSS 安全性公告。</p> @@ -2424,7 +2396,7 @@ QC-CR#832915</a></td> <li>如果è£ç½®çš„安全修補ç‰ç´šåœ¨ 2017 å¹´ 5 月 5 æ—¥ä¹‹å¾Œï¼Œå°±å¿…é ˆåŠ å…¥æœ¬å®‰å…¨æ€§å…¬å‘Š (以åŠä¹‹å‰å…¬å‘Š) ä¸çš„所有é©ç”¨ä¿®è£œç¨‹å¼ã€‚</li> </ul> -<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€è¦è§£æ±ºçš„所有å•é¡Œé©ç”¨ä¿®è£œç¨‹å¼åŒ…è£åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> +<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€æœ‰å•é¡Œé©ç”¨çš„修補程å¼éƒ½å½™æ•´åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> <p><strong>3. 如何判斷哪些 Google è£ç½®æœƒå—到哪種å•é¡Œçš„影響?</strong></p> @@ -2470,6 +2442,7 @@ QC-CR#832915</a></td> <li>2017 å¹´ 5 月 2 日:修訂公告內容 (åŠ å…¥ AOSP 連çµ)。</li> <li>2017 å¹´ 8 月 10 日:修訂公告內容 (åŠ å…¥ CVE-2017-0493 的其他 AOSP 連çµ)。</li> <li>2017 å¹´ 8 月 17 日:修訂公告內容 (æ›´æ–°åƒè€ƒç·¨è™Ÿæ¸…å–®)。</li> +<li>2017 å¹´ 10 月 3 日:修訂公告內容 (移除 CVE-2017-0605)。</li> </ul> </body></html>
\ No newline at end of file diff --git a/zh-tw/security/bulletin/2017-06-01.html b/zh-tw/security/bulletin/2017-06-01.html index 53ab1fe3..f8f142a2 100644 --- a/zh-tw/security/bulletin/2017-06-01.html +++ b/zh-tw/security/bulletin/2017-06-01.html @@ -1,5 +1,5 @@ <html devsite><head> - <title>Android 安全性公告 - 2017 å¹´ 6 月</title> + <title>Android 安全性公告 — 2017 å¹´ 6 月</title> <meta name="project_path" value="/_project.yaml"/> <meta name="book_path" value="/_book.yaml"/> </head> @@ -19,7 +19,7 @@ See the License for the specific language governing permissions and limitations under the License. --> -<p><em>2017 å¹´ 6 月 5 日發佈 | 2017 å¹´ 6 月 7 日更新</em></p> +<p><em>2017 å¹´ 6 月 5 日發佈 | 2017 å¹´ 8 月 17 日更新</em></p> <p>Android å®‰å…¨æ€§å…¬å‘Šç¾…åˆ—äº†æœƒå° Android è£ç½®é€ æˆå½±éŸ¿çš„安全性æ¼æ´žï¼Œä¸¦èªªæ˜Žå„é …ç›¸é—œç´°ç¯€ã€‚2017 å¹´ 6 月 5 日之後的安全修補ç‰ç´šå·²è§£æ±ºäº†é€™äº›å•é¡Œã€‚è«‹åƒé–± <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>,çžè§£å¦‚何查看è£ç½®çš„安全修補ç‰ç´šã€‚</p> @@ -27,8 +27,7 @@ <p>在這些å•é¡Œä¸ï¼Œæœ€åš´é‡çš„就是媒體架構ä¸ã€Œæœ€é«˜ã€ç‰ç´šçš„安全性æ¼æ´žã€‚é 端攻擊者å¯åˆ©ç”¨é€™é¡žæ¼æ´žï¼Œåœ¨åª’體檔案和資料處ç†æœŸé–“,é€éŽç‰¹è£½æª”æ¡ˆé€ æˆè¨˜æ†¶é«”出錯。<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦è©•å®šæ¨™æº–</a>是å‡è¨å¹³å°èˆ‡æœå‹™çš„å› æ‡‰é˜²è·æŽªæ–½åŸºæ–¼é–‹ç™¼ä½œæ¥çš„需求而被關閉,或是éåˆ°æœ‰å¿ƒäººå£«ç ´è§£ï¼Œç„¶å¾ŒæŽ¨ç®—ç•¶æœ‰äººæƒ¡æ„é‹ç”¨æ¼æ´žæ™‚,使用者的è£ç½®æœƒå—到多大的影響,據æ¤è©•å®šæ¼æ´žçš„åš´é‡ç¨‹åº¦ã€‚</p> -<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android -安全性平å°é˜²è·æŽªæ–½</a>å’Œ <a href="https://www.android.com/play-protect">Google Play 安全防è·</a>å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="#mitigations">Android å’Œ Google Play 安全防è·å› 應措施</a>。</p> +<p>é‡å°é€™äº›æ–°ç™¼ç¾çš„æ¼æ´žï¼Œæˆ‘們目å‰å°šæœªæ”¶åˆ°ä»»ä½•å®¢æˆ¶å›žå ±ç›¸é—œçš„æ¼æ´žæ¿«ç”¨æ¡ˆä¾‹ã€‚如果想進一æ¥çžè§£ <a href="/security/enhancements/index.html">Android 安全性平å°é˜²è·æŽªæ–½</a>å’Œ <a href="https://www.android.com/play-protect">Google Play 安全防è·</a>æ©Ÿåˆ¶å¦‚ä½•åŠ å¼· Android å¹³å°çš„安全性,請åƒé–± <a href="#mitigations">Android å’Œ Google Play 安全防è·å› 應措施</a>。</p> <p>我們建è°æ‰€æœ‰å®¢æˆ¶æŽ¥å—這些è£ç½®æ›´æ–°ã€‚</p> @@ -52,7 +51,7 @@ </ul> <h2 id="2017-06-01-details">2017-06-01 安全修補ç‰ç´š - 資安æ¼æ´žè©³æƒ…</h2> -<p>下列å„節é‡å° 2017-06-01 安全修補ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,資安æ¼æ´žæ˜¯ä¾ç…§å—它們影響的元件分門別類。包括å•é¡Œèªªæ˜Žå’Œä¸€ä»½æ¼æ´žè³‡è¨Šè¡¨ã€ç›¸é—œåƒç…§ã€<a href="#vulnerability-type">æ¼æ´žé¡žåž‹</a>ã€<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦</a>,以åŠæ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹)。å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œæ‚¨å¯ä»¥é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿé¡å¤–çš„åƒè€ƒè³‡æ–™ã€‚</p> +<p>下列å„節é‡å° 2017-06-01 安全修補ç‰ç´šé©ç”¨çš„å„é …å®‰å…¨æ€§æ¼æ´žæ供了詳細資訊,資安æ¼æ´žæ˜¯ä¾ç…§å—它們影響的元件分門別類。包括å•é¡Œèªªæ˜Žå’Œä¸€ä»½ CVE 資訊表ã€ç›¸é—œåƒè€ƒè³‡æ–™ã€<a href="#vulnerability-type">æ¼æ´žé¡žåž‹</a>ã€<a href="/security/overview/updates-resources.html#severity">åš´é‡ç¨‹åº¦</a>,以åŠæ›´æ–°çš„ AOSP 版本 (在é©ç”¨æƒ…æ³ä¸‹)。å‡å¦‚相關錯誤有公開變更,該錯誤 ID 會連çµåˆ°ç›¸å°æ‡‰çš„變更 (例如 AOSP 變更清單)ã€‚å¦‚æžœå–®ä¸€éŒ¯èª¤æœ‰å¤šé …ç›¸é—œè®Šæ›´ï¼Œæ‚¨å¯ä»¥é€éŽè©²éŒ¯èª¤ ID 後é¢çš„編號連çµé–‹å•Ÿé¡å¤–çš„åƒè€ƒè³‡æ–™ã€‚</p> <h3 id="bluetooth">è—牙</h3> <p>本節ä¸æœ€åš´é‡çš„æ¼æ´žå¯èƒ½æœƒè®“本機惡æ„應用程å¼å˜å–其權é™ç¯„åœä»¥å¤–的資料。</p> @@ -392,6 +391,14 @@ <td>ä¸</td> <td>音效驅動程å¼</td> </tr> + <tr> + <td>CVE-2017-6249</td> + <td>A-34373711<a href="#asterisk">*</a><br /> + N-CVE-2017-6249</td> + <td>EoP</td> + <td>ä¸</td> + <td>音效驅動程å¼</td> + </tr> </tbody></table> <h3 id="qualcomm-components">Qualcomm 元件</h3> <p>本節ä¸æœ€åš´é‡çš„æ¼æ´žå¯èƒ½æœƒè®“é„°è¿‘çš„æ”»æ“Šè€…åœ¨æ ¸å¿ƒç’°å¢ƒå…§åŸ·è¡Œä»»ä½•æŒ‡ä»¤ã€‚</p> @@ -561,7 +568,7 @@ <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6a3b8afdf97e77c0b64005b23fa6d32025d922e5">QC-CR#2009231</a></td> <td>EoP</td> <td>ä¸</td> - <td>Secure Execution Environment Communicator 驅動程å¼</td> + <td>安全執行環境通訊工具驅動程å¼</td> </tr> <tr> <td>CVE-2017-8239</td> @@ -630,416 +637,364 @@ </tr> <tr> <td>CVE-2014-9960</td> - <td>A-37280308<a href="#asterisk">*</a><br /> - QC-CR#381837</td> + <td>A-37280308<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9961</td> - <td>A-37279724<a href="#asterisk">*</a><br /> - QC-CR#581093</td> + <td>A-37279724<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9953</td> - <td>A-36714770<a href="#asterisk">*</a><br /> - QC-CR#642173</td> + <td>A-36714770<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9967</td> - <td>A-37281466<a href="#asterisk">*</a><br /> - QC-CR#739110</td> + <td>A-37281466<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9026</td> - <td>A-37277231<a href="#asterisk">*</a><br /> - QC-CR#748397</td> + <td>A-37277231<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9027</td> - <td>A-37279124<a href="#asterisk">*</a><br /> - QC-CR#748407</td> + <td>A-37279124<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9008</td> - <td>A-36384689<a href="#asterisk">*</a><br /> - QC-CR#762111</td> + <td>A-36384689<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9009</td> - <td>A-36393600<a href="#asterisk">*</a><br /> - QC-CR#762182</td> + <td>A-36393600<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9010</td> - <td>A-36393101<a href="#asterisk">*</a><br /> - QC-CR#758752</td> + <td>A-36393101<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9011</td> - <td>A-36714882<a href="#asterisk">*</a><br /> - QC-CR#762167</td> + <td>A-36714882<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9024</td> - <td>A-37265657<a href="#asterisk">*</a><br /> - QC-CR#740680</td> + <td>A-37265657<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9012</td> - <td>A-36384691<a href="#asterisk">*</a><br /> - QC-CR#746617</td> + <td>A-36384691<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9013</td> - <td>A-36393251<a href="#asterisk">*</a><br /> - QC-CR#814373</td> + <td>A-36393251<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9014</td> - <td>A-36393750<a href="#asterisk">*</a><br /> - QC-CR#855220</td> + <td>A-36393750<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9015</td> - <td>A-36714120<a href="#asterisk">*</a><br /> - QC-CR#701858</td> + <td>A-36714120<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9029</td> - <td>A-37276981<a href="#asterisk">*</a><br /> - QC-CR#827837</td> + <td>A-37276981<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10338</td> - <td>A-37277738<a href="#asterisk">*</a><br /> - QC-CR#987699</td> + <td>A-37277738<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10336</td> - <td>A-37278436<a href="#asterisk">*</a><br /> - QC-CR#973605</td> + <td>A-37278436<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10333</td> - <td>A-37280574<a href="#asterisk">*</a><br /> - QC-CR#947438</td> + <td>A-37280574<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10341</td> - <td>A-37281667<a href="#asterisk">*</a><br /> - QC-CR#991476</td> + <td>A-37281667<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10335</td> - <td>A-37282802<a href="#asterisk">*</a><br /> - QC-CR#961142</td> + <td>A-37282802<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10340</td> - <td>A-37280614<a href="#asterisk">*</a><br /> - QC-CR#989028</td> + <td>A-37280614<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10334</td> - <td>A-37280664<a href="#asterisk">*</a><br /> - QC-CR#949933</td> + <td>A-37280664<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10339</td> - <td>A-37280575<a href="#asterisk">*</a><br /> - QC-CR#988502</td> + <td>A-37280575<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10298</td> - <td>A-36393252<a href="#asterisk">*</a><br /> - QC-CR#1020465</td> + <td>A-36393252<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10299</td> - <td>A-32577244<a href="#asterisk">*</a><br /> - QC-CR#1058511</td> + <td>A-32577244<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>最高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9954</td> - <td>A-36388559<a href="#asterisk">*</a><br /> - QC-CR#552880</td> + <td>A-36388559<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9955</td> - <td>A-36384686<a href="#asterisk">*</a><br /> - QC-CR#622701</td> + <td>A-36384686<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9956</td> - <td>A-36389611<a href="#asterisk">*</a><br /> - QC-CR#638127</td> + <td>A-36389611<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9957</td> - <td>A-36387564<a href="#asterisk">*</a><br /> - QC-CR#638984</td> + <td>A-36387564<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9958</td> - <td>A-36384774<a href="#asterisk">*</a><br /> - QC-CR#638135</td> + <td>A-36384774<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9962</td> - <td>A-37275888<a href="#asterisk">*</a><br /> - QC-CR#656267</td> + <td>A-37275888<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9963</td> - <td>A-37276741<a href="#asterisk">*</a><br /> - QC-CR#657771</td> + <td>A-37276741<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9959</td> - <td>A-36383694<a href="#asterisk">*</a><br /> - QC-CR#651900</td> + <td>A-36383694<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9964</td> - <td>A-37280321<a href="#asterisk">*</a><br /> - QC-CR#680778</td> + <td>A-37280321<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9965</td> - <td>A-37278233<a href="#asterisk">*</a><br /> - QC-CR#711585</td> + <td>A-37278233<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2014-9966</td> - <td>A-37282854<a href="#asterisk">*</a><br /> - QC-CR#727398</td> + <td>A-37282854<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9023</td> - <td>A-37276138<a href="#asterisk">*</a><br /> - QC-CR#739802</td> + <td>A-37276138<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9020</td> - <td>A-37276742<a href="#asterisk">*</a><br /> - QC-CR#733455</td> + <td>A-37276742<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9021</td> - <td>A-37276743<a href="#asterisk">*</a><br /> - QC-CR#735148</td> + <td>A-37276743<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9025</td> - <td>A-37276744<a href="#asterisk">*</a><br /> - QC-CR#743985</td> + <td>A-37276744<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9022</td> - <td>A-37280226<a href="#asterisk">*</a><br /> - QC-CR#736146</td> + <td>A-37280226<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9028</td> - <td>A-37277982<a href="#asterisk">*</a><br /> - QC-CR#762764</td> + <td>A-37277982<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9031</td> - <td>A-37275889<a href="#asterisk">*</a><br /> - QC-CR#866015</td> + <td>A-37275889<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9032</td> - <td>A-37279125<a href="#asterisk">*</a><br /> - QC-CR#873202</td> + <td>A-37279125<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9033</td> - <td>A-37276139<a href="#asterisk">*</a><br /> - QC-CR#892541</td> + <td>A-37276139<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2015-9030</td> - <td>A-37282907<a href="#asterisk">*</a><br /> - QC-CR#854667</td> + <td>A-37282907<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10332</td> - <td>A-37282801<a href="#asterisk">*</a><br /> - QC-CR#906713<br /> - QC-CR#917701<br /> - QC-CR#917702</td> + <td>A-37282801<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10337</td> - <td>A-37280665<a href="#asterisk">*</a><br /> - QC-CR#977632</td> + <td>A-37280665<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> <tr> <td>CVE-2016-10342</td> - <td>A-37281763<a href="#asterisk">*</a><br /> - QC-CR#988941</td> + <td>A-37281763<a href="#asterisk">*</a></td> <td>ç„¡</td> <td>高</td> <td>å°é–‰åŽŸå§‹ç¢¼å…ƒä»¶</td> </tr> </tbody></table> <h2 id="google-device-updates">Google è£ç½®æ›´æ–°</h2> -<p>æ¤è¡¨æ ¼åŒ…å«æœ€æ–°ç„¡ç·šä¸‹è¼‰æ›´æ–° (OTA) ä¸çš„安全修補ç‰ç´šå’Œ Google è£ç½®çš„éŸŒé«”æ˜ åƒæª”。您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/images">Google Developer 網站</a>å–å¾— Google è£ç½®éŸŒé«”æ˜ åƒæª”。</p> +<p>æ¤è¡¨æ ¼åŒ…å«æœ€æ–°ç„¡ç·šä¸‹è¼‰æ›´æ–° (OTA) ä¸çš„安全性修補程å¼ç‰ç´šå’Œ Google è£ç½®çš„éŸŒé«”æ˜ åƒæª”。您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/images">Google Developer 網站</a>å–å¾— Google è£ç½®éŸŒé«”æ˜ åƒæª”。</p> <table> <colgroup><col width="25%" /> <col width="75%" /> </colgroup><tbody><tr> <th>Google è£ç½®</th> - <th>安全修補ç‰ç´š</th> + <th>安全性修補程å¼ç‰ç´š</th> </tr> <tr> <td>Pixel/Pixel XL</td> @@ -1102,11 +1057,11 @@ </tr> <tr> <td>CVE-2017-8233</td> - <td>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf</a></td> + <td>奇虎 360 IceSword 實驗室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) å’Œ <a href="http://weibo.com/jfpan">pjf </a></td> </tr> <tr> <td>CVE-2017-7368</td> - <td><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Lubo Zhang (<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>)ã€Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) å’Œ Xuxian Jiang</td> + <td><a href="http://c0reteam.org">C0RE å°çµ„</a>æˆå“¡ Lubo Zhang (<a href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>ã€Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>) å’Œ Xuxian Jiang</td> </tr> <tr> <td>CVE-2017-8242</td> @@ -1167,13 +1122,13 @@ <ul> <li>[ro.build.version.security_patch]:[2017-06-01]</li> <li>[ro.build.version.security_patch]:[2017-06-05]</li></ul> -<p><strong>2. 為什麼這篇公告有兩種安全修補ç‰ç´šï¼Ÿ</strong></p> +<p><strong>2. 為什麼這篇公告有兩種安全性修補程å¼ç‰ç´šï¼Ÿ</strong></p> -<p>本公告有兩種安全修補ç‰ç´šï¼Œè®“ Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚æˆ‘å€‘å»ºè° Android åˆä½œå¤¥ä¼´ä¿®æ£æœ¬å…¬å‘Šæ‰€åˆ—的所有å•é¡Œï¼Œä¸¦ä½¿ç”¨æœ€æ–°çš„安全修補ç‰ç´šã€‚</p> +<p>本公告有兩種安全性修補程å¼ç‰ç´šï¼Œè®“ Android åˆä½œå¤¥ä¼´èƒ½å¤ éˆæ´»é‹ç”¨ï¼Œä»¥å¿«é€Ÿä¿®æ£æŸäº›ç™¼ç”Ÿåœ¨æ‰€æœ‰ Android è£ç½®ä¸Šçš„é¡žä¼¼æ¼æ´žã€‚æˆ‘å€‘å»ºè° Android åˆä½œå¤¥ä¼´ä¿®æ£æœ¬å…¬å‘Šæ‰€åˆ—的所有å•é¡Œï¼Œä¸¦ä½¿ç”¨æœ€æ–°çš„安全修補ç‰ç´šã€‚</p> <ul> <li>安全修補ç‰ç´šç‚º 2017 å¹´ 6 月 1 日的è£ç½®å¿…é ˆç´å…¥æ‰€æœ‰èˆ‡è©²å®‰å…¨ä¿®è£œç‰ç´šç›¸é—œçš„å•é¡Œï¼Œä»¥åŠåœ¨ä¹‹å‰å®‰å…¨æ€§å…¬å‘Šä¸å›žå ±çš„所有å•é¡Œé©ç”¨çš„ä¿®æ£ç¨‹å¼ã€‚</li> <li>如果è£ç½®çš„安全修補ç‰ç´šåœ¨ 2017 å¹´ 6 月 5 æ—¥ä¹‹å¾Œï¼Œå°±å¿…é ˆåŠ å…¥æœ¬å®‰å…¨æ€§å…¬å‘Š (以åŠä¹‹å‰å…¬å‘Š) ä¸çš„所有é©ç”¨ä¿®è£œç¨‹å¼ã€‚</li></ul> -<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€è¦è§£æ±ºçš„所有å•é¡Œé©ç”¨ä¿®è£œç¨‹å¼å½™æ•´åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> +<p>我們建è°åˆä½œå¤¥ä¼´å°‡æ‰€æœ‰å•é¡Œé©ç”¨çš„修補程å¼éƒ½å½™æ•´åœ¨å–®ä¸€æ›´æ–°ä¸ã€‚</p> <p id="vulnerability-type"><strong>3. 「類型ã€<em></em>欄ä¸çš„é …ç›®ä»£è¡¨ä»€éº¼æ„義?</strong></p> @@ -1239,9 +1194,9 @@ <td>Broadcom åƒè€ƒç·¨è™Ÿ</td> </tr> </tbody></table> -<p id="asterisk"><strong>5. 「åƒè€ƒè³‡æ–™ã€<em></em>æ¬„ä¸ Android 錯誤 ID æ—邊的星號 (<a href="#asterisk">*</a>) 代表什麼æ„義?</strong></p> +<p id="asterisk"><strong>5. 「åƒè€ƒè³‡æ–™ã€æ¬„ä¸ Android 錯誤 ID æ—邊的星號 (<a href="#asterisk">*</a>) 代表什麼æ„義?<em></em></strong></p> -<p>在「åƒè€ƒè³‡æ–™ã€<em></em>æ¬„ä¸ Android 錯誤 ID æ—邊標上星號 (<a href="#asterisk">*</a>) 代表該å•é¡Œä¸¦æœªå…¬é–‹ï¼Œç›¸é—œçš„更新通常是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> +<p>在「åƒè€ƒè³‡æ–™ã€æ¬„ä¸ Android 錯誤 ID æ—邊標上星號 (<a href="#asterisk">*</a>) 代表該å•é¡Œä¸¦æœªå…¬é–‹ï¼Œ<em></em>相關的更新通常是直接整åˆåœ¨æœ€æ–°çš„ Nexus è£ç½®å°ˆç”¨é©…動程å¼çš„安è£æª”ä¸ã€‚您å¯ä»¥å‰å¾€ <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程å¼ã€‚</p> <h2 id="versions">版本</h2> <table> @@ -1261,7 +1216,17 @@ <tr> <td>1.1</td> <td>2017 å¹´ 6 月 7 æ—¥</td> - <td>ä¿®è¨‚å…¬å‘Šï¼ŒåŠ å…¥ AOSP 連çµã€‚</td> + <td>修訂公告內容 (åŠ å…¥ AOSP 連çµ)。</td> + </tr> + <tr> + <td>1.2</td> + <td>2017 å¹´ 7 月 11 æ—¥</td> + <td>修訂公告內容 (åŠ å…¥ CVE-2017-6249)。</td> + </tr> + <tr> + <td>1.3</td> + <td>2017 å¹´ 8 月 17 æ—¥</td> + <td>修訂公告內容 (æ›´æ–°åƒè€ƒç·¨è™Ÿæ¸…å–®)。</td> </tr> </tbody></table> |