diff options
Diffstat (limited to 'en/security/bulletin/2017-05-01.html')
| -rw-r--r-- | en/security/bulletin/2017-05-01.html | 3078 |
1 files changed, 3078 insertions, 0 deletions
diff --git a/en/security/bulletin/2017-05-01.html b/en/security/bulletin/2017-05-01.html new file mode 100644 index 00000000..bfad8ced --- /dev/null +++ b/en/security/bulletin/2017-05-01.html @@ -0,0 +1,3078 @@ +<html devsite> + <head> + <title>Android Security Bulletin—May 2017</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + + +<p><em>Published May 01, 2017</em></p> + +<p>The Android Security Bulletin contains details of security vulnerabilities +affecting Android devices. Alongside the bulletin, we have released a security +update to Nexus devices through an over-the-air (OTA) update. The Google device +firmware images have also been released to the <a +href="https://developers.google.com/android/nexus/images">Google Developer +site</a>. Security patch levels of May 05, 2017 or later address all of these +issues. Refer to the <a +href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel +and Nexus update schedule</a> to learn how to check a device's security patch +level.</p> + +<p>Partners were notified of the issues described in the bulletin on April 03, 2017 +or earlier. Source code patches for these issues will be released to the Android +Open Source Project (AOSP) repository in the next 48 hours. We will revise this +bulletin with the AOSP links when they are available.</p> + +<p>The most severe of these issues is a Critical security vulnerability that could +enable remote code execution on an affected device through multiple methods such +as email, web browsing, and MMS when processing media files. The <a +href="/security/overview/updates-resources.html#severity">severity +assessment</a> is based on the effect that exploiting the vulnerability would +possibly have on an affected device, assuming the platform and service +mitigations are disabled for development purposes or if successfully bypassed.</p> + +<p>We have had no reports of active customer exploitation or abuse of these newly +reported issues. Refer to the <a +href="#mitigations">Android and Google service +mitigations</a> section for details on the <a +href="/security/enhancements/index.html">Android +security platform protections</a> and service protections such as <a +href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, +which improve the security of the Android platform.</p> + +<p>We encourage all customers to accept these updates to their devices.</p> +<h2 id="announcements">Announcements</h2> +<ul> +<li>This bulletin has two security patch level strings to provide Android +partners with the flexibility to more quickly fix a subset of vulnerabilities +that are similar across all Android devices. See <a +href="#common-questions-and-answers">Common questions and answers</a> for +additional information: + <ul> + <li><strong>2017-05-01</strong>: Partial security patch level string. This +security patch level string indicates that all issues associated with 2017-05-01 +(and all previous security patch level strings) are addressed.</li> + <li><strong>2017-05-05</strong>: Complete security patch level string. This +security patch level string indicates that all issues associated with 2017-05-01 +and 2017-05-05 (and all previous security patch level strings) are addressed.</li> +</ul> +</li> +<li>Supported Google devices will receive a single OTA update with the May 05, +2017 security patch level.</li> +</ul> + +<h2 id="mitigations">Android and Google Service Mitigations</h2> + +<p>This is a summary of the mitigations provided by the <a +href="/security/enhancements/index.html">Android +security platform</a> and service protections such as SafetyNet. These +capabilities reduce the likelihood that security vulnerabilities could be +successfully exploited on Android.</p> + +<ul> +<li>Exploitation for many issues on Android is made more difficult by +enhancements in newer versions of the Android platform. We encourage all users +to update to the latest version of Android where possible.</li> +<li>The Android Security team actively monitors for abuse with <a +href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">Verify +Apps and SafetyNet</a>, which are designed to warn users about <a +href="/security/reports/Google_Android_Security_PHA_classifications.pdf">Potentially +Harmful Applications</a>. Verify Apps is enabled by default on devices with <a +href="http://www.android.com/gms">Google Mobile Services</a> and is especially +important for users who install applications from outside of Google Play. Device +rooting tools are prohibited within Google Play, but Verify Apps warns users +when they attempt to install a detected rooting application—no matter where it +comes from. Additionally, Verify Apps attempts to identify and block +installation of known malicious applications that exploit a privilege escalation +vulnerability. If such an application has already been installed, Verify Apps +will notify the user and attempt to remove the detected application.</li> +<li>As appropriate, Google Hangouts and Messenger applications do not +automatically pass media to processes such as Mediaserver.</li> +</ul> + +<h2 id="acknowledgements">Acknowledgements</h2> + +<p>We would like to thank these researchers for their contributions:</p> +<ul> +<li>ADlab of Venustech: CVE-2017-0630</li> +<li>Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>) of +KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: +CVE-2016-10287</li> +<li>Ecular Xu (徐健) of Trend Micro: CVE-2017-0599, CVE-2017-0635</li> +<li>En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) and Bo Liu of +<a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0601</li> +<li>Ethan Yonker of <a href="https://twrp.me/">Team Win Recovery Project</a>: +CVE-2017-0493</li> +<li>Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) +and <a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360 +Technology Co. Ltd: CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, +CVE-2017-0624, CVE-2017-0616, CVE-2017-0617, CVE-2016-10294, CVE-2016-10295, +CVE-2016-10296</li> +<li>godzheng (郑文选 <a +href="https://twitter.com/virtualseekers">@VirtualSeekers</a>) of Tencent PC +Manager: CVE-2017-0602</li> +<li><a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz +Seray Tuncay</a> of the <a +href="http://tuncay2.web.engr.illinois.edu">University of Illinois at +Urbana-Champaign</a>: CVE-2017-0593</li> +<li>Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd: +CVE-2016-10283</li> +<li>Juhu Nie, Yang Cheng, Nan Li, and Qiwu Huang of Xiaomi Inc: CVE-2016-10276</li> +<li><a href="https://github.com/michalbednarski">Michał Bednarski</a>: +CVE-2017-0598</li> +<li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) of +Tesla's Product Security Team: CVE-2017-0331, CVE-2017-0606</li> +<li><a href="mailto:jiych.guru@gmail.com">Niky1235</a> (<a +href="https://twitter.com/jiych_guru">@jiych_guru</a>): CVE-2017-0603</li> +<li>Peng Xiao, Chengming Yang, Ning You, Chao Yang, and Yang song of Alibaba +Mobile Security Group: CVE-2016-10281, CVE-2016-10280</li> +<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a +href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-10274</li> +<li><a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a +href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, and Xuxian Jiang of <a +href="http://c0reteam.org">C0RE Team</a>: CVE-2016-10291</li> +<li>Vasily Vasiliev: CVE-2017-0589</li> +<li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) of <a +href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile +Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: +CVE-2017-0590, CVE-2017-0587, CVE-2017-0600</li> +<li>Xiling Gong of Tencent Security Platform Department: CVE-2017-0597</li> +<li>Xingyuan Lin of 360 Marvel Team: CVE-2017-0627</li> +<li>Yong Wang (王勇) (<a +href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) of Alibaba Inc: +CVE-2017-0588</li> +<li>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of +IceSword Lab, Qihoo 360 Technology Co. Ltd: CVE-2016-10289, CVE-2017-0465</li> +<li>Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2016-10282, +CVE-2017-0615</li> +<li>Yu Pan and Peide Zhang of Vulpecker Team, Qihoo 360 Technology Co. Ltd: +CVE-2017-0618, CVE-2017-0625</li> +</ul> + +<h2 id="2017-05-01-details">2017-05-01 security patch level-Vulnerability +details</h2> + +<p>In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2017-05-01 patch level. There is a description +of the issue, a severity rationale, and a table with the CVE, associated +references, severity, updated Google devices, updated AOSP versions (where +applicable), and date reported. When available, we will link the public change +that addressed the issue to the bug ID, like the AOSP change list. When multiple +changes relate to a single bug, additional references are linked to numbers +following the bug ID.</p> + + +<h3 id="rce-in-mediaserver">Remote code execution vulnerability in +Mediaserver</h3> + +<p>A remote code execution vulnerability in Mediaserver could enable an attacker +using a specially crafted file to cause memory corruption during media file and +data processing. This issue is rated as Critical due to the possibility of +remote code execution within the context of the Mediaserver process.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0587</td> + <td>A-35219737</td> + <td>Critical</td> + <td>All</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Jan 4, 2017</td> + </tr> + <tr> + <td>CVE-2017-0588</td> + <td>A-34618607</td> + <td>Critical</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Jan 21, 2017</td> + </tr> + <tr> + <td>CVE-2017-0589</td> + <td>A-34897036</td> + <td>Critical</td> + <td>All</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Feb 1, 2017</td> + </tr> + <tr> + <td>CVE-2017-0590</td> + <td>A-35039946</td> + <td>Critical</td> + <td>All</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Feb 6, 2017</td> + </tr> + <tr> + <td>CVE-2017-0591</td> + <td>A-34097672</td> + <td>Critical</td> + <td>All</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Google internal</td> + </tr> + <tr> + <td>CVE-2017-0592</td> + <td>A-34970788</td> + <td>Critical</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Google internal</td> + </tr> +</table> + + +<h3 id="eop-in-framework-apis">Elevation of privilege vulnerability in +Framework APIs</h3> + +<p>An elevation of privilege vulnerability in the Framework APIs could enable a +local malicious application to obtain access to custom permissions. This issue +is rated as High because it is a general bypass for operating system +protections that isolate application data from other applications.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0593</td> + <td>A-34114230</td> + <td>High</td> + <td>All</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Jan 5, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-mediaserver">Elevation of privilege vulnerability in +Mediaserver</h3> + +<p>An elevation of privilege vulnerability in Mediaserver could enable a local +malicious application to execute arbitrary code within the context of a +privileged process. This issue is rated as High because it could be used to +gain local access to elevated capabilities, which are not normally accessible +to a third-party application.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0594</td> + <td>A-34617444</td> + <td>High</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Jan 22, 2017</td> + </tr> + <tr> + <td>CVE-2017-0595</td> + <td>A-34705519</td> + <td>High</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> + <td>Jan 24, 2017</td> + </tr> + <tr> + <td>CVE-2017-0596</td> + <td>A-34749392</td> + <td>High</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> + <td>Jan 24, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-audioserver">Elevation of privilege vulnerability in +Audioserver</h3> + +<p>An elevation of privilege vulnerability in Audioserver could enable a local +malicious application to execute arbitrary code within the context of a +privileged process. This issue is rated as High because it could be used to +gain local access to elevated capabilities, which are not normally accessible +to a third-party application.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0597</td> + <td>A-34749571</td> + <td>High</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Jan 25, 2017</td> + </tr> +</table> + + +<h3 id="id-in-framework-apis">Information disclosure vulnerability in Framework +APIs</h3> + +<p>An information disclosure vulnerability in the Framework APIs could enable a +local malicious application to bypass operating system protections that isolate +application data from other applications. This issue is rated as High because +it could be used to gain access to data that the application does not have +access to.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0598</td> + <td>A-34128677</td> + <td>High</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Jan 6, 2017</td> + </tr> +</table> + + +<h3 id="dos-in-mediaserver">Denial of service vulnerability in Mediaserver</h3> + +<p>A remote denial of service vulnerability in Mediaserver could enable an +attacker to use a specially crafted file to cause a device hang or reboot. This +issue is rated as High severity due to the possibility of remote denial of +service.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0599</td> + <td>A-34672748</td> + <td>High</td> + <td>All</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Jan 23, 2017</td> + </tr> + <tr> + <td>CVE-2017-0600</td> + <td>A-35269635</td> + <td>High</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Feb 10, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-bluetooth">Elevation of privilege vulnerability in +Bluetooth</h3> + +<p>An Elevation of Privilege vulnerability in Bluetooth could potentially enable a +local malicious application to accept harmful files shared via bluetooth +without user permission. This issue is rated as Moderate due to local bypass of +user interaction requirements. </p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0601</td> + <td>A-35258579</td> + <td>Moderate</td> + <td>All</td> + <td>7.0, 7.1.1, 7.1.2</td> + <td>Feb 9, 2017</td> + </tr> +</table> + + +<h3 id="id-in-file-based-encryption">Information disclosure vulnerability in +File-Based Encryption</h3> + +<p>An information disclosure vulnerability in File-Based Encryption could enable a +local malicious attacker to bypass operating system protections for the lock +screen. This issue is rated as Moderate due to the possibility of bypassing the +lock screen.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0493</td> + <td>A-32793550</td> + <td>Moderate</td> + <td>All</td> + <td>7.0, 7.1.1</td> + <td>Nov 9, 2016</td> + </tr> +</table> + + +<h3 id="id-in-bluetooth">Information disclosure vulnerability in Bluetooth</h3> + +<p>An information disclosure vulnerability in Bluetooth could allow a local +malicious application to bypass operating system protections that isolate +application data from other applications. This issue is rated as Moderate due +to details specific to the vulnerability.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0602</td> + <td>A-34946955</td> + <td>Moderate</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Dec 5, 2016</td> + </tr> +</table> + + +<h3 id="id-in-openssl-&-boringssl">Information disclosure vulnerability in +OpenSSL & BoringSSL</h3> + +<p>An information disclosure vulnerability in OpenSSL & BoringSSL could enable a +remote attacker to gain access to sensitive information. This issue is rated as +Moderate due to details specific to the vulnerability.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-7056</td> + <td>A-33752052</td> + <td>Moderate</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Dec 19, 2016</td> + </tr> +</table> + + +<h3 id="dos-in-mediaserver-2">Denial of service vulnerability in +Mediaserver</h3> + +<p>A denial of service vulnerability in Mediaserver could enable an attacker to +use a specially crafted file to cause a device hang or reboot. This issue is +rated as Moderate because it requires an uncommon device configuration.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0603</td> + <td>A-35763994</td> + <td>Moderate</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Feb 23, 2017</td> + </tr> +</table> + + +<h3 id="dos-in-mediaserver-3">Denial of service vulnerability in +Mediaserver</h3> + +<p>A remote denial of service vulnerability in Mediaserver could enable an +attacker to use a specially crafted file to cause a device hang or reboot. This +issue is rated as Low due to details specific to the vulnerability.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0635</td> + <td>A-35467107</td> + <td>Low</td> + <td>All</td> + <td>7.0, 7.1.1, 7.1.2</td> + <td>Feb 16, 2017</td> + </tr> +</table> + + +<h2 id="2017-05-05-details">2017-05-05 security patch level-Vulnerability +details</h2> + +<p>In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2017-05-05 patch level. There is a description +of the issue, a severity rationale, and a table with the CVE, associated +references, severity, updated Google devices, updated AOSP versions (where +applicable), and date reported. When available, we will link the public change +that addressed the issue to the bug ID, like the AOSP change list. When multiple +changes relate to a single bug, additional references are linked to numbers +following the bug ID.</p> + + +<h3 id="rce-in-giflib">Remote code execution vulnerability in GIFLIB</h3> + +<p>A remote code execution vulnerability in GIFLIB could enable an attacker using +a specially crafted file to cause memory corruption during media file and data +processing. This issue is rated as Critical due to the possibility of remote +code execution within the context of the Mediaserver process.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2015-7555</td> + <td>A-34697653</td> + <td>Critical</td> + <td>All</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>April 13, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-mediatek-touchscreen-driver">Elevation of privilege +vulnerability in MediaTek touchscreen driver</h3> + +<p>An elevation of privilege vulnerability in the MediaTek touchscreen driver +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as Critical due to the possibility +of a local permanent device compromise, which may require reflashing the +operating system to repair the device.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10274</td> + <td>A-30202412*<br> + M-ALPS02897901</td> + <td>Critical</td> + <td>None**</td> + <td>Jul 16, 2016</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-qualcomm-bootloader">Elevation of privilege vulnerability in +Qualcomm bootloader</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm bootloader could enable +a local malicious application to execute arbitrary code within the context of +the kernel. This issue is rated as Critical due to the possibility of a local +permanent device compromise, which may require reflashing the operating system +to repair the device.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10275</td> + <td>A-34514954<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b"> +QC-CR#1009111</a></td> + <td>Critical</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL, Android One</td> + <td>Sep 13, 2016</td> + </tr> + <tr> + <td>CVE-2016-10276</td> + <td>A-32952839<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64"> +QC-CR#1094105</a></td> + <td>Critical</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>Nov 16, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-kernel-sound-subsystem">Elevation of privilege vulnerability in +kernel sound subsystem</h3> + +<p>An elevation of privilege vulnerability in the kernel sound subsystem could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as Critical due to the possibility +of a local permanent device compromise, which may require reflashing the +operating system to repair the device.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-9794</td> + <td>A-34068036<br> + <a +href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757"> +Upstream kernel</a></td> + <td>Critical</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>Dec 3, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-motorola-bootloader">Elevation of privilege vulnerability in +Motorola bootloader</h3> + +<p>An elevation of privilege vulnerability in the Motorola bootloader could enable +a local malicious application to execute arbitrary code within the context of +the bootloader. This issue is rated as Critical due to the possibility of a +local permanent device compromise, which may require reflashing the operating +system to repair the device.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10277</td> + <td>A-33840490*<br> + </td> + <td>Critical</td> + <td>Nexus 6</td> + <td>Dec 21, 2016</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="eop-in-nvidia-video-driver">Elevation of privilege vulnerability in +NVIDIA video driver</h3> + +<p>An elevation of privilege vulnerability in the NVIDIA video driver could enable +a local malicious application to execute arbitrary code within the context of +the kernel. This issue is rated as Critical due to the possibility of a local +permanent device compromise, which may require reflashing the operating system +to repair the device.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0331</td> + <td>A-34113000*<br> + N-CVE-2017-0331</td> + <td>Critical</td> + <td>Nexus 9</td> + <td>Jan 4, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="eop-in-qualcomm-power-driver">Elevation of privilege vulnerability in +Qualcomm power driver</h3> + +<p>An elevation of privilege vulnerability in the kernel Qualcomm power driver +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as Critical due to the possibility +of a local permanent device compromise, which may require reflashing the +operating system to repair the device.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0604</td> + <td>A-35392981<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7"> +QC-CR#826589</a></td> + <td>Critical</td> + <td>None*</td> + <td>Feb 15, 2017</td> + </tr> +</table> + +<p>* Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-kernel-trace-subsystem">Elevation of privilege vulnerability in +kernel trace subsystem</h3> + +<p>An elevation of privilege vulnerability in the kernel trace subsystem could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as Critical due to the possibility +of a local permanent device compromise, which may require reflashing the +operating system to repair the device.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0605</td> + <td>A-35399704<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> +QC-CR#1048480</a></td> + <td>Critical</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="vulnerabilities-in-qualcomm-components">Vulnerabilities in Qualcomm +components</h3> + +<p>These vulnerabilities affect Qualcomm components and are described in further +detail in the Qualcomm AMSS August, September, October, and December 2016 +security bulletins.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10240</td> + <td>A-32578446**<br> + QC-CR#955710</td> + <td>Critical</td> + <td>Nexus 6P</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2016-10241</td> + <td>A-35436149**<br> + QC-CR#1068577</td> + <td>Critical</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2016-10278</td> + <td>A-31624008**<br> + QC-CR#1043004</td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2016-10279</td> + <td>A-31624421**<br> + QC-CR#1031821</td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Qualcomm internal</td> + </tr> +</table> + +<p>* The severity rating for these vulnerabilities was determined by the vendor.</p> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>*** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="rce-in-libxml2">Remote code execution vulnerability in libxml2</h3> + +<p>A remote code execution vulnerability in libxml2 could enable an attacker to +use a specially crafted file to execute arbitrary code within the context of an +unprivileged process. This issue is rated as High due to the possibility of +remote code execution in an application that uses this library.</p> + +<table> + <col width="18%"> + <col width="17%"> + <col width="10%"> + <col width="19%"> + <col width="18%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Updated AOSP versions</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-5131</td> + <td>A-32956747</td> + <td>High</td> + <td>None*</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> + <td>July 23, 2016</td> + </tr> +</table> + +<p>* Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-mediatek-thermal-driver">Elevation of privilege vulnerability in +MediaTek thermal driver</h3> + +<p>An elevation of privilege vulnerability in the MediaTek thermal driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10280</td> + <td>A-28175767*<br> + M-ALPS02696445</td> + <td>High</td> + <td>None**</td> + <td>Apr 11, 2016</td> + </tr> + <tr> + <td>CVE-2016-10281</td> + <td>A-28175647*<br> + M-ALPS02696475</td> + <td>High</td> + <td>None**</td> + <td>Apr 11, 2016</td> + </tr> + <tr> + <td>CVE-2016-10282</td> + <td>A-33939045*<br> + M-ALPS03149189</td> + <td>High</td> + <td>None**</td> + <td>Dec 27, 2016</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-qualcomm-wi-fi-driver">Elevation of privilege vulnerability in +Qualcomm Wi-Fi driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10283</td> + <td>A-32094986<br> + <a +href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd"> +QC-CR#2002052</a></td> + <td>High</td> + <td>Nexus 5X, Pixel, Pixel XL, Android One</td> + <td>Oct 11, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-video-driver">Elevation of privilege vulnerability in +Qualcomm video driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm video driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10284</td> + <td>A-32402303*<br> + QC-CR#2000664</td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Oct 24, 2016</td> + </tr> + <tr> + <td>CVE-2016-10285</td> + <td>A-33752702<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9"> +QC-CR#1104899</a></td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Dec 19, 2016</td> + </tr> + <tr> + <td>CVE-2016-10286</td> + <td>A-35400904<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999"> +QC-CR#1090237</a></td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Feb 15, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="eop-in-kernel-performance-subsystem">Elevation of privilege +vulnerability in kernel performance subsystem</h3> + +<p>An elevation of privilege vulnerability in the kernel performance subsystem +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2015-9004</td> + <td>A-34515362<br> + <a +href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"> +Upstream kernel</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>Nov 23, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-sound-driver">Elevation of privilege vulnerability in +Qualcomm sound driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm sound driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10287</td> + <td>A-33784446<br> + <a +href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded"> +QC-CR#1112751</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Dec 20, 2016</td> + </tr> + <tr> + <td>CVE-2017-0606</td> + <td>A-34088848<br> + <a +href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250"> +QC-CR#1116015</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Jan 3, 2017</td> + </tr> + <tr> + <td>CVE-2016-5860</td> + <td>A-34623424<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498"> +QC-CR#1100682</a></td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Jan 22, 2017</td> + </tr> + <tr> + <td>CVE-2016-5867</td> + <td>A-35400602<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5"> +QC-CR#1095947</a></td> + <td>High</td> + <td>None*</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2017-0607</td> + <td>A-35400551<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d"> +QC-CR#1085928</a></td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2017-0608</td> + <td>A-35400458<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980"> +QC-CR#1098363</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2017-0609</td> + <td>A-35399801<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567"> +QC-CR#1090482</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2016-5859</td> + <td>A-35399758<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe"> +QC-CR#1096672</a></td> + <td>High</td> + <td>None*</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2017-0610</td> + <td>A-35399404<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe"> +QC-CR#1094852</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2017-0611</td> + <td>A-35393841<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8"> +QC-CR#1084210</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2016-5853</td> + <td>A-35392629<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be"> +QC-CR#1102987</a></td> + <td>High</td> + <td>None*</td> + <td>Feb 15, 2017</td> + </tr> +</table> + +<p>* Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-qualcomm-led-driver">Elevation of privilege vulnerability in +Qualcomm LED driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm LED driver could enable +a local malicious application to execute arbitrary code within the context of +the kernel. This issue is rated as High because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10288</td> + <td>A-33863909<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660"> +QC-CR#1109763</a></td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Dec 23, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-crypto-driver">Elevation of privilege vulnerability in +Qualcomm crypto driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm crypto driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10289</td> + <td>A-33899710<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816"> +QC-CR#1116295</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Dec 24, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-shared-memory-driver">Elevation of privilege +vulnerability in Qualcomm shared memory driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm shared memory driver +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10290</td> + <td>A-33898330<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>Dec 24, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-slimbus-driver">Elevation of privilege vulnerability in +Qualcomm Slimbus driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm Slimbus driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10291</td> + <td>A-34030871<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de"> +QC-CR#986837</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td> + <td>Dec 31, 2016</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-adsprpc-driver">Elevation of privilege vulnerability in +Qualcomm ADSPRPC driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0465</td> + <td>A-34112914<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544"> +QC-CR#1110747</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Jan 5, 2017</td> + </tr> +</table> + + +<h3 +id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Elevation +of privilege vulnerability in Qualcomm Secure Execution Environment +Communicator driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm Secure Execution +Environment Communicator driver could enable a local malicious application to +execute arbitrary code within the context of the kernel. This issue is rated as +High because it first requires compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0612</td> + <td>A-34389303<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb"> +QC-CR#1061845</a></td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Jan 10, 2017</td> + </tr> + <tr> + <td>CVE-2017-0613</td> + <td>A-35400457<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747"> +QC-CR#1086140</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2017-0614</td> + <td>A-35399405<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604"> +QC-CR#1080290</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-mediatek-power-driver">Elevation of privilege vulnerability in +MediaTek power driver</h3> + +<p>An elevation of privilege vulnerability in the MediaTek power driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0615</td> + <td>A-34259126*<br> + M-ALPS03150278</td> + <td>High</td> + <td>None**</td> + <td>Jan 12, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-mediatek-system-management-interrupt-driver">Elevation of +privilege vulnerability in MediaTek system management interrupt driver</h3> + +<p>An elevation of privilege vulnerability in the MediaTek system management +interrupt driver could enable a local malicious application to execute +arbitrary code within the context of the kernel. This issue is rated as High +because it first requires compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0616</td> + <td>A-34470286*<br> + M-ALPS03149160</td> + <td>High</td> + <td>None**</td> + <td>Jan 19, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-mediatek-video-driver">Elevation of privilege vulnerability in +MediaTek video driver</h3> + +<p>An elevation of privilege vulnerability in the MediaTek video driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0617</td> + <td>A-34471002*<br> + M-ALPS03149173</td> + <td>High</td> + <td>None**</td> + <td>Jan 19, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-mediatek-command-queue-driver">Elevation of privilege +vulnerability in MediaTek command queue driver</h3> + +<p>An elevation of privilege vulnerability in the MediaTek command queue driver +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0618</td> + <td>A-35100728*<br> + M-ALPS03161536</td> + <td>High</td> + <td>None**</td> + <td>Feb 7, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="eop-in-qualcomm-pin-controller-driver">Elevation of privilege +vulnerability in Qualcomm pin controller driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm pin controller driver +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0619</td> + <td>A-35401152<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1"> +QC-CR#826566</a></td> + <td>High</td> + <td>Nexus 6, Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-secure-channel-manager-driver">Elevation of privilege +vulnerability in Qualcomm Secure Channel Manager Driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager +driver could enable a local malicious application to execute arbitrary code +within the context of the kernel. This issue is rated as High because it first +requires compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0620</td> + <td>A-35401052<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed"> +QC-CR#1081711</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-sound-codec-driver">Elevation of privilege +vulnerability in Qualcomm sound codec driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm sound codec driver +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-5862</td> + <td>A-35399803<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04"> +QC-CR#1099607</a></td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-kernel-voltage-regulator-driver">Elevation of privilege +vulnerability in kernel voltage regulator driver</h3> + +<p>An elevation of privilege vulnerability in the kernel voltage regulator driver +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2014-9940</td> + <td>A-35399757<br> + <a +href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba"> +Upstream kernel</a></td> + <td>High</td> + <td>Nexus 6, Nexus 9, Pixel C, Android One, Nexus Player</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-camera-driver">Elevation of privilege vulnerability in +Qualcomm camera driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm camera driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0621</td> + <td>A-35399703<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f"> +QC-CR#831322</a></td> + <td>High</td> + <td>Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-qualcomm-networking-driver">Elevation of privilege vulnerability +in Qualcomm networking driver</h3> + +<p>An elevation of privilege vulnerability in the Qualcomm networking driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-5868</td> + <td>A-35392791<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c"> +QC-CR#1104431</a></td> + <td>High</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-kernel-networking-subsystem">Elevation of privilege +vulnerability in kernel networking subsystem</h3> + +<p>An elevation of privilege vulnerability in the kernel networking subsystem +could enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-7184</td> + <td>A-36565222<br> + <a +href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> +Upstream kernel</a> <a +href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> +[2]</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Android One</td> + <td>Mar 23, 2017</td> + </tr> +</table> + + +<h3 id="eop-in-goodix-touchscreen-driver">Elevation of privilege vulnerability +in Goodix touchscreen driver</h3> + +<p>An elevation of privilege vulnerability in the Goodix touchscreen driver could +enable a local malicious application to execute arbitrary code within the +context of the kernel. This issue is rated as High because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0622</td> + <td>A-32749036<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10"> +QC-CR#1098602</a></td> + <td>High</td> + <td>Android One</td> + <td>Google internal</td> + </tr> +</table> + + +<h3 id="eop-in-htc-bootloader">Elevation of privilege vulnerability in HTC +bootloader</h3> + +<p>An elevation of privilege vulnerability in the HTC bootloader could enable a +local malicious application to execute arbitrary code within the context of the +bootloader. This issue is rated as High because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0623</td> + <td>A-32512358*<br> + </td> + <td>High</td> + <td>Pixel, Pixel XL</td> + <td>Google Internal</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="id-in-qualcomm-wi-fi-driver">Information disclosure vulnerability in +Qualcomm Wi-Fi driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm Wi-Fi driver could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as High because it could be used to access +sensitive data without explicit user permission.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0624</td> + <td>A-34327795*<br> + QC-CR#2005832</td> + <td>High</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>Jan 16, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="id-in-mediatek-command-queue-driver">Information disclosure +vulnerability in MediaTek command queue driver</h3> + +<p>An information disclosure vulnerability in the MediaTek command queue driver +could enable a local malicious application to access data outside of its +permission levels. This issue is rated as High because it could be used to +access sensitive data without explicit user permission.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0625</td> + <td>A-35142799*<br> + M-ALPS03161531</td> + <td>High</td> + <td>None**</td> + <td>Feb 8, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="id-in-qualcomm-crypto-engine-driver">Information disclosure +vulnerability in Qualcomm crypto engine driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm crypto engine driver +could enable a local malicious application to access data outside of its +permission levels. This issue is rated as High because it could be used to +access sensitive data without explicit user permission.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0626</td> + <td>A-35393124<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004"> +QC-CR#1088050</a></td> + <td>High</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="dos-in-qualcomm-wi-fi-driver">Denial of service vulnerability in +Qualcomm Wi-Fi driver</h3> + +<p>A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a +proximate attacker to cause a denial of service in the Wi-Fi subsystem. This +issue is rated as High due to the possibility of remote denial of service.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10292</td> + <td>A-34514463*<br> + QC-CR#1065466</td> + <td>High</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>Dec 16, 2016</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="id-in-kernel-uvc-driver">Information disclosure vulnerability in kernel +UVC driver</h3> + +<p>An information disclosure vulnerability in the kernel UVC driver could enable a +local malicious application to access data outside of its permission levels. +This issue is rated as Moderate because it first requires compromising a +privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0627</td> + <td>A-33300353*<br> + </td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td> + <td>Dec 2, 2016</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="id-in-qualcomm-video-driver">Information disclosure vulnerability in +Qualcomm video driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm video driver could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10293</td> + <td>A-33352393<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f"> +QC-CR#1101943</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6P, Android One</td> + <td>Dec 4, 2016</td> + </tr> +</table> + + +<h3 id="id-in-qualcomm-power-driver-(device-specific)">Information disclosure +vulnerability in Qualcomm power driver (device specific)</h3> + +<p>An information disclosure vulnerability in the Qualcomm power driver could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10294</td> + <td>A-33621829<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c"> +QC-CR#1105481</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>Dec 14, 2016</td> + </tr> +</table> + + +<h3 id="id-in-qualcomm-led-driver">Information disclosure vulnerability in +Qualcomm LED driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm LED driver could enable +a local malicious application to access data outside of its permission levels. +This issue is rated as Moderate because it first requires compromising a +privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10295</td> + <td>A-33781694<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9"> +QC-CR#1109326</a></td> + <td>Moderate</td> + <td>Pixel, Pixel XL</td> + <td>Dec 20, 2016</td> + </tr> +</table> + + +<h3 id="id-in-qualcomm-shared-memory-driver">Information disclosure +vulnerability in Qualcomm shared memory driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm shared memory driver +could enable a local malicious application to access data outside of its +permission levels. This issue is rated as Moderate because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-10296</td> + <td>A-33845464<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Dec 22, 2016</td> + </tr> +</table> + + +<h3 id="id-in-qualcomm-camera-driver">Information disclosure vulnerability in +Qualcomm camera driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm camera driver could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0628</td> + <td>A-34230377<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL</td> + <td>Jan 10, 2017</td> + </tr> + <tr> + <td>CVE-2017-0629</td> + <td>A-35214296<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL</td> + <td>Feb 8, 2017</td> + </tr> +</table> + + +<h3 id="id-in-kernel-trace-subsystem">Information disclosure vulnerability in +kernel trace subsystem</h3> + +<p>An information disclosure vulnerability in the kernel trace subsystem could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0630</td> + <td>A-34277115*<br> + </td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>Jan 11, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="id-in-qualcomm-sound-codec-driver">Information disclosure vulnerability +in Qualcomm sound codec driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm sound codec driver +could enable a local malicious application to access data outside of its +permission levels. This issue is rated as Moderate because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-5858</td> + <td>A-35400153<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> +QC-CR#1096799</a> <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> +[2]</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="id-in-qualcomm-camera-driver-2">Information disclosure vulnerability in +Qualcomm camera driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm camera driver could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0631</td> + <td>A-35399756<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8"> +QC-CR#1093232</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="id-in-qualcomm-sound-driver">Information disclosure vulnerability in +Qualcomm sound driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm sound driver could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-5347</td> + <td>A-35394329<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6"> +QC-CR#1100878</a></td> + <td>Moderate</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="id-in-qualcomm-spcom-driver">Information disclosure vulnerability in +Qualcomm SPCom driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm SPCom driver could +enable a local malicious application to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2016-5854</td> + <td>A-35392792<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9"> +QC-CR#1092683</a></td> + <td>Moderate</td> + <td>None*</td> + <td>Feb 15, 2017</td> + </tr> + <tr> + <td>CVE-2016-5855</td> + <td>A-35393081<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834"> +QC-CR#1094143</a></td> + <td>Moderate</td> + <td>None*</td> + <td>Feb 15, 2017</td> + </tr> +</table> + +<p>* Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + + +<h3 id="id-in-qualcomm-sound-codec-driver-2">Information disclosure +vulnerability in Qualcomm sound codec driver</h3> + +<p>An information disclosure vulnerability in the Qualcomm sound codec driver +could enable a local malicious application to access data outside of its +permission levels. This issue is rated as Moderate because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0632</td> + <td>A-35392586<br> + <a +href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f"> +QC-CR#832915</a></td> + <td>Moderate</td> + <td>Android One</td> + <td>Feb 15, 2017</td> + </tr> +</table> + + +<h3 id="id-in-broadcom-wi-fi-driver">Information disclosure vulnerability in +Broadcom Wi-Fi driver</h3> + +<p>An information disclosure vulnerability in the Broadcom Wi-Fi driver could +enable a local malicious component to access data outside of its permission +levels. This issue is rated as Moderate because it first requires compromising +a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0633</td> + <td>A-36000515*<br> + B-RB#117131</td> + <td>Moderate</td> + <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td> + <td>Feb 23, 2017</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="id-in-synaptics-touchscreen-driver">Information disclosure +vulnerability in Synaptics touchscreen driver</h3> + +<p>An information disclosure vulnerability in the Synaptics touchscreen driver +could enable a local malicious application to access data outside of its +permission levels. This issue is rated as Moderate because it first requires +compromising a privileged process.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2017-0634</td> + <td>A-32511682*<br> + </td> + <td>Moderate</td> + <td>Pixel, Pixel XL</td> + <td>Google internal</td> + </tr> +</table> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + + +<h3 id="vulnerabilities-in-qualcomm-components-2">Vulnerabilities in Qualcomm +components</h3> + +<p>These vulnerabilities affecting Qualcomm components were released as part of +Qualcomm AMSS security bulletins between 2014–2016. They are included in this +Android security bulletin to associate their fixes with an Android security +patch level.</p> + +<table> + <col width="19%"> + <col width="20%"> + <col width="10%"> + <col width="23%"> + <col width="17%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Severity</th> + <th>Updated Google devices</th> + <th>Date reported</th> + </tr> + <tr> + <td>CVE-2014-9923</td> + <td>A-35434045**<br> + QC-CR#403910</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9924</td> + <td>A-35434631**<br> + QC-CR#596102</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9925</td> + <td>A-35444657**<br> + QC-CR#638130</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9926</td> + <td>A-35433784**<br> + QC-CR#631527</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9927</td> + <td>A-35433785**<br> + QC-CR#661111</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9928</td> + <td>A-35438623**<br> + QC-CR#696972</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9929</td> + <td>A-35443954**<br> + QC-CR#644783</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9930</td> + <td>A-35432946**<br> + QC-CR#634637</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2015-9005</td> + <td>A-36393500**<br> + QC-CR#741548</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2015-9006</td> + <td>A-36393450**<br> + QC-CR#750559</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2015-9007</td> + <td>A-36393700**<br> + QC-CR#807173</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2016-10297</td> + <td>A-36393451**<br> + QC-CR#1061123</td> + <td>Critical</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9941</td> + <td>A-36385125**<br> + QC-CR#509915</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9942</td> + <td>A-36385319**<br> + QC-CR#533283</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9943</td> + <td>A-36385219**<br> + QC-CR#546527</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9944</td> + <td>A-36384534**<br> + QC-CR#613175</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9945</td> + <td>A-36386912**<br> + QC-CR#623452</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9946</td> + <td>A-36385281**<br> + QC-CR#520149</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9947</td> + <td>A-36392400**<br> + QC-CR#650540</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9948</td> + <td>A-36385126**<br> + QC-CR#650500</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9949</td> + <td>A-36390608**<br> + QC-CR#652426</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9950</td> + <td>A-36385321**<br> + QC-CR#655530</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9951</td> + <td>A-36389161**<br> + QC-CR#525043</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> + <tr> + <td>CVE-2014-9952</td> + <td>A-36387019**<br> + QC-CR#674836</td> + <td>High</td> + <td>None***</td> + <td>Qualcomm internal</td> + </tr> +</table> + +<p>* The severity rating for these vulnerabilities was determined by the vendor.</p> + +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the +<a href="https://developers.google.com/android/nexus/drivers"> +Google Developer site</a>.</p> + +<p>*** Supported Google devices on Android 7.1.1 or later that have installed all +available updates are not affected by this vulnerability.</p> + +<h2 id="common-questions-and-answers">Common Questions and Answers</h2> +<p>This section answers common questions that may occur after reading this +bulletin.</p> + +<p><strong>1. How do I determine if my device is updated to address these issues? +</strong></p> + +<p>To learn how to check a device's security patch level, read the instructions on +the +<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel +and Nexus update schedule</a>.</p> + +<ul> +<li>Security patch levels of 2017-05-01 or later address all issues associated +with the 2017-05-01 security patch level.</li> +<li>Security patch levels of 2017-05-05 or later address all issues associated +with the 2017-05-05 security patch level and all previous patch levels. +</li> +</ul> + +<p>Device manufacturers that include these updates should set the patch string +level to:</p> +<ul> +<li>[ro.build.version.security_patch]:[2017-05-01]</li> +<li>[ro.build.version.security_patch]:[2017-05-05]</li> +</ul> + +<p><strong>2. Why does this bulletin have two security patch levels?</strong></p> + +<p>This bulletin has two security patch levels so that Android partners have the +flexibility to fix a subset of vulnerabilities that are similar across all +Android devices more quickly. Android partners are encouraged to fix all issues +in this bulletin and use the latest security patch level.</p> +<ul> +<li>Devices that use the May 01, 2017 security patch level must include all +issues associated with that security patch level, as well as fixes for all +issues reported in previous security bulletins.</li> +<li>Devices that use the security patch level of May 05, 2017 or newer must +include all applicable patches in this (and previous) security +bulletins.</li> +</ul> + +<p>Partners are encouraged to bundle the fixes for all issues they are addressing +in a single update.</p> + +<p><strong>3. How do I determine which Google devices are affected by each +issue?</strong></p> + +<p>In the <a +href="#2017-05-01-details">2017-05-01</a> and +<a href="#2017-05-05-details">2017-05-05</a> +security vulnerability details sections, each table has an <em>Updated Google +devices</em> column that covers the range of affected Google devices updated for +each issue. This column has a few options:</p> +<ul> +<li><strong>All Google devices</strong>: If an issue affects All and Pixel +devices, the table will have "All" in the <em>Updated Google devices</em> +column. "All" encapsulates the following <a +href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported +devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, +Pixel C, Pixel, and Pixel XL.</li> +<li><strong>Some Google devices</strong>: If an issue doesn't affect all Google +devices, the affected Google devices are listed in the <em>Updated Google +devices</em> column.</li> +<li><strong>No Google devices</strong>: If no Google devices running Android 7.0 +are affected by the issue, the table will have "None" in the <em>Updated Google +devices</em> column. </li> +</ul> +<p><strong>4. What do the entries in the references column map to?</strong></p> + +<p>Entries under the <em>References</em> column of the vulnerability details table +may contain a prefix identifying the organization to which the reference value +belongs. These prefixes map as follows:</p> + +<table> + <tr> + <th>Prefix</th> + <th>Reference</th> + </tr> + <tr> + <td>A-</td> + <td>Android bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm reference number</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek reference number</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA reference number</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom reference number</td> + </tr> +</table> +<h2 id="revisions">Revisions</h2> +<ul> +<li>May 01, 2017: Bulletin published.</li> +</ul> +</body> +</html> |