diff options
Diffstat (limited to 'en/security/bulletin/pixel/2017-11-01.html')
-rw-r--r-- | en/security/bulletin/pixel/2017-11-01.html | 885 |
1 files changed, 885 insertions, 0 deletions
diff --git a/en/security/bulletin/pixel/2017-11-01.html b/en/security/bulletin/pixel/2017-11-01.html new file mode 100644 index 00000000..e4da8a22 --- /dev/null +++ b/en/security/bulletin/pixel/2017-11-01.html @@ -0,0 +1,885 @@ +<html devsite> + <head> + <title>Pixel / Nexus Security Bulletin—November 2017</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + //www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>Published November 6, 2017 | Updated November 8, 2017</em></p> +<p> +The Pixel / Nexus Security Bulletin contains details of security vulnerabilities +and functional improvements affecting <a +href="//support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported +Google Pixel and Nexus devices</a> (Google devices). +For Google devices, security patch levels of 2017-11-05 or later also address all +issues in this bulletin. To learn how to check a device's security patch level, see <a +href="//support.google.com/pixelphone/answer/4457705">Check and update your +Android version</a>. +</p> +<p> +All supported Google devices will receive an update to the 2017-11-05 patch +level. We encourage all customers to accept these updates to their devices. +</p> +<p class="note"> +<strong>Note:</strong> The Google device firmware images are available on the <a +href="//developers.google.com/android/nexus/images">Google Developer site</a>. +</p> +<h2 id="announcements">Announcements</h2> +<p> +In addition to the security vulnerabilities described in the <a +href="/security/bulletin/2017-11-01">November 2017 Android +Security Bulletin</a>, Pixel and Nexus devices also contain patches for the +security vulnerabilities described below. Partners were notified of these issues +at least a month ago and may choose to incorporate them as part of their device +updates. +</p> +<h2 id="security-patches">Security patches</h2> +<p> +Vulnerabilities are grouped under the component that they affect. There is a +description of the issue and a table with the CVE, associated references, <a +href="#type">type of vulnerability</a>, <a +href="/security/overview/updates-resources.html#severity">severity</a>, +and updated Android Open Source Project (AOSP) versions (where applicable). When +available, we link the public change that addressed the issue to the bug ID, +like the AOSP change list. When multiple changes relate to a single bug, +additional references are linked to numbers following the bug ID. +</p> + +<h3 id="framework">Framework</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0845</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e5787fc13164856e39690e40e81d3d46839eea16">A-35028827</a></td> + <td>DoS</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> +</table> + + +<h3 id="media-framework">Media framework</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0838</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/528c7dd7c2387ac634b23973d0c1120d0f3d7ee7">A-63522818</a></td> + <td>EoP</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0852</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/5aee2541810f19aec67a1a9ea64973eb557aae9c">A-62815506</a></td> + <td>DoS</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0</td> + </tr> + <tr> + <td>CVE-2017-0847</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/d162b02aefa4d2039f377ba9a45d753cd84d75f6">A-65540999</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>8.0</td> + </tr> + <tr> + <td>CVE-2017-0848</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/2bec2c3b1fd778b35f45ff4f8b385ff9208fe692">A-64477217</a></td> + <td>ID</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0849</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/aa11ab9fdbb63766703a6280f4fc778f2f2c91ed">A-62688399</a></td> + <td>ID</td> + <td>Moderate</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>CVE-2017-0850</td> + <td>A-64836941<a href="#asterisk">*</a></td> + <td>ID</td> + <td>Moderate</td> + <td>7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0851</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/8c5bb82f982e5949b3c2e3e0c80045cc5ff30ac8">A-35430570</a></td> + <td>ID</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0853</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libmpeg2/+/dd89269aa283dd740fd16c6d7d3cf225b3623338">A-63121644</a></td> + <td>ID</td> + <td>Moderate</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0854</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libmpeg2/+/8c0289c09cddd378cd9a321ccdb1c62e7b80f626">A-63873837</a></td> + <td>ID</td> + <td>Moderate</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0857</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libavc/+/3eb692de916c3576a18990e3e4193fce93c016dc">A-65122447</a></td> + <td>NSI</td> + <td>NSI</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0858</td> + <td rowspan="2"><a href="https://android.googlesource.com/platform/external/libavc/+/208c74d62a3e1039dc87818306e057877760fbaa">A-64836894</a></td> + <td>NSI</td> + <td>NSI</td> + <td>7.0, 7.1.1, 7.1.2, 8.0</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> + <tr> + <td rowspan="2">CVE-2017-0859</td> + <td rowspan="2">A-36075131<a href="#asterisk">*</a></td> + <td>NSI</td> + <td>NSI</td> + <td>7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1</td> + </tr> +</table> + + +<h3 id="runtime">Runtime</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2016-2105</td> + <td>A-63710022<a href="#asterisk">*</a></td> + <td>RCE</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1</td> + </tr> + <tr> + <td>CVE-2016-2106</td> + <td>A-63709511<a href="#asterisk">*</a></td> + <td>RCE</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1</td> + </tr> + <tr> + <td>CVE-2017-3731</td> + <td>A-63710076<a href="#asterisk">*</a></td> + <td>ID</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1</td> + </tr> +</table> + + +<h3 id="system">System</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0860</td> + <td><a href="https://android.googlesource.com/platform/frameworks/native/+/5508ca2c191f8fdf29d8898890a58bf1a3a225b3">A-31097064</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> +</table> + + +<h3 id="kernel-components">Kernel components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-6001</td> + <td>A-37901413<br /> + <a href="//android-review.googlesource.com/#/c/438399/">Upstream +kernel</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Core kernel</td> + </tr> + <tr> + <td>CVE-2017-0861</td> + <td>A-36006981<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Audio driver</td> + </tr> + <tr> + <td>CVE-2017-0862</td> + <td>A-36006779<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Kernel</td> + </tr> + <tr> + <td>CVE-2017-11600</td> + <td>A-64257838<br /> + <a href="//git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git/commit/?id=7bab09631c2a303f87a7eb7e3d69e888673b9b7e"> +Upstream kernel</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Networking subsystem</td> + </tr> + <tr> + <td>CVE-2017-0863</td> + <td>A-37950620<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> +</table> + + +<h3 id="mediatek-components">MediaTek components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0864</td> + <td>A-37277147<a href="#asterisk">*</a><br /> + M-ALPS03394571</td> + <td>EoP</td> + <td>Moderate</td> + <td>IoCtl (Flashlight)</td> + </tr> + <tr> + <td>CVE-2017-0865</td> + <td>A-65025090<a href="#asterisk">*</a><br /> + M-ALPS02973195</td> + <td>EoP</td> + <td>Moderate</td> + <td>SoC driver</td> + </tr> +</table> + + +<h3 id="nvidia-components">NVIDIA components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0866</td> + <td>A-38415808<a href="#asterisk">*</a><br /> + N-CVE-2017-0866</td> + <td>EoP</td> + <td>Moderate</td> + <td>Direct rendering infrastructure</td> + </tr> + <tr> + <td>CVE-2017-6274 </td> + <td>A-34705801<a href="#asterisk">*</a><br /> + N-CVE-2017-6274</td> + <td>EoP</td> + <td>Moderate</td> + <td>Thermal driver</td> + </tr> + <tr> + <td>CVE-2017-6275</td> + <td>A-34702397<a href="#asterisk">*</a><br /> + N-CVE-2017-6275</td> + <td>ID</td> + <td>Moderate</td> + <td>Thermal driver</td> + </tr> +</table> + + +<h3 id="qualcomm-components">Qualcomm components</h3> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-11073</td> + <td>A-62084791<a href="#asterisk">*</a><br /> + QC-CR#2064767</td> + <td>EoP</td> + <td>Moderate</td> + <td>Networking subsystem</td> + </tr> + <tr> + <td>CVE-2017-11035</td> + <td>A-64431968<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c5060da3e741577578d66dfadb7922d853da6156"> +QC-CR#2055659</a> + [<a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=cc1896424ae7a346090f601bc69c6ca51d9c3e04">2</a>]</td> + <td>EoP</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11012</td> + <td>A-64455446<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7d0e40d328fa092c36b9585516ed29fc6041be55"> +QC-CR#2054760</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11085</td> + <td>A-62952032<a href="#asterisk">*</a><br /> + QC-CR#2077909</td> + <td>EoP</td> + <td>Moderate</td> + <td>Audio</td> + </tr> + <tr> + <td>CVE-2017-11091</td> + <td>A-37478866<a href="#asterisk">*</a><br /> + QC-CR#2064235</td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> + <tr> + <td>CVE-2017-11026</td> + <td>A-64453104<br /> + <a +href="//source.codeaurora.org/quic/la/kernel/lk/commit/?id=88af13428d72d980003d99dd1dd0894ec3799a3e">QC-CR#1021460</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Linux boot</td> + </tr> + <tr> + <td>CVE-2017-11038</td> + <td>A-35888677<a href="#asterisk">*</a><br /> + QC-CR#2034087</td> + <td>EoP</td> + <td>Moderate</td> + <td>Memory subsystem</td> + </tr> + <tr> + <td>CVE-2017-11032</td> + <td>A-64431966<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=2720294757d0ad5294283c15dc837852f7b2329a"> +QC-CR#1051435</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Linux kernel</td> + </tr> + <tr> + <td>CVE-2017-9719</td> + <td>A-64438726<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a491499c3490999555b7ccf8ad1a7d6455625807"> +QC-CR#2042697</a> + [<a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d815f54f15d765b5e0035a9d208d71567bcaace0">2</a>]</td> + <td>EoP</td> + <td>Moderate</td> + <td>Display</td> + </tr> + <tr> + <td>CVE-2017-11024</td> + <td>A-64441352<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=f2a482422fefadfa0fa9b4146fc0e2b46ac04922"> +QC-CR#2031178</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Wired connectivity</td> + </tr> + <tr> + <td>CVE-2017-11025</td> + <td>A-64440043<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=95e72ae9281b77abc3ed0cc6a33c17b989241efa"> +QC-CR#2013494</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Audio</td> + </tr> + <tr> + <td>CVE-2017-11023</td> + <td>A-64434485<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=c36e61af0f770125d0061a8d988d0987cc8d116a"> +QC-CR#2029216</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Services</td> + </tr> + <tr> + <td>CVE-2017-11029</td> + <td>A-64433362<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=86f0d207d478e1681f6711b46766cfb3c6a30fb5"> +QC-CR#2025367</a> + [<a href="//source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=74ab23917b82769644a3299da47b58e080aa63f2">2</a>]</td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-11018</td> + <td>A-64441628<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm/commit/?id=1d718286c4c482502a2c4356cebef28aef2fb01f"> +QC-CR#897844</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-9721</td> + <td>A-64441353<br /> + <a href="//source.codeaurora.org/quic/la/kernel/lk/commit/?id=b40eb596bc96724a46bf00bfd9764e87775e7f1e"> +QC-CR#2039552</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Display</td> + </tr> + <tr> + <td>CVE-2017-9702</td> + <td>A-36492827<a href="#asterisk">*</a><br /> + QC-CR#2037398</td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-11089</td> + <td>A-36819059<a href="#asterisk">*</a><br /> + QC-CR#2055013</td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-8239</td> + <td>A-36251230<a href="#asterisk">*</a><br /> + QC-CR#1091603</td> + <td>ID</td> + <td>Moderate</td> + <td>Camera</td> + </tr> + <tr> + <td>CVE-2017-11090</td> + <td>A-36818836<a href="#asterisk">*</a><br /> + QC-CR#2061676</td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11093</td> + <td>A-37625232<a href="#asterisk">*</a><br /> + QC-CR#2077623</td> + <td>ID</td> + <td>Moderate</td> + <td>HDMI</td> + </tr> + <tr> + <td>CVE-2017-8279</td> + <td>A-62378962<br /> + <a href="//source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=f09aee50c2ee6b79d94cb42eafc82413968b15cb"> +QC-CR#2015227</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Services</td> + </tr> + <tr> + <td>CVE-2017-9696</td> + <td>A-36232584<a href="#asterisk">*</a><br /> + QC-CR#2029867</td> + <td>ID</td> + <td>Moderate</td> + <td>Kernel</td> + </tr> + <tr> + <td>CVE-2017-11058</td> + <td>A-37718081<br /> + <a href="//source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4d9812973e8b12700afd8c3d6f36a94506ffb6fc"> +QC-CR#2061251</a></td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-11022</td> + <td>A-64440918<br /> + <a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1379bfb6c09ee2ad5969db45c27fb675602b4ed0">QC-CR#1086582</a> + [<a href="//source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f41e3dbc92d448d3d56cae5517e41a4bafafdf3f">2</a>]</td> + <td>ID</td> + <td>Moderate</td> + <td>WLAN</td> + </tr> + <tr> + <td>CVE-2017-9701</td> + <td>A-63868730<br /> + <a href="//source.codeaurora.org/quic/la//kernel/lk/commit/?id=60a6821ca7723f84067faba64fb883d94357df16"> +QC-CR#2038992</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Linux boot</td> + </tr> + <tr> + <td>CVE-2017-11027</td> + <td>A-64453534<br /> + <a href="//source.codeaurora.org/quic/la/kernel/lk/commit/?id=393e5d1cc9e216e1d37bf25be6c376b395882f29"> +QC-CR#2055630</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Linux boot</td> + </tr> +</table> + +<h2 id="functional-updates">Functional updates</h2> +<p> +These updates are included for affected Pixel devices to address functionality +issues not related to the security of Pixel devices. The table includes +associated references; the affected category, such as Bluetooth or mobile data; +and a summary of the issue. +</p> +<table> + <col width="15%"> + <col width="15%"> + <col width="70%"> + <tr> + <th>References</th> + <th>Category</th> + <th>Improvements</th> + </tr> + <tr> + <td>A-65225835</td> + <td>Audio</td> + <td>Volume warning threshold adjusted in some regions.</td> + </tr> + <tr> + <td>A-37943083</td> + <td>Bluetooth</td> + <td>Improvements for Bluetooth devices only supporting AVRCP version 1.3.</td> + </tr> + <tr> + <td>A-63790458</td> + <td>Bluetooth</td> + <td>Improved headset connection pairing.</td> + </tr> + <tr> + <td>A-64142363</td> + <td>Bluetooth</td> + <td>Improved song info display on some Bluetooth carkits.</td> + </tr> + <tr> + <td>A-64991621</td> + <td>Bluetooth</td> + <td>Improved metadata in some carkits.</td> + </tr> + <tr> + <td>A-65223508</td> + <td>Bluetooth</td> + <td>Improved Bluetooth connections to some carkits.</td> + </tr> + <tr> + <td>A-65463237</td> + <td>Bluetooth</td> + <td>Improved Magic Tether on BLE.</td> + </tr> + <tr> + <td>A-64977836</td> + <td>Camera</td> + <td>Improved Autofocus during video capture.</td> + </tr> + <tr> + <td>A-65099590</td> + <td>Camera</td> + <td>Improved front camera response speed.</td> + </tr> + <tr> + <td>A-68159303</td> + <td>Display</td> + <td>Adjustments to display color mode setting.</td> + </tr> + <tr> + <td>A-68254840</td> + <td>Display</td> + <td>Adjustments to display brightness settings.</td> + </tr> + <tr> + <td>A-68279369</td> + <td>Display</td> + <td>Adjustments to navigation bar brightness.</td> + </tr> + <tr> + <td>A-64103722</td> + <td>Mobile data</td> + <td>Adjusted YouTube switching from mobile data to Wi-Fi.</td> + </tr> + <tr> + <td>A-65113738</td> + <td>Mobile data</td> + <td>Mobile data adjustments on 3 Network.</td> + </tr> + <tr> + <td>A-37187694</td> + <td>Stability</td> + <td>Improved application stability.</td> + </tr> + <tr> + <td>A-67959484</td> + <td>Stability</td> + <td>Adjustments to call quality.</td> + </tr> +</table> + +<h2 id="common-questions-and-answers">Common questions and answers</h2> +<p> +This section answers common questions that may occur after reading this +bulletin. +</p> +<p> +<strong>1. How do I determine if my device is updated to address these issues? +</strong> +</p> +<p> +Security patch levels of 2017-11-05 or later address all issues associated with +the 2017-11-05 security patch level and all previous patch levels. To learn how +to check a device's security patch level, read the instructions on the <a +href="//support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel +and Nexus update schedule</a>. +</p> +<p id="type"> +<strong>2. What do the entries in the <em>Type</em> column mean?</strong> +</p> +<p> +Entries in the <em>Type</em> column of the vulnerability details table reference +the classification of the security vulnerability. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Abbreviation</th> + <th>Definition</th> + </tr> + <tr> + <td>RCE</td> + <td>Remote code execution</td> + </tr> + <tr> + <td>EoP</td> + <td>Elevation of privilege</td> + </tr> + <tr> + <td>ID</td> + <td>Information disclosure</td> + </tr> + <tr> + <td>DoS</td> + <td>Denial of service</td> + </tr> + <tr> + <td>N/A</td> + <td>Classification not available</td> + </tr> +</table> +<p> +<strong>3. What do the entries in the <em>References</em> column mean?</strong> +</p> +<p> +Entries under the <em>References</em> column of the vulnerability details table +may contain a prefix identifying the organization to which the reference value +belongs. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Prefix</th> + <th>Reference</th> + </tr> + <tr> + <td>A-</td> + <td>Android bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm reference number</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek reference number</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA reference number</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom reference number</td> + </tr> +</table> +<p id="asterisk"> +<strong>4. What does a * next to the Android bug ID in the <em>References</em> +column mean?</strong> +</p> +<p> +Issues that are not publicly available have a * next to the Android bug ID in +the <em>References</em> column. The update for that issue is generally contained +in the latest binary drivers for Nexus devices available from the <a +href="//developers.google.com/android/nexus/drivers">Google Developer +site</a>. +</p> +<p> +<strong>5. Why are security vulnerabilities split between this bulletin and the +Android Security Bulletins?</strong> +</p> +<p> +Security vulnerabilities that are documented in the Android Security Bulletins +are required in order to declare the latest security patch level on Android +devices. Additional security vulnerabilities, such as those documented in this +bulletin, are not required for declaring a security patch level. +</p> +<h2 id="versions">Versions</h2> +<table> + <col width="25%"> + <col width="25%"> + <col width="50%"> + <tr> + <th>Version</th> + <th>Date</th> + <th>Notes</th> + </tr> + <tr> + <td>1.0</td> + <td>November 6, 2017</td> + <td>Bulletin published.</td> + </tr> + <tr> + <td>1.1</td> + <td>November 8, 2017</td> + <td>Bulletin updated with AOSP links and additional details on + functional updates.</td> + </tr> +</table> +</body></html> |