Earlier today BlackBerry rolled out an update for the BlackBerry Priv which contained Google’s January 2016 Security updates. Google have now released factory images with the same January security patch for Nexus devices.
You can now download the latest factory image from Google and flash it yourself. The update is still Android 6.0.1, but carries a different version number depending which phone or tablet you are using.
The update is available for:
- Nexus 5
- Nexus 5X
- Nexus 6P
- Nexus 6
- Nexus Player
- Nexus 7
- Nexus 9
The table below contains a list of security vulnerabilities, the Common Vulnerability and Exposures ID (CVE), and their assessed severity.
[table style=”table-striped”]
| Issue | CVE | Severity |
|---|---|---|
| Remote Code Execution Vulnerability in Mediaserver | CVE-2015-6636 | Critical |
| Elevation of Privilege Vulnerability in misc-sd driver | CVE-2015-6637 | Critical |
| Elevation of Privilege Vulnerability in the Imagination Technologies driver | CVE-2015-6638 | Critical |
| Elevation of Privilege Vulnerabilities in Trustzone | CVE-2015-6639 | Critical |
| Elevation of Privilege Vulnerability in Kernel | CVE-2015-6640 | Critical |
| Elevation of Privilege Vulnerability in Bluetooth | CVE-2015-6641 | High |
| Information Disclosure Vulnerability in Kernel | CVE-2015-6642 | High |
| Elevation of Privilege Vulnerability in Setup Wizard | CVE-2015-6643 | Moderate |
| Elevation of Privilege Vulnerability in Wi-Fi | CVE-2015-5310 | Moderate |
| Information Disclosure Vulnerability in Bouncy Castle | CVE-2015-6644 | Moderate |
| Denial of Service Vulnerability in SyncManager | CVE-2015-6645 | Moderate |
| Attack Surface Reduction for Nexus Kernels | CVE-2015-6646 | Moderate |
[/table]
You can check out full details of the Security Bulletin January 2016 here.
