It’s February, so that means Google has released a new set of Android security patches that have been found and fixed in the last month. The update also means that Nexus devices still covered by the software update process will also be able to either flash a new image, or will receive an Over The Air (OTA) update with the new updates in a few days.
The list of issues included in the February security update with the associated Common Vulnerability and Exposure ID (CVE), as well as a description of and severity of the issue has been detailed by Google on their security blog:
|Remote Code Execution Vulnerability in Broadcom Wi-Fi Driver||CVE-2016-0801
|Remote Code Execution Vulnerability in Mediaserver||CVE-2016-0803
|Elevation of Privilege Vulnerability in Qualcomm Performance Module||CVE-2016-0805||Critical|
|Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver||CVE-2016-0806||Critical|
|Elevation of Privilege Vulnerability in the Debugger Daemon||CVE-2016-0807||Critical|
|Denial of Service Vulnerability in Minikin||CVE-2016-0808||High|
|Elevation of Privilege Vulnerability in Wi-Fi||CVE-2016-0809||High|
|Elevation of Privilege Vulnerability in Mediaserver||CVE-2016-0810||High|
|Information Disclosure Vulnerability in libmediaplayerservice||CVE-2016-0811||High|
|Elevation of Privilege Vulnerability in Setup Wizard||CVE-2016-0812
As usual, the updated factory images for Nexus 5, 5X, 6, 6P, 7 (2013) – which all get build MMB29Q, while the Nexus 9 gets build MMB29R, the Nexus Player gets build MMB29U and finally, the Nexus like Pixel C gets build MXB48T based on Android 6.0.1. You can download the factory images as well as associated Binaries from the Nexus Factory Images page.