May 2016 Security Updates for Nexus Devices are now Live

5

Starting today the Nexus devices are eligible for the May 2016 Security updates, at this moment only factory images are available at the Google developers page and the OTA’s shall arrive later as always. As we are breaking this news, there is not a hint of what actually has changed in this update but we are sure that things are mostly made to work as software patches as mentioned in the Android Security Bulletin below.

nexus_may_2016_update

The Nexus 6P, Nexus 5X are getting the build number MTC19T based on Android 6.0.1. For the Nexus 6 there are two builds listed MMB30G and MOB30I, the latter being the latest one. The Nexus 5 gets the build number MOB30H, while Nexus 9 (LTE& Wi-Fi) gets MMB30G again. The Nexus 7 2013 editions (Wi-fi & Mobile) both are getting build MOB30J.

Security Vulnerability Summary (Android Security Bulletin)

Issue CVE Severity Affects Nexus?
Remote Code Execution Vulnerability in Mediaserver CVE-2016-2428
CVE-2016-2429
Critical Yes
Elevation of Privilege Vulnerability in Debuggerd CVE-2016-2430 Critical Yes
Elevation of Privilege Vulnerability in Qualcomm TrustZone CVE-2016-2431
CVE-2016-2432
Critical Yes
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver CVE-2015-0569
CVE-2015-0570
Critical Yes
Elevation of Privilege Vulnerability in NVIDIA Video Driver CVE-2016-2434
CVE-2016-2435
CVE-2016-2436
CVE-2016-2437
Critical Yes
Elevation of Privilege Vulnerability in Kernel CVE-2015-1805 Critical Yes
Remote Code Execution Vulnerability in Kernel CVE-2016-2438 High Yes
Information Disclosure Vulnerability in Qualcomm Tethering Controller CVE-2016-2060 High No
Remote Code Execution in Bluetooth CVE-2016-2439 High Yes
Elevation of Privilege in Binder CVE-2016-2440 High Yes
Elevation of Privilege Vulnerability in Qualcomm Buspm Driver CVE-2016-2441
CVE-2016-2442
High Yes
Elevation of Privilege Vulnerability in Qualcomm MDP Driver CVE-2016-2443 High Yes
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver CVE-2015-0571 High Yes
Elevation of Privilege Vulnerability in NVIDIA Video Driver CVE-2016-2444
CVE-2016-2445
CVE-2016-2446
High Yes
Elevation of Privilege in Wi-Fi CVE-2016-2447 High Yes
Elevation of Privilege Vulnerability in Mediaserver CVE-2016-2448
CVE-2016-2449
CVE-2016-2450
CVE-2016-2451
CVE-2016-2452
High Yes
Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver CVE-2016-2453 High Yes
Remote Denial of Service Vulnerability in Qualcomm Hardware Codec CVE-2016-2454 High Yes
Elevation of Privilege in Conscrypt CVE-2016-2461
CVE-2016-2462
Moderate Yes
Elevation of Privilege Vulnerability in OpenSSL & BoringSSL CVE-2016-0705 Moderate Yes
Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver CVE-2016-2456 Moderate Yes
Elevation of Privilege in Wi-Fi CVE-2016-2457 Moderate Yes
Information Disclosure Vulnerability in AOSP Mail CVE-2016-2458 Moderate Yes
Information Disclosure Vulnerability in Mediaserver CVE-2016-2459
CVE-2016-2460
Moderate Yes
Denial of Service Vulnerability in Kernel CVE-2016-0774 Low Yes

Source

Share.
  • pedrovarela

    This update completely destroy my phone, it freeze, reboots alone, wi-fi not working.. it is a terrible.

    • Which phone do u have ?

      • pedrovarela

        nexus 5. please don’t tell me, “Do a factory reset” now it is worst.. I even received a Kernel Panic message, now it is usless.

        • fitnesspro22

          There is something that doesn’t jive. I have had my NEXUS 5 since December 2013. The best phone ever. (Previously, Galaxies 2,3 & 4 and iPhone 5 were total disaster). Updated my 5 to

        • TrollSoul

          Have you tried wiping your cache partition? This has been pretty solid for me so far on Nexus 5 as well.