Google has officially released a full bulletin breakdown to go with the November 2017 Android Security update, which went live for select Pixel and Nexus devices earlier today. The patch breakdown was released for the November 6, 2017 patch level, and includes details on all fixes in all three of the patch levels made available earlier today, which includes November 1st, November 5th, and November 6th. The patches for the 1st and 5th include 11 fixes each, then there are 9 fixes for the November 6th patch, putting this month’s total patch level at 31 fixes. While Android partners were all notified of the issues in the November 1st and 5th patches at least one month ago, the fixes included in the November 6th patch were a bit more recent. Partners were still notified before publication of the patch details. For those publishers who did not implement fixes yet, as well as ROM builders, the patches will be appearing gradually in AOSP over the next few days.
The highest priority in the two primary patches was a group of critical-level vulnerabilities in Android’s built-in media services. These vulnerabilities, exploited correctly, could potentially allow a hacker full remote access to any device, rooted or unrooted. Other major vulnerabilities patched up included but were not limited to holes in WLAN drivers, GPU drivers, and camera drivers. The patch for November 6th, meanwhile, was actually a single fix spread across 9 separate implementations for compatibility. Android versions affected by these fixes ran the gamut all the way from Android 4.4 (KitKat) to Android 8.0 (Oreo).
The patches described are already live for select devices, albeit in factory image form, requiring manual flashing for now. OTA updates for select Pixel and Nexus devices will likely begin soon, now that Google has published the patch notes, and with the fixes going to AOSP, they will likely be in the next updates for popular devices like the Samsung Galaxy S8, Moto Z2 Force, and LG V30. This means that those running custom ROMs, on both older and newer devices, will be able to ask their maintainer to build the patches into their ROM of choice soon, or even do it themselves, if they are so inclined and have the skill to do so.