Patch Levels

Below is version information for branches and devices for you to judge your device's security upon.

A note on operating system security

There is a singular all-or-nothing, all-encompassing Android security bulletin released every month that covers security issues across the entire system.
Below we break it into five parts solely for ease of understanding for you to determine the general security of a given operating system.
Being behind on any one part means the system is inherently insecure.

  1. the version of Android itself, newer versions have more security features/hardening
  2. the ASB patch level, these are essential security patches
  3. the Pixel ASB patch level, these are recommended security patches and are only provided for the latest Android version
  4. the vendor ASB patch level, see Qualcomm
  5. and lastly the Linux kernel version
Briefly for each operating system:
  • GrapheneOS, with the exception of the Pixel 3/4 series, strictly only supports devices that have all parts updated.
  • CalyxOS, with the exception of the Pixel 3/4 series and other non-Pixel devices, in theory only supports devices that have all parts updated.
  • LineageOS can help with 1, 2, 3, and usually 5, but if a device is out of support by its manufacturer it cannot help with 4.
  • DivestOS, being Lineage based helps with 1, 2, 3, can minimize 4 via the deblobber, and improve 5 significantly using the CVE auto-patcher.
  • Any of the above operating systems will be an improvement for any device that is no longer receiving support from its manufacturer if they continue to offer monthly updates with at least some parts covered.
Furthermore GrapheneOS is a substantially hardened operating system. DivestOS includes some of the security features from GrapheneOS along with its own.
Such hardening changes can prevent exploitation of both known and unknown issues and are not found in LineageOS, CalyxOS, or most other aftermarket systems.

If you are choosing an operating system for security the order is GrapheneOS, then DivestOS, then official LineageOS, with the choice depending on what device you have or can acquire/afford.
At the potential cost of freedom and/or privacy, you may even want to consider the stock OS as long as it is not end-of-life.

What about this other OS?

  • CalyxOS occasionally falls behind updates (see 1 and 2), has no added hardening features, and primarily only supports Pixels which are better supported by GrapheneOS.
  • /e/OS has many severe issues as documented here.
  • UBports, based on Ubuntu 16.04, lacks encryption support, retains many of the Android components via Halium, and uses unpatched & end of life kernels in many of its featured devices.
  • Replicant 6.0, based on LineageOS-13.0, hasn't received any security patches in years and the devices run near decade old Linux 3.0 kernels.
  • GSIs should be avoided, they do not provide the kernel or vendor components and cannot utilize many security features.
  • Lastly many aftermarket systems often do not provide consistent and timely updates to the system WebView component as documented here. This is a security critical component of the system not included in the ASB that is frequently overlooked and/or ignored.

Does DivestOS make my device secure?

The short answer: No.
The long answer is that DivestOS is likely the best harm reduction option if your device is no longer in support by its manufacturer or vendor.
Any project or product claiming they make end-of-life devices secure should be rigorously scrutinized.
If you want a reasonably secure and well-maintained device, please acquire a newer Pixel (6/6a/7) that is fully supported by GrapheneOS and use it instead.
Lastly it must be noted that privacy and security go hand-in-hand, there is a fundamental limit of how much privacy you can achieve if you do not have security backing it up.

Branches

Last updated: 2023-02-05
Asterisk* denotes known missing patches
DivestOS inherently cannot and does not include all patches from the monthly Android Security Bulletin.
The patch level shown in the Settings app on DivestOS should not be regarded as accurate, in favor of this page. It merely conveys the most recent month that it may contain patches from.
Also of note, DivestOS typically takes eight months to stabilize after a new Android version is released.

A historical comparison of operating system patch levels is available here, along with patch counts documented here.

VersionEnd of LifeAndroid Security BulletinPixel Security Bulletin
20.0 / 13.0 / T ★Late ~2026?LOS: 2023-01, DOS: 2023-012023-01
19.1 / 12.1 / SMid ~2025LOS: 2023-01, DOS: 2023-012022-07, 217 days ago
18.1 / 11.0 / RLate ~2023LOS: 2023-01, DOS: 2023-012021-10, 490 days ago
17.1 / 10.0 / QLate ~2022, EOL soon!LOS: 2023-01, DOS: 2023-012020-08, 916 days ago
16.0 / 9.0 / P2022-01, 402 days agoLOS: 2022-01, DOS: 2023-01*2019-08, 1282 days ago
15.1 / 8.1.0 / O2021-10, 490 days agoLOS: 2021-10, DOS: 2023-01*2018-12, 1525 days ago
14.1 / 7.1.2 / N2019-10, 1221 days agoLOS: 2021-06, DOS: 2023-01*2017-12, 1890 days ago

Linux Version Status

Last updated: 2023-02-05

VersionLastEnd of Life
5.155.15.912023-10
5.105.10.1662026-12
5.45.4.2302025-12
4.194.19.2712024-12
4.144.14.3042024-01
4.94.9.3372023-01-07, 31 days ago
4.44.4.3022022-02-03 + 2027-01 (CIP), 369 days ago
3.183.18.1402019-05-16 + 2021-10 (Google/Linaro), 490 days ago
3.103.10.1082017-11-04, 1921 days ago
3.43.4.1132016-10-26, 2295 days ago
3.03.0.1012013-10-22, 3395 days ago

Devices

Last updated: 2023-01-23
Of note, DivestOS only includes firmware on select devices as documented here.
Devices listed below denoted with a '★' can be considered reasonably secure if firmware is included and the device is relocked.

DeviceBranchVendor ASBKernel
akari20.02020-09-014.9.227 + 389 patches
alioth19.12022-08-014.19.113 + 513 patches
Amber17.12020-10-054.4.205 + 403 patches
angler15.1Unknown3.10.73 + 567 patches
apollo14.1Unknown3.4.0 + 790 patches
aura20.02021-02-054.9.336 + 81 patches
aurora20.02020-09-014.9.227 + 389 patches
avicii17.12020-12-014.19.81 + 570 patches
axon715.1Unknown3.18.71 + 692 patches
bacon18.12016-09-013.4.113 + 362 patches
barbet ★20.02023-014.19.252 + 118 patches
beryllium20.02020-12-014.9.337 + 80 patches
bluejay ★20.02023-015.10.107
blueline20.02021-10-054.9.336 + 88 patches
bonito20.02022-05-054.9.336 + 88 patches
bramble ★20.02023-014.19.252 + 118 patches
bullhead15.1Unknown3.10.73 + 578 patches
cheeseburger20.02020-09-014.4.302 + 126 patches
cheetah ★20.02023-015.10.107
cheryl19.12019-11-054.4.302 + 136 patches
clark14.1Unknown3.10.102 + 676 patches
clark17.12017-10-013.10.108 + 406 patches
coral ★20.02022-10-054.14.289 + 111 patches
crackling17.12016-12-013.10.108 + 439 patches
crosshatch20.02021-10-054.9.336 + 88 patches
d2att14.1Unknown3.4.112 + 558 patches
d2spr14.1Unknown3.4.112 + 558 patches
d2tmo14.1Unknown3.4.112 + 558 patches
d2vzw14.1Unknown3.4.112 + 558 patches
d80018.12015-12-013.4.113 + 421 patches
d80118.12015-12-013.4.113 + 421 patches
d80218.12015-12-013.4.113 + 421 patches
d80318.12015-12-013.4.113 + 421 patches
d85018.1Unknown3.4.113 + 436 patches
d85118.1Unknown3.4.113 + 436 patches
d85218.1Unknown3.4.113 + 436 patches
d85518.1Unknown3.4.113 + 436 patches
davinci17.12020-09-014.14.213 + 351 patches
deb15.1Unknown3.4.113 + 439 patches
discovery19.12020-11-014.4.302 + 140 patches
dragon15.1Unknown3.18.0 + 714 patches
dumpling20.02020-09-014.4.302 + 126 patches
enchilada20.02021-11-014.9.336 + 81 patches
ether15.12017-04-013.10.108 + 464 patches
ether18.12017-04-013.10.108 + 459 patches
f40018.1Unknown3.4.113 + 436 patches
fajita20.02021-11-014.9.336 + 81 patches
flame ★20.02022-10-054.14.289 + 111 patches
flo15.12016-08-053.4.113 + 439 patches
flounder15.12017-10-053.10.103 + 437 patches
flounder_lte15.12017-10-053.10.103 + 437 patches
flox18.12016-08-053.4.113 + 406 patches
FP218.12018-04-013.4.113 + 221 patches
FP319.12022-10-054.9.330 + 98 patches
FP4 ★20.02022-11-054.19.269 + 74 patches
fugu15.12017-11-053.10.20 + 648 patches
griffin17.12019-11-013.18.120 + 610 patches
grouper14.1Unknown3.4.113 + 446 patches
guacamoleb ★20.02022-12-054.14.180 + 415 patches
guacamole ★20.02022-12-054.14.180 + 415 patches
h81114.1Unknown3.10.84 + 636 patches
h81514.1Unknown3.10.84 + 636 patches
h83018.1Unknown3.18.113 + 587 patches
h85018.1Unknown3.18.113 + 587 patches
h87015.1Unknown3.18.113 + 599 patches
h91018.1Unknown3.18.113 + 587 patches
h91818.1Unknown3.18.113 + 587 patches
h99018.1Unknown3.18.113 + 587 patches
ham16.02016-06-013.4.113 + 409 patches
hammerhead15.12016-10-053.4.0 + 637 patches
hammerhead16.02016-10-053.4.0 + 637 patches
harpia17.12018-06-013.10.108 + 491 patches
hero2lte14.1Unknown3.18.14 + 749 patches
herolte14.1Unknown3.18.14 + 749 patches
himaul14.1Unknown3.10.84 + 550 patches
himawl14.1Unknown3.10.84 + 550 patches
hotdogb ★20.02022-12-054.14.180 + 415 patches
hotdog ★20.02022-12-054.14.180 + 415 patches
i910014.1Unknown3.0.101 + 413 patches
i930014.1Unknown3.0.101 + 413 patches
i930514.1Unknown3.0.101 + 413 patches
instantnoodle ★20.02022-12-054.19.269 + 73 patches
instantnoodlep ★20.02022-12-054.19.269 + 73 patches
jflteatt18.12017-08-013.4.113 + 444 patches
jfltespr18.12016-09-013.4.113 + 444 patches
jfltevzw18.12016-12-093.4.113 + 444 patches
jfltexx18.12017-08-013.4.113 + 444 patches
kccat616.0Unknown3.10.108 + 293 patches
kebab ★20.02022-12-054.19.269 + 73 patches
kipper16.0Unknown3.10.108 + 439 patches
klte18.12017-08-013.4.113 + 247 patches
land16.02017-04-013.18.140 + 463 patches
lavender18.12021-06-014.4.302 + 134 patches
lemonade ★20.02022-10-055.4.219 + 56 patches
lemonadep ★20.02022-10-055.4.219 + 56 patches
lentislte16.0Unknown3.10.108 + 293 patches
lmi19.12022-08-014.19.113 + 513 patches
ls99018.1Unknown3.4.113 + 436 patches
ls99718.1Unknown3.18.113 + 587 patches
m714.1Unknown3.4.113 + 483 patches
m8d18.12016-07-013.4.113 + 511 patches
m818.12016-07-013.4.113 + 511 patches
maguro14.1Unknown3.0.101 + 406 patches
mako18.12015-09-083.4.113 + 50 patches
manta14.1Unknown3.4.113 + 359 patches
marlin18.12019-10-063.18.137 + 510 patches
mata19.12020-02-054.4.302 + 172 patches
merlin17.12018-06-013.10.108 + 491 patches
n510014.1Unknown3.0.101 + 413 patches
n511014.1Unknown3.0.101 + 413 patches
n512014.1Unknown3.0.101 + 413 patches
oneplus217.12017-10-013.10.108 + 408 patches
oneplus318.12019-10-013.18.124 + 509 patches
oriole ★20.02023-015.10.107
osprey17.12018-06-013.10.108 + 491 patches
panther ★20.02023-015.10.107
pioneer19.12020-11-014.4.302 + 140 patches
pro120.02020-04-054.4.302 + 131 patches
raven ★20.02023-015.10.107
redfin ★20.02023-014.19.252 + 118 patches
rs98818.1Unknown3.18.113 + 587 patches
sailfish18.12019-10-063.18.137 + 510 patches
santoni16.02018-06-013.18.140 + 463 patches
sargo20.02022-05-054.9.336 + 88 patches
serrano3gxx18.12016-08-013.4.113 + 525 patches
serranoltexx18.12016-08-013.4.113 + 525 patches
shamu15.12017-10-013.10.108 + 346 patches
shamu18.12017-10-013.10.108 + 324 patches
sunfish ★20.02023-014.14.289 + 111 patches
surnia17.12018-06-013.10.108 + 491 patches
taimen20.02020-10-054.4.302 + 144 patches
thor14.1Unknown3.4.0 + 790 patches
toro14.1Unknown3.0.101 + 406 patches
toroplus14.1Unknown3.0.101 + 406 patches
us99618.1Unknown3.18.113 + 587 patches
us99715.1Unknown3.18.113 + 599 patches
v1awifi14.1Unknown3.4.113 + 235 patches
vayu19.12022-07-014.14.180 + 448 patches
victara18.12016-08-013.4.113 + 488 patches
voyager19.12020-11-014.4.302 + 140 patches
vs98518.1Unknown3.4.113 + 436 patches
vs99518.1Unknown3.18.113 + 587 patches
walleye20.02020-10-054.4.302 + 144 patches
xz2c20.02020-09-014.9.227 + 389 patches
yellowstone16.02014-09-303.10.96 + 487 patches
Z00T15.12018-02-053.10.108 + 442 patches
z2_plus18.12018-11-054.4.205 + 400 patches
An orange bear
Tad needs your support!
Donate Now