SB2026010554 - Multiple vulnerabilities in MediaTek chipsets
Published: January 5, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 28 secuirty vulnerabilities.
1) Use After Free (CVE-ID: CVE-2025-20780)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
2) Integer overflow (CVE-ID: CVE-2025-20807)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to an integer overflow within dpe. A local application can perform service disruption.
3) Use After Free (CVE-ID: CVE-2025-20806)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within dpe. A local application can perform service disruption.
4) Use After Free (CVE-ID: CVE-2025-20805)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within dpe. A local application can perform service disruption.
5) Use After Free (CVE-ID: CVE-2025-20804)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within dpe. A local application can perform service disruption.
6) Integer overflow (CVE-ID: CVE-2025-20803)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to an integer overflow within dpe. A local application can perform service disruption.
7) Use After Free (CVE-ID: CVE-2025-20787)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
8) Double Free (CVE-ID: CVE-2025-20786)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
9) Use After Free (CVE-ID: CVE-2025-20785)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
10) Use of Uninitialized Variable (CVE-ID: CVE-2025-20784)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to uninitialized data within display. A local application can perform service disruption.
11) Out-of-bounds write (CVE-ID: CVE-2025-20783)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within display. A local application can perform service disruption.
12) Out-of-bounds write (CVE-ID: CVE-2025-20782)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within display. A local application can perform service disruption.
13) Double Free (CVE-ID: CVE-2025-20781)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
14) Use After Free (CVE-ID: CVE-2025-20779)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a race condition within display. A local application can perform service disruption.
15) Out-of-bounds write (CVE-ID: CVE-2025-20795)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within KeyInstall. A local application can execute arbitrary code.
16) Out-of-bounds write (CVE-ID: CVE-2025-20778)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within display. A local application can perform service disruption.
17) Use After Free (CVE-ID: CVE-2025-20802)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within geniezone. A local application can perform service disruption.
18) Double Free (CVE-ID: CVE-2025-20801)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a race condition within seninf. A local application can perform service disruption.
19) Out-of-bounds write (CVE-ID: CVE-2025-20800)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within mminfra. A local application can perform service disruption.
20) Use After Free (CVE-ID: CVE-2025-20799)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within c2ps. A local application can perform service disruption.
21) Out-of-bounds write (CVE-ID: CVE-2025-20798)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within battery. A local application can perform service disruption.
22) Stack-based buffer overflow (CVE-ID: CVE-2025-20797)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within battery. A local application can perform service disruption.
23) Improper Validation of Specified Index, Position, or Offset in Input (CVE-ID: CVE-2025-20796)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper input validation within imgsys. A local application can perform service disruption.
24) Reachable Assertion (CVE-ID: CVE-2025-20760)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to an uncaught exception within Modem. A local application can execute arbitrary code.
25) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2025-20761)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to incorrect error handling within Modem. A local application can execute arbitrary code.
26) Reachable Assertion (CVE-ID: CVE-2025-20762)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to incorrect error handling within Modem. A local application can execute arbitrary code.
27) NULL Pointer Dereference (CVE-ID: CVE-2025-20793)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to incorrect error handling within Modem. A local application can execute arbitrary code.
28) Stack-based buffer overflow (CVE-ID: CVE-2025-20794)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within Modem. A local application can execute arbitrary code.
Remediation
Install update from vendor's website.