SB2026011316 - Multiple vulnerabilities in Lenovo Mediatek tablets
Published: January 13, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 29 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2025-20769)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within display. A local application can perform service disruption.
2) Reachable Assertion (CVE-ID: CVE-2025-20791)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to incorrect error handling within Modem. A local application can execute arbitrary code.
3) NULL Pointer Dereference (CVE-ID: CVE-2025-20790)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within Modem. A local application can execute arbitrary code.
4) Insertion of Sensitive Information Into Sent Data (CVE-ID: CVE-2025-20789)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within GPU pdma. A local application can perform service disruption.
5) Improper Access Control for Register Interface (CVE-ID: CVE-2025-20788)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing permission check within GPU pdma. A local application can perform service disruption.
6) Out-of-bounds write (CVE-ID: CVE-2025-20777)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within display. A local application can perform service disruption.
7) Out-of-bounds read (CVE-ID: CVE-2025-20776)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within display. A local application can gain access to sensitive information.
8) Double Free (CVE-ID: CVE-2025-20775)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
9) Heap-based Buffer Overflow (CVE-ID: CVE-2025-20774)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within display. A local application can perform service disruption.
10) Double Free (CVE-ID: CVE-2025-20773)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
11) Double Free (CVE-ID: CVE-2025-20772)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
12) Use of Uninitialized Variable (CVE-ID: CVE-2025-20771)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper input validation within display. A local application can perform service disruption.
13) Use After Free (CVE-ID: CVE-2025-20770)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to use after free within display. A local application can perform service disruption.
14) Out-of-bounds read (CVE-ID: CVE-2025-20768)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within display. A local application can gain access to sensitive information.
15) NULL Pointer Dereference (CVE-ID: CVE-2025-20750)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within Modem. A local application can execute arbitrary code.
16) Out-of-bounds write (CVE-ID: CVE-2025-20767)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to an integer overflow within display. A local application can perform service disruption.
17) Use of Uninitialized Variable (CVE-ID: CVE-2025-20766)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper input validation within display. A local application can perform service disruption.
18) Double Free (CVE-ID: CVE-2025-20765)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a race condition within aee daemon. A local application can perform service disruption.
19) Out-of-bounds write (CVE-ID: CVE-2025-20764)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within smi. A local application can perform service disruption.
20) Out-of-bounds write (CVE-ID: CVE-2025-20763)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to a missing bounds check within mmdvfs. A local application can perform service disruption.
21) Out-of-bounds read (CVE-ID: CVE-2025-20759)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within Modem. A local application can gain access to sensitive information.
22) Uncaught Exception (CVE-ID: CVE-2025-20758)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to an uncaught exception within Modem. A local application can execute arbitrary code.
23) Reachable Assertion (CVE-ID: CVE-2025-20757)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within Modem. A local application can execute arbitrary code.
24) Improper Validation of Specified Type of Input (CVE-ID: CVE-2025-20756)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a logic error within Modem. A local application can execute arbitrary code.
25) NULL Pointer Dereference (CVE-ID: CVE-2025-20755)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within Modem. A local application can execute arbitrary code.
26) Uncaught Exception (CVE-ID: CVE-2025-20754)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to an incorrect bounds check within Modem. A local application can execute arbitrary code.
27) Uncaught Exception (CVE-ID: CVE-2025-20753)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to an uncaught exception within Modem. A local application can execute arbitrary code.
28) Reachable Assertion (CVE-ID: CVE-2025-20752)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within Modem. A local application can execute arbitrary code.
29) Out-of-bounds write (CVE-ID: CVE-2025-20751)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within Modem. A local application can execute arbitrary code.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.