As per CERT-In, the glitch affected the Dolby Digital Plus Unified Decoder used in many Android devices. The issue was first highlighted in October 2025 and allowed unauthorised access to affected systems.

Google included a fix for the Dolby-related issue in its January update. CERT-In claimed that users should install the update as soon as it becomes available for their devices to reduce the risk of misuse. The advisory applies to all Android users, including individuals and Organisations.

How the Dolby Issue could impact users

In the notification, CERT-In explained that attackers could use the flaw to run commands on a targeted device from a remote location. Such access allows interference with the normal functioning of the phone and could face disruption if the issue remained unpatched.

Google confirmed that its 5th January security bulletin that the update will resolve the issue in the problem in Dolby-related components. The company said Dolby provided the assessment of the issue. After the issue, Dolby also released its own advisory explaining the technical cause.

Dolby claimed that a certain version of its DD+ Unified Decoder, including versions 4.5 and 4.13, could write data outside the allowed memory area when processing specific audio streams. This could allow attackers to gain control over affected devices, including some Google Pixel models and other Android based phones.


