Memory corruption in Audio while processing the calibration data returned from ACDB loader.

Memory corruption in Audio while processing IIR config data from AFE calibration block.

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

Memory corruption in Audio during playback with speaker protection.

Memory corruption in HLOS while running playready use-case.

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Memory corruption while using the UIM diag command to get the operators name.

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

Memory corruption in Audio while processing the VOC packet data from ADSP.

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

Transient DOS due to improper authorization in Modem

Memory corruption due to double free in Core while mapping HLOS address to the list.

information disclosure due to cryptographic issue in Core during RPMB read request.