Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.

Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

Memory corruption while reading the FW response from the shared queue.

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Memory corruption during the FRS UDS generation process.

Memory corruption while triggering commands in the PlayReady Trusted application.

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

Memory corruption while reading secure file.

Memory corruption while calling the NPU driver APIs concurrently.

Transient DOS may occur while processing the country IE.

Memory corruption in display driver while detaching a device.

Memory corruption may occur while validating ports and channels in Audio driver.

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

Information disclosure while deriving keys for a session for any Widevine use case.

While processing the authentication message in UE, improper authentication may lead to information disclosure.

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.

Information disclosure while parsing the OCI IE with invalid length.

Memory corruption while power-up or power-down sequence of the camera sensor.