Memory corruption while processing command in Glink linux.

Memory corruption during management frame processing due to mismatch in T2LM info element.

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

Memory corruption while parsing the ML IE due to invalid frame content.

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

Information disclosure while handling T2LM Action Frame in WLAN Host.

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

Memory corruption while redirecting log file to any file location with any file name.

Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.

Memory corruption while processing MBSSID beacon containing several subelement IE.

Memory corruption while processing TPC target power table in FTM TPC.

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.

Memory corruption in Core Services while executing the command for removing a single event listener.

Transient DOS in WLAN firmware while parsing MLO (multi-link operation).

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.