Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

Information disclosure while parsing dts header atom in Video.

Memory corruption when multiple listeners are being registered with the same file descriptor.

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

Memory corruption when there is failed unmap operation in GPU.

Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

Transient DOS while decoding message of size that exceeds the available system memory.

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.

Memory corruption while processing finish_sign command to pass a rsp buffer.

Memory corruption in SPS Application while requesting for public key in sorter TA.

Memory corruption while processing MBSSID beacon containing several subelement IE.

Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.

Memory corruption while parsing qcp clip with invalid chunk data size.

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

Memory corruption while invoking HGSL IOCTL context create.

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

Memory corruption in Audio while processing RT proxy port register driver.

Memory corruption in Core Services while executing the command for removing a single event listener.