Memory corruption while parsing the ML IE due to invalid frame content.

Memory corruption while configuring a Hypervisor based input virtual device.

Memory corruption while parsing the memory map info in IOCTL calls.

Information disclosure while processing IO control commands.

Information disclosure during audio playback.

Information disclosure while processing information on firmware image during core initialization.

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image.