Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

Transient DOS during music playback of ALAC content.

Information disclosure while handling beacon probe frame during scan entry generation in client side.

Information disclosure while handling beacon or probe response frame in STA.

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

Memory corruption when allocating and accessing an entry in an SMEM partition.

Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image.

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.