Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
Memory corruption while processing IOCTL command to handle buffers associated with a session.
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
Transient DOS while parsing per STA profile in ML IE.
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
Memory corruption during the FRS UDS generation process.
Memory corruption while triggering commands in the PlayReady Trusted application.
Memory corruption while reading secure file.