CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM partition.

CVE-2024-21473

Memory corruption while redirecting log file to any file location with any file name.

CVE-2024-33050

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

CVE-2023-33105

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.

CVE-2023-33116

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.

CVE-2024-33012

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.

CVE-2024-33014

Transient DOS while parsing ESP IE from beacon/probe response frame.

CVE-2024-33010

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2024-33011

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.