CVE-2025-21475

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.

CVE-2024-45541

Memory corruption when IOCTL call is invoked from user-space to read board data.

CVE-2024-45542

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

CVE-2025-21454

Transient DOS while processing received beacon frame.

CVE-2025-21466

Memory corruption while processing a private escape command in an event trigger.

CVE-2025-27046

Memory corruption while processing multiple simultaneous escape calls.

CVE-2025-27055

Memory corruption during the image encoding process.

CVE-2025-21449

Transient DOS may occur while processing malformed length field in SSID IEs.

CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly.