CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly.

CVE-2025-27051

Memory corruption while processing command message in WLAN Host.

CVE-2025-27055

Memory corruption during the image encoding process.

CVE-2025-27058

Memory corruption while processing packet data with exceedingly large packet.

CVE-2025-27044

Memory corruption while executing timestamp video decode command with large input values.

CVE-2025-27065

Transient DOS while processing a frame with malformed shared-key descriptor.

CVE-2025-27068

Memory corruption while processing an IOCTL command with an arbitrary address.

CVE-2025-27069

Memory corruption while processing DDI command calls.

CVE-2025-27073

Transient DOS while creating NDP instance.

CVE-2025-27075

Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.

CVE-2025-27076

Memory corruption while processing simultaneous requests via escape path.

CVE-2025-21477

Transient DOS while processing CCCH data when NW sends data with invalid length.

CVE-2025-21461

Memory corruption when programming registers through virtual CDM.

CVE-2025-21481

Memory corruption while performing private key encryption in trusted application.

CVE-2025-27067

Memory corruption while processing DDI call with invalid buffer.

CVE-2025-27036

Information disclosure when Video engine escape input data is less than expected minimum size.

CVE-2025-47329

Memory corruption while handling invalid inputs in application info setup.

CVE-2025-47316

Memory corruption due to double free when multiple threads race to set the timestamp store.

CVE-2025-47317

Memory corruption due to global buffer overflow when a test command uses an invalid payload type.

CVE-2025-47326

Transient DOS while handling command data during power control processing.

CVE-2025-47327

Memory corruption while encoding the image data.

CVE-2025-47328

Transient DOS while processing power control requests with invalid antenna or stream values.