Fixes were made to address the following CVEs:

(VM-Series firewalls on ESXi with Intel E810 NICs using PCI passthrough) Fixed an issue where the brdagent process became unresponsive during data port initialization, which resulted in system instability, interface outages, HA split-brain conditions, and unexpected reboots during failover.

Fixed an issue where GlobalProtect pre-logon tunnel session was not cleared even after the user was logged in. With this fix, the session is cleared after the session timeout expires.

Fixed an issue on Panorama where the logd process exited unexpectedly when handling syslog forwarding.

Fixed an issue where the device-telemetry collect-now process became unresponsive when the process was initiated multiple times with other processes running concurrently, which prevented subsequent telemetry collection.

(PA-7050 firewalls in HA configurations only) Fixed an issue where the firewall reached 100% disk utilization due to the logrcvr process repeatedly restarting and dumping core files due to a blocked hints processing thread, which caused a failover.

Fixed an issue where the logrcvr process on a firewall stopped responding due to a document node being unexpectedly freed.

Fixed an issue on the firewall where SolarWinds monitoring systems reported 100% usage for Slot1 Data Processor-0 Hardware Packet Buffers due to an inaccurate reported packet buffer.

Fixed an issue where memory leaks on the configd process occurred due to a hash insert operation failing during connection management and SSL connections.

Addressed a stack buffer overflow memory leak under plugin management code path.