Fixes were made to address the following CVEs:

Fixed an issue where a configd crash occurred when the Policies > Security view was updated or refreshed in the web interface.

(Firewalls in HA configurations only) Fixed an issue where the HA 2 interface did not come up on the passive firewall, which resulted in the firewall being unable to join the HA pair.

Fixed an issue where session rematch did not properly apply updated Security policy rules to existing traffic flows after committing changes, which caused traffic to still be allowed when a new Security policy was set to Deny.

Fixed an issue where the firewall rebooted unexpectedly to the all_task_1 process repeatedly restarting.

(PA-7050 firewalls in HA configurations only) Fixed an issue where the firewall reached 100% disk utilization due to the logrcvr process repeatedly restarting and dumping core files due to a blocked hints processing thread, which caused a failover.

Fixed an issue where a leak in decryption counters caused resource exhaustion, which led to a GlobalProtect service outage.

(VM-Series firewalls only) Fixed an issue where insufficient i-node space was available on the sysroot0 partition.

Fixed an issue where the dataplane stopped responding when cleaning up expired sessions currently in Advanced Threat Prevention hold mode.