diff --git a/source/lm/cosa_wantraffic_api.c b/source/lm/cosa_wantraffic_api.c
index 370d222..1055fd8 100644
--- a/source/lm/cosa_wantraffic_api.c
+++ b/source/lm/cosa_wantraffic_api.c
@@ -377,10 +377,13 @@ VOID WTC_ApplyStateChange
             }
             else
             {
+                //CID 560247 Data race condition (MISSING_LOCK)
+                pthread_mutex_lock(&WTCinfo->WanTrafficMutexVar);
                 if(WanTrafficCountInfo_t[index]->ThreadStatus == WTC_THRD_DISMISSED)
                 {
                     WTC_RbusUnsubscribe(index);
                 }
+                pthread_mutex_unlock(&WTCinfo->WanTrafficMutexVar);
                 WTC_LOG_INFO("[%s-%s] DscpList/SleepInterval is Not Configured"
                              , wanMode[index]
                              , WTC_ThreadStatusToStr(thrdStatus));
@@ -1242,7 +1245,10 @@ static VOID WTC_CreateThread
         }
         pthread_detach(WTCinfo->WanTrafficThreadId);
     }
+    /* CID 560033 Data race condition (MISSING LOCK) */
+    pthread_mutex_lock(&WTCinfo->WanTrafficMutexVar);
     WanTrafficCountInfo_t[index]->ThreadState = WTC_THRD_INITIALIZE;
+    pthread_mutex_unlock(&WTCinfo->WanTrafficMutexVar);
     return;
 }
 
diff --git a/source/lm/cosa_wantraffic_utils.c b/source/lm/cosa_wantraffic_utils.c
index 1e69eb5..997c1be 100644
--- a/source/lm/cosa_wantraffic_utils.c
+++ b/source/lm/cosa_wantraffic_utils.c
@@ -734,9 +734,13 @@ static pstDSCPInfo_t DeleteDisabledDscp(pstDSCPInfo_t DscpTree, pstDSCPInfo_t* i
 **********************************************************************/
 static pstDSCPInfo_t DeleteDisabledClients(pstDSCPInfo_t DscpTree)
 {
-    UINT index = DscpTree->NumClients;
+    int index = DscpTree->NumClients;
     errno_t rc = -1;
-    for(UINT i=0; i<index; i++)
+    /* CID 559949 Overflowed constant (INTEGER_OVERFLOW) */
+    /* Changed UINT i=0 to int i=0 */
+    /* When i=0, and i-- causes underflow. unsigned integer is defined to wrap around module 2^n,*/
+    /* where n is bit width. As a result, i becomes 4294967295 ((0-1) mod 2^32 = 2^32 -1 = 4294967295)*/
+    for(int i=0; i<index; i++)
     {
         if (DscpTree->ClientList[i].IsUpdated == FALSE)
         {
diff --git a/source/lm/lm_main.c b/source/lm/lm_main.c
index 86620c5..0b94de2 100644
--- a/source/lm/lm_main.c
+++ b/source/lm/lm_main.c
@@ -2239,8 +2239,8 @@ void XHosts_SyncWifi()
 			LanManager_CheckCloneCopy(&(pHost->pStringParaValue[LM_HOST_Layer1InterfaceId]), (const char *)hosts[i].ssid);
 			LanManager_CheckCloneCopy(&(pHost->pStringParaValue[LM_HOST_AssociatedDeviceId]), (const char *)hosts[i].AssociatedDevice);
 			pHost->iIntParaValue[LM_HOST_X_CISCO_COM_RSSIId] = hosts[i].RSSI;
-			pHost->l1unReachableCnt = 1;
 			pHost->bBoolParaValue[LM_HOST_ActiveId] = hosts[i].Status;
+			pHost->l1unReachableCnt = 1;
 			pHost->activityChangeTime = time((time_t*)NULL);
 			LanManager_CheckCloneCopy(&(pHost->pStringParaValue[LM_HOST_X_RDKCENTRAL_COM_Parent]), getFullDeviceMac());
 			LanManager_CheckCloneCopy(&(pHost->pStringParaValue[LM_HOST_X_RDKCENTRAL_COM_DeviceType]), " ");
@@ -3140,7 +3140,13 @@ static void *ValidateHostRetry_Thread (void *arg)
     }
     while (1);
 
-    pthread_exit(NULL);
+    /* CID 559679 Structurally dead code (UNREACHABLE) */
+    /* Since thread runs indefinitely with while(1) loop, both 'pthread_exit()' and 'return NULL' */
+    /* is unreached, however return is prefered over function call as per most coding standards */
+    /* Uncomment it, when thread is modified to run definite number of times in future */
+    // pthread_exit(NULL);
+
+    return NULL;
 }
 
 static void *ValidateHost_Thread (void *arg)
@@ -3194,7 +3200,14 @@ static void *ValidateHost_Thread (void *arg)
             UpdateHostRetryValidateList(&ValidateHostMsg, ACTION_FLAG_ADD);
         }
     } while(1);
-    pthread_exit(NULL);
+
+    /* CID 559600 Structurally dead code (UNREACHABLE) */
+    /* Since thread runs indefinitely with while(1) loop, both 'pthread_exit()' and 'return NULL' */
+    /* is unreached, however return is prefered over function call as per most coding standards */
+    /* Uncomment it, when thread is modified to run definite number of times in future */
+    //pthread_exit(NULL);
+
+    return NULL;
 }
 
 static const char *compName = "LOG.RDK.LM";
diff --git a/source/lm/lm_main.h b/source/lm/lm_main.h
index 89eef5a..74155b2 100644
--- a/source/lm/lm_main.h
+++ b/source/lm/lm_main.h
@@ -213,7 +213,7 @@ _LmObjectHostIPAddress
     int     active;
     int     l3unReachableCnt; 
     char    *pStringParaValue[LM_HOST_IPAddress_NumStringPara];
-    int     LeaseTime;
+    ULONG   LeaseTime; /* Changed int -> ULONG to fix CID 559502 Overflowed constant (INTEGER_OVERFLOW) */
 	int     instanceNum;  /* instance number */
     struct _LmObjectHostIPAddress *pNext;
 }
diff --git a/source/lm/network_devices_status_avropack.c b/source/lm/network_devices_status_avropack.c
index 977e922..8d2aa57 100644
--- a/source/lm/network_devices_status_avropack.c
+++ b/source/lm/network_devices_status_avropack.c
@@ -261,6 +261,12 @@ void network_devices_status_report(struct networkdevicestatusdata *head, BOOL ex
 #endif
   tstamp_av_main = tstamp_av_main/1000;
 
+  // CID 339693 -  Explicit null dereferenced (FORWARD_NULL)
+  if (optional.iface == NULL)
+  {
+    CcspTraceWarning(("optional.iface is NULL"));  
+    return;
+  }
   avro_value_set_long(&optional, tstamp_av_main );
   CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, timestamp = ""%" PRId64 "\n", tstamp_av_main ));
   CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, timestamp\tType: %d\n", avro_value_get_type(&optional)));
@@ -427,8 +433,20 @@ void network_devices_status_report(struct networkdevicestatusdata *head, BOOL ex
     // assume 1 parent ONLY
     // Parent MAC
     avro_value_set_branch(&adrField, 1, &parent_optional);
+    // CID 559659 -  Explicit null dereferenced (FORWARD_NULL)
+    if (parent_optional.iface == NULL)
+    {
+      CcspTraceWarning(("parent_optional.iface is NULL"));  
+      return;
+    }
     avro_value_get_by_name(&parent_optional, "mac_address", &parent_adrField, NULL);
     if ( CHK_AVRO_ERR ) CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, %s\n", avro_strerror()));
+    // CID 559459 -  Explicit null dereferenced (FORWARD_NULL)
+    if (parent_adrField.iface == NULL)
+    {
+      CcspTraceWarning(("parent_adrField.iface is NULL"));  
+      return;
+    }
     avro_value_set_branch(&parent_adrField, 1, &parent_optional);
     avro_value_set_fixed(&parent_optional, CpeMacid, 6);
     CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, parent mac_address\tType: %d\n", avro_value_get_type(&parent_optional)));
@@ -487,6 +505,12 @@ void network_devices_status_report(struct networkdevicestatusdata *head, BOOL ex
 
       //Append a DeviceReport item to array
       avro_value_append(&adrField, &dr, NULL);
+      //CID 559702 Explicit null dereferenced (FORWARD_NULL)
+      if (dr.iface == NULL)
+      {
+        CcspTraceWarning(("dr.iface is NULL"));  
+        break;
+      }
       CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, \tDevice Status Report\tType: %d\n", avro_value_get_type(&dr)));
 
       //data array block
@@ -508,6 +532,12 @@ void network_devices_status_report(struct networkdevicestatusdata *head, BOOL ex
       //device_mac - fixed 6 bytes
       avro_value_get_by_name(&dr, "device_id", &drField, NULL);
       if ( CHK_AVRO_ERR ) CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, %s\n", avro_strerror()));
+      //CID 559702 Explicit null dereferenced (FORWARD_NULL)
+      if (drField.iface == NULL)
+      {
+        CcspTraceWarning(("drField.iface is NULL"));
+        break;
+      }
       CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, device_id\tType: %d\n", avro_value_get_type(&drField)));
       avro_value_get_by_name(&drField, "mac_address", &drField, NULL);
       if ( CHK_AVRO_ERR ) CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, %s\n", avro_strerror()));
diff --git a/source/lm/network_devices_traffic_avropack.c b/source/lm/network_devices_traffic_avropack.c
index 5853a65..2823be3 100644
--- a/source/lm/network_devices_traffic_avropack.c
+++ b/source/lm/network_devices_traffic_avropack.c
@@ -267,6 +267,13 @@ void network_devices_traffic_report(struct networkdevicetrafficdata *head, struc
 #endif
   tstamp_av_main = tstamp_av_main/1000;
 
+  // CID 259670 -  Explicit null dereferenced (FORWARD_NULL)
+  if (optional.iface == NULL)
+  {
+    CcspTraceWarning(("optional.iface is NULL"));  
+    return;
+  }
+
   avro_value_set_long(&optional, tstamp_av_main );
   CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, timestamp = ""%" PRId64 "\n", tstamp_av_main ));
 
@@ -426,6 +433,12 @@ void network_devices_traffic_report(struct networkdevicetrafficdata *head, struc
     
       //Append a DeviceReport item to array
       avro_value_append(&adrField, &dr, NULL);
+      // CID 274952 #1-  Explicit null dereferenced (FORWARD_NULL)
+      if (dr.iface == NULL)
+      {
+        CcspTraceWarning(("dr.iface is NULL"));
+        break;
+      }
       CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, \tDevice Traffic Report\tType: %d\n", avro_value_get_type(&dr)));
 
       //data array block
@@ -443,6 +456,12 @@ void network_devices_traffic_report(struct networkdevicetrafficdata *head, struc
       }
 
       //device_mac - fixed 6 bytes
+      // CID 274952 #2 -  Explicit null dereferenced (FORWARD_NULL)
+      if (dr.iface == NULL)
+      {
+        CcspTraceWarning(("dr.iface is NULL"));  
+        break;
+      }
       avro_value_get_by_name(&dr, "device_id", &drField, NULL);
       if ( CHK_AVRO_ERR ) CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, %s\n", avro_strerror()));
       CcspLMLiteConsoleTrace(("RDK_LOG_DEBUG, device_id\tType: %d\n", avro_value_get_type(&drField)));