CVE-2019-14091

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions (affected versions not specified)

Description: The issue is related to a double free problem in the NPU due to the lack of a resource locking mechanism, which can lead to a race condition. This affects various Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Voice & Music, in specific chipsets such as MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, and SXR2130.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.