drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir). CREATE(Triage):(User=admin) CVE-2019-15504 (https://nvd.nist.gov/vuln/detail/CVE-2019-15504)