In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. CREATE(Triage):(User=admin) CVE-2019-20636 (https://nvd.nist.gov/vuln/detail/CVE-2019-20636)