In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. CREATE(Triage):(User=admin) CVE-2019-19528 (https://nvd.nist.gov/vuln/detail/CVE-2019-19528)