In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098. CREATE(Triage):(User=admin) CVE-2019-19526 (https://nvd.nist.gov/vuln/detail/CVE-2019-19526)