In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. CREATE(Triage):(User=admin) CVE-2019-19524 (https://nvd.nist.gov/vuln/detail/CVE-2019-19524)