Crash in < system_server >, HWAddressSanitizer: tag-mismatch on address 0x0040bee48a54 at pc 0x0071970b9564 READ of size 2 at 0x0040bee48a54 tags: 8c/12 (ptr/mem) in thread T192

In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.