CVE-2019-19807
CVE-2019-19807 affects the Linux kernel before 5.3.11, due to a use-after-free in sound/core/timer.c (snd_timer_open/snd_timer_close_locked). The timeri variable was repurposed during a refactor, leading to a faulty lifecycle for a new timer instance. Connected sources confirm an upstream fix imp...