http://bugzilla.opensuse.org/show_bug.cgi?id=1181104 http://bugzilla.opensuse.org/show_bug.cgi?id=1181104#c4 --- Comment #4 from Takashi Iwai <tiwai@suse.com> --- It's dw2102 driver, right? I took at look at the code, and it's very obvious that it leads to UAF. The driver allocates some properties via kmemdup() and modifies some fields, pass the object, and release the object at the probe, while dvb_usb_device still refers to it. The bug must have been introduced by the commit 299c7007e93645067e1d2743f4e50156de78c4ff media: dw2102: Fix memleak on sequence of probes around 4.19 kernel. Maybe the commit was backported to the stable 4.18.x, too. Below is the tentative fix. Please check it. -- You are receiving this mail because: You are the assignee for the bug.