A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
Source: NIST
CVE-2019-3896 (enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_workstation, linux_kernel)