CVE-2016-2384: arbitrary code execution due to a double-free in the usb-midi linux kernel driver
CVE-2016-2384 describes an interesting vulnerability within the usb-midi linux kernel driver. There is an extensive blog post on xairy’s github blog. The exploit can be either used for DOS (you’ll need physical access) or to execute code (you’ll need both physical and local access).
CVE-2016-2384 CVSS v2