Description: Use-After-Free in Binder driver
References:
 https://bugs.chromium.org/p/project-zero/issues/detail?id=1942
 https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html
Notes:
 bwh> Although the fix commit is marked "# 4.14", the bug is much older.
Bugs:
upstream: released (4.16-rc1) [f5cb779ba16334b45ba8946d6bfa6d9834d1527f]
4.19-upstream-stable: N/A "Fixed before branching point"
4.9-upstream-stable: released (4.9.196) [a494a71146a1cf3f48bb94cf33981db1f027e6a0]
3.16-upstream-stable: released (3.16.79) [3a593dd8bd7505f9acbc7b6f8928ec6b7978c125]
sid: released (4.15.4-1)
4.19-buster-security: N/A "Fixed before branching point"
4.9-stretch-security: released (4.9.210-1)
3.16-jessie-security: released (3.16.81-1)