The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html
lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html
packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
access.redhat.com/errata/RHSA-2019:3309
access.redhat.com/errata/RHSA-2019:3517
hexhive.epfl.ch/projects/perifuzz/
lists.debian.org/debian-lts-announce/2019/03/msg00034.html
lists.debian.org/debian-lts-announce/2019/04/msg00004.html
lists.debian.org/debian-lts-announce/2019/05/msg00002.html
seclists.org/bugtraq/2019/Jan/52
security.netapp.com/advisory/ntap-20190404-0002/
usn.ubuntu.com/4115-1/
usn.ubuntu.com/4118-1/