CVE-2016-2384: arbitrary code execution due to a double-free in the usb-midi linux kernel driver