In the Linux kernel, the following vulnerability has been resolved:
vhost-vdpa: fix use after free in vhostvdpaprobe()
The putdevice() calls vhostvdpareleasedev() which calls idasimpleremove() and frees "v". So this call to idasimpleremove() is a use after free and a double free.