Add CVE-2019-20101 and track with src:linux for further investigation

The CVE is raised from the 2019-06-01 Android bulletin and mentions the
uvc_driver.c and Kernel component affected. It does though not share
hints if this affects Linux upstream or just the uvc driver as used in
Android.