EPSS
Percentile
36.5%
A flaw was found in the Linux kernel. The Advanced Linux Sound Architecture subsystem’s snd_ctl_elem_add mishandles the private_size*count multiplication when the addition of audio control elements happen leading to a denial of service.
bugzilla.redhat.com/show_bug.cgi?id=1824923
github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
lore.kernel.org/alsa-devel/[email protected]/
nvd.nist.gov/vuln/detail/CVE-2020-11725
www.cve.org/CVERecord?id=CVE-2020-11725