What is GHSA-xqgg-8qqr-cmpg?

GHSA-xqgg-8qqr-cmpg is a security advisory published by GitHub Security Advisories with Medium severity. snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-...

Which CVE IDs does GHSA-xqgg-8qqr-cmpg cover?

GHSA-xqgg-8qqr-cmpg covers the following CVE IDs: CVE-2020-11725. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-xqgg-8qqr-cmpg?

GHSA-xqgg-8qqr-cmpg has a CVSS v3 base score of 7.8, published by GitHub Security Advisories.

GHSA-xqgg-8qqr-cmpgMediumCVSS 7.8

snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-...

Vendor

GitHub Security Advisories

Published

May 24, 2022

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2020-11725 →

📋 Description

snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner typo, which is mishandled in the private_size*count multiplication.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2020-11725
https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
https://twitter.com/yabbadabbadrew/status/1248632267028582400
https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai%40suse.de
https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de
https://github.com/advisories/GHSA-xqgg-8qqr-cmpg