snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner typo, which is mishandled in the private_size*count multiplication. References: https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/ https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1824925]
Takashi seems to feel that this is invalid and the CVE should be disputed.
External References: https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/ https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
Statement: This CVE is being disputed as invalid (https://nvd.nist.gov/vuln/detail/CVE-2020-11725) based on the arguments presented in https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/ .