A vulnerability was found in build_audio_procunit in sound/usb/mixer.c in ALSA usb-audio subsystem for a local user, while accessing an array (desc->baSourceID) a boundary check was needed to restrict the array size, failing this can cause an out-of-bound access problem.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1759060]
This was fixed for Fedora in the 4.20.2 stable kernel updates.
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.