The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

...

libsndfile buffer overflow vulnerability (CNVD-2017-07010)

libsndfile is a C library developed by software developer Erik de Castro Lopo that reads and writes audio files in AIFF, AU, and WAV formats through standard interfaces. A buffer overflow vulnerability exists in the i2lesarray function of the pcm.c file in version 1.0.28 of libsndfile. A remote...

DEBIAN-CVE-2017-8365

The i2lesarray function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file...

ALPINE-CVE-2017-8365

The i2lesarray function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file...

UBUNTU-CVE-2017-8365

The i2lesarray function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file...