bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.

...

Buffer Overread

libvorbis.so is vulnerable to buffer overreads. The application lacks an array length check in the barknoisehybridmp method in psy.c, leading to a buffer overread that can lead to sensitive information being disclosed or the application crashing...

DEBIAN-CVE-2018-10393

barknoisehybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read...

CVE-2018-10393

barknoisehybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read...

Xiph.Org libvorbis 'bark_noise_hybridmp' function stack buffer out-of-bounds read vulnerability

Xiph.Org libvorbis is an open source library of audio encoding and decoding functions for medium to high quality audio at fixed or variable bit rates. A stack buffer out-of-bounds read vulnerability exists in the 'barknoisehybridmp' function of the psy.c file in Xiph.Org libvorbis version 1.3.6. ...

DEBIAN-CVE-2017-14160

The barknoisehybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service out-of-bounds access and application crash or possibly have unspecified other impact via a crafted mp4 file...