sox:eoan is vulnerable to denial of service (DoS). There is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
CPE | Name | Operator | Version |
---|---|---|---|
sox:eoan | eq | 14.4.2+git20190427 | |
sox:eoan | eq | 14.4.2+git20190427 |