libsox.so is vulnerable to information disclosure. An attacker can leak and eventually cause an application crash through the global-buffer-overflow by providing a malicious file to the lsx_adpcm_init
function of adpcms.h
www.openwall.com/lists/oss-security/2023/02/03/3
www.openwall.com/lists/oss-security/2023/02/04/2
www.openwall.com/lists/oss-security/2023/02/05/1
www.openwall.com/lists/oss-security/2023/02/06/1
bugzilla.redhat.com/show_bug.cgi?id=1980626
github.com/advisories/GHSA-6537-hg9g-m5mp
lists.debian.org/debian-lts-announce/2023/02/msg00009.html