An out-of-bounds read vulnerability was found in sox, due to insufficient validation of input data. An attacker could abuse this flaw by crafting a sound file that can cause the system to crash when read by sox or by an application using the sox library.