EPSS
Percentile
32.5%
sox is vulnerable to denial of service. A stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c allows an attacker to crash the application via a malicious audio file.
lsx_ms_adpcm_block_expand_i
adpcm.c
bugzilla.redhat.com/show_bug.cgi?id=1500553
lists.debian.org/debian-lts-announce/2017/11/msg00043.html
lists.debian.org/debian-lts-announce/2019/02/msg00042.html
security-tracker.debian.org/tracker/CVE-2017-15372
security.gentoo.org/glsa/201810-02