libvorbis.so is vulnerable to buffer overreads. The application lacks an array length check in the bark_noise_hybridmp
method in psy.c
, leading to a buffer overread that can lead to sensitive information being disclosed or the application crashing.