Hendra Gunadi

**Name of the Vulnerable Software and Affected Versions** SoX version 14.4.2 **Description** An issue in the `startread` function of `sox-fmt.h` in the `libsox.a` library of SoX leads to an integer overflow, resulting in a NULL pointer being returned from the `lsx calloc` macro, which wraps `malloc`. This NULL pointer is then used without validation, causing a NULL pointer dereference in `lsx readbuf` in `formats i.c`. The vulnerability can be exploited by a remote attacker to cause a denial of service. **Recommendations** For SoX version 14.4.2, as a temporary workaround, consider restricting the use of the `startread` function in `sox-fmt.h` until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoX versions 14.4.2 **Description** The issue is related to an integer overflow in the `lsx make lpf` function in `effect i dsp.c` of the SoX audio editor. This overflow occurs when the result of a multiplication is fed into `malloc`, leading to a heap-based buffer overflow. Exploitation of this issue could allow a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For SoX version 14.4.2, consider disabling the `lsx make lpf` function in `effect i dsp.c` as a temporary workaround until a patch is available. Restrict access to the affected `effect i dsp.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoX versions 14.4.2 **Description** The issue is related to an integer overflow in the `channels start` function of the SoX audio editor, which can lead to a heap-based buffer overflow. This can be exploited by a remote attacker to cause a denial of service. The overflow occurs due to the result of multiplication fed into the `lsx valloc` macro that wraps `malloc`, resulting in a smaller buffer allocation than expected. **Recommendations** For SoX version 14.4.2, consider disabling the `channels start` function in `remix.c` as a temporary workaround to minimize the risk of exploitation. Restrict access to the `lsx valloc` macro in `xmalloc.h` to prevent potential buffer overflows. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoX version 14.4.2 **Description** The issue is related to the bitrv2 function in the fft4g.c file of the SoX audio editor, which is associated with a buffer overflow in memory. This can be exploited by a remote attacker to cause a denial of service. The problem arises because one of the arguments to the bitrv2 function is not properly guarded, leading to a stack-based buffer overflow, where write access can occur outside of the statically declared array. **Recommendations** For SoX version 14.4.2, consider disabling the bitrv2 function in fft4g.c as a temporary workaround until a patch is available. Restrict access to the fft4g.c module to minimize the risk of exploitation. Avoid using the affected argument in the bitrv2 function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoX version 14.4.2 **Description** A problem was discovered in the lsx make lpf function in effect i dsp.c, which allows a NULL pointer dereference. This issue can be exploited by a remote attacker to cause a denial of service. **Recommendations** For SoX version 14.4.2, consider disabling the lsx make lpf function in effect i dsp.c as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.