The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
CVE: (none) => CVE-2017-11331
According to RedHat and others, this is already fixed in our package: https://bugzilla.redhat.com/show_bug.cgi?id=1480656 *** This bug has been marked as a duplicate of bug 15403 ***
Status: NEW => RESOLVEDResolution: (none) => DUPLICATE