In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate. A local attacker might use this for a denial of service. References: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00001.html https://bugzilla.redhat.com/show_bug.cgi?id=1499599 http://openwall.com/lists/oss-security/2017/10/11/1