An issue was discovered in libsndfile 1.0.28. There is a OOB read error in sf_write_int in sndfile.c, which will lead to a denial of service.
Created libsndfile tracking bugs for this issue:
Affects: fedora-all [bug 1652567]
Patch mentioned in upstream bug:
But appears to need this one, too (fix for CVE-2018-13139):
This issue did not affect the versions of libsndfile as shipped with Red Hat Enterprise Linux 6. This issue affects the versions of libsndfile as shipped with Red Hat Enterprise Linux 7.