Ubuntu Security Notice 1174-1 - Hossein Lotfi discovered that libsndfile did not properly verify the header length and number of channels for PARIS Audio Format (PAF) audio files. An attacker could exploit this to cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
d8a07393d327e356dc08baa0166d3b4019830cc109f2da3cd5f11f3a7cf88c95