Debian Linux Security Advisory 4143-1 - Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code.
ae578097448b181069464aaacea1cd098476dd78446feaa86438e6cee725f8df