A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.
https://sourceforge.net/p/sox/bugs/352/
https://security.archlinux.org/CVE-2021-23159