Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-13590. Reason: This candidate is a reservation duplicate of CVE-2019-13590. Notes: All CVE users should reference CVE-2019-13590 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

In SoX 14.4.2, there is an integer overflow in startread in sox-fmt.c. This can, for example, have a resultant NULL pointer dereference.