Samsung SMR is a system patch package from South Koreaβs Samsung (Samsung). It provides patches for Samsung mobile applications. Samsung SMR suffers from a buffer overflow vulnerability that stems from an incorrect size check in the sapefd_parse_meta_HEADER_old function of the libsapeextractor library. An attacker could exploit this vulnerability to perform an out-of-bounds read via a specially crafted media file.