Samsung SMR is a system patch package from South Koreaβs Samsung (Samsung). It provides patches for Samsung mobile applications. Samsung SMR suffers from a buffer overflow vulnerability that stems from incorrect size checking of the in-sapefd_parse_meta_DESCRIPTION function of the libsapeextractor library. An attacker could exploit this vulnerability to perform an out-of-bounds read via a specially crafted media file.