Jordan

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 5.1.1 LMY48M **Description** The issue is caused by an integer underflow in the `MPEG4Extractor::parseChunk` function in the libstagefright library of the Android operating system. This allows a remote attacker to execute arbitrary code by providing specially crafted MPEG-4 data. The vulnerability exists due to an incomplete fix for a previous issue. **Recommendations** For Android versions prior to 5.1.1 LMY48M, update to version 5.1.1 LMY48M or later to resolve the issue. As a temporary workaround, consider restricting the use of the `MPEG4Extractor::parseChunk` function until a patch is available. Avoid using specially crafted MPEG-4 data in the affected API endpoint until the issue is resolved.