CVE-2021-25384

Name of the Vulnerable Software and Affected Versions: libsdffextractor library versions prior to SMR MAY-2021 Release 1

Description: The issue is related to an improper input validation vulnerability in the sdfffd parse chunk PROP() function, specifically with the Sample Rate Chunk. This could potentially allow attackers to execute arbitrary code on the mediaextractor process.

Recommendations: For versions prior to SMR MAY-2021 Release 1, update to SMR MAY-2021 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the sdfffd parse chunk PROP() function until a patch is available.