An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.
https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=5