Description
Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE.
Affected version is prior to commit 1.30.0.
Published: 2026-04-22
Score: 6.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory corruption via out-of-bounds
Action: Apply Patch
AI Analysis

Impact

Integer overflow in the buffer size calculation within Samsung Open Source ONE can cause out-of-bounds memory access when the system processes large tensors. This flaw could lead to memory corruption, potentially resulting in a denial of service or enabling further exploitation if an attacker can influence the contents of the corrupted memory. The flaw is classified as CWE‑190, reflecting a classic integer overflow weakness.

Affected Systems

The vulnerability affects the Samsung Open Source ONE platform. Versions released before the 1.30.0 commit are vulnerable. The specific affected build references commit history and indicates that all releases prior to that point use the vulnerable buffer size calculation.

Risk and Exploitability

The CVSS score is 6.6, indicating medium severity. The EPSS score is not available, and the issue is not listed in the CISA KEV catalog, suggesting no publicly known exploitation. Likely attack vectors involve feeding excessively large tensors into the system; if the platform offers a remote API, an unauthenticated or authenticated attacker could trigger the overflow by submitting a crafted payload, while a local attacker would need access to run code with sufficient privilege to manipulate tensor inputs.

Generated by OpenCVE AI on April 22, 2026 at 07:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Samsung ONE 1.30.0 or later, where the integer overflow issue is fixed.
  • If upgrading is unavailable, enforce strict validation on tensor dimensions to restrict them below a safe threshold before buffer size calculation.
  • Implement runtime memory bounds checks or sandbox the tensor processing component to contain any potential memory corruption.

Generated by OpenCVE AI on April 22, 2026 at 07:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://github.com/Samsung/ONE/pull/16481 cve-icon cve-icon
History

Thu, 23 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Samsung Open Source
Samsung Open Source one
Vendors & Products Samsung Open Source
Samsung Open Source one

Wed, 22 Apr 2026 07:45:00 +0000

Type Values Removed Values Added
Title Integer Overflow in Buffer Size Calculation Causing Out‑of‑Bounds Memory Access in Samsung ONE

Wed, 22 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0.
Weaknesses CWE-190
References
Metrics cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H'}

Subscriptions

Samsung Open Source One
cve-icon MITRE

Status: PUBLISHED

Assigner: samsung.tv_appliance

Published:

Updated: 2026-04-22T23:17:01.239Z

Reserved: 2026-04-13T04:23:34.943Z

Link: CVE-2026-40449

cve-icon Vulnrichment

Updated: 2026-04-22T13:08:20.609Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-22T07:16:13.450

Modified: 2026-04-22T21:23:52.620

Link: CVE-2026-40449

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T11:44:40Z

Weaknesses