Description
Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes.
Affected version is prior to commit 1.30.0.
Published: 2026-04-22
Score: 6.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Integer overflow leading to improper buffer sizing
Action: Patch Now
AI Analysis

Impact

An integer overflow occurs during constant tensor data size calculation in Samsung Open Source ONE. The calculation does not correctly account for large constant nodes, resulting in an under‑sized buffer. If an attacker can introduce a large constant node, the program may write data beyond the allocated buffer, potentially corrupting memory or causing a crash.

Affected Systems

Samsung Open Source:ONE implementations prior to commit 1.30.0 are affected. No other version or vendor details are provided, so all instances using earlier commits than 1.30.0 should be considered vulnerable.

Risk and Exploitability

The CVSS score of 6.6 indicates a moderate severity. EPSS is unavailable and the vulnerability is not listed in KEV, suggesting no known active exploitation. However, the integer overflow could be leveraged by an attacker who can influence tensor initialization; if exploited, it may lead to memory corruption and potentially allow code execution, particularly if the overflow triggers a crash that can be exploited. The exact attack vector is not documented, so the risk remains based on potential local or indirect exploitation scenarios.

Generated by OpenCVE AI on April 22, 2026 at 07:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Samsung ONE to commit 1.30.0 or later, which corrects the overflow calculation.
  • If an upgrade is not immediately possible, reduce the size of constant tensors or avoid large constant nodes until the patch is applied.
  • Monitor application logs and memory usage for signs of buffer overrun or crashes, and apply appropriate isolation or sandboxing for tensor operations.

Generated by OpenCVE AI on April 22, 2026 at 07:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://github.com/Samsung/ONE/pull/16481 cve-icon cve-icon
History

Wed, 22 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Samsung Open Source
Samsung Open Source one
Vendors & Products Samsung Open Source
Samsung Open Source one

Wed, 22 Apr 2026 07:45:00 +0000

Type Values Removed Values Added
Title Integer Overflow Causing Improper Buffer Size in Samsung ONE

Wed, 22 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0.
Weaknesses CWE-190
References
Metrics cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H'}

Subscriptions

Samsung Open Source One
cve-icon MITRE

Status: PUBLISHED

Assigner: samsung.tv_appliance

Published:

Updated: 2026-04-22T23:18:28.533Z

Reserved: 2026-04-22T00:52:02.298Z

Link: CVE-2026-41667

cve-icon Vulnrichment

Updated: 2026-04-22T12:31:20.018Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-22T07:16:13.990

Modified: 2026-04-22T21:23:52.620

Link: CVE-2026-41667

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T11:44:34Z

Weaknesses