Primary

Context

Samsung Open Source ONE Integer Overflow Vulnerability in Tensor Memory Initialization

Vulnerability

An integer overflow vulnerability has been identified in Samsung Open Source ONE, prior to version 1.30.0. This issue arises in the scratch buffer initialization size calculation, leading to incorrect memory initialization for large intermediate tensors.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition by allowing for the manipulation of memory allocation, potentially leading to application crashes or unexpected behavior.

Remediation

Users can update to version 1.30.0 or later to address this vulnerability.

Added: Apr 22, 2026, 7:28 AM

Updated: Apr 22, 2026, 7:28 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

6.5

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

6.5

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Open Source ONE Integer Overflow Vulnerability in Tensor Memory Initialization

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating