This vulnerability involves an integer overflow in the calculation of the scratch buffer initialization size within Samsung Open Source ONE, affecting versions before 1.30.0. The overflow causes incorrect memory initialization when handling large intermediate tensors, potentially leading to application crashes or denial of service conditions. The CVSS vector indicates the attack requires local access with low complexity and no privileges but requires user interaction. The impact is limited to integrity and availability, with no confidentiality impact reported.

The integer overflow can cause incorrect memory initialization, which may lead to denial of service through application crashes or instability. There is no indication of confidentiality loss or remote exploitation. The attack requires local access and user interaction, limiting its scope.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid processing large intermediate tensors that could trigger the overflow and consider applying any available workarounds from Samsung Open Source ONE community or maintainers.