This vulnerability involves an integer overflow (CWE-190) in the scratch buffer initialization size calculation within Samsung Open Source ONE before version 1.30.0. The overflow causes incorrect memory initialization when handling large intermediate tensors, potentially leading to application crashes or denial of service. The CVSS 3.1 score is 6.1 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H), reflecting a medium severity with local attack vector, low attack complexity, no privileges required, user interaction needed, unchanged scope, no confidentiality impact, low integrity impact, and high availability impact. No patch or official remediation level is provided in the available data.

The integer overflow can cause incorrect memory initialization, which may lead to denial of service conditions such as application crashes or instability when processing large intermediate tensors. There is no indication of confidentiality loss, but integrity impact is low and availability impact is high. No known exploits have been reported in the wild.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider avoiding processing large intermediate tensors that could trigger the overflow or apply any available workarounds recommended by Samsung. Monitor vendor channels for updates.