Chunseoklee

**Name of the Vulnerable Software and Affected Versions** Samsung Open Source ONE versions prior to 1.30.0 **Description** An integer overflow occurs during the calculation of the tensor allocation size, which may result in insufficient memory being allocated for large tensors. **Recommendations** Update to version 1.30.0 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Open Source ONE versions prior to 1.30.0 **Description** An integer overflow occurs during the output tensor copy size calculation, which can lead to an incorrect copy length and subsequent memory corruption when processing oversized tensors. **Recommendations** Update to version 1.30.0 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Open Source ONE versions prior to 1.30.0 **Description** An integer overflow occurs during the memory copy size calculation, which can lead to invalid memory operations when processing large tensor shapes. **Recommendations** Update to version 1.30.0 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Open Source ONE versions prior to 1.30.0 **Description** An integer overflow occurs during the scratch buffer initialization size calculation, which leads to incorrect memory initialization when handling large intermediate tensors. **Recommendations** Update to version 1.30.0 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Open Source ONE versions prior to 1.30.0 **Description** An integer overflow occurs during the tensor copy size calculation, which can lead to out of bounds access during loop state propagation. **Recommendations** Update to version 1.30.0 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Open Source ONE versions prior to 1.30.0 **Description** An integer overflow occurs during the calculation of constant tensor data size, which may lead to incorrect buffer sizing when processing large constant nodes. **Recommendations** Update to version 1.30.0 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Open Source ONE versions prior to 1.30.0 **Description** Improper validation of STRING tensor offsets allows malformed string metadata to trigger out of bounds access during constant tensor import. **Recommendations** Update to version 1.30.0 or later.