CVE-2018-21063: 
NixOS vulnerability analysis and mitigation

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) (Exynos chipsets) software. Keymaster has an architectural problem because tlApi in TEE is not properly protected. The Samsung ID is SVE-2018-11792, discovered in August 2018 (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 9.8 CRITICAL with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability affects the Keymaster component in the Trusted Execution Environment (TEE), specifically the tlApi interface which lacks proper protection mechanisms (NVD).

Due to the critical CVSS score and the affected component being in the TEE, this vulnerability could potentially lead to complete compromise of the device's security, affecting confidentiality, integrity, and availability of the system. The vulnerability impacts Samsung mobile devices running Android versions 6.0, 7.x, and 8.x that use Exynos chipsets (NVD).

Samsung has addressed this vulnerability through their security maintenance release process. Users should update their devices to the latest available security patch level that includes fixes for this vulnerability (Samsung Mobile Security).