CVE-2021-0671: 
NixOS vulnerability analysis and mitigation

CVE-2021-0671 is a security vulnerability discovered in MediaTek's apusys system component. The vulnerability was disclosed in November 2021 and affects various MediaTek chipsets running Android 10.0. The issue impacts multiple MediaTek chipset models including MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, and MT8797 (MediaTek Bulletin).

The vulnerability is classified as a memory corruption issue due to a missing bounds check in the apusys component. It has been assigned a Medium severity rating. The vulnerability is categorized under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) (MediaTek Bulletin).

If exploited, this vulnerability could lead to local escalation of privilege with System execution privileges needed. The vulnerability requires local access to the device for exploitation (MediaTek Bulletin).

MediaTek has addressed this vulnerability and notified device OEMs of the security patches at least two months before the public disclosure. Affected devices should be updated with the latest security patches provided by their respective manufacturers (MediaTek Bulletin).