CVE-2021-0896: 
NixOS vulnerability analysis and mitigation

In apusys, there is a possible out of bounds write due to a missing bounds check. This vulnerability (CVE-2021-0896) was discovered and affects MediaTek chipsets. The vulnerability was disclosed in December 2021 and affects Android versions 10.0, 11.0, and 12.0. The affected systems include various MediaTek chipsets such as MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, and MT8797 (MediaTek Bulletin).

The vulnerability is classified as a CWE-119 type, which refers to Improper Restriction of Operations within the Bounds of a Memory Buffer. It has been assigned a CVSS v3.1 base score of 6.7 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). The vulnerability specifically involves an out of bounds write condition that occurs due to a missing bounds check in the apusys component (NVD).

This vulnerability could lead to local escalation of privilege with System execution privileges needed. The successful exploitation of this vulnerability could allow an attacker to gain elevated system privileges on affected devices (MediaTek Bulletin).

MediaTek has notified device OEMs of the issue and provided corresponding security patches at least two months before the public disclosure. Users should ensure their devices are updated with the latest security patches provided by their device manufacturers (MediaTek Bulletin).