CVE-2021-1002: 
NixOS vulnerability analysis and mitigation

CVE-2021-1002 is a vulnerability discovered in Android's WTInterpolate function within easwtengine.c. The vulnerability was disclosed in December 2021 and affects Android 12 systems. The issue stems from a missing bounds check that could potentially lead to an out-of-bounds read operation (Android Bulletin).

The vulnerability exists in the WTInterpolate function of easwtengine.c component and is characterized by a missing bounds check that can result in an out-of-bounds read operation. The severity of this vulnerability is rated as HIGH with a CVSS v3.1 base score of 7.5 (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). The vulnerability is classified under CWE-125 (Out-of-bounds Read) (NVD).

If exploited, this vulnerability could lead to remote information disclosure. The attack requires no additional execution privileges and can be executed without user interaction, making it particularly concerning from a security perspective (NVD).

The vulnerability affects Android 12 systems and was addressed in the December 2021 security update. Users are advised to update their Android devices to the latest available security patch level (Android Bulletin).