CVE-2022-21787: 
NixOS vulnerability analysis and mitigation

CVE-2022-21787 is a medium severity vulnerability affecting MediaTek's audio DSP implementation. The vulnerability was discovered and disclosed in July 2022, affecting various MediaTek chipsets running Android 11.0 and 12.0. The issue stems from improper input validation in the audio DSP component, which could potentially lead to an out-of-bounds write condition (MediaTek Bulletin).

The vulnerability is classified as an improper input validation issue (CWE-20) in the audio DSP component. It has been assigned a CVSS v3.1 base score of 6.7 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. The vulnerability occurs due to a missing bounds check in the audio DSP component, which could result in an out-of-bounds write condition (NVD).

The vulnerability could lead to local escalation of privilege with System execution privileges required. The exploitation does not require user interaction, but does require the attacker to have high privileges to execute the exploit (MediaTek Bulletin).

The vulnerability affects MediaTek chipsets including MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8791, MT8797, and MT8798 running Android 11.0 and 12.0. MediaTek has released patches to address this vulnerability, and device manufacturers have been notified of the security patches at least two months before publication (MediaTek Bulletin).