CVE-2022-47461: 
NixOS vulnerability analysis and mitigation

CVE-2022-47461 is a security vulnerability discovered in telephone service functionality that involves a missing permission check. The vulnerability was disclosed and documented in March 2023, affecting various Android versions (10.0 and 11.0) and multiple Unisoc hardware platforms including S8000, SC7731E, SC9832E, SC9863A, T310, T606, T610, and others (NVD).

The vulnerability is characterized by a missing permission check in the telephone service component, which could lead to local escalation of privilege with system execution privileges. The vulnerability has been assigned a CVSS v3.1 base score of 6.7 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. It has been classified under CWE-862 (Missing Authorization) (NVD).

The vulnerability can lead to local escalation of privilege, potentially allowing an attacker to gain system execution privileges. This could result in unauthorized access to system resources and potential compromise of system security (NVD).

The vulnerability has been addressed through security updates. Users should ensure their devices are updated with the latest security patches. The fix was included in Android security updates and Unisoc firmware updates for affected devices (Vendor Advisory).