CVE-2022-47483: 
NixOS vulnerability analysis and mitigation

In telephony service, there is a missing permission check vulnerability identified as CVE-2022-47483. This vulnerability affects Android 10.0 and various Unisoc chipsets including S8000, SC7731E, SC9832E, SC9863A, T310, T606, T610, T612, and T616. The vulnerability was disclosed and published in the National Vulnerability Database on March 10, 2023 (NVD).

The vulnerability is characterized by a missing authorization check (CWE-862) in the telephony service. It has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. This indicates that the vulnerability requires local access, low attack complexity, low privileges, and no user interaction, while potentially affecting the availability of the system (NVD).

The vulnerability could lead to local denial of service in telephone service with no additional execution privileges needed. This means an attacker could potentially disrupt the telephony functionality of affected devices (NVD).

Unisoc has released an advisory regarding this vulnerability. Users and manufacturers using affected devices should refer to Unisoc's security advisory for detailed mitigation instructions (Vendor Advisory).