CVE-2022-48374: 
NixOS vulnerability analysis and mitigation

CVE-2022-48374 is a vulnerability discovered in the tee service affecting various Android versions (10.0 through 13.0) and multiple Unisoc hardware platforms. The vulnerability was initially published on May 8, 2023, and has been modified several times through January 28, 2025 (NVD).

The vulnerability is classified as an out-of-bounds write (CWE-787) due to a missing bounds check in the tee service. The CVSS v3.1 base score is 4.4 (Medium severity) with the following vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. This indicates local access is required, with low attack complexity, high privileges needed, and no user interaction required (NVD).

The vulnerability primarily affects system availability, with potential for local denial of service when successfully exploited. The attack requires system execution privileges and can lead to service disruption (NVD).

Affected systems include multiple Unisoc hardware platforms (S8000, SC7731E, SC9832E, SC9863A, T310, T606, T610, T612, T616, T618, T760, T770, T820) and Android versions 10.0 through 13.0. Users should apply any available security updates from their device manufacturers (NVD).