CVE-2023-20644: 
NixOS vulnerability analysis and mitigation

CVE-2023-20644 is a medium severity vulnerability discovered in MediaTek's RIL (Radio Interface Layer) component. The vulnerability was disclosed in March 2023 and affects various MediaTek chipsets running Android 12.0 and 13.0 operating systems. The issue stems from an improper input validation that could lead to an out-of-bounds read condition (MediaTek Bulletin).

The vulnerability is classified as an Improper Input Validation (CWE-20) issue that occurs due to a missing bounds check in the RIL component. It has received a CVSS v3.1 Base Score of 4.4 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N, indicating local access, low attack complexity, high privileges required, and no user interaction needed for exploitation (NVD).

The vulnerability could lead to local information disclosure with System execution privileges required. The impact is limited to unauthorized access to information, with no ability to modify or destroy data (MediaTek Bulletin).

The vulnerability affects multiple MediaTek chipsets including MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, and various MT83xx series. Users should update their devices to the latest available software version that includes the security patches (MediaTek Bulletin).