CVE-2023-20703: 
NixOS vulnerability analysis and mitigation

CVE-2023-20703 is a medium severity vulnerability discovered in MediaTek's APU (AI Processing Unit). The vulnerability was disclosed in May 2023 and affects various MediaTek chipsets running Android 12.0 and 13.0. The issue stems from an out-of-bounds read vulnerability due to a missing bounds check in the APU component (MediaTek Bulletin).

The vulnerability is classified as an improper input validation issue (CWE-125: Out-of-bounds Read). It has a CVSS v3.1 base score of 5.5 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). The vulnerability exists in the APU component and can be exploited locally without user interaction, requiring low privileges (NVD).

Successful exploitation of this vulnerability could lead to local information disclosure with no additional execution privileges needed. The vulnerability affects multiple MediaTek chipset models including MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, and MT8195 (MediaTek Bulletin).

The vulnerability affects devices running Android 12.0 and 13.0. MediaTek has notified device OEMs of the issue and provided corresponding security patches. Users should ensure their devices are updated with the latest security patches provided by their device manufacturers (MediaTek Bulletin).