CVE-2023-20752: 
NixOS vulnerability analysis and mitigation

CVE-2023-20752 is a medium severity vulnerability discovered in MediaTek's keymanage component. The vulnerability was disclosed on June 6, 2023, affecting various MediaTek chipsets running Android 12.0 and 13.0 operating systems. The issue stems from a possible out-of-bounds write condition due to a missing bounds check in the keymanage component (MediaTek Bulletin).

The vulnerability is classified as an Out-of-bounds Write (CWE-787) with a CVSS v3.1 base score of 6.7 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). The issue affects multiple MediaTek chipsets including MT8167, MT8167S, MT8168, MT8175, MT8195, MT8362A, and MT8365 running Android versions 12.0 and 13.0 (NVD).

If exploited, this vulnerability could lead to local escalation of privilege with System execution privileges. The successful exploitation requires no user interaction but does need System execution privileges for the attack to be successful (MediaTek Bulletin).

MediaTek has addressed this vulnerability and notified device OEMs of the security patches at least two months before the public disclosure. Users are advised to update their devices with the latest security patches provided by their device manufacturers (MediaTek Bulletin).