CVE-2023-20781: 
NixOS vulnerability analysis and mitigation

CVE-2023-20781 is a medium severity vulnerability discovered in MediaTek's keyinstall component. The vulnerability was disclosed on August 7, 2023, affecting various MediaTek chipsets running Android 12.0 and 13.0 operating systems. The issue stems from a missing bounds check that could lead to memory corruption (MediaTek Bulletin).

The vulnerability is classified as a Denial of Service (DoS) issue with a CWE-20 (Improper Input Validation) classification. It received a CVSS v3.1 base score of 4.4 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H, indicating local access, low attack complexity, high privileges required, and no user interaction needed for exploitation (NVD).

The vulnerability can result in local denial of service when exploited. The attack requires System execution privileges, but no user interaction is necessary for exploitation. The impact is limited to availability, with no direct effect on confidentiality or integrity (MediaTek Bulletin).

The vulnerability affects multiple MediaTek chipsets including MT6580, MT6731, MT6735, MT6737, MT6739, and many others, running on Android 12.0 and 13.0 versions. MediaTek has addressed this vulnerability through security patches, and device manufacturers have been notified of the issue at least two months before public disclosure (MediaTek Bulletin).