CVE-2023-20784: 
NixOS vulnerability analysis and mitigation

CVE-2023-20784 is a security vulnerability discovered in MediaTek's keyinstall component affecting various MediaTek chipsets. The vulnerability was disclosed in August 2023 and affects Android versions 11.0, 12.0, and 13.0. The issue involves an out-of-bounds write vulnerability due to a missing bounds check in the keyinstall component (MediaTek Bulletin).

The vulnerability is classified as a medium severity issue with a CVSS v3.1 base score of 6.7, indicating a moderate risk level. The vulnerability is characterized by an out-of-bounds write condition (CWE-787) that occurs due to insufficient bounds checking in the keyinstall component. The attack vector is local (AV:L), with low attack complexity (AC:L), requiring high privileges (PR:H) but no user interaction (UI:N) for exploitation (NVD).

If exploited, this vulnerability could lead to local escalation of privilege with System execution privileges. The vulnerability affects a wide range of MediaTek chipsets, including MT6580, MT6731, MT6735, MT6737, MT6739, and many others, potentially impacting numerous Android devices running on these platforms (MediaTek Bulletin).

MediaTek has addressed this vulnerability through security patches and has notified device OEMs of the issue. The fix was included in the August 2023 security bulletin, and affected device manufacturers have been notified at least two months before the public disclosure (MediaTek Bulletin).