CVE-2023-20785: 
NixOS vulnerability analysis and mitigation

CVE-2023-20785 is a medium severity vulnerability discovered in the audio component of MediaTek chipsets. The vulnerability was disclosed on August 7, 2023, and affects Android versions 12.0 and 13.0 running on various MediaTek chipset models. It is characterized as a time-of-check time-of-use (TOCTOU) race condition that could lead to an out-of-bounds write due to a missing bounds check (MediaTek Bulletin).

The vulnerability is classified with a CVSS v3.1 base score of 6.4 (Medium) with the vector string CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H. It has been assigned two CWE identifiers: CWE-787 (Out-of-bounds Write) and CWE-367 (Time-of-check Time-of-use Race Condition). The vulnerability exists in the audio component and requires system execution privileges for exploitation (NVD).

If exploited, this vulnerability could lead to local escalation of privilege with System execution privileges. The attack requires no user interaction for exploitation, potentially allowing an attacker with system-level access to perform unauthorized operations (MediaTek Bulletin).

The vulnerability affects specific MediaTek chipset models including MT6779, MT6781, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8168, MT8781, MT8791, and MT8797. Users should ensure their devices are updated with the latest security patches provided by their device manufacturers (MediaTek Bulletin).