CVE-2023-20821: 
NixOS vulnerability analysis and mitigation

CVE-2023-20821 is a medium severity vulnerability discovered in MediaTek's nvram component. The vulnerability was disclosed in September 2023 and affects various MediaTek chipsets including MT2713, MT2735, MT6833, and many others. The issue exists in multiple software versions including Android 11.0, 12.0, 13.0, OpenWrt 1907, 2102, Yocto 2.6, and RDK-B 22Q3 (MediaTek Bulletin).

The vulnerability is classified as an out-of-bounds write vulnerability due to a missing bounds check in the nvram component. It has been assigned a CVSS v3.1 base score of 6.7 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. The vulnerability is categorized under CWE-20 (Improper Input Validation) (NVD).

The vulnerability could lead to local escalation of privilege with System execution privileges required. The successful exploitation of this vulnerability could allow an attacker to gain elevated privileges on the affected system (MediaTek Bulletin).

MediaTek has released security patches to address this vulnerability. Device manufacturers using affected MediaTek chipsets should apply the security updates provided by MediaTek. Users should ensure their devices are updated with the latest security patches (MediaTek Bulletin).