CVE-2023-30644: 
NixOS vulnerability analysis and mitigation

Stack out of bound write vulnerability in CdmaSmsParser of RILD was discovered, affecting Samsung Android devices prior to SMR Jul-2023 Release 1. The vulnerability was assigned CVE-2023-30644 and was disclosed in July 2023. This vulnerability affects Samsung Android devices running versions 11, 12, 13, and 14 (Samsung Advisory).

The vulnerability is classified as a stack out-of-bounds write issue (CWE-787) in the CdmaSmsParser component of RILD. It received a CVSS v3.1 base score of 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements with low attack complexity and privilege requirements (NVD).

If successfully exploited, this vulnerability allows attackers to execute arbitrary code on the affected device. The high CVSS score reflects the potential for complete compromise of system confidentiality, integrity, and availability (NVD).

Samsung addressed this vulnerability in the July 2023 Security Maintenance Release (SMR Jul-2023 Release 1). Users should update their devices to the latest available security patch level to protect against this vulnerability (Samsung Advisory).