CVE-2023-30659: 
NixOS vulnerability analysis and mitigation

CVE-2023-30659 is an improper input validation vulnerability discovered in Samsung's Transaction system prior to SMR Jul-2023 Release 1. The vulnerability was reported on April 14, 2023, affecting Samsung Android devices running versions 11, 12, 13, and 14. This security flaw allows local attackers to launch privileged activities (Samsung Mobile).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) by NIST with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, while Samsung Mobile assessed it with a score of 6.2 (MEDIUM) and vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. The vulnerability is classified under CWE-20 (Improper Input Validation) (NVD).

If exploited, this vulnerability allows local attackers to execute privileged activities on affected devices, potentially compromising the system's security by gaining elevated access rights (Samsung Mobile).

Samsung has addressed this vulnerability in the SMR Jul-2023 Release 1 security update. Users are advised to update their devices to the latest security patch level to protect against this vulnerability (Samsung Mobile).