CVE-2023-30687: 
NixOS vulnerability analysis and mitigation

Out-of-bounds Write vulnerability in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 was discovered, affecting Samsung mobile devices. The vulnerability was assigned CVE-2023-30687 and was reported on April 14, 2023 (CVE MITRE).

The vulnerability is classified as an Out-of-bounds Write (CWE-787) issue in the RmtUimApdu component of libsec-ril library. The severity assessment according to CVSS 3.1 varies between sources, with NVD rating it as HIGH (Base Score: 7.8, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) while Samsung Mobile rates it as MEDIUM (Base Score: 6.7, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) (NVD).

If exploited, this vulnerability allows local attackers to execute arbitrary code on affected devices, potentially leading to complete system compromise with high impacts on confidentiality, integrity, and availability (NVD).

Samsung has addressed this vulnerability in the SMR Aug-2023 Release 1 security update. Users are advised to update their devices to the latest available security patch level to mitigate this vulnerability (Samsung Mobile Security).