CVE-2023-32851: 
NixOS vulnerability analysis and mitigation

CVE-2023-32851 is a high-severity vulnerability discovered in MediaTek's decoder component. The vulnerability was disclosed in December 2023 and affects various MediaTek chipsets running Android versions 11.0 and 12.0. The issue stems from an incorrect calculation of buffer size in the decoder component, which could lead to an out-of-bounds write condition (MediaTek Bulletin).

The vulnerability is classified as a buffer size calculation error (CWE-131) that results in an out-of-bounds write condition due to a missing bounds check. It has received a CVSS v3.1 base score of 7.8 (HIGH), with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability affects multiple MediaTek chipset series including MT6580, MT6739, MT6761, MT6762, MT6765, and several others (NVD).

The vulnerability can lead to local escalation of privilege with no additional execution privileges needed. The exploitation requires user interaction but could potentially allow an attacker to gain elevated privileges on affected devices (MediaTek Bulletin).

MediaTek has released security patches to address this vulnerability. Device OEMs were notified of the issue and corresponding security patches at least two months before the public disclosure. Users should ensure their devices are updated with the latest security patches (MediaTek Bulletin).