CVE-2023-32881: 
NixOS vulnerability analysis and mitigation

CVE-2023-32881 is a security vulnerability discovered in MediaTek's battery component that affects various MediaTek chipsets. The vulnerability was disclosed in January 2024 and affects Android versions 12.0 and 13.0. It is classified as a medium severity integer overflow vulnerability that could potentially lead to information disclosure (MediaTek Bulletin).

The vulnerability is categorized as an integer overflow or wraparound (CWE-190) in the battery component. It has been assigned a CVSS v3.1 base score of 4.4 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N, indicating local access, low attack complexity, high privileges required, and no user interaction needed for exploitation (NVD).

The vulnerability could lead to local information disclosure if an attacker has already obtained System execution privileges. The impact is limited to information disclosure with no direct impact on system integrity or availability (MediaTek Bulletin).

The vulnerability affects multiple MediaTek chipsets including MT6762, MT6765, MT6833, MT6879, MT6883, MT6885, MT6983, and various MT81xx series chips running Android 12.0 and 13.0. MediaTek has released security patches to address this vulnerability (MediaTek Bulletin).