CVE-2021-0443: 
NixOS vulnerability analysis and mitigation

CVE-2021-0443 is a vulnerability discovered in Android's ScreenshotHelper.java and related files that was disclosed in April 2021. The vulnerability affects multiple Android versions including Android 8.1, 9, 10, and 11. It stems from a race condition that could result in incorrectly saved screenshots, potentially leading to information disclosure across user profiles (Android Bulletin).

The vulnerability is characterized by a race condition in several functions of ScreenshotHelper.java and related files. It has been assigned a CVSS v3.1 base score of 4.7 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N. The vulnerability is classified under CWE-362 (Concurrent Execution using Shared Resource with Improper Synchronization) (NVD).

The vulnerability could lead to local information disclosure across user profiles. While the impact is significant in terms of confidentiality (rated as High in the CVSS score), there are no direct impacts on system integrity or availability (NVD).

The vulnerability was addressed in the Android Security Bulletin of April 2021. Users should ensure their Android devices are updated with the latest security patches (Android Bulletin).