CVE-2021-0595: 
NixOS vulnerability analysis and mitigation

CVE-2021-0595 is a security vulnerability discovered in Android's RootWindowContainer.java component, specifically in the lockAllProfileTasks functionality. The vulnerability was disclosed in the September 2021 Android Security Bulletin and affects multiple Android versions including Android 8.1, 9, 10, and 11. This vulnerability allows unauthorized access to work profiles without requiring the profile PIN after logging in (Android Bulletin).

The vulnerability exists in the lockAllProfileTasks function of RootWindowContainer.java. It has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified as an authentication bypass issue (CWE-287) that could lead to local privilege escalation (NVD).

The vulnerability could lead to local escalation of privilege with no additional execution privileges needed. An attacker could potentially access the work profile without providing the required profile PIN after logging in, compromising the security boundary between personal and work profiles (Android Bulletin).

The vulnerability was addressed in the Android Security Bulletin of September 2021. Users should update their Android devices to the latest available security patch level to protect against this vulnerability (Android Bulletin).