CVE-2010-1161
EPSS 0.08%
Description
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.
How to fix CVE-2010-1161
To remediate CVE-2010-1161, upgrade the affected package to a fixed version below.
- Debian/nano—upgrade to 2.2.4-1 or later
Is CVE-2010-1161 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.2.4-1