CVE-2016-6299 — Vulnetix

CVE-2016-6299 PUBLISHED

The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.

EPSS 0.14% · 34.6th percentile

Risk Scores

EPSS Score

0.14%

34.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	mock	0, 1.1.33-1

Exploit Intelligence

https://bugzilla.redhat.com/show_bug.cgi?id=1375490 (nist-nvd)
92948 (circl)
FEDORA-2016-145afea99e (circl)
FEDORA-2016-5a12527790 (circl)
[oss-security] 20160913 CVE-2016-6299 mock: privilige escalation via mock-scm (circl)
FEDORA-2016-34e61fa48d (circl)

Timeline

Apr 14, 2017 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2016-6299 third-party-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1375490 third-party-advisory
https://github.com/rpm-software-management/mock/commit/8b02f43beadacf6911200b48d94e39e891a41da9 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2016-6299 third-party-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›