CVE-2016-6299

Name of the Vulnerable Software and Affected Versions mock (affected versions not specified)

Description The issue is related to the scm plug-in in mock, which may allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. This is due to insufficient access control, potentially enabling a remote attacker to exploit the weakness and obtain superuser privileges using a specially created file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.