Ubuntu Security Notice 5343-1 - Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. It was discovered that the aufs file system in the Linux kernel did not properly restrict mount namespaces, when mounted with the non-default allow_userns option set. A local attacker could use this to gain administrative privileges.
f52b839ff13c30e863d5be66f515f639c4bbf6c3ac1911f54911c3a1db6abad1
Debian Linux Security Advisory 4497-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
cee950c7a38acaeb09d9f7015b9d152f8f4ee558e852c5e251edd7491b655338