From $URL :
Linux kernels which support unprivileged user namespaces (CLONE_NEWUSER) and at the same time allow sharing file system information (CLONE_FS) between parent process and
its newly clone(2)d child process in the new user namespace, are vulnerable to a privilege escalation flaw as presented by Sebastian Krahmer
in his chroot exploit .
An unprivileged local user could use this flaw to gain root privileges on a system.
The fix is already in 3.8.3 ...
I'm defining the affected vanilla versions in the whiteboard field.
The clone system-call implementation in the Linux kernel before 3.8.3 does
not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags,
which allows local users to gain privileges by calling chroot and leveraging
the sharing of the / directory between a parent process and a child process.
Fixed in 3.8.3.