Launchpad.net

CVE 2015-4176

fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.

See the CVE page on Mitre.org for more details.