It would appear that there was an issue with Linux kernel’s OverlayFS implementation, which did not correctly handled setattr operations, thus allowing an unprivileged local attacker to execute arbitrary code as root by creating files with administrative permission attributes. The security issue is documented as CVE-2015-8660.