Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15073
http://www.securityfocus.com/bid/9596