It was discovered that criu service daemon allowed local users to dump processes as long as the user and group IDs match, disregarding other restrictions on process dumping or ptrace access. This failure to enforce a configured security policy may lead to information disclosure. Acknowledgements: This issue was discovered by Florian Weimer of Red Hat Product Security.
Created criu tracking bugs for this issue: Affects: fedora-all [bug 1256747]
Upstream discussion: http://lists.openvz.org/pipermail/criu/2015-August/021847.html