The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.
{ "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "ansible-node-fireball": "1.9.2+dfsg-2", "ansible-fireball": "1.9.2+dfsg-2", "ansible": "1.9.2+dfsg-2" } ] }