Researchers dubbed the bug Royal Flush after a flush-to-disk limitation that an exploit would need to evade. The vulnerability stems from the fact that these device files have read-write permissions for others Microsoft s Azure Functions containers run with the privileged Docker flag, which means that device files in the /dev directory can be shared between the Docker host and the container guest. An unprivileged user can also directly edit any files found within the container. The bug is not a direct Docker escape vulnerability, but if a user is able to escalate to root, they would be able to escape
Source: https://threatpost.com/azure-functions-privilege-escalation/165307/