In all versions of AppArmor mount rules are accidentally widened when compiled.
CVE-2016-1585 (Candidate) is related to these bugs: