The pseudo file /proc/timer_list leaks the real pids of the associated processes.
The function print_timer(kernel/time/timer_list.c) displays timer->start_pid, which is set inside the function __timer_stats_timer_set_start_info (kernel/time/timer.c). This is the real pid, rather than the pid in the pid namespace. If the user within a container retrieves the content of /proc/timer_list, this file will leak the real pid of the associated process.
Docker has blocked the read access to /proc/timer_list. But there should be a kernel fix to address this information leakage.
Please send this to lkml and add Thomas Gleixner <email@example.com> and Kees Cook <firstname.lastname@example.org> to the cc.