Ubuntu 23.10 introduced unprivileged user namespace restrictions (the sysctl kernel.apparmor_restrict_unprivileged_userns) and Ubuntu 24.04 enabled them by default. From Alex Murray’s excellent blog post at
https://www.qualys.com/2025/three-bypasses-of-Ubuntu-unprivileged-user-namespace-restrictions.txt