Please read this article[1] about how exactly chroot jails function as a security measure.
If you have a process that's already not running as root, all a chroot jail does is decrease the attack surface a bit by giving that process a more limited view of the filesystem. As soon as you run something as root, or give that chroot process access to a vulnerable setuid-root binary, it can escape. An exploit anywhere in the kernel (not just in the implementation of chroot), could lead to the system being taken over.
Chroot jails are easy to reason about, but they don't really help you if you're, say, studying malware.
If you have a process that's already not running as root, all a chroot jail does is decrease the attack surface a bit by giving that process a more limited view of the filesystem. As soon as you run something as root, or give that chroot process access to a vulnerable setuid-root binary, it can escape. An exploit anywhere in the kernel (not just in the implementation of chroot), could lead to the system being taken over.
Chroot jails are easy to reason about, but they don't really help you if you're, say, studying malware.
[1]: https://access.redhat.com/blogs/766093/posts/1975883