Would CVE-2016-0728 affect Docker?

This is not a privilege escalation where code gets "only" executed as a higher privileged user. This issue is about execution of code inside the Linux kernel, i.e. the kernel which gets shared between all docker instances and the OS containing the docker instances. This is the highest privilege one could get and at this level one can bypass any kind of restrictions. This means that an unprivileged user which is able to execute this attack can break out of the container.

First of all, yes; if your kernel supports keyrings, then docker doesn't prevent their use, which means they also don't prevent exploitation.

But it's worth noting that docker containers are not security containers. While they can and usually do offer some level of security, that isn't their purpose, and design decisions were made that are not compatible with virtualizing hostile code. Isolation has to happen at a layer above that.

As of Docker 1.10 the answer is that this wouldn't work with the default installation, as the keyctl system call is blocked by the default seccomp filter.