diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
index 479ffd13f3b..fec19784ffb 100644
--- a/libcontainer/specconv/spec_linux.go
+++ b/libcontainer/specconv/spec_linux.go
@@ -187,6 +187,9 @@ func CreateLibcontainerConfig(opts *CreateOpts) (*configs.Config, error) {
 		if !exists {
 			return nil, fmt.Errorf("namespace %q does not exist", ns)
 		}
+		if config.Namespaces.Contains(t) {
+			return nil, fmt.Errorf("malformed spec file: duplicated ns %q", ns)
+		}
 		config.Namespaces.Add(t, ns.Path)
 	}
 	if config.Namespaces.Contains(configs.NEWNET) {
diff --git a/libcontainer/specconv/spec_linux_test.go b/libcontainer/specconv/spec_linux_test.go
index cd23620a4b4..e28700ae726 100644
--- a/libcontainer/specconv/spec_linux_test.go
+++ b/libcontainer/specconv/spec_linux_test.go
@@ -38,3 +38,27 @@ func TestLinuxCgroupsPathNotSpecified(t *testing.T) {
 		t.Errorf("Wrong cgroupsPath, expected it to be empty string, got '%s'", cgroup.Path)
 	}
 }
+
+func TestDupNamespaces(t *testing.T) {
+	spec := &specs.Spec{
+		Linux: &specs.Linux{
+			Namespaces: []specs.Namespace{
+				{
+					Type: "pid",
+				},
+				{
+					Type: "pid",
+					Path: "/proc/1/ns/pid",
+				},
+			},
+		},
+	}
+
+	_, err := CreateLibcontainerConfig(&CreateOpts{
+		Spec: spec,
+	})
+
+	if err == nil {
+		t.Errorf("Duplicated namespaces should be forbidden")
+	}
+}