Description of problem: Make sure that automount "symlinks" are followed regardless of LOOKUP_FOLLOW; it should have no effect on them. Upstream commit: http://git.kernel.org/linus/ac278a9c505092dd82077a2446af8f9fc0d9c095 For this vulnerability to work, you need the support for O_NOFOLLOW (predates 2.6.12), openat (2.6.16 onwards) and use by NFS of 'trapdoor mounts' (2.6.18 onwards).
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0504 https://rhn.redhat.com/errata/RHSA-2010-0504.html
This issue has been addressed in following products: MRG for RHEL-5 Via RHSA-2010:0631 https://rhn.redhat.com/errata/RHSA-2010-0631.html