The aufs module for the Linux kernel does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1871728]
Aufs was never a part of the linux kernel. Overlayfs was the preferred solution that was brought in upstream.