am-utils is a collection of utilities for use with the Berkeley Automounter.
Tavis Ormandy discovered that, when creating temporary files, the 'expn' utility does not check whether the file already exists.
A local attacker could exploit the vulnerability via a symlink attack to overwrite arbitrary files.
There is no known workaround at this time.
All am-utils users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/am-utils-6.1.5"