Tavis Ormandy has discovered a vulnerability in esearch for Gentoo Linux, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to the eupdatedb utility creating the temporary file /tmp/esearchdb.py.tmp insecurely. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user invoking the utility.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/33704/glsa-200407-01.html
Source: https://packetstormsecurity.com/files/33704/Gentoo-Linux-Security-Advisory-200407-1.html