Problem Description:
The kernel function that implements unlinkat(2) and funlinkat(2)
validated the AT_RESOLVE_BENEATH flag but failed to pass it through
to the underlying path lookup. The flag was silently dropped, so
path resolution was not actually restricted.
Impact:
A process that uses AT_RESOLVE_BENEATH with unlinkat(2) or
funlinkat(2) to confine path resolution can in fact resolve paths
above the starting directory. A caller relying on this flag for
path containment may delete files outside the intended directory
tree.