The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.
http://www.securitytracker.com/id/1041432
https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
Source: MITRE
Published: 2018-03-26
Updated: 2019-04-03
Type: CWE-362
Base Score: 4.4
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 3.4
Severity: MEDIUM
Base Score: 7
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1
Severity: HIGH