Race condition vulnerability in add_free_nid function in Linux kernel before 4.12

Race condition vulnerability in add_free_nid function in Linux kernel before 4.12

CVE-2017-18249 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.