An issue was discovered in the Linux kernel in the F2FS filesystem code. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting a crafted f2fs image, because a length value may be negative. Upstream Bug: https://bugzilla.kernel.org/show_bug.cgi?id=200421
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1610103]
Note: An F2FS filesystem is not shipped with any of the Red Hat products.
This is fixed for Fedora with the 4.18 rebases.