An issue was discovered in the Linux kernel in the F2FS filesystem code. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting a crafted f2fs image, because a length value may be negative.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1610103]
An F2FS filesystem is not shipped with any of the Red Hat products.
This is fixed for Fedora with the 4.18 rebases.