The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading ffree: lines in a debugfs file. https://nvd.nist.gov/vuln/detail/CVE-2018-7754