Use-after-free vulnerability in irda_setsockopt function in Linux kernel before 4.17

Use-after-free vulnerability in irda_setsockopt function in Linux kernel before 4.17

CVE-2018-6555 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.