CVE-2017-6348 Linux CVE debrief

Who should care

Linux system administrators, distribution maintainers, and operators of systems that include IrDA support should care, especially where local users may have shell or container access on affected kernels.

Technical summary

The issue is described as improper lock-dropping in hashbin_delete() in net/irda/irqueue.c. According to the supplied NVD record, the impact is a local denial of service with availability loss only (CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). The affected range is Linux kernel versions up to and including 4.9.12, and the fix is referenced in the upstream kernel commit and 4.9.13 changelog.

Defensive priority

Medium priority. Patch affected kernels to 4.9.13 or later, especially on hosts where local user access is possible and IrDA support is present or enabled.

Recommended defensive actions

• Upgrade the Linux kernel to 4.9.13 or a later fixed release.
• Check whether IrDA support is enabled or present on affected systems and reduce exposure where it is not needed.
• Apply vendor kernel updates from your Linux distribution rather than relying only on mainline version numbers.
• Verify fleet inventory for kernels at or below 4.9.12 and prioritize hosts with local-user access.
• Track distribution advisories referenced in the record for backported fixes and package-specific guidance.

Evidence notes

The supplied NVD data identifies CVE-2017-6348 as a Linux kernel issue with vulnerability coverage through version 4.9.12 and a fix in 4.9.13. The description states that hashbin_delete() in net/irda/irqueue.c improperly manages lock dropping, enabling a local denial of service via crafted operations on IrDA devices. The CVSS vector in the source is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, consistent with a local availability-impact issue. References in the corpus include the upstream kernel commit, the 4.9.13 changelog, and vendor advisories from Debian and Ubuntu.

Official resources