CVE-2017-10911

Priority
Description
The make_response function in drivers/block/xen-blkback/blkback.c in the
Linux kernel before 4.11.8 allows guest OS users to obtain sensitive
information from host OS (or other guest OS) kernel memory by leveraging
the copying of uninitialized padding fields in Xen block-interface response
structures, aka XSA-216.
Ubuntu-Description
Anthony Perard discovered that the Xen virtual block driver did not
properly initialize some data structures before passing them to user space.
A local attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.13.0-135.184)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-98.121)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-16.19)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-20.21)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-10.11)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-13.14)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 089bc0143f489bd3a4578bdff5f4ca68fb26f341
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1039.48)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1007.7)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.15.0-1030.31~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.15.0-1023.24~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1009.9)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed ESM criteria)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-1008.8)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1006.6)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-1004.5~18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1033.33)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-38.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-13.14~18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-38.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-8.9~18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1009.14)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1008.8)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Patches:
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-135.184~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.0-98.121~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.13.0-1008.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.3)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1004.5)
Ubuntu 19.04 (Disco Dingo):not-affected (4.15.0-1021.24)
Ubuntu 19.10 (Eoan):not-affected (4.15.0-1035.40)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.15.0-1007.9~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1007.9)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1007.9)
Ubuntu 19.04 (Disco Dingo):not-affected (4.15.0-1007.9)
Ubuntu 19.10 (Eoan):not-affected (4.15.0-1011.13)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1076.84)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-1005.5)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1010.11)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1005.7)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1006.6)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1078.83)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.4.0-1078.83)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):not-affected (5.0.0-1010.10)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1010.10)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
linux-vegetahd:ignored (was needed now end-of-life)
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.35)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:2.5+dfsg-5ubuntu10.15)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1:2.10+dfsg-0ubuntu1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (1:2.10+dfsg-0ubuntu1)
Ubuntu 19.04 (Disco Dingo):not-affected (1:2.10+dfsg-0ubuntu1)
Ubuntu 19.10 (Eoan):not-affected (1:2.10+dfsg-0ubuntu1)
Patches:
Upstream:https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=b0ac694fdb9113b973048ebe5619927e74965f61
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Source: xen (LP Ubuntu Debian)
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (kernel and qemu)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (kernel and qemu)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (kernel and qemu)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (kernel and qemu)
Ubuntu 19.04 (Disco Dingo):not-affected (kernel and qemu)
Ubuntu 19.10 (Eoan):not-affected (kernel and qemu)
More Information

Updated: 2019-04-23 00:14:27 UTC (commit 7c81608e87b18b6133a8fb38e7fa70e468306573)