CVE-2017-10911

Priority
Description
The make_response function in drivers/block/xen-blkback/blkback.c in the
Linux kernel before 4.11.8 allows guest OS users to obtain sensitive
information from host OS (or other guest OS) kernel memory by leveraging
the copying of uninitialized padding fields in Xen block-interface response
structures, aka XSA-216.
Ubuntu-Description
Anthony Perard discovered that the Xen virtual block driver did not
properly initialize some data structures before passing them to user space.
A local attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):released (3.13.0-135.184)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-98.121)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-16.19)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-10.11)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-13.14)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 089bc0143f489bd3a4578bdff5f4ca68fb26f341
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1039.48)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.15.0-1030.31~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.15.0-1023.24~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed ESM criteria)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-1008.8)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1033.33)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1030.32)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1011.11~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-38.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-13.14~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-38.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-15.16~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1009.14)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1004.4)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-135.184~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [was needed now end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-98.121~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.13.0-1008.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.3)
Ubuntu 19.04 (Disco Dingo):not-affected (4.15.0-1021.24)
Ubuntu 19.10 (Eoan):not-affected (4.15.0-1035.40)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.15.0-1007.9~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1007.9)
Ubuntu 19.04 (Disco Dingo):not-affected (4.15.0-1007.9)
Ubuntu 19.10 (Eoan):not-affected (4.15.0-1011.13)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1076.84)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-1005.5)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1005.7)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1006.6)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1078.83)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.4.0-1078.83)
Ubuntu 19.04 (Disco Dingo):not-affected (5.0.0-1010.10)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1010.10)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
linux-vegetahd:ignored (was needed now end-of-life)
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.35)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:2.5+dfsg-5ubuntu10.15)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1:2.10+dfsg-0ubuntu1)
Ubuntu 19.04 (Disco Dingo):not-affected (1:2.10+dfsg-0ubuntu1)
Ubuntu 19.10 (Eoan):not-affected (1:2.10+dfsg-0ubuntu1)
Patches:
Upstream:https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=b0ac694fdb9113b973048ebe5619927e74965f61
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Source: xen (LP Ubuntu Debian)
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [kernel and qemu])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (kernel and qemu)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (kernel and qemu)
Ubuntu 19.04 (Disco Dingo):not-affected (kernel and qemu)
Ubuntu 19.10 (Eoan):not-affected (kernel and qemu)
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2019-08-23 07:41:04 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)