CVE-2017-10911

MEDIUM

Linux Kernel < 4.11.7 - Information Disclosure

Title source: rule

Description

The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216.

References (11)

[Mailing List, Patch, Third Party Advisory] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=089bc0143f489bd3a4578bdff5f4ca68fb26f341

[Mailing List, Third Party Advisory] http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.8

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/99162

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038720

[Patch, Third Party Advisory] https://github.com/torvalds/linux/commit/089bc0143f489bd3a4578bdff5f4ca68fb26f341

View Patch ZIP pw:eip

[Mailing List] https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

[Mitigation, Vendor Advisory] https://xenbits.xen.org/xsa/advisory-216.html

[Third Party Advisory] http://www.debian.org/security/2017/dsa-3920

[Third Party Advisory] http://www.debian.org/security/2017/dsa-3927

[Third Party Advisory] http://www.debian.org/security/2017/dsa-3945

[Third Party Advisory] https://security.gentoo.org/glsa/201708-03

Scores

CVSS v3 6.5

EPSS 0.0008

EPSS Percentile 23.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (2)

linux/linux_kernel < 4.11.7

n/a/n/a

Published Jul 05, 2017

Tracked Since Feb 18, 2026