CVE-2017-10911

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=089bc0143f489bd3a4578bdff5f4ca68fb26f341

http://www.debian.org/security/2017/dsa-3920

http://www.debian.org/security/2017/dsa-3927

http://www.debian.org/security/2017/dsa-3945

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.8

http://www.securityfocus.com/bid/99162

http://www.securitytracker.com/id/1038720

https://github.com/torvalds/linux/commit/089bc0143f489bd3a4578bdff5f4ca68fb26f341

https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html

https://security.gentoo.org/glsa/201708-03

https://xenbits.xen.org/xsa/advisory-216.html

Details

Source: MITRE

Published: 2017-07-05

Updated: 2018-09-07

Type: CWE-200

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Impact Score: 4

Exploitability Score: 2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.11.7 (inclusive)

Tenable Plugins

View all (30 total)

IDNameProductFamilySeverity
124821EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1498)NessusHuawei Local Security Checks
high
124802EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1478)NessusHuawei Local Security Checks
high
121724Photon OS 1.0: Linux PHSA-2017-0029NessusPhotonOS Local Security Checks
critical
117351Debian DLA-1497-1 : qemu security update (Spectre)NessusDebian Local Security Checks
critical
111878Photon OS 1.0: Cassandra / Libxml2 / Linux / Ruby PHSA-2017-0029 (deprecated)NessusPhotonOS Local Security Checks
high
104471SUSE SLES12 Security Update : qemu (SUSE-SU-2017:2946-1)NessusSuSE Local Security Checks
critical
104429SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2936-1)NessusSuSE Local Security Checks
high
104424openSUSE Security Update : qemu (openSUSE-2017-1249)NessusSuSE Local Security Checks
high
104423openSUSE Security Update : qemu (openSUSE-2017-1248)NessusSuSE Local Security Checks
high
104376SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2924-1)NessusSuSE Local Security Checks
high
104322Ubuntu 14.04 LTS : linux vulnerabilities (USN-3470-1)NessusUbuntu Local Security Checks
high
104321Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3469-2)NessusUbuntu Local Security Checks
high
104320Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-3469-1)NessusUbuntu Local Security Checks
high
104319Ubuntu 16.04 LTS : linux-gcp vulnerabilities (USN-3468-3)NessusUbuntu Local Security Checks
high
104318Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3468-2)NessusUbuntu Local Security Checks
high
104317Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3468-1)NessusUbuntu Local Security Checks
high
103372Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : qemu regression (USN-3414-2)NessusUbuntu Local Security Checks
critical
103363Debian DLA-1099-1 : linux security update (BlueBorne) (Stack Clash)NessusDebian Local Security Checks
high
103217Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : qemu vulnerabilities (USN-3414-1)NessusUbuntu Local Security Checks
critical
102550Debian DSA-3945-1 : linux - security update (Stack Clash)NessusDebian Local Security Checks
high
102242EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1155)NessusHuawei Local Security Checks
high
102241EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1154)NessusHuawei Local Security Checks
high
102211Debian DSA-3927-1 : linux - security update (Stack Clash)NessusDebian Local Security Checks
high
101985Debian DSA-3920-1 : qemu - security updateNessusDebian Local Security Checks
high
101638Fedora 26 : xen (2017-5c6a9b07a3)NessusFedora Local Security Checks
critical
101350SUSE SLES12 Security Update : xen (SUSE-SU-2017:1812-1)NessusSuSE Local Security Checks
critical
101293SUSE SLES12 Security Update : xen (SUSE-SU-2017:1795-1)NessusSuSE Local Security Checks
critical
101205Citrix XenServer Multiple Vulnerabilities (CTX224740)NessusMisc.
critical
101183Fedora 24 : xen (2017-b3bdaf58bc)NessusFedora Local Security Checks
critical
101028Fedora 25 : xen (2017-c3149b5fcb)NessusFedora Local Security Checks
critical