CVE-2017-10911

Name	CVE-2017-10911
Description	The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-1099-1, DLA-1497-1, DSA-3920-1, DSA-3927-1, DSA-3945-1
Debian Bugs	869706

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
linux (PTS)	buster	4.19.249-2	fixed
	buster (security)	4.19.304-1	fixed
	bullseye	5.10.209-2	fixed
	bullseye (security)	5.10.205-2	fixed
	bookworm	6.1.76-1	fixed
	bookworm (security)	6.1.85-1	fixed
	trixie	6.6.15-2	fixed
	sid	6.7.9-2	fixed
qemu (PTS)	buster	1:3.1+dfsg-8+deb10u8	fixed
	buster (security)	1:3.1+dfsg-8+deb10u12	fixed
	bullseye	1:5.2+dfsg-11+deb11u3	fixed
	bullseye (security)	1:5.2+dfsg-11+deb11u2	fixed
	bookworm	1:7.2+dfsg-7+deb12u5	fixed
	trixie	1:8.2.1+ds-2	fixed
	sid	1:8.2.2+ds-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
linux	source	wheezy	3.2.93-1	DLA-1099-1
linux	source	jessie	3.16.43-2+deb8u3	DSA-3945-1
linux	source	stretch	4.9.30-2+deb9u3	DSA-3927-1
linux	source	(unstable)	4.11.11-1
qemu	source	jessie	1:2.1+dfsg-12+deb8u7	DLA-1497-1
qemu	source	stretch	1:2.8+dfsg-6+deb9u1	DSA-3920-1
qemu	source	(unstable)	1:2.8+dfsg-7		869706
qemu-kvm	source	(unstable)	(unfixed)

Notes

[wheezy] - qemu <no-dsa> (Wheezy's xen uses an embedded qemu copy)
[wheezy] - qemu-kvm <no-dsa> (Wheezy's xen uses an embedded qemu copy)
https://xenbits.xen.org/xsa/advisory-216.html