Detections
Analytics

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387404)

medium Nessus Plugin ID 266886

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387404 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work

 The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that the migration ended. Otherwise, it is rescheduled immediately.

 After mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash the above is no longer accurate as a non-negative number of credits is no longer indicative of the migration being done. It can also happen if the work encountered an error in which case the migration will resume the next time the work is scheduled.

 The significance of the above is that it is possible for the work to be pending and associated with hints that were allocated when the migration started. This leads to the hints being leaked [1] when the work is canceled while pending as part of ACL region dismantle.

 Fix by freeing the hints if hints are associated with a work that was canceled while pending.

 Blame the original commit since the reliance on not having a pending work associated with hints is fragile.

 [1] unreferenced object 0xffff88810e7c3000 (size 256):
 comm kworker/0:16, pid 176, jiffies 4295460353 hex dump (first 32 bytes):
 00 30 95 11 81 88 ff ff 61 00 00 00 00 00 00 80 .0......a.......
 00 00 61 00 40 00 00 00 00 00 00 00 04 00 00 00 ..a.@...........
 backtrace (crc 2544ddb9):
 [<00000000cf8cfab3>] kmalloc_trace+0x23f/0x2a0 [<000000004d9a1ad9>] objagg_hints_get+0x42/0x390 [<000000000b143cf3>] mlxsw_sp_acl_erp_rehash_hints_get+0xca/0x400 [<0000000059bdb60a>] mlxsw_sp_acl_tcam_vregion_rehash_work+0x868/0x1160 [<00000000e81fd734>] process_one_work+0x59c/0xf20 [<00000000ceee9e81>] worker_thread+0x799/0x12c0 [<00000000bda6fe39>] kthread+0x246/0x300 [<0000000070056d23>] ret_from_fork+0x34/0x70 [<00000000dea2b93e>] ret_from_fork_asm+0x1a/0x30

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

See Also

http://www.nessus.org/u?25099b8e

https://nvd.nist.gov/vuln/detail/CVE-2024-35852

Plugin Details

Severity: Medium

ID: 266886

File Name: unity_linux_UTSA-2025-387404.nasl

Version: 1.1

Type: local

Published: 10/7/2025

Updated: 10/7/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2024-35852

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/UOS-Server/release, Host/UOS-Server/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 7/8/2025

Vulnerability Publication Date: 5/10/2024

Reference Information

CVE: CVE-2024-35852