Detections
Analytics

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986919)

medium Nessus Plugin ID 268280

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986919 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 rxrpc: Fix listen() setting the bar too high for the prealloc rings

 AF_RXRPC's listen() handler lets you set the backlog up to 32 (if you bump up the sysctl), but whilst the preallocation circular buffers have 32 slots in them, one of them has to be a dead slot because we're using CIRC_CNT().

 This means that listen(rxrpc_sock, 32) will cause an oops when the socket is closed because rxrpc_service_prealloc_one() allocated one too many calls and rxrpc_discard_prealloc() won't then be able to get rid of them because it'll think the ring is empty. rxrpc_release_calls_on_socket() then tries to abort them, but oopses because call->peer isn't yet set.

 Fix this by setting the maximum backlog to RXRPC_BACKLOG_MAX - 1 to match the ring capacity.

 BUG: kernel NULL pointer dereference, address: 0000000000000086 ...
 RIP: 0010:rxrpc_send_abort_packet+0x73/0x240 [rxrpc] Call Trace:
 <TASK> ? __wake_up_common_lock+0x7a/0x90 ? rxrpc_notify_socket+0x8e/0x140 [rxrpc] ? rxrpc_abort_call+0x4c/0x60 [rxrpc] rxrpc_release_calls_on_socket+0x107/0x1a0 [rxrpc] rxrpc_release+0xc9/0x1c0 [rxrpc]
 __sock_release+0x37/0xa0 sock_close+0x11/0x20
 __fput+0x89/0x240 task_work_run+0x59/0x90 do_exit+0x319/0xaa0

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?5b186ef2

http://www.nessus.org/u?1d00278b

https://nvd.nist.gov/vuln/detail/CVE-2022-49450

Plugin Details

Severity: Medium

ID: 268280

File Name: unity_linux_UTSA-2025-986919.nasl

Version: 1.2

Type: local

Published: 10/7/2025

Updated: 10/15/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2022-49450

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/UOS-Server/release, Host/UOS-Server/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 9/23/2025

Vulnerability Publication Date: 7/15/2022

Reference Information

CVE: CVE-2022-49450