Detections
Analytics

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987550)

medium Nessus Plugin ID 270933

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987550 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 iommu/omap: Fix regression in probe for NULL pointer dereference

 Commit 3f6634d997db (iommu: Use right way to retrieve iommu_ops) started triggering a NULL pointer dereference for some omap variants:

 __iommu_probe_device from probe_iommu_group+0x2c/0x38 probe_iommu_group from bus_for_each_dev+0x74/0xbc bus_for_each_dev from bus_iommu_probe+0x34/0x2e8 bus_iommu_probe from bus_set_iommu+0x80/0xc8 bus_set_iommu from omap_iommu_init+0x88/0xcc omap_iommu_init from do_one_initcall+0x44/0x24

 This is caused by omap iommu probe returning 0 instead of ERR_PTR(-ENODEV) as noted by Jason Gunthorpe <[email protected]>.

 Looks like the regression already happened with an earlier commit 6785eb9105e3 (iommu/omap: Convert to probe/release_device() call-backs) that changed the function return type and missed converting one place.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?d001febb

http://www.nessus.org/u?7f5faec3

https://nvd.nist.gov/vuln/detail/CVE-2022-49083

Plugin Details

Severity: Medium

ID: 270933

File Name: unity_linux_UTSA-2025-987550.nasl

Version: 1.1

Type: local

Published: 10/21/2025

Updated: 10/21/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2022-49083

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/UOS-Server/release, Host/UOS-Server/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 10/15/2025

Vulnerability Publication Date: 2/26/2025

Reference Information

CVE: CVE-2022-49083