Detections
Analytics

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992862)

medium Nessus Plugin ID 281293

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992862 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 rapidio: fix possible name leaks when rio_add_device() fails

 Patch series rapidio: fix three possible memory leaks.

 This patchset fixes three name leaks in error handling.
 - patch #1 fixes two name leaks while rio_add_device() fails.
 - patch #2 fixes a name leak while rio_register_mport() fails.


 This patch (of 2):

 If rio_add_device() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the error path, so that the name can be freed in kobject_cleanup(), and the 'rdev' can be freed in rio_release_dev().

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?04cbee9c

http://www.nessus.org/u?b7bd5b5e

https://nvd.nist.gov/vuln/detail/CVE-2022-50343

Plugin Details

Severity: Medium

ID: 281293

File Name: unity_linux_UTSA-2025-992862.nasl

Version: 1.1

Type: local

Published: 12/31/2025

Updated: 12/31/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2022-50343

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/UOS-Server/release, Host/UOS-Server/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 12/31/2025

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2022-50343