Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002605)

medium Nessus Plugin ID 284986

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002605 advisory.

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://nvidia.custhelp.com/app/answers/detail/a_id/4609

http://nvidia.custhelp.com/app/answers/detail/a_id/4611

http://nvidia.custhelp.com/app/answers/detail/a_id/4613

http://nvidia.custhelp.com/app/answers/detail/a_id/4614

https://access.redhat.com/errata/RHSA-2018:0292

https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/

https://cdrdv2.intel.com/v1/dl/getContent/685358

https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf

https://cert.vde.com/en-us/advisories/vde-2018-002

https://cert.vde.com/en-us/advisories/vde-2018-003

https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html

https://meltdownattack.com/

https://security.gentoo.org/glsa/201810-06

https://security.netapp.com/advisory/ntap-20180104-0001/

https://security-tracker.debian.org/tracker/CVE-2017-5754

https://source.android.com/security/bulletin/2018-04-01

https://support.citrix.com/article/CTX231399

https://support.citrix.com/article/CTX234679

https://support.f5.com/csp/article/K91229003

https://support.lenovo.com/us/en/solutions/LEN-18282

https://usn.ubuntu.com/3522-3/

https://usn.ubuntu.com/3522-4/

https://usn.ubuntu.com/3523-1/

https://usn.ubuntu.com/3540-2/

https://usn.ubuntu.com/3541-2/

https://usn.ubuntu.com/3583-1/

https://usn.ubuntu.com/3597-1/

https://usn.ubuntu.com/3597-2/

https://usn.ubuntu.com/usn/usn-3516-1/

https://usn.ubuntu.com/usn/usn-3522-2/

https://usn.ubuntu.com/usn/usn-3523-2/

https://usn.ubuntu.com/usn/usn-3524-2/

https://usn.ubuntu.com/usn/usn-3525-1/

https://www.debian.org/security/2018/dsa-4078

https://www.debian.org/security/2018/dsa-4082

https://www.debian.org/security/2018/dsa-4120

https://www.kb.cert.org/vuls/id/180049

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.synology.com/support/security/Synology_SA_18_01

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt

http://www.kb.cert.org/vuls/id/584653

http://www.nessus.org/u?13a2a434

http://www.nessus.org/u?148b2157

http://www.nessus.org/u?1bb35f47

http://www.nessus.org/u?1eae8cc9

http://www.nessus.org/u?28c4c0a0

http://www.nessus.org/u?2dc887f0

http://www.nessus.org/u?2ec2d10c

http://www.nessus.org/u?573cb1ef

http://www.nessus.org/u?576ccd7b

http://www.nessus.org/u?6b559eed

http://www.nessus.org/u?7c4ad7b8

http://www.nessus.org/u?84b5e5a8

http://www.nessus.org/u?851713fe

http://www.nessus.org/u?892ef523

http://www.nessus.org/u?9166970d

http://www.nessus.org/u?9ad9a5ca

http://www.nessus.org/u?c89c164f

http://www.nessus.org/u?cd7fb364

http://www.nessus.org/u?cd8ae14e

http://www.nessus.org/u?de58c590

http://www.nessus.org/u?f5691f33

http://www.nessus.org/u?f6e3da0d

http://www.securityfocus.com/bid/102378

http://www.securityfocus.com/bid/106128

http://www.securitytracker.com/id/1040071

http://xenbits.xen.org/xsa/advisory-254.html

Plugin Details

Severity: Medium

ID: 284986

File Name: unity_linux_UTSA-2026-002605.nasl

Version: 1.3

Type: Local

Published: 1/15/2026

Updated: 2/12/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.48

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Temporal Score: 4.1

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2017-5754

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/UOS-Server/release, Host/UOS-Server/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/15/2026

Vulnerability Publication Date: 1/3/2018

Exploitable With

Core Impact

Reference Information

CVE: CVE-2017-5754