Detections
Analytics

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002516)

medium Nessus Plugin ID 287365

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002516 advisory.

 Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?43c841cd

http://www.nessus.org/u?76546f97

http://www.nessus.org/u?09543aed

http://www.nessus.org/u?c63a1370

http://lists.opensuse.org/opensuse-updates/2014-07/msg00025.html

http://secunia.com/advisories/59567

http://secunia.com/advisories/59770

http://secunia.com/advisories/60238

http://twitter.com/djrbliss/statuses/484931749013495809

http://twitter.com/djrbliss/statuses/485042901399789568

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2

http://www.openwall.com/lists/oss-security/2014/06/26/24

http://www.securitytracker.com/id/1030491

https://bugzilla.redhat.com/show_bug.cgi?id=1112436

https://code.google.com/p/lz4/issues/detail?id=52

https://code.google.com/p/lz4/source/detail?r=118

http://www.nessus.org/u?b3d00dcd

http://www.nessus.org/u?7798aa74

http://www.nessus.org/u?b8025151

http://www.nessus.org/u?a04c61f7

http://www.nessus.org/u?b50c1c8d

http://www.nessus.org/u?bace9d53

http://www.nessus.org/u?1f96edca

http://www.nessus.org/u?75e6ae6e

http://www.nessus.org/u?eabaf5d6

http://www.nessus.org/u?34d1fab0

http://www.nessus.org/u?2986f0db

http://www.nessus.org/u?17280d2d

http://www.nessus.org/u?0048b7f3

http://www.nessus.org/u?2718d4ce

https://security-tracker.debian.org/tracker/CVE-2014-4611

https://www.securitymouse.com/lms-2014-06-16-5

https://www.securitymouse.com/lms-2014-06-16-6

Plugin Details

Severity: Medium

ID: 287365

File Name: unity_linux_UTSA-2026-002516.nasl

Version: 1.1

Type: local

Published: 1/15/2026

Updated: 1/15/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2014-4611

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/UOS-Server/release, Host/UOS-Server/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 1/15/2026

Vulnerability Publication Date: 6/26/2014

Reference Information

CVE: CVE-2014-4611