Detections
Analytics
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002434)
high Nessus Plugin ID 287536
Synopsis
The Unity Linux host is missing one or more security updates.Description
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002434 advisory.The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
Tenable has extracted the preceding description block directly from the Unity Linux security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected kernel package.See Also
http://www.nessus.org/u?c5ac01de
http://www.nessus.org/u?98fd9ff0
http://www.nessus.org/u?5a737024
http://www.nessus.org/u?0fdffb45
https://github.com/elongl/CVE-2014-3153
http://www.nessus.org/u?b104f332
https://security-tracker.debian.org/tracker/CVE-2014-3153
http://www.nessus.org/u?749f15da
https://www.openwall.com/lists/oss-security/2021/02/01/4
http://linux.oracle.com/errata/ELSA-2014-0771.html
http://linux.oracle.com/errata/ELSA-2014-3037.html
http://linux.oracle.com/errata/ELSA-2014-3038.html
http://linux.oracle.com/errata/ELSA-2014-3039.html
http://www.nessus.org/u?dc355fb5
http://www.nessus.org/u?d358f0f4
http://www.nessus.org/u?3b236d72
http://www.nessus.org/u?012c4b1d
http://www.nessus.org/u?e974d958
http://www.nessus.org/u?84863590
http://openwall.com/lists/oss-security/2014/06/05/24
http://openwall.com/lists/oss-security/2014/06/06/20
http://rhn.redhat.com/errata/RHSA-2014-0800.html
http://secunia.com/advisories/58500
http://secunia.com/advisories/58990
http://secunia.com/advisories/59029
http://secunia.com/advisories/59092
http://secunia.com/advisories/59153
http://secunia.com/advisories/59262
http://secunia.com/advisories/59309
http://secunia.com/advisories/59386
http://secunia.com/advisories/59599
http://www.debian.org/security/2014/dsa-2949
http://www.exploit-db.com/exploits/35370
http://www.openwall.com/lists/oss-security/2014/06/05/22
http://www.openwall.com/lists/oss-security/2021/02/01/4
http://www.securityfocus.com/bid/67906
http://www.securitytracker.com/id/1030451
http://www.ubuntu.com/usn/USN-2237-1
http://www.ubuntu.com/usn/USN-2240-1
https://bugzilla.redhat.com/show_bug.cgi?id=1103626
https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html
Plugin Details
Severity: High
ID: 287536
File Name: unity_linux_UTSA-2026-002434.nasl
Version: 1.1
Type: local
Published: 1/15/2026
Updated: 1/15/2026
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 6.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2014-3153
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
Required KB Items: Host/local_checks_enabled, Host/UOS-Server/release, Host/UOS-Server/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/15/2026
Vulnerability Publication Date: 6/5/2014
CISA Known Exploited Vulnerability Due Dates: 6/15/2022
Reference Information
CVE: CVE-2014-3153