Detections
Analytics

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000677)

high Nessus Plugin ID 290366

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000677 advisory.

 Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ([IPv4/IPv6]: UFO Scatter-gather approach) on Oct 18 2005.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?21efec2c

http://seclists.org/oss-sec/2017/q3/277

http://www.debian.org/security/2017/dsa-3981

http://www.securityfocus.com/bid/100262

http://www.securitytracker.com/id/1039162

https://access.redhat.com/errata/RHSA-2017:2918

https://access.redhat.com/errata/RHSA-2017:2930

https://access.redhat.com/errata/RHSA-2017:2931

https://access.redhat.com/errata/RHSA-2017:3200

https://access.redhat.com/errata/RHSA-2019:1931

https://access.redhat.com/errata/RHSA-2019:1932

https://access.redhat.com/errata/RHSA-2019:4159

https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112

https://security-tracker.debian.org/tracker/CVE-2017-1000112

https://www.exploit-db.com/exploits/45147/

Plugin Details

Severity: High

ID: 290366

File Name: unity_linux_UTSA-2026-000677.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.6

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 6

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2017-1000112

CVSS v3

Risk Factor: High

Base Score: 7

Temporal Score: 6.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/UOS-Server/release, Host/UOS-Server/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/14/2026

Vulnerability Publication Date: 8/10/2017

Reference Information

CVE: CVE-2017-1000112