Detections
Analytics

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006597)

high Nessus Plugin ID 305505

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006597 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 bpf, cpumap: Make sure kthread is running before map update returns

 The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads:

 ------------[ cut here ]------------ WARNING: CPU: 4 PID: 65 at kernel/bpf/cpumap.c:135 CPU: 4 PID: 65 Comm: kworker/4:1 Not tainted 6.5.0-rc2+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Workqueue: events cpu_map_kthread_stop RIP: 0010:put_cpu_map_entry+0xda/0x220 ......
 Call Trace:
 <TASK> ? show_regs+0x65/0x70 ? __warn+0xa5/0x240 ......
 ? put_cpu_map_entry+0xda/0x220 cpu_map_kthread_stop+0x41/0x60 process_one_work+0x6b0/0xb80 worker_thread+0x96/0x720 kthread+0x1a5/0x1f0 ret_from_fork+0x3a/0x70 ret_from_fork_asm+0x1b/0x30 </TASK>

 The root cause is the same as commit 436901649731 (bpf: cpumap: Fix memory leak in cpu_map_update_elem). The kthread is stopped prematurely by kthread_stop() in cpu_map_kthread_stop(), and kthread() doesn't call cpu_map_kthread_run() at all but XDP program has already queued some frames or skbs into ptr_ring. So when __cpu_map_ring_cleanup() checks the ptr_ring, it will find it was not emptied and report a warning.

 An alternative fix is to use __cpu_map_ring_cleanup() to drop these pending frames or skbs when kthread_stop() returns -EINTR, but it may confuse the user, because these frames or skbs have been handled correctly by XDP program. So instead of dropping these frames or skbs, just make sure the per-cpu kthread is running before
 __cpu_map_entry_alloc() returns.

 After apply the fix, the error handle for kthread_stop() will be unnecessary because it will always return 0, so just remove it.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?36a78f8e

http://www.nessus.org/u?58d7afdf

https://nvd.nist.gov/vuln/detail/CVE-2023-53577

Plugin Details

Severity: High

ID: 305505

File Name: unity_linux_UTSA-2026-006597.nasl

Version: 1.1

Type: Local

Published: 4/8/2026

Updated: 4/8/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2023-53577

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/UOS-Server/release, Host/UOS-Server/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/8/2026

Vulnerability Publication Date: 9/7/2023

Reference Information

CVE: CVE-2023-53577