Detections
Analytics

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-007441)

medium Nessus Plugin ID 307190

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007441 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup

 Raw IP packets have no MAC header, leaving skb->mac_header uninitialized.
 This can trigger kernel panics on ARM64 when xfrm or other subsystems access the offset due to strict alignment checks.

 Initialize the MAC header to prevent such crashes.

 This can trigger kernel panics on ARM when running IPsec over the qmimux0 interface.

 Example trace:

 Internal error: Oops: 000000009600004f [#1] SMP CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.34-gbe78e49cb433 #1 Hardware name: LS1028A RDB Board (DT) pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : xfrm_input+0xde8/0x1318 lr : xfrm_input+0x61c/0x1318 sp : ffff800080003b20 Call trace:
 xfrm_input+0xde8/0x1318 xfrm6_rcv+0x38/0x44 xfrm6_esp_rcv+0x48/0xa8 ip6_protocol_deliver_rcu+0x94/0x4b0 ip6_input_finish+0x44/0x70 ip6_input+0x44/0xc0 ipv6_rcv+0x6c/0x114
 __netif_receive_skb_one_core+0x5c/0x8c
 __netif_receive_skb+0x18/0x60 process_backlog+0x78/0x17c
 __napi_poll+0x38/0x180 net_rx_action+0x168/0x2f0

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?53de35b1

http://www.nessus.org/u?3cf3e510

https://nvd.nist.gov/vuln/detail/CVE-2025-68192

Plugin Details

Severity: Medium

ID: 307190

File Name: unity_linux_UTSA-2026-007441.nasl

Version: 1.1

Type: Local

Published: 4/17/2026

Updated: 4/17/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2025-68192

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/UOS-Server/release, Host/UOS-Server/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/17/2026

Vulnerability Publication Date: 12/9/2025

Reference Information

CVE: CVE-2025-68192