Detections
Analytics

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013258)

medium Nessus Plugin ID 308091

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013258 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()

 In the following concurrency we will access the uninitialized rs->lock:

 ext4_fill_super ext4_register_sysfs // sysfs registered msg_ratelimit_interval_ms // Other processes modify rs->interval to // non-zero via msg_ratelimit_interval_ms ext4_orphan_cleanup ext4_msg(sb, KERN_INFO, Errors on filesystem,
__ext4_msg
 ___ratelimit(&(EXT4_SB(sb)->s_msg_ratelimit_state) if (!rs->interval) // do nothing if interval is 0 return 1;
 raw_spin_trylock_irqsave(&rs->lock, flags) raw_spin_trylock(lock)
 _raw_spin_trylock
 __raw_spin_trylock spin_acquire(&lock->dep_map, 0, 1, _RET_IP_) lock_acquire
 __lock_acquire register_lock_class assign_lock_key dump_stack();
 ratelimit_state_init(&sbi->s_msg_ratelimit_state, 5 * HZ, 10);
 raw_spin_lock_init(&rs->lock);
 // init rs->lock here

 and get the following dump_stack:

 ========================================================= INFO: trying to register non-static key.
 The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator.
 CPU: 12 PID: 753 Comm: mount Tainted: G E 6.7.0-rc6-next-20231222 #504 [...] Call Trace:
 dump_stack_lvl+0xc5/0x170 dump_stack+0x18/0x30 register_lock_class+0x740/0x7c0
 __lock_acquire+0x69/0x13a0 lock_acquire+0x120/0x450
 _raw_spin_trylock+0x98/0xd0
 ___ratelimit+0xf6/0x220
 __ext4_msg+0x7f/0x160 [ext4] ext4_orphan_cleanup+0x665/0x740 [ext4]
 __ext4_fill_super+0x21ea/0x2b10 [ext4] ext4_fill_super+0x14d/0x360 [ext4] [...] =========================================================

 Normally interval is 0 until s_msg_ratelimit_state is initialized, so
 ___ratelimit() does nothing. But registering sysfs precedes initializing rs->lock, so it is possible to change rs->interval to a non-zero value via the msg_ratelimit_interval_ms interface of sysfs while rs->lock is uninitialized, and then a call to ext4_msg triggers the problem by accessing an uninitialized rs->lock. Therefore register sysfs after all initializations are complete to avoid such problems.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?ee94f96e

http://www.nessus.org/u?ff3deaa4

https://nvd.nist.gov/vuln/detail/CVE-2024-40998

Plugin Details

Severity: Medium

ID: 308091

File Name: unity_linux_UTSA-2026-013258.nasl

Version: 1.1

Type: Local

Published: 4/21/2026

Updated: 4/21/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2024-40998

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/UOS-Server/release, Host/UOS-Server/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/21/2026

Vulnerability Publication Date: 7/12/2024

Reference Information

CVE: CVE-2024-40998