Detections
Analytics

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010912)

medium Nessus Plugin ID 308932

Synopsis

The Unity Linux host is missing one or more security updates.

Description

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010912 advisory.

 In the Linux kernel, the following vulnerability has been resolved:

 serial: sc16is7xx: setup GPIO controller later in probe

 The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the GPIO lines before the sc16is7xx device has finished initialising.

 This issue manifests itself as an Oops when the GPIO lines are configured:

 Unable to handle kernel read from unreadable memory at virtual address ...
 pc : sc16is7xx_gpio_direction_output+0x68/0x108 [sc16is7xx] lr : sc16is7xx_gpio_direction_output+0x4c/0x108 [sc16is7xx] ...
 Call trace:
 sc16is7xx_gpio_direction_output+0x68/0x108 [sc16is7xx] gpiod_direction_output_raw_commit+0x64/0x318 gpiod_direction_output+0xb0/0x170 create_gpio_led+0xec/0x198 gpio_led_probe+0x16c/0x4f0 platform_drv_probe+0x5c/0xb0 really_probe+0xe8/0x448 driver_probe_device+0xe8/0x138
 __device_attach_driver+0x94/0x118 bus_for_each_drv+0x8c/0xe0
 __device_attach+0x100/0x1b8 device_initial_probe+0x28/0x38 bus_probe_device+0xa4/0xb0 deferred_probe_work_func+0x90/0xe0 process_one_work+0x1c4/0x480 worker_thread+0x54/0x430 kthread+0x138/0x150 ret_from_fork+0x10/0x1c

 This patch moves the setup of the GPIO controller functions to later in the probe function, ensuring the sc16is7xx device has already finished initialising by the time other devices try to make use of the GPIO lines.
 The error handling has also been reordered to reflect the new initialisation order.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?57f9ae50

http://www.nessus.org/u?eaaf4ea7

https://nvd.nist.gov/vuln/detail/CVE-2023-54118

Plugin Details

Severity: Medium

ID: 308932

File Name: unity_linux_UTSA-2026-010912.nasl

Version: 1.1

Type: Local

Published: 4/21/2026

Updated: 4/21/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 4.5

Temporal Score: 3.3

Vector: CVSS2#AV:L/AC:H/Au:S/C:N/I:P/A:C

CVSS Score Source: CVE-2023-54118

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/local_checks_enabled, Host/UOS-Server/release, Host/UOS-Server/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 4/20/2026

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2023-54118