Lucene search
K

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992181)

🗓️ 30 Dec 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 1 Views

Unity Linux 20.1070e security update fixes ext4 mb_find_extent warning.

Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(280149);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/12/30");

  script_cve_id("CVE-2023-53317");

  script_name(english:"Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992181)");

  script_set_attribute(attribute:"synopsis", value:
"The Unity Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the
UTSA-2025-992181 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: fix WARNING in mb_find_extent

    Syzbot found the following issue:

    EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and
    fast_commit support!
    EXT4-fs (loop0): orphan cleanup on readonly fs
    ------------[ cut here ]------------
    WARNING: CPU: 1 PID: 5067 at fs/ext4/mballoc.c:1869 mb_find_extent+0x8a1/0xe30
    Modules linked in:
    CPU: 1 PID: 5067 Comm: syz-executor307 Not tainted 6.2.0-rc1-syzkaller #0
    Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
    RIP: 0010:mb_find_extent+0x8a1/0xe30 fs/ext4/mballoc.c:1869
    RSP: 0018:ffffc90003c9e098 EFLAGS: 00010293
    RAX: ffffffff82405731 RBX: 0000000000000041 RCX: ffff8880783457c0
    RDX: 0000000000000000 RSI: 0000000000000041 RDI: 0000000000000040
    RBP: 0000000000000040 R08: ffffffff82405723 R09: ffffed10053c9402
    R10: ffffed10053c9402 R11: 1ffff110053c9401 R12: 0000000000000000
    R13: ffffc90003c9e538 R14: dffffc0000000000 R15: ffffc90003c9e2cc
    FS:  0000555556665300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 000056312f6796f8 CR3: 0000000022437000 CR4: 00000000003506e0
    DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
    DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
    Call Trace:
     <TASK>
     ext4_mb_complex_scan_group+0x353/0x1100 fs/ext4/mballoc.c:2307
     ext4_mb_regular_allocator+0x1533/0x3860 fs/ext4/mballoc.c:2735
     ext4_mb_new_blocks+0xddf/0x3db0 fs/ext4/mballoc.c:5605
     ext4_ext_map_blocks+0x1868/0x6880 fs/ext4/extents.c:4286
     ext4_map_blocks+0xa49/0x1cc0 fs/ext4/inode.c:651
     ext4_getblk+0x1b9/0x770 fs/ext4/inode.c:864
     ext4_bread+0x2a/0x170 fs/ext4/inode.c:920
     ext4_quota_write+0x225/0x570 fs/ext4/super.c:7105
     write_blk fs/quota/quota_tree.c:64 [inline]
     get_free_dqblk+0x34a/0x6d0 fs/quota/quota_tree.c:130
     do_insert_tree+0x26b/0x1aa0 fs/quota/quota_tree.c:340
     do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375
     do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375
     do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375
     dq_insert_tree fs/quota/quota_tree.c:401 [inline]
     qtree_write_dquot+0x3b6/0x530 fs/quota/quota_tree.c:420
     v2_write_dquot+0x11b/0x190 fs/quota/quota_v2.c:358
     dquot_acquire+0x348/0x670 fs/quota/dquot.c:444
     ext4_acquire_dquot+0x2dc/0x400 fs/ext4/super.c:6740
     dqget+0x999/0xdc0 fs/quota/dquot.c:914
     __dquot_initialize+0x3d0/0xcf0 fs/quota/dquot.c:1492
     ext4_process_orphan+0x57/0x2d0 fs/ext4/orphan.c:329
     ext4_orphan_cleanup+0xb60/0x1340 fs/ext4/orphan.c:474
     __ext4_fill_super fs/ext4/super.c:5516 [inline]
     ext4_fill_super+0x81cd/0x8700 fs/ext4/super.c:5644
     get_tree_bdev+0x400/0x620 fs/super.c:1282
     vfs_get_tree+0x88/0x270 fs/super.c:1489
     do_new_mount+0x289/0xad0 fs/namespace.c:3145
     do_mount fs/namespace.c:3488 [inline]
     __do_sys_mount fs/namespace.c:3697 [inline]
     __se_sys_mount+0x2d3/0x3c0 fs/namespace.c:3674
     do_syscall_x64 arch/x86/entry/common.c:50 [inline]
     do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
     entry_SYSCALL_64_after_hwframe+0x63/0xcd

    Add some debug information:
    mb_find_extent: mb_find_extent block=41, order=0 needed=64 next=0 ex=0/41/1@3735929054 64 64 7
    block_bitmap: ff 3f 0c 00 fc 01 00 00 d2 3d 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
    ff

    Acctually, blocks per group is 64, but block bitmap indicate at least has
    128 blocks. Now, ext4_validate_block_bitmap() didn't check invalid block's
    bitmap if set.
    To resolve above issue, add check like fsck Padding at end of block bitmap is
    not set.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://src.uniontech.com/#/security_advisory_detail?utsa_id=UTSA-2025-992181
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?920323b2");
  # https://lore.kernel.org/linux-cve-announce/2025091643-CVE-2023-53317-c945@gregkh
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ac01e625");
  script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2023-53317");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-53317");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/09/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/12/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/12/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Unity Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/UOS-Server/release", "Host/UOS-Server/rpm-list", "Host/cpu");

  exit(0);
}
include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'UOS Server' >!< os_product) audit(AUDIT_OS_NOT, 'UOS Server');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'UOS Server');
if (! preg(pattern:"^20.1070e([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'UOS Server 20.1070e', 'UOS Server ' + os_version);

if (!get_kb_item('Host/UOS-Server/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'amd64' >!< cpu && 'x86_64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'UOS Server', cpu);


var constraints = [
  {
    'release': '20',
    'sp': '1070e',
    'pkgs': [
      {'reference':'kernel-5.10.0-79.5', 'sp':'1070e', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-5.10.0-79.5', 'sp':'1070e', 'cpu':'amd64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-5.10.0-79.5', 'sp':'1070e', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}


if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

30 Dec 2025 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 3.15.5
EPSS0.00146
SSVC
1