Lucene search
K

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005453)

🗓️ 04 Mar 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 1 Views

Unity Linux kernel update fixes nubus read fault caused by single data regression without exceeding character limit.

Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(300609);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/04");

  script_cve_id("CVE-2023-53217");

  script_name(english:"Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005453)");

  script_set_attribute(attribute:"synopsis", value:
"The Unity Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the
UTSA-2026-005453 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    nubus: Partially revert proc_create_single_data() conversion

    The conversion to proc_create_single_data() introduced a regression
    whereby reading a file in /proc/bus/nubus results in a seg fault:

        # grep -r . /proc/bus/nubus/e/
        Data read fault at 0x00000020 in Super Data (pc=0x1074c2)
        BAD KERNEL BUSERR
        Oops: 00000000
        Modules linked in:
        PC: [<001074c2>] PDE_DATA+0xc/0x16
        SR: 2010  SP: 38284958  a2: 01152370
        d0: 00000001    d1: 01013000    d2: 01002790    d3: 00000000
        d4: 00000001    d5: 0008ce2e    a0: 00000000    a1: 00222a40
        Process grep (pid: 45, task=142f8727)
        Frame format=B ssw=074d isc=2008 isb=4e5e daddr=00000020 dobuf=01199e70
        baddr=001074c8 dibuf=ffffffff ver=f
        Stack from 01199e48:
                01199e70 00222a58 01002790 00000000 011a3000 01199eb0 015000c0 00000000
                00000000 01199ec0 01199ec0 000d551a 011a3000 00000001 00000000 00018000
                d003f000 00000003 00000001 0002800d 01052840 01199fa8 c01f8000 00000000
                00000029 0b532b80 00000000 00000000 00000029 0b532b80 01199ee4 00103640
                011198c0 d003f000 00018000 01199fa8 00000000 011198c0 00000000 01199f4c
                000b3344 011198c0 d003f000 00018000 01199fa8 00000000 00018000 011198c0
        Call Trace: [<00222a58>] nubus_proc_rsrc_show+0x18/0xa0
         [<000d551a>] seq_read+0xc4/0x510
         [<00018000>] fp_fcos+0x2/0x82
         [<0002800d>] __sys_setreuid+0x115/0x1c6
         [<00103640>] proc_reg_read+0x5c/0xb0
         [<00018000>] fp_fcos+0x2/0x82
         [<000b3344>] __vfs_read+0x2c/0x13c
         [<00018000>] fp_fcos+0x2/0x82
         [<00018000>] fp_fcos+0x2/0x82
         [<000b8aa2>] sys_statx+0x60/0x7e
         [<000b34b6>] vfs_read+0x62/0x12a
         [<00018000>] fp_fcos+0x2/0x82
         [<00018000>] fp_fcos+0x2/0x82
         [<000b39c2>] ksys_read+0x48/0xbe
         [<00018000>] fp_fcos+0x2/0x82
         [<000b3a4e>] sys_read+0x16/0x1a
         [<00018000>] fp_fcos+0x2/0x82
         [<00002b84>] syscall+0x8/0xc
         [<00018000>] fp_fcos+0x2/0x82
         [<0000c016>] not_ext+0xa/0x18
        Code: 4e5e 4e75 4e56 0000 206e 0008 2068 ffe8 <2068> 0020 2008 4e5e 4e75 4e56 0000 2f0b 206e 0008 2068
    0004 2668 0020 206b ffe8
        Disabling lock debugging due to kernel taint

        Segmentation fault

    The proc_create_single_data() conversion does not work because
    single_open(file, nubus_proc_rsrc_show, PDE_DATA(inode)) is not
    equivalent to the original code.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://src.uniontech.com/#/security_advisory_detail?utsa_id=UTSA-2026-005453
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?107d62ef");
  # https://lore.kernel.org/linux-cve-announce/2025091512-CVE-2023-53217-0de0@gregkh
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?58e2e0cd");
  script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2023-53217");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-53217");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/07/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/03/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/03/04");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Unity Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/UOS-Server/release", "Host/UOS-Server/rpm-list", "Host/cpu");

  exit(0);
}
include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'UOS Server' >!< os_product) audit(AUDIT_OS_NOT, 'UOS Server');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'UOS Server');
if (! preg(pattern:"^20.1070e([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'UOS Server 20.1070e', 'UOS Server ' + os_version);

if (!get_kb_item('Host/UOS-Server/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'amd64' >!< cpu && 'sw_64' >!< cpu && 'x86_64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'UOS Server', cpu);


var constraints = [
  {
    'release': '20',
    'sp': '1070e',
    'pkgs': [
      {'reference':'kernel-5.10.0-79.7', 'sp':'1070e', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-5.10.0-79.7', 'sp':'1070e', 'cpu':'amd64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-5.10.0-79.7', 'sp':'1070e', 'cpu':'sw_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-5.10.0-79.7', 'sp':'1070e', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}


if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Mar 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.17.8
EPSS0.00153
SSVC
1