SUSE SLED15 / SLES15 / openSUSE 15 Security Update : busybox (SUSE-SU-2022:3959-1)

critical Nessus Plugin ID 167330

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3959-1 advisory.

- Enable switch_root With this change virtme --force-initramfs works as expected.
- Enable udhcpc

busybox was updated to 1.35.0

- Adjust busybox.config for new features in find, date and cpio

- Annotate CVEs already fixed in upstream, but not mentioned in .changes yet:

* CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when autocompleting
* CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing segfaults
* CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer underflow in udhcpc
* CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing
* CVE-2016-6301 (bsc#991940): NTP server denial of service flaw
* CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow
* CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow
* CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components
* CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376, CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes
* CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via malformed gzip data
* CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp
* CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the retrieve_file_data()
* CVE-2011-5325 (bsc#951562): tar directory traversal
* CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected busybox, busybox-static, busybox-testsuite and / or busybox-warewulf3 packages.

See Also

https://bugzilla.suse.com/1064976

https://bugzilla.suse.com/1064978

https://bugzilla.suse.com/1069412

https://bugzilla.suse.com/1099260

https://bugzilla.suse.com/1099263

https://bugzilla.suse.com/1102912

https://bugzilla.suse.com/1121426

https://bugzilla.suse.com/1121428

https://bugzilla.suse.com/1184522

https://bugzilla.suse.com/1192869

https://bugzilla.suse.com/951562

https://bugzilla.suse.com/970662

https://bugzilla.suse.com/970663

https://bugzilla.suse.com/991940

https://www.suse.com/security/cve/CVE-2011-5325

https://www.suse.com/security/cve/CVE-2015-9261

https://www.suse.com/security/cve/CVE-2016-2147

https://www.suse.com/security/cve/CVE-2016-2148

https://www.suse.com/security/cve/CVE-2016-6301

https://www.suse.com/security/cve/CVE-2017-15873

https://www.suse.com/security/cve/CVE-2017-15874

https://www.suse.com/security/cve/CVE-2017-16544

https://www.suse.com/security/cve/CVE-2018-1000500

https://www.suse.com/security/cve/CVE-2018-1000517

https://www.suse.com/security/cve/CVE-2018-20679

https://www.suse.com/security/cve/CVE-2019-5747

https://www.suse.com/security/cve/CVE-2021-28831

https://www.suse.com/security/cve/CVE-2021-42373

https://www.suse.com/security/cve/CVE-2021-42374

https://www.suse.com/security/cve/CVE-2021-42375

https://www.suse.com/security/cve/CVE-2021-42376

https://www.suse.com/security/cve/CVE-2021-42377

https://www.suse.com/security/cve/CVE-2021-42378

https://www.suse.com/security/cve/CVE-2021-42379

https://www.suse.com/security/cve/CVE-2021-42380

https://www.suse.com/security/cve/CVE-2021-42381

https://www.suse.com/security/cve/CVE-2021-42382

https://www.suse.com/security/cve/CVE-2021-42383

https://www.suse.com/security/cve/CVE-2021-42384

https://www.suse.com/security/cve/CVE-2021-42385

https://www.suse.com/security/cve/CVE-2021-42386

http://www.nessus.org/u?ba44b300

Plugin Details

Severity: Critical

ID: 167330

File Name: suse_SU-2022-3959-1.nasl

Version: 1.8

Type: Local

Agent: unix

Published: 11/13/2022

Updated: 6/26/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.67

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-1000517

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2021-42377

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:busybox-static, p-cpe:/a:novell:suse_linux:busybox, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/11/2022

Vulnerability Publication Date: 8/3/2016

Reference Information

CVE: CVE-2011-5325, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2016-6301, CVE-2017-15873, CVE-2017-15874, CVE-2017-16544, CVE-2018-1000500, CVE-2018-1000517, CVE-2018-20679, CVE-2019-5747, CVE-2021-28831, CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376, CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386

SuSE: SUSE-SU-2022:3959-1