Detections
Analytics

SUSE SLED15 / SLES15 Security Update : busybox, busybox-links (SUSE-SU-2025:03205-1)

medium Nessus Plugin ID 264673

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03205-1 advisory.

 Updated to version 1.37.0 (jsc#PED-13039):
 - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncs_printf.c (bsc#1217580)
 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function (bsc#1217584)
 - CVE-2023-42365: Fixed use-after-free in the awk.c copyvar function (bsc#1217585)

 Other fixes:
 - fix generation of file lists via Dockerfile
 - add copy of busybox.links from the container to catch changes to busybox config
 - Blacklist creating links for halt, reboot, shutdown commands to avoid accidental use in a fully booted system (bsc#1243201)
 - Add getfattr applet to attr filelist
 - busybox-udhcpc conflicts with udhcp.
 - Add new sub-package for udhcpc
 - zgrep: don't set the label option as only the real grep supports it (bsc#1215943)
 - Add conflict for coreutils-systemd, package got splitted
 - Check in filelists instead of buildrequiring all non-busybox utils
 - Replace transitional %usrmerged macro with regular version check (bsc#1206798)
 - Create sub-package 'hexedit' [bsc#1203399]
 - Create sub-package 'sha3sum' [bsc#1203397]
 - Drop update-alternatives support
 - Add provides smtp_daemon to busybox-sendmail
 - Add conflicts: mawk to busybox-gawk
 - fix mkdir path to point to /usr/bin instead of /bin
 - add placeholder variable and ignore applet logic to busybox.install
 - enable halt, poweroff, reboot commands (bsc#1243201)
 - Fully enable udhcpc and document that this tool needs special configuration and does not work out of the box [bsc#1217883]
 - Replace transitional %usrmerged macro with regular version check (bsc#1206798)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected busybox and / or busybox-static packages.

See Also

https://bugzilla.suse.com/1203397

https://bugzilla.suse.com/1203399

https://bugzilla.suse.com/1206798

https://bugzilla.suse.com/1215943

https://bugzilla.suse.com/1217580

https://bugzilla.suse.com/1217584

https://bugzilla.suse.com/1217585

https://bugzilla.suse.com/1217883

https://bugzilla.suse.com/1243201

http://www.nessus.org/u?431d0ed2

https://www.suse.com/security/cve/CVE-2023-42363

https://www.suse.com/security/cve/CVE-2023-42364

https://www.suse.com/security/cve/CVE-2023-42365

Plugin Details

Severity: Medium

ID: 264673

File Name: suse_SU-2025-03205-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 9/13/2025

Updated: 9/13/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 3.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-42365

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:busybox-static, p-cpe:/a:novell:suse_linux:busybox, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/12/2025

Vulnerability Publication Date: 11/27/2023

Reference Information

CVE: CVE-2023-42363, CVE-2023-42364, CVE-2023-42365

SuSE: SUSE-SU-2025:03205-1