Detections
Analytics
SUSE SLES12 Security Update : docker-stable (SUSE-SU-2025:03540-1)
critical Nessus Plugin ID 270099
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03540-1 advisory.- Include historical changelog data from before the docker-stable fork. The initial changelog entry did technically provide all the necessary information, but our CVE tracking tools do not understand how the package is forked and so it seems that this package does not include fixes for ~12 years of updates. So, include a copy of the original package's changelog up until the fork point. (bsc#1250596)
- Remove git-core recommends on SLE. Most SLE systems have installRecommends=yes by default and thus end up installing git with Docker.
bsc#1250508
This feature is mostly intended for developers ('docker build git://') so most users already have the dependency installed, and the error when git is missing is fairly straightforward (so they can easily figure out what they need to install).
- Backport <https://github.com/moby/moby/pull/48517>. bsc#1247362
- Update to docker-buildx v0.25.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.25.0>
- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as Docker does not have permission to access the host zypper credentials in this mode (and unprivileged users cannot disable the feature using /etc/docker/suse-secrets-enable.) bsc#1240150
- Initial docker-stable fork, forked from Docker 24.0.7-ce release (packaged on 2024-02-14). The original changelog is included below for historical reference.
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected docker-stable and / or docker-stable-bash-completion packages.See Also
https://bugzilla.suse.com/885209
https://bugzilla.suse.com/907012
https://bugzilla.suse.com/907014
https://bugzilla.suse.com/908033
https://bugzilla.suse.com/909709
https://bugzilla.suse.com/909710
https://bugzilla.suse.com/909712
https://bugzilla.suse.com/913211
https://bugzilla.suse.com/913213
https://bugzilla.suse.com/920645
https://bugzilla.suse.com/930235
https://bugzilla.suse.com/931301
https://bugzilla.suse.com/935570
https://bugzilla.suse.com/938156
https://bugzilla.suse.com/942369
https://bugzilla.suse.com/942370
https://bugzilla.suse.com/946653
https://bugzilla.suse.com/949660
https://bugzilla.suse.com/950931
https://bugzilla.suse.com/953182
https://bugzilla.suse.com/954737
https://bugzilla.suse.com/954797
https://bugzilla.suse.com/954812
https://bugzilla.suse.com/956434
https://bugzilla.suse.com/958255
https://bugzilla.suse.com/959405
https://bugzilla.suse.com/963142
https://bugzilla.suse.com/964468
https://bugzilla.suse.com/964673
https://bugzilla.suse.com/965600
https://bugzilla.suse.com/965918
https://bugzilla.suse.com/968933
https://bugzilla.suse.com/968972
https://bugzilla.suse.com/970637
https://bugzilla.suse.com/974208
https://bugzilla.suse.com/976777
https://bugzilla.suse.com/977394
https://bugzilla.suse.com/978260
https://bugzilla.suse.com/980555
https://bugzilla.suse.com/987198
https://bugzilla.suse.com/988408
https://bugzilla.suse.com/988707
https://bugzilla.suse.com/989566
https://bugzilla.suse.com/1032287
https://bugzilla.suse.com/1032644
https://bugzilla.suse.com/1034053
https://bugzilla.suse.com/1034063
https://bugzilla.suse.com/1037436
https://bugzilla.suse.com/1037607
https://bugzilla.suse.com/1038476
https://bugzilla.suse.com/1038493
https://bugzilla.suse.com/1045628
https://bugzilla.suse.com/1046024
https://bugzilla.suse.com/1047218
https://bugzilla.suse.com/1048046
https://bugzilla.suse.com/1051429
https://bugzilla.suse.com/1055676
https://bugzilla.suse.com/1057743
https://bugzilla.suse.com/1058173
https://bugzilla.suse.com/1059011
https://bugzilla.suse.com/1064781
https://bugzilla.suse.com/1065609
https://bugzilla.suse.com/1066210
https://bugzilla.suse.com/1066801
https://bugzilla.suse.com/1069468
https://bugzilla.suse.com/1069758
https://bugzilla.suse.com/983015
https://bugzilla.suse.com/984942
https://bugzilla.suse.com/993847
https://bugzilla.suse.com/995058
https://bugzilla.suse.com/995102
https://bugzilla.suse.com/995620
https://bugzilla.suse.com/996015
https://bugzilla.suse.com/999582
https://bugzilla.suse.com/1001161
https://bugzilla.suse.com/1004490
https://bugzilla.suse.com/1007249
https://bugzilla.suse.com/1009961
https://bugzilla.suse.com/1012568
https://bugzilla.suse.com/1015661
https://bugzilla.suse.com/1016307
https://bugzilla.suse.com/1016992
https://bugzilla.suse.com/1019251
https://bugzilla.suse.com/1020806
https://bugzilla.suse.com/1021227
https://bugzilla.suse.com/1026827
https://bugzilla.suse.com/1028638
https://bugzilla.suse.com/1028639
https://bugzilla.suse.com/1029320
https://bugzilla.suse.com/1029630
https://bugzilla.suse.com/1030702
https://bugzilla.suse.com/1115464
https://bugzilla.suse.com/1118897
https://bugzilla.suse.com/1118898
https://bugzilla.suse.com/1118899
https://bugzilla.suse.com/1118990
https://bugzilla.suse.com/1119634
https://bugzilla.suse.com/1121412
https://bugzilla.suse.com/1121768
https://bugzilla.suse.com/1122469
https://bugzilla.suse.com/1072798
https://bugzilla.suse.com/1073877
https://bugzilla.suse.com/1074971
https://bugzilla.suse.com/1080978
https://bugzilla.suse.com/1084533
https://bugzilla.suse.com/1085117
https://bugzilla.suse.com/1085380
https://bugzilla.suse.com/1086185
https://bugzilla.suse.com/1089732
https://bugzilla.suse.com/1095817
https://bugzilla.suse.com/1096726
https://bugzilla.suse.com/1099277
https://bugzilla.suse.com/1100331
https://bugzilla.suse.com/1100727
https://bugzilla.suse.com/1102522
https://bugzilla.suse.com/1104821
https://bugzilla.suse.com/1105000
https://bugzilla.suse.com/1108038
https://bugzilla.suse.com/1112980
https://bugzilla.suse.com/1113313
https://bugzilla.suse.com/1114832
https://bugzilla.suse.com/1219268
https://bugzilla.suse.com/1219438
https://bugzilla.suse.com/1240150
https://bugzilla.suse.com/1247362
https://bugzilla.suse.com/1250508
https://bugzilla.suse.com/1250596
https://lists.suse.com/pipermail/sle-updates/2025-October/042077.html
https://www.suse.com/security/cve/CVE-2014-3499
https://www.suse.com/security/cve/CVE-2014-5277
https://www.suse.com/security/cve/CVE-2014-6407
https://www.suse.com/security/cve/CVE-2014-6408
https://www.suse.com/security/cve/CVE-2014-8178
https://www.suse.com/security/cve/CVE-2014-8179
https://www.suse.com/security/cve/CVE-2014-9356
https://www.suse.com/security/cve/CVE-2014-9357
https://www.suse.com/security/cve/CVE-2014-9358
https://www.suse.com/security/cve/CVE-2015-3627
https://www.suse.com/security/cve/CVE-2015-3629
https://www.suse.com/security/cve/CVE-2015-3630
https://www.suse.com/security/cve/CVE-2015-3631
https://www.suse.com/security/cve/CVE-2016-3697
https://www.suse.com/security/cve/CVE-2016-8867
https://www.suse.com/security/cve/CVE-2016-9962
https://www.suse.com/security/cve/CVE-2017-14992
https://www.suse.com/security/cve/CVE-2017-16539
https://www.suse.com/security/cve/CVE-2018-10892
https://www.suse.com/security/cve/CVE-2018-15664
https://www.suse.com/security/cve/CVE-2018-16873
https://www.suse.com/security/cve/CVE-2018-16874
https://www.suse.com/security/cve/CVE-2018-16875
https://www.suse.com/security/cve/CVE-2018-20699
https://www.suse.com/security/cve/CVE-2019-13509
https://www.suse.com/security/cve/CVE-2019-14271
https://www.suse.com/security/cve/CVE-2020-12912
https://www.suse.com/security/cve/CVE-2020-13401
https://www.suse.com/security/cve/CVE-2020-15257
https://www.suse.com/security/cve/CVE-2020-8694
https://www.suse.com/security/cve/CVE-2020-8695
https://www.suse.com/security/cve/CVE-2021-21284
https://www.suse.com/security/cve/CVE-2021-21285
https://www.suse.com/security/cve/CVE-2021-41089
https://www.suse.com/security/cve/CVE-2021-41091
https://www.suse.com/security/cve/CVE-2021-41092
https://www.suse.com/security/cve/CVE-2021-41103
https://www.suse.com/security/cve/CVE-2021-41190
https://www.suse.com/security/cve/CVE-2021-43565
https://www.suse.com/security/cve/CVE-2022-24769
https://www.suse.com/security/cve/CVE-2022-27191
https://www.suse.com/security/cve/CVE-2022-36109
https://www.suse.com/security/cve/CVE-2023-28840
https://www.suse.com/security/cve/CVE-2023-28841
https://www.suse.com/security/cve/CVE-2023-28842
https://www.suse.com/security/cve/CVE-2024-23650
https://www.suse.com/security/cve/CVE-2024-23651
https://www.suse.com/security/cve/CVE-2024-23652
https://www.suse.com/security/cve/CVE-2024-23653
https://www.suse.com/security/cve/CVE-2024-29018
https://www.suse.com/security/cve/CVE-2024-41110
https://www.suse.com/security/cve/CVE-2025-22868
https://www.suse.com/security/cve/CVE-2025-22869
https://bugzilla.suse.com/1124308
https://bugzilla.suse.com/1128376
https://bugzilla.suse.com/1128746
https://bugzilla.suse.com/1134068
https://bugzilla.suse.com/1138920
https://bugzilla.suse.com/1139649
https://bugzilla.suse.com/1142160
https://bugzilla.suse.com/1142413
https://bugzilla.suse.com/1143349
https://bugzilla.suse.com/1150397
https://bugzilla.suse.com/1153367
https://bugzilla.suse.com/1157330
https://bugzilla.suse.com/1158590
https://bugzilla.suse.com/1170415
https://bugzilla.suse.com/1170446
https://bugzilla.suse.com/1172377
https://bugzilla.suse.com/1174075
https://bugzilla.suse.com/1175081
https://bugzilla.suse.com/1176708
https://bugzilla.suse.com/1178760
https://bugzilla.suse.com/1178801
https://bugzilla.suse.com/1180243
https://bugzilla.suse.com/1180401
https://bugzilla.suse.com/1181594
https://bugzilla.suse.com/1181641
https://bugzilla.suse.com/1181677
https://bugzilla.suse.com/1181730
https://bugzilla.suse.com/1181732
https://bugzilla.suse.com/1182168
https://bugzilla.suse.com/1182476
https://bugzilla.suse.com/1182947
https://bugzilla.suse.com/1183855
https://bugzilla.suse.com/1184768
https://bugzilla.suse.com/1188447
https://bugzilla.suse.com/1190670
https://bugzilla.suse.com/1191015
https://bugzilla.suse.com/1191121
https://bugzilla.suse.com/1191334
https://bugzilla.suse.com/1191355
https://bugzilla.suse.com/1191434
https://bugzilla.suse.com/1192814
https://bugzilla.suse.com/1193273
https://bugzilla.suse.com/1193930
https://bugzilla.suse.com/1197284
https://bugzilla.suse.com/1197517
https://bugzilla.suse.com/1200022
https://bugzilla.suse.com/1200145
https://bugzilla.suse.com/1205375
https://bugzilla.suse.com/1206065
https://bugzilla.suse.com/1208074
https://bugzilla.suse.com/1210141
https://bugzilla.suse.com/1210797
https://bugzilla.suse.com/1211578
https://bugzilla.suse.com/1212368
https://bugzilla.suse.com/1213120
https://bugzilla.suse.com/1213229
https://bugzilla.suse.com/1213500
https://bugzilla.suse.com/1214107
https://bugzilla.suse.com/1214108
https://bugzilla.suse.com/1214109
https://bugzilla.suse.com/1215323
Plugin Details
Severity: Critical
ID: 270099
File Name: suse_SU-2025-03540-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 10/11/2025
Updated: 10/11/2025
Supported Sensors: Nessus Agent, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.1
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2014-9357
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2024-23653
CVSS v4
Risk Factor: Critical
Base Score: 9.4
Threat Score: 8.6
Threat Vector: CVSS:4.0/E:P
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CVSS Score Source: CVE-2024-41110
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:docker-stable, p-cpe:/a:novell:suse_linux:docker-stable-bash-completion, cpe:/o:novell:suse_linux:12
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 10/10/2025
Vulnerability Publication Date: 7/1/2014
Reference Information
CVE: CVE-2014-3499, CVE-2014-5277, CVE-2014-6407, CVE-2014-6408, CVE-2014-8178, CVE-2014-8179, CVE-2014-9356, CVE-2014-9357, CVE-2014-9358, CVE-2015-3627, CVE-2015-3629, CVE-2015-3630, CVE-2015-3631, CVE-2016-3697, CVE-2016-8867, CVE-2016-9962, CVE-2017-14992, CVE-2017-16539, CVE-2018-10892, CVE-2018-15664, CVE-2018-16873, CVE-2018-16874, CVE-2018-16875, CVE-2018-20699, CVE-2019-13509, CVE-2019-14271, CVE-2020-12912, CVE-2020-13401, CVE-2020-15257, CVE-2020-8694, CVE-2020-8695, CVE-2021-21284, CVE-2021-21285, CVE-2021-41089, CVE-2021-41091, CVE-2021-41092, CVE-2021-41103, CVE-2021-41190, CVE-2021-43565, CVE-2022-24769, CVE-2022-27191, CVE-2022-36109, CVE-2023-28840, CVE-2023-28841, CVE-2023-28842, CVE-2024-23650, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-29018, CVE-2024-41110, CVE-2025-22868, CVE-2025-22869
SuSE: SUSE-SU-2025:03540-1