Detections
Analytics
openSUSE 16 Security Update : cups (openSUSE-SU-2026:20172-1)
medium Nessus Plugin ID 298240
Synopsis
The remote openSUSE host is missing one or more security updates.Description
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20172-1 advisory.Update to version 2.4.16.
Security issues fixed:
- CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues (bsc#1253783).
- CVE-2025-58436: slow client communication leads to a possible DoS attack (bsc#1244057).
- CVE-2025-58364: unsafe deserialization and validation of printer attributes can cause a null dereference (bsc#1249128).
- CVE-2025-58060: authentication bypass with AuthType Negotiate (bsc#1249049).
Other updates and bugfixes:
- Version upgrade to 2.4.16:
* 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences, potentially reading past the end of the source string (Issue #1438)
* The web interface did not support domain usernames fully (Issue #1441)
* Fixed an infinite loop issue in the GTK+ print dialog (Issue #1439 boo#1254353)
* Fixed stopping scheduler on unknown directive in configuration (Issue #1443)
* Fixed packages for Immutable Mode (jsc#PED-14775 from epic jsc#PED-14688)
- Version upgrade to 2.4.15:
* Fixed potential crash in 'cups-driverd' when there are duplicate PPDs (Issue #1355)
* Fixed error recovery when scanning for PPDs in 'cups-driverd' (Issue #1416)
- Version upgrade to 2.4.14.
- Version upgrade to 2.4.13:
* Added 'print-as-raster' printer and job attributes for forcing rasterization (Issue #1282)
* Updated documentation (Issue #1086)
* Updated IPP backend to try a sanitized user name if the printer/server does not like the value (Issue #1145)
* Updated the scheduler to send the printer-added or printer-modified events whenever an IPP Everywhere PPD is installed (Issue #1244)
* Updated the scheduler to send the printer-modified event whenever the system default printer is changed (Issue #1246)
* Fixed a memory leak in 'httpClose' (Issue #1223)
* Fixed missing commas in 'ippCreateRequestedArray' (Issue #1234)
* Fixed subscription issues in the scheduler and D-Bus notifier (Issue #1235)
* Fixed media-default reporting for custom sizes (Issue #1238)
* Fixed support for IPP/PPD options with periods or underscores (Issue #1249)
* Fixed parsing of real numbers in PPD compiler source files (Issue #1263)
* Fixed scheduler freezing with zombie clients (Issue #1264)
* Fixed support for the server name in the ErrorLog filename (Issue #1277)
* Fixed job cleanup after daemon restart (Issue #1315)
* Fixed handling of buggy DYMO USB printer serial numbers (Issue #1338)
* Fixed unreachable block in IPP backend (Issue #1351)
* Fixed memory leak in _cupsConvertOptions (Issue #1354)
- Version upgrade to 2.4.12:
* GnuTLS follows system crypto policies now (Issue #1105)
* Added `NoSystem` SSLOptions value (Issue #1130)
* Now we raise alert for certificate issues (Issue #1194)
* Added Kyocera USB quirk (Issue #1198)
* The scheduler now logs a job's debugging history if the backend fails (Issue #1205)
* Fixed a potential timing issue with `cupsEnumDests` (Issue #1084)
* Fixed a potential lost PPD condition in the scheduler (Issue #1109)
* Fixed a compressed file error handling bug (Issue #1070)
* Fixed a bug in the make-and-model whitespace trimming code (Issue #1096)
* Fixed a removal of IPP Everywhere permanent queue if installation failed (Issue #1102)
* Fixed `ServerToken None` in scheduler (Issue #1111)
* Fixed invalid IPP keyword values created from PPD option names (Issue #1118)
* Fixed handling of media and PageSize in the same print request (Issue #1125)
* Fixed client raster printing from macOS (Issue #1143)
* Fixed the default User-Agent string.
* Fixed a recursion issue in `ippReadIO`.
* Fixed handling incorrect radix in `scan_ps()` (Issue #1188)
* Fixed validation of dateTime values with time zones more than UTC+11 (Issue #1201)
* Fixed attributes returned by the Create-Xxx-Subscriptions requests (Issue #1204)
* Fixed `ippDateToTime` when using a non GMT/UTC timezone (Issue #1208)
* Fixed `job-completed` event notifications for jobs that are cancelled before started (Issue #1209)
* Fixed DNS-SD discovery with `ippfind` (Issue #1211)
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1249049
https://bugzilla.suse.com/1249128
https://bugzilla.suse.com/1253783
https://bugzilla.suse.com/1254353
https://www.suse.com/security/cve/CVE-2025-58060
https://www.suse.com/security/cve/CVE-2025-58364
https://www.suse.com/security/cve/CVE-2025-58436
Plugin Details
Severity: Medium
ID: 298240
File Name: openSUSE-2026-20172-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 2/6/2026
Updated: 2/6/2026
Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.1
Vector: CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C
CVSS Score Source: CVE-2025-61915
CVSS v3
Risk Factor: Medium
Base Score: 6.7
Temporal Score: 6
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:novell:opensuse:16.0, p-cpe:/a:novell:opensuse:libcups2, p-cpe:/a:novell:opensuse:cups-config, p-cpe:/a:novell:opensuse:cups-devel, p-cpe:/a:novell:opensuse:libcupsimage2, p-cpe:/a:novell:opensuse:cups-ddk, p-cpe:/a:novell:opensuse:cups, p-cpe:/a:novell:opensuse:cups-client
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/4/2026
Vulnerability Publication Date: 9/9/2025
Reference Information
CVE: CVE-2025-58060, CVE-2025-58364, CVE-2025-58436, CVE-2025-61915