Detections
Analytics

SUSE SLES15 Security Update : snpguest (SUSE-SU-2026:0620-1)

medium Nessus Plugin ID 300120

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0620-1 advisory.

 Update to version 0.10.0.

 Security issues fixed:

 - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257927).
 - CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242601).
 - CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bcs#1243869).

 Other updates and bugfixes:

 - Update to version 0.10.0

 * fails to generate attestation reports on SEV-SNP guests with firmware API (bsc#1257877).
 * chore: updating tool version to 0.10.0
 * refactor(certs): remove redundant branch in file-write logic
 * Docs: Adding verify measure, host-data, report-data to docs
 * verify: verify measurent, host data, and report data attributes from the attestation report.
 * library: Updating sev library to 7.1.0
 * ci: replace deprecated gh actions
 * feat: multi-format integer parsing for key subcommand arguments
 * chore(main): remove unused import `clap::arg`
 * feat(fetch): add fetch crl subcommand
 * .github/lint: Bump toolchain version to 1.86
 * Bump rust version to 1.86
 * feat: bumping tool to version 0.9.2
 * fix(verify): silence mismatched_lifetime_syntaxes in SnpOid::oid
 * feat: support SEV-SNP ABI Spec 1.58 (bump sev to v6.3.0)
 * docs: restore and clarify Global Options section
 * doc: fix CL argument orders + address recent changes
 * fix(hyperv): downgrade VMPL check from error to warning
 * fix(report.rs): remove conflict check between --random flag and Hyper-V
 * fix(report.rs): Decouple runtime behavior from hyperv build feature
 * refactor: clarify --platform error message
 * docs: add Azure/Hyper-V build note for --platform
 * report: Writing Req Data as Binary (#101)
 * deps: bump virtee/sev to 6.2.1 (fix TCB-serialization bug) (#99)
 * Updating SEV library to 6.1.0 and updating version to 0.9.1
 * Update version (0.9.0)
 * HyperV: Fixing report command failure on Azure confidential VM
 * Removing intird and append requirement for kernel measurements (#93)
 * Updating to version 6 of library and fixing attestation (#89)
 * CI: Fixing create_release workflow (#91)
 * Minor update (0.8.3)
 * Adding build script
 * Update preattestation.rs
 * Fix certificate fetch bug for Turin
 * Minor update
 * Update bitfield to 0.15.0
 * Update to 0.8.1
 * Update asn1-rs and x509-parser
 * Update to 0.8.0
 * key: Fix guest_field_select typo
 * Adding Turin support and updating ASK cn

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected snpguest package.

See Also

https://bugzilla.suse.com/1242601

https://bugzilla.suse.com/1243869

https://bugzilla.suse.com/1257877

https://bugzilla.suse.com/1257927

http://www.nessus.org/u?c835c6b3

https://www.suse.com/security/cve/CVE-2024-12224

https://www.suse.com/security/cve/CVE-2025-3416

https://www.suse.com/security/cve/CVE-2026-25727

Plugin Details

Severity: Medium

ID: 300120

File Name: suse_SU-2026-0620-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2/28/2026

Updated: 2/28/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-12224

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: Medium

Base Score: 6.8

Threat Score: 5.6

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

CVSS Score Source: CVE-2026-25727

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:snpguest, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/24/2026

Vulnerability Publication Date: 12/9/2024

Reference Information

CVE: CVE-2024-12224, CVE-2025-3416, CVE-2026-25727

SuSE: SUSE-SU-2026:0620-1