Detections
Analytics

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2026:1351-1)

high Nessus Plugin ID 306694

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1351-1 advisory.

 Security issues:

 - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service (bsc#1260805).
 - CVE-2026-3104: memory leak in code preparing DNSSEC proofs of non-existence allows for DoS (bsc#1260567).
 - CVE-2026-3119: authenticated queries containing a TKEY record may cause `named` to terminate unexpectedly (bsc#1260568).
 - CVE-2026-3591: stack use-after-return flaw in SIG(0) handling code allows for ACL bypass (bsc#1260569).
 - use-after-free error in `dns_client_resolve()` triggered by a DNAME response (bsc#1259202).

 Upgrade to release 9.20.21 Security Fixes:
 * Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations.
 (CVE-2026-1519) [bsc#1260805]
 * Fix memory leaks in code preparing DNSSEC proofs of non-existence.
 (CVE-2026-3104) [bsc#1260567]
 * Prevent a crash in code processing queries containing a TKEY record.
 (CVE-2026-3119) [bsc#1260568]
 * Fix a stack use-after-return flaw in SIG(0) handling code.
 (CVE-2026-3591) [bsc#1260569]
 * Fix a use-after-free error in dns_client_resolve() triggered by a DNAME response. This issue only affected the delv tool and it has now been fixed.
 [bsc#1259202] Feature Changes:
 * Record query time for all dnstap responses.
 * Optimize TCP source port selection on Linux.
 Bug Fixes:
 * Fix the handling of key statements defined inside views.
 * Fix an assertion failure triggered by non-minimal IXFRs.
 * Fix a crash when retrying a NOTIFY over TCP.
 * Fetch loop detection improvements.
 * Randomize nameserver selection.
 * Fix dnstap logging of forwarded queries.
 * A stale answer could have been served in case of multiple upstream failures when following CNAME chains. This has been fixed.
 * Fail DNSKEY validation when supported but invalid DS is found.
 * Importing an invalid SKR file might corrupt stack memory.
 * Return FORMERR for queries with the EDNS Client Subnet FAMILY field set to 0.
 * Fix inbound IXFR performance regression.
 * Make catalog zone names and member zones' entry names case-insensitive.
 * Fix implementation of BRID and HHIT record types.
 * Fix implementation of DSYNC record type.
 * Fix response policy and catalog zones to work with $INCLUDE directive.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected bind, bind-doc and / or bind-utils packages.

See Also

https://bugzilla.suse.com/1259202

https://bugzilla.suse.com/1260567

https://bugzilla.suse.com/1260568

https://bugzilla.suse.com/1260569

https://bugzilla.suse.com/1260805

https://lists.suse.com/pipermail/sle-updates/2026-April/045566.html

https://www.suse.com/security/cve/CVE-2026-1519

https://www.suse.com/security/cve/CVE-2026-3104

https://www.suse.com/security/cve/CVE-2026-3119

https://www.suse.com/security/cve/CVE-2026-3591

Plugin Details

Severity: High

ID: 306694

File Name: suse_SU-2026-1351-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 4/16/2026

Updated: 4/16/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N

CVSS Score Source: CVE-2026-3591

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2026-1519

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:bind-utils, p-cpe:/a:novell:suse_linux:bind-doc, p-cpe:/a:novell:suse_linux:bind, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/15/2026

Vulnerability Publication Date: 3/25/2026

Reference Information

CVE: CVE-2026-1519, CVE-2026-3104, CVE-2026-3119, CVE-2026-3591

IAVA: 2026-A-0269

SuSE: SUSE-SU-2026:1351-1