Detections
Analytics

SUSE SLES16 Security Update : himmelblau (SUSE-SU-2026:21437-1)

high Nessus Plugin ID 312122

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLES16 / SLES_SAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:21437-1 advisory.

 Update to version 2.3.9+git0.a9fd29b.

 Security issues fixed:

 - CVE-2026-34397: Fixed naming collision that can lead to local privilege escalation (bsc#1261324).

 Other updates and bugfixes:

 - update aws-lc-sys to 0.39.0 for security fixes
 - update rustls-webpki to 0.103.10 for CRL revocation fix
 - Version 2.3.9:
 * packaging: fix if/else block for debian's postrm
 * Update apparmor.unix-chkpwd.local (Issue #1252)
 * When Hello user encounters SSPR demand, be permissive
 * add tests for sudo_groups functionality
 * Fix config tests to ignore local host config
 * Do not clear $NOTIFY_SOCKET when calling sd_ready
 * Fix token cache 24h purge
 * broker: use SSO server nonce for PRT only when provided
 * Fix pam_himmelblau blocking local user password changes (#1199)
 * Remove unused File import
 * Use is_ascii_alphanumeric() for account_id validation
 * Fix path traversal in LoadProfilePhoto AccountsService writes
 * Drop initialization tracing span
 * himmelblau-hsm-pin-init: drop RemainAfterExit=yes
 * Add fallback behavior when consent is required
 * qr-greeter: enable extension without socket noise
 * debian: make install/remove noninteractive; reduce QR postinst noise; soften missing hello prt
 * Never respond with BadRequest without error detail
 * deps(rust): bump the all-cargo-updates group across 1 directory with 7 updates

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1261324

https://bugzilla.suse.com/1261613

http://www.nessus.org/u?1ccdc7f2

https://www.suse.com/security/cve/CVE-2026-34397

Plugin Details

Severity: High

ID: 312122

File Name: suse_SU-2026-21437-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 5/5/2026

Updated: 5/5/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.7

Vector: CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2026-34397

CVSS v3

Risk Factor: High

Base Score: 7

Temporal Score: 6.3

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:himmelblau-qr-greeter, p-cpe:/a:novell:suse_linux:libnss_himmelblau2, p-cpe:/a:novell:suse_linux:himmelblau-sshd-config, cpe:/o:novell:suse_linux:16, p-cpe:/a:novell:suse_linux:pam-himmelblau, p-cpe:/a:novell:suse_linux:himmelblau, p-cpe:/a:novell:suse_linux:himmelblau-sso

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/30/2026

Vulnerability Publication Date: 4/1/2026

Reference Information

CVE: CVE-2026-34397

SuSE: SUSE-SU-2026:21437-1