Detections
Analytics

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:2419-1)

high Nessus Plugin ID 321584

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2419-1 advisory.

 This update for 389-ds fixes the following issue

 Update to 2.7.0~git193.9ab79d496:

 - CVE-2026-9064: unbounded LDAP controls count in `get_ldapmessage_controls_ext()` can lead to amplified CPU time and heap allocation and a denial of service (bsc#1265898).

 Changelog:

 * Issue 7503 - CVE-2026-9064 - Add a limit to the number controls per operation
 * Issue 7300 - RFE - Add OS-level thread names to all server threads (#7301)
 * Issue 7307 - RFE - Expose work queue and worker utilization metrics (#7308)
 * Issue 7464 - CLI - allow dsidm to work with other user types
 * Issue 7457 - Refactor memberOf perf test (#7458)
 * Issue 7452 - UI - password polices - reorganize settings
 * Issue 7431 - password policy - passwordBadWords is ignored in local policies
 * Issue 7155 - build_candidate_list - Database error 11 with range search (#7156)
 * Issue 7417 - UI - global password policy syntax settings missing passwordMaxRepeats
 * Issue 3555 - UI - Fix audit issue with npm - brace-expansion (#7411)
 * Issue 7088 - Change log level for 'Can't locate CSN' error message
 * Issue 7423 - cleanup pblock after freeing pre/post entries
 * Issue 7418 - Use-after-free in deferred memberof (#7419)
 * Issue 7407 - dbscan -k option display entries that do not match the specified key
 * Issue 7394 - UI - Manual typing of ports can leave out digits (#7395)
 * Issue 7277 - UI - Fix Japanese translation errors errors in Cockpit UI (#7386)
 * Issue 7126 - WARN - keys2idl - received NULL idl from index_read_ext_allids (#7127)
 * Issue 7370 - Runtime LSan/TSan injection for pytest (#7371)
 * Issue 7378 - Make sure suffix entry always gets assigned ID 1
 * Issue 7380 - Internal op with negative wtime and large optime (#7381)
 * Issue 7362 - UI - Some FormSelect onChange parameters are reversed
 * Issue 7368 - UI - global password policy page is missing passwordmintokenlength
 * Issue 7366 - Memory leaks in syncrepl plugin during persistent search operations (#7367)
 * Issue 7284 - CI - Fix test_grace_limit_section after pwpolicy validation fix (#7357)
 * Issue 7271 - Add test for retrocl trimming shutdown crash (#7356)
 * Issue 3555 - UI - Fix audit issue with npm - flatted, picomatch (#7364)
 * Issue 1704 - DNA plugin creates invalid shared config entry with port 0 (#7352)
 * Issue 6753 - Removing ticket 477828 test and porting to DSLdapObject (#6989)
 * Issue 7346 - DS does not handle escape char in bind user (#7347)
 * Issue 7322 - Fix cherry-pick error (reject repl agmt that points to itself)
 * Issue 7322 - Reject adding a replication agreement that points to itself
 * Issue 7342 - CI - repl config regression (#7343)
 * Issue - UI - Improve suffix import LDIF table
 * Issue 7325 - UI - new error parser missing import
 * Issue 7325 - UI - create an error parser for cockpit spawn errors
 * Issue 7319 - Action menu for certificates remains in empty certificate list (#7320)
 * Issue 7265 - CI - fix retro changelog maxage validation test
 * Issue 7093 - A password policy can be created even when an identical policy already exists (#7283)
 * Issue 7233 - test_produce_division_by_zero fails with IsADirectoryError in conftest.py (#7234)
 * Issue 7271 - Add new plugin pre-close function check to plugin_invoke_plugin_pb
 * Issue 7304 - retrocl should not cache DN
 * Issue 7265 - Add dse modify callback to validate retrocl trimming settings
 * Issue 7152 - ns-slapd fails to shutdown when deferred memberof update is in progress (#7187)
 * Issue 3555 - UI - Fix audit issue with npm - ajv, minimatch (#7298)
 * Issue 7271 - implement a pre-close plugin function
 * Issue 7291 - Crash when configuring a replica with an incorrect nsds5ReplicaRoot (#7292)
 * Issue 7295 - changelog max age validation cherry-pick error
 * Issue 7265 - changelog maxage validation is not strict enough
 * Issue 7284 - Creating local password policy succeeds with incorrect passwordInHistory value (#7285)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected 389-ds, 389-ds-devel, lib389 and / or libsvrcore0 packages.

See Also

https://bugzilla.suse.com/1265898

http://www.nessus.org/u?03ecc3ee

https://www.suse.com/security/cve/CVE-2026-9064

Plugin Details

Severity: High

ID: 321584

File Name: suse_SU-2026-2419-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 6/20/2026

Updated: 6/20/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2026-9064

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:lib389, p-cpe:/a:novell:suse_linux:389-ds, p-cpe:/a:novell:suse_linux:389-ds-devel, p-cpe:/a:novell:suse_linux:libsvrcore0, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 6/16/2026

Vulnerability Publication Date: 5/20/2026

Reference Information

CVE: CVE-2026-9064

SuSE: SUSE-SU-2026:2419-1