Detections
Analytics

SUSE SLES16: libsolv-demo / libsolv-devel / libsolv-devel-static / libsolv-tools / etc (SUSE-SU-2026:22172-1)

high Nessus Plugin ID 322895

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES16 / SLES_SAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22172-1 advisory.

 Changes in zypper:

 Update to 1.14.98:

 - Transactional systems: Delegate rw-commands to transactional-wrapper if available (jsc#PED-13680, jsc#PED-15607) On a transactional system where the root filesystem is mounted read-only, zypper commands that modify the system cannot be executed directly.
 If the system provides a transactional-wrapper utility, zypper will automatically attempt to invoke it. The wrapper transparently executes the zypper command within a new, writable snapshot and manages the lifecycle of that snapshot based on the command's exit status.
 On transactional systems lacking a transactional-wrapper, users must manually invoke specialized tools -such as transactional-update- to install, update, or remove software.
 - Add --filter-version-change to zypper lu.
 Adds filtering by version change significance to reduce noise in update listings. Supports levels: rebuild (hides rebuild-only changes) and package (hides all release-only changes).
 - Autorefresh ris-services the way as plugin-services (bsc#1246504) It's actually wrong to treat service refreshes different depending on the service type. For the purpose of a service it makes no difference how the data about the repos to use are acquired.

 Changes in libzypp:

 Updated to 17.38.13:

 - A .repo files path= entry must not refer to a location outside the repo (bsc#1267874, CVE-2026-44942) A path= entry may solely denote a sub-directory of the baseurl where the metadata are located. A relative path trying to access data outside the baseurl is reported and sanitized.
 - Repo keyhint must denote a filename, no path (bsc#1267426, CVE-2026-44941)
 - Fix potential crash on malformed or malicious repository metadata (fixes #740)
 - Repo metadata: discard entries referring to a location outside the repo (bsc#1259802, CVE-2026-25707) Mirroring those data locally would refer to a location outside the repo's local cache directory. Those data entries are reported and discarded.
 - zypp.conf: Allow [env] section to add environment variables.
 This feature is designed to enable environment-specific settings or debugging options over an extended period. See zypp.conf(5).
 - Prevent configured scripts from escaping the sigcheck directory (bsc#1265223, CVE-2026-44933)
 - StringV: guard hasPrefix/hasPrefixCI against reading past the view end (fixes #735)
 - Mandatory signature verification plugin support (PED#11922)
 - Fix purge-kernel -rc kernel handling (bsc#1239718)
 - Explicitly_set_pool_DISTTYPE_RPM (fixes #726)
 - Check for trusted key updates when updating the general keyring (bsc#1259706)
 - Support multiple MirroredOrigin authorities (bsc#1253193)
 - Workaround doxygen bug: doxygen/doxygen#12057
 - libzypp.spec: Add missing graphviz-gd BuildRequires (boo#1259842)

 Changes in libsolv:

 Updated to 0.7.39:

 - fix solv_chksum_free segfault when called with a NULL pointer
 - made repo_add_solv more robust against corrupt files [bsc#1265935] [CVE-2026-9149]
 - fix potential buffer overflow when verifying EdDSA signatures [bsc#1266039] [CVE-2026-48863]
 - added limit checks in multiple places to catch overflows
 - reduce the size of the language id cache
 - fixed Debian canon selection
 - fixed dbpath detection in repo_rpmdb_librpm
 - reduced stack usage in repo page compression (needed for musl)
 - fix parsing of sha512 checksums in debian repositories [bsc#1265938] [CVE-2026-9150]
 - improve speed of dirpool_add_dir makeing parsing of filelists.xml twice as fast
 - fix parsing of recommends in the old Mandriva synthesis format

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1239718

https://bugzilla.suse.com/1246504

https://bugzilla.suse.com/1253193

https://bugzilla.suse.com/1259706

https://bugzilla.suse.com/1259802

https://bugzilla.suse.com/1259842

https://bugzilla.suse.com/1265223

https://bugzilla.suse.com/1265935

https://bugzilla.suse.com/1265938

https://bugzilla.suse.com/1266039

https://bugzilla.suse.com/1267426

https://bugzilla.suse.com/1267874

https://www.suse.com/security/cve/CVE-2026-25707

https://www.suse.com/security/cve/CVE-2026-44933

https://www.suse.com/security/cve/CVE-2026-44941

https://www.suse.com/security/cve/CVE-2026-44942

https://www.suse.com/security/cve/CVE-2026-48863

https://www.suse.com/security/cve/CVE-2026-9149

https://www.suse.com/security/cve/CVE-2026-9150

http://www.nessus.org/u?21cbcd03

Plugin Details

Severity: High

ID: 322895

File Name: suse_SU-2026-22172-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 6/26/2026

Updated: 6/26/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, tenable_cloud_security, tenable_self_hosted_container_security, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

CVSS Score Source: CVE-2026-44941

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2026-9149

CVSS v4

Risk Factor: High

Base Score: 8.5

Threat Score: 5.9

Threat Vector: CVSS:4.0/E:U

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2026-44933

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:libzypp-devel-doc, p-cpe:/a:novell:suse_linux:python313-solv, p-cpe:/a:novell:suse_linux:zypper, p-cpe:/a:novell:suse_linux:zypper-aptitude, p-cpe:/a:novell:suse_linux:libsolv-tools-base, p-cpe:/a:novell:suse_linux:libsolv-devel-static, p-cpe:/a:novell:suse_linux:libsolv-devel, p-cpe:/a:novell:suse_linux:ruby-solv, p-cpe:/a:novell:suse_linux:zypper-log, p-cpe:/a:novell:suse_linux:libsolv-demo, p-cpe:/a:novell:suse_linux:perl-solv, p-cpe:/a:novell:suse_linux:libsolv-tools, p-cpe:/a:novell:suse_linux:libzypp, p-cpe:/a:novell:suse_linux:zypper-needs-restarting, cpe:/o:novell:suse_linux:16, p-cpe:/a:novell:suse_linux:libsolv1, p-cpe:/a:novell:suse_linux:libzypp-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 6/19/2026

Vulnerability Publication Date: 5/20/2026

Reference Information

CVE: CVE-2026-25707, CVE-2026-44933, CVE-2026-44941, CVE-2026-44942, CVE-2026-48863, CVE-2026-9149, CVE-2026-9150

IAVA: 2026-A-0561

SuSE: SUSE-SU-2026:22172-1