Detections
Analytics

SUSE SLES12 Security Update : tar (SUSE-SU-2026:2615-1)

medium Nessus Plugin ID 323046

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2615-1 advisory.

 Upgrade tar to version 1.34 (jsc#PED-16073).

 Security issues fixed:

 - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399).

 Other updates and bugfixes:

 * Changes from 1.28:
 - New --one-top-level option: extract all files into a subdirectory named after the archive base name
 - New --sort option: sort directory entries by name or inode when creating archives
 - New exclusion options: --exclude-ignore, --exclude-ignore-recursive, and --exclude-vcs-ignores
 - New checkpoint action: totals; extended checkpoint format specifiers
 - Official tar(1) and rmt(8) manpages now provided upstream
 - Refuse to read from or write archives to a tty device
 * Changes from 1.29:
 - New --verbatim-files-from option: treat each line in a file list as a literal file name regardless of leading dashes
 * Changes from 1.30:
 - Member names containing '..' components are now skipped on extraction (security hardening)
 - Erroneous use of position-sensitive options is now reported
 - --numeric-owner now applies to private (pax) headers too
 - Fixed --delay-directory-restore in several edge cases
 - New --warnings=failed-read option to suppress unreadable-file warnings when combined with --ignore- failed-read
 * Changes from 1.32:
 - POSIX extended format headers no longer include PID by default
 - Wildcards in --exclude-vcs-ignore mode no longer match slashes
 - Fixed --no-overwrite-dir option
 - Fixed handling of chained renames in incremental backups
 - Link counting works for file names supplied via -T
 * Changes from 1.33:
 - Fix extraction over pipe
 - Fix memory leak in read_header
 - Fix extraction when . and .. are unreadable
 - Gracefully handle duplicate symlinks when extracting
 - Re-initialise supplementary groups when switching to user privileges

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected tar and / or tar-lang packages.

See Also

https://bugzilla.suse.com/1246399

https://lists.suse.com/pipermail/sle-updates/2026-June/047606.html

https://www.suse.com/security/cve/CVE-2025-45582

Plugin Details

Severity: Medium

ID: 323046

File Name: suse_SU-2026-2615-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 6/26/2026

Updated: 6/26/2026

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-45582

CVSS v3

Risk Factor: Medium

Base Score: 4.1

Temporal Score: 3.7

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:tar, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:tar-lang

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/24/2026

Vulnerability Publication Date: 7/11/2025

Reference Information

CVE: CVE-2025-45582

SuSE: SUSE-SU-2026:2615-1