SUSE SLES15: apache2 / apache2-devel / apache2-doc / apache2-prefork / etc (SUSE-SU-2026:2686-1)

high Nessus Plugin ID 324047

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2686-1 advisory.

This update for apache2 fixes the following issues

- CVE-2026-23918: http2: double free and possible RCE on early reset (bsc#1263957).
- CVE-2026-24072: mod_rewrite elevation of privileges via ap_expr (bsc#1263935).
- CVE-2026-28780: heap buffer overflow in `mod_proxy_ajp` via `ajp_msg_check_header()` (bsc#1264163).
- CVE-2026-29167: mod_ldap per-dir use-after-free (bsc#1267976).
- CVE-2026-29168: allocation of resources without limits in `mod_md` via OCSP response (bsc#1264150).
- CVE-2026-29169: NULL pointer dereference in `mod_dav_lock` allows server crash via malicious requests (bsc#1263956).
- CVE-2026-29170: mod_proxy_ftp XSS (bsc#1267977).
- CVE-2026-33006: `mod_auth_digest` timing attack allows bypass of Digest authentication (bsc#1263955).
- CVE-2026-33007: NULL pointer dereference in `mod_authn_socache` allows unauthenticated remote user to crash a child processes (bsc#1263954).
- CVE-2026-33523: HTTP response splitting forwarding malicious status line (bsc#1263953).
- CVE-2026-33857: off-by-one OOB reads in AJP getter functions (bsc#1263952).
- CVE-2026-34032: heap buffer overread in `mod_proxy_ajp` due to missing null-termination check (bsc#1263951).
- CVE-2026-34059: heap buffer overread and memory disclosure via `ajp_parse_data()` (bsc#1263950).
- CVE-2026-34355: mod_proxy_html buffer overflow (bsc#1267978).
- CVE-2026-34356: malicious backend servers can lead to a heap-based buffer overflow (bsc#1267955).
- CVE-2026-42535: malicious path manipulation can lead to child process crashes (bsc#1267956).
- CVE-2026-42536: processing untrusted content can lead to a heap-based buffer overflow (bsc#1267962).
- CVE-2026-43951: out-of-bound read in `merge_response_headers` can cause crash (bsc#1267963).
- CVE-2026-44119: improper privilege management can lead to an unauthorized read (bsc#1267965).
- CVE-2026-44185: Stack Buffer Over-Read in mod_ssl OCSP `send_request` (bsc#1267969).
- CVE-2026-44186: responses from an attacker-controlled FTP backend can lead to resource exhaustion and a denial of service (bsc#1267970).
- CVE-2026-44631: crafted regular expression can lead to a buffer underwrite (bsc#1267971).
- CVE-2026-48913: file handle exhaustion during request processing in mod_http2 can lead to a use-after- free (bsc#1267972).
- CVE-2026-49975: Fix cookie header accounting against LimitRequestFields (bsc#1267503).

Non security issue:

- Update to 2.4.66 (jsc#PED-16334).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1207327

https://bugzilla.suse.com/1208708

https://bugzilla.suse.com/1214357

https://bugzilla.suse.com/1263935

https://bugzilla.suse.com/1263950

https://bugzilla.suse.com/1263951

https://bugzilla.suse.com/1263952

https://bugzilla.suse.com/1263953

https://bugzilla.suse.com/1263954

https://bugzilla.suse.com/1263955

https://bugzilla.suse.com/1263956

https://bugzilla.suse.com/1263957

https://bugzilla.suse.com/1264150

https://bugzilla.suse.com/1264163

https://bugzilla.suse.com/1267503

https://bugzilla.suse.com/1267955

https://bugzilla.suse.com/1267956

https://bugzilla.suse.com/1267962

https://bugzilla.suse.com/1267963

https://bugzilla.suse.com/1267965

https://bugzilla.suse.com/1267969

https://bugzilla.suse.com/1267970

https://bugzilla.suse.com/1267971

https://bugzilla.suse.com/1267972

https://bugzilla.suse.com/1267976

https://bugzilla.suse.com/1267977

https://bugzilla.suse.com/1267978

https://bugzilla.suse.com/690734

https://lists.suse.com/pipermail/sle-updates/2026-June/047720.html

https://www.suse.com/security/cve/CVE-2006-20001

https://www.suse.com/security/cve/CVE-2021-44224

https://www.suse.com/security/cve/CVE-2021-44790

https://www.suse.com/security/cve/CVE-2022-22719

https://www.suse.com/security/cve/CVE-2022-22720

https://www.suse.com/security/cve/CVE-2022-22721

https://www.suse.com/security/cve/CVE-2022-23943

https://www.suse.com/security/cve/CVE-2022-26377

https://www.suse.com/security/cve/CVE-2022-28614

https://www.suse.com/security/cve/CVE-2022-28615

https://www.suse.com/security/cve/CVE-2022-29404

https://www.suse.com/security/cve/CVE-2022-30522

https://www.suse.com/security/cve/CVE-2022-30556

https://www.suse.com/security/cve/CVE-2022-31813

https://www.suse.com/security/cve/CVE-2022-36760

https://www.suse.com/security/cve/CVE-2022-37436

https://www.suse.com/security/cve/CVE-2023-25690

https://www.suse.com/security/cve/CVE-2023-27522

https://www.suse.com/security/cve/CVE-2023-31122

https://www.suse.com/security/cve/CVE-2023-38709

https://www.suse.com/security/cve/CVE-2023-45802

https://www.suse.com/security/cve/CVE-2024-24795

https://www.suse.com/security/cve/CVE-2024-27316

https://www.suse.com/security/cve/CVE-2024-38473

https://www.suse.com/security/cve/CVE-2024-38474

https://www.suse.com/security/cve/CVE-2024-38475

https://www.suse.com/security/cve/CVE-2024-38476

https://www.suse.com/security/cve/CVE-2024-38477

https://www.suse.com/security/cve/CVE-2024-39573

https://www.suse.com/security/cve/CVE-2024-39884

https://www.suse.com/security/cve/CVE-2024-40725

https://www.suse.com/security/cve/CVE-2024-42516

https://www.suse.com/security/cve/CVE-2024-43204

https://www.suse.com/security/cve/CVE-2024-47252

https://www.suse.com/security/cve/CVE-2025-23048

https://www.suse.com/security/cve/CVE-2025-49630

https://www.suse.com/security/cve/CVE-2025-49812

https://www.suse.com/security/cve/CVE-2025-53020

https://www.suse.com/security/cve/CVE-2025-55753

https://www.suse.com/security/cve/CVE-2025-58098

https://www.suse.com/security/cve/CVE-2025-65082

https://www.suse.com/security/cve/CVE-2025-66200

https://www.suse.com/security/cve/CVE-2026-23918

https://www.suse.com/security/cve/CVE-2026-24072

https://www.suse.com/security/cve/CVE-2026-28780

https://www.suse.com/security/cve/CVE-2026-29167

https://www.suse.com/security/cve/CVE-2026-29168

https://www.suse.com/security/cve/CVE-2026-29169

https://www.suse.com/security/cve/CVE-2026-29170

https://www.suse.com/security/cve/CVE-2026-33006

https://www.suse.com/security/cve/CVE-2026-33007

https://www.suse.com/security/cve/CVE-2026-33523

https://www.suse.com/security/cve/CVE-2026-33857

https://www.suse.com/security/cve/CVE-2026-34032

https://www.suse.com/security/cve/CVE-2026-34059

https://www.suse.com/security/cve/CVE-2026-34355

https://www.suse.com/security/cve/CVE-2026-34356

https://www.suse.com/security/cve/CVE-2026-42535

https://www.suse.com/security/cve/CVE-2026-42536

https://www.suse.com/security/cve/CVE-2026-43951

https://www.suse.com/security/cve/CVE-2026-44119

https://www.suse.com/security/cve/CVE-2026-44185

https://www.suse.com/security/cve/CVE-2026-44186

https://www.suse.com/security/cve/CVE-2026-44631

https://www.suse.com/security/cve/CVE-2026-48913

https://www.suse.com/security/cve/CVE-2026-49975

Plugin Details

Severity: High

ID: 324047

File Name: suse_SU-2026-2686-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 7/1/2026

Updated: 7/1/2026

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

Percentile: 99.07

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-31813

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2024-38476

CVSS v4

Risk Factor: High

Base Score: 8.7

Threat Score: 8.7

Threat Vector: CVSS:4.0/E:A

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2026-49975

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:apache2-prefork, p-cpe:/a:novell:suse_linux:apache2-devel, p-cpe:/a:novell:suse_linux:apache2-utils, p-cpe:/a:novell:suse_linux:apache2, p-cpe:/a:novell:suse_linux:apache2-doc, p-cpe:/a:novell:suse_linux:apache2-worker, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/30/2026

Vulnerability Publication Date: 12/20/2021

CISA Known Exploited Vulnerability Due Dates: 5/22/2025

Reference Information

CVE: CVE-2006-20001, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2023-45802, CVE-2024-24795, CVE-2024-27316, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39884, CVE-2024-40725, CVE-2024-42516, CVE-2024-43204, CVE-2024-47252, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-65082, CVE-2025-66200, CVE-2026-23918, CVE-2026-24072, CVE-2026-28780, CVE-2026-29167, CVE-2026-29168, CVE-2026-29169, CVE-2026-29170, CVE-2026-33006, CVE-2026-33007, CVE-2026-33523, CVE-2026-33857, CVE-2026-34032, CVE-2026-34059, CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536, CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186, CVE-2026-44631, CVE-2026-48913, CVE-2026-49975

IAVA: 2021-A-0604-S, 2022-A-0124-S, 2022-A-0230-S, 2023-A-0047-S, 2023-A-0124-S, 2023-A-0572-S, 2024-A-0202-S, 2024-A-0378-S, 2024-A-0411-S, 2025-A-0508-S, 2025-A-0889-S, 2026-A-0423-S, 2026-A-0558

SuSE: SUSE-SU-2026:2686-1