Amazon Linux 2 : qt5-qt3d, --advisory ALAS2-2026-3187 (ALAS-2026-3187)

🗓️ 06 Mar 2026 00:00:00Reported by TenableType

Amazon Linux 2 qt5-qt3d prior to 5.15.3-1 has ALAS2-2026-3187 vulnerabilities including CVE-2025-2756 and CVE-2025-3549.

Reporter	Title	Published	Views	Family All 49
Amazon	Medium: qt5-qt3d	6 Mar 202600:00	–	amazon
AlpineLinux	CVE-2025-2756	25 Mar 202510:15	–	alpinelinux
AlpineLinux	CVE-2025-3549	14 Apr 202503:15	–	alpinelinux
Circl	CVE-2025-2756	25 Mar 202510:24	–	circl
Circl	CVE-2025-3549	14 Apr 202503:53	–	circl
CNNVD	Open Asset Import Library（assimp）安全漏洞	25 Mar 202500:00	–	cnnvd
CNNVD	Open Asset Import Library 安全漏洞	14 Apr 202500:00	–	cnnvd
CVE	CVE-2025-2756	25 Mar 202509:31	–	cve
CVE	CVE-2025-3549	14 Apr 202503:00	–	cve
Cvelist	CVE-2025-2756 Open Asset Import Library Assimp AC3D File ACLoader.cpp ConvertObjectSection heap-based overflow	25 Mar 202509:31	–	cvelist

Source	Link
alas	www.alas.aws.amazon.com//AL2/ALAS2-2026-3187.html
alas	www.alas.aws.amazon.com/faqs.html
explore	www.explore.alas.aws.amazon.com/CVE-2025-2756.html
explore	www.explore.alas.aws.amazon.com/CVE-2025-3549.html
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2026-3187.
##

include('compat.inc');

if (description)
{
  script_id(301260);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/09");

  script_cve_id("CVE-2025-2756", "CVE-2025-3549");

  script_name(english:"Amazon Linux 2 : qt5-qt3d, --advisory ALAS2-2026-3187 (ALAS-2026-3187)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2 host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of qt5-qt3d installed on the remote host is prior to 5.15.3-1. It is, therefore, affected by multiple
vulnerabilities as referenced in the ALAS2-2026-3187 advisory.

    A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This
    affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp
    of the component AC3D File Handler. The manipulation of the argument tmp leads to heap-based buffer
    overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and
    may be used. (CVE-2025-2756)

    A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3.
    Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file
    code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to heap-based buffer
    overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may
    be used. (CVE-2025-3549)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com//AL2/ALAS2-2026-3187.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
  script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2025-2756.html");
  script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2025-3549.html");
  script_set_attribute(attribute:"solution", value:
"Run 'yum update qt5-qt3d' or
  or 'yum update --advisory ALAS2-2026-3187' to update your system.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-2756");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/03/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/03/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/03/06");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:qt5-qt3d");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:qt5-qt3d-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:qt5-qt3d-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:qt5-qt3d-examples");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Amazon Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var pkgs = [
    {'reference':'qt5-qt3d-5.15.3-1.amzn2.0.8', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-5.15.3-1.amzn2.0.8', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-5.15.3-1.amzn2.0.8', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-debuginfo-5.15.3-1.amzn2.0.8', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-debuginfo-5.15.3-1.amzn2.0.8', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-debuginfo-5.15.3-1.amzn2.0.8', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-devel-5.15.3-1.amzn2.0.8', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-devel-5.15.3-1.amzn2.0.8', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-devel-5.15.3-1.amzn2.0.8', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-examples-5.15.3-1.amzn2.0.8', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-examples-5.15.3-1.amzn2.0.8', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt5-qt3d-examples-5.15.3-1.amzn2.0.8', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  var cves = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qt5-qt3d / qt5-qt3d-debuginfo / qt5-qt3d-devel / etc");
}

09 Mar 2026 00:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.16.3 - 8.8

CVSS 45.3

CVSS 27.5

CVSS 36.3

EPSS0.0012

SSVC