4 matches found
USN-8326-1 foomuuri vulnerabilities
Matthias Gerstner discovered that Foomuuri's D-Bus service did not properly enforce authorization. An unprivileged local attacker could possibly use this issue to manipulate the firewall configuration, contrary to expectations. CVE-2025-67603 Matthias Gerstner discovered that Foomuuri's D-Bus...
Fedora: Security Advisory (FEDORA-2026-63f333201f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : foomuuri (2026-63f333201f)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-63f333201f advisory. Upstream update to v0.31 with fixes to CVE-2025-67603 and CVE-2025-67858. CVE-2025-67603: Add PolicyKit authorization to D-Bus methods...
CVE-2025-67858
A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft. This issue affects Foomuuri: from ? before 0.31...