[SECURITY] [DLA 4585-1] firewalld security update

Debian LTS Advisory DLA-4585-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson May 15, 2026 https://wiki.debian.org/LTS Package : firewalld Version : 0.9.3-2+deb11u1 CVE ID : CVE-2026-4948 Debian Bug : A flaw was found in firewalld where a local unprivileged us...

Security update for firewalld

This update for firewalld fixes the following issue: CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Debian dla-4585 : firewall-applet - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4585 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4585-1 [email protected] https://www.debian.org/lts/security/...

Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

...

SUSE-SU-2026:21418-1 Security update for firewalld

This update for firewalld fixes the following issues: - CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903...

OESA-2026-1858 firewalld security update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Security Fixes: A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and...

SUSE CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

The CVE-2026-4948 entry concerns firewalld where a local unprivileged user can exploit mis-authorization of two runtime D-Bus setters (setZoneSettings2 and setPolicySettings). This allows modifying the runtime firewall state without authentication, leading to unauthorized changes in network secur...

CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

Linux Distros Unpatched Vulnerability : CVE-2026-4948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSetting...

CVE-2019-7474

A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2,...