Moderate Vulnerabilities in SUSE Linux Micro Firewalld and Rpcbind

SUSE Linux Micro 6.0 and 6.1 received updates addressing vulnerabilities in firewalld and rpcbind. CVE-2026-4948 allows local unprivileged users to modify firewall states due to D-Bus setter mis-authorizations. The rpcbind update fixes memory leaks and buffer overflows, improving stability and security. The updates were released on June 4, 2026, and are rated as moderate severity. Users are advised to apply these updates to mitigate potential risks. The vulnerabilities primarily affect local users, indicating a limited but significant scope of impact. The updates are available for SUSE Linux Micro versions 6.0 and 6.1.

Key Points: • CVE-2026-4948 allows local users to alter firewall states in SUSE Linux. • Rpcbind update addresses multiple memory leaks and buffer overflow issues. • Both vulnerabilities are rated moderate and should be patched promptly.