Linuxsecurity
SUSE and openSUSE Firewalld Vulnerability CVE-2026-4948 Affects Local Users
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A moderate vulnerability (CVE-2026-4948) has been identified in firewalld, allowing local unprivileged users to modify the firewall state due to D-Bus setter mis-authorizations. This affects both SUSE Linux Micro 6.2 and openSUSE Leap 16.0 systems. The issue was published on March 27, 2026, and has been assigned a CVSS score of 4.0. Patches are available through standard installation methods like YaST online_update or 'zypper patch'. Administrators are advised to apply the updates to mitigate potential exploitation. The vulnerability does not appear to have been actively exploited at this time. The advisory emphasizes the importance of updating affected systems promptly.
Key Points: • CVE-2026-4948 allows local unprivileged users to alter firewall settings. • Patches are available for both SUSE Linux Micro 6.2 and openSUSE Leap 16.0. • The vulnerability has a moderate severity rating with a CVSS score of 4.0.