CVE-2026-4948

EUVD-2026-16557
A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication, leading to unauthorized changes in network security configurations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
firewalldfirewalld
𝑥
≤ 2.4.0
redhatenterprise_linux
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
firewalld
bookworm
no-dsa
bullseye
vulnerable
bullseye (security)
0.9.3-2+deb11u1
fixed
forky
2.4.2-1
fixed
sid
2.4.2-1
fixed
trixie
2.3.1-1+deb13u1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
firewall-applet
suse enterprise desktop 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise sap 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise server 15 SP4
0.9.3-150400.8.15.1
fixed
suse enterprise server 15 SP7
2.0.1-150600.3.15.1
fixed
firewall-config
suse enterprise desktop 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise sap 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise server 15 SP4
0.9.3-150400.8.15.1
fixed
suse enterprise server 15 SP7
2.0.1-150600.3.15.1
fixed
firewall-macros
suse enterprise server 15 SP4
0.9.3-150400.8.15.1
fixed
firewalld
suse enterprise desktop 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise sap 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise server 15 SP4
0.9.3-150400.8.15.1
fixed
suse enterprise server 15 SP7
2.0.1-150600.3.15.1
fixed
firewalld-bash-completion
suse enterprise desktop 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise sap 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise server 15 SP7
2.0.1-150600.3.15.1
fixed
firewalld-lang
suse enterprise desktop 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise sap 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise server 15 SP4
0.9.3-150400.8.15.1
fixed
suse enterprise server 15 SP7
2.0.1-150600.3.15.1
fixed
firewalld-zsh-completion
suse enterprise desktop 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise sap 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise server 15 SP7
2.0.1-150600.3.15.1
fixed
python3-firewall
suse enterprise desktop 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise sap 15 SP7
2.0.1-150600.3.15.1
fixed
suse enterprise server 15 SP4
0.9.3-150400.8.15.1
fixed
suse enterprise server 15 SP7
2.0.1-150600.3.15.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
firewalld
Amazon Linux 2023
0:1.2.3-1.amzn2023.0.2
fixed
firewalld-filesystem
Amazon Linux 2023
0:1.2.3-1.amzn2023.0.2
fixed
firewalld-test
Amazon Linux 2023
0:1.2.3-1.amzn2023.0.2
fixed
python3-firewall
Amazon Linux 2023
0:1.2.3-1.amzn2023.0.2
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
firewalld
Azure Linux 3.0
0:2.0.2-4.azl3
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2026-4948
https://bugzilla.redhat.com/show_bug.cgi?id=2452086
https://lists.debian.org/debian-lts-announce/2026/05/msg00029.html