Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

SUSE Linux Micro 6.0 Firewalld Moderate D-Bus Error Vuln 2026-22060-1

suse
Calendar Grey June 12, 2026
Dist Suse Esm H88
Address security issues in firewalld and rpcbind with the latest SUSE updates for local attack vectors.
An update that solves one vulnerability and has two fixes can now be installed.

Summary

### This update for firewalld fixes the following issue * CVE-2026-4948: local unprivileged users can modify firewall state due to D-Bus setter mis-authorizations (bsc#1260903). ## Security update for rpcbind ### This update for rpcbind fixes the following issues Update to rpcbind 1.2.9: Security issue: * Fix several memory leaks and buffer overflows (bsc#1267212). Non security issue: * rpcbind fails to start (tumbleweed snapshot 20181120) (bsc#1117217). Changes: * rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist() * rpcbind: Stop unauthenticated oversized allocation in PMAPPROC_CALLIT decode * rpcbind: fix memory leak in read_warmstart() * rpcbind: fix memory leaks in network_init() * rpcbind: fix memory leak in init_transport() * Added -v (print version and compile flags)

Topics%20covered

Topics Covered

security advisory moderate SuSE access control important firewalld

References

* bsc#1117217

* bsc#1260903

* bsc#1267212

Cross-

* CVE-2026-4948

CVSS scores:

* CVE-2026-4948 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

* CVE-2026-4948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

* CVE-2026-4948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* SUSE Linux Micro 6.0

* SUSE Linux Micro 6.1

An update that solves one vulnerability and has two fixes can now be installed.

## Security update for firewalld

##

* https://www.suse.com/security/cve/CVE-2026-4948.html

* https://bugzilla.suse.com/show_bug.cgi?id=1117217

* https://bugzilla.suse.com/show_bug.cgi?id=1260903

* https://bugzilla.suse.com/show_bug.cgi?id=1267212

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:22060-1
Release Date: 2026-06-04T08:24:04Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate SuSE access control important firewalld

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here