From 1789d04ab4804b23fbda5e11a79f31a0221866d5 Mon Sep 17 00:00:00 2001
From: Rahul Jain <rahul.jain@suse.com>
Date: Tue, 28 Apr 2026 22:56:02 +0530
Subject: [PATCH] Fix CVE-2026-4948: local unprivileged users can modify
 firewall state due to D-Bus setter mis-authorization

---
 src/firewall/server/firewalld.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/firewall/server/firewalld.py b/src/firewall/server/firewalld.py
index da8d61d..5dd92a2 100644
--- a/src/firewall/server/firewalld.py
+++ b/src/firewall/server/firewalld.py
@@ -946,7 +946,7 @@ class FirewallD(DbusServiceObject):
         log.debug1("getZoneSettings2(%s)", zone)
         return self.fw.zone.get_config_with_settings_dict(zone)
 
-    @dbus_polkit_require_auth(config.dbus.PK_ACTION_CONFIG_INFO)
+    @dbus_polkit_require_auth(config.dbus.PK_ACTION_CONFIG)
     @dbus_service_method(config.dbus.DBUS_INTERFACE_ZONE, in_signature='sa{sv}')
     @dbus_handle_exceptions
     def setZoneSettings2(self, zone, settings, sender=None):
@@ -970,7 +970,7 @@ class FirewallD(DbusServiceObject):
         log.debug1("policy.getPolicySettings(%s)", policy)
         return self.fw.policy.get_config_with_settings_dict(policy)
 
-    @dbus_polkit_require_auth(config.dbus.PK_ACTION_CONFIG_INFO)
+    @dbus_polkit_require_auth(config.dbus.PK_ACTION_CONFIG)
     @dbus_service_method(config.dbus.DBUS_INTERFACE_POLICY, in_signature='sa{sv}')
     @dbus_handle_exceptions
     def setPolicySettings(self, policy, settings, sender=None):
-- 
2.50.0