SB20230509107 - Red Hat Enterprise Linux 9 update for fwupd

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20230509107

SB20230509107 - Red Hat Enterprise Linux 9 update for fwupd

Published: May 9, 2023

Security Bulletin ID SB20230509107
Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Local access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Weak password requirements (CVE-ID: CVE-2022-3287)

The vulnerability allows a local user to escalate privileges within the application.

The vulnerability exists due to the way the redfish plugin handles passwords. When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction. A local user can read the configuration file and gain operator privileges.


2) Security features bypass (CVE-ID: CVE-2022-34301)

The vulnerability allows an attacker to bypass Secure Boot.

The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.

3) Security features bypass (CVE-ID: CVE-2022-34302)

The vulnerability allows an attacker to bypass Secure Boot.

The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.


4) Security features bypass (CVE-ID: CVE-2022-34303)

The vulnerability allows an attacker to bypass Secure Boot.

The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.


Remediation

Install update from vendor's website.

References