SB20230509107 - Red Hat Enterprise Linux 9 update for fwupd
Published: May 9, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 vulnerabilities.
1) Weak password requirements (CVE-ID: CVE-2022-3287)
CWE-ID: CWE-521 - Weak Password Requirements
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges within the application.
The vulnerability exists due to the way the redfish plugin handles passwords. When creating an OPERATOR user account on the BMC, the redfish plugin
saved the auto-generated password to /etc/fwupd/redfish.conf without
proper restriction. A local user can read the configuration file and gain operator privileges.
2) Security features bypass (CVE-ID: CVE-2022-34301)
CWE-ID: CWE-254 - Security Features
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an attacker to bypass Secure Boot.
The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.3) Security features bypass (CVE-ID: CVE-2022-34302)
CWE-ID: CWE-254 - Security Features
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an attacker to bypass Secure Boot.
The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.
4) Security features bypass (CVE-ID: CVE-2022-34303)
CWE-ID: CWE-254 - Security Features
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an attacker to bypass Secure Boot.
The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.
Remediation
Install update from vendor's website.