Red Hat Product Errata RHSA-2024:1106 - Security Advisory
Issued:
2024-03-05
Updated:
2024-03-05

RHSA-2024:1106 - Security Advisory

Synopsis

Moderate: fwupd security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for fwupd is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The fwupd packages provide a service that allows session software to update device firmware.

Security Fix(es):

  • fwupd: world readable password in /etc/fwupd/redfish.conf (CVE-2022-3287)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

Fixes

  • BZ - 2129904 - CVE-2022-3287 fwupd: world readable password in /etc/fwupd/redfish.conf

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
x86_64
fwupd-1.7.4-3.el8_6.x86_64.rpm SHA-256: 11b356e3f1511538f6cea1b9da59762ae141442eb7da50a913e083c270f8db44
fwupd-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 717b78e8c54409dd9dead9bb0f9dcab58a895dbaf9205157f1359f3a0f70f735
fwupd-debugsource-1.7.4-3.el8_6.x86_64.rpm SHA-256: 2063239d48f8c7009a3f759a82ad218a7fdeaabb5b5e8c4b6bfc13343b993190
fwupd-tests-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 8c1ad35e9f43100508969a127db7ff3db85e91129c4115516696278b9b217bd5

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
x86_64
fwupd-1.7.4-3.el8_6.x86_64.rpm SHA-256: 11b356e3f1511538f6cea1b9da59762ae141442eb7da50a913e083c270f8db44
fwupd-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 717b78e8c54409dd9dead9bb0f9dcab58a895dbaf9205157f1359f3a0f70f735
fwupd-debugsource-1.7.4-3.el8_6.x86_64.rpm SHA-256: 2063239d48f8c7009a3f759a82ad218a7fdeaabb5b5e8c4b6bfc13343b993190
fwupd-tests-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 8c1ad35e9f43100508969a127db7ff3db85e91129c4115516696278b9b217bd5

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
x86_64
fwupd-1.7.4-3.el8_6.x86_64.rpm SHA-256: 11b356e3f1511538f6cea1b9da59762ae141442eb7da50a913e083c270f8db44
fwupd-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 717b78e8c54409dd9dead9bb0f9dcab58a895dbaf9205157f1359f3a0f70f735
fwupd-debugsource-1.7.4-3.el8_6.x86_64.rpm SHA-256: 2063239d48f8c7009a3f759a82ad218a7fdeaabb5b5e8c4b6bfc13343b993190
fwupd-tests-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 8c1ad35e9f43100508969a127db7ff3db85e91129c4115516696278b9b217bd5

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
s390x
fwupd-1.7.4-3.el8_6.s390x.rpm SHA-256: e67cc07f83c987a7ae500d3299c917745ca682e7bab6b09a13694e13d0ea6fbe
fwupd-debuginfo-1.7.4-3.el8_6.s390x.rpm SHA-256: 4ad2d4d659935ce047019b1a10c492dc66f8d1813b7820e07aa51a83d8308cad
fwupd-debugsource-1.7.4-3.el8_6.s390x.rpm SHA-256: 8865c1fb53d60d6b9a36985377e86938056c176482f4aa6e0f25eeffccccf10b
fwupd-tests-debuginfo-1.7.4-3.el8_6.s390x.rpm SHA-256: 3167ff636acdb6b44fc358e26222b40643f6ba594a06b4516913991b9e234e6c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
ppc64le
fwupd-1.7.4-3.el8_6.ppc64le.rpm SHA-256: c3941a00b9e9d3909c129dbea9f667fe9cdbe18d89d9e97af7988879886181f7
fwupd-debuginfo-1.7.4-3.el8_6.ppc64le.rpm SHA-256: 42b159eb67645e1fb2363d1e1db52f74c2db7d71880c549c95b1a88c1bb3b977
fwupd-debugsource-1.7.4-3.el8_6.ppc64le.rpm SHA-256: 635463e342361ff1f7c5455a6fba1d8199c7a07d6579afd94ed095233b22e15f

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
x86_64
fwupd-1.7.4-3.el8_6.x86_64.rpm SHA-256: 11b356e3f1511538f6cea1b9da59762ae141442eb7da50a913e083c270f8db44
fwupd-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 717b78e8c54409dd9dead9bb0f9dcab58a895dbaf9205157f1359f3a0f70f735
fwupd-debugsource-1.7.4-3.el8_6.x86_64.rpm SHA-256: 2063239d48f8c7009a3f759a82ad218a7fdeaabb5b5e8c4b6bfc13343b993190
fwupd-tests-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 8c1ad35e9f43100508969a127db7ff3db85e91129c4115516696278b9b217bd5

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
aarch64
fwupd-1.7.4-3.el8_6.aarch64.rpm SHA-256: 87dd8a10c6d2d4bfeae6d8e78c466f0c8a9e84d221aa8b42c36e4a68546c5941
fwupd-debuginfo-1.7.4-3.el8_6.aarch64.rpm SHA-256: 14e9fbd2d739b56db518aeaca6f5f7711aba0a0615a84698ffc5f86854b24746
fwupd-debugsource-1.7.4-3.el8_6.aarch64.rpm SHA-256: ceee56b613d152c69456256ee4986610508e6f98d0491040fa5a6107c516881a
fwupd-tests-debuginfo-1.7.4-3.el8_6.aarch64.rpm SHA-256: 0f11a8757bd683c2a0e80a93ab6dce312806af9cbe80332a9ed9bc5adc6490f4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
ppc64le
fwupd-1.7.4-3.el8_6.ppc64le.rpm SHA-256: c3941a00b9e9d3909c129dbea9f667fe9cdbe18d89d9e97af7988879886181f7
fwupd-debuginfo-1.7.4-3.el8_6.ppc64le.rpm SHA-256: 42b159eb67645e1fb2363d1e1db52f74c2db7d71880c549c95b1a88c1bb3b977
fwupd-debugsource-1.7.4-3.el8_6.ppc64le.rpm SHA-256: 635463e342361ff1f7c5455a6fba1d8199c7a07d6579afd94ed095233b22e15f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
fwupd-1.7.4-3.el8_6.src.rpm SHA-256: 029c54a910d98f75f9d22d34940384f4810ff54c0f56a079e5a98068ff048846
x86_64
fwupd-1.7.4-3.el8_6.x86_64.rpm SHA-256: 11b356e3f1511538f6cea1b9da59762ae141442eb7da50a913e083c270f8db44
fwupd-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 717b78e8c54409dd9dead9bb0f9dcab58a895dbaf9205157f1359f3a0f70f735
fwupd-debugsource-1.7.4-3.el8_6.x86_64.rpm SHA-256: 2063239d48f8c7009a3f759a82ad218a7fdeaabb5b5e8c4b6bfc13343b993190
fwupd-tests-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 8c1ad35e9f43100508969a127db7ff3db85e91129c4115516696278b9b217bd5

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM
x86_64
fwupd-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 717b78e8c54409dd9dead9bb0f9dcab58a895dbaf9205157f1359f3a0f70f735
fwupd-debugsource-1.7.4-3.el8_6.x86_64.rpm SHA-256: 2063239d48f8c7009a3f759a82ad218a7fdeaabb5b5e8c4b6bfc13343b993190
fwupd-devel-1.7.4-3.el8_6.x86_64.rpm SHA-256: e6e59ed034f3302b8c5d06a0648ea35f6d51775a3f08d26b158c1462df0e0f27
fwupd-tests-debuginfo-1.7.4-3.el8_6.x86_64.rpm SHA-256: 8c1ad35e9f43100508969a127db7ff3db85e91129c4115516696278b9b217bd5

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM
ppc64le
fwupd-debuginfo-1.7.4-3.el8_6.ppc64le.rpm SHA-256: 42b159eb67645e1fb2363d1e1db52f74c2db7d71880c549c95b1a88c1bb3b977
fwupd-debugsource-1.7.4-3.el8_6.ppc64le.rpm SHA-256: 635463e342361ff1f7c5455a6fba1d8199c7a07d6579afd94ed095233b22e15f
fwupd-devel-1.7.4-3.el8_6.ppc64le.rpm SHA-256: b56de44880be244108c8fb42c5fdd901029e01d68671f00e7a1d834d381bbecc

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM
s390x
fwupd-debuginfo-1.7.4-3.el8_6.s390x.rpm SHA-256: 4ad2d4d659935ce047019b1a10c492dc66f8d1813b7820e07aa51a83d8308cad
fwupd-debugsource-1.7.4-3.el8_6.s390x.rpm SHA-256: 8865c1fb53d60d6b9a36985377e86938056c176482f4aa6e0f25eeffccccf10b
fwupd-devel-1.7.4-3.el8_6.s390x.rpm SHA-256: 14ba25f14263abbee2717fc8a343c49a287e5d126b19bd1e0408b04fc3792fae
fwupd-tests-debuginfo-1.7.4-3.el8_6.s390x.rpm SHA-256: 3167ff636acdb6b44fc358e26222b40643f6ba594a06b4516913991b9e234e6c

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM
aarch64
fwupd-debuginfo-1.7.4-3.el8_6.aarch64.rpm SHA-256: 14e9fbd2d739b56db518aeaca6f5f7711aba0a0615a84698ffc5f86854b24746
fwupd-debugsource-1.7.4-3.el8_6.aarch64.rpm SHA-256: ceee56b613d152c69456256ee4986610508e6f98d0491040fa5a6107c516881a
fwupd-devel-1.7.4-3.el8_6.aarch64.rpm SHA-256: e79a43bb4676937c463d75a2231afb614f7646d65b3f23a760b19180cb7ce45d
fwupd-tests-debuginfo-1.7.4-3.el8_6.aarch64.rpm SHA-256: 0f11a8757bd683c2a0e80a93ab6dce312806af9cbe80332a9ed9bc5adc6490f4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.