RHSA-2023:2487MediumCVSS 7.5
Red Hat Security Advisory: fwupd security and bug fix update
🔗 CVE IDs covered (4)
📋 Description
CVE-2022-3287 — fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-34301 — shim: 3rd party shim allow secure boot bypass CVE-2022-34302 — shim: 3rd party shim allow secure boot bypass CVE-2022-34303 — shim: 3rd party shim allow secure boot bypass
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2023:2487
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2119436
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2120687
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2120699
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2120701
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2128384
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2129280
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2129904
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2165096
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2487.json