VYPR

rpm package

almalinux/fwupd

pkg:rpm/almalinux/fwupd

Vulnerabilities (4)

  • CVE-2022-3287Sep 28, 2022
    affected < 1.8.10-2.el9.almafixed 1.8.10-2.el9.alma

    When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file.

  • CVE-2022-34303Aug 26, 2022
    affected < 1.8.10-2.el9.almafixed 1.8.10-2.el9.alma

    A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader

  • CVE-2022-34302Aug 26, 2022
    affected < 1.8.10-2.el9.almafixed 1.8.10-2.el9.alma

    A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed

  • CVE-2022-34301Aug 26, 2022
    affected < 1.8.10-2.el9.almafixed 1.8.10-2.el9.alma

    A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signe