PT-2020-12315 · Linux Vendor Firmware Service+7 · Fwupd+7

Justinsteven

·

Published

2020-06-05

·

Updated

2024-06-15

·

CVE-2020-10759

CVSS v3.1

6.0

Medium

VectorAV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions fwupd (all versions)
Description A PGP signature bypass flaw was found, which could lead to the installation of unsigned firmware. The highest threat from this vulnerability is to confidentiality and integrity. It is theoretically possible but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. Approximately 500,000 unique IP addresses are affected.
Recommendations As a temporary workaround, consider disabling the signature verification process until a patch is available. Restrict access to the LVFS to minimize the risk of exploitation. Avoid using fwupd until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Verification of Cryptographic Signature

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-347

Related Identifiers

ALSA-2020:4436
ALSA-2020_4436
CESA-2020_4436
CVE-2020-10759
DLA-2274-1
ELSA-2020-4436
MGASA-2021-0158
OESA-2022-1801
OPENSUSE-SU-2020:0849-1
OPENSUSE-SU-2020_0849-1
OPENSUSE-SU-2021:0522-1
OPENSUSE-SU-2021_0522-1
OPENSUSE-SU-2024:10774-1
OPENSUSE-SU-2024:10951-1
RHSA-2020:4436
RHSA-2020_4436
RLSA-2020:4436
RLSA-2020_4436
SUSE-SU-2020:1681-1
SUSE-SU-2020_1681-1
SUSE-SU-2021:1107-1
SUSE-SU-2021_1107-1
USN-4395-1

Affected Products

Almalinux
Centos
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu
Fwupd