Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Dell BIOS/UEFI Under Attack From New Vulnerabilities - Use FWUPD For The Latest Updates

Written by Michael Larabel in LVFS on 24 June 2021 at 12:07 PM EDT. 30 Comments

LVFS

For those wondering about the recent skyrocketing in LVFS/FWUPD usage for Linux firmware updates, it appears to be attributed to Dell pushing out a massive number of updates with more than one hundred models impacted by newly-disclosed BIOS/UEFI vulnerabilities.

Eclypsium has discovered multiple vulnerabilities around Dell's "BIOSConnect" feature within their BIOS/UEFI. These vulnerabilities could lead to a privileged network adversary impersonating Dell.com and gaining arbitrary code execution support at the BIOS/UEFI level. Some 128 different Dell models across their consumer and business devices are believed to be impacted.

This pre-boot remote execution code discovery can happen even on systems with Secure Boot enabled and other features.

More details on these nasty low-level vulnerabilities via Eclpysium.com.

Dell has been publishing updated BIOS/UEFI for not only their Windows customers but also posting the new firmware to LVFS so it can be deployed quickly on Linux. Those with Dell desktops and laptops should run sudo fwupdmgr update as soon as possible.

30 Comments

Related News

Fwupd 1.9.17 Adds Firmware Updating For ASUS DC201 & Realtek RTS541x

Fwupd 1.9.16 Adds Support For More USB Docks & Qualcomm Devices

Fwupd Switches From XZ To Zstd Compression: More Trust & Slightly Better Performance

LVFS/Fwupd Ponders 2025 Plans: Servers, Desktop Motherboards & More

Fwupd 1.9.13 Adds Support For Newer Acer USB Docks

Fwupd 1.9.12 Adds Support For More Devices & AMD CPU Checks Updated

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming

Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver

Fedora Linux 40 Cleared For Release Next Week

Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries

AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"

Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption

openSUSE Factory Achieves Bit-By-Bit Reproducible Builds

Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"