LVFS Activity Going Wild Ahead Of New Security Disclosure Requiring Firmware Update

Written by Michael Larabel in LVFS on 18 January 2022 at 07:45 AM EST. 16 Comments
LVFS
The Linux Vendor Firmware Service (LVFS) that integrates with Fwupd for delivering firmware updates primarily to Linux users is surging with around three times the normal traffic volume. Unfortunately, this boost in traffic appears to be due to vendor(s) releasing new system firmware updates ahead of disclosing a presumptive security issue.

Last summer LVFS shot up with activity and when that huge uptick in LVFS activity occurred it ended up being due to Dell BIOS/UEFI updates due to new security vulnerabilities.

The sudden surge in LVFS/Fwupd activity at around three times its usual volume does seem to point to another imminent security vulnerability being disclosed around system firmware.


A new security advisory is on the way...


Red Hat's Richard Hughes who serves as the FWUPD/LVFS lead developer alludes to such with today's news of the skyrocketing LVFS activity:

On fwupd.org the new firmware list points to a number of Lenovo and Dell systems seeing firmware updates yesterday.


Some of yesterday's firmware updates carry an urgency level of "critical".

The common theme among the change-logs are indeed pointing to security updates.


Go forth and run sudo fwupdtool update to check for system firmware updates on your system, assuming your PC/motherboard vendor allows firmware updates via LVFS/Fwupd... (Update: after personally using "fwupdtool update" for years, apparently the endorsed method is using "fwupdmgr update" with fwupdtool apparently being intended for debugging.)


If your system lacks LVFS/fwupd support, you can also head on over to your PC/motherboard vendor website to check for new BIOS/firmware updates to flash outside of Linux.
16 Comments
Related News
Fwupd 2.0.3 Delivers Latest Firmware Updating Capabilities For Linux Systems
Fwupd 2.0 Released To Drop Legacy & Deprecated Bits, Adds New Features
Fwupd 1.9.25 Supports Firmware Updates For A Few More Devices Under Linux
Fwupd 1.9.24 Adds Support For More Mediatek & Parade Tech Devices
Over 9 Years LVFS Has Served Over 110 Million Firmware Files To Linux Systems
Fwupd 1.9.22 Released With Framework SD Expansion Card & Raspberry Pi 5 Support
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features