Devices with no available firmware updates:
• Integrated Camera
• Prometheus IOTA Config
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
Devices with the latest available firmware version:
• Prometheus
• WD PC SN740 SDDQNQD-256G-1001
LENOVO 21CBCTO1WW
│
├─Battery:
│ │ Device ID: 97b6fe9b220c7b9e1a3a1d9f404c00d4fe77ae7e
│ │ Summary: UEFI ESRT device
│ │ Current version: 1.5.1
│ │ Minimum Version: 0.0.1
│ │ Vendor: Lenovo (DMI:LENOVO)
│ │ Update State: Success
│ │ GUID: 25364b56-a8fe-4ef6-b35e-874ae4a83eb4
│ │ Device Flags: • Internal device
│ │ • Updatable
│ │ • System requires external power source
│ │ • Supported on remote server
│ │ • Needs a reboot after installation
│ │ • Device is usable for the duration of the update
│ │
│ └─ThinkPad X1 Yoga Gen7 X1 Carbon Gen10:
│ New version: 1.9.2
│ Remote ID: lvfs
│ Release ID: 18055
│ Summary: Lenovo ThinkPad X1 Yoga Gen7 X1 Carbon Gen10 Battery Firmware
│ License: Proprietary
│ Size: 123.3 kB
│ Created: 2023-04-13
│ Urgency: High
│ Details: https://pcsupport.lenovo.com/de/en/search?query=N3ABL02W
│ Vendor: Lenovo
│ Release Flags: • Trusted metadata
│ • Is upgrade
│ Description:
│ Lenovo-ThinkPad-X1-Yoga-Gen7-X1-Carbon-Gen10-BatteryFirmware-265.0.0.2
│
│ The-computer-will-be-restarted-automatically-after-updating-firmware-completely.
│
│ Do-not-turn-off-your-computer-or-remove-the-AC-adaptor-while-update-is-in-progress.
│
│ CHANGES IN THIS RELEASE Added support for ThinkPad X1 Yoga Gen 7(Machine Types: 21CD, 21CE) ThinkPad X1 Carbon Gen 10(Machine Types: 21CB, 21CC)
│
│ Problem fixes: Improved charging performance for the following battery: FRU P/N : 5B10W13975 (ASM P/N : SB10T83218)
│
├─Embedded Controller:
│ │ Device ID: 632acf4927c0b5fb53519d6beed3b60adb73f1d5
│ │ Summary: UEFI ESRT device
│ │ Current version: 0.1.16
│ │ Minimum Version: 0.1.16
│ │ Vendor: Lenovo (DMI:LENOVO)
│ │ Update State: Success
│ │ GUID: ec01fae4-c67a-42b4-bada-a7c1b9900897
│ │ Device Flags: • Internal device
│ │ • Updatable
│ │ • System requires external power source
│ │ • Supported on remote server
│ │ • Needs a reboot after installation
│ │ • Device is usable for the duration of the update
│ │
│ ├─ThinkPad X1 Carbon 10th / X1 Yoga 7th:
│ │ New version: 0.1.18
│ │ Remote ID: lvfs
│ │ Release ID: 27104
│ │ Summary: Lenovo ThinkPad X1 Carbon 10th / X1 Yoga 7th Embedded Controller Firmware
│ │ License: Proprietary
│ │ Size: 1.2 MB
│ │ Created: 2023-03-22
│ │ Urgency: High
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-28
│ │ Distribution: rhel 9.0
│ │ Old version: 0.1.17
│ │ Version[fwupd]: 1.7.4
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-28
│ │ Distribution: ubuntu 22.04
│ │ Old version: 0.1.17
│ │ Version[fwupd]: 1.7.9
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-28
│ │ Distribution: sled 15.4
│ │ Old version: 0.1.17
│ │ Version[fwupd]: 1.7.3
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-28
│ │ Distribution: debian 11
│ │ Old version: 0.1.17
│ │ Version[fwupd]: 1.5.7
│ │ Vendor: Lenovo
│ │ Release Flags: • Trusted metadata
│ │ • Is upgrade
│ │ Description:
│ │ Lenovo Embedded Controller Firmware Version 1.18
│ │
│ │ Problem fixes
│ │
│ │ • Improved the noise from some FAN module.
│ │ • Fixed an issue where Dock MAC Address can’t be recognized after plug-in again with specific Docking Station.
│ │ • Fixed an issue where LG 4BP88CN-B.AUB Monitor can't be lit up via USB-C connection.
│ │
│ └─ThinkPad X1 Carbon 10th / X1 Yoga 7th:
│ New version: 0.1.17
│ Remote ID: lvfs
│ Release ID: 18798
│ Summary: Lenovo ThinkPad X1 Carbon 10th / X1 Yoga 7th Embedded Controller Firmware
│ License: Proprietary
│ Size: 1.2 MB
│ Created: 2023-02-01
│ Urgency: High
│ Tested by Lenovo:
│ Tested: 2023-02-07
│ Distribution: debian 11
│ Old version: 0.1.16
│ Version[fwupd]: 1.5.7
│ Tested by Lenovo:
│ Tested: 2023-02-07
│ Distribution: rhel 9.0
│ Old version: 0.1.16
│ Version[fwupd]: 1.7.4
│ Tested by Lenovo:
│ Tested: 2023-02-02
│ Distribution: sled 15.3
│ Old version: 0.1.16
│ Version[fwupd]: 1.5.8
│ Tested by Lenovo:
│ Tested: 2023-02-02
│ Distribution: ubuntu 22.04
│ Old version: 0.1.16
│ Version[fwupd]: 1.7.9
│ Vendor: Lenovo
│ Release Flags: • Trusted metadata
│ • Is upgrade
│ Description:
│ Lenovo Embedded Controller Firmware Version 1.17
│
│ New functions or enhancements
│
│ • Improved performance in “Performance Mode” of thermal settings.
│
│ Problem fixes
│
│ • Fixed an issue where system may not be able to charge from some build of Lenovo 7-in-1 Hub.
│ • Fixed an issue where a slow charge message by Windows OS may not be shown
│ • Fixed an issue where FAN error may happen.
│
├─Intel Management Engine:
│ │ Device ID: 2292ae5236790b47884e37cf162dcf23bfcd1c60
│ │ Summary: UEFI ESRT device
│ │ Current version: 0.15.1810
│ │ Vendor: Lenovo (DMI:LENOVO)
│ │ Update State: Success
│ │ GUID: 23192307-d667-4bdf-af1a-6059db171246
│ │ Device Flags: • Internal device
│ │ • Updatable
│ │ • System requires external power source
│ │ • Supported on remote server
│ │ • Needs a reboot after installation
│ │ • Device is usable for the duration of the update
│ │
│ └─ThinkPad X1 Yoga Gen 7/ThinkPad X1 Carbon Gen 10:
│ New version: 1.25.1932
│ Remote ID: lvfs
│ Release ID: 15817
│ Summary: Lenovo ThinkPad X1 Yoga Gen 7/X1 Carbon Gen 10 Consumer ME Firmware
│ License: Proprietary
│ Size: 3.7 MB
│ Created: 2022-09-21
│ Urgency: High
│ Details: https://pcsupport.lenovo.com/de/en/search?query=N3ARG05W
│ Vendor: Lenovo
│ Release Flags: • Trusted metadata
│ • Is upgrade
│ Description:
│ Intel Platform Update 2022.3 Product Version Maintenance Release
│
│ Version 16.1.25.1932 (LVFS: 1.25.1932)
│
│ Problem Fixes
│
│ • Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.
│ Issues: CVE-2022-21181
│ CVE-2022-29515
│ CVE-2021-33159
│ CVE-2022-29893
│ CVE-2022-27497
│ INTEL-TA-00610
│
├─System Firmware:
│ │ Device ID: a083ebc5138e5e071ef7270cc9a8280722cc7adf
│ │ Summary: UEFI ESRT device
│ │ Current version: 0.1.34
│ │ Vendor: Lenovo (DMI:LENOVO)
│ │ Update State: Success
│ │ GUIDs: 34d84f45-4685-4019-b7e3-dba67b96ef7d
│ │ 230c8b18-8d9b-53ec-838b-6cfc0383493a ← main-system-firmware
│ │ Device Flags: • Internal device
│ │ • Updatable
│ │ • System requires external power source
│ │ • Supported on remote server
│ │ • Needs a reboot after installation
│ │ • Cryptographic hash verification is available
│ │ • Device is usable for the duration of the update
│ │
│ ├─ThinkPad X1 Carbon 10th / X1 Yoga 7th:
│ │ New version: 0.1.37
│ │ Remote ID: lvfs
│ │ Release ID: 22912
│ │ Summary: Lenovo ThinkPad X1 Carbon 10th / X1 Yoga 7th System Firmware
│ │ License: Proprietary
│ │ Size: 22.2 MB
│ │ Created: 2023-03-02
│ │ Urgency: High
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-15
│ │ Distribution: debian 11
│ │ Old version: 0.1.36
│ │ Version[fwupd]: 1.5.7
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-13
│ │ Distribution: sled 15.4
│ │ Old version: 0.1.36
│ │ Version[fwupd]: 1.7.3
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-13
│ │ Distribution: rhel 9.0
│ │ Old version: 0.1.36
│ │ Version[fwupd]: 1.7.4
│ │ Tested by Lenovo:
│ │ Tested: 2023-03-13
│ │ Distribution: ubuntu 22.04
│ │ Old version: 0.1.36
│ │ Version[fwupd]: 1.7.5
│ │ Vendor: Lenovo
│ │ Release Flags: • Trusted metadata
│ │ • Is upgrade
│ │ Description:
│ │ Lenovo System Firmware Version 1.37
│ │
│ │ New functions or enhancements
│ │
│ │ • Supported WiFi 6E in Japan
│ │ • Displays TCO logo at startup screen with Lenovo Logo for Windows model.
│ │
│ │ Problem fixes
│ │
│ │ • Fixed an issue where abnormal shutdown may be logged when Thunderbolt device is attached or detached while system is in shutdown state.
│ │ • Fixed an issue where LCD screen goes black after unplugging docking station in BIOS Setup.
│ │
│ └─ThinkPad X1 Carbon 10th / X1 Yoga 7th:
│ New version: 0.1.36
│ Remote ID: lvfs
│ Release ID: 18797
│ Summary: Lenovo ThinkPad X1 Carbon 10th / X1 Yoga 7th System Firmware
│ License: Proprietary
│ Size: 22.2 MB
│ Created: 2023-01-31
│ Urgency: High
│ Tested by Lenovo:
│ Tested: 2023-02-07
│ Distribution: debian 11
│ Old version: 0.1.35
│ Version[fwupd]: 1.5.7
│ Tested by Lenovo:
│ Tested: 2023-02-07
│ Distribution: rhel 9.0
│ Old version: 0.1.35
│ Version[fwupd]: 1.7.4
│ Tested by Lenovo:
│ Tested: 2023-02-02
│ Distribution: sled 15.3
│ Old version: 0.1.35
│ Version[fwupd]: 1.5.8
│ Tested by Lenovo:
│ Tested: 2023-02-02
│ Distribution: ubuntu 22.04
│ Old version: 0.1.35
│ Version[fwupd]: 1.7.9
│ Vendor: Lenovo
│ Release Flags: • Trusted metadata
│ • Is upgrade
│ Description:
│ Lenovo System Firmware Version 1.36
│
│ Important updates
│
│ • Enhancement to address security vulnerability.
│ • Update includes a security fix.
│
│ New functions or enhancements
│
│ • Updated the Diagnostics module to version 04.28.000.
│ • Supported Firmware Update of Infenion TPM chip.
│ • Improved performance in “Performance Mode” of thermal settings.
│ • Updated the CPU microcode. (Note) Above update will show "BIOS Self Healing backup progressing" message and bar on screen during BIOS update process.
│
│ Problem fixes
│
│ • Fixed an issue where "Press ESC to Skip connecting" message appears and system hangs up when power-on, if password is set and if the system is connected to WiFi Network via Wi-Fi Configuration on App Menu.
│ • Fixed a wrong message in BIOS Setup in Intel(R) vPro(R) Essential model.
│ Issue: CVE-2022-48189
│
├─UEFI Device Firmware:
│ │ Device ID: 4b78f537b7d3e281a2ecbc83048b8856fb9eb98e
│ │ Summary: UEFI ESRT device
│ │ Current version: 0.0.0.1
│ │ Minimum Version: 0.0.0.1
│ │ Vendor: Lenovo (DMI:LENOVO)
│ │ Update State: Success
│ │ GUID: 7e5534a3-2069-414b-90b6-3e365d2ccd09
│ │ Device Flags: • Internal device
│ │ • Updatable
│ │ • System requires external power source
│ │ • Supported on remote server
│ │ • Needs a reboot after installation
│ │ • Device is usable for the duration of the update
│ │
│ └─ThinkPad X1 Carbon Gen 10 / X1 Yoga Gen 7:
│ New version: 1.3.16.0
│ Remote ID: lvfs
│ Release ID: 14309
│ Summary: Lenovo ThinkPad X1 Carbon Gen 10 / X1 Yoga Gen 7 Retimer Firmware
│ License: Proprietary
│ Size: 285.0 kB
│ Created: 2022-07-06
│ Urgency: High
│ Tested by Lenovo:
│ Tested: 2022-07-22
│ Distribution: ubuntu 22.04
│ Old version: 1.3.7.2
│ Version[fwupd]: 1.7.5
│ Vendor: Lenovo
│ Release Flags: • Trusted metadata
│ • Is upgrade
│ Description:
│ Lenovo Intel Thunderbolt Retimer Firmware 1.3.16.0
│
│ The computer needs to be restarted for update to complete.
│
│ Fixed WebUI trigger issue when using certain docks.
│
│ Fixed an issues of USB3 connection speed decreasing.
│
└─UEFI dbx:
│ Device ID: 362301da643102b9f38477387e2193e57abaa590
│ Summary: UEFI revocation database
│ Current version: 217
│ Minimum Version: 217
│ Vendor: UEFI:Linux Foundation
│ Install Duration: 1 second
│ GUIDs: 14503b3d-73ce-5d06-8137-77c68972a341 ← UEFI\CRT_A9087D1044AD18F7A94916D284CBC01827CF23CD8F60B79072C9CAA1FEF4D649
│ 5971a208-da00-5fce-b5f5-1234342f9cf7 ← UEFI\CRT_A9087D1044AD18F7A94916D284CBC01827CF23CD8F60B79072C9CAA1FEF4D649&ARCH_X64
│ c6682ade-b5ec-57c4-b687-676351208742 ← UEFI\CRT_A1117F516A32CEFCBA3F2D1ACE10A87972FD6BBE8FE0D0B996E09E65D802A503
│ f8ba2887-9411-5c36-9cee-88995bb39731 ← UEFI\CRT_A1117F516A32CEFCBA3F2D1ACE10A87972FD6BBE8FE0D0B996E09E65D802A503&ARCH_X64
│ Device Flags: • Internal device
│ • Updatable
│ • Supported on remote server
│ • Needs a reboot after installation
│ • Device is usable for the duration of the update
│ • Only version upgrades are allowed
│ • Signed Payload
│
└─Secure Boot dbx:
New version: 220
Remote ID: lvfs
Release ID: 28499
Summary: UEFI Secure Boot Forbidden Signature Database
Variant: x64
License: Proprietary
Size: 13.9 kB
Created: 2023-03-14
Urgency: High
Vendor: Linux Foundation
Duration: 1 second
Release Flags: • Trusted metadata
• Is upgrade
Description:
Insecure versions of software from Trend Micro, vmware, CPSD, Eurosoft, and New Horizon Datasys Inc were added to the list of forbidden signatures due to discovered security problems. This updates the dbx to the latest release from Microsoft.
Before installing the update, fwupd will check for any affected executables in the ESP and will refuse to update if it finds any boot binaries signed with any of the forbidden signatures.
Issue: CVE-2023-28005