HP Commercial Desktop S21 Family

System firmware upgrade on on your HP Desktop system to improves performance, adds new features, and fixes issues.

Atom Feed

Version 0x20b0000
2022-05-21 03:27:20

Fixes and enhancements in System firmware 2.11.0.0:

  • Fixes issue where Remote HP PC Diagnostics Execution Physical Presence Interface continuous occur when some specific settings are applied at the same time.
  • Fixes issue where some F10 settings or help message display incomplete when change to non-English language.- Fixes an issue where system attempt to recover ME infinitely if customer deploy recover image via 3-party application
  • Fixes an issue where TBT firmware display different fromat with Setup Menu during the BIOS update process via FUR (HP Firmware Update and Recovery).
  • Fixes an issue where system cannot boot to OS while 3-rd party audio card installed (Digigram VX222e)
  • Fixes issue where system failure to boot after switching between two different saved bootstores."
  • Adds Windows11 operating system support.
  • Update Intel RST PreOS driver to to 18.31.3.5434
  • Remove physical presence interface pops up when changing the ""Intel Software Guard Extensions (SGX)"" setting from ""Software control"" to ""Disable"".
  • Adds a feature to control display of BIOS Admin login based on ""BIOS Administrator visible at power-on authentication"" when Enhanced BIOS Authentication Mode (EBAM) is set.

Urgency high
Reported Success 87% (low confidence)
Fixed issues:
  • CVE-2021-33103

    Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

  • CVE-2021-33124

    Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

  • CVE-2021-33123

    Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

  • CVE-2022-0004

    Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2021-33122

    Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

  • CVE-2022-0005

    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.

  • CVE-2022-21151

    Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21123

    Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21166

    Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-23958

    Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.

  • CVE-2022-23957

    Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.

  • CVE-2022-23956

    Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.

  • CVE-2022-23955

    Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.

  • CVE-2022-23954

    Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.

  • CVE-2022-23953

    Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.

  • CVE-2022-23934

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23933

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23932

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23931

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23930

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23929

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23928

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23927

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23925

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2022-23924

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2021-0158

    Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2021-0157

    Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2021-0156

    Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.

  • CVE-2022-23926

    Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

  • CVE-2021-0091

    Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details

LVFS © 2015 Richard Hughes with icons from Font Awesome and GeoIP data from IP2Location.

Linux Vendor Firmware Service Project a Series of LF Projects, LLC :: Charter