Concerns About UEFI Firmware Update in Kubuntu
Hello everyone,
kubuntu 24.04.2 LTS
Hello everyone,
I’m a newbie to Kubuntu and my English isn’t very good, so if possible, I’d appreciate it if you could respond to my question in a simple and understandable way.
In the past, when I installed Kubuntu on my three computers, I always encountered an error that required me to disable Secure Boot in the BIOS. Only after that could the installation of Kubuntu begin. Each time I reinstalled, I had to disable Secure Boot, and then I would always turn it back on after the installation. I checked the system manually, although I didn’t use Balena Etcher.
Recently, I received a notification in Discover that my UEFI firmware had been updated. This made me a bit uneasy, and I decided to reinstall Kubuntu because it felt strange to receive such a notification. Now, the installation of Kubuntu goes smoothly without needing to disable Secure Boot.
I have a question: could the firmware update have been initiated by a malicious actor? If so, how can I determine if there has been unauthorized access or interference with my system?
If you need any logs or additional information, I can provide whatever is necessary. Here are some logs I was able to find thanks to the GPT chat, but please don’t judge too harshly as I’m not entirely sure if this is what you need. If it’s not, could you please guide me on how to find the relevant information?
Thank you for your attention, and I would appreciate any advice!
Best regards, welcomegoodgames
(In the notifications in Discover about UEFI, there was also mention of proprietary software for UEFI in Linux).
for example
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater-app /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-notifier /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater-app /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:45 user-PC sbkeysync[899]: firmware keys:
Apr 24 20:09:47 user-PC systemd[1]: Startup finished in 30.642s (firmware) + 3.169s (loader) + 2.671s (kernel) + 6.002s (userspace) = 42.486s.
Apr 24 20:41:04 user-PC kernel: r8152 3-2:1.0: skip request firmware
Apr 24 20:41:04 user-PC (udev-worker)[407]: system: Process '/usr/lib/snapd/snap-device-helper add snap_firmware-updater_firmware-notifier /devices/virtual/dma_heap/system 249:0' failed with exit code 1.
Apr 24 20:41:04 user-PC (udev-worker)[407]: system: Process '/usr/lib/snapd/snap-device-helper add snap_firmware-updater_firmware-updater /devices/virtual/dma_heap/system 249:0' failed with exit code 1.
Apr 24 20:41:04 user-PC (udev-worker)[407]: system: Process '/usr/lib/snapd/snap-device-helper add snap_firmware-updater_firmware-updater-app /devices/virtual/dma_heap/system 249:0' failed with exit code 1.
kubuntu 24.04.2 LTS
Hello everyone,
I’m a newbie to Kubuntu and my English isn’t very good, so if possible, I’d appreciate it if you could respond to my question in a simple and understandable way.
In the past, when I installed Kubuntu on my three computers, I always encountered an error that required me to disable Secure Boot in the BIOS. Only after that could the installation of Kubuntu begin. Each time I reinstalled, I had to disable Secure Boot, and then I would always turn it back on after the installation. I checked the system manually, although I didn’t use Balena Etcher.
Recently, I received a notification in Discover that my UEFI firmware had been updated. This made me a bit uneasy, and I decided to reinstall Kubuntu because it felt strange to receive such a notification. Now, the installation of Kubuntu goes smoothly without needing to disable Secure Boot.
I have a question: could the firmware update have been initiated by a malicious actor? If so, how can I determine if there has been unauthorized access or interference with my system?
If you need any logs or additional information, I can provide whatever is necessary. Here are some logs I was able to find thanks to the GPT chat, but please don’t judge too harshly as I’m not entirely sure if this is what you need. If it’s not, could you please guide me on how to find the relevant information?
Thank you for your attention, and I would appreciate any advice!
Best regards, welcomegoodgames
(In the notifications in Discover about UEFI, there was also mention of proprietary software for UEFI in Linux).
for example
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater-app /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-notifier /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:44 user-PC (udev-worker)[430]: card1: Process '/usr/lib/snapd/snap-device-helper change snap_firmware-updater_firmware-updater-app /devices/pci0000:00/0000:00:02.0/drm/card1 226:1' failed with exit code 1.
Apr 24 20:09:45 user-PC sbkeysync[899]: firmware keys:
Apr 24 20:09:47 user-PC systemd[1]: Startup finished in 30.642s (firmware) + 3.169s (loader) + 2.671s (kernel) + 6.002s (userspace) = 42.486s.
Apr 24 20:41:04 user-PC kernel: r8152 3-2:1.0: skip request firmware
Apr 24 20:41:04 user-PC (udev-worker)[407]: system: Process '/usr/lib/snapd/snap-device-helper add snap_firmware-updater_firmware-notifier /devices/virtual/dma_heap/system 249:0' failed with exit code 1.
Apr 24 20:41:04 user-PC (udev-worker)[407]: system: Process '/usr/lib/snapd/snap-device-helper add snap_firmware-updater_firmware-updater /devices/virtual/dma_heap/system 249:0' failed with exit code 1.
Apr 24 20:41:04 user-PC (udev-worker)[407]: system: Process '/usr/lib/snapd/snap-device-helper add snap_firmware-updater_firmware-updater-app /devices/virtual/dma_heap/system 249:0' failed with exit code 1.
Comment