Framework Laptop 13 BIOS and Driver Releases (AMD Ryzen™ 7040 Series)

October 7 2024 8:34pm • Est. Read Time: 3 MIN

Please note that this software is for Framework Laptop 13 (AMD Ryzen™ 7040 Series) ONLY!

For other Framework Laptops, please read the article located HERE.



Windows 11

Linux

Driver Bundle


Download Unified AMD Ryzen 7040 Series Driver Bundle 2024-10-02  


Included in kernel
BIOS Update


Download BIOS 3.05 



Update to BIOS 3.05 using LVFS

Download BIOS 3.05 (EFI Shell update)




You can check your current BIOS version following the steps here to determine if you are on the latest release.

Downloads

Windows Driver Bundle


Download Link

SHA256

Download Unified AMD Ryzen 7040 Series Driver Bundle 2024-10-02  

55d7b9ee9730ed6082521b58335468ba56f627811a8bb2955beeff5fe36780f4


Note: We have migrated to a new EV code signing certificate with the subject “Framework Computer Inc”.


Driver bundle release notes

This version migrates the AMD graphics driver to the same major release as Framework 16.


Driver

Version

Notes

AMD Chipset Driver

5.06.29.310


AMD Graphics Driver

23.40.18.02

Add support for AMD AFMF. https://www.amd.com/en/products/software/adrenalin/afmf.html 

Realtek Audio Driver

6.0.9622.1


Realtek Audio Console

1.49.318.0


RZ616 WiFi Driver

3.3.0.908


RZ616 Bluetooth Driver

1.1037.0.395


Goodix Fingerprint Driver

3.12804.0.240

Fix firmware security issue in fingerprint reader. More information here: https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/  


Windows BIOS


Download Link

SHA256

Download BIOS 3.05 

6fbc25bf65f797088349daa81fe85cd91f2752b963b3f06e052036f8738abac2



Note: We have migrated to a new EV code signing certificate with the subject “Framework Computer Inc”.


Instructions for Windows Installer:

  1. Run the .exe.

  2. Click yes to reboot.

  3. Wait for the firmware progress bar to complete, and then the system will reboot.

Linux/LVFS

Updating via LVFS is available in the stable channel.

You can enable updates by running:

fwupdmgr refresh --force

fwupdmgr get-updates

fwupdmgr update

LVFS may not update if the battery is 100% charged. LVFS uses the battery status to determine if it is safe to apply updates. However if our battery is at 100% and the charger is off, we set the battery charging status to false. In this case you can discharge your battery a few percent, then plug in AC again and run fwupdmgr update.


Linux/Other/UEFI Shell update


Download Link

SHA256

Download BIOS 3.05 (EFI Shell update) 

37c3f453d3f475b453531e8173f446e59c3b4738a4f12313fbc8a972e21b9445 


Note that if you use the EFI shell update with Windows, you should suspend Bitlocker if enabled before updating using the EFI updater.

Instructions for EFI shell update:

  1. Extract contents of zip folder to a FAT32 formatted USB drive. Cleanly unmount the drive before physically removing it, otherwise the BIOS update may not function correctly. 

  2. Disable secure boot in BIOS.

  3. Boot your system while pressing F12 and boot from the thumb drive.

  4. Let startup.nsh run automatically.

  5. Follow the instructions to install the update.


Updating a Mainboard outside of a laptop

This release supports standalone updates without a battery attached. After rebooting, please follow the onscreen instructions to update your BIOS when in standalone mode, which will require moving the power source between both sides of the Mainboard to allow PD firmware to update correctly if a PD firmware update is necessary.

Security Fixes

For more information about LogoFail: 
https://www.binarly.io/blog/finding-logofail-the-dangers-of-image-parsing-during-system-boot 


Module Name

Vulnerability

Score

A8DAFB9B-3529-4E87-8584-ECDB6A5B78B6

BRLY-2022-118

4.9

BmpDecoderDxe

BRLY-LOGOFAIL-2023-001

6.0

BmpDecoderDxe

BRLY-LOGOFAIL-2023-002

8.2

BmpDecoderDxe

 BRLY-LOGOFAIL-2023-003

8.2

GifDecoderDxe

BRLY-LOGOFAIL-2023-004

8.2

GifDecoderDxe

BRLY-LOGOFAIL-2023-005

3.2

GifDecoderDxe

BRLY-LOGOFAIL-2023-006

8.2

JpegDecoderDxe

BRLY-LOGOFAIL-2023-008

6.0

JpegDecoderDxe

BRLY-LOGOFAIL-2023-009

3.2

JpegDecoderDxe

BRLY-LOGOFAIL-2023-010

6.0

PcxDecoderDxe

BRLY-LOGOFAIL-2023-011

6.0

TgaDecoderDxe

BRLY-LOGOFAIL-2023-012

8.2


Enhancements

  • Enable Z state support.

  • Modify EC MMIO region definition to allow debug logging support.

  • Add EC host command to get privacy switch status.


Fixes

  • Change the BIOS password to remove password expiry after one month.

  • Modify the BIOS password complexity requirements to only require a minimum length.

  • Fix several UCSI errors on Linux when attaching/removing expansion cards.

  • Fix battery cutoff behavior.

  • Fix LogoFail security vulnerability.

  • Fix incomplete battery information displayed in the OS.

  • Fix keypresses are not detected in the standalone menu.

  • Fix bios reset process when using chassis open switch.

  • Fix system hang on resume when NVME password is set.

  • Fix compatibility issue with some low wattage chargers.

  • Fix issue where power LED would not turn off when suspending and then closing the lid.

  • Fix issue where fan detection was running on resume, causing fan to briefly turn on when resuming from suspend.

  • Power off retimer on port with Framework Power Adapter. 

Component Versions

This BIOS update is a bundle of updates to multiple embedded components in the system.

Not all of them use the same version number.


BIOS

3.05

updated

EC

b4c1f

updated

PD

0.0.1C

same

AMD PI

1.1.0.2a

updated

Insyde Core

05.53.47.0017

updated


Known Issues

  • IRQ1 will always be triggered on resume from standby. This issue mostly impacts Linux users. We have a potential root cause that we hope to fix in our next release.

  • iGPU memory will be reset to AUTO (512MB) after update for one reboot. Users have reported toggling this setting to AUTO and then GAMING will fix this. 

  • One user reported inaccurate temperature values reported to the OS. 

  • One user reported Optional FADT field Pm2ControlBlock has valid Length but zero Address.

Known Vulnerabilities

The following vulnerabilities were not detected by our scanner during the development of this release. However they are currently flagged during our release testing window. These will be resolved in the next release. 
These are part of the following advisory: 
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h 
And further documented here.

https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html

The network stack is not enabled by default in our BIOS, so the default configuration should not be exploitable.
We suggest disabling the network stack in the BIOS setup menu under boot options to mitigate this if you have enabled it.

Module Name

Vulnerability

Score

Ip6Dxe

CVE-2023-45232

7.5

Ip6Dxe

CVE-2023-45233

7.5

Dhcp6Dxe

CVE-2023-45230

8.3

UefiPxeBcDxe

CVE-2023-45234

8.3