I am having this issue for a couple of days with this firmware update. The update is from version 20230501 to 20241101, which means a newer revocation list is available.
Every time i download this update and restart my pc it still pops up. I tried checking about it but i didn’t found any possible fix for this.
Welcome to Fedora @openabir
Did you see this? This might gives you some ideas how to solve it:
i tried fwupdmgr with secure boot enabled but still it dosen’t gets updated.
I also tried updatin from terminal using:
$ sudo fwupdmgr refresh
$ sudo fwupdmgr update
If you need additional details tell me.
Is this PC a chromebook? If so, it is running the MrChromebox UEFI firmware?
No, it’s not a chrome book.
Hi I have this exact same issue. I am on a Lenovo ideapad C340. I installed Fedora 41 (Gnome) on it 3 days ago. Despite clicking update and reboot it still shows this. I have tried the various terminal methods (suggested in the other posts regarding this) using fwupdmgr and yet the UEFI dbx version doesn’t change. I also checked this post you suggested, however there isn’t a fix mentioned there though (is there?). I also tried to see if Lenovo had a new BIOS for my laptop, but my laptop is up to date.
Kindly guide me regarding the next steps. Please ask if you need additional info. Thanks in advance!
Can you run the command fwupdmgr get-devices. It should show what version your system has installed. For example
...
│ └─UEFI dbx:
│ Device ID: 362301da643102b9f38477387e2193e57abaa590
│ Summary: UEFI revocation database
│ Current version: 20241101
│ Minimum Version: 20241101
│ Vendor: UEFI:Microsoft
│ Install Duration: 1 second
...
Yes here it is:
│
│ └─UEFI dbx:
│ Device ID: 362301da643102b9f38477387e2193e57abaa590
│ Summary: UEFI revocation database
│ Current version: 20230501
│ Minimum Version: 20230501
│ Vendor: UEFI:Microsoft
│ Install Duration: 1 second
│ GUID: f8ba2887-9411-5c36-9cee-88995bb39731 ← UEFI\CRT_A1117F516A32CEFCBA3F2D1ACE10A87972FD6BBE8FE0D0B996E09E65D802A503&ARCH_X64
│ Device Flags: • Internal device
│ • Updatable
│ • Supported on remote server
│ • Needs a reboot after installation
│ • Device is usable for the duration of the update
│ • Only version upgrades are allowed
│ • Signed Payload
The update available is 20241101
Go into the BIOS settings and clear the secure boot keys. That worked for me.
And what, if any, message did it give back?
Yes, it did fix my problem. Thank you.
Hey! Thanks for this. It fixed the thing. I am in Setup Mode now. I guess by removing secure boot keys it isn’t showing updates for UEFI dbx anymore? I can’t see the UEFI dbx entry in fwupdmgr get-devices either. I don’t use Secure Boot anyways because I need to use NVIDIA Drivers unsigned. Will I ever need Secure Boot Keys again?
Is there a fix for the root cause that is preventing the UEFI dbx from getting updated?
Thanks a lot for this quick fix! 
That is what “clear the secure boot keys”. It is now ready to install your own set of keys.
That is entirely your choice. The system will continue to work quite happily.
That is now irrelevant as the system doesn’t have any secure boot keys at all so there is nothing that the dbx could blacklist. The system should have told you what the problem was when you ran sudo fwupdmgr update.