CVE-2024-38805

Опубликовано: 12 авг. 2025

Источник: debian

EPSS Низкий

Описание

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
edk2	fixed	2025.02-9		package
edk2	fixed	2025.02-8+deb13u1	trixie	package
edk2	no-dsa		bookworm	package
edk2	postponed		bullseye	package

Примечания

https://github.com/tianocore/edk2/security/advisories/GHSA-p7wp-52j7-6r5x

EPSS

Процентиль: 8%

0.00028

Низкий

Связанные уязвимости

CVE-2024-38805

CVSS3: 6.3

ubuntu

5 месяцев назад

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

CVE-2024-38805

CVSS3: 6.3

nvd

5 месяцев назад

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

GHSA-w8rg-pqpr-83hp

CVSS3: 6.3

github

5 месяцев назад

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

ELSA-2025-28047

oracle-oval

около 1 месяца назад

ELSA-2025-28047: edk2 security update (IMPORTANT)

ELSA-2025-20669

oracle-oval

около 2 месяцев назад

ELSA-2025-20669: edk2 security update (IMPORTANT)

EPSS

Процентиль: 8%

0.00028

Низкий