CVE-2025-2295

EUVD-2025-7558
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Debian logo
Debian Releases
Debian Product
Codename
edk2
bookworm
no-dsa
bookworm (security)
vulnerable
bullseye
postponed
bullseye (security)
vulnerable
forky
2025.11-5
fixed
sid
2025.11-5
fixed
trixie
2025.02-8+deb13u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
edk2
bionic
needs-triage
focal
needs-triage
jammy
Fixed 2022.02-3ubuntu0.22.04.4
released
noble
Fixed 2024.02-2ubuntu0.6
released
oracular
ignored
plucky
Fixed 2025.02-3ubuntu2.2
released
questing
not-affected
resolute
not-affected
xenial
ignored
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
edk2-aarch64
Amazon Linux 2
0:20240813-300.amzn2
fixed
edk2-debuginfo
Amazon Linux 2
0:20240813-300.amzn2
fixed
edk2-ovmf
Amazon Linux 2
0:20240813-300.amzn2
fixed
edk2-tools
Amazon Linux 2
0:20240813-300.amzn2
fixed
edk2-tools-doc
Amazon Linux 2
0:20240813-300.amzn2
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
edk2
Azure Linux 3.0
0:20240524git3e722403cd16-14.azl3
fixed
CBL-Mariner 2.0
0:20230301gitf80f052277c8-45.cm2
fixed
hvloader
CBL-Mariner 2.0
0:1.0.1-16.cm2
fixed