UBUNTU-CVE-2025-3770

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2025-3770
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3770.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-3770
Upstream
Published
2025-08-07T01:15:00Z
Modified
2025-08-21T04:53:13Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability.

References

Affected packages

Ubuntu:Pro:16.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0~20150106.*

0~20150106.5c2d456b-2

0~20160104.*

0~20160104.c2a892d7-1

0~20160408.*

0~20160408.ffea0a2c-2
0~20160408.ffea0a2c-2ubuntu0.1
0~20160408.ffea0a2c-2ubuntu0.2
0~20160408.ffea0a2c-2ubuntu0.2+esm1
0~20160408.ffea0a2c-2ubuntu0.2+esm3

Ubuntu:Pro:18.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2@0~20180205.c0d9813c-2ubuntu0.3+esm2?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0~20170911.*

0~20170911.5dfba97c-1

0~20171010.*

0~20171010.234dbcef-1

0~20171027.*

0~20171027.76fd5a66-1

0~20171205.*

0~20171205.a9212288-1

0~20180105.*

0~20180105.0bc94c74-1

0~20180205.*

0~20180205.c0d9813c-1
0~20180205.c0d9813c-2
0~20180205.c0d9813c-2ubuntu0.1
0~20180205.c0d9813c-2ubuntu0.2
0~20180205.c0d9813c-2ubuntu0.3
0~20180205.c0d9813c-2ubuntu0.3+esm1
0~20180205.c0d9813c-2ubuntu0.3+esm2

Ubuntu:Pro:20.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2@0~20191122.bd85bf54-2ubuntu3.6?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0~20190606.*

0~20190606.20d2e5a1-2ubuntu1

0~20190828.*

0~20190828.37eef910-3
0~20190828.37eef910-4

0~20191122.*

0~20191122.bd85bf54-1
0~20191122.bd85bf54-1ubuntu1
0~20191122.bd85bf54-2
0~20191122.bd85bf54-2ubuntu1
0~20191122.bd85bf54-2ubuntu2
0~20191122.bd85bf54-2ubuntu3
0~20191122.bd85bf54-2ubuntu3.1
0~20191122.bd85bf54-2ubuntu3.2
0~20191122.bd85bf54-2ubuntu3.3
0~20191122.bd85bf54-2ubuntu3.4
0~20191122.bd85bf54-2ubuntu3.5
0~20191122.bd85bf54-2ubuntu3.6

Ubuntu:22.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2@2022.02-3ubuntu0.22.04.3?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2021.*

2021.08~rc0-2
2021.08-3
2021.11~rc1-1
2021.11-1
2021.11-2

2022.*

2022.02~rc1-1
2022.02~rc1-1ubuntu1
2022.02-1
2022.02-2
2022.02-3
2022.02-3ubuntu0.22.04.1
2022.02-3ubuntu0.22.04.2
2022.02-3ubuntu0.22.04.3

Ubuntu:24.04:LTS / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2@2024.02-2ubuntu0.4?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.05-2
2023.11-2
2023.11-3
2023.11-4
2023.11-5
2023.11-6
2023.11-8

2024.*

2024.02-1
2024.02-2
2024.02-2ubuntu0.1
2024.02-2ubuntu0.3
2024.02-2ubuntu0.4

Ubuntu:25.04 / edk2

Package

Name
edk2
Purl
pkg:deb/ubuntu/edk2@2025.02-3ubuntu2.1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2024.*

2024.05-2ubuntu0.1
2024.08-4
2024.11-1
2024.11-2
2024.11-5

2025.*

2025.02-3ubuntu1
2025.02-3ubuntu2
2025.02-3ubuntu2.1