CNNVD-202511-2866 Information

CNNVD ID

CNNVD-202511-2866

Related CVE

CVE-2025-2486

• CNNVD Published: 2025-11-26

Description (Chinese)

Ubuntu EDK2是Ubuntu开源的一个固件开发工具包。 Ubuntu edk2存在安全漏洞，该漏洞源于Secure Boot环境中允许访问UEFI Shell，可能导致Secure Boot约束被绕过。

Description (English)

Ubuntu EDK2 is a solidware development toolkit for Ubuntu open source. There is a security loophole in Ubuntu edk2, which stems from the fact that access to UEFI Shell is allowed in the Secure Boot environment, which may lead to the circumvention of the Secure Boot constraint.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ubuntu

Published

2025-11-26

Last Modified

2026-02-24

References

https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2101797 https://access.redhat.com/security/cve/cve-2025-2486

Patch

https://github.com/tianocore/edk2/releases