DEBIAN-CVE-2024-38798
- Source
- https://security-tracker.debian.org/tracker/CVE-2024-38798
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-38798.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2024-38798
- Upstream
- Published
- 2025-12-09T16:17:27.787Z
- Modified
- 2026-03-17T02:45:34.895417Z
- Severity
-
- 5.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
- Summary
- [none]
- Details
-
EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality.
- References
Affected packages
Debian:11 / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/debian/edk2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2020.*
2020.11-2
2020.11-2+deb11u1
2020.11-2+deb11u2
2020.11-2+deb11u3
2020.11-3
2020.11-4
2020.11-5
2021.*
2021.02-1
2021.05-1
2021.08~rc0-1
2021.08~rc0-2
2021.08-1
2021.08-2
2021.08-3
2021.11~rc1-1
2021.11-1
2021.11-2
2022.*
2022.02~rc1-1
2022.02-1
2022.02-2
2022.02-3
2022.05~rc1-1
2022.05-1
2022.05-2
2022.05-3
2022.05-4
2022.08-1
2022.11-1
2022.11-2
2022.11-3
2022.11-4
2022.11-5
2022.11-6
2023.*
2023.02-1
2023.02-2
2023.05-1
2023.05-2
2023.08-1
2023.11-1
2023.11-2
2023.11-3
2023.11-4
2023.11-5
2023.11-6
2023.11-7
2023.11-8
2024.*
2024.02-1
2024.02-2
2024.05-1
2024.05-2
2024.08-1
2024.08-2
2024.08-3
2024.08-4
2024.11-1
2024.11-2
2024.11-3
2024.11-4
2024.11-5
2025.*
2025.02-1
2025.02-2
2025.02-3
2025.02-4
2025.02-5
2025.02-6
2025.02-7
2025.02-8
2025.02-9
2025.02-10
2025.05-1
2025.05-2
2025.08.01-1
2025.08.01-2
2025.08.01-3
2025.08.01-4
2025.08.01-5
2025.08.01-6
2025.11-1
2025.11-2
2025.11-3
2025.11-4
Debian:12 / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/debian/edk2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2022.*
2022.11-6
2022.11-6+deb12u1
2022.11-6+deb12u2
2023.*
2023.02-1
2023.02-2
2023.05-1
2023.05-2
2023.08-1
2023.11-1
2023.11-2
2023.11-3
2023.11-4
2023.11-5
2023.11-6
2023.11-7
2023.11-8
2024.*
2024.02-1
2024.02-2
2024.05-1
2024.05-2
2024.08-1
2024.08-2
2024.08-3
2024.08-4
2024.11-1
2024.11-2
2024.11-3
2024.11-4
2024.11-5
2025.*
2025.02-1
2025.02-2
2025.02-3
2025.02-4
2025.02-5
2025.02-6
2025.02-7
2025.02-8
2025.02-9
2025.02-10
2025.05-1
2025.05-2
2025.08.01-1
2025.08.01-2
2025.08.01-3
2025.08.01-4
2025.08.01-5
2025.08.01-6
2025.11-1
2025.11-2
2025.11-3
2025.11-4
Debian:13 / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/debian/edk2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:14 / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/debian/edk2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected