A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.