DSA-2026-245: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Impact

Critical

Details

Third-party Component CVEs More Information
Linux Kernel CVE-2023-2058, CVE-2023-20585, CVE-2023-53817, CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2024-38542, CVE-2025-6075, CVE-2025-10158, CVE-2025-11468, CVE-2025-12084, CVE-2025-13462, CVE-2025-13836, CVE-2025-13837, CVE-2025-15282, CVE-2025-37861, CVE-2025-39817, CVE-2025-39964, CVE-2025-39998, CVE-2025-40099, CVE-2025-40103, CVE-2025-40253, CVE-2025-45582, CVE-2025-54518, CVE-2025-66614, CVE-2025-71066, CVE-2025-71113, CVE-2025-71231, CVE-2026-0672, CVE-2026-0865, CVE-2026-1299, CVE-2026-1502, CVE-2026-1519, CVE-2026-1801, CVE-2026-1965, CVE-2026-2291, CVE-2026-2297, CVE-2026-3446, CVE-2026-3479, CVE-2026-3644, CVE-2026-3833, CVE-2026-4046, CVE-2026-4105, CVE-2026-4224, CVE-2026-4271, CVE-2026-4437, CVE-2026-4438, CVE-2026-4519, CVE-2026-4786, CVE-2026-4873, CVE-2026-4878, CVE-2026-4890, CVE-2026-4891, CVE-2026-4892, CVE-2026-4893, CVE-2026-5172, CVE-2026-5260, CVE-2026-5419, CVE-2026-5450, CVE-2026-5545, CVE-2026-5928, CVE-2026-6019, CVE-2026-6100, CVE-2026-6253, CVE-2026-6276, CVE-2026-6429, CVE-2026-6472, CVE-2026-6473, CVE-2026-6474, CVE-2026-6475, CVE-2026-6476, CVE-2026-6477, CVE-2026-6478, CVE-2026-6479, CVE-2026-6507, CVE-2026-6575, CVE-2026-6637, CVE-2026-6638, CVE-2026-21620, CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-23004, CVE-2026-23054, CVE-2026-23060, CVE-2026-23074, CVE-2026-23089, CVE-2026-23103, CVE-2026-23111, CVE-2026-23141, CVE-2026-23157, CVE-2026-23191, CVE-2026-23202, CVE-2026-23204, CVE-2026-23207, CVE-2026-23209, CVE-2026-23214, CVE-2026-23231, CVE-2026-23239, CVE-2026-23240, CVE-2026-23243, CVE-2026-23268, CVE-2026-23269, CVE-2026-23271, CVE-2026-23272, CVE-2026-23273, CVE-2026-23274, CVE-2026-23278, CVE-2026-23293, CVE-2026-23317, CVE-2026-23351, CVE-2026-23381, CVE-2026-23393, CVE-2026-23398, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407, CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411, CVE-2026-23412, CVE-2026-23413, CVE-2026-23449, CVE-2026-23450, CVE-2026-23458, CVE-2026-23461, CVE-2026-23462, CVE-2026-23865, CVE-2026-23918, CVE-2026-23941, CVE-2026-23942, CVE-2026-23943, CVE-2026-24880, CVE-2026-25854, CVE-2026-27135, CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-28808, CVE-2026-29111, CVE-2026-29129, CVE-2026-29145, CVE-2026-29146, CVE-2026-29518, CVE-2026-31402, CVE-2026-31403, CVE-2026-31405, CVE-2026-31408, CVE-2026-31413, CVE-2026-31431, CVE-2026-31436, CVE-2026-31470, CVE-2026-31473, CVE-2026-31504, CVE-2026-31505, CVE-2026-31507, CVE-2026-31512, CVE-2026-31528, CVE-2026-31533, CVE-2026-31568, CVE-2026-31570, CVE-2026-31586, CVE-2026-31588, CVE-2026-31602, CVE-2026-31607, CVE-2026-31613, CVE-2026-31614, CVE-2026-31622, CVE-2026-31629, CVE-2026-31649, CVE-2026-31656, CVE-2026-31662, CVE-2026-31669, CVE-2026-31685, CVE-2026-31694, CVE-2026-31700, CVE-2026-31738, CVE-2026-31758, CVE-2026-31786, CVE-2026-31787, CVE-2026-31788, CVE-2026-31789, CVE-2026-31790, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-32990, CVE-2026-33412, CVE-2026-33416, CVE-2026-33636, CVE-2026-33845, CVE-2026-33846, CVE-2026-34268, CVE-2026-34282, CVE-2026-34477, CVE-2026-34483, CVE-2026-34486, CVE-2026-34487, CVE-2026-34500, CVE-2026-34714, CVE-2026-34743, CVE-2026-34982, CVE-2026-35328, CVE-2026-35329, CVE-2026-35330, CVE-2026-35332, CVE-2026-35333, CVE-2026-35334, CVE-2026-35385, CVE-2026-35414, CVE-2026-35535, CVE-2026-41035, CVE-2026-41054, CVE-2026-42009, CVE-2026-42010, CVE-2026-42011, CVE-2026-42012, CVE-2026-42013, CVE-2026-42014, CVE-2026-42015, CVE-2026-42198, CVE-2026-42307, CVE-2026-42945, CVE-2026-43025, CVE-2026-43027, CVE-2026-43037, CVE-2026-43038, CVE-2026-43044, CVE-2026-43050, CVE-2026-43110, CVE-2026-43120, CVE-2026-43126, CVE-2026-43190, CVE-2026-43206, CVE-2026-43214, CVE-2026-43284, CVE-2026-43329, CVE-2026-43330, CVE-2026-43334, CVE-2026-43362, CVE-2026-43365, CVE-2026-43366, CVE-2026-43437, CVE-2026-43494, CVE-2026-43499, CVE-2026-43500, CVE-2026-43501, CVE-2026-43503, CVE-2026-46331, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-43961, CVE-2026-44656, CVE-2026-45130, CVE-2026-45232, CVE-2026-45852, CVE-2026-45910, CVE-2026-45970, CVE-2026-46004, CVE-2026-46021, CVE-2026-46043, CVE-2026-46113, CVE-2026-46114, CVE-2026-46243, CVE-2026-46300, CVE-2026-46333, CVE-2026-46483 https://nvd.nist.gov/vuln/search This hyperlink is taking you to a website outside of Dell Technologies.
Intel Processor Firmware CVE-2025-31648 DSA-2026-012
Platform Initialization (PI) Firmware CVE-2025-54510, CVE-2025-54502, CVE-2025-54509, CVE-2025-61972, CVE-2025-61971, CVE-2024-36315 DSA-2026-041 , DSA-2026-042 , DSA-2026-043 , DSA-2026-076
Tianocore EDK2 CVE-2024-38798 DSA-2026-040
OpenSSL CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796 DSA-2026-154 , DSA-2026-136
Python CVE-2026-26950, CVE-2025-13836 https://nvd.nist.gov/vuln/search This hyperlink is taking you to a website outside of Dell Technologies.
UEFI Reference Firmware Advisory CVE-2025-35991 DSA-2026-027
vCenter 8.0 Update 3i vulnerabilities CVE-2026-2004, CVE-2026-2005, CVE-2026-2003, CVE-2026-2006, CVE-2019-16884, CVE-2025-52881, CVE-2025-52565, CVE-2025-31133, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2025-58767, CVE-2025-13151, CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789, CVE-2026-31790, CVE-2025-0395, CVE-2025-8058, CVE-2026-0861, CVE-2026-0915, CVE-2025-15281, CVE-2025-70873, CVE-2026-25749, CVE-2026-28422, CVE-2026-28417, CVE-2026-28419, CVE-2026-28420, CVE-2026-28421, CVE-2026-28418, CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14796, CVE-2020-14797, CVE-2021-2163, CVE-2021-2161, CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35565, CVE-2021-35567, CVE-2021-35586, CVE-2021-35603, CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-21271, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21496, CVE-2022-21476, CVE-2022-21540, CVE-2022-21541, CVE-2022-34169, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399, CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22045, CVE-2023-22049, CVE-2023-22081, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952, CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094, CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21145, CVE-2024-21147, CVE-2024-21144, CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, CVE-2024-21235, CVE-2025-21502, CVE-2025-21587, CVE-2025-30691, CVE-2025-30698, CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945, CVE-2026-25068, CVE-2025-61662, CVE-2025-61663, CVE-2025-61664, CVE-2025-14087, CVE-2025-14512, CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945, CVE-2026-2781CVE-2026-2004, CVE-2026-2005, CVE-2026-2003, CVE-2026-2006, CVE-2019-16884, CVE-2025-52881, CVE-2025-52565, CVE-2025-31133, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2025-58767, CVE-2025-13151, CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789, CVE-2026-31790, CVE-2025-0395, CVE-2025-8058, CVE-2026-0861, CVE-2026-0915, CVE-2025-15281, CVE-2025-70873, CVE-2026-25749, CVE-2026-28422, CVE-2026-28417, CVE-2026-28419, CVE-2026-28420, CVE-2026-28421, CVE-2026-28418, CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14796, CVE-2020-14797, CVE-2021-2163, CVE-2021-2161, CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35565, CVE-2021-35567, CVE-2021-35586, CVE-2021-35603, CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-21271, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21496, CVE-2022-21476, CVE-2022-21540, CVE-2022-21541, CVE-2022-34169, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399, CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22045, CVE-2023-22049, CVE-2023-22081, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952, CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094, CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21145, CVE-2024-21147, CVE-2024-21144, CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, CVE-2024-21235, CVE-2025-21502, CVE-2025-21587, CVE-2025-30691, CVE-2025-30698, CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945, CVE-2026-25068, CVE-2025-61662, CVE-2025-61663, CVE-2025-61664, CVE-2025-14087, CVE-2025-14512, CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945, CVE-2026-2781 https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/vcenter-server-appliance-photonos-security-patches.html This hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions prior to 8.0.390

Version 8.0.390 or later

https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions prior to 8.0.390

Version 8.0.390 or later

https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Workarounds & Mitigations

CVE ID Workaround and Mitigation
CVE-2026-31431

For customers who need to mitigate the vulnerability before upgrading, Dell recommends blacklisting the algif_aead kernel module.

Steps to Apply the Workaround:

  1. SSH into the VxRail Manager as root.
  2. Run the following commands to blacklist the module and unload it if currently loaded:

echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf
rmmod algif_aead 2>/dev/null

  1. Verify the workaround is in effect:

modprobe algif_aead

This command should fail (module load denied).

lsmod | grep algif_aead

This should return empty (module not loaded).

Notes on the workaround:

  • The install algif_aead /bin/false directive redirects any module load request to /bin/false, effectively denying the load.
  • The blacklist configuration file (/etc/modprobe.d/disable-algif-aead.conf) is not overwritten by kernel package updates and will persist across VxRail LCM upgrades.
  • Disabling algif_aead will not affect: OS boot/shutdown/reboot, kernel updates, network services (SSH, HTTP, DNS), IPsec VPN, disk encryption (dm-crypt/LUKS), container runtime (Docker/containerd), any VxRail Manager functions, or vCenter operations.

Removing the Workaround After Upgrade

After upgrading to VxRail 8.0.390 or later, Dell strongly recommends removing the blacklist configuration to ensure compatibility with potential future enhancements:

rm -f /etc/modprobe.d/disable-algif-aead.conf
CVE-2026-6923

The TPM component used in Dell VxRail does not have a mechanism for updates through standard platform or lifecycle management releases. Customers must contact Dell Support to obtain and apply TPM firmware updates on cluster nodes or refer DSA-2026-224 and use the Drivers & Downloads page for their respective PowerEdge platform to identify the applicable TPM firmware package, search for “TPM”, and select the appropriate Trusted Platform Module firmware package. The package provides detailed installation instructions, including steps for applying the update using iDRAC or Lifecycle Controller.

 

Revision History

RevisionDateDescription
1.02026-06-05Initial Release
2.02026-07-01Updated Affected Products and Remediation table. Target availability changed to July
3.02026-07-09Updated the Third Party Components and Affected Products and Remediation tables

 

Related Information

Affected Products

VxRail, VxRail 460 and 470 Nodes, VxRail Appliance Series, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF

Products

VxRail G Series Nodes, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF , VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VxRail P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail S670, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF, VXRAIL V670F, VxRail VD-4000R, VxRail VD-4000W, VxRail VD-4000Z, VxRail VD-4510C, VxRail VD-4520C, VxRail VD Series Nodes, VxRail VE-660, VxRail VE-6615, VxRail VE-670, VxRail VP-760, VxRail VP-7625, VxRail VP-770, VxRail VS-760 ...
Article Properties
Article Number: 000473635
Article Type: Dell Security Advisory
Last Modified: 09 يوليو 2026
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.