DSA-2025-337: Security Update for Dell Enterprise SONiC Distribution Vulnerabilities
Oversigt: Dell Enterprise SONiC remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Denne artikel gælder for
Denne artikel gælder ikke for
Denne artikel er ikke knyttet til et bestemt produkt.
Det er ikke alle produktversioner, der er identificeret i denne artikel.
Virkning
High
Oplysninger
|
Third-party Component |
CVEs |
More Information |
|
shadow |
CVE-2018-7169, CVE-2023-4641, CVE-2023-29383 |
|
|
busybox |
CVE-2018-20679, CVE-2021-28831, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386, CVE-2022-48174, CVE-2023-42364, CVE-2023-42365 |
|
|
openssh |
CVE-2025-26465, CVE-2025-32728 |
|
|
libxml2 |
CVE-2022-49043, CVE-2023-39615, CVE-2023-45322, CVE-2024-25062, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2025-32414, CVE-2025-32415 |
|
|
krb5 |
CVE-2025-24528, CVE-2025-3576 |
|
|
libtasn1-6 |
CVE-2024-12133 |
|
|
gnutls28 |
CVE-2024-12243 |
|
|
libcap2 |
CVE-2023-2602, CVE-2023-2603, CVE-2025-1390 |
|
|
python 3.9 |
CVE-2022-0391, CVE-2025-0938, CVE-2025-1795 |
|
|
vim |
CVE-2021-3872, CVE-2021-4019, CVE-2021-4173, CVE-2021-4187, CVE-2022-0261, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0417, CVE-2022-0572, CVE-2022-1616, CVE-2022-1785, CVE-2022-1897, CVE-2022-1942, CVE-2022-2000, CVE-2022-2129, CVE-2022-2304, CVE-2022-3099, CVE-2022-3134, CVE-2022-3324, CVE-2022-4141, CVE-2023-0054, CVE-2023-1175, CVE-2023-2610, CVE-2023-4738, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2024-22667, CVE-2024-43802, CVE-2024-47814 |
|
|
freetype |
CVE-2025-27363 |
|
|
libxslt |
CVE-2024-55549, CVE-2025-24855 |
|
|
wget |
CVE-2024-38428 |
|
|
hiredis |
CVE-2020-7105 |
|
|
libbpf |
CVE-2022-3534, CVE-2022-3606 |
|
|
curl |
CVE-2024-2398, CVE-2024-8096 |
|
|
glibc |
CVE-2025-0395, CVE-2025-4802 |
|
|
expat |
CVE-2024-50602 |
|
|
u-boot |
CVE-2019-14196, CVE-2022-2347, CVE-2022-30552, CVE-2022-30767, CVE-2022-30790, CVE-2022-33103, CVE-2022-33967, CVE-2022-34835, CVE-2024-57254, CVE-2024-57255, CVE-2024-57256, CVE-2024-57257, CVE-2024-57258, CVE-2024-57259 |
|
|
net-tools |
CVE-2025-46836 |
|
|
icu |
CVE-2025-5222 |
|
|
python 2.7 |
CVE-2023-27043, CVE-2024-0397, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-11168, CVE-2025-0938 |
|
|
bind9 |
CVE-2024-11187 |
Berørte produkter og udbedring
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell Enterprise SONiC Distribution |
Versions prior to 4.4.3 |
Version 4.4.3 |
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell Enterprise SONiC Distribution |
Versions prior to 4.4.3 |
Version 4.4.3 |
- SONiC downloads are also available from My Account.
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Revisionshistorik
|
Revision |
Date |
Description |
|
1.0 |
2025-09-03 |
Initial Release |
|
2.0 |
2025-11-03 |
Added python 2.7 and corresponding CVEs to the list of Third-Party components. |
|
3.0 |
2025-11-05 |
Added bind9 and corresponding CVE to the list of Third-Party components. |
Relaterede oplysninger
Ansvarsfraskrivelse
Berørte produkter
PowerSwitch E3200-ON Series, Dell EMC Networking N3200-ON, PowerSwitch S3248T-ON, PowerSwitch S4348F/S4348T-ON, PowerSwitch S5212F-ON, PowerSwitch S5224F-ON, PowerSwitch S5232F-ON, PowerSwitch S5248F-ON, PowerSwitch S5296F-ON, PowerSwitch S5448F-ON
, PowerSwitch Z9264F-ON, PowerSwitch Z9332F-ON, PowerSwitch Z9432F-ON, PowerSwitch Z9664F-ON, PowerSwitch Z9864F-ON
...
Artikelegenskaber
Artikelnummer: 000364903
Artikeltype: Dell Security Advisory
Senest ændret: 05 nov. 2025
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.