DSA-2026-245: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Zusammenfassung: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Betroffene Produkte und Korrektur

Workarounds und Korrekturmaßnahmen

Betroffene Produkte

Dieser Artikel gilt für Dieser Artikel gilt nicht für Dieser Artikel ist nicht an ein bestimmtes Produkt gebunden. In diesem Artikel werden nicht alle Produktversionen aufgeführt.

Andere Ressourcen ansehen

Auswirkungen

High

Details

Third-party Component	CVEs	More Information
Linux Kernel	CVE-2026-31431	https://nvd.nist.gov/vuln/search

Dell Technologies empfiehlt allen Kunden, sowohl die CVSS-Gesamtbewertung als auch alle relevanten zeitlichen und umweltbezogenen Bewertungen zu berücksichtigen, die sich auf den potenziellen Schweregrad einer bestimmten Sicherheitsschwachstelle auswirken können.

Betroffene Produkte und Korrektur

CVEs Addressed	Product	Affected Versions	Remediated Versions	Link
CVE-2026-31431	Dell VxRail Appliance	Versions prior to 8.0.390	Version 8.0.390 or later Customers are encouraged to follow mitigation steps below until remediation has been released.	Target Availability: June 2026

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2026-31431

Dell VxRail Appliance

Versions prior to 8.0.390

Version 8.0.390 or later

Customers are encouraged to follow mitigation steps below until remediation has been released.

Target Availability:
June 2026

CVEs Addressed	Product	Affected Versions	Remediated Versions	Link
CVE-2026-31431	Dell VxRail Appliance	Versions prior to 8.0.390	Version 8.0.390 or later Customers are encouraged to follow mitigation steps below until remediation has been released.	Target Availability: June 2026

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2026-31431

Dell VxRail Appliance

Versions prior to 8.0.390

Version 8.0.390 or later

Customers are encouraged to follow mitigation steps below until remediation has been released.

Target Availability:
June 2026

Workarounds und Korrekturmaßnahmen

CVE ID	Workaround and Mitigation
CVE-2026-31431	For customers who need to mitigate the vulnerability before upgrading, Dell recommends blacklisting the algif_aead kernel module. Steps to Apply the Workaround: SSH into the VxRail Manager as root. Run the following commands to blacklist the module and unload it if currently loaded: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf rmmod algif_aead 2>/dev/null Verify the workaround is in effect: modprobe algif_aead This command should fail (module load denied). lsmod \| grep algif_aead This should return empty (module not loaded). Notes on the workaround: The install algif_aead /bin/false directive redirects any module load request to /bin/false, effectively denying the load. The blacklist configuration file (/etc/modprobe.d/disable-algif-aead.conf) is not overwritten by kernel package updates and will persist across VxRail LCM upgrades. Disabling algif_aead will not affect: OS boot/shutdown/reboot, kernel updates, network services (SSH, HTTP, DNS), IPsec VPN, disk encryption (dm-crypt/LUKS), container runtime (Docker/containerd), any VxRail Manager functions, or vCenter operations. Removing the Workaround After Upgrade After upgrading to VxRail 8.0.390 or later, Dell strongly recommends removing the blacklist configuration to ensure compatibility with potential future enhancements: rm -f /etc/modprobe.d/disable-algif-aead.conf

CVE ID

Workaround and Mitigation

CVE-2026-31431

For customers who need to mitigate the vulnerability before upgrading, Dell recommends blacklisting the algif_aead kernel module.

Steps to Apply the Workaround:

SSH into the VxRail Manager as root.
Run the following commands to blacklist the module and unload it if currently loaded:

echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf
rmmod algif_aead 2>/dev/null

Verify the workaround is in effect:

modprobe algif_aead

This command should fail (module load denied).

lsmod | grep algif_aead

This should return empty (module not loaded).

Notes on the workaround:

The install algif_aead /bin/false directive redirects any module load request to /bin/false, effectively denying the load.
The blacklist configuration file (/etc/modprobe.d/disable-algif-aead.conf) is not overwritten by kernel package updates and will persist across VxRail LCM upgrades.
Disabling algif_aead will not affect: OS boot/shutdown/reboot, kernel updates, network services (SSH, HTTP, DNS), IPsec VPN, disk encryption (dm-crypt/LUKS), container runtime (Docker/containerd), any VxRail Manager functions, or vCenter operations.

Removing the Workaround After Upgrade

After upgrading to VxRail 8.0.390 or later, Dell strongly recommends removing the blacklist configuration to ensure compatibility with potential future enhancements:

rm -f /etc/modprobe.d/disable-algif-aead.conf

Revisionsverlauf

Revision	Date	Description
1.0	2026-06-05	Initial Release

Zugehörige Informationen

Rechtlicher Hinweis

Betroffene Produkte

VxRail, VxRail 460 and 470 Nodes, VxRail Appliance Series, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF

Produkte

VxRail G Series Nodes, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF , VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VxRail P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail S670, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF, VXRAIL V670F, VxRail VD-4000R, VxRail VD-4000W, VxRail VD-4000Z, VxRail VD-4510C, VxRail VD-4520C, VxRail VD Series Nodes, VxRail VE-660, VxRail VE-6615, VxRail VE-670, VxRail VP-760, VxRail VP-7625, VxRail VP-770, VxRail VS-760 ...

Artikelnummer: 000473635

Artikeltyp: Dell Security Advisory

Zuletzt geändert: 05 Juni 2026

Prüfen Sie, ob Ihr Gerät durch Support Services abgedeckt ist.

DSA-2026-245: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Zusammenfassung: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Auswirkungen

Details

Betroffene Produkte und Korrektur

Workarounds und Korrekturmaßnahmen

Revisionsverlauf

Verwandte Informationen

Rechtlicher Hinweis

Betroffene Produkte

Auswirkungen

Details

Betroffene Produkte und Korrektur

Workarounds und Korrekturmaßnahmen

Revisionsverlauf

Zugehörige Informationen

Rechtlicher Hinweis

Betroffene Produkte

Produkte

Artikeleigenschaften

Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen

Support Services

Artikeleigenschaften

Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen

Support Services

DSA-2026-245: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Zusammenfassung: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Ausführlicher Artikel

Auswirkungen

Details

Betroffene Produkte und Korrektur

Workarounds und Korrekturmaßnahmen

Revisionsverlauf

Zugehörige Informationen

Rechtlicher Hinweis

Betroffene Produkte

Produkte

Artikeleigenschaften

Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen

Support Services

Artikeleigenschaften

Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen

Support Services