Article Number: 000189828
Security KB
The CVE IDs are listed in the table below.
This article provides a list of security vulnerabilities that cannot be exploited on Dell CSI Drivers, but which may be flagged by security scanners.
Dell CSI Driver for PowerScale 1.6
Dell CSI Driver for PowerStore 1.4
Dell CSI Driver for PowerFlex 1.5
Dell CSI Driver for PowerMax 1.7
Dell CSI Driver for UnityXT 1.6
Dell CSI Operator 1.4.0
Embedded Component | CVE ID | Summary of Vulnerability | Reason why Product is not Vulnerable | Date Determined False Positive |
Glibc - 2.28-151.el8 | CVE-2019-1010022 | ** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. https://sourceware.org/bugzilla/show_bug.cgi?id=22850 |
Upstream comments indicate "this is being treated as a non-security bug and no real threat | 16-June-2021 |
Product Security Information
23 Jul 2021
1
Security KB