DSA-2024-008: Security Update for Dell XtremIO X2 Multiple Component Vulnerabilities

Summary: Dell XtremIO X2 remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-party Component 

CVEs 

More Information 

bind 

CVE-2023-2828, CVE-2023-3341 

RHSA-2023-4152This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023-5691This hyperlink is taking you to a website outside of Dell Technologies. 

c-ares 

CVE-2023-32067 

RHSA-2023:3741This hyperlink is taking you to a website outside of Dell Technologies. 

cyrus-sasl 

CVE-2022-24407 

RHSA-2022:0666This hyperlink is taking you to a website outside of Dell Technologies.

emacs 

CVE-2022-48339 

RHSA-2023:3481This hyperlink is taking you to a website outside of Dell Technologies. 

gd 

CVE-2016-5766 

RHSA-2020:5443This hyperlink is taking you to a website outside of Dell Technologies.

gcc 

CVE-2021-42574 

RHSA-2021:4033This hyperlink is taking you to a website outside of Dell Technologies. 

git 

CVE-2023-25652, CVE-2023-29007 

RHSA-2023:3263This hyperlink is taking you to a website outside of Dell Technologies. 

gzip 

CVE-2022-1271 

RHSA-2022:2191This hyperlink is taking you to a website outside of Dell Technologies. 

httpd 

CVE-2016-2161, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2022-22720, CVE-2023-25690 

RHSA-2017:0906This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:0143This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2021:3856This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:1045This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1593This hyperlink is taking you to a website outside of Dell Technologies. 

kernel 

CVE-2023-35001, CVE-2023-35788, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208, CVE-2023-42753, CVE-2023-4623, CVE-2024-1086, CVE-2023-4921, CVE-2020-36385, CVE-2020-0466, CVE-2022-0492, CVE-2022-0330, CVE-2021-3752, CVE-2022-32250, CVE-2022-1729, CVE-2022-42896, CVE-2022-3564, CVE-2022-22942, CVE-2023-32233, CVE-2022-4378, CVE-2020-0465, CVE-2021-0920, CVE-2020-36322, CVE-2022-42703, CVE-2020-25704 

RHSA-2022:0063This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:4151This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2021:4777This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:5232This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:4642This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1091This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:0620This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:5622This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:4819This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:7423This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:0346This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:2004This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:1249This hyperlink is taking you to a website outside of Dell Technologies. 

krb5-devel/krb5-libs 

CVE-2022-42898 

RHSA-2022:8640This hyperlink is taking you to a website outside of Dell Technologies. 

libssh2 

CVE-2020-22218 

RHSA-2023:5615This hyperlink is taking you to a website outside of Dell Technologies. 

libXpm 

CVE-2022-4883 

RHSA-2023:0377This hyperlink is taking you to a website outside of Dell Technologies. 

nss 

CVE-2021-43527, CVE-2023-0767 

RHSA-2021:4904This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1332This hyperlink is taking you to a website outside of Dell Technologies.

openldap 

CVE-2020-25709, CVE-2020-25710 

RHSA-2022:0621This hyperlink is taking you to a website outside of Dell Technologies. 

openssh 

CVE-2023-38408 

RHSA-2023:4382This hyperlink is taking you to a website outside of Dell Technologies. 

openssl 

CVE-2016-2183, CVE-2021-23840, CVE-2021-3712, CVE-2022-0778, CVE-2023-0286 

RHSA-2018:2123This hyperlink is taking you to a website outside of Dell Technologies. , RHSA-2021:3798This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:0064This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:1066This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1335This hyperlink is taking you to a website outside of Dell Technologies. 

open-vm-tools 

CVE-2022-31676, CVE-2023-20900, CVE-2023-34058, CVE-2023-34059 

RHSA-2022:6381This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:5217This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:7279This hyperlink is taking you to a website outside of Dell Technologies. 

polkit 

CVE-2021-4034 

RHSA-2022:0274This hyperlink is taking you to a website outside of Dell Technologies. 

python 

CVE-2023-24329, CVE-2020-26137, CVE-2020-26116 

RHSA-2023:3555This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:5235This hyperlink is taking you to a website outside of Dell Technologies. 

python-pillow 

CVE-2022-22817, CVE-2023-44271 

RHSA-2022:0609This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:0345This hyperlink is taking you to a website outside of Dell Technologies. 

rpm 

CVE-2021-20271 

RHSA-2021:4785This hyperlink is taking you to a website outside of Dell Technologies. 

rsync 

CVE-2022-29154 

RHSA-2022:6170This hyperlink is taking you to a website outside of Dell Technologies. 

rsyslog 

CVE-2022-24903 

RHSA-2022:4803This hyperlink is taking you to a website outside of Dell Technologies. 

samba 

CVE-2022-38023, CVE-2020-25717, CVE-2016-2124 

RHSA-2023:1090This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2021:5192This hyperlink is taking you to a website outside of Dell Technologies. 

ssd 

CVE-2022-4254 

RHSA-2023:0403This hyperlink is taking you to a website outside of Dell Technologies. 

sudo 

CVE-2023-22809 

RHSA-2023:0291This hyperlink is taking you to a website outside of Dell Technologies. 

xz 

CVE-2022-1271 

RHSA-2022:5052This hyperlink is taking you to a website outside of Dell Technologies. 

zlib 

CVE-2018-25032 

RHSA-2022:2213This hyperlink is taking you to a website outside of Dell Technologies. 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product  

Software/Firmware  

Affected Versions  

Remediated Versions 

Link 

XtremIO X2  

XMS 

Versions prior to 6.4.2-13 

Version 6.4.2-13 or later 

https://dl.dell.com/downloads/P8R9D_XtremIO-6.4.2-&-XMS-6.4.2-(6.4.2-13_X2_XIOS_6.4.2-13_XMS).tar 

Product  

Software/Firmware  

Affected Versions  

Remediated Versions 

Link 

XtremIO X2  

XMS 

Versions prior to 6.4.2-13 

Version 6.4.2-13 or later 

https://dl.dell.com/downloads/P8R9D_XtremIO-6.4.2-&-XMS-6.4.2-(6.4.2-13_X2_XIOS_6.4.2-13_XMS).tar 
Dell advises that you consistently upgrade to the most recent release/version of your product.

Revision History

Revision DateDescription
1.02024-08-06Initial Release
2.02024-08-06Updated for enhanced presentation with no changes to content.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

XtremIO, XtremIO Family, XtremIO X2
Article Properties
Article Number: 000227569
Article Type: Dell Security Advisory
Last Modified: 09 Sep 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.