DSA-2024-310: Sikkerhedsopdatering til Dell PowerEdge-server for adgang til hukommelsesplacering efter ophør af buffersårbarhed

Summary: Dell PowerEdge-serverafhjælpning er tilgængelig for adgang til hukommelsesplacering efter ophør af buffersårbarhed, der kan udnyttes af ondsindede brugere til at kompromittere de berørte systemer. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Low

Details

Navnebeskyttede CVE-koder Beskrivelse CVSS Basisscore CVSS Vektorstreng
CVE-2024-38304 Dell PowerEdge-platform, 14G Intel BIOS-version(er) før 2.22.x, indeholder en adgang til hukommelsesplacering efter ophør af buffersårbarhed. En hacker med få rettigheder og lokal adgang kan potentielt udnytte denne sårbarhed, hvilket kan føre til afsløring af oplysninger. 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NDette hyperlink fører dig til et websted uden for Dell Technologies.
Navnebeskyttede CVE-koder Beskrivelse CVSS Basisscore CVSS Vektorstreng
CVE-2024-38304 Dell PowerEdge-platform, 14G Intel BIOS-version(er) før 2.22.x, indeholder en adgang til hukommelsesplacering efter ophør af buffersårbarhed. En hacker med få rettigheder og lokal adgang kan potentielt udnytte denne sårbarhed, hvilket kan føre til afsløring af oplysninger. 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NDette hyperlink fører dig til et websted uden for Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Produkt

Software/firmware

Berørte versioner

Opdaterede versioner

Link

PowerEdge R740

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r740/drivers

PowerEdge R740XD

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r740xd/drivers

PowerEdge R640

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r640/drivers

PowerEdge R940

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r940/drivers

PowerEdge R540

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r540/drivers

PowerEdge R440

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r440/drivers

PowerEdge T440

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-t440/drivers

PowerEdge XR2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/oth-r440-xr/drivers

PowerEdge-R740XD2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r740xd2/drivers

PowerEdge R840

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/homeproduct-support/product/poweredge-r840/drivers

PowerEdge R940XA

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r940xa/drivers

PowerEdge T640

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-t640/drivers

PowerEdge C6420

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-c6420/drivers

PowerEdge FC640

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-fc640/drivers

PowerEdge M640

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-m640/drivers

PowerEdge M640 (til PE VRTX)

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-m640p/drivers

PowerEdge MX740C

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-mx740c/drivers

PowerEdge MX840C

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-mx840c/drivers

PowerEdge C4140

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-c4140/drivers

DSS 8440

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-dss-8440/drivers

PowerEdge XE2420

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-xe2420/drivers

PowerEdge XE7420

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-xe7420/drivers

PowerEdge XE7440

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-xe7440/drivers

Dell EMC-storage NX3240

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/storage-nx3240/drivers

Dell EMC-storage NX3340

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/storage-nx3340/drivers

Dell EMC XC Core 6420-system

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc6420-ent-xc/drivers

Dell EMC XC Core XC640 System

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc640-ent-xc/drivers

Dell EMC XC Core XC740xd System

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc740xd-ent-xc/drivers

Dell EMC XC-kerne XC740xd2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/dell-emc-xc740-xd2/drivers

Dell EMC XC Core XC940 System

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc940-ent-xc/drivers

Dell EMC XC Kerne XCXR2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/dell-emc-xc-core-xcxr2/drivers

Produkt

Software/firmware

Berørte versioner

Opdaterede versioner

Link

PowerEdge R740

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r740/drivers

PowerEdge R740XD

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r740xd/drivers

PowerEdge R640

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r640/drivers

PowerEdge R940

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r940/drivers

PowerEdge R540

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r540/drivers

PowerEdge R440

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r440/drivers

PowerEdge T440

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-t440/drivers

PowerEdge XR2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/oth-r440-xr/drivers

PowerEdge-R740XD2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r740xd2/drivers

PowerEdge R840

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/homeproduct-support/product/poweredge-r840/drivers

PowerEdge R940XA

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-r940xa/drivers

PowerEdge T640

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-t640/drivers

PowerEdge C6420

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-c6420/drivers

PowerEdge FC640

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-fc640/drivers

PowerEdge M640

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-m640/drivers

PowerEdge M640 (til PE VRTX)

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-m640p/drivers

PowerEdge MX740C

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-mx740c/drivers

PowerEdge MX840C

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-mx840c/drivers

PowerEdge C4140

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-c4140/drivers

DSS 8440

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-dss-8440/drivers

PowerEdge XE2420

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-xe2420/drivers

PowerEdge XE7420

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-xe7420/drivers

PowerEdge XE7440

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/poweredge-xe7440/drivers

Dell EMC-storage NX3240

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/storage-nx3240/drivers

Dell EMC-storage NX3340

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/storage-nx3340/drivers

Dell EMC XC Core 6420-system

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc6420-ent-xc/drivers

Dell EMC XC Core XC640 System

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc640-ent-xc/drivers

Dell EMC XC Core XC740xd System

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc740xd-ent-xc/drivers

Dell EMC XC-kerne XC740xd2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/dell-emc-xc740-xd2/drivers

Dell EMC XC Core XC940 System

BIOS

Versioner før 2.22.2

Version 2.22.2 eller nyere

https://www.dell.com/support/home/product-support/product/dell-xc940-ent-xc/drivers

Dell EMC XC Kerne XCXR2

BIOS

Versioner før 2.22.1

Version 2.22.1 eller nyere

https://www.dell.com/support/home/product-support/product/dell-emc-xc-core-xcxr2/drivers
  • Tabellen Berørte produkter og afhjælpning ovenfor er muligvis ikke en udtømmende liste over alle berørte understøttede versioner og kan blive opdateret, efterhånden som flere oplysninger bliver tilgængelige.
  • På grund af opdateringer til afhjælpning af et funktionelt problem blev de tidligere BIOS-versioner til 14G PowerEdge-platforme erstattet af de opdaterede versioner. Dell anbefaler alle kunder at opdatere til de tilgængelige BIOS-versioner.

Revision History

RevisionDatoBeskrivelse
1.02024-08-28Første version
2.02024-09-10
  • Opdaterede kolonnerne "Afhjælpede versioner" og "Link" under afsnittet "BERØRTE PRODUKTER OG AFHJÆLPNING".
  • Opdateret ordlyden " På baggrund af en observation har Dell degraderet en tidligere version af BIOS til 14G PowerEdge-servere og arbejder på at frigive en opdateret version." under afsnittet Yderligere oplysninger.
3.02024-10-11
  • Opdaterede afsnittet "BERØRTE PRODUKTER OG AFHJÆLPNING" for 14G PowerEdge-platforme.
    • Afsnittet Yderligere oplysninger er opdateret.
4.02024-11-01Formateringsændring uden indholdsopdatering.
5.02024-11-15Formateringsændring uden indholdsopdatering.

Acknowledgements

Dell vil gerne takke codebreaker1337 for at rapportere dette problem.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

DSS 8440, Dell EMC XC Core XCXR2, Dell EMC XC Core XC740xd2, Dell EMC XC Core XC640 System, Dell EMC XC Core 6420 System, Dell EMC XC Core XC740xd System, Dell EMC XC Core XC940 System, PowerEdge XR2, Poweredge C4140, PowerEdge C6420, PowerEdge FC640 , PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge MX740C, PowerEdge MX840C, PowerEdge R440, PowerEdge R540, PowerEdge R640, PowerEdge R740, PowerEdge R740XD, PowerEdge R740XD2, PowerEdge R840, PowerEdge R940, PowerEdge R940xa, PowerEdge T440, PowerEdge T640, PowerEdge XE2420, PowerEdge XE7420, PowerEdge XE7440, Dell EMC Storage NX3240, Dell EMC Storage NX3340 ...
Article Properties
Article Number: 000228137
Article Type: Dell Security Advisory
Last Modified: 15 Nov 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.