DSA-2025-313: Security Update for Dell Data Lakehouse Multiple Vulnerabilities
Resumen: Dell Data Lakehouse remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Critical
Detalles
| Third-party Component | CVEs | More Information |
| containerd | CVE-2024-40635 | https://nvd.nist.gov/vuln/search |
| cors | CVE-2019-25211 | https://nvd.nist.gov/vuln/search |
| libavif | CVE-2025-48174 | https://nvd.nist.gov/vuln/search |
| Intel IPU | CVE-2024-39279, CVE-2024-28047 | https://nvd.nist.gov/vuln/search |
| SUSE Linux Enterprise (SLE) 15 | CVE-2023-31315, CVE-2023-40403, CVE-2023-52924, CVE-2023-52925, CVE-2023-52927, CVE-2023-53034, CVE-2024-2236, CVE-2024-6104, CVE-2024-8176, CVE-2024-10041, CVE-2024-11168, CVE-2024-23337, CVE-2024-26708, CVE-2024-26810, CVE-2024-27018, CVE-2024-27415, CVE-2024-28956, CVE-2024-35840, CVE-2024-35910, CVE-2024-36350, CVE-2024-36357, CVE-2024-40980, CVE-2024-41005, CVE-2024-41965, CVE-2024-44974, CVE-2024-45009, CVE-2024-45010, CVE-2024-45310, CVE-2024-46713, CVE-2024-46763, CVE-2024-46782, CVE-2024-46865, CVE-2024-47220, CVE-2024-47408, CVE-2024-47794, CVE-2024-49571, CVE-2024-49940, CVE-2024-50029, CVE-2024-50036, CVE-2024-50038, CVE-2024-50056, CVE-2024-50083, CVE-2024-50085, CVE-2024-50140, CVE-2024-50142, CVE-2024-50162, CVE-2024-50163, CVE-2024-50185, CVE-2024-50223, CVE-2024-50294, CVE-2024-53057, CVE-2024-53123, CVE-2024-53124, CVE-2024-53135, CVE-2024-53139, CVE-2024-53140, CVE-2024-53147, CVE-2024-53176, CVE-2024-53177, CVE-2024-53178, CVE-2024-53680, CVE-2024-54458, CVE-2024-54683, CVE-2024-55549, CVE-2024-56568, CVE-2024-56633, CVE-2024-56638, CVE-2024-56640, CVE-2024-56647, CVE-2024-56702, CVE-2024-56703, CVE-2024-56718, CVE-2024-56719, CVE-2024-56720, CVE-2024-56751, CVE-2024-56758, CVE-2024-56770, CVE-2024-57900, CVE-2024-57947, CVE-2024-57974, CVE-2024-57979, CVE-2024-57994, CVE-2024-57996, CVE-2024-58012, CVE-2024-58019, CVE-2024-58083, CVE-2025-1713, CVE-2025-2588, CVE-2025-3277, CVE-2025-3360, CVE-2025-4382, CVE-2025-4598, CVE-2025-4802, CVE-2025-4877, CVE-2025-4878, CVE-2025-5278, CVE-2025-5318, CVE-2025-5372, CVE-2025-6018, CVE-2025-6020, CVE-2025-6021, CVE-2025-6170, CVE-2025-7519, CVE-2025-21635, CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21647, CVE-2025-21648, CVE-2025-21659, CVE-2025-21665, CVE-2025-21667, CVE-2025-21668, CVE-2025-21673, CVE-2025-21680, CVE-2025-21681, CVE-2025-21687, CVE-2025-21692, CVE-2025-21693, CVE-2025-21700, CVE-2025-21701, CVE-2025-21702, CVE-2025-21705, CVE-2025-21715, CVE-2025-21716, CVE-2025-21719, CVE-2025-21724, CVE-2025-21728, CVE-2025-21787, CVE-2025-21814, CVE-2025-22247, CVE-2025-22869, CVE-2025-22870, CVE-2025-24855, CVE-2025-27144, CVE-2025-27219, CVE-2025-27220, CVE-2025-27363, CVE-2025-27465, CVE-2025-27587, CVE-2025-29087, CVE-2025-29088, CVE-2025-29768, CVE-2025-30258, CVE-2025-31115, CVE-2025-32414, CVE-2025-32415, CVE-2025-32462, CVE-2025-32463, CVE-2025-40909, CVE-2025-46802, CVE-2025-47268, CVE-2025-47273, CVE-2025-48964, CVE-2025-49794, CVE-2025-49795, CVE-2025-49796 | https://nvd.nist.gov/vuln/search |
| requests | CVE-2024-47081 | https://nvd.nist.gov/vuln/search |
| urllib3 | CVE-2025-50182, CVE-2025-50181 | https://nvd.nist.gov/vuln/search |
| util-linux | CVE-2024-28085 | https://nvd.nist.gov/vuln/search |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-21110 | Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-21110 | Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H |
Corrección y productos afectados
| Product | Affected Versions | Remediated Versions | Link |
| Data Lakehouse | Versions prior to 1.5.0.0 | Version 1.5.0.0 or later | Contact Technical Support and Quote DSA-2025-313 |
| Product | Affected Versions | Remediated Versions | Link |
| Data Lakehouse | Versions prior to 1.5.0.0 | Version 1.5.0.0 or later | Contact Technical Support and Quote DSA-2025-313 |
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2025-08-14 | Initial release |
| 2.0 | 2025-08-19 | Updated to include Intel IPU CVE-2024-39279 and CVE-2024-28047 |
Información relacionada
Descargo de responsabilidad
Productos afectados
Data Management, Dell Data LakehousePropiedades del artículo
Número del artículo: 000356822
Tipo de artículo: Dell Security Advisory
Última modificación: 19 ago 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.