DSA-2025-105 : Security Update for Dell Integrated System for Microsoft Azure Stack Hub Multiple Component Vulnerabilities
Résumé: Dell Integrated System for Microsoft Azure Stack Hub remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. ...
Impact
Critical
Détails
|
Third-party Component |
CVEs |
More Information |
|
Intel® Xeon® Processor with Intel® SGX Advisory |
CVE-2024-21820, CVE-2024-23918 |
|
|
UPLR2 - Intel® UEFI Firmware Advisory board |
CVE-2024-25565 |
|
|
UPLR2 - Intel® Xeon® Processor Advisory |
CVE-2024-21853 |
|
|
2024.3 IPU - UEFI Firmware Advisory |
CVE-2024-21781, CVE-2024-21829 |
|
|
2024.3 IPU - Intel® Processor RAPL Interface Advisory |
CVE-2024-23984 |
|
|
2024.3 IPU - Intel® Processor Advisory |
CVE-2024-24968 |
|
|
OpenSSH |
CVE-2024-6387 |
See the NVD link below for individual scores for each CVE. |
|
UPLR1 - Intel® TDX Module Software Advisory |
CVE-2024-21801 |
|
|
UPLR1 - Intel® Xeon Processor Advisory |
CVE-2024-22374 |
|
|
Intel® Ethernet Controllers and Adapters Advisory |
CVE-2024-21810, CVE-2024-23497, CVE-2024-24986, CVE-2024-21769, CVE-2024-24983 |
|
|
Intel® Ethernet Adapter Driver Pack Software Installer Advisory |
CVE-2024-22376 |
|
|
2024.3 IPU - Intel® Xeon® Processor Advisory |
CVE-2024-24980 |
|
|
2024.3 IPU - SMI Transfer Monitor Advisory |
CVE-2024-24853 |
|
|
Nuvoton NPCM7xx (Poleg) BootBlock Package |
CVE-2024-38433 |
See NVD link below for individual scores for each CVE. |
|
PowerEdge Platform |
CVE-2024-38303, CVE-2024-38304 |
|
|
Intel® TDX Module Software Advisory |
CVE-2024-27457 |
Produits concernés et mesure corrective
|
CVEs Addressed |
Product |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2024-21820, CVE-2024-23918, CVE-2024-25565, CVE-2024-21853, CVE-2024-24980, CVE-2024-22374, CVE-2024-21801, CVE-2024-21829, CVE-2024-23984, CVE-2024-24968, CVE-2024-27457 |
Integrated System for Microsoft Azure Stack Hub 16G |
Versions prior to 2411 |
Version 2411 or later |
https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack16g/drivers |
|
CVE-2024-38303, CVE-2024-6387, CVE-2024-22376, CVE-2024-21810, CVE-2024-23497, CVE-2024-24986, CVE-2024-21769, CVE-2024-24983, CVE-2024-21781, CVE-2024-38304 |
Integrated System for Microsoft Azure Stack Hub 14G |
Versions prior to 2411 |
Version 2411 or later |
https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack14g/drivers |
|
CVE-2024-24853, CVE-2024-38433 |
Integrated System for Microsoft Azure Stack Hub 14G |
Versions prior to 2407 |
Version 2407 or later |
https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack14g/drivers |
|
CVEs Addressed |
Product |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2024-21820, CVE-2024-23918, CVE-2024-25565, CVE-2024-21853, CVE-2024-24980, CVE-2024-22374, CVE-2024-21801, CVE-2024-21829, CVE-2024-23984, CVE-2024-24968, CVE-2024-27457 |
Integrated System for Microsoft Azure Stack Hub 16G |
Versions prior to 2411 |
Version 2411 or later |
https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack16g/drivers |
|
CVE-2024-38303, CVE-2024-6387, CVE-2024-22376, CVE-2024-21810, CVE-2024-23497, CVE-2024-24986, CVE-2024-21769, CVE-2024-24983, CVE-2024-21781, CVE-2024-38304 |
Integrated System for Microsoft Azure Stack Hub 14G |
Versions prior to 2411 |
Version 2411 or later |
https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack14g/drivers |
|
CVE-2024-24853, CVE-2024-38433 |
Integrated System for Microsoft Azure Stack Hub 14G |
Versions prior to 2407 |
Version 2407 or later |
https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack14g/drivers |
Historique des révisions
|
Revision |
Date |
Description |
|
1.0 |
2025-02-27 |
Initial Release |
|
2.0 |
2025-03-03 |
Advisory updated to include remediation for CVE-2024-27457 |
|
3.0 |
2025-03-21 |
Advisory updated to include remediation for CVE-2024-38304 |