DSA-2024-383: Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

Sommaire

Article détaillé

Impact

Produits concernés et mesure corrective

Historique des révisions

Informations connexes

Mention légale

Produits concernés

Envoyez vos commentaires

Résumé: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.

Consulter d’autres ressources

Impact

High

Détails

Third-party Component	CVEs	More Information
UPLR2 - Intel® Xeon® Processor Advisory	CVE-2024-21853	INTEL-SA-01101
UPLR2 - Intel® ACTM Module Software Advisory	CVE-2024-22185, CVE-2024-24985	INTEL-SA-01111
Intel® Processor (SPP) Advisory	CVE-2024-36242	INTEL-SA-01196

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge C6620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-c6620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge MX760c	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-mx760c/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R860	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r860/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R960	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r960/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xd2	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xd2/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge T560	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-t560/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xa/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9680	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9680/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8610t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8610t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8620t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8620t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR7620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr7620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE8640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe8640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660xs-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760xa-core/drivers

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge C6620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-c6620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge MX760c	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-mx760c/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R860	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r860/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R960	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r960/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xd2	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xd2/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge T560	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-t560/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xa/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9680	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9680/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8610t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8610t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8620t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8620t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR7620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr7620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE8640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe8640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660xs-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760xa-core/drivers

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
INTEL-SA-01196 also discloses CVE-2024-36242 in 16G (Sapphire Rapids), 15G (Ice Lake Xeon-SP and Ice Lake-D) processors. Intel provided recommendation on how to mitigate via configuring VMM software in a guest operating system.

Historique des révisions

Revision	Date	Description
1.0	2024-11-14	Initial release

Informations connexes

Mention légale

Produits concernés

Dell XC Core XC660, Dell XC Core XC660xs, Dell XC Core XC760, Dell XC Core XC760xa, PowerEdge C6620, PowerEdge HS5610, PowerEdge HS5620, PowerEdge MX760c, PowerEdge R660, PowerEdge R660xs, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2 , PowerEdge R760xs, PowerEdge R860, PowerEdge R960, PowerEdge T560, PowerEdge XE8640, PowerEdge XE9640, PowerEdge XE9680, PowerEdge XR5610, PowerEdge XR7620, PowerEdge XR8610t, PowerEdge XR8620t ...

Numéro d’article: 000247670

Type d’article: Dell Security Advisory

Dernière modification: 14 Nov 2024

Vérifiez si votre appareil est couvert par les services de support.

DSA-2024-383: Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

Résumé: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Impact

Détails

Produits concernés et mesure corrective

Historique des révisions

Informations connexes

Mention légale

Produits concernés

Propriétés de l’article

Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell

Services de support

Propriétés de l’article

Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell

Services de support

DSA-2024-383: Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

Résumé: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ... Afficher plus Afficher moins

Article détaillé

Impact

Détails

Produits concernés et mesure corrective

Historique des révisions

Informations connexes

Mention légale

Produits concernés

Impact

Détails

Produits concernés et mesure corrective

Historique des révisions

Informations connexes

Mention légale

Produits concernés

Propriétés de l’article

Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell

Services de support

Propriétés de l’article

Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell

Services de support

Résumé: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ...