DSA-2025-024 : Security Update for Dell Data Lakehouse System Software for Multiple Third-Party Component Vulnerabilities

Résumé: Dell Data Lakehouse System Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

High

Détails

Third-party Component

CVEs

More Information

curl

CVE-2024-2466, CVE-2024-2398, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-6197, CVE-2024-6874

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libcrypto3

CVE-2024-5535, CVE-2024-4741, CVE-2024-6119

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libexpat

CVE-2024-45491, CVE-2024-45490

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

ssl_client,busybox-binsh,busybox

CVE-2023-42366, CVE-2023-42365, CVE-2023-42364, CVE-2023-42363

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

zlib

CVE-2023-6992

https://nvd.nist.gov/vuln/detail/CVE-2023-6992This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Dell Data Lakehouse System Software

Versions prior to 1.3.0.0

Version 1.3.0.0 or later

https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Dell Data Lakehouse System Software

Versions prior to 1.3.0.0

Version 1.3.0.0 or later

https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

Solutions de contournement et mesures d’atténuation

CVE ID

Workaround and Mitigation

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Upgrade to DDLH Version 1.3.0.0

Historique des révisions

Revision

Date

Description

1.0

2025-01-09

Initial Release

Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Data Management, Dell Data Lakehouse
Propriétés de l’article
Numéro d’article: 000270236
Type d’article: Dell Security Advisory
Dernière modification: 09 sept. 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.