DSA-2025-024 : Security Update for Dell Data Lakehouse System Software for Multiple Third-Party Component Vulnerabilities

Riepilogo: Dell Data Lakehouse System Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Questo articolo si applica a Questo articolo non si applica a Questo articolo non è legato a un prodotto specifico. Non tutte le versioni del prodotto sono identificate in questo articolo.
Scopri le altre risorse

Impatto

High

Dettagli

Third-party Component

CVEs

More Information

curl

CVE-2024-2466, CVE-2024-2398, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-6197, CVE-2024-6874

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libcrypto3

CVE-2024-5535, CVE-2024-4741, CVE-2024-6119

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libexpat

CVE-2024-45491, CVE-2024-45490

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

ssl_client,busybox-binsh,busybox

CVE-2023-42366, CVE-2023-42365, CVE-2023-42364, CVE-2023-42363

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

zlib

CVE-2023-6992

https://nvd.nist.gov/vuln/detail/CVE-2023-6992This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies raccomanda a tutti i clienti di prendere in considerazione sia il punteggio base CVSS, sia ogni eventuale punteggio temporale o ambientale che possa avere effetti sul livello di gravità potenziale associato a una specifica vulnerabilità di sicurezza.

Prodotti interessati e correzione

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Dell Data Lakehouse System Software

Versions prior to 1.3.0.0

Version 1.3.0.0 or later

https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Dell Data Lakehouse System Software

Versions prior to 1.3.0.0

Version 1.3.0.0 or later

https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

Soluzioni alternative e mitigazioni

CVE ID

Workaround and Mitigation

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Upgrade to DDLH Version 1.3.0.0

Cronologia delle revisioni

Revision

Date

Description

1.0

2025-01-09

Initial Release

Informazioni correlate

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Dichiarazione di non responsabilità

Prodotti interessati

Data Management, Dell Data Lakehouse
Proprietà dell'articolo
Numero articolo: 000270236
Tipo di articolo: Dell Security Advisory
Ultima modifica: 09 set 2025
Trova risposta alle tue domande dagli altri utenti Dell
Support Services
Verifica che il dispositivo sia coperto dai Servizi di supporto.