DSA-2026-259: Security Update for Dell Container Storage Modules Multiple Vulnerabilities

概要: Dell Container Storage Modules remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

この記事は次に適用されます: この記事は次には適用されません: この記事は、特定の製品に関連付けられていません。 すべての製品パージョンがこの記事に記載されているわけではありません。
他のリソースを確認する

影響

Critical

詳細

Third-party Component CVEs More Information
sudo CVE-2025-32462
https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
gnupg2 CVE-2025-68973
https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
pam CVE-2024-10963, CVE-2025-6020, CVE-2025-8941
https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
sqlite CVE-2025-6965
https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
openssh CVE-2026-3497
https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
python3.9 CVE-2024-12718,CVE-2025-4517, CVE-2026-4519, CVE-2025-4138, CVE-2023-6597
https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2026-28417,CVE-2026-33412, CVE-2026-28421
https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
curl CVE-2025-9086 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
glib2 CVE-2025-13601 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
openssl CVE-2025-69421, CVE-2025-69418, CVE-2026-22796, CVE-2025-15469, CVE-2026-22795, CVE-2024-12797, CVE-2025-15467, CVE-2025-68160, CVE-2025-11187, CVE-2025-15468, CVE-2025-69420, CVE-2025-66199, CVE-2025-69419, CVE-2025-9230 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libarchive CVE-2025-5914, CVE-2026-4111 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2025-7425, CVE-2025-24928, CVE-2025-49796, CVE-2025-49794, CVE-2024-56171 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
expat CVE-2025-59375 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
python-urllib3 CVE-2025-66471, CVE-2026-21441, CVE-2025-66418 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
python-setuptools CVE-2024-6345 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2024-3596 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2026-0915, CVE-2026-0861, CVE-2025-15281 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
systemd CVE-2025-4598 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
nghttp2 CVE-2026-27135 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
google.golang.org/grpc CVE-2026-33186 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
brotli CVE-2025-6176 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
crypto/x509 CVE-2025-61729 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
net/url CVE-2025-61726, CVE-2026-25679 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2026-40711 Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. 8.0
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H This hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2026-40711 Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. 8.0
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H This hyperlink is taking you to a website outside of Dell Technologies.
デル・テクノロジーズでは、すべてのお客様に対して、CVSSベース スコアに加えて、特定のセキュリティの脆弱性に付随する潜在的な重要度に影響する可能性のある現状スコアや環境スコアも考慮することをお勧めしています。

影響を受ける製品と修復

CVE ID(s) Product  Software/Firmware Affected Versions  Remediated Versions  Link
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerFlex Versions 2.15.0 through 2.15.1 Version 2.15.2 or later

quay.io/dell/container-storage-modules/csi-vxflexos This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerFlex Versions prior to 2.17.0 Version 2.17.0 or later

quay.io/dell/container-storage-modules/csi-vxflexos 

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerStore Versions prior to 2.17.0 Version 2.17.0 or later quay.io/dell/container-storage-modules/csi-powerstore 

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell Unity XT Versions prior to 2.17.0 Version 2.17.0 or later quay.io/dell/container-storage-modules/csi-unity

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerMax Versions prior to 2.17.0 Version 2.17.0 or later quay.io/dell/container-storage-modules/csi-powermax 

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-12718, CVE-2026-28417, CVE-2025-32462, CVE-2025-68973, CVE-2025-13601, CVE-2025-69421, CVE-2025-69418, CVE-2024-10963, CVE-2025-9086, CVE-2025-4598, CVE-2025-4517, CVE-2026-4519, CVE-2025-6965, CVE-2026-33412, CVE-2026-3497, CVE-2025-15469, CVE-2026-22795, CVE-2025-49796, CVE-2025-49794, CVE-2026-21441, CVE-2025-66418, CVE-2026-22796, CVE-2024-56171, CVE-2024-12797, CVE-2025-4138, CVE-2025-59375, CVE-2025-15467, CVE-2025-68160, CVE-2025-66471, CVE-2023-6597, CVE-2025-11187, CVE-2026-0861, CVE-2025-6020, CVE-2025-24928, CVE-2026-28421, CVE-2025-15468, CVE-2026-0915, CVE-2025-8941, CVE-2024-6345, CVE-2024-3596, CVE-2025-69420, CVE-2025-15281, CVE-2026-27135, CVE-2025-66199, CVE-2025-7425, CVE-2025-69419, CVE-2025-5914, CVE-2025-9230, CVE-2026-4111, CVE-2026-33186, CVE-2025-6176, CVE-2025-61729, CVE-2025-61726, CVE-2026-25679 Dell Container Storage Modules csi-powerflex Versions prior to 1.15.2 Version 1.15.2 and later

quay.io/dell/container-storage-modules/csi-vxflexos 

This hyperlink is taking you to a website outside of Dell Technologies.
CVE ID(s) Product  Software/Firmware Affected Versions  Remediated Versions  Link
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerFlex Versions 2.15.0 through 2.15.1 Version 2.15.2 or later

quay.io/dell/container-storage-modules/csi-vxflexos This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerFlex Versions prior to 2.17.0 Version 2.17.0 or later

quay.io/dell/container-storage-modules/csi-vxflexos 

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerStore Versions prior to 2.17.0 Version 2.17.0 or later quay.io/dell/container-storage-modules/csi-powerstore 

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell Unity XT Versions prior to 2.17.0 Version 2.17.0 or later quay.io/dell/container-storage-modules/csi-unity

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2026-40711 Dell Container Storage Modules CSI Driver for Dell PowerMax Versions prior to 2.17.0 Version 2.17.0 or later quay.io/dell/container-storage-modules/csi-powermax 

This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-12718, CVE-2026-28417, CVE-2025-32462, CVE-2025-68973, CVE-2025-13601, CVE-2025-69421, CVE-2025-69418, CVE-2024-10963, CVE-2025-9086, CVE-2025-4598, CVE-2025-4517, CVE-2026-4519, CVE-2025-6965, CVE-2026-33412, CVE-2026-3497, CVE-2025-15469, CVE-2026-22795, CVE-2025-49796, CVE-2025-49794, CVE-2026-21441, CVE-2025-66418, CVE-2026-22796, CVE-2024-56171, CVE-2024-12797, CVE-2025-4138, CVE-2025-59375, CVE-2025-15467, CVE-2025-68160, CVE-2025-66471, CVE-2023-6597, CVE-2025-11187, CVE-2026-0861, CVE-2025-6020, CVE-2025-24928, CVE-2026-28421, CVE-2025-15468, CVE-2026-0915, CVE-2025-8941, CVE-2024-6345, CVE-2024-3596, CVE-2025-69420, CVE-2025-15281, CVE-2026-27135, CVE-2025-66199, CVE-2025-7425, CVE-2025-69419, CVE-2025-5914, CVE-2025-9230, CVE-2026-4111, CVE-2026-33186, CVE-2025-6176, CVE-2025-61729, CVE-2025-61726, CVE-2026-25679 Dell Container Storage Modules csi-powerflex Versions prior to 1.15.2 Version 1.15.2 and later

quay.io/dell/container-storage-modules/csi-vxflexos 

This hyperlink is taking you to a website outside of Dell Technologies.

変更履歴

RevisionDateDescription
1.02026-06-18Initial release

関連情報

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

法的免責事項

対象製品

Container Storage Modules Family, Container Storage Modules
文書のプロパティ
文書番号: 000478300
文書の種類: Dell Security Advisory
最終更新: 18 6月 2026
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。