DSA-2025-313: Security Update for Dell Data Lakehouse Multiple Vulnerabilities
Samenvatting: Dell Data Lakehouse remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Impact
Critical
Gegevens
| Third-party Component | CVEs | More Information |
| containerd | CVE-2024-40635 | https://nvd.nist.gov/vuln/search |
| cors | CVE-2019-25211 | https://nvd.nist.gov/vuln/search |
| libavif | CVE-2025-48174 | https://nvd.nist.gov/vuln/search |
| Intel IPU | CVE-2024-39279, CVE-2024-28047 | https://nvd.nist.gov/vuln/search |
| SUSE Linux Enterprise (SLE) 15 | CVE-2023-31315, CVE-2023-40403, CVE-2023-52924, CVE-2023-52925, CVE-2023-52927, CVE-2023-53034, CVE-2024-2236, CVE-2024-6104, CVE-2024-8176, CVE-2024-10041, CVE-2024-11168, CVE-2024-23337, CVE-2024-26708, CVE-2024-26810, CVE-2024-27018, CVE-2024-27415, CVE-2024-28956, CVE-2024-35840, CVE-2024-35910, CVE-2024-36350, CVE-2024-36357, CVE-2024-40980, CVE-2024-41005, CVE-2024-41965, CVE-2024-44974, CVE-2024-45009, CVE-2024-45010, CVE-2024-45310, CVE-2024-46713, CVE-2024-46763, CVE-2024-46782, CVE-2024-46865, CVE-2024-47220, CVE-2024-47408, CVE-2024-47794, CVE-2024-49571, CVE-2024-49940, CVE-2024-50029, CVE-2024-50036, CVE-2024-50038, CVE-2024-50056, CVE-2024-50083, CVE-2024-50085, CVE-2024-50140, CVE-2024-50142, CVE-2024-50162, CVE-2024-50163, CVE-2024-50185, CVE-2024-50223, CVE-2024-50294, CVE-2024-53057, CVE-2024-53123, CVE-2024-53124, CVE-2024-53135, CVE-2024-53139, CVE-2024-53140, CVE-2024-53147, CVE-2024-53176, CVE-2024-53177, CVE-2024-53178, CVE-2024-53680, CVE-2024-54458, CVE-2024-54683, CVE-2024-55549, CVE-2024-56568, CVE-2024-56633, CVE-2024-56638, CVE-2024-56640, CVE-2024-56647, CVE-2024-56702, CVE-2024-56703, CVE-2024-56718, CVE-2024-56719, CVE-2024-56720, CVE-2024-56751, CVE-2024-56758, CVE-2024-56770, CVE-2024-57900, CVE-2024-57947, CVE-2024-57974, CVE-2024-57979, CVE-2024-57994, CVE-2024-57996, CVE-2024-58012, CVE-2024-58019, CVE-2024-58083, CVE-2025-1713, CVE-2025-2588, CVE-2025-3277, CVE-2025-3360, CVE-2025-4382, CVE-2025-4598, CVE-2025-4802, CVE-2025-4877, CVE-2025-4878, CVE-2025-5278, CVE-2025-5318, CVE-2025-5372, CVE-2025-6018, CVE-2025-6020, CVE-2025-6021, CVE-2025-6170, CVE-2025-7519, CVE-2025-21635, CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21647, CVE-2025-21648, CVE-2025-21659, CVE-2025-21665, CVE-2025-21667, CVE-2025-21668, CVE-2025-21673, CVE-2025-21680, CVE-2025-21681, CVE-2025-21687, CVE-2025-21692, CVE-2025-21693, CVE-2025-21700, CVE-2025-21701, CVE-2025-21702, CVE-2025-21705, CVE-2025-21715, CVE-2025-21716, CVE-2025-21719, CVE-2025-21724, CVE-2025-21728, CVE-2025-21787, CVE-2025-21814, CVE-2025-22247, CVE-2025-22869, CVE-2025-22870, CVE-2025-24855, CVE-2025-27144, CVE-2025-27219, CVE-2025-27220, CVE-2025-27363, CVE-2025-27465, CVE-2025-27587, CVE-2025-29087, CVE-2025-29088, CVE-2025-29768, CVE-2025-30258, CVE-2025-31115, CVE-2025-32414, CVE-2025-32415, CVE-2025-32462, CVE-2025-32463, CVE-2025-40909, CVE-2025-46802, CVE-2025-47268, CVE-2025-47273, CVE-2025-48964, CVE-2025-49794, CVE-2025-49795, CVE-2025-49796 | https://nvd.nist.gov/vuln/search |
| requests | CVE-2024-47081 | https://nvd.nist.gov/vuln/search |
| urllib3 | CVE-2025-50182, CVE-2025-50181 | https://nvd.nist.gov/vuln/search |
| util-linux | CVE-2024-28085 | https://nvd.nist.gov/vuln/search |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-21110 | Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-21110 | Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H |
Getroffen producten en herstel
| Product | Affected Versions | Remediated Versions | Link |
| Data Lakehouse | Versions prior to 1.5.0.0 | Version 1.5.0.0 or later | Contact Technical Support and Quote DSA-2025-313 |
| Product | Affected Versions | Remediated Versions | Link |
| Data Lakehouse | Versions prior to 1.5.0.0 | Version 1.5.0.0 or later | Contact Technical Support and Quote DSA-2025-313 |
Revisiegeschiedenis
| Revision | Date | Description |
| 1.0 | 2025-08-14 | Initial release |
| 2.0 | 2025-08-19 | Updated to include Intel IPU CVE-2024-39279 and CVE-2024-28047 |
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
Data Management, Dell Data LakehouseArtikeleigenschappen
Artikelnummer: 000356822
Artikeltype: Dell Security Advisory
Laatst aangepast: 19 aug. 2025
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.