DSA-2025-313: Security Update for Dell Data Lakehouse Multiple Vulnerabilities

Podsumowanie: Dell Data Lakehouse remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Ten artykuł dotyczy Ten artykuł nie dotyczy Ten artykuł nie jest powiązany z żadnym konkretnym produktem. Nie wszystkie wersje produktu zostały zidentyfikowane w tym artykule.
Sprawdź inne zasoby

Skutki

Critical

Szczegóły

Third-party Component CVEs More Information
containerd CVE-2024-40635 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
cors CVE-2019-25211 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libavif CVE-2025-48174 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Intel IPU CVE-2024-39279, CVE-2024-28047 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
SUSE Linux Enterprise (SLE) 15 CVE-2023-31315, CVE-2023-40403, CVE-2023-52924, CVE-2023-52925, CVE-2023-52927, CVE-2023-53034, CVE-2024-2236, CVE-2024-6104, CVE-2024-8176, CVE-2024-10041, CVE-2024-11168, CVE-2024-23337, CVE-2024-26708, CVE-2024-26810, CVE-2024-27018, CVE-2024-27415, CVE-2024-28956, CVE-2024-35840, CVE-2024-35910, CVE-2024-36350, CVE-2024-36357, CVE-2024-40980, CVE-2024-41005, CVE-2024-41965, CVE-2024-44974, CVE-2024-45009, CVE-2024-45010, CVE-2024-45310, CVE-2024-46713, CVE-2024-46763, CVE-2024-46782, CVE-2024-46865, CVE-2024-47220, CVE-2024-47408, CVE-2024-47794, CVE-2024-49571, CVE-2024-49940, CVE-2024-50029, CVE-2024-50036, CVE-2024-50038, CVE-2024-50056, CVE-2024-50083, CVE-2024-50085, CVE-2024-50140, CVE-2024-50142, CVE-2024-50162, CVE-2024-50163, CVE-2024-50185, CVE-2024-50223, CVE-2024-50294, CVE-2024-53057, CVE-2024-53123, CVE-2024-53124, CVE-2024-53135, CVE-2024-53139, CVE-2024-53140, CVE-2024-53147, CVE-2024-53176, CVE-2024-53177, CVE-2024-53178, CVE-2024-53680, CVE-2024-54458, CVE-2024-54683, CVE-2024-55549, CVE-2024-56568, CVE-2024-56633, CVE-2024-56638, CVE-2024-56640, CVE-2024-56647, CVE-2024-56702, CVE-2024-56703, CVE-2024-56718, CVE-2024-56719, CVE-2024-56720, CVE-2024-56751, CVE-2024-56758, CVE-2024-56770, CVE-2024-57900, CVE-2024-57947, CVE-2024-57974, CVE-2024-57979, CVE-2024-57994, CVE-2024-57996, CVE-2024-58012, CVE-2024-58019, CVE-2024-58083, CVE-2025-1713, CVE-2025-2588, CVE-2025-3277, CVE-2025-3360, CVE-2025-4382, CVE-2025-4598, CVE-2025-4802, CVE-2025-4877, CVE-2025-4878, CVE-2025-5278, CVE-2025-5318, CVE-2025-5372, CVE-2025-6018, CVE-2025-6020, CVE-2025-6021, CVE-2025-6170, CVE-2025-7519, CVE-2025-21635, CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21647, CVE-2025-21648, CVE-2025-21659, CVE-2025-21665, CVE-2025-21667, CVE-2025-21668, CVE-2025-21673, CVE-2025-21680, CVE-2025-21681, CVE-2025-21687, CVE-2025-21692, CVE-2025-21693, CVE-2025-21700, CVE-2025-21701, CVE-2025-21702, CVE-2025-21705, CVE-2025-21715, CVE-2025-21716, CVE-2025-21719, CVE-2025-21724, CVE-2025-21728, CVE-2025-21787, CVE-2025-21814, CVE-2025-22247, CVE-2025-22869, CVE-2025-22870, CVE-2025-24855, CVE-2025-27144, CVE-2025-27219, CVE-2025-27220, CVE-2025-27363, CVE-2025-27465, CVE-2025-27587, CVE-2025-29087, CVE-2025-29088, CVE-2025-29768, CVE-2025-30258, CVE-2025-31115, CVE-2025-32414, CVE-2025-32415, CVE-2025-32462, CVE-2025-32463, CVE-2025-40909, CVE-2025-46802, CVE-2025-47268, CVE-2025-47273, CVE-2025-48964, CVE-2025-49794, CVE-2025-49795, CVE-2025-49796 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
requests CVE-2024-47081 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
urllib3 CVE-2025-50182, CVE-2025-50181 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
util-linux CVE-2024-28085 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-21110 Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-21110 Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Firma Dell Technologies zaleca wszystkim klientom uwzględnienie zarówno wyniku podstawowego CVSS, jak i wszelkich istotnych wyników czasowych i środowiskowych, które mogą mieć wpływ na potencjalną dotkliwość związaną z konkretną luką w zabezpieczeniach.

Produkty, których dotyczy problem, i środki zaradcze

Product Affected Versions Remediated Versions Link
Data Lakehouse Versions prior to 1.5.0.0  Version 1.5.0.0 or later  Contact Technical Support and Quote DSA-2025-313

 

Product Affected Versions Remediated Versions Link
Data Lakehouse Versions prior to 1.5.0.0  Version 1.5.0.0 or later  Contact Technical Support and Quote DSA-2025-313

 

Historia zmian

RevisionDateDescription
1.02025-08-14Initial release
2.02025-08-19Updated to include Intel IPU CVE-2024-39279 and CVE-2024-28047

 

Powiązane informacje

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Zastrzeżenie prawne

Produkty, których dotyczy problem

Data Management, Dell Data Lakehouse
Właściwości artykułu
Numer artykułu: 000356822
Typ artykułu: Dell Security Advisory
Ostatnia modyfikacja: 19 sie 2025
Znajdź odpowiedzi na swoje pytania u innych użytkowników produktów Dell
Usługi pomocy technicznej
Sprawdź, czy Twoje urządzenie jest objęte usługą pomocy technicznej.