DSA-2026-245: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

For customers who need to mitigate the vulnerability before upgrading, Dell recommends blacklisting the algif_aead kernel module.

Steps to Apply the Workaround:

1. SSH into the VxRail Manager as root.
2. Run the following commands to blacklist the module and unload it if currently loaded:

echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf
rmmod algif_aead 2>/dev/null

3. Verify the workaround is in effect:

modprobe algif_aead

This command should fail (module load denied).

lsmod | grep algif_aead

This should return empty (module not loaded).

Notes on the workaround:

• The install algif_aead /bin/false directive redirects any module load request to /bin/false, effectively denying the load.
• The blacklist configuration file (/etc/modprobe.d/disable-algif-aead.conf) is not overwritten by kernel package updates and will persist across VxRail LCM upgrades.
• Disabling algif_aead will not affect: OS boot/shutdown/reboot, kernel updates, network services (SSH, HTTP, DNS), IPsec VPN, disk encryption (dm-crypt/LUKS), container runtime (Docker/containerd), any VxRail Manager functions, or vCenter operations.

Removing the Workaround After Upgrade

After upgrading to VxRail 8.0.390 or later, Dell strongly recommends removing the blacklist configuration to ensure compatibility with potential future enhancements: