DSA-2024-383: Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

Obsah

Podrobný článok

Dosah

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Poskytnutie spätnej väzby

Zhrnutie: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Tento článok sa vzťahuje na Tento článok sa nevzťahuje na Tento článok nie je viazaný na žiadny konkrétny produkt. V tomto článku nie sú uvedené všetky verzie produktov.

Pozrite si ďalšie zdroje

Dosah

High

Podrobnosti

Third-party Component	CVEs	More Information
UPLR2 - Intel® Xeon® Processor Advisory	CVE-2024-21853	INTEL-SA-01101
UPLR2 - Intel® ACTM Module Software Advisory	CVE-2024-22185, CVE-2024-24985	INTEL-SA-01111
Intel® Processor (SPP) Advisory	CVE-2024-36242	INTEL-SA-01196

Dell Technologies odporúča všetkým svojim zákazníkom, aby sa riadili nielen základným skóre CVSS, ale aj prechodným skóre a skóre závažnosti v konkrétnych prostrediach, na základe ktorého môžu vyhodnotiť celkové riziko vo vlastnom prostredí.

Dotknuté produkty a riešenie problému

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge C6620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-c6620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge MX760c	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-mx760c/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R860	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r860/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R960	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r960/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xd2	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xd2/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge T560	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-t560/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xa/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9680	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9680/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8610t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8610t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8620t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8620t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR7620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr7620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE8640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe8640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660xs-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760xa-core/drivers

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge C6620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-c6620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge MX760c	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-mx760c/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R860	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r860/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R960	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r960/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge HS5620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-hs5620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r660xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xs/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xd2	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xd2/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge T560	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-t560/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge R760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-r760xa/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9680	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9680/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR5610	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr5610/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8610t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8610t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR8620t	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr8620t/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XR7620	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xr7620/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE8640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe8640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	PowerEdge XE9640	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/poweredge-xe9640/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC660xs	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc660xs-core/drivers
CVE-2024-21853, CVE-2024-22185, CVE-2024-24985	Dell XC Core XC760xa	BIOS	Versions prior to 2.4.4	Version 2.4.4 or later	https://www.dell.com/support/home/product-support/product/dell-xc760xa-core/drivers

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
INTEL-SA-01196 also discloses CVE-2024-36242 in 16G (Sapphire Rapids), 15G (Ice Lake Xeon-SP and Ice Lake-D) processors. Intel provided recommendation on how to mitigate via configuring VMM software in a guest operating system.

História revízií

Revision	Date	Description
1.0	2024-11-14	Initial release

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Dell XC Core XC660, Dell XC Core XC660xs, Dell XC Core XC760, Dell XC Core XC760xa, PowerEdge C6620, PowerEdge HS5610, PowerEdge HS5620, PowerEdge MX760c, PowerEdge R660, PowerEdge R660xs, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2 , PowerEdge R760xs, PowerEdge R860, PowerEdge R960, PowerEdge T560, PowerEdge XE8640, PowerEdge XE9640, PowerEdge XE9680, PowerEdge XR5610, PowerEdge XR7620, PowerEdge XR8610t, PowerEdge XR8620t ...

Číslo článku: 000247670

Typ článku: Dell Security Advisory

Dátum poslednej úpravy: 14 nov 2024

Skontrolujte, či sa na vaše zariadenie vzťahujú služby podpory.

DSA-2024-383: Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

Zhrnutie: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Dosah

Podrobnosti

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

DSA-2024-383: Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

Zhrnutie: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ... Zobraziť viac Zobraziť menej

Podrobný článok

Dosah

Podrobnosti

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Dosah

Podrobnosti

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

Zhrnutie: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and Intel® Processor vulnerabilities that may be exploited by malicious users to compromise the affected system. ...