DSA-2025-337: Security Update for Dell Enterprise SONiC Distribution Vulnerabilities
Sammanfattning: Dell Enterprise SONiC remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Den här artikeln gäller för
Den här artikeln gäller inte för
Den här artikeln är inte kopplad till någon specifik produkt.
Alla produktversioner identifieras inte i den här artikeln.
Påverkan
High
Information
|
Third-party Component |
CVEs |
More Information |
|
shadow |
CVE-2018-7169, CVE-2023-4641, CVE-2023-29383 |
|
|
busybox |
CVE-2018-20679, CVE-2021-28831, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386, CVE-2022-48174, CVE-2023-42364, CVE-2023-42365 |
|
|
openssh |
CVE-2025-26465, CVE-2025-32728 |
|
|
libxml2 |
CVE-2022-49043, CVE-2023-39615, CVE-2023-45322, CVE-2024-25062, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2025-32414, CVE-2025-32415 |
|
|
krb5 |
CVE-2025-24528, CVE-2025-3576 |
|
|
libtasn1-6 |
CVE-2024-12133 |
|
|
gnutls28 |
CVE-2024-12243 |
|
|
libcap2 |
CVE-2023-2602, CVE-2023-2603, CVE-2025-1390 |
|
|
python 3.9 |
CVE-2022-0391, CVE-2025-0938, CVE-2025-1795 |
|
|
vim |
CVE-2021-3872, CVE-2021-4019, CVE-2021-4173, CVE-2021-4187, CVE-2022-0261, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0417, CVE-2022-0572, CVE-2022-1616, CVE-2022-1785, CVE-2022-1897, CVE-2022-1942, CVE-2022-2000, CVE-2022-2129, CVE-2022-2304, CVE-2022-3099, CVE-2022-3134, CVE-2022-3324, CVE-2022-4141, CVE-2023-0054, CVE-2023-1175, CVE-2023-2610, CVE-2023-4738, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2024-22667, CVE-2024-43802, CVE-2024-47814 |
|
|
freetype |
CVE-2025-27363 |
|
|
libxslt |
CVE-2024-55549, CVE-2025-24855 |
|
|
wget |
CVE-2024-38428 |
|
|
hiredis |
CVE-2020-7105 |
|
|
libbpf |
CVE-2022-3534, CVE-2022-3606 |
|
|
curl |
CVE-2024-2398, CVE-2024-8096 |
|
|
glibc |
CVE-2025-0395, CVE-2025-4802 |
|
|
expat |
CVE-2024-50602 |
|
|
u-boot |
CVE-2019-14196, CVE-2022-2347, CVE-2022-30552, CVE-2022-30767, CVE-2022-30790, CVE-2022-33103, CVE-2022-33967, CVE-2022-34835, CVE-2024-57254, CVE-2024-57255, CVE-2024-57256, CVE-2024-57257, CVE-2024-57258, CVE-2024-57259 |
|
|
net-tools |
CVE-2025-46836 |
|
|
icu |
CVE-2025-5222 |
|
|
python 2.7 |
CVE-2023-27043, CVE-2024-0397, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-11168, CVE-2025-0938 |
|
|
bind9 |
CVE-2024-11187 |
Berörda produkter och åtgärder
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell Enterprise SONiC Distribution |
Versions prior to 4.4.3 |
Version 4.4.3 |
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell Enterprise SONiC Distribution |
Versions prior to 4.4.3 |
Version 4.4.3 |
- SONiC downloads are also available from My Account.
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Revideringshistorik
|
Revision |
Date |
Description |
|
1.0 |
2025-09-03 |
Initial Release |
|
2.0 |
2025-11-03 |
Added python 2.7 and corresponding CVEs to the list of Third-Party components. |
|
3.0 |
2025-11-05 |
Added bind9 and corresponding CVE to the list of Third-Party components. |
Relaterad information
Juridisk friskrivning
Berörda produkter
PowerSwitch E3200-ON Series, Dell EMC Networking N3200-ON, PowerSwitch S3248T-ON, PowerSwitch S4348F/S4348T-ON, PowerSwitch S5212F-ON, PowerSwitch S5224F-ON, PowerSwitch S5232F-ON, PowerSwitch S5248F-ON, PowerSwitch S5296F-ON, PowerSwitch S5448F-ON
, PowerSwitch Z9264F-ON, PowerSwitch Z9332F-ON, PowerSwitch Z9432F-ON, PowerSwitch Z9664F-ON, PowerSwitch Z9864F-ON
...
Artikelegenskaper
Artikelnummer: 000364903
Artikeltyp: Dell Security Advisory
Senast ändrad: 05 nov. 2025
Få svar på dina frågor från andra Dell-användare
Supporttjänster
Kontrollera om din enhet omfattas av supporttjänster.