DSA-2025-024 : Security Update for Dell Data Lakehouse System Software for Multiple Third-Party Component Vulnerabilities

Summary: Dell Data Lakehouse System Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Bu makale şunlar için geçerlidir: Bu makale şunlar için geçerli değildir: Bu makale, belirli bir ürüne bağlı değildir. Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Diğer kaynaklara göz atın

Impact

High

Details

Third-party Component

CVEs

More Information

curl

CVE-2024-2466, CVE-2024-2398, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-6197, CVE-2024-6874

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libcrypto3

CVE-2024-5535, CVE-2024-4741, CVE-2024-6119

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libexpat

CVE-2024-45491, CVE-2024-45490

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

ssl_client,busybox-binsh,busybox

CVE-2023-42366, CVE-2023-42365, CVE-2023-42364, CVE-2023-42363

See NVD link below for individual scores for each CVE. 

http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

zlib

CVE-2023-6992

https://nvd.nist.gov/vuln/detail/CVE-2023-6992This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Etkilenen Ürünler ve Düzeltme

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Dell Data Lakehouse System Software

Versions prior to 1.3.0.0

Version 1.3.0.0 or later

https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

CVEs Addressed

Product

Affected Versions

Remediated Versions

Link

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Dell Data Lakehouse System Software

Versions prior to 1.3.0.0

Version 1.3.0.0 or later

https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

Geçici Çözümler ve Risk Azaltma

CVE ID

Workaround and Mitigation

CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874

Upgrade to DDLH Version 1.3.0.0

Revision History

Revision

Date

Description

1.0

2025-01-09

Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Yasal Uyarı

Etkilenen Ürünler

Data Management, Dell Data Lakehouse
Makale Özellikleri
Article Number: 000270236
Article Type: Dell Security Advisory
Son Değiştirme: 09 Eyl 2025
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.