DSA-2025-385: Security Update for Dell AX System for Azure Local Multiple Third-Party Component Vulnerabilities
摘要: Dell AX System for Azure Local remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
影响
High
详情
| Third-party Component | CVEs | More Information |
| AMD Server and Client Vulnerabilities | CVE-2023-31351, CVE-2024-21977, CVE-2024-36354 | AMD-SB-3014 , AMD-SB-4012 |
| Intel® E810 Ethernet Firmware | CVE-2025-24296 | INTEL-SA-01257 |
| Intel® 800 Series Ethernet Driver | CVE-2025-24325. CVE-2025-20093, CVE-2025-22893, CVE-2025-24484, CVE-2025-22836, CVE-2025-24303, CVE-2025-23241, CVE-2025-24324 | INTEL-SA-01296 |
| Intel® Ethernet Drivers for Linux | CVE-2025-24486. CVE-2025-25273, CVE-2025-21086, CVE-2025-26863 CVE-2025-26697, CVE-2025-24511 | INTEL-SA-01335 |
| 2025.3 IPU, Intel® Chipset Firmware | CVE-2025-20067 | INTEL-SA-01280 |
| 2025.3 IPU, Intel® Xeon® Processor Firmware | CVE-2025-20053, CVE-2025-24305, CVE-2025-21090 | INTEL-SA-01313 |
| 2025.3 IPU, Intel® TDX Module | CVE-2025-20613, CVE-2025-21096, CVE-2025-22853 | INTEL-SA-01312 |
| SEV-SNP RMP Initialization | CVE-2025-0033 | AMD-SB-3020 |
| ESXi RDMA driver for Intel® 800 Series Ethernet | CVE-2025-31146 | INTEL-SA-01376 |
受影响的产品和补救措施
| Product | Affected Versions | Remediated Versions | Link |
| AX-760 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-760/overview |
| AX-4510C | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-4510c/overview |
| AX-4520C | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-4520c/overview |
| AX-6515 | Versions prior to 2509 | Version 2503 or later | https://www.dell.com/support/product-details/product/ax-6515/overview |
| AX-7525 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-7525/overview |
| AX-650 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-650/overview |
| AX-750 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-750/overview |
| Product | Affected Versions | Remediated Versions | Link |
| AX-760 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-760/overview |
| AX-4510C | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-4510c/overview |
| AX-4520C | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-4520c/overview |
| AX-6515 | Versions prior to 2509 | Version 2503 or later | https://www.dell.com/support/product-details/product/ax-6515/overview |
| AX-7525 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-7525/overview |
| AX-650 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-650/overview |
| AX-750 | Versions prior to 2509 | Version 2509 or later | https://www.dell.com/support/product-details/product/ax-750/overview |
解决方法和缓解措施
| CVE ID | Workaround and Mitigation |
| CVE-2025-2884 | The TPM component used in Azure Stack Hub does not have a mechanism for updates through Hub releases. Customer must contact support to upgrade the TPM on the nodes. DSA-2025-232 |
修订历史记录
| Revision | Date | Description |
| 1.0 | 2025-10-14 | Initial Release |
| 2.0 | 2025-11-12 | Added CVE-2025-31146 to the remediated table |
相关信息
法律免责声明
受影响的产品
AX Nodes, AX-4510C, AX-4520C, ax-650, AX-6515, AX-750, AX-7525, AX-760文章属性
文章编号: 000379454
文章类型: Dell Security Advisory
上次修改时间: 12 11月 2025
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。