DSA-2025-024 : Security Update for Dell Data Lakehouse System Software for Multiple Third-Party Component Vulnerabilities

摘要: Dell Data Lakehouse System Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影響

詳細資料

受影響的產品與補救措施

因應措施與緩解措施

修訂歷史記錄

相關資訊

法律免責聲明

受影響的產品

提供意見反應

本文章適用於本文章不適用於本文無關於任何特定產品。本文未識別所有產品版本。

查看其他資源

影響

High

詳細資料

Third-party Component	CVEs	More Information
curl	CVE-2024-2466, CVE-2024-2398, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-6197, CVE-2024-6874	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
libcrypto3	CVE-2024-5535, CVE-2024-4741, CVE-2024-6119	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
libexpat	CVE-2024-45491, CVE-2024-45490	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
ssl_client,busybox-binsh,busybox	CVE-2023-42366, CVE-2023-42365, CVE-2023-42364, CVE-2023-42363	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
zlib	CVE-2023-6992	https://nvd.nist.gov/vuln/detail/CVE-2023-6992

Dell Technologies 建議所有客戶不僅要參考 CVSS 基本分數，也要將可能會影響與特定安全漏洞相關之潛在嚴重性的所有相關暫時和環境分數納入考量。

受影響的產品與補救措施

CVEs Addressed	Product	Affected Versions	Remediated Versions	Link
CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874	Dell Data Lakehouse System Software	Versions prior to 1.3.0.0	Version 1.3.0.0 or later	https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

CVEs Addressed	Product	Affected Versions	Remediated Versions	Link
CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874	Dell Data Lakehouse System Software	Versions prior to 1.3.0.0	Version 1.3.0.0 or later	https://www.dell.com/support/home/product-support/product/dell-data-lakehouse/drivers

因應措施與緩解措施

CVE ID	Workaround and Mitigation
CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-6992, CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-45490, CVE-2024-45491, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-6197, CVE-2024-6874	Upgrade to DDLH Version 1.3.0.0

修訂歷史記錄

Revision	Date	Description
1.0	2025-01-09	Initial Release

相關資訊

法律免責聲明

受影響的產品

Data Management, Dell Data Lakehouse

文章編號: 000270236

文章類型: Dell Security Advisory

上次修改時間: 09 9月 2025

檢查您的裝置是否在支援服務的涵蓋範圍內。