Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000190344

DSA-2021-159: Dell EMC VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

Critical

Details

Third-party Component	CVEs	More information
postgresql10	CVE-2021-32027	Severity: Medium, see SUSE-SU-2021:1970-1
postgresql10	CVE-2021-32028	Severity: Medium, see SUSE-SU-2021:1970-1
libxml2	CVE-2021-3541	Severity: Medium, see SUSE-SU-2021:1917-1
libgcrypt20	CVE-2021-33560	Severity: High, see SUSE-SU-2021:2157-1
libudev1 libsystemd0 systemd-sysvinit systemd udev	CVE-2021-33910	Severity: Medium, see SUSE-SU-2021:2404-1
libsqlite3-0	CVE-2015-3414	Severity: High, see SUSE-SU-2021:2320-1
	CVE-2015-3415
	CVE-2019-19244
	CVE-2019-19317
	CVE-2019-19603
	CVE-2019-19645
	CVE-2019-19646
	CVE-2019-19880
	CVE-2019-19923
	CVE-2019-19924
	CVE-2019-19925
	CVE-2019-19926
	CVE-2019-19959
	CVE-2019-20218
	CVE-2020-13434
	CVE-2020-13435
	CVE-2020-13630
	CVE-2020-13631
	CVE-2020-13632
	CVE-2020-15358
	CVE-2020-9327
dbus-1 libdbus-1-3	CVE-2020-35512	Severity: High, see SUSE-SU-2021:2292-1
libjpeg8	CVE-2020-17541	Severity: Medium, see SUSE-SU-2021:1958-1
kernel-default	CVE-2021-22555	Severity: High, see SUSE-SU-2021:2438-1
	CVE-2021-33909
	CVE-2021-35039
	CVE-2021-3609
	CVE-2021-3612
python3-salt salt salt-minion python3-distro	CVE-2018-15750	Severity: Critical, see SUSE-SU-2021:2105-1 and SUSE-SU-2021:2106-1
	CVE-2018-15751
	CVE-2020-11651
	CVE-2020-11652
	CVE-2020-25592
	CVE-2021-25315
	CVE-2021-31607
libnettle6 libhogweed4	CVE-2021-3580	Severity: High, see SUSE-SU-2021:2143-1
docker runc	CVE-2021-21284	Severity: High, see SUSE-SU-2021:1954-1
	CVE-2021-21285
	CVE-2021-21334
	CVE-2021-30465
libX11	CVE-2021-31535	Severity: High, see SUSE-SU-2021:1897-1
python3-py	CVE-2020-29651	Severity: Medium, see SUSE-SU-2021:1859-1
curl libcurl4	CVE-2021-22922	Severity: Medium, see SUSE-SU-2021:2439-1
	CVE-2021-22923
	CVE-2021-22924
	CVE-2021-22925
liblua5_3-5	CVE-2020-24370	Severity: Medium, see SUSE-SU-2021:2196-1
liblua5_3-5	CVE-2020-24371	Severity: Medium, see SUSE-SU-2021:2196-1
containerd	CVE-2021-32760	Severity: Medium, see SUSE-SU-2021:2412-1

Third-party Component	CVEs	More information
VxRail Node: Dell iDRAC9 Updates VxRail E560 VxRail E560F VxRail E560N VxRail P570 VxRail P570F VxRail V570 VxRail V570F VxRail G560 VxRail G560/F VxRail S570 VxRail P580N VxRail D560 VxRail D560F	CVE-2021-21579	DSA-2021-133: Dell iDRAC Security Update for Multiple Security Vulnerabilities.
	CVE-2021-21578
	CVE-2021-21577
	CVE-2021-21576
Intel: 14G BIOS Updates	CVE-2020-24511	INTEL-SA-00463 INTEL-SA-00464
	CVE-2020-12357
	CVE-2020-12358
	CVE-2020-12360
	CVE-2020-24486
Intel: Ethernet 700 Series Controller Advisory	CVE-2020-8693	INTEL-SA-00380
	CVE-2020-8692
	CVE-2020-8690
	CVE-2020-8691

Third-party Component	CVEs	More information
postgresql10	CVE-2021-32027	Severity: Medium, see SUSE-SU-2021:1970-1
postgresql10	CVE-2021-32028	Severity: Medium, see SUSE-SU-2021:1970-1
libxml2	CVE-2021-3541	Severity: Medium, see SUSE-SU-2021:1917-1
libgcrypt20	CVE-2021-33560	Severity: High, see SUSE-SU-2021:2157-1
libudev1 libsystemd0 systemd-sysvinit systemd udev	CVE-2021-33910	Severity: Medium, see SUSE-SU-2021:2404-1
libsqlite3-0	CVE-2015-3414	Severity: High, see SUSE-SU-2021:2320-1
	CVE-2015-3415
	CVE-2019-19244
	CVE-2019-19317
	CVE-2019-19603
	CVE-2019-19645
	CVE-2019-19646
	CVE-2019-19880
	CVE-2019-19923
	CVE-2019-19924
	CVE-2019-19925
	CVE-2019-19926
	CVE-2019-19959
	CVE-2019-20218
	CVE-2020-13434
	CVE-2020-13435
	CVE-2020-13630
	CVE-2020-13631
	CVE-2020-13632
	CVE-2020-15358
	CVE-2020-9327
dbus-1 libdbus-1-3	CVE-2020-35512	Severity: High, see SUSE-SU-2021:2292-1
libjpeg8	CVE-2020-17541	Severity: Medium, see SUSE-SU-2021:1958-1
kernel-default	CVE-2021-22555	Severity: High, see SUSE-SU-2021:2438-1
	CVE-2021-33909
	CVE-2021-35039
	CVE-2021-3609
	CVE-2021-3612
python3-salt salt salt-minion python3-distro	CVE-2018-15750	Severity: Critical, see SUSE-SU-2021:2105-1 and SUSE-SU-2021:2106-1
	CVE-2018-15751
	CVE-2020-11651
	CVE-2020-11652
	CVE-2020-25592
	CVE-2021-25315
	CVE-2021-31607
libnettle6 libhogweed4	CVE-2021-3580	Severity: High, see SUSE-SU-2021:2143-1
docker runc	CVE-2021-21284	Severity: High, see SUSE-SU-2021:1954-1
	CVE-2021-21285
	CVE-2021-21334
	CVE-2021-30465
libX11	CVE-2021-31535	Severity: High, see SUSE-SU-2021:1897-1
python3-py	CVE-2020-29651	Severity: Medium, see SUSE-SU-2021:1859-1
curl libcurl4	CVE-2021-22922	Severity: Medium, see SUSE-SU-2021:2439-1
	CVE-2021-22923
	CVE-2021-22924
	CVE-2021-22925
liblua5_3-5	CVE-2020-24370	Severity: Medium, see SUSE-SU-2021:2196-1
liblua5_3-5	CVE-2020-24371	Severity: Medium, see SUSE-SU-2021:2196-1
containerd	CVE-2021-32760	Severity: Medium, see SUSE-SU-2021:2412-1

Third-party Component	CVEs	More information
VxRail Node: Dell iDRAC9 Updates VxRail E560 VxRail E560F VxRail E560N VxRail P570 VxRail P570F VxRail V570 VxRail V570F VxRail G560 VxRail G560/F VxRail S570 VxRail P580N VxRail D560 VxRail D560F	CVE-2021-21579	DSA-2021-133: Dell iDRAC Security Update for Multiple Security Vulnerabilities.
	CVE-2021-21578
	CVE-2021-21577
	CVE-2021-21576
Intel: 14G BIOS Updates	CVE-2020-24511	INTEL-SA-00463 INTEL-SA-00464
	CVE-2020-12357
	CVE-2020-12358
	CVE-2020-12360
	CVE-2020-24486
Intel: Ethernet 700 Series Controller Advisory	CVE-2020-8693	INTEL-SA-00380
	CVE-2020-8692
	CVE-2020-8690
	CVE-2020-8691

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed	Product	Affected Versions	Updated Versions
See table above.	Dell EMC VxRail Appliance	7.0.x versions before 7.0.203	7.0.203

CVEs Addressed	Product	Affected Versions	Updated Versions
See table above.	Dell EMC VxRail Appliance	7.0.x versions before 7.0.203	7.0.203

Revision History

Revision	Date	Description
1.0	2021-08-05	Initial Release

DSA-2021-159: Dell EMC VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Article Type

Welcome

Welcome to Dell

DSA-2021-159: Dell EMC VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Article Type