DSA-2024-023: Dell CloudLink Security Update for OpenSSH Vulnerability.
Summary: Dell CloudLink remediation is available for an OpenSSH security vulnerability that could be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
Impact
Critical
Details
| Third-party Component | CVEs | More Information |
|---|---|---|
| Linux Kernel | CVE-2023-31085, CVE-2023-20593, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42754, CVE-2023-45862, CVE-2023-45871, CVE-2023-5717 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/  |
Affected Products & Remediation
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell CloudLink | Versions prior to 7.1.8 | 7.1.8 or above | https://www.dell.com/support/home/product-support/product/cloudlink-securevm/drivers |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell CloudLink | Versions prior to 7.1.8 | 7.1.8 or above | https://www.dell.com/support/home/product-support/product/cloudlink-securevm/drivers |
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-02-01 | Initial Release |
| 2.0 | 2024-02-01 | Updated for enhanced presentation with no changes to content. |
| 3.0 | 2024-03-27 | major update to content following re-assessment |
| 4.0 | 2024-04-10 | Updated for enhanced presentation with no changes to content. |