DSA-2024-008: Security Update for Dell XtremIO X2 Multiple Component Vulnerabilities

摘要: Dell XtremIO X2 remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

本文章適用於 本文章不適用於 本文無關於任何特定產品。 本文未識別所有產品版本。
查看其他資源

影響

Critical

詳細資料

Third-party Component 

CVEs 

More Information 

bind 

CVE-2023-2828, CVE-2023-3341 

RHSA-2023-4152This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023-5691This hyperlink is taking you to a website outside of Dell Technologies. 

c-ares 

CVE-2023-32067 

RHSA-2023:3741This hyperlink is taking you to a website outside of Dell Technologies. 

cyrus-sasl 

CVE-2022-24407 

RHSA-2022:0666This hyperlink is taking you to a website outside of Dell Technologies.

emacs 

CVE-2022-48339 

RHSA-2023:3481This hyperlink is taking you to a website outside of Dell Technologies. 

gd 

CVE-2016-5766 

RHSA-2020:5443This hyperlink is taking you to a website outside of Dell Technologies.

gcc 

CVE-2021-42574 

RHSA-2021:4033This hyperlink is taking you to a website outside of Dell Technologies. 

git 

CVE-2023-25652, CVE-2023-29007 

RHSA-2023:3263This hyperlink is taking you to a website outside of Dell Technologies. 

gzip 

CVE-2022-1271 

RHSA-2022:2191This hyperlink is taking you to a website outside of Dell Technologies. 

httpd 

CVE-2016-2161, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2022-22720, CVE-2023-25690 

RHSA-2017:0906This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:0143This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2021:3856This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:1045This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1593This hyperlink is taking you to a website outside of Dell Technologies. 

kernel 

CVE-2023-35001, CVE-2023-35788, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208, CVE-2023-42753, CVE-2023-4623, CVE-2024-1086, CVE-2023-4921, CVE-2020-36385, CVE-2020-0466, CVE-2022-0492, CVE-2022-0330, CVE-2021-3752, CVE-2022-32250, CVE-2022-1729, CVE-2022-42896, CVE-2022-3564, CVE-2022-22942, CVE-2023-32233, CVE-2022-4378, CVE-2020-0465, CVE-2021-0920, CVE-2020-36322, CVE-2022-42703, CVE-2020-25704 

RHSA-2022:0063This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:4151This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2021:4777This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:5232This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:4642This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1091This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:0620This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:5622This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:4819This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:7423This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:0346This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:2004This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:1249This hyperlink is taking you to a website outside of Dell Technologies. 

krb5-devel/krb5-libs 

CVE-2022-42898 

RHSA-2022:8640This hyperlink is taking you to a website outside of Dell Technologies. 

libssh2 

CVE-2020-22218 

RHSA-2023:5615This hyperlink is taking you to a website outside of Dell Technologies. 

libXpm 

CVE-2022-4883 

RHSA-2023:0377This hyperlink is taking you to a website outside of Dell Technologies. 

nss 

CVE-2021-43527, CVE-2023-0767 

RHSA-2021:4904This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1332This hyperlink is taking you to a website outside of Dell Technologies.

openldap 

CVE-2020-25709, CVE-2020-25710 

RHSA-2022:0621This hyperlink is taking you to a website outside of Dell Technologies. 

openssh 

CVE-2023-38408 

RHSA-2023:4382This hyperlink is taking you to a website outside of Dell Technologies. 

openssl 

CVE-2016-2183, CVE-2021-23840, CVE-2021-3712, CVE-2022-0778, CVE-2023-0286 

RHSA-2018:2123This hyperlink is taking you to a website outside of Dell Technologies. , RHSA-2021:3798This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:0064This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:1066This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:1335This hyperlink is taking you to a website outside of Dell Technologies. 

open-vm-tools 

CVE-2022-31676, CVE-2023-20900, CVE-2023-34058, CVE-2023-34059 

RHSA-2022:6381This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:5217This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2023:7279This hyperlink is taking you to a website outside of Dell Technologies. 

polkit 

CVE-2021-4034 

RHSA-2022:0274This hyperlink is taking you to a website outside of Dell Technologies. 

python 

CVE-2023-24329, CVE-2020-26137, CVE-2020-26116 

RHSA-2023:3555This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2022:5235This hyperlink is taking you to a website outside of Dell Technologies. 

python-pillow 

CVE-2022-22817, CVE-2023-44271 

RHSA-2022:0609This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2024:0345This hyperlink is taking you to a website outside of Dell Technologies. 

rpm 

CVE-2021-20271 

RHSA-2021:4785This hyperlink is taking you to a website outside of Dell Technologies. 

rsync 

CVE-2022-29154 

RHSA-2022:6170This hyperlink is taking you to a website outside of Dell Technologies. 

rsyslog 

CVE-2022-24903 

RHSA-2022:4803This hyperlink is taking you to a website outside of Dell Technologies. 

samba 

CVE-2022-38023, CVE-2020-25717, CVE-2016-2124 

RHSA-2023:1090This hyperlink is taking you to a website outside of Dell Technologies., RHSA-2021:5192This hyperlink is taking you to a website outside of Dell Technologies. 

ssd 

CVE-2022-4254 

RHSA-2023:0403This hyperlink is taking you to a website outside of Dell Technologies. 

sudo 

CVE-2023-22809 

RHSA-2023:0291This hyperlink is taking you to a website outside of Dell Technologies. 

xz 

CVE-2022-1271 

RHSA-2022:5052This hyperlink is taking you to a website outside of Dell Technologies. 

zlib 

CVE-2018-25032 

RHSA-2022:2213This hyperlink is taking you to a website outside of Dell Technologies. 

Dell Technologies 建議所有客戶不僅要參考 CVSS 基本分數,也要將可能會影響與特定安全漏洞相關之潛在嚴重性的所有相關暫時和環境分數納入考量。

受影響的產品與補救措施

Product  

Software/Firmware  

Affected Versions  

Remediated Versions 

Link 

XtremIO X2  

XMS 

Versions prior to 6.4.2-13 

Version 6.4.2-13 or later 

https://dl.dell.com/downloads/P8R9D_XtremIO-6.4.2-&-XMS-6.4.2-(6.4.2-13_X2_XIOS_6.4.2-13_XMS).tar 

Product  

Software/Firmware  

Affected Versions  

Remediated Versions 

Link 

XtremIO X2  

XMS 

Versions prior to 6.4.2-13 

Version 6.4.2-13 or later 

https://dl.dell.com/downloads/P8R9D_XtremIO-6.4.2-&-XMS-6.4.2-(6.4.2-13_X2_XIOS_6.4.2-13_XMS).tar 
Dell advises that you consistently upgrade to the most recent release/version of your product.

修訂歷史記錄

Revision DateDescription
1.02024-08-06Initial Release
2.02024-08-06Updated for enhanced presentation with no changes to content.

相關資訊

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

法律免責聲明

受影響的產品

XtremIO, XtremIO Family, XtremIO X2
文章屬性
文章編號: 000227569
文章類型: Dell Security Advisory
上次修改時間: 09 9月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。