Advisory for Dell Security Updates

- NIC-CERT/2022-01/039
- Date: 2022-02-01
- CVE ID: Multiple
- Severity: High
Advisory for Dell Security Updates
A. Description:
A vulnerability has been reported in Dell product which may be exploited by malicious users to compromise the affected systems
B. Security Issues Fixed:
Dell has announced updates for Dell EMC Cloud Disaster Recovery Security Update for NVIDIA GPU Display Driver Vulnerabilities, Alps Alpine Touchpad Driver Vulnerability, Apache Log4j Remote Code Execution Vulnerability etc.
Third-party Component |
CVEs |
NVIDIA® GPU Display Driver |
CVEâ??2021â??1074 CVEâ??2021â??1075 CVEâ??2021â??1076 CVEâ??2021â??1077 CVEâ??2021â??1078 CVE-2021-1089 CVE-2021-1090 CVE-2021-1091 CVE-2021-1092 CVE-2021-1093 CVE-2021-1094 CVE-2021-1095 CVE-2021-1096 |
NVIDIA® GPU Display Driver |
CVEâ??2021â??1115 CVEâ??2021â??1116 CVEâ??2021â??1117 |
Apache ant |
CVE-2020-11979 |
Apache thrift |
CVE-2020-13949 |
Apache Log4j |
CVE-2021-44228 CVE-2021-45046 |
Apache2 |
CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641 CVE-2021-31618 |
Bind |
CVE-2020-8625 CVE-2021-25214 CVE-2021-25215 |
Cpio |
CVE-2021-38185 |
Curl |
CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2021-22876 CVE-2021-22898 CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 CVE-2021-22925 |
cyrus-sasl |
CVE-2019-19906 |
dbus-1 |
CVE-2020-12049 CVE-2020-35512 |
dhcp |
CVE-2021-25217 |
file |
CVE-2019-18218 |
FLAC |
CVE-2020-0499 |
glib2 |
CVE-2021-27218 CVE-2021-27219 |
libesmtp |
CVE-2019-19977 |
libsndfile |
CVE-2018-13139 CVE-2018-19432 CVE-2018-19758 CVE-2021-3246 |
libsolv |
CVE-2019-20387 CVE-2021-3200 |
libxml2 |
CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 |
openldap2 |
CVE-2020-25692 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2020-8023 CVE-2021-27212 |
sqlite3 |
CVE-2015-3414 CVE-2015-3415 CVE-2016-6153 CVE-2017-10989 CVE-2017-2518 CVE-2018-20346 CVE-2018-8740 CVE-2019-16168 CVE-2019-19244 CVE-2019-19317 CVE-2019-19603 CVE-2019-19645 CVE-2019-19646 CVE-2019-19880 CVE-2019-19923 CVE-2019-19924 CVE-2019-19925 CVE-2019-19926 CVE-2019-19959 CVE-2019-20218 CVE-2019-8457 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-15358 CVE-2020-9327 |
python-cryptography |
CVE-2020-36242 |
Permissions |
CVE-2020-8025 |
openssl-1_0_0 |
CVE-2021-23840 CVE-2021-23841 CVE-2021-3712 |
Alps Alpine Touchpad Driver |
CVE-2021-27971 |
Apache Log4J |
CVE-2021-44228 CVE-2021-45046 |
AMD Chipset Driver |
CVE202126333 |
Affected Products and Solution
Product |
Affected Versions |
Link to Update |
Dell EMC Elastic Cloud Storage |
Versions before ECS 3.6.2.1 |
https://www.dell.com/support/home/en-us/product-support/product/ecs-appliance-/overview |
Latitude 7370 Precision 3510 Precision 7510 Precision 7710 Latitude 5280 Latitude 5288 Latitude 5289 2-in-1 Latitude 5290 Latitude 5480 Latitude 5488 Latitude 5490 Latitude 5491 Latitude 5495 Latitude 5580 Latitude 5590 Latitude 5591 Latitude 7280 Latitude 7290 Latitude 7380 Latitude 7389 2-in-1 Latitude 7390 Latitude 7390 2-in-1 Latitude 7480 Latitude 7490 Precision 3520 Precision 3530 Precision 7520 Precision 7530 Precision 7720 Precision 7730 |
10.3201.101.216, A09 10.3201.101.216, A09 10.3201.101.216, A09 10.3201.101.216, A09 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 10.3201.101.216, A10 |
|
Data Domain (PowerProtect DD) |
Versions from 7.3.0.5 to 7.7.0.6 Versions from 7.3.0.5 to 7.7.0.6. |
DDOS 7.7.1.0 and above includes log4j 2.17.1 https://www.dell.com/support/kbdoc/525902 |
Alienware Aurora Ryzen Edition Alienware Aurora Ryzen edition R14 Alienware m15 Ryzen Edition R5 Dell G15 SE 5515 Inspiron 14 5485 2n1 Inspiron 14 7415 2-in-1 Inspiron 15 3505/6 Inspiron 15 3515 Inspiron 22 3275 Inspiron 24 3475 Inspiron 3180 Inspiron 3185 Inspiron 3195 2-in-1 Inspiron 3585 Inspiron 3595 Inspiron 3785 Inspiron 5405 Inspiron 5415 Inspiron 5485 Inspiron 5505 Inspiron 5515 Inspiron 5575 Inspiron 5585 Inspiron 5676 Inspiron 5775 Inspiron 7375 Inspiron 7405 2 in 1 Inspiron G5 5505 Latitude 5495 OptiPlex 5055 A-Series OptiPlex 5055 Ryzen APU OptiPlex 5055 Ryzen CPU Vostro 14 3405 Vostro 3515 Vostro 5415 Vostro 5515 |
3.11.5.159 3.11.5.159 3.10.21.2037 3.10.21.2037 19.400.0 3.10.21.2122 20.100.0 3.10.6.358 17.400.1026 17.400.1026 18.500.0 18.500.0 19.400.0 20.100.0 20.100.0 20.100.0 19.400.0 3.11.1.544 19.400.0 19.400.0 3.11.1.544 17.400.0 19.400.0 18.100.0 17.400.0 17.400.0 19.400.0 19.400.30 18.400.24 18.100.0 |