Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000180569

DSA-2019-152 Dell EMC Networking Security Update for Intel-SA-00233

Summary: Dell EMC Networking Security Notice for Intel-SA-00233

Article Content

Impact

Medium

Details

Updates are available to address the following security vulnerabilities:

Intel-SA-00233  SLN317551_en_US__1iC_External_Link_BD_v1: Intel Microarchitectural Data Sampling Vulnerabilities
  •     CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-1109
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfmSLN317551_en_US__1iC_External_Link_BD_v1  To search for a particular CVE, use the database’s search utility at http://web.nvd.nist.gov/view/vuln/search  SLN317551_en_US__1iC_External_Link_BD_v1
Updates are available to address the following security vulnerabilities:

Intel-SA-00233  SLN317551_en_US__1iC_External_Link_BD_v1: Intel Microarchitectural Data Sampling Vulnerabilities
  •     CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-1109
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfmSLN317551_en_US__1iC_External_Link_BD_v1  To search for a particular CVE, use the database’s search utility at http://web.nvd.nist.gov/view/vuln/search  SLN317551_en_US__1iC_External_Link_BD_v1
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected products:

Dell EMC Networking (see Resolution section below for complete list of affected products)

Resolution:  

The following is a list of impacted products and expected release dates. Dell recommends all customers update at the earliest opportunity.

There are two essential components that need to be applied to mitigate the above-mentioned vulnerabilities:

1. Apply the firmware update listed in the Dell EMC Networking Products Affected section below.
2. Apply the applicable operating system patch. This is required to mitigate the Intel-SA-00233  SLN317551_en_US__1iC_External_Link_BD_v1 related vulnerabilities.

We encourage customers to review Intel’s Security Advisory for information, including appropriate identification and mitigation measures.

Please visit the Drivers and Downloads site for updates on the applicable products. To learn more, visit the Dell Knowledge Base article Dell Updating Firmware using Dell Update Packages (DUP’s), and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified and download driver, BIOS and firmware updates automatically once available.

Affected products:

Dell EMC Networking (see Resolution section below for complete list of affected products)

Resolution:  

The following is a list of impacted products and expected release dates. Dell recommends all customers update at the earliest opportunity.

There are two essential components that need to be applied to mitigate the above-mentioned vulnerabilities:

1. Apply the firmware update listed in the Dell EMC Networking Products Affected section below.
2. Apply the applicable operating system patch. This is required to mitigate the Intel-SA-00233  SLN317551_en_US__1iC_External_Link_BD_v1 related vulnerabilities.

We encourage customers to review Intel’s Security Advisory for information, including appropriate identification and mitigation measures.

Please visit the Drivers and Downloads site for updates on the applicable products. To learn more, visit the Dell Knowledge Base article Dell Updating Firmware using Dell Update Packages (DUP’s), and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified and download driver, BIOS and firmware updates automatically once available.

-    Software Security Guidance for developers: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling SLN317551_en_US__1iC_External_Link_BD_v1
-    Intel Security First – MDS Page: https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html SLN317551_en_US__1iC_External_Link_BD_v1
-    Intel Security Center: https://security-center.intel.com SLN317551_en_US__1iC_External_Link_BD_v1
-    AMD response to CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 (Fallout and Rogue In-Flight Data Load (RIDL)): https://www.amd.com/en/corporate/product-security  SLN317551_en_US__1iC_External_Link_BD_v1
-    VMware: https://www.vmware.com/security/advisories/VMSA-2019-0008.html  SLN317551_en_US__1iC_External_Link_BD_v1
-    Microsoft: https://support.microsoft.com/en-us/help/4457951/windows-guidance-to-protect-against-speculative-execution-side-channel  SLN317551_en_US__1iC_External_Link_BD_v1
-    Red Hat: https://www.redhat.com/en/blog/understanding-mds-vulnerability-what-it-why-it-works-and-how-mitigate-it SLN317551_en_US__1iC_External_Link_BD_v1
-    SuSe: https://www.suse.com/security/cve/CVE-2018-12126/ SLN317551_en_US__1iC_External_Link_BD_v1
-    Ubuntu: https://blog.ubuntu.com/2019/05/14/ubuntu-updates-to-mitigate-new-microarchitectural-data-sampling-mds-vulnerabilities SLN317551_en_US__1iC_External_Link_BD_v1

SLN317551_en_US__15icon Prior to installing the update, please review the installation procedure in the release notes.
 
SLN317551_en_US__15icon The dates listed are estimated availability dates and are subject to change without notice.
  
SLN317551_en_US__15icon The platform list for Dell EMC Networking products will be updated periodically. Please check back frequently for the most up-to-date information.

SLN317551_en_US__15icon Update versions in the table below are the first releases with the updates to address the security vulnerabilities. Releases at and above these versions will include the security updates.

SLN317551_en_US__15icon Dates below are in US format of MM/DD/YYYY.
 
 Dell EMC Networking Products Affected:
 
Product Update Version
(or greater)		 Release Date/
Expected Release Date 
(MM/YYYY)
 PowerSwitch Z9264F-ON Not yet available TBD
 PowerSwitch S5212F-ON Available 10/01/2019
 PowerSwitch S5224F-ON Available 10/01/2019
 PowerSwitch S5232F-ON Available 10/01/2019
 PowerSwitch S5248F-ON Available 10/01/2019
        PowerSwitch S5296F-ON Available 10/01/2019
VEP4600 Available 09/05/2019
VEP1400 Available 09/05/2019

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

Networking

Last Published Date

22 May 2021

Version

3

Article Type

Dell Security Advisory

Back to Top