Article Number: 000153803
High
Summary:
Multiple components within Dell EMC Isilon OneFS require a security update to address various vulnerabilities.
Multiple components within the Dell EMC Isilon OneFS have been updated to address various vulnerabilities. These components are updated for the following vulnerabilities:
Segment Smack TCP Reassembly Vulnerability
CVE-2018-6922
Fragment Smack IP Reassembly Vulnerability
CVE-2018-6923
OpenSSL Vulnerability for OneFS
CVE-2018-0734
OpenSSL Vulnerability for IsilonSD Edge
CVE-2018-0734
OpenSSH Vulnerability
CVE-2018-15473
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Multiple components within the Dell EMC Isilon OneFS have been updated to address various vulnerabilities. These components are updated for the following vulnerabilities:
Segment Smack TCP Reassembly Vulnerability
CVE-2018-6922
Fragment Smack IP Reassembly Vulnerability
CVE-2018-6923
OpenSSL Vulnerability for OneFS
CVE-2018-0734
OpenSSL Vulnerability for IsilonSD Edge
CVE-2018-0734
OpenSSH Vulnerability
CVE-2018-15473
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Affected products:
Dell EMC Isilon OneFS versions 8.1.2 and earlier
Dell EMC Isilon OneFS versions 8.1.0.4 and earlier
Dell EMC IsilonSD Edge versions 8.1.2 and earlier
Dell EMC IsilonSD Edge versions 8.1.0.4 and earlier
Remediation:
For Dell EMC Isilon OneFS version 8.1.2.0, the security updates are contained in the following patches:
Patch-248570 for OneFS 8.1.2.0: https://download.emc.com/downloads/DL93441
Patch-248568 for OneFS 8.1.2.0: https://download.emc.com/downloads/DL93440
For Dell EMC Isilon OneFS version 8.1.0.4, the security updates are contained in the following patches:
Isilon OneFS 8.1.0.4 KGA 2019-04 Patch-248573: https://download.emc.com/downloads/DL93596
Isilon OneFS 8.1.0.4 UGA 2019-04 Patch-248571: https://download.emc.com/downloads/DL93595
Dell EMC recommends all customers apply the patches containing the resolutions at the earliest opportunity.
Affected products:
Dell EMC Isilon OneFS versions 8.1.2 and earlier
Dell EMC Isilon OneFS versions 8.1.0.4 and earlier
Dell EMC IsilonSD Edge versions 8.1.2 and earlier
Dell EMC IsilonSD Edge versions 8.1.0.4 and earlier
Remediation:
For Dell EMC Isilon OneFS version 8.1.2.0, the security updates are contained in the following patches:
Patch-248570 for OneFS 8.1.2.0: https://download.emc.com/downloads/DL93441
Patch-248568 for OneFS 8.1.2.0: https://download.emc.com/downloads/DL93440
For Dell EMC Isilon OneFS version 8.1.0.4, the security updates are contained in the following patches:
Isilon OneFS 8.1.0.4 KGA 2019-04 Patch-248573: https://download.emc.com/downloads/DL93596
Isilon OneFS 8.1.0.4 UGA 2019-04 Patch-248571: https://download.emc.com/downloads/DL93595
Dell EMC recommends all customers apply the patches containing the resolutions at the earliest opportunity.
PowerScale OneFS
PowerScale OneFS, Product Security Information
22 May 2021
4
Dell Security Advisory