Dell Client Platform BIOS update for OpenSSL
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2024-5535 CVE-2024-4741 CVE-2024-2511 |
| CWE-ID | CWE-125 CWE-416 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
XPS 8940 Hardware solutions / Firmware XPS 17 9700 Hardware solutions / Firmware XPS 15 9500 Hardware solutions / Firmware XPS 13 9315 Hardware solutions / Firmware XPS 13 9310 2-in-1 Hardware solutions / Firmware XPS 13 9310 Hardware solutions / Firmware XPS 13 9300 Hardware solutions / Firmware XPS 13 7390 2-in-1 Hardware solutions / Firmware XPS 13 7390 Hardware solutions / Firmware XPS 13 9305 Hardware solutions / Firmware Vostro 7500 Hardware solutions / Firmware Vostro 5620 Hardware solutions / Firmware Vostro 5502 Hardware solutions / Firmware Vostro 5402 Hardware solutions / Firmware Vostro 5301 Hardware solutions / Firmware Vostro 3910 Hardware solutions / Firmware Vostro 3710 Hardware solutions / Firmware Vostro 3501 Hardware solutions / Firmware Vostro 3500 Hardware solutions / Firmware Vostro 3401 Hardware solutions / Firmware Vostro 3400 Hardware solutions / Firmware Vostro 3030S Hardware solutions / Firmware Vostro 3030 Hardware solutions / Firmware Vostro 3020 Tower Desktop Hardware solutions / Firmware Vostro 3020 Small Desktop Hardware solutions / Firmware Vostro 16 5630 Hardware solutions / Firmware Vostro 15 3510 Hardware solutions / Firmware Vostro 14 3440 Hardware solutions / Firmware Precision 5750 Hardware solutions / Firmware Precision 5550 Hardware solutions / Firmware Precision 3680 Tower Hardware solutions / Firmware Precision 3660 Hardware solutions / Firmware Precision 3460 XE Small Form Factor / Precision 3460 Small Form Factor Hardware solutions / Firmware Precision 3280 CFF Hardware solutions / Firmware Precision 3260 XE Compact / Precision 3260 Compact Hardware solutions / Firmware OptiPlex All-in-One 7410 Hardware solutions / Firmware OptiPlex AIO 7420 Hardware solutions / Firmware OptiPlex 5055 Ryzen CPU Hardware solutions / Firmware OptiPlex 5055 Ryzen APU Hardware solutions / Firmware OptiPlex 5055 A-Serial Hardware solutions / Firmware Latitude Rugged 7220EX Hardware solutions / Firmware Latitude 7220 Rugged Extreme Hardware solutions / Firmware Latitude 5495 Hardware solutions / Firmware Latitude 3550 Hardware solutions / Firmware Latitude 3510 Hardware solutions / Firmware Latitude 3500 Hardware solutions / Firmware Latitude 3450 Hardware solutions / Firmware Latitude 3410 Hardware solutions / Firmware Latitude 3400 Hardware solutions / Firmware Latitude 3301 Hardware solutions / Firmware Inspiron 7706 2-in-1 Hardware solutions / Firmware Inspiron 7506 2-in-1 Hardware solutions / Firmware Inspiron 7501 Hardware solutions / Firmware Inspiron 7500 Hardware solutions / Firmware Inspiron 7400 Hardware solutions / Firmware Inspiron 7306 2-in-1 Hardware solutions / Firmware Inspiron 7300 Hardware solutions / Firmware Inspiron 5509 Hardware solutions / Firmware Inspiron 5502 Hardware solutions / Firmware Inspiron 5409 Hardware solutions / Firmware Inspiron 5406 2-in-1 Hardware solutions / Firmware Inspiron 5402 Hardware solutions / Firmware Inspiron 5301 Hardware solutions / Firmware Inspiron 3910 Hardware solutions / Firmware Inspiron 3501 Hardware solutions / Firmware Inspiron 3030S Hardware solutions / Firmware Inspiron 3030 Hardware solutions / Firmware Inspiron 27 7730 All-in-One Hardware solutions / Firmware Inspiron 27 7720 All-in-One Hardware solutions / Firmware Inspiron 24 5430 All-in-One Hardware solutions / Firmware Inspiron 24 5420 All-in-One Hardware solutions / Firmware Inspiron 16 Plus 7640 Hardware solutions / Firmware Inspiron 16 7640 2-in-1 Hardware solutions / Firmware Inspiron 16 7630 2-in-1 Hardware solutions / Firmware Inspiron 16 5630 Hardware solutions / Firmware Inspiron 16 5620 Hardware solutions / Firmware Inspiron 15 3511 Hardware solutions / Firmware Inspiron 14 Plus 7440 Hardware solutions / Firmware Inspiron 14 7440 2-in-1 Hardware solutions / Firmware Inspiron 14 7430 2-in-1 Hardware solutions / Firmware Inspiron 14 5440 Hardware solutions / Firmware Inspiron 14 5430 Hardware solutions / Firmware Inspiron 14 5420 Hardware solutions / Firmware Dell G15 5511 Hardware solutions / Firmware Dell G15 5510 Hardware solutions / Firmware ChengMing 3910/3911 Hardware solutions / Firmware ChengMing 3900 Hardware solutions / Firmware Alienware m16 R2 Hardware solutions / Firmware |
| Vendor | Dell |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU93424
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-5535
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the SSL_select_next_proto() function when using NPN. A remote attacker can send specially crafted data to the application, trigger an out-of-bounds read and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsXPS 8940: before 2.25.0
XPS 17 9700: before 1.33.1
XPS 15 9500: before 1.33.1
XPS 13 9315: before 1.26.0
XPS 13 9310 2-in-1: before 2.29.1
XPS 13 9310: before 3.27.1
XPS 13 9300: before 1.27.1
XPS 13 7390 2-in-1: before 1.34.1
XPS 13 7390: before 1.28.1
XPS 13 9305: before 1.26.1
Vostro 7500: before 1.31.1
Vostro 5620: before 1.26.0
Vostro 5502: before 1.33.1
Vostro 5402: before 1.33.1
Vostro 5301: before 1.36.1
Vostro 3910: before 1.28.0
Vostro 3710: before 1.28.0
Vostro 3501: before 1.35.0
Vostro 3500: before 1.34.0
Vostro 3401: before 1.35.0
Vostro 3400: before 1.34.0
Vostro 3030S: before 1.12.0
Vostro 3030: before 1.12.0
Vostro 3020 Tower Desktop: before 1.22.0
Vostro 3020 Small Desktop: before 1.22.0
Vostro 16 5630: before 1.19.0
Vostro 15 3510: before 1.34.0
Vostro 14 3440: before 1.10.0
Precision 5750: before 1.33.1
Precision 5550: before 1.33.1
Precision 3680 Tower: before 1.11.1
Precision 3660: before 2.22.0
Precision 3460 XE Small Form Factor / Precision 3460 Small Form Factor: before 3.12.0
Precision 3280 CFF: before 1.10.0
Precision 3260 XE Compact / Precision 3260 Compact: before 3.12.0
OptiPlex All-in-One 7410: before 1.22.0
OptiPlex AIO 7420: before 1.12.1
OptiPlex 5055 Ryzen CPU: before 1.14.0
OptiPlex 5055 Ryzen APU: before 1.14.0
OptiPlex 5055 A-Serial: before 1.14.0
Latitude Rugged 7220EX: before 1.42.0
Latitude 7220 Rugged Extreme: before 1.42.0
Latitude 5495: before 1.17.0
Latitude 3550: before 1.10.0
Latitude 3510: before 1.32.1
Latitude 3500: before 1.35.1
Latitude 3450: before 1.10.0
Latitude 3410: before 1.32.1
Latitude 3400: before 1.35.1
Latitude 3301: before 1.33.1
Inspiron 7706 2-in-1: before 1.33.1
Inspiron 7506 2-in-1: before 1.33.1
Inspiron 7501: before 1.31.1
Inspiron 7500: before 1.31.1
Inspiron 7400: before 1.36.1
Inspiron 7306 2-in-1: before 1.33.1
Inspiron 7300: before 1.36.1
Inspiron 5509: before 1.33.1
Inspiron 5502: before 1.33.1
Inspiron 5409: before 1.33.1
Inspiron 5406 2-in-1: before 1.33.1
Inspiron 5402: before 1.33.1
Inspiron 5301: before 1.36.1
Inspiron 3910: before 1.28.0
Inspiron 3501: before 1.35.0
Inspiron 3030S: before 1.12.0
Inspiron 3030: before 1.12.0
Inspiron 27 7730 All-in-One: before 1.9.0
Inspiron 27 7720 All-in-One: before 1.16.1
Inspiron 24 5430 All-in-One: before 1.9.0
Inspiron 24 5420 All-in-One: before 1.16.1
Inspiron 16 Plus 7640: before 1.12.0
Inspiron 16 7640 2-in-1: before 1.9.0
Inspiron 16 7630 2-in-1: before 1.19.0
Inspiron 16 5630: before 1.19.0
Inspiron 16 5620: before 1.26.0
Inspiron 15 3511: before 1.34.0
Inspiron 14 Plus 7440: before 1.12.0
Inspiron 14 7440 2-in-1: before 1.10.0
Inspiron 14 7430 2-in-1: before 1.19.0
Inspiron 14 5440: before 1.10.0
Inspiron 14 5430: before 1.19.0
Inspiron 14 5420: before 1.26.0
Dell G15 5511: before 1.34.0
Dell G15 5510: before 1.30.0
ChengMing 3910/3911: before 1.22.0
ChengMing 3900: before 1.28.0
Alienware m16 R2: before 1.9.0
CPE2.3- cpe:2.3:h:dell:xps_8940:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_17_9700:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_15_9500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9315:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9310_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9310:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9300:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_7390_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_7390:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9305:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_7500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5620:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5502:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5402:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3910:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3710:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3401:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3030s:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3030:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3020_tower_desktop:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3020_small_desktop:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_16_5630:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_15_3510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_14_3440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_5750:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_5550:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3680_tower:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3660:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3460_xe_small_form_factor__precision_3460_small_form_factor:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3280_cff:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3260_xe_compact__precision_3260_compact:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_all-in-one_7410:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_aio_7420:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_ryzen_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_ryzen_apu:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_a-serial:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_rugged_7220ex:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_7220_rugged_extreme:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_5495:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3550:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3450:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3410:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7706_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7506_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7306_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7300:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5509:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5502:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5409:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5406_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5402:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3910:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3030s:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3030:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_27_7730_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_27_7720_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_24_5430_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_24_5420_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_plus_7640:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_7640_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_7630_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_5630:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_5620:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_15_3511:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_plus_7440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_7440_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_7430_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5430:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5420:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:dell_g15_5511:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:dell_g15_5510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:chengming_3910_3911:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:chengming_3900:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:alienware_m16_r2:*:*:*:*:*:*:*:*
https://www.dell.com/support/kbdoc/nl-nl/000250484/dsa-2025-020
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU89861
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-4741
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the SSL_free_buffers() function. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
Note, the vulnerability affects only applications that call the vulnerable function.
Install update from vendor's website.
Vulnerable software versionsXPS 8940: before 2.25.0
XPS 17 9700: before 1.33.1
XPS 15 9500: before 1.33.1
XPS 13 9315: before 1.26.0
XPS 13 9310 2-in-1: before 2.29.1
XPS 13 9310: before 3.27.1
XPS 13 9300: before 1.27.1
XPS 13 7390 2-in-1: before 1.34.1
XPS 13 7390: before 1.28.1
XPS 13 9305: before 1.26.1
Vostro 7500: before 1.31.1
Vostro 5620: before 1.26.0
Vostro 5502: before 1.33.1
Vostro 5402: before 1.33.1
Vostro 5301: before 1.36.1
Vostro 3910: before 1.28.0
Vostro 3710: before 1.28.0
Vostro 3501: before 1.35.0
Vostro 3500: before 1.34.0
Vostro 3401: before 1.35.0
Vostro 3400: before 1.34.0
Vostro 3030S: before 1.12.0
Vostro 3030: before 1.12.0
Vostro 3020 Tower Desktop: before 1.22.0
Vostro 3020 Small Desktop: before 1.22.0
Vostro 16 5630: before 1.19.0
Vostro 15 3510: before 1.34.0
Vostro 14 3440: before 1.10.0
Precision 5750: before 1.33.1
Precision 5550: before 1.33.1
Precision 3680 Tower: before 1.11.1
Precision 3660: before 2.22.0
Precision 3460 XE Small Form Factor / Precision 3460 Small Form Factor: before 3.12.0
Precision 3280 CFF: before 1.10.0
Precision 3260 XE Compact / Precision 3260 Compact: before 3.12.0
OptiPlex All-in-One 7410: before 1.22.0
OptiPlex AIO 7420: before 1.12.1
OptiPlex 5055 Ryzen CPU: before 1.14.0
OptiPlex 5055 Ryzen APU: before 1.14.0
OptiPlex 5055 A-Serial: before 1.14.0
Latitude Rugged 7220EX: before 1.42.0
Latitude 7220 Rugged Extreme: before 1.42.0
Latitude 5495: before 1.17.0
Latitude 3550: before 1.10.0
Latitude 3510: before 1.32.1
Latitude 3500: before 1.35.1
Latitude 3450: before 1.10.0
Latitude 3410: before 1.32.1
Latitude 3400: before 1.35.1
Latitude 3301: before 1.33.1
Inspiron 7706 2-in-1: before 1.33.1
Inspiron 7506 2-in-1: before 1.33.1
Inspiron 7501: before 1.31.1
Inspiron 7500: before 1.31.1
Inspiron 7400: before 1.36.1
Inspiron 7306 2-in-1: before 1.33.1
Inspiron 7300: before 1.36.1
Inspiron 5509: before 1.33.1
Inspiron 5502: before 1.33.1
Inspiron 5409: before 1.33.1
Inspiron 5406 2-in-1: before 1.33.1
Inspiron 5402: before 1.33.1
Inspiron 5301: before 1.36.1
Inspiron 3910: before 1.28.0
Inspiron 3501: before 1.35.0
Inspiron 3030S: before 1.12.0
Inspiron 3030: before 1.12.0
Inspiron 27 7730 All-in-One: before 1.9.0
Inspiron 27 7720 All-in-One: before 1.16.1
Inspiron 24 5430 All-in-One: before 1.9.0
Inspiron 24 5420 All-in-One: before 1.16.1
Inspiron 16 Plus 7640: before 1.12.0
Inspiron 16 7640 2-in-1: before 1.9.0
Inspiron 16 7630 2-in-1: before 1.19.0
Inspiron 16 5630: before 1.19.0
Inspiron 16 5620: before 1.26.0
Inspiron 15 3511: before 1.34.0
Inspiron 14 Plus 7440: before 1.12.0
Inspiron 14 7440 2-in-1: before 1.10.0
Inspiron 14 7430 2-in-1: before 1.19.0
Inspiron 14 5440: before 1.10.0
Inspiron 14 5430: before 1.19.0
Inspiron 14 5420: before 1.26.0
Dell G15 5511: before 1.34.0
Dell G15 5510: before 1.30.0
ChengMing 3910/3911: before 1.22.0
ChengMing 3900: before 1.28.0
Alienware m16 R2: before 1.9.0
CPE2.3- cpe:2.3:h:dell:xps_8940:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_17_9700:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_15_9500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9315:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9310_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9310:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9300:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_7390_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_7390:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9305:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_7500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5620:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5502:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5402:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3910:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3710:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3401:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3030s:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3030:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3020_tower_desktop:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3020_small_desktop:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_16_5630:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_15_3510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_14_3440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_5750:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_5550:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3680_tower:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3660:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3460_xe_small_form_factor__precision_3460_small_form_factor:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3280_cff:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3260_xe_compact__precision_3260_compact:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_all-in-one_7410:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_aio_7420:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_ryzen_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_ryzen_apu:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_a-serial:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_rugged_7220ex:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_7220_rugged_extreme:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_5495:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3550:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3450:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3410:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7706_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7506_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7306_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7300:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5509:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5502:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5409:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5406_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5402:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3910:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3030s:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3030:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_27_7730_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_27_7720_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_24_5430_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_24_5420_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_plus_7640:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_7640_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_7630_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_5630:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_5620:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_15_3511:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_plus_7440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_7440_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_7430_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5430:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5420:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:dell_g15_5511:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:dell_g15_5510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:chengming_3910_3911:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:chengming_3900:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:alienware_m16_r2:*:*:*:*:*:*:*:*
https://www.dell.com/support/kbdoc/nl-nl/000250484/dsa-2025-020
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource exhaustion
EUVDB-ID: #VU88211
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-2511
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to unbounded memory growth when processing TLSv1.3 sessions. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
Successful exploitation of the vulnerability requires that the non-default SSL_OP_NO_TICKET option is being used in TLSv1.3.
Install update from vendor's website.
Vulnerable software versionsXPS 8940: before 2.25.0
XPS 17 9700: before 1.33.1
XPS 15 9500: before 1.33.1
XPS 13 9315: before 1.26.0
XPS 13 9310 2-in-1: before 2.29.1
XPS 13 9310: before 3.27.1
XPS 13 9300: before 1.27.1
XPS 13 7390 2-in-1: before 1.34.1
XPS 13 7390: before 1.28.1
XPS 13 9305: before 1.26.1
Vostro 7500: before 1.31.1
Vostro 5620: before 1.26.0
Vostro 5502: before 1.33.1
Vostro 5402: before 1.33.1
Vostro 5301: before 1.36.1
Vostro 3910: before 1.28.0
Vostro 3710: before 1.28.0
Vostro 3501: before 1.35.0
Vostro 3500: before 1.34.0
Vostro 3401: before 1.35.0
Vostro 3400: before 1.34.0
Vostro 3030S: before 1.12.0
Vostro 3030: before 1.12.0
Vostro 3020 Tower Desktop: before 1.22.0
Vostro 3020 Small Desktop: before 1.22.0
Vostro 16 5630: before 1.19.0
Vostro 15 3510: before 1.34.0
Vostro 14 3440: before 1.10.0
Precision 5750: before 1.33.1
Precision 5550: before 1.33.1
Precision 3680 Tower: before 1.11.1
Precision 3660: before 2.22.0
Precision 3460 XE Small Form Factor / Precision 3460 Small Form Factor: before 3.12.0
Precision 3280 CFF: before 1.10.0
Precision 3260 XE Compact / Precision 3260 Compact: before 3.12.0
OptiPlex All-in-One 7410: before 1.22.0
OptiPlex AIO 7420: before 1.12.1
OptiPlex 5055 Ryzen CPU: before 1.14.0
OptiPlex 5055 Ryzen APU: before 1.14.0
OptiPlex 5055 A-Serial: before 1.14.0
Latitude Rugged 7220EX: before 1.42.0
Latitude 7220 Rugged Extreme: before 1.42.0
Latitude 5495: before 1.17.0
Latitude 3550: before 1.10.0
Latitude 3510: before 1.32.1
Latitude 3500: before 1.35.1
Latitude 3450: before 1.10.0
Latitude 3410: before 1.32.1
Latitude 3400: before 1.35.1
Latitude 3301: before 1.33.1
Inspiron 7706 2-in-1: before 1.33.1
Inspiron 7506 2-in-1: before 1.33.1
Inspiron 7501: before 1.31.1
Inspiron 7500: before 1.31.1
Inspiron 7400: before 1.36.1
Inspiron 7306 2-in-1: before 1.33.1
Inspiron 7300: before 1.36.1
Inspiron 5509: before 1.33.1
Inspiron 5502: before 1.33.1
Inspiron 5409: before 1.33.1
Inspiron 5406 2-in-1: before 1.33.1
Inspiron 5402: before 1.33.1
Inspiron 5301: before 1.36.1
Inspiron 3910: before 1.28.0
Inspiron 3501: before 1.35.0
Inspiron 3030S: before 1.12.0
Inspiron 3030: before 1.12.0
Inspiron 27 7730 All-in-One: before 1.9.0
Inspiron 27 7720 All-in-One: before 1.16.1
Inspiron 24 5430 All-in-One: before 1.9.0
Inspiron 24 5420 All-in-One: before 1.16.1
Inspiron 16 Plus 7640: before 1.12.0
Inspiron 16 7640 2-in-1: before 1.9.0
Inspiron 16 7630 2-in-1: before 1.19.0
Inspiron 16 5630: before 1.19.0
Inspiron 16 5620: before 1.26.0
Inspiron 15 3511: before 1.34.0
Inspiron 14 Plus 7440: before 1.12.0
Inspiron 14 7440 2-in-1: before 1.10.0
Inspiron 14 7430 2-in-1: before 1.19.0
Inspiron 14 5440: before 1.10.0
Inspiron 14 5430: before 1.19.0
Inspiron 14 5420: before 1.26.0
Dell G15 5511: before 1.34.0
Dell G15 5510: before 1.30.0
ChengMing 3910/3911: before 1.22.0
ChengMing 3900: before 1.28.0
Alienware m16 R2: before 1.9.0
CPE2.3- cpe:2.3:h:dell:xps_8940:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_17_9700:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_15_9500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9315:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9310_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9310:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9300:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_7390_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_7390:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:xps_13_9305:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_7500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5620:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5502:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5402:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_5301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3910:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3710:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3401:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3030s:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3030:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3020_tower_desktop:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_3020_small_desktop:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_16_5630:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_15_3510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:vostro_14_3440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_5750:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_5550:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3680_tower:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3660:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3460_xe_small_form_factor__precision_3460_small_form_factor:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3280_cff:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:precision_3260_xe_compact__precision_3260_compact:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_all-in-one_7410:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_aio_7420:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_ryzen_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_ryzen_apu:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:optiplex_5055_a-serial:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_rugged_7220ex:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_7220_rugged_extreme:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_5495:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3550:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3450:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3410:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:latitude_3301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7706_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7506_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7500:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7400:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7306_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_7300:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5509:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5502:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5409:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5406_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5402:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_5301:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3910:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3501:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3030s:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_3030:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_27_7730_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_27_7720_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_24_5430_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_24_5420_all-in-one:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_plus_7640:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_7640_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_7630_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_5630:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_16_5620:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_15_3511:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_plus_7440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_7440_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_7430_2-in-1:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5440:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5430:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:inspiron_14_5420:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:dell_g15_5511:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:dell_g15_5510:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:chengming_3910_3911:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:chengming_3900:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:alienware_m16_r2:*:*:*:*:*:*:*:*
https://www.dell.com/support/kbdoc/nl-nl/000250484/dsa-2025-020
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
