Out-of-Bounds Write Vulnerability in Dell PowerScale OneFS
CVE-2025-26479

3.1LOW

Key Information:

Vendor: Dell
Status: Powerscale Onefs
Vendor: CVE Published:; 10 April 2025

Summary

The latest security advisory reveals a vulnerability in Dell PowerScale OneFS affecting versions from 9.4.0.0 through 9.10.0.0. This out-of-bounds write vulnerability can potentially be exploited by attackers during NFS workflows, which may lead to severe data integrity issues. It is essential for users to apply the recommended security updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

PowerScale OneFS 9.4.0.0 <= 9.10.0.1

PowerScale OneFS 9.5.0.0 <= 9.5.1.2

PowerScale OneFS 9.7.0.0 <= 9.7.1.4

References

https://www.dell.com/support/kbdoc/en-us/000300860/dsa-20...

vendor-advisory

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 10, 2025
Vulnerability Reserved
Feb 11, 2025