Primary

Context

IBM Db2 Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in IBM Db2 for Linux, UNIX, and Windows, including Db2 Connect Server. This issue affects versions 10.5.0.0 prior to 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2. The vulnerability arises because the server may crash under certain conditions when processing specially crafted queries.

Impact

Exploitation of this vulnerability can lead to a server crash, causing a denial-of-service condition.

Remediation

Users can download special builds containing the interim fix for this vulnerability from IBM Fix Central. These builds are available for the latest mod pack levels of each impacted release: V10.5 FP11, V11.1.4 FP7, V11.5.9, V12.1.1, and V12.1.2.

Added: Jul 29, 2025, 7:36 PM

Updated: Jul 29, 2025, 7:36 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Db2 Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Db2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating