Primary

Context

IBM Db2 for Linux, UNIX and Windows Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in IBM Db2 for Linux, UNIX, and Windows, specifically in versions 12.1.0 and 12.1.1. Under certain conditions, the server may crash when processing a specially crafted query. This vulnerability arises from improper input validation, allowing malicious queries to disrupt server operations.

Impact

Exploitation of this vulnerability can lead to a server crash, causing a denial-of-service condition where the database becomes unavailable.

Remediation

Users can download a special build containing the interim fix for this vulnerability from IBM Fix Central. Special Build #50594 or later for Db2 version 12.1.0 is available, as well as Special Build #54779 or later for version 12.1.1.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Db2 for Linux, UNIX and Windows Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Db2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating