Primary

Context

IBM Db2 for Linux Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in IBM Db2 for Linux versions 12.1.0, 12.1.1, and 12.1.2. This vulnerability could allow an unauthenticated user to cause a denial of service by creating a deadlock situation, where executable segments are waiting for each other to release a necessary lock.

Impact

Exploitation of this vulnerability can lead to a deadlock condition, causing a denial-of-service situation where the database becomes unresponsive or unavailable.

Remediation

Users can download a special build containing the interim fix for this issue from Fix Central. These special builds are available for Db2 versions 12.1.1 and 12.1.2. Instructions for downloading the latest special builds for Db2 version 12.1.2 are also available on the IBM Support page.

Added: Jul 29, 2025, 6:50 PM

Updated: Jul 29, 2025, 6:50 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

5.9

remediation

8.3

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

5.9

remediation

8.3

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Db2 for Linux Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Db2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating