Primary

Context

IBM MQ Client Denial-of-Service Vulnerability via AMQRMPPA Channel Process

Vulnerability

A denial-of-service vulnerability has been identified in IBM MQ Client versions 9.3 and 9.4. When the client connects to an MQ Queue Manager, it can cause a segmentation fault (SIGSEGV) in the AMQRMPPA channel process, leading to the termination of that process.

Impact

Exploitation of this vulnerability causes the AMQRMPPA channel process to terminate unexpectedly, disrupting active message handling and potentially affecting overall queue manager performance.

Remediation

Users can upgrade to IBM MQ Appliance cumulative security update 9.4.0.12 or 9.4.3.0, depending on their current version. Instructions for downloading these updates are available on the IBM Support Fix Central website.

Added: Jul 11, 2025, 7:22 PM

Updated: Jul 11, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM MQ Client Denial-of-Service Vulnerability via AMQRMPPA Channel Process

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating