News
Abstract
This document contains a list of fixes for Security and HIPER APARs in DB2 Version 11.5.
Content
A set of security vulnerabilities was discovered in some DB2 database products. These vulnerabilities were analyzed by the DB2 development organization and a set of corresponding fixes was created to address the reported issues. IBM is not currently aware of any externally reported incidents where production DB2 installations have been compromised due to these issues.
The affected DB2 UDB for Linux, UNIX, and Windows products are:
DB2 Connect Server (all Editions)
DB2 Developer Edition
DB2 Enterprise Server (all Editions)
DB2 Express Server (all Editions)
DB2 Workgroup Server (all Editions)
DB2 Client component and DB2 products or components other than those listed above are not affected.
Due to the complexity of the fixes required to eliminate the reported service issues, it is not feasible to retrofit the same fixes into earlier DB2 Version 11.5 fix packs.
The affected DB2 UDB for Linux, UNIX, and Windows products are:
DB2 Connect Server (all Editions)
DB2 Developer Edition
DB2 Enterprise Server (all Editions)
DB2 Express Server (all Editions)
DB2 Workgroup Server (all Editions)
DB2 Client component and DB2 products or components other than those listed above are not affected.
Due to the complexity of the fixes required to eliminate the reported service issues, it is not feasible to retrofit the same fixes into earlier DB2 Version 11.5 fix packs.
Select a Fix Pack: m4fp0, m5fp0, m5fp1, m6fp0,m7fp0, m8fp0, , m9fp0
| DB2 Version 11.5 Mod 9 Fix Pack 0 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| DT242836 | Security: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Db2 (Apr 2023 CPU) | ||||
| DT207549 | Security: Db2 is vulnerable to denial of service with a specially crafted XML query statement (CVE-2023-38728) | ||||
| DT224814 | Security: Db2 is vulnerable to a denial of service under certain conditions when creating a table (CVE-2023-38740) | ||||
| DT215667 | Security: Specially crafted ALTER TABLE may cause abnormal termination of Db2 server (CVE-2023-38720) | ||||
| DT174494 | Security: Db2 server may terminate abnormally when issuing a specially crafted query statement (CVE-2023-40374) | ||||
| DT174378 | Security: Db2 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF (CVE-2023-38719) | ||||
| DT223175 | Security: Db2 is affected by a vulnerability in GSKit (CVE-2023-32342) | ||||
| DT208544 | Security: Db2 is vulnerable to denial of service with a specially crafted query (CVE-2023-30991) | ||||
| DT208397 | SECURITY: IBM Db2 is vulnerable to information disclosure due to improper privilege management when certain federation features are used. (CVE-2023-29256) | ||||
| DT215550 | Security: IBM Db2 is vulnerable to remote code execution. (CVE-2023-35012) | ||||
| DT173255 | Security: IBM Db2 is vulnerable to denial of service with a specially crafted query on certain tables. (CVE-2023-30448) | ||||
| DT188878 | Security: IBM Db2 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally (CVE-2023-25930) | ||||
| DT187940 | Security: IBM Db2 federated server is vulnerable to a denial of service when using a specially crafted wrapper using certain options. (CVE-2023-30442). | ||||
| DT236965 | Security: A vulnerability in libqb affects Db2 High-Availability deployments using Pacemaker (CVE-2023-39976) | ||||
| DT197671 | Security: IBM Db2 on Windows is vulnerable to privilege escalation. (CVE-2023-27558) | ||||
| DT198274 | Security: IBM Db2 db2set is vulnerable to arbitrary code execution. (CVE-2023-30431) | ||||
| DT208180 | Security: IBM Db2 is vulnerable to remote code execution. (CVE-2023-29257) | ||||
| DT209578 | Security: Db2 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. (CVE-2023-40372) | ||||
| DT211379 | Security: IBM Db2 JDBC driver is vulnerable to arbitrary code execution. (CVE-2023-27867, CVE-2023-27868, CVE-2023-27869) | ||||
| DT212934 | Security: Db2 is vulnerable to denial of service with a specially crafted query containing common table expressions (CVE-2023-40373) | ||||
| DT173476 | Security: IBM Db2 for LUW is vulnerable to insufficient audit logging (CVE-2023-23487) | ||||
| DT160619 | Security: IBM Db2 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query. (CVE-2023-26021) | ||||
| DT188352 | Security: IBM Db2 is vulnerable to denial of service with a specially crafted query on certain tables. (CVE-2023-30447) | ||||
| DT188887 | Security: IBM Db2 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. (CVE-2023-27555) | ||||
| DT188141 | Security: Db2 server may terminate abnormally when using a specially crafted query on certain databases. (CVE-2023-30987) | ||||
| DT203400 | Security: IBM DB2 is vulnerable to denial of service with a specially crafted query on certain tables. (CVE-2023-30446) | ||||
| DT173447 | Security: IBM Db2 is vulnerable to denial of service with a specially crafted query. (CVE-2023-30443) | ||||
| DT174584 | Security: IBM Db2 is vulnerable to denial of service with a specially crafted query on certain tables. (CVE-2023-30445) | ||||
| DT178597 | Security: IBM Db2 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block (CVE-2023-29255) | ||||
| DT189181 | Security: IBM Db2 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. (CVE-2023-27559) | ||||
| DT173007 | Security: IBM Db2 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. (CVE-2022-43929) | ||||
| DT173489 | Security: IBM Db2 is vulnerable to an information disclosure vulnerability due to improper privilege management when a specially crafted table access is used (CVE-2022-43927) | ||||
| DT173780 | Security: IBM Db2 Connect Server is affected by an HTTPclient vulnerability (CVE-2014-3577) | ||||
| DT174059 | Security: IBM Db2 on Windows is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file. (CVE-2022-43930) | ||||
| DT188693 | Security: IBM Db2 is vulnerable to a denial of service as the server may crash when an Out of Memory occurs. (CVE-2023-26022) | ||||
| DT173793 | Security: IBM Db2 is vulnerable to denial of service with a specially crafted query. (CVE-2023-30449) | ||||
| HIPER APARs | |||||
| DT214149 | Subquery with FETCH FIRST n ROWS and OLAP function but without ORDER BY on column-organized tables might return more rows than expected | ||||
| DT197954 | A multi-join query involving column-organized tables and join predicates with complex expressions might yield incorrect results. | ||||
| DT212891 | Data loss while ADMIN_MOVE_TABLE possible | ||||
| DT168757 | WRONG RESULT WHEN GROUP BY COL IS MISSING | ||||
| DT172317 | Db2 query may generate Incorrect result when tables have Referential Integrity(RI) relation. | ||||
| DT170011 | Using external UDF in recursive query executes only once and returns wrong number of rows | ||||
| DT170035 | GET DB CFG traps if using DB2NODE to fetch data from a remote node | ||||
| DT147383 | INVALID DATE FORMAT WHEN INSERTING DATES | ||||
| DB2 Version 11.5 Mod 8 Fix Pack 0 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| DT147525 | IT39584: SECURITY: A VULNERABILITY IN 2.17.0 APACHE LOG4J AFFECTS DB2 (CVE-2021-44832) | ||||
| DT148433 | IT39389: SECURITY: APACHE LOG4J REMOTE CODE EXECUTION - LOG4SHELL (CVE-2021-44228, CVE-2021-4104) | ||||
| DT147897 | IT39474: SECURITY: MULTIPLE VULNERABILITIES IN APACHE LOG4J AFFECT SOME FEATURES OF IBM DB2 (CVE-2021-45046, CVE-2021-45105) | ||||
| DT147923 | IT40217: SECURITY: IBM DB2 IS VULNERABLE TO UNAUTHORIZED ACCESS (CVE-2022-22390) | ||||
| DT148452 | IT40210: SECURITY: IBM DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2022-22389) | ||||
| DT148670 | IT40879: SECURITY: IBM DB2 IS VULNERABLE TO AN INFORMATION DISCLOSURE DUETO UNAUTHORIZED ACCESS. (CVE-2022-22483) | ||||
| DT147955 | IT41312: SECURITY: IBM DB2 IS VULNERABLE TO A DENIAL OF SERVICE AFTER ENTERING A MALFORMED SQL STATEMENT INTO THE DB2EXPLN TOOL (CVE-2022-35637) | ||||
| HIPER APARs | |||||
| DT132779 | IT40083: WRONG RESULT IS POSSIBLE IN COLUMNAR QUERY WITH REAL, FLOAT, OR DOUBLE COLUMNS AND RANGE PREDICATES WITH NEGATIVE VALUES | ||||
| DT132780 | IT39950: IN RARE JOIN ON COLUMNAR TABLES COULD LOOSE ROWS | ||||
| DT147378 | IT40913: INCORRECT RESULT WHEN DB2 QUERY HAS EQUAL PREDICATES WITH CONSTANTS | ||||
| DT147549 | IT40762: INCORRECT RESULT WITH QUERY HAVING UNION | ||||
| DT148485 | IT41140: WRONG RESULT WHEN PREDICATE WITH CONSTANT ON AGGREGATE FUNCTION WITH CASE. | ||||
| DT148506 | IT41713: INCORRECT RESULT WHEN CORRELATED PREDICATE ON PRIMARY KEY OF A TABLE. | ||||
| DT148298 | IT41314: WRONG RESULT WHEN SORT WITH FETCH FIRST N ROWS IS DONE IN COLUMNAR LOGIC | ||||
| DT148510 | IT41821: QUERY WITH "WHERE RID() = |
||||
| DB2 Version 11.5 Mod 7 Fix Pack 0 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IT37712 | SECURITY: IBM DB2 MAY BE VULNERABLE TO AN INFORMATION DISCLOSURE UNDER CERTAIN CIRCUMSTANCES WITH LOAD UTILITY (CVE-2021-20373) | ||||
| IT37939 | SECURITY: IBM DB2 MAY BE VULNERABLE TO AN iNFORMATION DISCLOSURE (CVE-2021-29678) | ||||
| IT38463 | SECURITY: ADMINISTRATIVE TASK SCHEDULER IS VULNERABLE TO A PRIVILEGE ESCALATION (CVE-2021-38926) | ||||
| IT38561 | SECURITY: INDIRECT READ ACCESS TO A TABLE THAT THE USER IS NOT AUTHORIZED TO SELECT FROM (CVE-2021-38931) | ||||
| IT38817 | SECURITY: CLIENT ENCRYPTION SETTINGS ARE NOT PRESERVED ON A FAIL OVER/RECONNECT RESULTING IN A DATA EXPOSURE (CVE-2021-39002) | ||||
| IT37254 | SECURITY: IBM DB2 IS VULNERABLE TO AN INFORMATION DISCLOSURE (CVE-2021-29752) | ||||
| IT36906 | SECURITY: IBM DB2 IS VULNERABLE TO A DENIAL OF SERVICE UNDER SPECIFIC CONDITIONS (CVE-2021-29763) | ||||
| IT37213 | SECURITY: DB2 EXPOSES SENSITIVE INFORMATION WHEN USING ADMIN_CMD WITH LOAD OR BACKUP (CVE-2021-29825) | ||||
| IT36907 | SECURITY: IBM DB2 IS VULNERABLE TO WEAK FILE PERMISSIONS ALLOWING ACCESS TO SPECIFIC FILES (CVE-2020-4976) | ||||
| HIPER APARs | |||||
| IT37081 | INCONSISTENT OLAP RESULTS ON COLUMNAR TABLES IN AN MPP ENVIRONMENT | ||||
| IT37105 | INTERMITTENT ISSUE IN ST_UNION RESULTING IN WRONG M VALUES | ||||
| IT37911 | INNER JOIN OF AT LEAST 4 COLUMN-ORGANIZED TABLES MIGHT RETURN WRONG RESULTS UNDER SPECIFIC CONDITIONS | ||||
| IT38549 | WRONG RESULT WHEN SUBSELECT WITH SCALAR AGGREGATE REFERENCED MULTIPLE TIMES | ||||
| IT38996 | INSERTING DECIMAL MINUS ZERO INTO COLUMN ORGANIZED TABLE LEADS TO WRONG RESULT ON POWERPC | ||||
| IT39109 | BCD DECIMAL USING 0XF FOR SIGN NIBBLE MIGHT GET CONVERTED TO NEGATIVE VALUE | ||||
| IT38400 | INCORRECT RESULT WHEN DB2 QUERY HAS EXISTS SUB QUERY WITH IS NULL PREDICATE | ||||
| IT38399 | WRONG RESULT WHEN DB2 QUERY HAS CORRELATED EXISTS PREDICATE | ||||
| IT37674 | WRONG RESULTS FROM SELECT COUNT QUERY ON "ORGANIZE BY COLUMN" TABLE | ||||
| IT36682 | QUERY WITH INDEX SCAN ON A COLUMNAR TABLE WHICH IS UNDER A UNION MAY GET INCORRECT RESULT | ||||
| DB2 Version 11.5 Mod 6 Fix Pack 0 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IT36026 | SECURITY: IBM DB2 IS VULNERABLE TO A DOS WHEN A TABLE IS DROPPED WHILE BEING ACCESSED IN ANOTHER SESSION (CVE-2021-29777) | ||||
| IT36475 | SECURITY: IBM DB2 MAY BE VULNERABLE TO AN INFO. DISC. IN SOME CASES WHEN A USER CREATES AN INLINE SQL FUNC. (CVE-2021-20579) | ||||
| IT34964 | SECURITY: IBM DB2 IS VULNERABLE TO AN ARBITRARY FILE OVERWRITE (CVE-2020-4945) | ||||
| IT34966 | SECURITY: DB2 EXTERNAL TABLE CREATION IS VULNERABLE TO RACE CONDITION ATTACK (CVE-2020-4885) | ||||
| IT36413 | SECURITY: MULTIPLE VULNERABILITIES IN DEPENDENT LIBRARIES AFFECT DB2 (CVE-2020-27216) | ||||
| IT36279 | SECURITY: LOCAL PRIVILEGE ESCALATION IN IBM DB2 WINDOWS CLIENT (CVE-2020-4739) | ||||
| HIPER APARs | |||||
| DT147089 | IT29574: WRONG RESULT MIGHT OUTPUT FROM QUERIES WITH INNER JOINS AND CORRELATED EXISTS SUB-QUERIES CONTAINING OUTER JOINS | ||||
| IT35685 | QUERY WITH 'ORDER BY' AND REFERENCING A COMMON SUBEXPRESSION OVER COLUMN-ORGANIZED TABLES MAY RETURN ROWS IN THE WRONG ORDER | ||||
| IT35926 | WRONG RESULT WITH MULTIDIMENSIONAL CLUSTERING (MDC) TABLE AND ZIGZAG JOIN (ZZJN) | ||||
| IT36818 | POSSIBLE DATA LOSS IF DELETE AND RUNSTATS/REORG ARE IN A SINGLE TRANSACTION AND THE TRANSACTION IS THEN ROLLEDBACK | ||||
| IT35891 | WRONG RESULT MIGHT BE RETURNED WHEN SUBSTR WITH IF ELSE CLAUSES WAS USED AND THE COLUMN WAS CREATED IN CODEUNIT32 | ||||
| IT36924 | IN A RARE SCENARIO THE ERROR COULD BE LOST AND INSTEAD EITHER NULL OR SQL0901N RETURNED | ||||
| IT36937 | IF ROW BEING SORTED IS VERY WIDE MEMORY OVERWRITES OR WRONG RESULTS ARE POSSIBLE. | ||||
| IT37079 | COUNT DISTINCT QUERIES AGAINST COLUMNAR ORGANIZED TABLES COULD RETURN INCORRECT RESULTS | ||||
| IT33777 | BUILD IN FUNCTION "DATE_PART" MIGHT RETURN AN INCORRECT RESULT OF WEEK, I.E. DATE_PART('WEEK', '2020-03-09') | ||||
| IT35943 | WRONG RESULT: QUERIES REFERENCING AN EXISTS SUB-QUERY WITH FETCH FIRST 1 ROW REFERENCED IN A CASE STATEMENT IN THE SELECT LIST | ||||
| DB2 Version 11.5 Mod 5 Fix Pack 1 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IT34294 | SECURITY: IBM® DB2® IS VULNERABLE TO A DENIAL OF SERVICE ON WINDOWS (CVE-2020-4642) | ||||
| IT35289 | SECURITY: IBM DB2 CLIENT MAY HANG IN THE EXECUTION OF THE TERMINATE COMMAND (CVE-2020-5024) | ||||
| IT35303 | SECURITY: IBM DB2 DB2FM IS VULNERABLE TO A BUFFER OVERFLOW (CVE-2020-5025) | ||||
| IT35445 | SECURITY: DB2 CREATES SOME FILES WITH INSECURE PERMISSIONS (CVE-2020-4976) | ||||
| IT34862 | SECURITY: IBM DB2 IS VULNERABLE TO A DENIAL OF SERVICE WHEN EXECUTING A SPECIFICALLY CRAFTED SELECT STATEMENT. (CVE-2021-29702) | ||||
| HIPER APARs | |||||
| IT34613 | INCORRECT RESULTS WITH DB2_EXTENDED_OPTIMIZATION='MQTENFORCE REPLICATED' | ||||
| IT34960 | DATE PRECISION IS LOST WHEN REMOTE SQL SHIPPED TO FEDERATED DB AND RESULTS IN 0 ROWS. | ||||
| IT34658 | DB2 QUERY MAY GENERATE FODC AND APP_ERR OR WRONG RESULT IN CERTAIN CONDITIONS | ||||
| IT34940 | WRONG RESULT WHEN EQUALITY PREDICATE HAS IS NOT NULL WITH FALSE ON OTHER SIDE. | ||||
| IT35377 | WRONG RESULT IN A VERY SPECIFIC PLAN/SPECIFIC DATA FLOW WITH NLJN AND DATAPART TABLE ON THE INNER AND NULL KEYS. | ||||
| IT35198 | A QUERY ON COLUMNAR TABLES MAY RETURN MORE ROWS THAN EXPECTED | ||||
| DB2 Version 11.5 Mod 5 Fix Pack 0 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IT34614 | SECURITY: MULTIPLE BUFFER OVERFLOW VULNERABILITIES AFFECT DB2 | ||||
| IT34221 | SECURITY: LOCAL PRIVILEGE ESCALATION IN IBM DB2 WINDOWS CLIENT | ||||
| HIPER APARs | |||||
| IT32992 | WRONG RESULT, WHEN OPTIMIZATION LEVEL IS LESS THAN 5 AND NULL EQUALS NULL PREDICATE | ||||
| IT33525 | INACCURATE RESULT OF DECIMAL DIVISION ON NON-AIX PLATFORM | ||||
| DB2 Version 11.5 Mod 4 Fix Pack 0 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IT32357 | SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION | ||||
| IT32363 | SECURITY: IBM® DB2® LUW IS VULNERABLE TO A DENIAL OF SERVICE ATTACK | ||||
| IT32689 | SECURITY: IBM DB2 IS VULNERABLE TO AN INFORMATION DISCLOSURE | ||||
| IT32714 | SECURITY: IBM® DB2® IS VULNERABLE TO AN INFORMATION DISCLOSURE | ||||
| IT32716 | SECURITY: IBM DB2 IS VULNERABLE TO AN INFORMATION DISCLOSURE AND DENIAL OF SERVICE | ||||
| IT32766 | SECURITY - DB2 IS VULNERABLE TO A DENIAL OF SERVICE ATTACK | ||||
| IT31637 | SECURITY: DB2 IS VULNERABLE TO MULTIPLE BUFFER OVERFLOWS (CVE-2020-4204) | ||||
| HIPER APARs | |||||
| IT29945 | 10 CHAR VALUE CAN BE INSERTED INTO VARGRAPHIC(5 CODEUNITS32).THIS SHOULD FAIL WITH SQL0433N ERROR. | ||||
| IT31634 | WRONG RESULT IN UPDATE STATEMENT HAVING CORRELATION. | ||||
| IT32195 | IF THE ROW WIDTH PROCESSED BY A PARTIAL AGGREGATION OPERATOR IS MORE THEN 32K THEN WE COULD GENERATE INCORRECT RESULTS | ||||
| IT33218 | DB2 SERVER TERMINATES ABNORMALLY IN THE SQLDFETCHLARGEROW FUNCTION WITH DB2_4K_DEVICE_SUPPORT=ON SET. | ||||
DB2 fix packs for all supported versions can be downloaded at the following site: http://www.ibm.com/support/docview.wss?uid=swg27007053
The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered issues along with information that helps our customers to decide on an appropriate course of action. The DB2 team regrets the inconvenience that these issues are causing to you, our customers. We believe that our actions are the most prudent steps to address your concerns and remain open to suggestions on how to further improve our processes.
The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered issues along with information that helps our customers to decide on an appropriate course of action. The DB2 team regrets the inconvenience that these issues are causing to you, our customers. We believe that our actions are the most prudent steps to address your concerns and remain open to suggestions on how to further improve our processes.
My Notifications
Sign-up to receive e-mail notification of changes to this document.
1. Sign in to My Notifications
2. select Subscribe tab
3. select "Information Management" from the Software column
4. select the check box for "DB2 for Linux, UNIX and Windows"
click the Continue button.
5. select the check box for "Flashes" and all other document types
click the Submit button.
For more information about My Notifications please click on
- the Benefits and features or
- take a guided tour of My Notifications.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"ARM Category":[{"code":"a8m500000008PkpAAE","label":"OTHER - Uncategorised"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"11.5.0","Line of Business":{"code":"LOB10","label":"Data and AI"}},{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSEPDU","label":"Db2 Connect"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
21 November 2023
UID
ibm16242296