CVE-2011-1373

Name of the Vulnerable Software and Affected Versions IBM DB2 version 9.7 before FP5

Description The issue allows local users to cause a denial of service, resulting in a daemon crash, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE MEMORY setting are configured. The exact vectors used to exploit this issue are not specified.

Recommendations For IBM DB2 version 9.7 before FP5, update to FP5 or later to resolve the issue. As a temporary workaround, consider disabling the Self Tuning Memory Manager (STMM) feature or modifying the AUTOMATIC DATABASE MEMORY setting to minimize the risk of exploitation.