CVE-2023-38719

Name of the Vulnerable Software and Affected Versions IBM Db2 version 11.5

Description The issue exists due to insufficient input validation in the system, allowing an attacker to cause a denial of service. A local user with special privileges can exploit this during database deactivation on DPF, leading to a denial of service.

Recommendations For IBM Db2 version 11.5, consider restricting access to database deactivation on DPF to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the privileges of local users to prevent them from causing a denial of service during database deactivation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.