CVE-2024-22360

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) version 11.5

Description The issue is related to a denial of service that can be triggered by a specially crafted query on certain columnar tables. This can lead to remote attacks. There is no current exploit available, but it is recommended to patch as soon as possible.

Recommendations For IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) version 11.5, upgrade immediately to mitigate the risk of remote attacks. As a temporary workaround, consider restricting access to certain columnar tables until a patch is available.