PT-2025-31248 · Ibm · Ibm Db2 For Linux

Published

2025-07-29

·

Updated

2025-07-29

·

CVE-2025-33092

Report an issue
CVSS v3.1
7.8
VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions:

IBM Db2 for Linux versions 12.1.0 through 12.1.2

Description:

IBM Db2 for Linux is susceptible to a stack-based buffer overflow within the `db2fm` component. This issue stems from inadequate bounds checking, potentially allowing a local user to overflow a buffer and execute arbitrary code on the system.

Recommendations:

Update IBM Db2 for Linux version 12.1.0 to a later version.

Update IBM Db2 for Linux version 12.1.1 to a later version.

Update IBM Db2 for Linux version 12.1.2 to a later version.

Fix

Stack Overflow

Weakness Enumeration

CWE-121

Related Identifiers

CVE-2025-33092

Affected Products

Ibm Db2 For Linux