CVE-2025-36010
BaseFortify
Publication date: 2025-07-29
Last updated on: 2025-08-06
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | db2 | 12.1.0 |
| ibm | db2 | 12.1.1 |
| ibm | db2 | 12.1.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-833 | The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in IBM Db2 for Linux versions 12.1.0, 12.1.1, and 12.1.2 allows an unauthenticated user to cause a denial of service (DoS) by triggering a deadlock. Executable segments within the software wait indefinitely for each other to release necessary locks, causing the system to hang and become unavailable. [1]
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service, meaning the affected IBM Db2 system can become unresponsive or unavailable. This can disrupt database operations and services relying on Db2, potentially causing downtime and affecting business continuity. There is no impact on confidentiality or integrity, but availability is highly affected. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve checking if Db2 audit processes are running, as they may trigger the deadlock causing the denial of service. You can use the following commands to check and manage audit processes: for database-level audit, run `db2 audit database remove policy`; for instance-level audit, run `db2audit stop`. Monitoring for symptoms of deadlock or denial of service in IBM Db2 12.1.0 through 12.1.2 on Linux may also help identify the issue. However, IBM does not disclose detailed replication steps or detection commands to avoid enabling attackers. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the special build interim fixes from IBM Fix Central: for version 12.1.1, apply special build #62100 or later; for version 12.1.2, apply the latest special build available. If the issue is caused by Db2 audit processes, stopping the audit can mitigate the problem using the commands `db2 audit database remove policy` for database-level audit or `db2audit stop` for instance-level audit. Additionally, resolving any underlying disk problems may help prevent the error. [1]