CVE-2025-33132
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-28
Last updated on: 2025-11-06
Assigner: IBM Corporation
Description
Description
IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due to the incorrect calculation of the size of the data that is being pointed to.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| ibm | db2_high_performance_unload_load | From 5.1.0.0 (inc) to 6.1.0.0 (inc) |
| ibm | db2_high_performance_unload_load | 6.1.0.1 |
| ibm | db2_high_performance_unload_load | 6.1.0.2 |
| ibm | db2_high_performance_unload_load | 6.1.0.3 |
| ibm | db2_high_performance_unload_load | 6.5.0.0 |
| ibm | db2_high_performance_unload_load | 6.5.0.0 |
| ibm | aix | * |
| ibm | linux_on_ibm_z | * |
| microsoft | windows | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-467 | The code calls sizeof() on a pointer type, which can be an incorrect calculation if the programmer intended to determine the size of the data that is being pointed to. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in IBM DB2 High Performance Unload versions 5.1, 6.1, and 6.5 allows an authenticated user to cause the program to crash. The issue arises from an incorrect calculation of the size of the data being pointed to, which leads to a crash.
How can this vulnerability impact me? :
The vulnerability can cause a denial of service by crashing the IBM DB2 High Performance Unload program when exploited by an authenticated user. This could disrupt database operations and availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70