CVE-2025-33132
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-28
Last updated on: 2025-11-06
Assigner: IBM Corporation
Description
Description
IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due to the incorrect calculation of the size of the data that is being pointed to.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| ibm | db2_high_performance_unload_load | From 5.1.0.0 (inc) to 6.1.0.0 (inc) |
| ibm | db2_high_performance_unload_load | 6.1.0.1 |
| ibm | db2_high_performance_unload_load | 6.1.0.2 |
| ibm | db2_high_performance_unload_load | 6.1.0.3 |
| ibm | db2_high_performance_unload_load | 6.5.0.0 |
| ibm | db2_high_performance_unload_load | 6.5.0.0 |
| ibm | aix | * |
| ibm | linux_on_ibm_z | * |
| microsoft | windows | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-467 | The code calls sizeof() on a pointer type, which can be an incorrect calculation if the programmer intended to determine the size of the data that is being pointed to. |
