{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-2533","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2025-03-19T15:25:50.293Z","datePublished":"2025-07-29T17:43:32.515Z","dateUpdated":"2025-07-29T18:35:04.768Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:linux:*:*","cpe:2.3:a:ibm:db2:12.1.1:*:*:*:*:linux:*:*","cpe:2.3:a:ibm:db2:12.1.2:*:*:*:*:linux:*:*"],"defaultStatus":"unaffected","platforms":["Linux"],"product":"Db2","vendor":"IBM","versions":[{"status":"affected","version":"12.1.0"},{"status":"affected","version":"12.1.1"},{"status":"affected","version":"12.1.2"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query."}],"value":"IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-789","description":"CWE-789 Uncontrolled Memory Allocation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2025-07-29T18:13:40.587Z"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7240947"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Customers running any vulnerable affected level of an affected Program, V12.1, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent mod pack level for each impacted release: V12.1.1 and V12.1.2. They can be applied to any affected mod pack level of the appropriate release to remediate this vulnerability.
Release Fixed V12.1 V12.1.2 DT425951
Special Build #62100 or later for V12.1.1 available at this link: https://www.ibm.com/support/pages/db2-v1211-published-cumulative-special-build-downloads#52441
12.1.2 Latest: https://www.ibm.com/support/pages/db2-v1212-published-cumulative-special-build-downloads
"}],"value":"Customers running any vulnerable affected level of an affected Program, V12.1, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent mod pack level for each impacted release: V12.1.1 and V12.1.2. They can be applied to any affected mod pack level of the appropriate release to remediate this vulnerability.\n\nRelease Fixed V12.1 V12.1.2 DT425951 \nSpecial Build #62100 or later for V12.1.1 available at this link: https://www.ibm.com/support/pages/db2-v1211-published-cumulative-special-build-downloads#52441 \n12.1.2 Latest: https://www.ibm.com/support/pages/db2-v1212-published-cumulative-special-build-downloads"}],"source":{"discovery":"UNKNOWN"},"title":"IBM Db2 for Linux denial of service","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-07-29T18:34:53.613096Z","id":"CVE-2025-2533","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-07-29T18:35:04.768Z"}}]}}