Security researcher Martin Rakhmanov has discovered a vulnerability in IBM’s Db2 enterprise database that could let an attacker gain read and write access to shared memory and perform a denial-of-service attack.
Rakhmanov, security research manager at Trustwave, disclosed that the issue impacts IBM Db2 versions for Linux, Unix and Windows (9.7, 10.1, 10.5, 11.1, 11.5).
The vulnerability stems as developers forget to put explicit memory protections around the shared memory used by the Db2 trace facility, Rakhmanov explains.
“This allows any local users read and write access to that memory area. In turn, this allows accessing critically sensitive data as well as the ability to change how the trace subsystem functions, resulting in a denial of service condition in the database,” he adds.
Rakhmanov goes on to explain that by launching Process Explorer in Windows or any other similar tool, users can see that there are no permissions assigned to the shared memory (which means anyone can gain read/write access to it. By then enabling Db2 tracing, it is possible for users to see what has been written to shared memory.
IBM released a special build patch to address this and other security issues on June 30. Trustwave suggests all IBM Db2 customers to apply the available patch as soon as possible.