IBM Support

Security Bulletin: Multiple privilege escalation vulnerabilities in IBM DB2 HPU

Security Bulletin


Summary

IBM DB2 High Performance Unload load privilege escalation in IBM DB2 HPU debug binary via trusted PATH and privilege escalation in IBM DB2 HPU via loading DB2 library

Vulnerability Details

Relevant CVE Information:
CVEID: CVE-2019-4447
DESCRIPTION: IBM DB2 High Performance Unload load shared libraries from an untrusted path potentially giving low privilege user full access to root by loading a malicious shared library.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/163488 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2019-4448
DESCRIPTION: IBM DB2 High Performance Unload executes binaries from an untrusted path which could allow a local user to execute arbitrary code as the root user.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/163489 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

DB2 High Performance Unload load for LUW  6.1

DB2 High Performance Unload load for LUW  6.1.0.1

DB2 High Performance Unload load for LUW  6.1.0.1 IF1

DB2 High Performance Unload load for LUW  6.1.0.2

DB2 High Performance Unload load for LUW  6.1.0.2 IF1

DB2 High Performance Unload load for LUW  6.1.0.2 IF2

Remediation/Fixes

Product VRMF Remediation/First Fix
InfoSphere Optim High Performance Unload for DB2 for Linux- UNIX and Windows had been fixed in V6.1.0.3
https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/Optim+High+Performance+Unload+for+DB2+Linux+UNIX+and+Windows&release=6.1.0.3&platform=All&function=all

Workarounds and Mitigations

N/A

Get Notified about Future Security Bulletins

References

Off

Acknowledgement

The vulnerability was reported to IBM by Rich Mirch

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Document Location

Worldwide

[{"Business Unit":{"code":"BU001","label":"Analytics Private Cloud"},"Product":{"code":"SSC6UE","label":"InfoSphere Optim High Performance Unload for DB2 for Linux- UNIX and Windows"},"Component":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"6.1,6.1.0.1,6.1.0.1 IF1,6.1.0.2,6.1.0.2 IF1,6.1.0.1 IF2","Edition":""}]

Document Information

Modified date:
21 August 2019

UID

ibm10964592