Login Sign Up

CVE-2025-0915

5.3 MEDIUM
Denial of Service

📋 TL;DR

This vulnerability in IBM Db2 allows authenticated users to cause denial of service by exhausting memory resources under specific configurations. It affects Db2 versions 11.5.0-11.5.9 and 12.1.0-12.1.1 on Linux, UNIX, and Windows systems. Only authenticated users can trigger this issue.

💻 Affected Systems

Products:
  • IBM Db2 for Linux, UNIX and Windows
  • DB2 Connect Server
Versions: 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1
Operating Systems: Linux, UNIX, Windows
Default Config Vulnerable: ✅ No
Notes: Only vulnerable under specific configurations mentioned in IBM advisory.

📦 What is this software?

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service unavailability of Db2 instances, potentially affecting dependent applications and causing business disruption.

🟠

Likely Case

Degraded performance or temporary service interruptions for affected Db2 instances.

🟢

If Mitigated

Minimal impact with proper authentication controls and monitoring in place.

🌐 Internet-Facing: MEDIUM - Requires authentication but could be exploited if credentials are compromised.
🏢 Internal Only: MEDIUM - Authenticated internal users could intentionally or accidentally trigger the issue.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires authenticated access and specific configuration conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply fixes from IBM advisory APAR IJ51738

Vendor Advisory: https://www.ibm.com/support/pages/node/7232529

Restart Required: Yes

Instructions:

1. Review IBM advisory for specific fix details. 2. Apply the recommended fix from APAR IJ51738. 3. Restart Db2 services. 4. Verify the fix is applied.

🔧 Temporary Workarounds

Restrict authenticated access

all

Limit database access to only necessary authenticated users

Review and tighten Db2 user permissions

Memory monitoring

all

Implement enhanced memory usage monitoring and alerts

Configure monitoring for Db2 memory pools

🧯 If You Can't Patch

  • Implement strict access controls to limit authenticated users
  • Deploy additional monitoring for memory exhaustion patterns

🔍 How to Verify

Check if Vulnerable:

Check Db2 version and compare against affected versions 11.5.0-11.5.9 and 12.1.0-12.1.1

Check Version:

db2level (on Db2 server)

Verify Fix Applied:

Verify APAR IJ51738 is applied and Db2 version is updated beyond vulnerable ranges

📡 Detection & Monitoring

Log Indicators:

  • Memory allocation failures
  • Unexpected service restarts
  • Out of memory errors in Db2 diagnostic logs

Network Indicators:

  • Increased connection attempts from authenticated users
  • Unusual query patterns

SIEM Query:

source="db2*" AND ("memory" OR "out of memory" OR "allocation failed")

📊 Metadata

CVE ID: CVE-2025-0915
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-770
EPSS Score: 0.06% exploit probability (17th percentile)
Published: May 5, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0915, you might also want to check these:

CVE-2024-44241 9.8

This vulnerability in DCP firmware allows attackers to execute arbitrary code or cause system crashe...

Same vulnerability type (CWE-770)
CVE-2025-11832 9.8

This CVE describes a resource allocation vulnerability in Azure Access Technology BLU-IC2 and BLU-IC...

Same vulnerability type (CWE-770)
CVE-2021-47875 9.8

GeoGebra CAS Calculator 6.0.631.0 contains a buffer overflow vulnerability that allows attackers to ...

Same vulnerability type (CWE-770)