CVE-2025-36123 – This vulnerability in IBM Db2 allows a local us... (How to Fix)

Q: What is the severity of CVE-2025-36123?

CVE-2025-36123 has a CVSS score of 6.2 (MEDIUM). This vulnerability in IBM Db2 allows a local user to cause a denial of service by copying large tables containing XML data, due to improper system resource allocation. It affects IBM Db2 for Linux, UNIX and Windows (including DB2 Connect Server) versions 11.5.0-11.5.9 and 12.1.0-12.1.3. Only local authenticated users can exploit this vulnerability.

📋 TL;DR

This vulnerability in IBM Db2 allows a local user to cause a denial of service by copying large tables containing XML data, due to improper system resource allocation. It affects IBM Db2 for Linux, UNIX and Windows (including DB2 Connect Server) versions 11.5.0-11.5.9 and 12.1.0-12.1.3. Only local authenticated users can exploit this vulnerability.

💻 Affected Systems

Products:

IBM Db2 for Linux, UNIX and Windows
DB2 Connect Server

Versions: 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3

Operating Systems: Linux, UNIX, Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where users have permissions to copy tables containing XML data. Requires local database access.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database unavailability due to resource exhaustion, affecting all database services and dependent applications.

🟠

Likely Case

Temporary service degradation or crash of specific database processes when users perform large XML table copy operations.

🟢

If Mitigated

Minimal impact with proper access controls limiting local user privileges and monitoring for abnormal resource usage.

🌐 Internet-Facing: LOW - Requires local access to the database server, not exploitable remotely.

🏢 Internal Only: MEDIUM - Local authenticated users can cause denial of service, but requires specific database privileges and actions.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local authenticated access and specific database privileges to perform table copy operations with XML data.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply fixes from IBM advisory - specific fix versions not specified in CVE description

Vendor Advisory: https://www.ibm.com/support/pages/node/7257627

Restart Required: Yes

Instructions:

1. Review IBM advisory at provided URL. 2. Apply appropriate fix pack or interim fix from IBM. 3. Restart Db2 services. 4. Test functionality after patching.

🔧 Temporary Workarounds

Restrict table copy permissions

all

Limit database user privileges to prevent unauthorized table copy operations

REVOKE COPY TABLE ON SCHEMA.TABLE FROM USERNAME;
REVOKE DBADM AUTHORITY FROM USERNAME;

Implement resource limits

all

Configure database resource limits to prevent excessive resource consumption

UPDATE DATABASE CONFIGURATION USING MAXAPPLS 100;
UPDATE DATABASE CONFIGURATION USING MAXLOCKS 10000;

🧯 If You Can't Patch

Implement strict access controls to limit which users can perform table copy operations
Monitor database logs for abnormal table copy activities and implement alerting

🔍 How to Verify

Check if Vulnerable:

Check Db2 version: db2level | grep 'Product is installed at' and compare with affected versions 11.5.0-11.5.9 or 12.1.0-12.1.3

Check Version:

db2level

Verify Fix Applied:

Verify version after patch: db2level and confirm version is above affected ranges. Check IBM fix list for specific fix pack.

📡 Detection & Monitoring

Log Indicators:

Excessive memory allocation errors in db2diag.log
Table copy operations with XML data taking unusually long
Database crash or restart events

Network Indicators:

Increased database response times
Connection timeouts to Db2 services

SIEM Query:

source="db2diag.log" AND ("memory allocation" OR "resource exhausted" OR "copy table")

📊 Metadata

CVE ID: CVE-2025-36123

CVSS v3 Score: 6.2 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.01% exploit probability (0.2th percentile)

Published: January 30, 2026

Last Updated: February 5, 2026

🔗 References

https://www.ibm.com/support/pages/node/7257627 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-36123, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Db2 by Ibm

Db2 by Ibm

Db2 by Ibm

Db2 by Ibm

Db2 by Ibm

Db2 by Ibm

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict table copy permissions

Implement resource limits

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities