Security Vulnerabilities, HIPER and Special Attention APARs fixed in DB2 for Linux, UNIX, and Windows Version 9.7

Flash (Alert)


Abstract

This document contains a list of fixes for Security and HIPER APARs in DB2 Version 9.7

IBM® recommends that you review the APAR descriptions and deploy one of the above fix packs to correct them on your affected DB2 installations.

Content

A set of security vulnerabilities was discovered in some DB2 database products. These vulnerabilities were analyzed by the DB2 development organization and a set of corresponding fixes was created to address the reported issues. IBM is not currently aware of any externally reported incidents where production DB2 installations have been compromised due to these issues.
The affected DB2 for Linux, UNIX, and Windows products are:

  • DB2 Enterprise Server Edition
  • DB2 Workgroup Server (all Editions)
  • DB2 Express Server (all Editions)
  • DB2 Personal Edition
  • DB2 Connect Server (all Editions)

DB2 Client component and DB2 products or components other than those listed above are not affected.

Due to the complexity of the fixes required to eliminate the reported service issues, it is not feasible to retrofit the same fixes into earlier DB2 Version 9.7 fix packs.

Select a Fix Pack: 10 | 9a | 9 | 8 | 7 | 6 | 5 | 4 | 3a | 3 | 2 | 1

DB2 Version 9.7 Fix Pack 10
Security APARs
IT02592 Security: DB2 contains a denial of service vulnerability in ALTER MODULE statement handling. (CVE-2014-3094)
IT02645 SECURITY: DB2 contains a denial of service vulnerability in SQL Compiler (CVE-2014-3095)
IT03786 DB2 MAY TERMINATE ABNORMALLY WHEN ISSUING AN ALTER TABLE STATEMENT CVE-2014-6097
IT05105 SECURITY: DB2 may terminate abnormally when issuing an ALTER TABLE statement with AUTO_REVAL set to IMMEDIATE (CVE-2014-6159).
HIPER APARs
IC97288 THE DBMS_LOB.COMPARE FUNCTION AND DBMS_LOB.READ PROCEDURE DO NOT PROCESS CLOBS CORRECTLY IF MULTI-BYTE CHARACTERS ARE PRESENT
IC97774 INSTANCE MIGHT ABEND OR RETURN INCORRECT RESULTS DUE TO AN INCORRECT EXECUTION SECTION FOR STAR JOIN
IC98117 COLLATION_KEY_BIT MIGHT GENERATE EMPTY STRINGS IN ORACLE MODE IF INPUT STRING CONSISTS OF BLANKS
IC99044 DATABASE DAMAGED BY RESTORE DB AFTER ENABLING AUTOMATIC STORAGE IF RESTORING A BACKUP FROM BEFORE AUTOMATIC STORAGE WAS ENABLED
IT00425 POTENTIAL INDEX CORRUPTION WHEN USING INDEX COMPRESSION AND UNICODE DATABASES WHICH USE UCA COLLATION WITH S(STRENGTH) = 1 OR 2
IT00607 CLI-BASED APPLICATIONS RECEIVE SQL0501N AGAINST DB2 Z/OS WHEN STORED PROCEDURE CALL HAS MULTIPLE CURSORS
IT01085 SQL STATEMENT WITH UNCORRELATED SUBQUERY PREDICATE MIGHT RETURN INCORRECT RESULTS WHEN INTRA_PARALLEL IS ENABLED
IT01101 CHAR(' ',0) RETURNS EMPTY STRING INSTEAD OF NULL IN VARCHAR2 ENABLED DATABASE.
IT01616 QUERIES WITH XMLTABLE FUNCTIONS MIGHT RETURN INCORRECT RESULTS WHEN MORE THAN ONE EQUAL PREDICATE IS USED IN WHERE CLAUSE
IT01653 TABLE SPACE ROLLFORWARD MIGHT NOT UNDO TRANSACTION CORRECTLY, LEAVING INCONSISTENT DATA
IT01660 INCORRECT RESULTS MIGHT BE PRODUCED WITH PREDICATES INVOLVING NULL CONSTANTS
IT01670 QUERY MIGHT HAVE OR PREDICATE WRONGLY REMOVED RESULTING IN EXTRA ROWS IN THE RESULTS
IT02045 ACCESS PLANS CONTAINING INDEX ORING BETWEEN MDC AND NON MDC INDEX MAY NOT FETCH ALL ROWS FROM SECOND EXECUTION ONWARDS

DB2 Version 9.7 Fix Pack 9a
Security APARs
IC99474 Security: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)
IC99478 SECURITY: VULNERABILITY IN STORED PROCEDURE INFRASTRUCTURE CAN ALLOW ESCALATION OF PRIVILEGE TO ADMINISTRATOR (CVE-2013-6744).
IT00684 SECURITY: ELEVATED PRIVILEGES WITH DB2 EXECUTABLES (CVE-2014-0907)

DB2 Version 9.7 Fix Pack 9
Security APARs
IC90395 SECURITY: MULTIPLE GSKIT VULNERABILITIES IN IBM DB2 (CVE-2012-2190, CVE-2012-2191, CVE-2012-2203).
IC92495 SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN DB2AUD AND DB2FLACC (CVE-2013-3475).
IC94523 SECURITY: UNAUTHORIZED ACCESS TO TABLE VULNERABILITY IN DB2 (CVE-2013-4033)
IC95641 SECURITY: QUERY WITH OLAP SPECIFICATION CAUSES DB2 SERVER TO SHUTDOWN DATABASE. (CVE-2013-6717)
IC97470 SECURITY: NULL POINTER DEREFERENCE IN DB2'S XSLT PARSING ENGINE (CVE-2013-5466).
HIPER APARs
IC91110 THE QUERY STATEMENT WITH A SUBQUERY PREDICATE MIGHT NOT RETURN ROWS AFTER ENABLING DB2_COMPATIBILITY_VECTOR=ORA
IC91458 A QUERY MIGHT RETURN INCORRECT RESULTS OR TRAP DURING OPTIMIZATION IN QRW PHASE IN FUNCTION SQLNR_OR_PREDS_OPT, IN 9.7 FIXPACK 8
IC92963 INDEX / DATA MISMATCH MIGHT OCCUR IN AN MDC TABLE AFTER A DEFERRED ROLLOUT
IC93995 UPDATE OF UNIQUE COLUMNS MIGHT RESULT IN DUPLICATES IN A TABLE WITH A UNIQUE INDEX
IC95712 BITWISE SCALAR FUNCTIONS MIGHT RETURN INCORRECT RESULTS WHEN USED WITH DECFLOAT DATATYPE ON AIX POWER7
IC96093 INCORRECT RESULT IN UNICODE DB WITH LIKE PREDICATE AND FULLWIDTH UNDERSCORE WILD CHARACTER ON A CLOB COLUMN
IC96906 QUERIES WITH THE XMLTABLE FUNCTION MIGHT RETURN INCORRECT RESULTS
IC97380 THE ROUND FUNCTION WITH A MINIMUM VALUE FOR INTEGER AND BIGINT VALUES IS NOT RETURNING THE CORRECT RESULTS

DB2 Version 9.7 Fix Pack 8
HIPER APARs
IC87345 ROWS MIGHT BE INSERTED INTO WRONG MDC TABLE CELL AFTER PREVIOUS INSERTS IN SAME TRANSACTION ENCOUNTER TABLESPACE FULL
IC89290 INDEX CORRUPTION MIGHT BE INTRODUCED DURING A DATABASE UPGRADE TO DB2 VERSION 9.7
IC89412 READ STABILITY ISOLATION IS NOT ENFORCED UNDER CERTAIN SQL ACCESS PLANS
IC89495 INCORRECT RESULTS ON RANGE PARTITIONED TABLE WITH XML COLUMN
IC90199 ROLLFORWARD OR REPLAY LOG ON THE HADR STANDBY DATABASE FAILS AND LEAVES THE TABLE UNRECOVERABLE
Special Attention APARs
IC90721 SQLGETDIAGFIELDW() SHOULD RETURN THE STRINGLENGTHPTR AS BYTES INSTEAD OF AS CHARACTERS.

DB2 Version 9.7 Fix Pack 7
Security APARs
IC84714 SECURITY: SQLJ.DB2_INSTALL_JAR DIRECTORY ESCAPE VULNERABILITY (CVE-2012-2194).
IC84748​​ SECURITY: GET_WRAP_CFG_C AND GET_WRAP_CFG_C2 ALLOWS UNAUTHORIZED ACCESS XML FILES (CVE-2012-2196).
IC84753​​ SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN JAVA STORED PROCEDURE INFRASTRUCTURE (CVE-2012-2197).
IC86781​​ SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN SQL/PERSISTENT STORED MODULES DEBUGGING INFRASTRUCTURE (CVE-2012-4826).
HIPER APARs
IC83578 XQUERY MIGHT RETURN INCORRECT RESULTS WHEN BOTH 'AND' AND 'OR' PREDICATES EXIST AND ALL PREDICATES CAN BE APPLIED TO XML INDEXES
IC83976 WITH REOPT ENABLED, STATEMENTS CONTAINING ARRAY OR ROW VARIABLES MIGHT PRODUCE INCORRECT OUTPUT
Special Attention APARs
IC83608 SQL WITH NESTED MATH OPERATIONS ON COLUMNS THAT ARE DEFINED WITH NOT NULL AND USING FUNCTIONS MAY RETURNED DIFFERENT RESULTS.
IC84764 INDEX CORRUPTION MAY BE INTRODUCED DURING A DATABASE UPGRADE TO DB2 VERSION 9.7
IC85196 CREATING A UNIQUE GLOBAL INDEX ON A TABLE WITH DETACHED PARTITION AND DEPENDANT MQT MIGHT LEAD TO INCORRECT RESULT AFTER REFRESH
IC85422 QUERY WITH A UNION AND TWO CORRELATED BRANCHES MIGHT RETURN INCORRECT RESULTS IN PARTITIONED DATABASE ENVIRONMENTS
IC85433 BATCH INSERTS CAUSING DUPLICATE ROWS WHEN USING NULLIDRA (REOPT=ALWAYS) VS. NULLIDR1 (REOPT=ONCE)

DB2 Version 9.7 Fix Pack 6
Security APARs
IC79274​​ SECURITY: DB2 ESCALATION OF PRIVILEGE VULNERABILITY​
IC80729​​ SECURITY: REMOTE ESCALATION OF PRIVILEGE VULNERABILITY IN DAS.
IC81380​​ SECURITY: DENIAL OF SERVICE SECURITY VULNERABILITY IN DB2'S XML FEATURE.
IC81390​​ SECURITY: UNAUTHORIZED ACCESS TO TABLES​
IC81462​​ SECURITY: UNAUTHORIZED ACCESS TO XML FILES IN DB2'S XML FEATURE
IC82234​​ SECURITY: DB2 DENIAL OF SERVICE VULNERABILITY IN THE DRDA COMPONENT.​
HIPER APARs
IC80899 COALESCE EXPRESSION IN THE OUTER JOIN OPERATOR (+) MAY RETURN INCORRECT RESULTS
IC81066 WITH FILE SYSTEM CACHING ENABLED, SYSTEM OUTAGE MIGHT RESULT IN CORRUPTION DURING LOB OR REORG PROCESSING
IC82403 CRASH RECOVERY OR ROLL FORWARD OPERATION MIGHT FAIL WHEN CERTAIN LOG RECORDS ARE REPLAYED ON A TABLE WITH COMPRESSION ENABLED
Special Attention APARs
IC79727 QUERIES WITH LIKE OPERATORS MIGHT RETURN INCORRECT RESULTS DUE TO AN INVALID HIGHEST PADDING CHARACTER
IC80394 CHANCES OF MEMORY LEAK INTRODUCED IN VERSION 9.7 FIX PACK 5
IC80456 LIKE CLAUSES MIGHT RETURN INCORRECT RESULTS FOR COLUMNS WITH VARCHAR DATA TYPE IN UNICODE DATABASES
IC81388 FAILED ONLINE LOAD WITH INDEX REBUILD CAN LEAD TO MISMATCH BETWEEN TABLE AND INDEX
IC81466 WITH FILE SYSTEM CACHING ENABLED, SYSTEM OUTAGE DURING LOAD PROCESSING MIGHT RESULT IN CORRUPTION
IC81649 DB2START FAILS WITH SQL10003 ON SOLARIS 10, SPARC T4 PROCESSOR WITH 2GB PAGE SIZE SUPPORT
IC82348 DATABASE CAN BE MARKED BAD DURING RECOVERY OR HADR REPLAY WHEN XML DATA IS IN THE TABLE
IC82921 INCORRECT RESULTS AFTER LOADING A TABLE WITH CONSTRAINTS FOLLOWED BY RUNNING ALTER TABLE STATEMENT WITH ATTACH OR DETACH OPTIONS

DB2 Version 9.7 Fix Pack 5
Security APARs
IC70473​​ SECURITY: POTENTIAL TRAP WITH STMM ENABLED AND DATABASE_MEMORY SET TO AUTOMATIC​
IC76901 SECURITY: REMOTE DENIAL OF SERVICE OF DB2 SERVER.
HIPER APARs
IC78251 ADMIN_MOVE_TABLE PROCEDURE RETURNS SQL0969N, SQL1188N or SQL0408N ERROR CODE
IC77502 TRANSACTION LOG CORRUPTION DUE TO ENTERING A TIMING HOLE UPON RECEIVING AN INTERRUPT DURING CRASH RECOVERY
IC77510 CLI FUNCTIONS RETURN SQL_SUCCESS EVEN WHEN SQL_ATTR_INSERT_BUFFERING = SQL_ATTR_INSERT_BUFFERING_IGD and INSERT COMMAND FAILS
IC77439 POSSIBLE INCORRECT RESULTS FROM A GROUP OF LEFT JOIN, INNER JOIN, AND COALESCE EXPRESSION IN AN ON PREDICATE
IC77337 INCORRECT OUTPUT MIGHT BE RETURNED BY A QUERY WITH PARTITION ELIMINATION INVOLVING MULTIPLE COLUMNS AND NON-CONSTANT KEYS
IC76792 BAD PAGE HEADER ENCOUNTERED BY PREFETCHER DURING ONLINE BACKUP ON LINUX PLATFORM. BACKUP IMAGE MAY BE CORRUPTED.
IC76679 INCORRECT RESULTS ARE RETURNED IF AN SQL QUERY CONTAINS RID(), RID_BIT() or ROWID
IC76116 INCORRECT RESULTS OBTAINED WHEN USING VARCHAR_FORMAT (TO_CHAR) TO CONVERT NUMERIC VALUES TO FORMATTED STRINGS
Special Attention APARs
IC76415 SQL30021 MESSAGE STATING 'MANAGER "0X1440" AT LEVEL "9" NOT SUPPORTED' IS RETURNED WHILE CONNECTING TO HOST VIA SEPARATE GATEWAY

DB2 Version 9.7 Fix Pack 4
Security APARs
IC72119 Users able to update statistics for tables without appropriate privileges
IC71375 SECURITY: User continues to have privilege to execute a non-DDL statement after role membership has been revoked from its group
HIPER APARs
IC75037 AFTER LOAD INSERT INTO MDC+RP (RANGE PARTITIONED) TABLE, SET INTEGRITY MAY SILENTLY FAIL TO VALIDATE ROWS AGAINST CONSTRAINTS
IC74244 NESTED-LOOP JOIN WITH EARLYOUT FOR GROUPBY CLAUSES, YIELDS INCORRECT RESULTS WHEN JOIN COLUMNS ARE OF DIFFERENT DATA TYPES
IC72698 INCORRECT RESULTS OR "SQL204N TABLE NOT FOUND" ERROR RETURNED WHEN SELECTING FROM VIEW.
Special Attention APARs
IC73163 HIGH MEMORY ALLOCATION WHILE PROCESSING TABLE QUEUE ( TQ ) SPILLS ON DPF SYSTEMS

DB2 Version 9.7 Fix Pack 3a
HIPER APARs
IC70959 INSERT OR UPDATE WITH INDEX COMPRESSION MAY CAUSE MEMORY CORRUPTION AND CRASH
IC69772 POTENTIAL CORRUPTION WHEN REPLAYING LOG RECORDS THAT INSERT KEYS INTO AN INDEX AND TRIGGER PAGE SPLITS

DB2 Version 9.7 Fix Pack 3
Security APARs
IC68015 SECURITY: FUNCTIONS ARE NOT INVALIDATED NOR DROPPED EVEN WHEN THE OWNER LOSES SUFFICIENT PRIVILEGE TO ACCESS UNDERLYING OBJECTS.
IC70406 SECURITY: UPDATE AGAINST A TABLE VIA A COMPOUND SQL (COMPILED) STATEMENT MAY BE EXECUTED BY USER WTHOUT REQUIRED PRIVILEGE
IC70539 SECURITY: REMOTE BUFFER OVERFLOW VULNERABILITY IN DB2 ADMINISTRATIVE SERVER
IC72029 SECURITY: DB2 DAS REMOTE CODE EXECUTION VULNERABILITY
HIPER APARs
IC71241 Possible incorrect result on recursive views which joins to a table on a unique column
Special Attention APARs
IC70482 OCCURRENCE OF INSTANCE CRASH WITH SIGNAL 11

DB2 Version 9.7 Fix Pack 2
Security APARs
IC67008 SECURITY: SYSTEM GRANTED PRIVILEGES NOT REGENERATED ON VIEWS WHEN AUTO_REVAL IS SET TO IMMEDIATE
IC67819 SECURITY: MONITOR ADMINISTRATIVE VIEWS IN SYSIBMADM SCHEMA ARE VIEWABLE BY PUBLIC.
IC63548 SECURITY APAR: MODIFIED SQL DATA table function is not dropped when definer loses required privileges to maintain the objects.
IC65742 SECURITY: VULNERABILITY IN DB2STST.
IC65762 Security: DB2DART CAN OVERWRITE FILES OWNED BY THE NSTANCE OWNER.
IC65935 SECURITY: BUFFER OVERRUN IN REPEAT UDF (CVE-2010-0462)
IC68762 SECURITY: THE TIVOLI MONITORING AGENT (KUDDB2) FOR DB2 HAS DOS VULNERABILITY. (CVE-2010-0472)
IC66643 Security: Special group and user enumeration on Windows 2008 could trap the server.
IC68055 SECURITY: TRANSPORT LAYER SECURITY (TLS) HANDSHAKE RENEGOTIATION WEAK SECURITY CVE-2009-3555
IC66815 SECURITY: User continues to have privilege to execute a non-DDL statement after their DBADM authority has been revoked.
HIPER APARs
IC66358 DELETE NOT REMOVING DATA FROM MDC TABLE.
IC65446 LOAD FROM CURSOR FROM A TABLE WITH LOB COLUMN IN DPF ENVIRONMENT MIGHT LOAD WRONG RESULTS IN THE TARGET TABLE LOB COLUMN
IC65328 In DB2 V9.7 FP1 ONLINE BACKUP MAY FAIL WITH SQL2048 RC = 5, ERROR RAISED IN SQLUBRESIZEBUFSPACE PROBE 472 or it may hang.
IC64864 DELETING DATA FROM MULTIDIMENSIONAL CLUSTERED (MDC) TABLES RETURNS INACCURATE RESULTS DUE TO DEFERRED ROLLOUT PROCESSING
IC62126 Multi-threaded non-Java application either crashes or has code page conversion issues such as truncation of data
IC64092 THE ROUND SQL FUNCTION CAN RETURN THE WRONG RESULT ON A DECFLOAT INPUT VALUES OF Infinity/-Infinity

DB2 Version 9.7 Fix Pack 1
Security APARs
IC64759 DASAUTO COMMAND CAN BE RUN BY NON-PRIVILEGED USERS
IC62502 Security: db2licm utility vulnerability
IC63525 SECURITY: Remote exploits of DB2 provided routines.
IC63302 Security: Manipulation of db2ra data stream of Load utility request can cause seg fault.
IC64852 SECURITY: SEQUENCE OR GLOBAL VARIABLE CAN BE USED WITHOUT THE APPROPRIATE PRIVILEGE
IC63959 INCORRECT FILE PERMISSION AND AUTHORIZATION FOR HA SCRIPTS WHEN INSTALLED VIA V9.5.
IC64325 In a rare case, calling a SQL stored procedure could cause the DB2 server to trap
IC64853 VISIBILITY OF PASSWORDS IN SET ENCRYPTION PASSWORD STATEMENT AS SEEN VIA GET SNAPSHOT DYNAMIC SQL
IC68055 SECURITY: TRANSPORT LAYER SECURITY (TLS) HANDSHAKE RENEGOTIATION WEAK SECURITY CVE-2009-3555
Security: DB2 instance terminates abnormally while compiling a SQL query
HIPER APARs
IC61886 VERSION 9.7 DATABASE UPGRADE MAY CREATE A CORRUPTED LOG CONTROL FILE
IC62219 DYNAMIC SQL STATEMENTS WITH HOST VARIABLES, USING A REOPT ALWAYS OPTIMIZER GUIDELINE, MAY RETURN WRONG RESULTS
IC62771 INDEX COMPRESSION CAN RESULT IN A CORRUPTED INDEX
IC64066 Incorrect result with multiple IN list to join (GENROW) plans via transivity on SMP and MPP environment
IC62088 LOAD UTILITY MAY MARK A ROW BIT INCORRECTLY CAUSING INDEX SCAN TO RETURN INCORRECT RESULTS
IC63415 OUTER JOIN OPERATION MAY RETURN INCORRECT RESULTS WITH A PREDICATE WITH A SUBQUERY RETURNING NOT MORE THAN ONE ROW
IC63668 INCORRECT RESULTS WHEN ORDERED COLUMN GROUP OR PREDICATE CAN BE USED AS INDEX KEYS
IC64767 ALTER BUFFERPOOL REDUCE OR STMM MAY HANG IF SET WRITE SUSPEND HAD BEEN ISSUED
IC64541 SQLSETSTMTATTRW(SQL_ATTR_CHAINING_END) RETURNS 0, EVEN WHEN ONE OF THE PREVIOUS CHAINED STATEMENTS FAILED
IC64462 UPDATE/DELETE OPERATION FROM A TABLE AFTER ONLINE TABLE MOVE CAUSES DB2 TO CRASH





DB2 fix packs for all supported versions can be downloaded at the following site: http://www.ibm.com/support/docview.wss?uid=swg27007053

The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered issues along with information that helps our customers to decide on an appropriate course of action. The DB2 team regrets the inconvenience that these issues are causing to you, our customers. We believe that our actions are the most prudent steps to address your concerns and remain open to suggestions on how to further improve our processes.


My Notifications
Sign-up to receive e-mail notification of changes to this document.
1. Sign in to My Notifications
2. select Subscribe tab
3. select " Information Management" from the Software column
4. select the check box for " DB2 for Linux, UNIX and Windows"
click the Continue button.
5. select the check box for " Flashes" and all other document types
click the Submit button.

For more information about My Notifications please click on


Cross reference information
Segment Product Component Platform Version Edition
Information Management DB2 Connect 9.7

Rate this page:

(0 users)Average rating

Document information


More support for:

DB2 for Linux, UNIX and Windows

Software version:

9.7

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows

Reference #:

1450666

Modified date:

2014-11-05

Translate my page

Machine Translation

Content navigation