Security Vulnerabilities, HIPER and Special Attention APARs fixed in DB2 for Linux, UNIX, and Windows Version 10.1

Flash (Alert)


Abstract

This document contains a list of fixes for Security and HIPER APARs in DB2 Version 10.1.

IBM® recommends that the APAR descriptions be reviewed and one of the above fix packs to be deployed to correct them on the affected DB2 installations.

Content

A set of security vulnerabilities was discovered in some DB2 database products. These vulnerabilities were analyzed by the DB2 development organization and a set of corresponding fixes were created to address the reported issues. IBM is not currently aware of any externally reported incidents where production DB2 installations have been compromised due to these issues.
The affected DB2 UDB for Linux, UNIX, and Windows products are:
DB2 Enterprise Server Edition
DB2 Workgroup Server (all Editions)
DB2 Express Server (all Editions)
DB2 Personal Edition
DB2 Connect Server (all Editions)

DB2 Client component and DB2 products or components other than those listed above are not affected.

Due to the complexity of the fixes required to eliminate the reported service issues, it is not feasible to retrofit the same fixes into earlier DB2 Version 10.1 fix packs.

Select a Fix Pack: 4 | 3a | 3 | 2 | 1

DB2 Version 10.1 Fix Pack 4
Security APARs
IC97471 SECURITY: NULL POINTER DEREFERENCE IN DB2'S XSLT PARSING ENGINE (CVE-2013-5466).
IC97737 SECURITY: QUERY WITH OLAP SPECIFICATION CAUSES DB2 SERVER TO SHUTDOWN DATABASE. (CVE-2013-6717)
IC99475 Security: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)
IC99480 SECURITY: VULNERABILITY IN STORED PROCEDURE INFRASTRUCTURE CAN ALLOW ESCALATION OF PRIVILEGE TO ADMINISTRATOR (CVE-2013-6744).
IT00686 SECURITY: ELEVATED PRIVILEGES WITH DB2 EXECUTABLES (CVE-2014-0907)
HIPER APARs
IC95046 THE DBMS_LOB.COMPARE FUNCTION AND DBMS_LOB.READ PROCEDURE DO NOT PROCESS CLOBS CORRECTLY IF MULTI-BYTE CHARACTERS ARE PRESENT
IC96725 CASE EXPRESSION PREDICATES MIGHT BE INCORRECTLY REWRITTEN in DB2 v10.1 Fixpack 3
IC89288 QUERIES WITH THE XMLTABLE FUNCTION MIGHT RETURN INCORRECT RESULTS
IC97379 THE ROUND FUNCTION WITH A MINIMUM VALUE FOR INTEGER AND BIGINT VALUES IS NOT RETURNING THE CORRECT RESULTS
IC97775 INSTANCE MIGHT ABEND OR RETURN INCORRECT RESULTS DUE TO AN INCORRECT EXECUTION SECTION FOR STAR JOIN
IC97793 INCORRECT RESULT IN UNICODE DB WITH LIKE PREDICATE AND FULLWIDTH UNDERSCORE WILD CHARACTER ON A CLOB COLUMN
IC97897 UNEXPECTED LOCK ESCALATIONS ON DB2 PURESCALE SYSTEMS USING STMM LOCKLIST TUNING OR MANUAL DYNAMIC UPDATE OF LOCKLIST SETTING
IC98114 IN DB2 DPF ENVIRONMENTS ONLY, A SPECIFIC TYPE OF QUERY AND RESULTING ACCESS PLAN MIGHT RETURN WRONG RESULTS
IC98129 POSSIBLE INCORRECT RESULT ON MULTIPLE OUTER JOINS AND A COMBINATION OF EQUALITY JOIN PREDICATES AND LOCAL PREDICATES
IC98349 A QUERY WITH AN OR PREDICATE MIGHT RETURN INCORRECT RESULTS
IC98683 ROWS MISSING WHEN LARGE RESULT SET IS PRODUCED BY NULLS FIRST SORT ON INTEGER OR BIGINT
IC99319 SQL STATEMENT WITH ORDERED COLUMN GROUP OR PREDICATES MIGHT RETURN INCORRECT RESULT SET WHEN JUMP SCAN USED
IC99818 SQL STATEMENT WITH UNCORRELATED SUBQUERY PREDICATE MIGHT RETURN INCORRECT RESULTS WHEN INTRA_PARALLEL IS ENABLED
IC99860 POSSIBLE WRONG RESULTS WHEN INDEX JUMP SCANS ARE USED IN REFERENTIAL INTEGRITY CHECKING
IT00248 QUERIES WITH XMLTABLE FUNCTIONS MIGHT RETURN INCORRECT RESULTS WHEN MORE THAN ONE EQUAL PREDICATE IS USED IN WHERE CLAUSE
IT00423 POTENTIAL INDEX CORRUPTION WHEN USING INDEX COMPRESSION AND UNICDOE DATABASES WHICH USE UCA COLLATION WITH S(STRENGTH) = 1 OR 2
IT00929 COLLATION_KEY_BIT MIGHT GENERATE EMPTY STRINGS IN ORACLE MODE IF INPUT STRING CONSISTS OF BLANKS
IT01073 INCORRECT RESULTS MIGHT BE PRODUCED WITH PREDICATES INVOLVING NULL CONSTANTS
IT01100 CHAR(' ',0) RETURNS EMPTY STRING INSTEAD OF NULL IN VARCHAR2 ENABLED DATABASE.
IT01189 TABLE SPACE ROLLFORWARD MIGHT NOT UNDO TRANSACTION CORRECTLY, LEAVING INCONSISTENT DATA
IT01197 QUERY MIGHT HAVE OR PREDICATE WRONGLY REMOVED RESULTING IN EXTRA ROWS IN THE RESULTS

DB2 Version 10.1 Fix Pack 3a
Security APARs
IC97471 SECURITY: NULL POINTER DEREFERENCE IN DB2'S XSLT PARSING ENGINE (CVE-2013-5466).
IC97737 SECURITY: QUERY WITH OLAP SPECIFICATION CAUSES DB2 SERVER TO SHUTDOWN DATABASE. (CVE-2013-6717)
IC99475 Security: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)
IC99480 SECURITY: VULNERABILITY IN STORED PROCEDURE INFRASTRUCTURE CAN ALLOW ESCALATION OF PRIVILEGE TO ADMINISTRATOR (CVE-2013-6744).
IT00686 SECURITY: ELEVATED PRIVILEGES WITH DB2 EXECUTABLES (CVE-2014-0907)

DB2 Version 10.1 Fix Pack 3
Security APARs
IC92498 SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN DB2AUD AND DB2FLACC (CVE-2013-3475).
IC94434 SECURITY: DENIAL OF SERVICE VULNERABILITY IN DB2's FAST COMMUNICATIONS MANAGER. (CVE-2013-4032)
IC94757 SECURITY: UNAUTHORIZED ACCESS TO TABLE VULNERABILITY IN DB2 (CVE-2013-4033)
HIPER APARs
IC89288 INDEX CORRUPTION MIGHT BE INTRODUCED DURING A DATABASE UPGRADE TO DB2 VERSION 10.1
IC89415 READ STABILITY ISOLATION IS NOT ENFORCED UNDER CERTAIN SQL ACCESS PLANS
IC89818 INCORRECT RESULTS ON RANGE PARTITIONED TABLE WITH XML COLUMN
IC90798 INCORRECT RESULTS MIGHT BE RETURNED FOR THE SELECT QUERY INVOLVING THE AGGREGATION FUNCTION WITH THE OLAP WINDOW FUNCTION
IC90906 A QUERY INVOLVING AT LEAST TWO COUNT(DISTINCT ...) AGGREGATE FUNCTIONS MIGHT RETURN WRONG RESULTS
IC91418 USER-DEFINED FUNCTION WITH INDEX EXTENSION EXPLOITATION MIGHT RETURN INCORRECT RESULTS IF INDEX IS NOT PRESENT
IC92052 EXCESSIVELY LARGE MEMORY ALLOCATION ATTEMPTS FROM FAST INTEGER SORT DUE TO WRONG MEMORY SIZE CALCULATION
IC92832 FAILED BACKUP, TABLESPACES ARE MARKED AS UNMODIFIED, DATA MIGHT NOT BE INCLUDED IN SUBSEQUENT INCREMENTAL BACKUPS IMAGES
IC92990 INDEX / DATA MISMATCH MIGHT OCCUR IN AN MDC TABLE AFTER A DEFERRED ROLLOUT
IC93059 RANGE PARTITIONED TABLES DEFINED WITH A NULLS FIRST PARTITIONING COLUMN MIGHT RETURN INCORRECT RESULTS
IC93092 UPDATE OF UNIQUE COLUMNS MIGHT RESULT IN DUPLICATES IN A TABLE WITH A UNIQUE INDEX
IC94252 TCP CONNECTIONS FROM NON-HADR DATABASE SOFTWARE TO THE STANDBY MIGHT ALTER THE HADR STATE AND STALL LOG SHIPPING ON THE PRIMARY
IC94465 BITWISE SCALAR FUNCTIONS MIGHT RETURN INCORRECT RESULTS WHEN USED WITH DECFLOAT DATATYPE ON AIX POWER7
IC94634 THERE MIGHT BE A DOUBLE FREE OR LIST CORRUPTION IN THE SQLRLC_CSM_DEFUNCT() FUNCTION
IC95010 THE LOAD COMMAND WITH THE REMOTE FETCH OR SOURCEUSEREXIT OPTIONS MIGHT FAIL TO INSERT SOME ROWS INTO A TABLE
IC95053 THE QUERY STATEMENT WITH A SUBQUERY PREDICATE MIGHT NOT RETURN ROWS AFTER ENABLING DB2_COMPATIBILITY_VECTOR=ORA

DB2 Version 10.1 Fix Pack 2
Security APARs
IC86783 SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN SQL/PERSISTENT STORED MODULES DEBUGGING INFRASTRUCTURE (CVE-2012-4826).
HIPER APARs
IC85608 XQUERY MIGHT RETURN INCORRECT RESULTS WHEN BOTH 'AND' AND 'OR' PREDICATES EXIST AND ALL PREDICATES CAN BE APPLIED TO XML INDEXES
IC87500 ROWS MIGHT BE INSERTED INTO WRONG MDC TABLE CELL AFTER PREVIOUS INSERTS IN SAME TRANSACTION ENCOUNTER TABLESPACE FULL
Special Attention APARs
IC85425 QUERY WITH A UNION AND TWO CORRELATED BRANCHES MIGHT RETURN INCORRECT RESULTS IN PARTITIONED DATABASE ENVIRONMENTS
IC85841 BATCH INSERTS CAUSING DUPLICATE ROWS WHEN USING NULLIDRA (REOPT=ALWAYS) VS. NULLIDR1 (REOPT=ONCE)
IC86029 CREATING A UNIQUE GLOBAL INDEX ON A TABLE WITH DETACHED PARTITION AND DEPENDANT MQT MIGHT LEAD TO INCORRECT RESULT AFTER REFRESH

DB2 Version 10.1 Fix Pack 1
Security APARs
IC84716 SECURITY: SQLJ.DB2_INSTALL_JAR DIRECTORY ESCAPE VULNERABILITY (CVE-2012-2194).
IC84751 SECURITY: GET_WRAP_CFG_C AND GET_WRAP_CFG_C2 ALLOWS UNAUTHORIZED ACCESS XML FILES (CVE-2012-2196).
IC84755 SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN JAVA STORED PROCEDURE INFRASTRUCTURE (CVE-2012-2197).
IC85513 SECURITY: UTL_FILE could allow unauthorized access to files (CVE-2012-3324).
HIPER APARs
IC83823 WITH REOPT ENABLED, STATEMENTS CONTAINING ARRAY OR ROW VARIABLES MIGHT PRODUCE INCORRECT OUTPUT
IC84320 COALESCE EXPRESSION IN THE OUTER JOIN OPERATOR (+) MAY RETURN INCORRECT RESULTS
Special Attention APARs
IC83469 INCORRECT RESULTS AFTER LOAD INTO TABLE WITH CONSTRAINTS FOLLOWED BY ATTACH OR DETACH
IC84856 INDEX CORRUPTION MAY BE INTRODUCED DURING A DATABASE UPGRADE FROM DB2 VERSION 9.5 TO DB2 VERSION 10.1
IC84899 DATABASE OPERATIONS MIGHT FAIL WITH "KEY DATA MISMATCH" ERRORS, OR ROWS THAT EXIST IN THE DATABASE CANNOT BE FOUND
IC85221 SQL WITH NESTED MATH OPERATIONS ON COLUMNS THAT ARE DEFINED WITH NOT NULL AND USING FUNCTIONS MAY RETURNED DIFFERENT RESULTS.





DB2 fix packs for all supported versions can be downloaded at the following site: http://www.ibm.com/support/docview.wss?uid=swg27007053

The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered issues along with information that helps our customers to decide on an appropriate course of action. DB2 team regrets the inconvenience that these issues are causing to customers. DB2 team believes that their actions are the most prudent steps to address customer concerns and remain open to suggestions on how to further improve our processes.


My Notifications
Sign-up to receive e-mail notification of changes to this document.
    1. Sign in to My Notifications
    2. select Subscribe tab
    3. select " Information Management" from the Software column
    4. select the check box for " DB2 for Linux, UNIX and Windows"
      click the Continue button.
    5. select the check box for " Flashes" and all other document types
      click the Submit button.


Cross reference information
Segment Product Component Platform Version Edition
Information Management DB2 Connect 10.1

Rate this page:

(0 users)Average rating

Document information


More support for:

DB2 for Linux, UNIX and Windows

Software version:

10.1

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows

Reference #:

1610582

Modified date:

2014-05-29

Translate my page

Machine Translation

Content navigation