CVE-2024-52894 IBM Db2 for Linux, UNIX and Windows denial of service

🗓️ 29 Jul 2025 19:00:12Reported by ibmType

IBM Db2 for Linux, UNIX and Windows vulnerable to denial of service due to crafted query causing crashes.

Reporter	Title	Published	Views	Family All 21
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server	7 Aug 202515:41	–	ibm
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.	8 Aug 202509:58	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL.	23 Jan 202611:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (August 2025 - Part 2 of 2)	2 Sep 202518:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Db2 used by IBM Security Verify Governance has multiple vulnerabilities	10 Sep 202517:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query when lock event monitor is activated (CVE-2024-52894)	9 Dec 202521:08	–	ibm
IBM Security Bulletins	Security Bulletin: Due to the use of IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities	30 Jan 202616:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Manage component uses softwares IBM WebSphere Liberty Server 25.0.0.2 and IBM DB2 version 11.5.9 which is vulnerable to CVE-2025-25193, CVE-2024-52894	26 Nov 202510:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager	14 Aug 202508:53	–	ibm
BDU FSTEC	The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to buffer overflow in the stack, allows a attacker to cause service interruptions.	30 Jul 202500:00	–	bdu_fstec

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:db2:10.5.0:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:10.5.0:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:10.5.0:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:10.5.0:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:10.5.0:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:10.5.11:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:10.5.11:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:10.5.11:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:10.5.11:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:10.5.11:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:11.1.0:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:11.1.0:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:11.1.0:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:11.1.0:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:11.1.0:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:11.1.4.7:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:11.1.4.7:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:11.1.4.7:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:11.1.4.7:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:11.1.4.7:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:12.1.1:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:12.1.1:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:12.1.1:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:12.1.1:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:12.1.1:*:*:*:*:zos:*:*",
      "cpe:2.3:a:ibm:db2:12.1.2:*:*:*:*:linux:*:*",
      "cpe:2.3:a:ibm:db2:12.1.2:*:*:*:*:unix:*:*",
      "cpe:2.3:a:ibm:db2:12.1.2:*:*:*:*:aix:*:*",
      "cpe:2.3:a:ibm:db2:12.1.2:*:*:*:*:windows:*:*",
      "cpe:2.3:a:ibm:db2:12.1.2:*:*:*:*:zos:*:*"
    ],
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "Linux",
      "Unix",
      "AIX",
      "z/OS"
    ],
    "product": "Db2",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.5.0.11",
        "status": "affected",
        "version": "10.5.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "11.1.4.7",
        "status": "affected",
        "version": "11.1.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "11.5.9",
        "status": "affected",
        "version": "11.5.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "12.1.2",
        "status": "affected",
        "version": "12.1.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7240953

17 Aug 2025 01:23Current

CVSS 3.14.9

EPSS0.00247

CWE-121