Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with Predictive Maintenance and Quality

Summary

IBM DB2 is shipped with Predictive Maintenance and Quality. Information about a security vulnerability affecting IBM DB2 has been published in a security bulletin.
(CVE-2019-4016 CVE-2019-4015 CVE-2018-1980 CVE-2018-1978 CVE-2018-1923 CVE-2018-1922 CVE-2019-4094)

Vulnerability Details

Refer to the security bulletins listed in the Remediation/Fixes section

Affected Products and Versions

Predictive Maintenance and Quality 2.5.3 – 2.6.2

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM DB2 which is shipped with Predictive Maintenance and Quality.

Principal Product and Version(s)

|

Affected Supporting Product and Version

|

Affected Supporting Product Security Bulletin

—|—|—

IBM Predictive Maintenance and Quality 2.5.3 – 2.6.2

|

IBM DB2 Enterprise Server Edition V10.5

|

[

Security Bulletin: IBM Db2 is vulnerable to privilege escalation via loading libraries from an untrusted path (CVE-2019-4094).

Security Bulletin: Multiple buffer overflow vulnerabilities exist in IBM Db2 leading to privilege escalation (CVE-2018-1922, CVE-2018-1923, CVE-2018-1978, CVE-2018-1980, CVE-2019-4015, CVE-2019-4016).

](<https://www-01.ibm.com/support/docview.wss?uid=ibm10740413&gt;)

|

Workarounds and Mitigations

None.