Security Bulletin: Multiple buffer overflow vulnerabilities exist in IBM® Db2® leading to privilege escalation (CVE-2018-1922, CVE-2018-1923, CVE-2018-1978, CVE-2018-1980, CVE-2019-4015, CVE-2019-4016).

Summary Multiple buffer overflow vulnerabilities exist in IBM® Db2® leading to privilege escalation from an authenticated local user to either root or instance owner. Vulnerability Details CVEID: CVE-2018-1922 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server is affecte...

CVE-2018-1978

IBM DB2 for Linux/UNIX/Windows (including DB2 Connect Server) versions 9.7, 10.1, 10.5, and 11.1 are affected by a buffer overflow vulnerability (CVE-2018-1978) that could let an authenticated local attacker execute arbitrary code as root. Multiple IBM security bulletins reference this CVE family...