IBM Db2 denial of service
Description
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Db2 11.5 crashes when using ACR client affinity for unfenced DRDA federation wrappers, causing denial of service.
Vulnerability
IBM Db2 for Linux, UNIX, and Windows version 11.5 (all fix pack levels) is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers [1]. Versions 11.1 and 10.5 are not affected.
Exploitation
An attacker with local access to the system can exploit this vulnerability by attempting to use ACR client affinity for unfenced DRDA federation wrappers, causing the Db2 server to crash [1].
Impact
Successful exploitation results in a denial of service, as the Db2 server may crash, making it unavailable [1].
Mitigation
IBM provides special builds for Db2 V11.5.7 and V11.5.8 containing the fix for this issue (APAR DT188887) available from Fix Central [1]. No workaround is documented.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: = 11.5
- Range: 11.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.ibm.com/support/pages/node/6985683mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/249187mitrevdb-entry
- security.netapp.com/advisory/ntap-20230511-0010/mitre
News mentions
0No linked articles in our index yet.