A memory vulnerability was disclosed in IBM’s Db2 family of data management products that could let a threat actor to access sensitive data and even cause a denial of service attacks.
The flaw which has been tracked as CVE-2020-4414 affects IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms, and is caused by improper usage shared memory, thereby allowing an intruder to perform unauthorized actions on the system.
The security bug was discovered by Trustwave SpiderLabs security and research team who states that an attacker can send a specially crafted request to exploit this vulnerability and get sensitive information or cause a denial of service.
According to the researcher, Martin Rakhmanov the developers did not put explicit memory protections around the shared memory used by the Db2 trace facility. This will allow any local users read and write access to that memory area. This in turn allows accessing critically sensitive data as well as the ability to change how the trace subsystem functions, resulting in a denial of service condition in the database.
On June 30, IBM released a patch to remediate the vulnerability.
CVE-2020-4414 is caused by the unsafe usage of shared memory the Db2 trace utility employs to exchange information with the underlying OS on the system. The Db2 trace utility is used to record Db2 data and events.
When the shared memory stores sensitive information, an attacker who gains access to the system could create a malicious application to overwrite the memory with rogue data dedicated to tracing data.
So, an unprivileged local user can misuse this to perform a denial of service by writing incorrect data over that memory section.
Also, a low-privileged process running on the same computer as the Db2 database could alter Db2 trace and capture sensitive data and use the information to carry out other attacks.
All the Db2 users are highly recommended to update their software to the latest version in order to mitigate the risk.