IBM Db2 Flaw Gives Attackers Read/Write Access to Shared Memory
Researchers discover a lack of explicit memory protections around the shared memory used by the Db2 trace facility.
Security researchers have discovered a vulnerability in IBM Db2 that could let an attacker gain read/write access to shared memory and perform unauthorized actions on a target system.
CVE-2020-4414 exists because developers neglected to add explicit memory protections around shared memory used by the Db2 trace facility, explains Martin Rakhmanov, security research manager at Trustwave SpiderLabs, where the flaw was discovered. This allows any local users to have read and write access to that memory area.
"In turn, this allows accessing critically sensitive data as well as the ability to change how the trace subsystem functions, resulting in a denial of service condition in the database," he explains. Neither should be possible for regular users.
Rakhmanov says this vulnerability could lead to other issues -- for example, low-privileged process running on the same computer as the Db2 database. An attacker could also alter Db2 trace and capture sensitive data, which could be used later for subsequent attacks, he adds.
All Db2 instances of current version (11.5) on Windows are affected. IBM has released a patch to address this vulnerability and other security issues. It's difficult to tell whether the vulnerability has been exploited. Businesses should check the database version and apply any missing patches.
Read more details here.
About the Author
You May Also Like