IBM DB2 libdb2.so DB2LPORT Variable Local Overflow
Local Access Required
Loss of Integrity
A local overflow exists in IBM DB2. The 'libdb2.so.1' library fails to perform proper bounds checking resulting in a buffer overflow. By
providing an overly long 'DB2LPORT' environment variable, a malicious user can gain root privileges resulting in a loss of integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability.