Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

IBM Db2 Shared Memory Vulnerability (CVE-2020-4414)

August 2020 by Trustwave

I’ve recently blogged about a shared memory vulnerability in Cisco WebEx Meetings Client on Windows where any user can read memory dedicated to trace data. It turns out that this is a common problem. IBM Db2 is affected by the exact same type of problem. Developers forgot to put explicit memory protections around the shared memory used by the Db2 trace facility. This allows any local users to read and write access to that memory area. In turn, this allows accessing critically sensitive data as well as the ability to change how the trace subsystem functions, resulting in a denial of service condition in the database. Needless to say, both shouldn’t be possible for regular users.

Memory Leakage

In Windows, launch Process Explorer or other any similar tool to check open handles of Db2 main process. As you can see below, there are absolutely no permissions assigned to the shared memory so that anyone can read from and write to it.

In the end this means that an unprivileged local user can abuse this to cause a denial of service condition simply by writing incorrect data over that memory section.

IBM released a special build patch to address this and other security issues on June 30. Please update ASAP.

Trustwave Advisory TWSL2020-005


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts