DB2 - Problembeschreibung
Problem IC95641 | Status: Geschlossen |
SECURITY: QUERY WITH OLAP SPECIFICATION CAUSES DB2 SERVER TO SHUTDOWN DATABASE. (CVE-2013-6717) | |
Produkt: | |
DB2 FOR LUW / DB2FORLUW / 970 - DB2 | |
Problembeschreibung: | |
Executing a query with an OLAP specification may cause the DB2 server to shutdown the database and terminate all connections to the database however the DB2 instance does not shutdown. The stack includes this function: sqlsInitKeyfd__FP8sqeAgentP12SQLS_SORTDEFP10SQLD_FIELDP10SQLS_KE YFDP11SQLD_COLUMNPii + 0xA40 db2diag would report the following: 2013-05-29-14.25.18.182300+600 I10400222A1217 LEVEL: Severe PID : 12976130 TID : 50892 PROC : db2sysc 0 INSTANCE: db2inst1 NODE : 000 DB : ABCABC APPHDL : 0-411 APPID: 164.97.57.31.1431.130529042502 AUTHID : db2inst1 EDUID : 50892 EDUNAME: db2agent (ABCABC) 0 FUNCTION: DB2 UDB, sort/list services, sqlsInitKeyfd, probe:35 MESSAGE : ZRC=0x8704002F=-2029780945=SQLD_PARM "PARAMETER ERROR" DIA8544C An invalid data type was encountered, the value was "". DATA #1 : String, 29 bytes Unknown keypart type in sort. DATA #2 : SQLS_SORTKEYDEF, PD_TYPE_SQLS_SORTKEYDEF, 24 bytes SQLS_SORTKEYDEF: Address:700000010addf68, Size:x18, Size:24 x0000 collation NULL x0008 keyPartID 0 x000A sortkdefFlags x0000 x000C sortkdefIntFlags x0000 x000E codepage 0 x0012 keyPart SQLD_FIELD: Address:700000010addf7a, Size:x6, Size:6 x0000 type BOOLEAN x0002 length 1 x0004 nullable x2 - SQLZ_NONULLS | |
Problem-Zusammenfassung: | |
**************************************************************** * USERS AFFECTED: * * ALL * **************************************************************** * PROBLEM DESCRIPTION: * * See Error Description * **************************************************************** * RECOMMENDATION: * * Upgrade to DB2 Version 9.7 Fixpack 9 * **************************************************************** | |
Local-Fix: | |
N/A | |
verfügbare FixPacks: | |
DB2 Version 9.7 Fix Pack 9a for Linux, UNIX, and Windows | |
Lösung | |
Security Bulletin: Executing a query with an OLAP specification causes the DB2 server to terminate database connections. (CVE-2013-6717) http://www.ibm.com/support/docview.wss?uid=swg21660041 | |
Workaround | |
keiner bekannt / siehe Local-Fix | |
Bug-Verfolgung | |
Vorgänger : APAR is sysrouted TO one or more of the following: IC97737 IC97738 IC97762 Nachfolger : | |
Weitere Daten | |
Datum - Problem gemeldet : Datum - Problem geschlossen : Datum - der letzten Änderung: | 31.08.2013 16.12.2013 16.12.2013 |
Problem behoben ab folgender Versionen (IBM BugInfos) | |
9.7.FP9 | |
Problem behoben lt. FixList in der Version | |
9.7.0.9 | |
9.7.0.9 |