IBM Product Security Update Advisory (CVE-2025-33092)

Jul 30 2025

Overview

We have released a security update to fix vulnerabilities in IBM products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-33092

IBM Db2 for Linux Versions: 11.5.0 and above and 11.5.9 and below
IBM Db2 for Linux Versions: 12.1.0 and later but not earlier than 12.1.2

Resolved Vulnerabilities

Stack-based buffer overflow vulnerability in db2fm in IBM Db2 for Linux (CVE-2025-33092)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-33092

Applies to builds in IBM Db2 for Linux Version: 11.5.9 [2]
IBM Db2 for Linux Version: Apply build to 12.1.1 [3]
IBM Db2 for Linux version: Apply build to 12.1.2 [4]

References

[1] Security Bulletin: IBM® Db2® is vulnerable to a stack-based buffer overflow (CVE-2025-33092)

https://www.ibm.com/support/pages/node/7240940
[2] Db2 v11.5.9 Published Cumulative Special Build Downloads
https://www.ibm.com/support/pages/node/7087189
[3] Db2 v12.1.1 Published Cumulative Special Build Downloads
https://www.ibm.com/support/pages/db2-v1211-published-cumulative-special-build-downloads#52441
[4] Db2 v12.1.2 Published Cumulative Special Build Downloads
https://www.ibm.com/support/pages/db2-v1212-published-cumulative-special-build-downloads

Tags:

IBM Product Security Update Advisory

Google Chrome Browser (138.0.7204.183/.184) Security Update Advisory