CNNVD-202507-1687 Information

CNNVD ID

CNNVD-202507-1687

Related CVE

CVE-2025-3631

• CNNVD Published: 2025-07-11

Description (Chinese)

IBM MQ是美国国际商业机器（IBM）公司的一款消息传递中间件产品。该产品主要为面向服务的体系结构（SOA）提供可靠的、经过验证的消息传递主干网。 IBM MQ 9.3和9.4版本存在资源管理错误漏洞，该漏洞源于客户端连接可能导致AMQRMPPA通道进程SIGSEGV终止。

Description (English)

IBM MQ is an intermediate message from the United States International Business Machine (IBM). The product provides a reliable and validated backbone for service-oriented system structures (SOAs). Versions IBM MQ 9.3 and 9.4 contain a resource management error loophole, which stems from the fact that client-to-client connection may lead to the termination of the AMQRPPA channel process SIGSEGV.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

IBPhoenix

Published

2025-07-11

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7237025 https://www.ibm.com/support/pages/node/7238310 https://access.redhat.com/security/cve/cve-2025-3631 https://vigilance.fr/vulnerability/IBM-MQ-denial-of-service-via-AMQRMPPA-Channel-47557

Patch

https://www.ibm.com/support/pages/node/7237025