CVE-2016-5995 (db2, db2_connect)

Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.

Source: CVE-2016-5995 (db2, db2_connect)