Bug 1985039 (CVE-2021-22145)

Summary: CVE-2021-22145 elasticsearch: memory disclosure in error reporting
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: aileenc, akoufoud, alazarot, almorale, anstephe, aos-bugs, apevec, apevec, bdettelb, bibryam, bmontgom, chazlett, dbecker, dbruno, drieden, eparis, etirelli, ewolinet, fcanogab, fjansen, ggaughan, gmalinko, gvarsami, hbraun, ibek, janstey, jburrell, jcantril, jcoleman, jjoyce, jochrist, jokerman, jrokos, jschluet, jstastny, jwendell, jwon, krathod, kverlaen, ldimaggi, lhh, lpeer, mburns, mmagr, mnovotny, nstielau, nwallace, pantinor, piotr1212, pjindal, proguski, rcernich, rfreiman, rrajasek, rwagner, sclewis, sd-operator-metering, slinaber, sponnaga, steve.traylen, tcunning, tkirby, tomckay, twalsh, tzimanyi
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: elasticsearch 7.13.4 Doc Type: If docs needed, set a value
Doc Text:
A memory disclosure flaw was found in Elasticsearch’s error reporting. A user who can submit arbitrary queries to Elasticsearch could submit a malformed query that results in an error message returned that contains previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-28 08:58:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1985044, 1985045, 1985046, 1985932    
Bug Blocks: 1985040    

Description Guilherme de Almeida Suckevicz 2021-07-22 17:15:12 UTC 
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.

Reference:
https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177
Comment 1 Guilherme de Almeida Suckevicz 2021-07-22 17:18:38 UTC 
Created python-elasticsearch tracking bugs for this issue:

Affects: epel-all [bug 1985045]
Affects: fedora-all [bug 1985046]
Affects: openstack-rdo [bug 1985044]