Bug 2094515 (CVE-2022-23712, ESA-2022-07)

Summary: CVE-2022-23712 elasticsearch: DoS via a specifically formatted network request
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: admiller, aileenc, alazarot, anpicker, anstephe, aos-bugs, aos-network-edge-staff, asoldano, avibelli, bbaranow, bgeorges, bmaxwell, brian.stansberry, caswilli, cdewolf, chazlett, clement.escoffier, dandread, darran.lofthouse, dffrench, dhanak, dkreling, dkuc, dnakabaa, dosoudil, drosa, eglynn, emingora, eparis, ewolinet, extras-orphan, fjansen, fjuma, fmongiar, gmalinko, go-sig, grafana-maint, gsmet, gzaronik, ibek, istudens, ivassile, iweiss, janstey, jcajka, jchaloup, jjoyce, jkurik, jmartisk, jnethert, jochrist, jrokos, jschatte, jvasik, jwon, kaycoth, kholdawa, kverlaen, lchilton, lcouzens, lgao, lmadsen, lmeyer, lthon, manderse, mburns, mgarciac, mnovotny, mosmerov, mrunge, mskarbek, msochure, msvehla, nathans, ngough, nobody, nwallace, olubyans, openshift-release-oversight, pantinor, pdelbell, peholase, pesilva, pgallagh, piotr1212, pjindal, pmackay, probinso, rareddy, rblanco, rfreiman, rgodfrey, rguimara, rphillips, rruss, rstancel, rstepani, rsvoboda, sausingh, sbiarozk, sfeifer, smaestri, spasquie, spower, sthirugn, tom.jenkinson, tqvarnst, vimartin, vkrizan, vmugicag
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: elasticsearch 8.2.1 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Elasticsearch. This flaw allows an unauthenticated attacker to forcibly shut down an Elasticsearch node with a specifically formatted network request, affecting system availability.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2095202, 2095203, 2100880, 2102998, 2102999, 2103000    
Bug Blocks: 2094521    

Description Guilherme de Almeida Suckevicz 2022-06-07 18:52:47 UTC 
A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request.

References:
https://www.elastic.co/community/security/
https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530
Comment 1 Petr Pisar 2022-06-08 07:00:16 UTC 
Guilherme, I noticed you added plenty of contacts to this bug report. If this is because you intend to use this bug to handle all implementation of ECDSA which do not check R a S parameters of ECDSA for 0, then remove "elasticsearch" from a summary of this bug report. Otherwise, I cannot see a reason why perl-devel should be notified about a bug in a Java library.
Comment 2 Petr Pisar 2022-06-08 07:07:27 UTC 
As far as I know, the only implementation of ECDSA in Perl packages is perl-CryptX (it bundles a developmental version of libtomcrypt). Other Perl packages should transitively use OpenSSL or perl-CryptX.
Comment 12 Sandipan Roy 2022-07-01 06:54:52 UTC 
Created cadvisor tracking bugs for this issue:

Affects: fedora-all [bug 2102999]


Created elasticdump tracking bugs for this issue:

Affects: epel-all [bug 2102998]


Created origin tracking bugs for this issue:

Affects: fedora-all [bug 2103000]