Bug 2246938 (CVE-2023-31418)

Summary: CVE-2023-31418 elasticsearch: uncontrolled resource consumption
Product: [Other] Security Response Reporter: Avinash Hanwate <ahanwate>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: aileenc, bdettelb, chazlett, gmalinko, janstey, jcantril, periklis
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: elasticsearch 7.17.13, elasticsearch 8.9.0 Doc Type: ---
Doc Text:
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. This flaw allows an unauthenticated user to force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2246939    

Description Avinash Hanwate 2023-10-30 08:25:48 UTC 
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.

https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616
https://www.elastic.co/community/security