CVE-2024-52981

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-52981

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52981.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-52981

Aliases

Downstream

UBUNTU-CVE-2024-52981

Published

2025-04-08T17:15:35.187Z

Modified

2026-04-12T09:58:16.287651Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow.

References

https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924

Affected packages

Git / github.com/elastic/elasticsearch

Affected ranges

Type

GIT

Repo

https://github.com/elastic/elasticsearch

Events

Introduced

bee86328705acaa9a6daede7140defd4d9ec56bd

Fixed

fcf25fff740db6ab3ed5d145c58d70e4c3528ea7

Introduced

1b6a7ece17463df5ff54a3e1302d825889aa1161

Fixed

253e8544a65ad44581194068936f2a5d57c2c051

Database specific

{
    "versions": [
        {
            "introduced": "7.17.0"
        },
        {
            "fixed": "7.17.24"
        },
        {
            "introduced": "8.0.0"
        },
        {
            "fixed": "8.15.1"
        }
    ]
}

Affected versions

v7.*

v7.17.0

v7.17.1

v7.17.10

v7.17.11

v7.17.12

v7.17.13

v7.17.14

v7.17.15

v7.17.16

v7.17.17

v7.17.18

v7.17.19

v7.17.2

v7.17.20

v7.17.21

v7.17.22

v7.17.23

v7.17.3

v7.17.4

v7.17.5

v7.17.6

v7.17.7

v7.17.8

v7.17.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52981.json"

vanir_signatures

[
    {
        "digest": {
            "length": 77.0,
            "function_hash": "302806869156825138967016505708747002294"
        },
        "id": "CVE-2024-52981-c48c689a",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/elastic/elasticsearch/commit/fcf25fff740db6ab3ed5d145c58d70e4c3528ea7",
        "target": {
            "function": "doRun",
            "file": "x-pack/plugin/searchable-snapshots/src/internalClusterTest/java/org/elasticsearch/xpack/searchablesnapshots/cache/full/SearchableSnapshotsPrewarmingIntegTests.java"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "15728880044678428613885107089167214246",
                "173618939874799114652410357105564381038",
                "293761876996285912564783256243232366190",
                "198593980507136286893931030547799247876",
                "206709190616943257201853921897333917313",
                "197399493388089925234224283026471881528",
                "44508774986651643012206413574234642238",
                "166140435195922692091311330906342127134",
                "196437853667451077775668990843785496875",
                "333451065704095536815766263903785873394",
                "72868878619308445828107324034491913956"
            ]
        },
        "id": "CVE-2024-52981-e4c81f6d",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/elastic/elasticsearch/commit/fcf25fff740db6ab3ed5d145c58d70e4c3528ea7",
        "target": {
            "file": "x-pack/plugin/searchable-snapshots/src/internalClusterTest/java/org/elasticsearch/xpack/searchablesnapshots/cache/full/SearchableSnapshotsPrewarmingIntegTests.java"
        }
    },
    {
        "digest": {
            "length": 9761.0,
            "function_hash": "108010166469262082174614297143144359609"
        },
        "id": "CVE-2024-52981-f406637e",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/elastic/elasticsearch/commit/fcf25fff740db6ab3ed5d145c58d70e4c3528ea7",
        "target": {
            "function": "testConcurrentPrewarming",
            "file": "x-pack/plugin/searchable-snapshots/src/internalClusterTest/java/org/elasticsearch/xpack/searchablesnapshots/cache/full/SearchableSnapshotsPrewarmingIntegTests.java"
        }
    }
]

vanir_signatures_modified

"2026-04-12T09:58:16Z"