CVE-2024-8305
- Source
- https://cve.org/CVERecord?id=CVE-2024-8305
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-8305.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-8305
- Aliases
- Downstream
- Published
- 2024-10-21T15:15:04.030Z
- Modified
- 2026-02-11T16:08:39.391718Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 versions prior to 7.0.13 and MongoDB Server v7.3 versions prior to 7.3.4
- References
Affected packages
Git / github.com/mongodb/mongo
Affected versions
r6.*
r6.0.0
r6.0.1
r6.0.1-rc0
r6.0.10
r6.0.10-rc0
r6.0.11
r6.0.11-rc0
r6.0.12
r6.0.12-rc0
r6.0.12-rc1
r6.0.13
r6.0.13-rc0
r6.0.14
r6.0.14-rc0
r6.0.14-rc1
r6.0.15
r6.0.15-rc0
r6.0.16
r6.0.16-rc0
r6.0.2
r6.0.2-rc0
r6.0.2-rc1
r6.0.3
r6.0.3-rc0
r6.0.3-rc1
r6.0.3-rc2
r6.0.4
r6.0.4-rc0
r6.0.4-rc1
r6.0.5
r6.0.5-rc0
r6.0.5-rc1
r6.0.6
r6.0.6-rc0
r6.0.6-rc1
r6.0.7
r6.0.7-rc0
r6.0.8
r6.0.8-rc0
r6.0.9
r6.0.9-rc0
r6.0.9-rc1
r7.*
r7.0.0
r7.0.1
r7.0.1-rc0
r7.0.10
r7.0.10-rc0
r7.0.11
r7.0.11-rc0
r7.0.11-rc1
r7.0.11-rc2
r7.0.12
r7.0.12-rc0
r7.0.12-rc1
r7.0.13-rc0
r7.0.2
r7.0.2-rc0
r7.0.2-rc1
r7.0.2-rc2
r7.0.3
r7.0.3-rc0
r7.0.3-rc1
r7.0.4
r7.0.4-rc0
r7.0.5
r7.0.5-rc0
r7.0.6
r7.0.6-rc0
r7.0.7
r7.0.7-rc0
r7.0.7-rc1
r7.0.7-rc2
r7.0.8
r7.0.8-rc0
r7.0.9
r7.0.9-rc0
r7.0.9-rc1
r7.3.0
r7.3.1
r7.3.1-rc0
r7.3.1-rc1
r7.3.1-rc2
r7.3.2
r7.3.2-rc0
r7.3.2-rc1
r7.3.3
r7.3.3-rc0
r7.3.4-rc0
r7.3.4-rc1
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-8305.json"
vanir_signatures
[
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"length": 1704.0,
"function_hash": "64357972036740609456948839495237562266"
},
"id": "CVE-2024-8305-1f8fa0ad",
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/repl/replication_recovery.cpp",
"function": "ReplicationRecoveryImpl::_recoverFromUnstableCheckpoint"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"326842396787406145534793904146985080026",
"98225685305329925305884694932550041059",
"232686151851513936437776935437413726252",
"89833456694645892458988448383188269458"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-35ac3546",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/repl/initial_syncer.cpp"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"28589998682562525413596022271160355341",
"194374094684355474476908738659148271619",
"4188047263567901491143630018897136647",
"337234258102253289734233704776410018156"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-376290c6",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/storage/storage_engine.h"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"325443905775926411274704186588080013086",
"175372965926262633626569011886527940697",
"101387764311428377924643788174618235066",
"111234080482365044480395967755144219808"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-4daf38b2",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/storage/storage_engine_mock.h"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/04582a1f37ad7812d26c031fb0edd9d1a48d925f",
"digest": {
"length": 4721.0,
"function_hash": "63122628539287415540416800121444350254"
},
"id": "CVE-2024-8305-5dcb33b8",
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/catalog/validate_adaptor.cpp",
"function": "ValidateAdaptor::traverseRecordStore"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"261952763206405642134690429605191585877",
"271478991487996520618015210732696954446",
"234299204169543201911245220898104603785",
"288451933156282113256724202399401654826",
"115137640604292801327516349249931990715",
"6585160960140908694649108225974791971",
"266892887870188946029918634770063796155",
"284309024758396087888681093502270350735",
"17857081574361893251912204911921639997"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-6b2e3b72",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/dbtests/repltests.cpp"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"length": 129.0,
"function_hash": "142210671153381720131171986219809606833"
},
"id": "CVE-2024-8305-84cbf5bb",
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/storage/storage_engine_impl.cpp",
"function": "StorageEngineImpl::setOldestTimestamp"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"length": 883.0,
"function_hash": "94949086671452012181762042744083795361"
},
"id": "CVE-2024-8305-8e705a99",
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/repl/replication_coordinator_impl.cpp",
"function": "createInitialSyncerOptions"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"194319675669539997791977208055783058189",
"205554152611466755913412119475320461924",
"280207873070755710073966152263326228776",
"198941670053846996361854903783259323957"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-a2372d8b",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/storage/storage_engine_impl.h"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"186458699316289775049893829013655136670",
"139947347126869824761532831035953675329",
"248777454184683961575549506198531748988",
"19311117635755955518004454548345803917"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-a8bedd1a",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/repl/replication_coordinator_impl.cpp"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"340014884488232753919019511630862689283",
"79509821074501617333093313337911058496",
"180062606197285633575571287136177211914",
"175139048730411564914761528241578898238"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-b91e05c1",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/storage/storage_engine_impl.cpp"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"length": 2836.0,
"function_hash": "114141502866973096821326490108083979972"
},
"id": "CVE-2024-8305-bc473ccd",
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/repl/replication_recovery.cpp",
"function": "ReplicationRecoveryImpl::_applyOplogOperations"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/04582a1f37ad7812d26c031fb0edd9d1a48d925f",
"digest": {
"line_hashes": [
"296297611723228230632191705919741630935",
"52817330115629122116194237336509965249",
"124018979596105062877729520094690482966",
"199353160034049479995727797787883742725",
"321746006861070856001741367040342332074",
"103494199661243871524304338113472003984",
"105464411898963475141543453914734944563"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-c7b726e3",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/catalog/validate_adaptor.cpp"
}
},
{
"source": "https://github.com/mongodb/mongo/commit/a2a46542e8d79a8b4937ed51e84dc918caf26783",
"digest": {
"line_hashes": [
"46456942629359577793561500059700196451",
"269868989697803615970593634756965255240",
"340008620066817223720262269858614005869",
"124511813911024298877651090127842742244",
"10713229332756611835746468259589815206",
"52280162865906530780169287230558504506",
"319824898322229174993938662960766091728",
"301364495411856469262520442508543897097"
],
"threshold": 0.9
},
"id": "CVE-2024-8305-cb7199a1",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/mongo/db/repl/replication_recovery.cpp"
}
}
]