Major - P3 ISSUE SUMMARY
When a grantRolesToUser or revokeRolesFromUser command is run on a mongos, the mongos does not check whether the entry in the user cache for that user is out of date. It can thus overwrite role changes that were made from another mongos.
USER IMPACT
In systems where users are administered via multiple mongos some changes may not persist and get overwritten. This can lead to users not having the correct permissions.
WORKAROUNDS
Modify users only via a single mongos if possible. If that is not an option, calling the invalidateUserCache command before making any role changes will minimize the risk of overwriting changes from another mongos (but not completely avoid it due to the existing race condition).
AFFECTED VERSIONS
Version 2.6.0 and 2.6.1 were affected by this bug.
FIX VERSION
The patch is included in the 2.6.2 production release.
RESOLUTION DETAILS
mongos now ensures that the cache entry for a user document is up to date before updating a user.
Original description
Currently it is possible to get into a situation where a user's roles are changed on one mongos, then another mongos receives a grantRolesToUser command and $sets the user's roles to something based on out of date information of the existing roles the user has.