[SERVER-47773] geoNear invariant on mongos Created: 24/Apr/20  Updated: 29/Oct/23  Resolved: 01/May/20

Status: Closed
Project: Core Server
Component/s: Querying
Affects Version/s: 4.2.6, 4.0.18, 4.4.0-rc2
Fix Version/s: 4.0.19, 4.2.8, 4.4.0-rc7, 4.7.0

Type: Bug Priority: Major - P3
Reporter: Ian Boros Assignee: Drew Paroski
Resolution: Fixed Votes: 0
Labels: qexec-team
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v4.4, v4.2, v4.0
Sprint: Query 2020-05-04, Query 2020-05-18
Participants:
Case:
Linked BF Score: 8

 Description   
CVE-2020-7923

Affected versions:
This issue affects - MongoDB Inc. MongoDB Server:

Title:
Specific GeoQuery can cause DoS against MongoDB Server

Description:
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.0-rc7; v4.2 versions prior to 4.2.8; v4.0 versions prior to 4.0.19.

CVSS score:
6.5 using the following scoring metrics:
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE:
'CWE-755: Improper Handling of Exceptional Conditions'.

  • v4.4 versions prior to 4.4.0-rc7;
  • v4.2 versions prior to 4.2.8;
  • v4.0 versions prior to 4.0.19.


 Comments   
Comment by Githook User [ 02/Jun/20 ]

Author:

{'name': 'Drew Paroski', 'email': 'drew.paroski@mongodb.com', 'username': 'paroski'}

Message: SERVER-47773 Error consistently when tailable cursors and $near are used together

(cherry picked from commit c8ced6df8f620daaa2e539f192f2eef356c63e9c)
(cherry picked from commit e9c31e791b2e056c016c048d7e21c59e0e2452ea)
(cherry picked from commit 444dab325b5351ddd566da1d5365ec8728a06634)
Branch: v4.0
https://github.com/mongodb/mongo/commit/7e28f4296a04d858a2e3dd84a1e79c9ba59a9568

Comment by Githook User [ 27/May/20 ]

Author:

{'name': 'Drew Paroski', 'email': 'drew.paroski@mongodb.com', 'username': 'paroski'}

Message: SERVER-47773 Error consistently when tailable cursors and $near are used together

(cherry picked from commit c8ced6df8f620daaa2e539f192f2eef356c63e9c)
(cherry picked from commit e9c31e791b2e056c016c048d7e21c59e0e2452ea)
Branch: v4.2
https://github.com/mongodb/mongo/commit/444dab325b5351ddd566da1d5365ec8728a06634

Comment by Githook User [ 19/May/20 ]

Author:

{'name': 'Drew Paroski', 'email': 'drew.paroski@mongodb.com', 'username': 'paroski'}

Message: SERVER-47773 Error consistently when tailable cursors and $near are used together

(cherry picked from commit c8ced6df8f620daaa2e539f192f2eef356c63e9c)
Branch: v4.4
https://github.com/mongodb/mongo/commit/e9c31e791b2e056c016c048d7e21c59e0e2452ea

Comment by Githook User [ 30/Apr/20 ]

Author:

{'name': 'Drew Paroski', 'email': 'drew.paroski@mongodb.com', 'username': 'paroski'}

Message: SERVER-47773 Error consistently when tailable cursors and $near are used together
Branch: master
https://github.com/mongodb/mongo/commit/c8ced6df8f620daaa2e539f192f2eef356c63e9c

Generated at Thu Feb 08 05:15:11 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.