<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 05:32:13 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-53929] Server crash after invariant failure</title>
                <link>https://jira.mongodb.org/browse/SERVER-53929</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;div class=&quot;panel&quot; style=&quot;background-color: #eeeeee;border-color: #cccccc;border-width: 1px;&quot;&gt;&lt;div class=&quot;panelHeader&quot; style=&quot;border-bottom-width: 1px;border-bottom-color: #cccccc;background-color: #6cb33f;&quot;&gt;&lt;b&gt;CVE-2021-20326&lt;/b&gt;&lt;/div&gt;&lt;div class=&quot;panelContent&quot; style=&quot;background-color: #eeeeee;&quot;&gt;
&lt;p&gt;&lt;b&gt;Title&lt;/b&gt; &lt;br/&gt;
Specially crafted query may result in a denial of service of mongod&lt;/p&gt;

&lt;p&gt;&lt;b&gt;CVE ID&lt;/b&gt;&lt;br/&gt;
CVE-2021-20326&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Description&lt;/b&gt;&lt;br/&gt;
A user authorized to performing a specific type of find query may trigger a denial of service. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.4.&lt;/p&gt;

&lt;p&gt;&lt;b&gt;CVSS score&lt;/b&gt;&lt;br/&gt;
This issue&apos;s CVSS:3.1 severity is scored at 6.5 using the following scoring metrics:&lt;br/&gt;
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Affected versions&lt;/b&gt;&lt;br/&gt;
MongoDB Inc. MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.4.&lt;/p&gt;

&lt;p&gt;&lt;b&gt;CWE&lt;/b&gt; &lt;br/&gt;
CWE-20: Improper Input Validation&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Underlying operating systems affected&lt;/b&gt;&lt;br/&gt;
ALL&lt;/p&gt;

&lt;p&gt;&lt;b&gt;How the issue was reported&lt;/b&gt;: &lt;br/&gt;
Externally&lt;/p&gt;

&lt;p&gt;&lt;b&gt;External Reference link (server ticket)&lt;/b&gt; &lt;br/&gt;
&lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-53929&quot; title=&quot;Server crash after invariant failure&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-53929&quot;&gt;&lt;del&gt;SERVER-53929&lt;/del&gt;&lt;/a&gt;&lt;/p&gt;
&lt;/div&gt;&lt;/div&gt;</description>
                <environment>ubuntu 16.04 &lt;br/&gt;
mongodb version 4.4.2&lt;br/&gt;
mongo-go-driver version 1.4.4</environment>
        <key id="1595769">SERVER-53929</key>
            <summary>Server crash after invariant failure</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="2" iconUrl="https://jira.mongodb.org/images/icons/priorities/critical.svg">Critical - P2</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="ian.boros@mongodb.com">Ian Boros</assignee>
                                    <reporter username="felix2626">adrien petel</reporter>
                        <labels>
                    </labels>
                <created>Wed, 20 Jan 2021 20:35:24 +0000</created>
                <updated>Sun, 29 Oct 2023 21:58:36 +0000</updated>
                            <resolved>Thu, 4 Feb 2021 15:54:33 +0000</resolved>
                                    <version>4.4.2</version>
                                    <fixVersion>4.9.0</fixVersion>
                    <fixVersion>4.4.4</fixVersion>
                                    <component>Querying</component>
                                        <votes>0</votes>
                                    <watches>15</watches>
                                                                                                                <comments>
                            <comment id="3745431" author="peteladrien@gmail.com" created="Wed, 28 Apr 2021 21:51:41 +0000"  >&lt;p&gt;Hi @Christopher Buckingham &lt;/p&gt;

&lt;p&gt;I&apos;d like to be credited for this with this name: Adrien Petel &lt;br/&gt;
Thank you ! &lt;/p&gt;</comment>
                            <comment id="3740542" author="JIRAUSER1257468" created="Tue, 27 Apr 2021 08:46:36 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=felix2626&quot; class=&quot;user-hover&quot; rel=&quot;felix2626&quot;&gt;felix2626&lt;/a&gt;, thank you for reporting this issue.&#160;&lt;/p&gt;

&lt;p&gt;We have performed some internal testing and can confirm that this is indeed a vulnerability and we have already produced a fix. We will also issue a CVE concerning this vulnerability. Please let us know if you would like to be credited for this discovery inside a CVE and what name you would like to be credited with?&lt;/p&gt;

&lt;p&gt;Thanks.&lt;/p&gt;</comment>
                            <comment id="3599222" author="xgen-internal-githook" created="Thu, 4 Feb 2021 15:29:16 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Ian Boros&apos;, &apos;email&apos;: &apos;ian.boros@mongodb.com&apos;, &apos;username&apos;: &apos;puppyofkosh&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-53929&quot; title=&quot;Server crash after invariant failure&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-53929&quot;&gt;&lt;del&gt;SERVER-53929&lt;/del&gt;&lt;/a&gt; Add stricter parser checks around positional projection&lt;br/&gt;
Branch: v4.4&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/0c7f643a2dfe4000ac9630ed5dace0cb40ec9740&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/0c7f643a2dfe4000ac9630ed5dace0cb40ec9740&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3598708" author="xgen-internal-githook" created="Thu, 4 Feb 2021 08:13:33 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Ian Boros&apos;, &apos;email&apos;: &apos;ian.boros@mongodb.com&apos;, &apos;username&apos;: &apos;puppyofkosh&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-53929&quot; title=&quot;Server crash after invariant failure&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-53929&quot;&gt;&lt;del&gt;SERVER-53929&lt;/del&gt;&lt;/a&gt; Add stricter parser checks around positional projection&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/cd583b6c4d8aa2364f255992708b9bb54e110cf4&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/cd583b6c4d8aa2364f255992708b9bb54e110cf4&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="3575131" author="felix2626" created="Thu, 21 Jan 2021 05:16:27 +0000"  >&lt;p&gt;Hi @Eric Sedor,&lt;/p&gt;

&lt;p&gt;Thanks for the quick answer, I have uploaded the files ( logs and metrics ), hope it helps&lt;/p&gt;</comment>
                            <comment id="3574896" author="eric.sedor" created="Wed, 20 Jan 2021 23:48:51 +0000"  >&lt;p&gt;HI &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=felix2626&quot; class=&quot;user-hover&quot; rel=&quot;felix2626&quot;&gt;felix2626&lt;/a&gt;,&lt;/p&gt;

&lt;p&gt;Knowing the exact query will definitely help, especially if running the query again reproduces the invariant failure. But we can collect additional information.&lt;/p&gt;

&lt;p&gt;Would you please archive (tar or zip) the mongod.log files covering the incident and the &lt;tt&gt;$dbpath/diagnostic.data&lt;/tt&gt; directory (the contents are described &lt;a href=&quot;https://docs.mongodb.com/manual/administration/analyzing-mongodb-performance/#full-time-diagnostic-data-capture&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;here&lt;/a&gt;) and upload them to this &lt;a href=&quot;https://10gen-httpsupload.s3.amazonaws.com/upload_forms/aebed4c1-4acb-411b-a357-6a6a99a62a47.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;support uploader&lt;/a&gt; location?&lt;/p&gt;

&lt;p&gt;Files uploaded to this portal are visible only to MongoDB employees and are routinely deleted after some time.&lt;/p&gt;

&lt;p&gt;Thank you!&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10420">
                    <name>Backports</name>
                                            <outwardlinks description="backported by">
                                                        </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>6.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18555" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname># of Sprints</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_12450" key="com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes">
                        <customfieldname>Backport Requested</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="18953"><![CDATA[v4.4]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10038"><![CDATA[Fully Compatible]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5002K00000s24fuQAA]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 20 Jan 2021 23:48:51 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        2 years, 41 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_17050" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Downstream Team Attention</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16941"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            2 years, 41 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10032" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Operating System</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10026"><![CDATA[ALL]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>felix2626</customfieldvalue>
            <customfieldvalue>eric.sedor@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>ian.boros@mongodb.com</customfieldvalue>
            <customfieldvalue>lucy.buckingham@mongodb.com</customfieldvalue>
            <customfieldvalue>peteladrien@gmail.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hyqhkf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hyc63r:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="4461">Query 2021-02-08</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10750" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Steps To Reproduce</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;Sadly I don&apos;t have the exact query that triggered the crash, as it was a query run by someone on &lt;a href=&quot;https://mongoplayground.net/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://mongoplayground.net/&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;I&apos;ll update the ticket if I manage to find the faulty query&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                    <customfieldvalue><![CDATA[eric.sedor@mongodb.com]]></customfieldvalue>
    

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hyq3tr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>