CVE-2024-8305

Name	CVE-2024-8305
Description	prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 versions prior to 7.0.13 and MongoDB Server v7.3 versions prior to 7.3.4
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
mongodb (PTS)	jessie	1:2.4.10-5+deb8u1	vulnerable
	stretch (security), stretch (lts), stretch	1:3.2.11-2+deb9u2	vulnerable

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
mongodb	source	jessie	(unfixed)	end-of-life
mongodb	source	stretch	(unfixed)	end-of-life
mongodb	source	(unstable)	(unfixed)