CVE-2021-32040 — Stack-based Buffer Overflow in INC Mongodb Server

CWE-121 — Stack-based Buffer Overflow CWE-787 — Out-of-bounds Write5 documents5 sources

Severity

7.5HIGHNVD

CNA6.5

EPSS

1.5%

top 18.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mongodb INC Mongodb Server Mongodb

Timeline

PublishedApr 12

Latest updateApr 13

Description

It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS attack. This vulnerability affects MongoDB Server v4.4 versions prior to and including 4.4.28, MongoDB Server v5.0 versions prior to 5.0.4 and MongoDB Server v4.2 versions prior to 4.2.16. Workaround: …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5mongodb_inc/mongodb_server5.0 — 5.0.4+2

▶NVDmongodb/mongodb4.2.0 — 4.2.16+2

Patches

Patch: jira.mongodb.org ↗Patch: jira.mongodb.org ↗Patch: jira.mongodb.org ↗

🔴Vulnerability Details

GHSA

GHSA-hmq6-2xj3-79w5: It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the↗2022-04-13

▶

OSV

CVE-2021-32040: It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the↗2022-04-12

▶

CVEList

Large aggregation pipelines with a specific stage can crash mongod under default configuration↗2022-04-12

▶

📋Vendor Advisories

Red Hat

mongodb: Pipeline Stack-based Overflow↗2022-04-12

▶