CVE-2021-32040
- Source
- https://cve.org/CVERecord?id=CVE-2021-32040
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32040.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-32040
- Aliases
- Downstream
- Published
- 2022-04-12T15:15:07.707Z
- Modified
- 2026-02-13T02:22:30.076054Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS attack. This vulnerability affects MongoDB Server v4.4 versions prior to and including 4.4.28, MongoDB Server v5.0 versions prior to 5.0.4 and MongoDB Server v4.2 versions prior to 4.2.16.
Workaround: >= v4.2.16 users and all v4.4 users can add the --setParameter internalPipelineLengthLimit=50 instead of the default 1000 to mongod at startup to prevent a crash.
- References
-
- https://jira.mongodb.org/browse/SERVER-58203
- https://jira.mongodb.org/browse/SERVER-59299
- https://jira.mongodb.org/browse/SERVER-60218
- https://security.netapp.com/advisory/ntap-20220609-0005/
- https://jira.mongodb.org/browse/SERVER-58203
- https://jira.mongodb.org/browse/SERVER-59299
- https://jira.mongodb.org/browse/SERVER-60218
- https://jira.mongodb.org/browse/SERVER-58203
- https://jira.mongodb.org/browse/SERVER-59299
- https://jira.mongodb.org/browse/SERVER-60218
Affected packages
Git / github.com/mongodb/mongo
Affected versions
r4.*
r4.2.0
r4.2.1
r4.2.1-rc0
r4.2.10
r4.2.10-rc0
r4.2.11
r4.2.11-rc0
r4.2.11-rc1
r4.2.12
r4.2.12-rc0
r4.2.13
r4.2.13-rc0
r4.2.13-rc1
r4.2.13-rc2
r4.2.14
r4.2.14-rc0
r4.2.15
r4.2.15-rc0
r4.2.2
r4.2.2-rc0
r4.2.2-rc1
r4.2.3
r4.2.3-rc0
r4.2.3-rc1
r4.2.4
r4.2.4-rc0
r4.2.5
r4.2.5-rc0
r4.2.5-rc1
r4.2.6
r4.2.6-rc0
r4.2.7
r4.2.7-rc0
r4.2.7-rc1
r4.2.8
r4.2.8-rc0
r4.2.9
r4.2.9-rc0
r4.4.0
r4.4.1
r4.4.1-rc0
r4.4.1-rc1
r4.4.1-rc2
r4.4.1-rc3
r4.4.10
r4.4.10-rc0
r4.4.11-rc0
r4.4.2
r4.4.2-rc0
r4.4.2-rc1
r4.4.3
r4.4.3-rc0
r4.4.4
r4.4.4-rc0
r4.4.4-rc1
r4.4.5
r4.4.5-rc0
r4.4.6
r4.4.6-rc0
r4.4.7
r4.4.7-rc0
r4.4.7-rc1
r4.4.8
r4.4.8-rc0
r4.4.9
r4.4.9-rc0
r4.4.9-rc1
r5.*
r5.0.0
r5.0.1
r5.0.1-rc0
r5.0.2
r5.0.2-rc0
r5.0.3
r5.0.3-rc0
r5.0.3-rc1
r5.0.3-rc2
Database specific
vanir_signatures
[
{
"id": "CVE-2021-32040-029e27dd",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 782.0,
"function_hash": "300678912904099743673053597203528723515"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-06de69a0",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "submitRangeDeletionTask",
"file": "src/mongo/db/s/migration_util.cpp"
},
"digest": {
"length": 2994.0,
"function_hash": "94274940151468936817443996621712345210"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-16d3f575",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 832.0,
"function_hash": "35689088370950697683904915058140125922"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-20555b4c",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"file": "src/mongo/db/s/rename_collection_participant_service.cpp"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"57008704657327157357752219507229403421",
"219978351967509068045661472032095542188",
"96832008329574352875427696427854335652",
"306497130088895572384472581618122146873",
"87148495991268923078728161102156801111",
"79548760589203442009682370578276068536",
"91577367032662335966840010627686780692",
"151935819157180623132479451292366714486",
"69331983526008840355417104234075911868",
"172580859230917722012309699604446909481",
"336536251522065985473488157932298954875",
"319247590225780936080202253399761992473",
"183140176363033260396830142035108920188",
"318297696112178073910875299911003286583",
"274267053070157075845071044588380258808",
"44983013092842555866847461877089500015",
"216209626859001661394573976244717620332",
"54261434201926037626748196912028143326"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2021-32040-249f47ee",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/b7530cacde8432d2f22ed506f258ff9c3b45c5e9",
"target": {
"file": "src/mongo/db/commands/dbcheck.cpp"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"103091489027074484261107375217719856970",
"284827099664045201249012654870147018640",
"225420535649554529716966969124472865484",
"54595201426270443984394044459680982898",
"154888417072875741102755675205589703416",
"56596098058397790266634692725763614313",
"271595005129988901513253965119294562085",
"262324567038640923912474811816810816230",
"237185326298909859382395184764063305028",
"102810436712468362456268830733979737393",
"339343449956990677071937696731303887277",
"277518546890714621060645759731364196732",
"237185326298909859382395184764063305028",
"3695676962621912211898968835430876402",
"109162555469148822488049440303764806274",
"184769709075146533022903411222847887222",
"328373040637464415841380220277494462698",
"238557507140782461494034166368322263141",
"232153578749109664462209561632445724971",
"113323778553344252053871171562943077029",
"23453470735543302450554908745604306267",
"62503968968843830174274718239684071793",
"49497441252868643538510724283450470659",
"289102920992461582640514325734517198800",
"140636331674090988955350925488472819495",
"38734732835665068447674444156065887767",
"334302309524908027874520934708798324813",
"116474485471119691097584066964563812980",
"25271259478893428134745899653408088858",
"217884978721589206837310644965957376120",
"169949949465103009666611853289048720804",
"251638786334870067407697728230199894378",
"332692837025607995326584783135446955901",
"193184953219169300281213531754047817594",
"301207237456249891425213002088670274231",
"234628435587932663634136169716808524548",
"277563317810346924863197698789706315801",
"274866091150128543191008361801635658354",
"325030050917199295130338912484576349089",
"28905962208850187259445239503095696355",
"331482331716517676051473347478157127746",
"16988450570710868076652308236476814278"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2021-32040-40fdd3f6",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/b7530cacde8432d2f22ed506f258ff9c3b45c5e9",
"target": {
"function": "fullDatabaseRun",
"file": "src/mongo/db/commands/dbcheck.cpp"
},
"digest": {
"length": 1134.0,
"function_hash": "282766563696062452477420826684475165888"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-4ceac0a4",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/8a5c1f52a77bc92320c90ecbe5424e841874296e",
"target": {
"function": "OplogApplier::makeWriterPool",
"file": "src/mongo/db/repl/oplog_applier.cpp"
},
"digest": {
"length": 263.0,
"function_hash": "243348180936549423194973992870259229084"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-5c6479df",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 1175.0,
"function_hash": "63202308504499188128932169502302989132"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-62cf467f",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 696.0,
"function_hash": "327362881384649040593967867193520898470"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-63b53dc7",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"297774037827464445193476544124135100761",
"140633761029463512637106108976639768549",
"323794566614409118453888532543987101",
"278572263563364650295676270949506909303",
"43211967157569783866320355395044055131",
"240759898754769303194562542761726401774",
"273661685553926325658791933140557888181",
"176294926716962756547561164334750442967",
"12797929363398515258673157680534915319",
"244984585013839146321492524829102980233",
"192455498165094797507385191886766254684",
"228318471350443810592109297809071024671",
"106375377113270110079688681352686284837",
"177434448181822163383098620811846543000",
"290084639030598067414299874886493166288",
"39917016856263446374107126068517564397",
"197744758949077751294048064646978885968",
"211861618190083945835538687855121076680",
"200630548543358041496048949722493231644",
"103876242544149664033702011202899162018",
"53958629874269034169749119008467708629",
"77465254741357858643198589738383448526",
"278292508735511582223140423129843434619",
"303474658478481944979309878636922169846",
"39705765078481325232720550324490123937",
"331829352339466227171865412473879490778",
"80724276093010874309544285511826060843",
"98956469522956280200827870480208795354",
"23799887681283736375027135237594138698",
"304665525423715906484770712047510152987",
"169778069299988379664550374489071167959",
"7544532376491754395468281818684073593",
"192265805049890678854333835556467312810",
"132075906403742823773998728846947131231",
"330662807392294029905015216833158064960",
"163841989518881807897336582250592616700",
"302044849295478615915353853344037643145",
"59462061165327253879710482965458717975",
"142139737577412101095907106471197016590",
"226360402777868604369235453728673789679",
"123840024965257910610554656745652741098",
"311053237968398274699242499350285906431",
"78284867206003973202974393202759296880",
"147700739720021943515435910149503978447",
"269332525964890135229617601185889192288",
"196926132178156656049976625276033528209",
"136757841599633496200141794513437248769",
"5150496968639632006803708146688317216",
"269332525964890135229617601185889192288",
"196926132178156656049976625276033528209",
"8639836162459587677091164488376632742",
"61945705418194204973201657699709557595",
"269332525964890135229617601185889192288",
"196926132178156656049976625276033528209",
"244617718465234905730171824874034428038",
"318910658560360187340652896619139054966",
"222349207486230592426048684754384605566",
"45531785568751406195008722204581976600",
"208671044608936624064193452049332560285",
"63932410988695415435044824313859098198",
"36348739860433168258195030049148854241",
"307104779958966892349642524889804140512",
"44214792264194746845621233056682945714",
"15247933491657918551774843976837364366",
"30203291573409962180818599692603794718",
"264494831016636040763738586920516735382",
"38064033693695655488201649034428759640",
"22287956581610760307431964110455515646",
"116023089862810791560762802007470276153",
"36348739860433168258195030049148854241",
"307104779958966892349642524889804140512",
"44214792264194746845621233056682945714",
"5614467389184671449854049636292641922",
"121514278823444466379979631079257035010",
"13094489247475165760826784830911840469",
"244617718465234905730171824874034428038",
"19489931185310260783454037686801490103",
"289754335357852204775564064247284751485",
"320446767093233243955422479282438383016",
"307104779958966892349642524889804140512",
"44214792264194746845621233056682945714",
"147909978849670187892027997558578501346",
"57419745184576105081943896658815218388",
"63008642192724105628913484745971364616",
"32866531693774886401211094736590226836",
"227795715835038315947501304047828058151",
"326547708161418038887411075873984130888",
"320446767093233243955422479282438383016",
"307104779958966892349642524889804140512",
"44214792264194746845621233056682945714",
"147909978849670187892027997558578501346",
"57419745184576105081943896658815218388",
"63008642192724105628913484745971364616",
"156696975594697969995183487773137901860",
"244402058405193291274843453301871078263",
"269332525964890135229617601185889192288",
"196926132178156656049976625276033528209"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2021-32040-707cf943",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"file": "src/mongo/db/s/migration_util.cpp"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"39071383105487237913899129538518908337",
"7058280656374104295928976480572676992",
"138216499572623749328842728076526743179",
"246719369588779782359127725884131292609",
"120898488382820832868414454218609676804",
"91246157462095930271345154818784656055",
"340029414361451956151058763597026094669",
"52395559806101199290638643615215193464",
"217979263510450136227953573560916253780",
"302318036542480914444131747625591296125",
"123897951137275065234424229756829930651",
"334771196849529020248367604749753040546",
"189321202139116345535697784721338481899",
"94080707385007720405063079274748402482",
"202109906219323566300805815869240319349",
"269159402444756025153321250642385891055",
"64356913719650095176717341845680806809",
"98982653691119051956813422711034082475",
"65480442254988320027752559840910593724",
"30399037242148151950982020816028450637",
"161714079448763428693802966877130217527",
"109219629193658918739548389587595596340",
"54922825078321334269401103863200263380",
"228942514568823007255540666998103679101",
"167454476909688514433836250348953263165",
"182768529172116937058783465548193592540",
"264393723929879819232730369770697803468",
"111739059173801672047480858699409721846",
"277597282899191470729059520116717067640",
"61388659919802278984433863242912153093",
"172615188019102775011179699893018068404",
"253810863149788949409954919610345005162",
"162350951718163716610481086833466994581",
"133717291446399550058767980944975351239",
"322690481777240289311229625189119510583",
"119434656926028556448968074967919757659",
"174149682540411886793326516770265763275",
"166973774460411033723981715919383683529",
"223627756072614497033591454392840299431",
"269454932568686068120137132930934895936",
"217318833321333561231664830615114233517",
"52976940747081506810532765303547324861",
"41624607909484949783129031343719415997",
"42715599282324158308905103204496181145",
"170752160348276205702088723168969265836",
"39716177224048789649863089295037018229",
"280935264839023579894545875112718980955",
"222597495556155066363357194847821997845",
"5493434653699924706475775068649170197",
"116592242529294574726619365154509427712",
"332652136114720397287581100033116555049",
"130772480289097813115744513471875589038",
"74298214554267689125199889644134783289",
"211284424449446675689721527982166197151",
"51481952768053765240356641905595642834",
"172046441679093424857370851945196626539"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2021-32040-92d92055",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 808.0,
"function_hash": "88785645592367831592435927057395527601"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-b9acdab0",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 973.0,
"function_hash": "186360969928778690388867116799416890801"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-d11dc5b3",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/b7530cacde8432d2f22ed506f258ff9c3b45c5e9",
"target": {
"function": "singleCollectionRun",
"file": "src/mongo/db/commands/dbcheck.cpp"
},
"digest": {
"length": 1017.0,
"function_hash": "219645901548585556858217252785676730463"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-e141e33c",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 806.0,
"function_hash": "47655454720957610058072813609622156193"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-f63392bc",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/62a84ede3cc9a334e8bc82160714df71e7d3a29e",
"target": {
"function": "TEST_F",
"file": "src/mongo/db/s/migration_util_test.cpp"
},
"digest": {
"length": 960.0,
"function_hash": "304385211586210701405646516969211584575"
},
"signature_type": "Function"
},
{
"id": "CVE-2021-32040-fa7c3e21",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mongodb/mongo/commit/8a5c1f52a77bc92320c90ecbe5424e841874296e",
"target": {
"file": "src/mongo/db/repl/oplog_applier.cpp"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"86914893407835920140351554356517172538",
"301723886044780707231650942116016427651",
"101731684467305735542702845180786901564",
"339231362225237205193217427104766485358",
"307099705263327255534758284703013436804",
"120276397614982167926524205655076607693",
"10443325516362177748311913785364622596",
"166463737497202225246017018066674439951"
]
},
"signature_type": "Line"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32040.json"