In MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-iter.c miscalculates a bson_utf8_validate length argument, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the bson_utf8_validate function in bson-utf8.c), as demonstrated by bson-to-json.c. Upstream issue: https://jira.mongodb.org/browse/CDRIVER-2269 Upstream patches: https://github.com/mongodb/libbson/commit/42900956dc461dfe7fb91d93361d10737c1602b3 https://github.com/mongodb/libbson/commit/e10059393466f667b031077229cfa98504ce34f3
Created libbson tracking bugs for this issue: Affects: epel-7 [bug 1494402]
libbson-1.6.3-2.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
libbson-1.3.5-4.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
libbson-1.8.0-1.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.
libbson-1.3.5-4.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.