{"id":"CVE-2024-6381","details":"The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2","modified":"2026-04-10T05:19:53.186460Z","published":"2024-07-02T18:15:03.963Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00027.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html"},{"type":"REPORT","url":"https://jira.mongodb.org/browse/CDRIVER-5622"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mongodb/mongo-c-driver","events":[{"introduced":"0"},{"fixed":"586171d661f584d841bdc32fc998e9f6cf903228"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.26.2"}]}}],"versions":["0.90.0","0.92.0","0.92.2","0.94.0","0.94.2","0.96.0","0.96.4","0.98.0","0.98.2","1.0.0","1.0.2","1.1.0","1.1.0-rc0","1.1.10","1.1.11","1.1.2","1.1.4","1.1.5","1.1.6","1.1.7","1.1.8","1.1.9","1.11.0","1.26.0","1.26.1","1.3.0","1.3.0-rc0","1.4.0-beta1","1.5.0-rc0","1.5.0-rc1","1.5.0-rc2","1.5.0-rc3","1.5.0-rc4","1.6.0","1.6.0-rc0","1.7.0-rc0","1.9.0-rc0","1.9.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6381.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}