Issue Status as of Feb 17, 2015
The mongod server fails to validate some cases of malformed BSON.
Upon receiving a specially crafted, malformed BSON message the thread serving the connection may go into an infinite loop, which may result in a loss of availability.
There are no workarounds. Users may reduce their exposure by limiting network access to the server. See the MongoDB Security documentation page for more information on recommended security practices for your MongoDB deployment.
All MongoDB production releases up to 2.6.7 are affected by this issue.
The fix is included in the 2.4.13 and 2.6.8 production releases.
Reject malformed BSON data.