microsoft · CBL-Mariner-Bot · Feb 19, 2026 · Feb 19, 2026
@@ -0,0 +1,70 @@
+From f66ef5e56b331a5367c0d6dd77de552f5cc04eac Mon Sep 17 00:00:00 2001
+From: AllSpark <allspark@microsoft.com>
+Date: Fri, 6 Feb 2026 10:02:21 +0000
+Subject: [PATCH] python: Fix Any recursion depth bypass by routing WKT parsing
+ through ConvertMessage in _ConvertAnyMessage
+
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: AI Backport of https://github.com/protocolbuffers/protobuf/pull/25586.patch
+---
+ python/google/protobuf/json_format.py | 21 ++++++++++++++++++---
+ 1 file changed, 18 insertions(+), 3 deletions(-)
+
+diff --git a/python/google/protobuf/json_format.py b/python/google/protobuf/json_format.py
+index 965614d..35c9b0b 100644
+--- a/python/google/protobuf/json_format.py
++++ b/python/google/protobuf/json_format.py
+@@ -461,9 +461,11 @@ _INT_OR_FLOAT = six.integer_types + (float,)
+ class _Parser(object):
+   """JSON format parser for protocol message."""
+
+-  def __init__(self, ignore_unknown_fields, descriptor_pool):
++  def __init__(self, ignore_unknown_fields, descriptor_pool, max_recursion_depth=100):
+     self.ignore_unknown_fields = ignore_unknown_fields
+     self.descriptor_pool = descriptor_pool
++    self.max_recursion_depth = max_recursion_depth
++    self.recursion_depth = 0
+
+   def ConvertMessage(self, value, message):
+     """Convert a JSON object into a message.
+@@ -475,6 +477,17 @@ class _Parser(object):
+     Raises:
+       ParseError: In case of convert problems.
+     """
++    # Increment recursion depth at message entry. The max_recursion_depth limit
++    # is exclusive: a depth value equal to max_recursion_depth will trigger an
++    # error. For example, with max_recursion_depth=5, nesting up to depth 4 is
++    # allowed, but attempting depth 5 raises ParseError.
++    self.recursion_depth += 1
++    if self.recursion_depth > self.max_recursion_depth:
++      raise ParseError(
++          'Message too deep. Max recursion depth is {0}'.format(
++              self.max_recursion_depth
++          )
++      )
+     message_descriptor = message.DESCRIPTOR
+     full_name = message_descriptor.full_name
+     if _IsWrapperMessage(message_descriptor):
+@@ -483,6 +496,7 @@ class _Parser(object):
+       methodcaller(_WKTJSONMETHODS[full_name][1], value, message)(self)
+     else:
+       self._ConvertFieldValuePair(value, message)
++    self.recursion_depth -= 1
+
+   def _ConvertFieldValuePair(self, js, message):
+     """Convert field value pairs into regular message.
+@@ -617,8 +631,9 @@ class _Parser(object):
+     if _IsWrapperMessage(message_descriptor):
+       self._ConvertWrapperMessage(value['value'], sub_message)
+     elif full_name in _WKTJSONMETHODS:
+-      methodcaller(
+-          _WKTJSONMETHODS[full_name][1], value['value'], sub_message)(self)
++      # For well-known types (including nested Any), use ConvertMessage
++      # to ensure recursion depth is properly tracked
++      self.ConvertMessage(value['value'], sub_message)
+     else:
+       del value['@type']
+       self._ConvertFieldValuePair(value, sub_message)
+-- 
+2.45.4
+
@@ -1,7 +1,7 @@
 Summary:        Google's data interchange format
 Name:           protobuf
 Version:        3.17.3
-Release:        4%{?dist}
+Release:        5%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -10,6 +10,7 @@ URL:            https://developers.google.com/protocol-buffers/
 Source0:        https://github.com/protocolbuffers/protobuf/releases/download/v%{version}/%{name}-all-%{version}.tar.gz
 Patch0:         CVE-2022-1941.patch
 Patch1:         CVE-2025-4565.patch
+Patch2:         CVE-2026-0994.patch
 BuildRequires:  curl
 BuildRequires:  libstdc++
 BuildRequires:  make
@@ -110,6 +111,9 @@ popd
 %{python3_sitelib}/*
 
 %changelog
+* Fri Feb 06 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 3.17.3-5
+- Patch for CVE-2026-0994
+
 * Tue Jul 22 2025 Akhila Guruju <v-guakhila@microsoft.com> - 3.17.3-4
 - Patch CVE-2025-4565