CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1057 vulnerabilities reference this CWE, most recent first.
GHSA-25XM-HR59-7C27
Vulnerability from github – Published: 2021-05-25 18:39 – Updated: 2024-05-31 17:45Impact
xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input.
Patches
The problem has been fixed in release v0.5.8.
Workarounds
Limit the size of the compressed file input to a reasonable size for your use case.
References
The standard library had recently the same issue and got the CVE-2020-16845 allocated.
For more information
If you have any questions or comments about this advisory: * Open an issue in xz.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/ulikunitz/xz"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-29482"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-24T17:52:22Z",
"nvd_published_at": "2021-04-28T19:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nxz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input.\n\n### Patches\n\nThe problem has been fixed in release v0.5.8.\n\n### Workarounds\n\nLimit the size of the compressed file input to a reasonable size for your use case.\n\n### References\n\nThe standard library had recently the same issue and got the [CVE-2020-16845](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16845) allocated.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [xz](https://github.com/ulikunitz/xz/issues).",
"id": "GHSA-25xm-hr59-7c27",
"modified": "2024-05-31T17:45:58Z",
"published": "2021-05-25T18:39:37Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ulikunitz/xz/security/advisories/GHSA-25xm-hr59-7c27"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29482"
},
{
"type": "WEB",
"url": "https://github.com/ulikunitz/xz/issues/35"
},
{
"type": "WEB",
"url": "https://github.com/ulikunitz/xz/commit/69c6093c7b2397b923acf82cb378f55ab2652b9b"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2020-0016"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)"
}
GHSA-276C-C7GR-R4J6
Vulnerability from github – Published: 2024-10-30 15:30 – Updated: 2024-10-30 15:30A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2024-33623"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-30T14:15:06Z",
"severity": "LOW"
},
"details": "A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.",
"id": "GHSA-276c-c7gr-r4j6",
"modified": "2024-10-30T15:30:46Z",
"published": "2024-10-30T15:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33623"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-279F-F7V7-H5H8
Vulnerability from github – Published: 2023-08-22 21:30 – Updated: 2024-04-04 07:07An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.
{
"affected": [],
"aliases": [
"CVE-2022-40090"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-22T19:16:23Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.",
"id": "GHSA-279f-f7v7-h5h8",
"modified": "2024-04-04T07:07:14Z",
"published": "2023-08-22T21:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40090"
},
{
"type": "WEB",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/455"
},
{
"type": "WEB",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/386"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-29M2-93J9-HRCP
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.
{
"affected": [],
"aliases": [
"CVE-2018-6977"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-09T20:29:00Z",
"severity": "MODERATE"
},
"details": "VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.",
"id": "GHSA-29m2-93j9-hrcp",
"modified": "2022-05-13T01:53:16Z",
"published": "2022-05-13T01:53:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6977"
},
{
"type": "WEB",
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0025.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105549"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041821"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041822"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2C77-J78M-453Q
Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2025-04-20 03:33In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.
{
"affected": [],
"aliases": [
"CVE-2017-6474"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-04T03:59:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.",
"id": "GHSA-2c77-j78m-453q",
"modified": "2025-04-20T03:33:39Z",
"published": "2022-05-13T01:46:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6474"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13429"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a998c9195f183d85f5b0bbeebba21a2d4d303d47"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a998c9195f183d85f5b0bbeebba21a2d4d303d47"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2017-07.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3811"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/96566"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2CMX-XMF3-QM89
Vulnerability from github – Published: 2022-05-13 01:30 – Updated: 2024-09-12 18:31In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
{
"affected": [],
"aliases": [
"CVE-2018-19777"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-30T10:29:00Z",
"severity": "MODERATE"
},
"details": "In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.",
"id": "GHSA-2cmx-xmf3-qm89",
"modified": "2024-09-12T18:31:38Z",
"published": "2022-05-13T01:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19777"
},
{
"type": "WEB",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=700301"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH"
},
{
"type": "WEB",
"url": "http://www.ghostscript.com/cgi-bin/findgit.cgi?754ac68f119e0c25cd33c5d652d8aabd533a9fb3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2CP8-MJM6-7F5F
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.
{
"affected": [],
"aliases": [
"CVE-2018-7324"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-23T22:29:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.",
"id": "GHSA-2cp8-mjm6-7f5f",
"modified": "2022-05-13T01:53:19Z",
"published": "2022-05-13T01:53:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7324"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14413"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9e7695bbee18525eaa6d12b32230313ae8a36a81"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-06.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103158"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2F8W-W2FC-FV9W
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
{
"affected": [],
"aliases": [
"CVE-2016-7908"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-10-05T16:59:00Z",
"severity": "MODERATE"
},
"details": "The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.",
"id": "GHSA-2f8w-w2fc-fv9w",
"modified": "2022-05-13T01:13:40Z",
"published": "2022-05-13T01:13:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7908"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201611-11"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=070c4b92b8cd5390889716677a0b92444d6e087a"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=070c4b92b8cd5390889716677a0b92444d6e087a"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/10/03/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/10/03/5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/93273"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2G34-X978-MW32
Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-08-16 00:00long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones which aren't in use anymore and some which may have been created but never used. If the number of entries for a given domain is large enough, this iterating of the entire table may tie up a CPU for too long, starving other domains or causing issues in the hypervisor itself. Note that a domain may map its own grants, i.e. there is no need for multiple domains to be involved here. A pair of "cooperating" guests may, however, cause the effects to be more severe.
{
"affected": [],
"aliases": [
"CVE-2021-28698"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-27T19:15:00Z",
"severity": "MODERATE"
},
"details": "long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones which aren\u0027t in use anymore and some which may have been created but never used. If the number of entries for a given domain is large enough, this iterating of the entire table may tie up a CPU for too long, starving other domains or causing issues in the hypervisor itself. Note that a domain may map its own grants, i.e. there is no need for multiple domains to be involved here. A pair of \"cooperating\" guests may, however, cause the effects to be more severe.",
"id": "GHSA-2g34-x978-mw32",
"modified": "2022-08-16T00:00:43Z",
"published": "2022-05-24T19:12:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28698"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2VQCFAPBNGBBAOMJZG6QBREOG5IIDZID"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPRVHW4J4ZCPPOHZEWP5MOJT7XDGFFPJ"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4977"
},
{
"type": "WEB",
"url": "https://xenbits.xenproject.org/xsa/advisory-380.txt"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/09/01/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2GG3-23VH-J2PG
Vulnerability from github – Published: 2022-03-22 00:00 – Updated: 2026-07-05 03:30An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
{
"affected": [],
"aliases": [
"CVE-2022-23352"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-21T20:15:00Z",
"severity": "HIGH"
},
"details": "An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).",
"id": "GHSA-2gg3-23vh-j2pg",
"modified": "2026-07-05T03:30:46Z",
"published": "2022-03-22T00:00:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23352"
},
{
"type": "WEB",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352"
},
{
"type": "WEB",
"url": "https://www.bigantsoft.com"
},
{
"type": "WEB",
"url": "http://bigant.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.