CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1057 vulnerabilities reference this CWE, most recent first.
GHSA-3F2P-5JCV-CFFX
Vulnerability from github – Published: 2024-07-12 15:31 – Updated: 2026-05-12 12:32In the Linux kernel, the following vulnerability has been resolved:
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
syzbot found hanging tasks waiting on rtnl_lock [1]
A reproducer is available in the syzbot bug.
When a request to add multiple actions with the same index is sent, the second request will block forever on the first request. This holds rtnl_lock, and causes tasks to hang.
Return -EAGAIN to prevent infinite looping, while keeping documented behavior.
[1]
INFO: task kworker/1:0:5088 blocked for more than 143 seconds. Not tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000 Workqueue: events_power_efficient reg_check_chans_work Call Trace: context_switch kernel/sched/core.c:5409 [inline] __schedule+0xf15/0x5d00 kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xe7/0x350 kernel/sched/core.c:6838 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752 wiphy_lock include/net/cfg80211.h:5953 [inline] reg_leave_invalid_chans net/wireless/reg.c:2466 [inline] reg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481
{
"affected": [],
"aliases": [
"CVE-2024-40995"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-12T13:15:20Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()\n\nsyzbot found hanging tasks waiting on rtnl_lock [1]\n\nA reproducer is available in the syzbot bug.\n\nWhen a request to add multiple actions with the same index is sent, the\nsecond request will block forever on the first request. This holds\nrtnl_lock, and causes tasks to hang.\n\nReturn -EAGAIN to prevent infinite looping, while keeping documented\nbehavior.\n\n[1]\n\nINFO: task kworker/1:0:5088 blocked for more than 143 seconds.\nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000\nWorkqueue: events_power_efficient reg_check_chans_work\nCall Trace:\n\u003cTASK\u003e\ncontext_switch kernel/sched/core.c:5409 [inline]\n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746\n__schedule_loop kernel/sched/core.c:6823 [inline]\nschedule+0xe7/0x350 kernel/sched/core.c:6838\nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895\n__mutex_lock_common kernel/locking/mutex.c:684 [inline]\n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752\nwiphy_lock include/net/cfg80211.h:5953 [inline]\nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline]\nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481",
"id": "GHSA-3f2p-5jcv-cffx",
"modified": "2026-05-12T12:32:02Z",
"published": "2024-07-12T15:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40995"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3F98-9H78-W5JH
Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
{
"affected": [],
"aliases": [
"CVE-2017-7401"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-03T14:59:00Z",
"severity": "HIGH"
},
"details": "Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with \"SecurityLevel None\" and with empty \"AuthFile\" options) via a crafted UDP packet.",
"id": "GHSA-3f98-9h78-w5jh",
"modified": "2022-05-13T01:46:58Z",
"published": "2022-05-13T01:46:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7401"
},
{
"type": "WEB",
"url": "https://github.com/collectd/collectd/issues/2174"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1285"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1787"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2615"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97321"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3G8C-3P92-RJWR
Vulnerability from github – Published: 2025-08-19 18:31 – Updated: 2026-01-07 21:31In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix possible infinite loop in fib6_info_uses_dev()
fib6_info_uses_dev() seems to rely on RCU without an explicit protection.
Like the prior fix in rt6_nlmsg_size(), we need to make sure fib6_del_route() or fib6_add_rt2node() have not removed the anchor from the list, or we risk an infinite loop.
{
"affected": [],
"aliases": [
"CVE-2025-38587"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-19T17:15:36Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"id": "GHSA-3g8c-3p92-rjwr",
"modified": "2026-01-07T21:31:39Z",
"published": "2025-08-19T18:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38587"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/16d21816c0918f8058b5fc14cbe8595d62046e2d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9cb6de8ee144a94ae7a40bdb32560329ab7276f0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bc85e62394f008fa848c4ba02c936c735a3e8ef5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/db65739d406c72776fbdbbc334be827ef05880d2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e09be457b71b983a085312ff9e981f51e4ed3211"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f8d8ce1b515a0a6af72b30502670a406cfb75073"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3H47-GJH4-RMQ3
Vulnerability from github – Published: 2026-04-30 09:30 – Updated: 2026-04-30 09:30TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service
{
"affected": [],
"aliases": [
"CVE-2026-6528"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-30T07:16:40Z",
"severity": "MODERATE"
},
"details": "TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service",
"id": "GHSA-3h47-gjh4-rmq3",
"modified": "2026-04-30T09:30:25Z",
"published": "2026-04-30T09:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6528"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/work_items/21147"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/work_items/21151"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2026-33.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3H88-J436-W3R5
Vulnerability from github – Published: 2023-03-24 21:30 – Updated: 2023-03-29 15:30In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749764
{
"affected": [],
"aliases": [
"CVE-2023-20996"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-24T20:15:00Z",
"severity": "MODERATE"
},
"details": "In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749764",
"id": "GHSA-3h88-j436-w3r5",
"modified": "2023-03-29T15:30:17Z",
"published": "2023-03-24T21:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20996"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2023-03-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HWX-VC7V-FW2M
Vulnerability from github – Published: 2021-12-31 00:00 – Updated: 2025-11-04 00:30Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
{
"affected": [],
"aliases": [
"CVE-2021-4182"
],
"database_specific": {
"cwe_ids": [
"CWE-74",
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-30T22:15:00Z",
"severity": "HIGH"
},
"details": "Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file",
"id": "GHSA-3hwx-vc7v-fw2m",
"modified": "2025-11-04T00:30:30Z",
"published": "2021-12-31T00:00:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4182"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4182.json"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/17801"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202210-04"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2021-20.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3J2M-32HQ-9HP8
Vulnerability from github – Published: 2021-12-22 00:00 – Updated: 2023-05-27 06:30An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.
{
"affected": [],
"aliases": [
"CVE-2021-45297"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-21T19:15:00Z",
"severity": "MODERATE"
},
"details": "An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.",
"id": "GHSA-3j2m-32hq-9hp8",
"modified": "2023-05-27T06:30:36Z",
"published": "2021-12-22T00:00:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45297"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/issues/1973"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5411"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3J5X-WXPV-2QP4
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403.
{
"affected": [],
"aliases": [
"CVE-2017-13191"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-12T23:29:00Z",
"severity": "HIGH"
},
"details": "In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403.",
"id": "GHSA-3j5x-wxpv-2qp4",
"modified": "2022-05-13T01:43:06Z",
"published": "2022-05-13T01:43:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13191"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2018-01-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102414"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040106"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3M3R-F94V-4MF8
Vulnerability from github – Published: 2026-07-09 12:30 – Updated: 2026-07-13 15:31GNU patch is vulnerable to a denial of service (DoS) due to improper validation of hunk (single block of changes in diff) line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop while attempting to locate the requested position. This results in excessive CPU consumption and prevents the process from completing. An attacker can trigger this behavior by supplying a malicious patch file, causing the utility to become unresponsive and require manual termination.
This issue has been fixed in the commit faba04ef4f2b410257f76c1b9dc85e350929c4b9
{
"affected": [],
"aliases": [
"CVE-2026-56289"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-09T11:16:40Z",
"severity": "MODERATE"
},
"details": "GNU patch is vulnerable to a denial of service (DoS) due to improper validation of hunk (single block of changes in diff) line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop while attempting to locate the requested position.\nThis results in excessive CPU consumption and prevents the process from completing.\nAn attacker can trigger this behavior by supplying a malicious patch file, causing the utility to become unresponsive and require manual termination.\n\n\n\nThis issue has been fixed in the commit faba04ef4f2b410257f76c1b9dc85e350929c4b9",
"id": "GHSA-3m3r-f94v-4mf8",
"modified": "2026-07-13T15:31:42Z",
"published": "2026-07-09T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56289"
},
{
"type": "WEB",
"url": "https://cert.pl/en/posts/2026/07/CVE-2026-56288"
},
{
"type": "WEB",
"url": "https://cgit.git.savannah.gnu.org/cgit/patch.git"
},
{
"type": "WEB",
"url": "https://cgit.git.savannah.gnu.org/cgit/patch.git/commit/?id=faba04ef4f2b410257f76c1b9dc85e350929c4b9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-3MWF-8HP6-9VXF
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.
{
"affected": [],
"aliases": [
"CVE-2018-7174"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-15T21:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.",
"id": "GHSA-3mwf-8hp6-9vxf",
"modified": "2022-05-13T01:53:17Z",
"published": "2022-05-13T01:53:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7174"
},
{
"type": "WEB",
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3\u0026t=605"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.