CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1057 vulnerabilities reference this CWE, most recent first.
GHSA-HF7Q-8RRJ-F5PV
Vulnerability from github – Published: 2025-01-31 12:33 – Updated: 2025-11-03 21:32In the Linux kernel, the following vulnerability has been resolved:
iomap: avoid avoid truncating 64-bit offset to 32 bits
on 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a 32-bit position due to folio_next_index() returning an unsigned long. This could lead to an infinite loop when writing to an xfs filesystem.
{
"affected": [],
"aliases": [
"CVE-2025-21667"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-31T12:15:27Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem.",
"id": "GHSA-hf7q-8rrj-f5pv",
"modified": "2025-11-03T21:32:30Z",
"published": "2025-01-31T12:33:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21667"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/402ce16421477e27f30b57d6d1a6dc248fa3a4e4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7ca4bd6b754913910151acce00be093f03642725"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/91371922704c8d82049ef7c2ad974d0a2cd1174d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c13094b894de289514d84b8db56d1f2931a0bade"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HFG7-J82C-FR3W
Vulnerability from github – Published: 2024-05-24 20:09 – Updated: 2024-08-22 21:40An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service (DoS).
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.soot-oss:soot"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-46442"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-24T20:09:40Z",
"nvd_published_at": "2024-05-24T17:15:45Z",
"severity": "HIGH"
},
"details": "An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service (DoS).",
"id": "GHSA-hfg7-j82c-fr3w",
"modified": "2024-08-22T21:40:37Z",
"published": "2024-05-24T20:09:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46442"
},
{
"type": "WEB",
"url": "https://github.com/JAckLosingHeart/CVE-2023-46442_POC/tree/main"
},
{
"type": "PACKAGE",
"url": "https://github.com/soot-oss/soot"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Soot Infinite Loop vulnerability"
}
GHSA-HFPQ-X728-986J
Vulnerability from github – Published: 2026-04-07 20:13 – Updated: 2026-04-24 13:44Impact
A truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU.
Patches
https://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1
Workarounds
None
Credits
Thanks to @dkane01 for reporting this
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.17.0"
},
"package": {
"ecosystem": "crates.io",
"name": "netavark"
},
"ranges": [
{
"events": [
{
"introduced": "1.16.0"
},
{
"fixed": "1.17.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35406"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-07T20:13:04Z",
"nvd_published_at": "2026-04-07T22:16:23Z",
"severity": "HIGH"
},
"details": "### Impact\n\nA truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU.\n\n### Patches\nhttps://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1\n\n### Workarounds\nNone\n\n### Credits\n\nThanks to @dkane01 for reporting this",
"id": "GHSA-hfpq-x728-986j",
"modified": "2026-04-24T13:44:30Z",
"published": "2026-04-07T20:13:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/containers/aardvark-dns/security/advisories/GHSA-hfpq-x728-986j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35406"
},
{
"type": "WEB",
"url": "https://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1"
},
{
"type": "PACKAGE",
"url": "https://github.com/containers/aardvark-dns"
},
{
"type": "WEB",
"url": "https://github.com/containers/aardvark-dns/releases/tag/v1.17.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "netavark has incorrect error handling for malformed tcp packets"
}
GHSA-HH64-96R8-HM69
Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.
{
"affected": [],
"aliases": [
"CVE-2018-14368"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-19T02:29:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.",
"id": "GHSA-hh64-96r8-hm69",
"modified": "2022-05-13T01:27:51Z",
"published": "2022-05-13T01:27:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14368"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14841"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6c44312f465014eb409d766a9828b7f101f6251c"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00045.html"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-40.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041608"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HM5V-WWXQ-27X8
Vulnerability from github – Published: 2026-07-01 12:31 – Updated: 2026-07-01 12:31A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop. Successful exploitation may result in excessive CPU consumption, leading to a denial of service.
{
"affected": [],
"aliases": [
"CVE-2026-14258"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-01T11:16:25Z",
"severity": "MODERATE"
},
"details": "A flaw was found in dhcpcd\u0027s IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop. Successful exploitation may result in excessive CPU consumption, leading to a denial of service.",
"id": "GHSA-hm5v-wwxq-27x8",
"modified": "2026-07-01T12:31:35Z",
"published": "2026-07-01T12:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14258"
},
{
"type": "WEB",
"url": "https://github.com/NetworkConfiguration/dhcpcd/issues/415"
},
{
"type": "WEB",
"url": "https://github.com/NetworkConfiguration/dhcpcd/commit/75289ca"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-14258"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2462305"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HM76-PCX8-WGRM
Vulnerability from github – Published: 2022-05-13 01:49 – Updated: 2022-05-13 01:49In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.
{
"affected": [],
"aliases": [
"CVE-2018-14445"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-20T13:29:00Z",
"severity": "MODERATE"
},
"details": "In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.",
"id": "GHSA-hm76-pcx8-wgrm",
"modified": "2022-05-13T01:49:56Z",
"published": "2022-05-13T01:49:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14445"
},
{
"type": "WEB",
"url": "https://github.com/axiomatic-systems/Bento4/issues/289"
},
{
"type": "WEB",
"url": "http://hac425.unaux.com/index.php/archives/62"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HM7P-R324-HHF3
Vulnerability from github – Published: 2023-03-03 06:30 – Updated: 2025-03-06 21:36Math/PrimeField.php in phpseclib has an infinite loop with composite primefields. This vulnerability was introduced in version 3.0.0, and has been patched in 3.0.19. The CVE for this issue originally identified the the vulnerable version as 2.x, however, the vulnerable functionality was not introduced until version 3.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "phpseclib/phpseclib"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.0.19"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-27560"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2023-03-03T23:01:05Z",
"nvd_published_at": "2023-03-03T06:15:00Z",
"severity": "HIGH"
},
"details": "Math/PrimeField.php in phpseclib has an infinite loop with composite primefields. This vulnerability was introduced in version 3.0.0, and has been patched in 3.0.19. The CVE for this issue originally identified the the vulnerable version as 2.x, however, the vulnerable functionality was not introduced until version 3.",
"id": "GHSA-hm7p-r324-hhf3",
"modified": "2025-03-06T21:36:12Z",
"published": "2023-03-03T06:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27560"
},
{
"type": "WEB",
"url": "https://github.com/phpseclib/phpseclib/commit/6298d1cd55c3ffa44533bd41906caec246b60440"
},
{
"type": "WEB",
"url": "https://github.com/phpseclib/phpseclib/commit/6298d1cd55c3ffa44533bd41906caec246b60440#commitcomment-103226722"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2023-27560.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/phpseclib/phpseclib"
},
{
"type": "WEB",
"url": "https://github.com/phpseclib/phpseclib/releases/tag/3.0.19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "phpseclib Infinite Loop vulnerability"
}
GHSA-HM9V-VJ3R-R55M
Vulnerability from github – Published: 2023-06-30 22:19 – Updated: 2023-06-30 22:19Impact
An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. That is, for example, the case if the user extracted metadata from such a malformed PDF.
Patches
The issue was fixed with https://github.com/py-pdf/pypdf/pull/1331
Workarounds
If you cannot update your version of PyPDF2 (preferably to pypdf>3.1.0 as PyPDF2 is deprecated), you should modify PyPDF2/generic/_data_structures.py::read_object.
Replace:
else:
# number object OR indirect reference
peek = stream.read(20)
stream.seek(-len(peek), 1) # reset to start
if IndirectPattern.match(peek) is not None:
return IndirectObject.read_from_stream(stream, pdf)
else:
return NumberObject.read_from_stream(stream)
by
elif tok in b"0123456789+-.":
# number object OR indirect reference
peek = stream.read(20)
stream.seek(-len(peek), 1) # reset to start
if IndirectPattern.match(peek) is not None:
return IndirectObject.read_from_stream(stream, pdf)
else:
return NumberObject.read_from_stream(stream)
else:
raise PdfReadError(
f"Invalid Elementary Object starting with {tok} @{stream.tell()}"
)
References
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "PyPDF2"
},
"ranges": [
{
"events": [
{
"introduced": "2.10.5"
},
{
"fixed": "2.10.6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.10.5"
]
}
],
"aliases": [
"CVE-2023-36807"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2023-06-30T22:19:39Z",
"nvd_published_at": "2023-06-30T19:15:09Z",
"severity": "MODERATE"
},
"details": "### Impact\nAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop.\nThis infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. That is, for example, the case if the user extracted metadata from such a malformed PDF.\n\n### Patches\nThe issue was fixed with https://github.com/py-pdf/pypdf/pull/1331\n\n### Workarounds\nIf you cannot update your version of `PyPDF2` (preferably to `pypdf\u003e3.1.0` as PyPDF2 is deprecated), you should modify `PyPDF2/generic/_data_structures.py::read_object`.\n\nReplace:\n\n```python\n else:\n # number object OR indirect reference\n peek = stream.read(20)\n stream.seek(-len(peek), 1) # reset to start\n if IndirectPattern.match(peek) is not None:\n return IndirectObject.read_from_stream(stream, pdf)\n else:\n return NumberObject.read_from_stream(stream)\n```\n\nby\n\n```python\n elif tok in b\"0123456789+-.\":\n # number object OR indirect reference\n peek = stream.read(20)\n stream.seek(-len(peek), 1) # reset to start\n if IndirectPattern.match(peek) is not None:\n return IndirectObject.read_from_stream(stream, pdf)\n else:\n return NumberObject.read_from_stream(stream)\n else:\n raise PdfReadError(\n f\"Invalid Elementary Object starting with {tok} @{stream.tell()}\"\n )\n```\n\n### References\n* [pypdf issue #1329](https://github.com/py-pdf/pypdf/issues/1329)\n* [pypdf PR #1331](https://github.com/py-pdf/pypdf/pull/1331)",
"id": "GHSA-hm9v-vj3r-r55m",
"modified": "2023-06-30T22:19:39Z",
"published": "2023-06-30T22:19:39Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-hm9v-vj3r-r55m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36807"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/issues/1329"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/pull/1331"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/commit/e6531a25325e7e0174b6a1ba03b57320b5227f6b"
},
{
"type": "PACKAGE",
"url": "https://github.com/py-pdf/pypdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "PyPDF2 vulnerable to possible Infinite Loop when reading malformed objects"
}
GHSA-HP28-XQ6X-W6CH
Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2025-04-20 03:33The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file.
{
"affected": [],
"aliases": [
"CVE-2017-5852"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-01T15:59:00Z",
"severity": "MODERATE"
},
"details": "The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file.",
"id": "GHSA-hp28-xq6x-w6ch",
"modified": "2025-04-20T03:33:28Z",
"published": "2022-05-13T01:46:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5852"
},
{
"type": "WEB",
"url": "https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/12"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/02/02/10"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97032"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HP7J-WVG8-RGV3
Vulnerability from github – Published: 2024-06-13 21:30 – Updated: 2024-06-13 21:30Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of multipart boundaries. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23171.
{
"affected": [],
"aliases": [
"CVE-2024-5949"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-13T20:15:16Z",
"severity": "MODERATE"
},
"details": "Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of multipart boundaries. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23171.",
"id": "GHSA-hp7j-wvg8-rgv3",
"modified": "2024-06-13T21:30:54Z",
"published": "2024-06-13T21:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5949"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-673"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.