CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1057 vulnerabilities reference this CWE, most recent first.
GHSA-MXWM-W839-25WJ
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file.
{
"affected": [],
"aliases": [
"CVE-2017-11446"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-19T07:29:00Z",
"severity": "HIGH"
},
"details": "The ReadPESImage function in coders\\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file.",
"id": "GHSA-mxwm-w839-25wj",
"modified": "2022-05-13T01:42:21Z",
"published": "2022-05-13T01:42:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11446"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/issues/537"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-4019"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99964"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P28X-HJ68-7VFP
Vulnerability from github – Published: 2024-04-08 15:30 – Updated: 2024-04-08 16:46An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ryu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.34"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-28732"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-08T16:46:52Z",
"nvd_published_at": "2024-04-08T14:15:07Z",
"severity": "HIGH"
},
"details": "An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).",
"id": "GHSA-p28x-hj68-7vfp",
"modified": "2024-04-08T16:46:52Z",
"published": "2024-04-08T15:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28732"
},
{
"type": "WEB",
"url": "https://github.com/faucetsdn/ryu/issues/188"
},
{
"type": "WEB",
"url": "https://gist.github.com/ErodedElk/1133d64dde2d92393a065edc9b243792"
},
{
"type": "PACKAGE",
"url": "https://github.com/faucetsdn/ryu"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Ryu Infinite Loop vulnerability"
}
GHSA-P2WX-23H7-P7R8
Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
{
"affected": [],
"aliases": [
"CVE-2018-19108"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-08T08:29:00Z",
"severity": "MODERATE"
},
"details": "In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.",
"id": "GHSA-p2wx-23h7-p7r8",
"modified": "2022-05-13T01:50:50Z",
"published": "2022-05-13T01:50:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19108"
},
{
"type": "WEB",
"url": "https://github.com/Exiv2/exiv2/issues/426"
},
{
"type": "WEB",
"url": "https://github.com/Exiv2/exiv2/pull/518"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2101"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4056-1"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P3PX-2XX5-XMGX
Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:38smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
{
"affected": [],
"aliases": [
"CVE-2017-9461"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-06T21:29:00Z",
"severity": "MODERATE"
},
"details": "smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.",
"id": "GHSA-p3px-2xx5-xmgx",
"modified": "2025-04-20T03:38:32Z",
"published": "2022-05-13T01:47:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9461"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1950"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2338"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2778"
},
{
"type": "WEB",
"url": "https://bugs.debian.org/864291"
},
{
"type": "WEB",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=12572"
},
{
"type": "WEB",
"url": "https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=10c3e3923022485c720f322ca4f0aca5d7501310"
},
{
"type": "WEB",
"url": "https://git.samba.org/?p=samba.git;a=commit;h=10c3e3923022485c720f322ca4f0aca5d7501310"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99455"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P4GW-2VRQ-J64Q
Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-05-24 17:07In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
{
"affected": [],
"aliases": [
"CVE-2019-20421"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-27T05:15:00Z",
"severity": "HIGH"
},
"details": "In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.",
"id": "GHSA-p4gw-2vrq-j64q",
"modified": "2022-05-24T17:07:27Z",
"published": "2022-05-24T17:07:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20421"
},
{
"type": "WEB",
"url": "https://github.com/Exiv2/exiv2/issues/1011"
},
{
"type": "WEB",
"url": "https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4270-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4958"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P4QW-7J9G-5H53
Vulnerability from github – Published: 2025-04-07 21:11 – Updated: 2025-04-08 17:49Impact
Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this range could result in a negative result upon applying the >> operator, leading to an infinite loop.
In addition, number encoding had a few other issues that resulted it in it not encoding values correctly.
Patches
The issue is patched in version 1.0.4. Users are recommended to upgrade as soon as possible.
Workarounds
If upgrading is not an option, the issue can be mitigated by validating inputs to Asn1Integer to ensure that they are not smaller than -2**31 + 1 and no larger than 2**31 - 1. Although Asn1Integer supports bigint inputs, some additional implementation issues make using bigint as a mitigation inviable, as it will result in incorrect values.
If upgrading is not an option and range checks are impractical or undesirable, input to Asn1Integer can be provided as a buffer to be used directly. Note that this requires computing the correct DER encoding externally.
References
N/A
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@apeleghq/asn1-der"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-32029"
],
"database_specific": {
"cwe_ids": [
"CWE-1335",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-07T21:11:19Z",
"nvd_published_at": "2025-04-07T21:15:42Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nIncorrect `number` DER encoding can lead to denial on service for absolute values in the range `2**31` -- `2**32 - 1`. The arithmetic in the `numBitLen` didn\u0027t take into account that values in this range could result in a negative result upon applying the `\u003e\u003e` operator, leading to an infinite loop.\n\nIn addition, `number` encoding had a few other issues that resulted it in it not encoding values correctly.\n\n### Patches\n\nThe issue is patched in version `1.0.4`. Users are recommended to upgrade as soon as possible.\n\n### Workarounds\n\nIf upgrading is not an option, the issue can be mitigated by validating inputs to `Asn1Integer` to ensure that they are not smaller than `-2**31 + 1` and no larger than `2**31 - 1`. Although `Asn1Integer` supports `bigint` inputs, some additional implementation issues make using `bigint` as a mitigation inviable, as it will result in incorrect values.\n\nIf upgrading is not an option and range checks are impractical or undesirable, input to `Asn1Integer` can be provided as a buffer to be used directly. Note that this requires computing the correct DER encoding externally.\n\n### References\n\nN/A",
"id": "GHSA-p4qw-7j9g-5h53",
"modified": "2025-04-08T17:49:39Z",
"published": "2025-04-07T21:11:19Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ApelegHQ/ts-asn1-der/security/advisories/GHSA-p4qw-7j9g-5h53"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32029"
},
{
"type": "WEB",
"url": "https://github.com/ApelegHQ/ts-asn1-der/commit/b2bc9032cbe19755d234a27d79e47a7e52993af8"
},
{
"type": "PACKAGE",
"url": "https://github.com/ApelegHQ/ts-asn1-der"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "ts-asn1-der has Incorrect DER Encoding of Numbers Leading to Denial of Service and Incorrect Value Representation"
}
GHSA-P4RV-2523-RG59
Vulnerability from github – Published: 2022-05-01 01:52 – Updated: 2022-05-01 01:52FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings.
{
"affected": [],
"aliases": [
"CVE-2005-0851"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2005-05-02T04:00:00Z",
"severity": "MODERATE"
},
"details": "FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings.",
"id": "GHSA-p4rv-2523-rg59",
"modified": "2022-05-01T01:52:39Z",
"published": "2022-05-01T01:52:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0851"
},
{
"type": "WEB",
"url": "http://sourceforge.net/project/shownotes.php?group_id=21558\u0026release_id=314473"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/12865"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P53Q-5J5X-MJ95
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2023-02-04 00:30An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.
{
"affected": [],
"aliases": [
"CVE-2019-17349"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-08T01:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.",
"id": "GHSA-p53q-5j5x-mj95",
"modified": "2023-02-04T00:30:37Z",
"published": "2022-05-24T16:58:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17349"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2020/Jan/21"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4602"
},
{
"type": "WEB",
"url": "https://xenbits.xen.org/xsa/advisory-295.html"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-295.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P5MR-2VJP-C5M9
Vulnerability from github – Published: 2023-03-24 21:30 – Updated: 2023-03-29 18:30In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246750467
{
"affected": [],
"aliases": [
"CVE-2023-20999"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-24T20:15:00Z",
"severity": "MODERATE"
},
"details": "In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246750467",
"id": "GHSA-p5mr-2vjp-c5m9",
"modified": "2023-03-29T18:30:30Z",
"published": "2023-03-24T21:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20999"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2023-03-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P5XV-5G6H-QW33
Vulnerability from github – Published: 2023-09-13 18:31 – Updated: 2024-05-22 18:30A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflate_buffer function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.
{
"affected": [],
"aliases": [
"CVE-2023-3255"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-13T17:15:09Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.",
"id": "GHSA-p5xv-5g6h-qw33",
"modified": "2024-05-22T18:30:37Z",
"published": "2023-09-13T18:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3255"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2135"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2962"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-3255"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218486"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20231020-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.