CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
Description
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (456)
page 10 of 23| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-0619 | Med | 0.39 | — | 0.00 | Feb 12, 2026 | A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which allows an attacker to trigger a denial of service. A hard reset is required to recover the device. | ||
| CVE-2025-27560 | — | Med | 0.39 | 6.0 | 0.00 | Feb 10, 2026 | Loop with unreachable exit condition ('infinite loop') for some Intel(R) Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially… | |
| CVE-2017-9258 | Med | 0.39 | 5.5 | 0.04 | Jul 27, 2017 | The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wav file. | ||
| CVE-2016-8910 | Med | 0.39 | 6.0 | 0.00 | Nov 4, 2016 | The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | ||
| CVE-2016-8909 | Med | 0.39 | 6.0 | 0.00 | Nov 4, 2016 | The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. | ||
| CVE-2026-54904 | hig | 0.38 | — | 0.00 | Jun 19, 2026 | ### Summary `Concurrent::AtomicReference#update` can enter a permanent busy retry loop when the current value is `Float::NAN`. The issue is caused by the interaction between: - `AtomicReference#update`, which retries until `compare_and_set(old_value, new_value)` succeeds. -… | ||
| CVE-2026-54772 | hig | 0.38 | — | — | Jun 19, 2026 | ### Impact An unauthenticated remote attacker can pin one server thread‑pool worker at 100 % CPU per connection. With a few connections, the CPU usage can be exhausted. #### Preconditions An attacker being able to reach a service which is exposing an endpoint using one of… | ||
| CVE-2023-2593 | Med | 0.38 | 5.9 | 0.01 | Jul 30, 2025 | A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system. | ||
| CVE-2025-32029 | Med | 0.38 | — | 0.00 | Apr 7, 2025 | ts-asn1-der is a collection of utility classes to encode ASN.1 data following DER rule. Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this… | ||
| CVE-2018-18070 | Med | 0.38 | 5.9 | 0.01 | Oct 9, 2018 | An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to… | ||
| CVE-2017-15223 | Med | 0.38 | 5.3 | 0.05 | Oct 24, 2017 | Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop. | ||
| CVE-2017-17131 | Med | 0.37 | 5.7 | 0.01 | Mar 5, 2018 | Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded.… | ||
| CVE-2018-5711 | Med | 0.37 | 5.5 | 0.13 | Jan 16, 2018 | gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the… | ||
| CVE-2026-46521 | Med | 0.36 | 5.5 | 0.00 | Jun 10, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in… | ||
| CVE-2026-49495 | Med | 0.36 | 5.5 | 0.00 | Jun 10, 2026 | Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth… | ||
| CVE-2026-23082 | Med | 0.36 | 5.5 | 0.00 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error In commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"), the URB was re-anchored before… | ||
| CVE-2025-38727 | Med | 0.36 | 5.5 | 0.00 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rcvbuf) to check if the… | ||
| CVE-2023-53133 | Med | 0.36 | 5.5 | 0.00 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup… | ||
| CVE-2024-57940 | Med | 0.36 | 5.5 | 0.00 | Jan 21, 2025 | In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the cluster chain, and there is an unused directory entry in the cluster, 'dentry' will… | ||
| CVE-2024-43828 | Med | 0.36 | 5.5 | 0.00 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole() does not detect the… |
- risk 0.39cvss —epss 0.00
A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which allows an attacker to trigger a denial of service. A hard reset is required to recover the device.
- risk 0.39cvss 6.0epss 0.00
Loop with unreachable exit condition ('infinite loop') for some Intel(R) Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially…
- risk 0.39cvss 5.5epss 0.04
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wav file.
- risk 0.39cvss 6.0epss 0.00
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
- risk 0.39cvss 6.0epss 0.00
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
- risk 0.38cvss —epss 0.00
### Summary `Concurrent::AtomicReference#update` can enter a permanent busy retry loop when the current value is `Float::NAN`. The issue is caused by the interaction between: - `AtomicReference#update`, which retries until `compare_and_set(old_value, new_value)` succeeds. -…
- risk 0.38cvss —epss —
### Impact An unauthenticated remote attacker can pin one server thread‑pool worker at 100 % CPU per connection. With a few connections, the CPU usage can be exhausted. #### Preconditions An attacker being able to reach a service which is exposing an endpoint using one of…
- risk 0.38cvss 5.9epss 0.01
A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system.
- risk 0.38cvss —epss 0.00
ts-asn1-der is a collection of utility classes to encode ASN.1 data following DER rule. Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this…
- risk 0.38cvss 5.9epss 0.01
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to…
- risk 0.38cvss 5.3epss 0.05
Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop.
- risk 0.37cvss 5.7epss 0.01
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded.…
- risk 0.37cvss 5.5epss 0.13
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the…
- risk 0.36cvss 5.5epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in…
- risk 0.36cvss 5.5epss 0.00
Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth…
- risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error In commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"), the URB was re-anchored before…
- risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rcvbuf) to check if the…
- risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup…
- risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the cluster chain, and there is an unused directory entry in the cluster, 'dentry' will…
- risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole() does not detect the…