CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

BaseIncomplete

Description

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Hierarchy (View 1000)

Parents

CWE-834

Children

none

CVEs mapped to this weakness (219)

page 4 of 11

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-9345	Hig	0.49	7.5	0.01	Jun 2, 2017	In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
CVE-2016-4970	Hig	0.49	7.5	0.08	Apr 13, 2017	handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).
CVE-2017-7748	Hig	0.49	7.5	0.00	Apr 12, 2017	In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.
CVE-2017-7746	Hig	0.49	7.5	0.02	Apr 12, 2017	In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
CVE-2017-7745	Hig	0.49	7.5	0.00	Apr 12, 2017	In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.
CVE-2017-7705	Hig	0.49	7.5	0.01	Apr 12, 2017	In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.
CVE-2017-7704	Hig	0.49	7.5	0.01	Apr 12, 2017	In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.
CVE-2017-7702	Hig	0.49	7.5	0.01	Apr 12, 2017	In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.
CVE-2017-7701	Hig	0.49	7.5	0.01	Apr 12, 2017	In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.
CVE-2017-7619	Hig	0.49	7.5	0.00	Apr 10, 2017	In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.
CVE-2017-7618	Hig	0.49	7.5	0.01	Apr 10, 2017	crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
CVE-2017-7401	Hig	0.49	7.5	0.01	Apr 3, 2017	Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
CVE-2017-6474	Hig	0.49	7.5	0.01	Mar 4, 2017	In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.
CVE-2017-6472	Hig	0.49	7.5	0.01	Mar 4, 2017	In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value.
CVE-2017-6470	Hig	0.49	7.5	0.00	Mar 4, 2017	In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness.
CVE-2017-6467	Hig	0.49	7.5	0.01	Mar 4, 2017	In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size.
CVE-2016-5042	Hig	0.49	7.5	0.02	Feb 17, 2017	The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.
CVE-2017-6014	Hig	0.49	7.5	0.00	Feb 17, 2017	In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.
CVE-2017-5596	Hig	0.49	7.5	0.01	Jan 25, 2017	In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
CVE-2016-6301	Hig	0.49	7.5	0.03	Dec 9, 2016	The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.