CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
BaseIncomplete
Description
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (219)
page 7 of 11| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-15223 | Med | 0.39 | 5.3 | 0.17 | Oct 24, 2017 | Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop. | |
| CVE-2017-9258 | Med | 0.39 | 5.5 | 0.02 | Jul 27, 2017 | The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wav file. | |
| CVE-2016-8910 | Med | 0.39 | 6.0 | 0.00 | Nov 4, 2016 | The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | |
| CVE-2016-8909 | Med | 0.39 | 6.0 | 0.00 | Nov 4, 2016 | The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. | |
| CVE-2023-2593 | Med | 0.38 | 5.9 | 0.00 | Jul 30, 2025 | A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system. | |
| CVE-2025-32029 | Med | 0.38 | — | 0.00 | Apr 7, 2025 | ts-asn1-der is a collection of utility classes to encode ASN.1 data following DER rule. Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this range could result in a negative result upon applying the >> operator, leading to an infinite loop. The issue is patched in version 1.0.4. If upgrading is not an option, the issue can be mitigated by validating inputs to Asn1Integer to ensure that they are not smaller than -2**31 + 1 and no larger than 2**31 - 1. | |
| CVE-2024-24788 | Med | 0.38 | 5.9 | 0.00 | May 8, 2024 | A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. | |
| CVE-2026-42310 | Med | 0.36 | 5.5 | 0.00 | May 9, 2026 | Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0. | |
| CVE-2026-6536 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 | |
| CVE-2026-6534 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-6531 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-6528 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service | |
| CVE-2026-6523 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-6522 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-6521 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-6520 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-6519 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-5407 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-7375 | Med | 0.36 | 5.5 | 0.00 | Apr 30, 2026 | UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | |
| CVE-2026-31642 | Med | 0.36 | 5.5 | 0.00 | Apr 24, 2026 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet->calls list to use list_del_rcu() rather than list_del_init() to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an infinite loop. This, however, means that list_empty() no longer works on an entry that's been deleted from the list, making it harder to detect prior deletion. Fix this by: Firstly, make rxrpc_destroy_all_calls() only dump the first ten calls that are unexpectedly still on the list. Limiting the number of steps means there's no need to call cond_resched() or to remove calls from the list here, thereby eliminating the need for rxrpc_put_call() to check for that. rxrpc_put_call() can then be fixed to unconditionally delete the call from the list as it is the only place that the deletion occurs. |