Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1059 vulnerabilities reference this CWE, most recent first.

GHSA-3C69-M56M-795W

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:38
VLAI
Details

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9346"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-02T05:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.",
  "id": "GHSA-3c69-m56m-795w",
  "modified": "2025-04-20T03:38:24Z",
  "published": "2022-05-13T01:47:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9346"
    },
    {
      "type": "WEB",
      "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1200"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6c0bd15bd46a95c5b7dce02fe23c594429bb6c7e"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6c0bd15bd46a95c5b7dce02fe23c594429bb6c7e"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2017-25.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98799"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038612"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3CFQ-4XX4-RMPG

Vulnerability from github – Published: 2026-06-17 21:34 – Updated: 2026-06-17 21:34
VLAI
Details

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSH_MSG_EXT_INFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can set nr_extensions to 0xFFFFFFFF during key exchange, causing the client to spin in a tight CPU loop for over 60 seconds because return values from _libssh2_get_string() are unchecked and the session timeout does not apply to CPU-bound loops.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-55199"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-17T20:17:28Z",
    "severity": "HIGH"
  },
  "details": "libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSH_MSG_EXT_INFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can set nr_extensions to 0xFFFFFFFF during key exchange, causing the client to spin in a tight CPU loop for over 60 seconds because return values from _libssh2_get_string() are unchecked and the session timeout does not apply to CPU-bound loops.",
  "id": "GHSA-3cfq-4xx4-rmpg",
  "modified": "2026-06-17T21:34:39Z",
  "published": "2026-06-17T21:34:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55199"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libssh2/libssh2/pull/1864"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libssh2/libssh2/commit/17626857d20b3c9a1addfa45979dadcee1cd84a4"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/libssh2-pre-authentication-dos-via-ssh-msg-ext-info-handler"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3F2P-5JCV-CFFX

Vulnerability from github – Published: 2024-07-12 15:31 – Updated: 2026-05-12 12:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

syzbot found hanging tasks waiting on rtnl_lock [1]

A reproducer is available in the syzbot bug.

When a request to add multiple actions with the same index is sent, the second request will block forever on the first request. This holds rtnl_lock, and causes tasks to hang.

Return -EAGAIN to prevent infinite looping, while keeping documented behavior.

[1]

INFO: task kworker/1:0:5088 blocked for more than 143 seconds. Not tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000 Workqueue: events_power_efficient reg_check_chans_work Call Trace: context_switch kernel/sched/core.c:5409 [inline] __schedule+0xf15/0x5d00 kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xe7/0x350 kernel/sched/core.c:6838 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752 wiphy_lock include/net/cfg80211.h:5953 [inline] reg_leave_invalid_chans net/wireless/reg.c:2466 [inline] reg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-40995"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-12T13:15:20Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()\n\nsyzbot found hanging tasks waiting on rtnl_lock [1]\n\nA reproducer is available in the syzbot bug.\n\nWhen a request to add multiple actions with the same index is sent, the\nsecond request will block forever on the first request. This holds\nrtnl_lock, and causes tasks to hang.\n\nReturn -EAGAIN to prevent infinite looping, while keeping documented\nbehavior.\n\n[1]\n\nINFO: task kworker/1:0:5088 blocked for more than 143 seconds.\nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000\nWorkqueue: events_power_efficient reg_check_chans_work\nCall Trace:\n\u003cTASK\u003e\ncontext_switch kernel/sched/core.c:5409 [inline]\n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746\n__schedule_loop kernel/sched/core.c:6823 [inline]\nschedule+0xe7/0x350 kernel/sched/core.c:6838\nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895\n__mutex_lock_common kernel/locking/mutex.c:684 [inline]\n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752\nwiphy_lock include/net/cfg80211.h:5953 [inline]\nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline]\nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481",
  "id": "GHSA-3f2p-5jcv-cffx",
  "modified": "2026-05-12T12:32:02Z",
  "published": "2024-07-12T15:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40995"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3F98-9H78-W5JH

Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46
VLAI
Details

Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7401"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-03T14:59:00Z",
    "severity": "HIGH"
  },
  "details": "Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with \"SecurityLevel None\" and with empty \"AuthFile\" options) via a crafted UDP packet.",
  "id": "GHSA-3f98-9h78-w5jh",
  "modified": "2022-05-13T01:46:58Z",
  "published": "2022-05-13T01:46:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7401"
    },
    {
      "type": "WEB",
      "url": "https://github.com/collectd/collectd/issues/2174"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1285"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1787"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2615"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97321"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3G8C-3P92-RJWR

Vulnerability from github – Published: 2025-08-19 18:31 – Updated: 2026-01-07 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible infinite loop in fib6_info_uses_dev()

fib6_info_uses_dev() seems to rely on RCU without an explicit protection.

Like the prior fix in rt6_nlmsg_size(), we need to make sure fib6_del_route() or fib6_add_rt2node() have not removed the anchor from the list, or we risk an infinite loop.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38587"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-19T17:15:36Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
  "id": "GHSA-3g8c-3p92-rjwr",
  "modified": "2026-01-07T21:31:39Z",
  "published": "2025-08-19T18:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38587"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/16d21816c0918f8058b5fc14cbe8595d62046e2d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9cb6de8ee144a94ae7a40bdb32560329ab7276f0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bc85e62394f008fa848c4ba02c936c735a3e8ef5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/db65739d406c72776fbdbbc334be827ef05880d2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e09be457b71b983a085312ff9e981f51e4ed3211"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f8d8ce1b515a0a6af72b30502670a406cfb75073"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3H47-GJH4-RMQ3

Vulnerability from github – Published: 2026-04-30 09:30 – Updated: 2026-04-30 09:30
VLAI
Details

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-6528"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-30T07:16:40Z",
    "severity": "MODERATE"
  },
  "details": "TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service",
  "id": "GHSA-3h47-gjh4-rmq3",
  "modified": "2026-04-30T09:30:25Z",
  "published": "2026-04-30T09:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6528"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21147"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21151"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2026-33.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3H88-J436-W3R5

Vulnerability from github – Published: 2023-03-24 21:30 – Updated: 2023-03-29 15:30
VLAI
Details

In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749764

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-20996"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-24T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749764",
  "id": "GHSA-3h88-j436-w3r5",
  "modified": "2023-03-29T15:30:17Z",
  "published": "2023-03-24T21:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20996"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2023-03-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3HWX-VC7V-FW2M

Vulnerability from github – Published: 2021-12-31 00:00 – Updated: 2025-11-04 00:30
VLAI
Details

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-4182"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-74",
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-30T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file",
  "id": "GHSA-3hwx-vc7v-fw2m",
  "modified": "2025-11-04T00:30:30Z",
  "published": "2021-12-31T00:00:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4182"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4182.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/issues/17801"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202210-04"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2021-20.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3J2M-32HQ-9HP8

Vulnerability from github – Published: 2021-12-22 00:00 – Updated: 2023-05-27 06:30
VLAI
Details

An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-45297"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-21T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.",
  "id": "GHSA-3j2m-32hq-9hp8",
  "modified": "2023-05-27T06:30:36Z",
  "published": "2021-12-22T00:00:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45297"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/issues/1973"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5411"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3J5X-WXPV-2QP4

Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43
VLAI
Details

In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-13191"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-12T23:29:00Z",
    "severity": "HIGH"
  },
  "details": "In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403.",
  "id": "GHSA-3j5x-wxpv-2qp4",
  "modified": "2022-05-13T01:43:06Z",
  "published": "2022-05-13T01:43:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13191"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2018-01-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102414"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040106"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.