CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1059 vulnerabilities reference this CWE, most recent first.
GHSA-G6V2-566P-8FGX
Vulnerability from github – Published: 2025-09-23 18:30 – Updated: 2025-09-23 18:30In the Linux kernel, the following vulnerability has been resolved:
NFS: Avoid writeback threads getting stuck in mempool_alloc()
In a low memory situation, allow the NFS writeback code to fail without getting stuck in infinite loops in mempool_alloc().
{
"affected": [],
"aliases": [
"CVE-2022-49097"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:00:47Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Avoid writeback threads getting stuck in mempool_alloc()\n\nIn a low memory situation, allow the NFS writeback code to fail without\ngetting stuck in infinite loops in mempool_alloc().",
"id": "GHSA-g6v2-566p-8fgx",
"modified": "2025-09-23T18:30:20Z",
"published": "2025-09-23T18:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49097"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0bae835b63c53f86cdc524f5962e39409585b22c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1b3fa9a3c420c31e77b406ddc28f3a627100516c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a6caeddd68977a1aaaf62fbd1955b41dd5c3c5d3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c74e2f6ecc51bd08bb5b0335477dba954a50592e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ea029e4ce760f786919d06ef52efa2e50ea92a5f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G6X2-39G4-M6XQ
Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:36In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.
{
"affected": [],
"aliases": [
"CVE-2017-7745"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-12T23:59:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.",
"id": "GHSA-g6x2-39g4-m6xq",
"modified": "2025-04-20T03:36:01Z",
"published": "2022-05-13T01:47:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7745"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13578"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=acd8e1a9b17ad274bea1e01e10e4481508a1cbf0"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=acd8e1a9b17ad274bea1e01e10e4481508a1cbf0"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2017-20.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97627"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G7JQ-J257-RWW2
Vulnerability from github – Published: 2026-05-27 03:30 – Updated: 2026-07-01 18:04In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently unresponsive with increasing CPU and memory consumption. An authenticated attacker can systematically exhaust all proxy-server workers, resulting in denial of service. The defect was introduced in Swift 2.36.0.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "swift"
},
"ranges": [
{
"events": [
{
"introduced": "2.36.0"
},
{
"last_affected": "2.36.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "swift"
},
"ranges": [
{
"events": [
{
"introduced": "2.37.0"
},
{
"last_affected": "2.37.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-49017"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-01T18:04:11Z",
"nvd_published_at": "2026-05-27T02:16:34Z",
"severity": "HIGH"
},
"details": "In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently unresponsive with increasing CPU and memory consumption. An authenticated attacker can systematically exhaust all proxy-server workers, resulting in denial of service. The defect was introduced in Swift 2.36.0.",
"id": "GHSA-g7jq-j257-rww2",
"modified": "2026-07-01T18:04:11Z",
"published": "2026-05-27T03:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49017"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/bugs/2152205"
},
{
"type": "PACKAGE",
"url": "https://github.com/openstack/swift"
},
{
"type": "WEB",
"url": "https://review.opendev.org/c/openstack/swift/+/987957"
},
{
"type": "WEB",
"url": "https://review.opendev.org/c/openstack/swift/+/988093"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/05/27/9"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/06/02/6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"type": "CVSS_V4"
}
],
"summary": "OpenStack Swift: s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body"
}
GHSA-G85J-48PG-M4XC
Vulnerability from github – Published: 2022-05-13 01:48 – Updated: 2022-05-13 01:48An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.
{
"affected": [],
"aliases": [
"CVE-2018-10981"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-05-10T22:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.",
"id": "GHSA-g85j-48pg-m4xc",
"modified": "2022-05-13T01:48:59Z",
"published": "2022-05-13T01:48:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10981"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4201"
},
{
"type": "WEB",
"url": "https://xenbits.xen.org/xsa/advisory-262.html"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2018/05/08/3"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104149"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G925-QGM3-HC5P
Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-25 21:31In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: prevent infinite loops caused by the next valid being the same
When processing valid within the range [valid : pos), if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, this can trigger a potential infinite loop, similar to the hung problem reported by syzbot [1].
Adding a check for the valid value within the loop body, and terminating the loop and returning -EINVAL if the value is the same as the current value, can prevent this.
[1] INFO: task syz.4.21:6056 blocked for more than 143 seconds. Call Trace: rwbase_write_lock+0x14f/0x750 kernel/locking/rwbase_rt.c:244 inode_lock include/linux/fs.h:1027 [inline] ntfs_file_write_iter+0xe6/0x870 fs/ntfs3/file.c:1284
{
"affected": [],
"aliases": [
"CVE-2026-45864"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-27T14:16:58Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: prevent infinite loops caused by the next valid being the same\n\nWhen processing valid within the range [valid : pos), if valid cannot\nbe retrieved correctly, for example, if the retrieved valid value is\nalways the same, this can trigger a potential infinite loop, similar\nto the hung problem reported by syzbot [1].\n\nAdding a check for the valid value within the loop body, and terminating\nthe loop and returning -EINVAL if the value is the same as the current\nvalue, can prevent this.\n\n[1]\nINFO: task syz.4.21:6056 blocked for more than 143 seconds.\nCall Trace:\n rwbase_write_lock+0x14f/0x750 kernel/locking/rwbase_rt.c:244\n inode_lock include/linux/fs.h:1027 [inline]\n ntfs_file_write_iter+0xe6/0x870 fs/ntfs3/file.c:1284",
"id": "GHSA-g925-qgm3-hc5p",
"modified": "2026-06-25T21:31:18Z",
"published": "2026-05-27T15:33:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45864"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/27b75ca4e51e3e4554dc85dbf1a0246c66106fd3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4bf3bafb8e0635ed93e3cd4156dcbcc0fb960cb4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/50c822fcb36768f1fb356f05b02a2248ef81936d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6d93239b4fc479f7c0a412dd196ec0ca2672d14a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/71c8b966ec56e13c02388c1312910588bb49be7a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a47a2bb9aa6455d5cee1045814a60c749309c92b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b97e371e5d1c13d722335d46eb8bc1a22b272a0e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G97W-MW7G-V3JV
Vulnerability from github – Published: 2025-07-27 21:32 – Updated: 2025-07-28 15:36Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-9344-p847-qm5c. This link is maintained to preserve external references.
Original Description
The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertParser operations that encounter an unsupported primary key type.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "sequoia-openpgp"
},
"ranges": [
{
"events": [
{
"introduced": "1.13.0"
},
{
"fixed": "1.21.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-28T15:36:45Z",
"nvd_published_at": "2025-07-27T20:15:24Z",
"severity": "LOW"
},
"details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-9344-p847-qm5c. This link is maintained to preserve external references.\n\n### Original Description\nThe sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of \"Reading a cert: Invalid operation: Not a Key packet\" messages for RawCertParser operations that encounter an unsupported primary key type.",
"id": "GHSA-g97w-mw7g-v3jv",
"modified": "2025-07-28T15:36:45Z",
"published": "2025-07-27T21:32:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58261"
},
{
"type": "WEB",
"url": "https://crates.io/crates/sequoia-openpgp"
},
{
"type": "PACKAGE",
"url": "https://gitlab.com/sequoia-pgp/sequoia"
},
{
"type": "WEB",
"url": "https://gitlab.com/sequoia-pgp/sequoia/-/issues/1106"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2024-0345.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp",
"withdrawn": "2025-07-28T15:36:45Z"
}
GHSA-G99M-3M46-4GM9
Vulnerability from github – Published: 2019-05-14 04:00 – Updated: 2021-08-03 21:31Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.sanselan:sanselan"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.97-incubator"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-17202"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2019-05-09T15:07:18Z",
"nvd_published_at": "2019-05-06T18:29:00Z",
"severity": "HIGH"
},
"details": "Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.",
"id": "GHSA-g99m-3m46-4gm9",
"modified": "2021-08-03T21:31:13Z",
"published": "2019-05-14T04:00:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17202"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/69204376d12205b0d2d90e6fcbeebb99b894e6db88c8ff565c4e1efa@%3Cdev.commons.apache.org%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Infinite Loop in Apache Sanselan"
}
GHSA-G9GF-WJCV-FPQ5
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
{
"affected": [],
"aliases": [
"CVE-2017-18238"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-15T19:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.",
"id": "GHSA-g9gf-wjcv-fpq5",
"modified": "2022-05-13T01:44:38Z",
"published": "2022-05-13T01:44:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18238"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2048"
},
{
"type": "WEB",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=102483"
},
{
"type": "WEB",
"url": "https://cgit.freedesktop.org/exempi/commit/?id=886cd1d2314755adb1f4cdb99c16ff00830f0331"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00013.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3668-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G9XF-7F8Q-9MCJ
Vulnerability from github – Published: 2026-07-09 21:09 – Updated: 2026-07-09 21:09Impact
An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer.
Patches
This has been fixed in pypdf==6.13.1.
Workarounds
If users cannot upgrade yet, consider applying the changes from PR #3839.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pypdf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.13.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-54651"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-09T21:09:53Z",
"nvd_published_at": "2026-06-22T21:16:25Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer.\n\n### Patches\n\nThis has been fixed in [pypdf==6.13.1](https://github.com/py-pdf/pypdf/releases/tag/6.13.1).\n\n### Workarounds\n\nIf users cannot upgrade yet, consider applying the changes from PR [#3839](https://github.com/py-pdf/pypdf/pull/3839).",
"id": "GHSA-g9xf-7f8q-9mcj",
"modified": "2026-07-09T21:09:53Z",
"published": "2026-07-09T21:09:53Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-g9xf-7f8q-9mcj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-54651"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/pull/3839"
},
{
"type": "PACKAGE",
"url": "https://github.com/py-pdf/pypdf"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "pypdf: Possible infinite loop when processing threads/articles in writer"
}
GHSA-GFH2-7JG5-653P
Vulnerability from github – Published: 2022-02-15 01:57 – Updated: 2021-05-20 16:29docker2aci <= 0.12.3 has an infinite loop when handling local images with cyclic dependency chain.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/appc/docker2aci"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.13.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2016-8579"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-20T16:29:42Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "docker2aci \u003c= 0.12.3 has an infinite loop when handling local images with cyclic dependency chain.",
"id": "GHSA-gfh2-7jg5-653p",
"modified": "2021-05-20T16:29:42Z",
"published": "2022-02-15T01:57:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8579"
},
{
"type": "WEB",
"url": "https://github.com/appc/docker2aci/issues/203"
},
{
"type": "WEB",
"url": "https://github.com/appc/docker2aci/pull/204/commits/54331ec7020e102935c31096f336d31f6400064f"
},
{
"type": "WEB",
"url": "https://github.com/appc/docker2aci/releases/tag/v0.13.0"
},
{
"type": "WEB",
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8579"
},
{
"type": "WEB",
"url": "https://www.securityfocus.com/bid/93560"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "Denial of Service in docker2aci"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.