Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1058 vulnerabilities reference this CWE, most recent first.

GHSA-G6X2-39G4-M6XQ

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:36
VLAI
Details

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-12T23:59:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.",
  "id": "GHSA-g6x2-39g4-m6xq",
  "modified": "2025-04-20T03:36:01Z",
  "published": "2022-05-13T01:47:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7745"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13578"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=acd8e1a9b17ad274bea1e01e10e4481508a1cbf0"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=acd8e1a9b17ad274bea1e01e10e4481508a1cbf0"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2017-20.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97627"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G7JQ-J257-RWW2

Vulnerability from github – Published: 2026-05-27 03:30 – Updated: 2026-07-01 18:04
VLAI
Summary
OpenStack Swift: s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body
Details

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently unresponsive with increasing CPU and memory consumption. An authenticated attacker can systematically exhaust all proxy-server workers, resulting in denial of service. The defect was introduced in Swift 2.36.0.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "swift"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.36.0"
            },
            {
              "last_affected": "2.36.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "swift"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.37.0"
            },
            {
              "last_affected": "2.37.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-49017"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-01T18:04:11Z",
    "nvd_published_at": "2026-05-27T02:16:34Z",
    "severity": "HIGH"
  },
  "details": "In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently unresponsive with increasing CPU and memory consumption. An authenticated attacker can systematically exhaust all proxy-server workers, resulting in denial of service. The defect was introduced in Swift 2.36.0.",
  "id": "GHSA-g7jq-j257-rww2",
  "modified": "2026-07-01T18:04:11Z",
  "published": "2026-05-27T03:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49017"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/bugs/2152205"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openstack/swift"
    },
    {
      "type": "WEB",
      "url": "https://review.opendev.org/c/openstack/swift/+/987957"
    },
    {
      "type": "WEB",
      "url": "https://review.opendev.org/c/openstack/swift/+/988093"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/27/9"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/06/02/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenStack Swift: s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body"
}

GHSA-G85J-48PG-M4XC

Vulnerability from github – Published: 2022-05-13 01:48 – Updated: 2022-05-13 01:48
VLAI
Details

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-10981"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-10T22:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.",
  "id": "GHSA-g85j-48pg-m4xc",
  "modified": "2022-05-13T01:48:59Z",
  "published": "2022-05-13T01:48:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10981"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201810-06"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4201"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xen.org/xsa/advisory-262.html"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2018/05/08/3"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104149"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G925-QGM3-HC5P

Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-25 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: prevent infinite loops caused by the next valid being the same

When processing valid within the range [valid : pos), if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, this can trigger a potential infinite loop, similar to the hung problem reported by syzbot [1].

Adding a check for the valid value within the loop body, and terminating the loop and returning -EINVAL if the value is the same as the current value, can prevent this.

[1] INFO: task syz.4.21:6056 blocked for more than 143 seconds. Call Trace: rwbase_write_lock+0x14f/0x750 kernel/locking/rwbase_rt.c:244 inode_lock include/linux/fs.h:1027 [inline] ntfs_file_write_iter+0xe6/0x870 fs/ntfs3/file.c:1284

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45864"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T14:16:58Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: prevent infinite loops caused by the next valid being the same\n\nWhen processing valid within the range [valid : pos), if valid cannot\nbe retrieved correctly, for example, if the retrieved valid value is\nalways the same, this can trigger a potential infinite loop, similar\nto the hung problem reported by syzbot [1].\n\nAdding a check for the valid value within the loop body, and terminating\nthe loop and returning -EINVAL if the value is the same as the current\nvalue, can prevent this.\n\n[1]\nINFO: task syz.4.21:6056 blocked for more than 143 seconds.\nCall Trace:\n rwbase_write_lock+0x14f/0x750 kernel/locking/rwbase_rt.c:244\n inode_lock include/linux/fs.h:1027 [inline]\n ntfs_file_write_iter+0xe6/0x870 fs/ntfs3/file.c:1284",
  "id": "GHSA-g925-qgm3-hc5p",
  "modified": "2026-06-25T21:31:18Z",
  "published": "2026-05-27T15:33:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45864"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/27b75ca4e51e3e4554dc85dbf1a0246c66106fd3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4bf3bafb8e0635ed93e3cd4156dcbcc0fb960cb4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/50c822fcb36768f1fb356f05b02a2248ef81936d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6d93239b4fc479f7c0a412dd196ec0ca2672d14a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/71c8b966ec56e13c02388c1312910588bb49be7a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a47a2bb9aa6455d5cee1045814a60c749309c92b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b97e371e5d1c13d722335d46eb8bc1a22b272a0e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G97W-MW7G-V3JV

Vulnerability from github – Published: 2025-07-27 21:32 – Updated: 2025-07-28 15:36
VLAI
Summary
Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp
Details

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-9344-p847-qm5c. This link is maintained to preserve external references.

Original Description

The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertParser operations that encounter an unsupported primary key type.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "sequoia-openpgp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.13.0"
            },
            {
              "fixed": "1.21.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-28T15:36:45Z",
    "nvd_published_at": "2025-07-27T20:15:24Z",
    "severity": "LOW"
  },
  "details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-9344-p847-qm5c. This link is maintained to preserve external references.\n\n### Original Description\nThe sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of \"Reading a cert: Invalid operation: Not a Key packet\" messages for RawCertParser operations that encounter an unsupported primary key type.",
  "id": "GHSA-g97w-mw7g-v3jv",
  "modified": "2025-07-28T15:36:45Z",
  "published": "2025-07-27T21:32:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58261"
    },
    {
      "type": "WEB",
      "url": "https://crates.io/crates/sequoia-openpgp"
    },
    {
      "type": "PACKAGE",
      "url": "https://gitlab.com/sequoia-pgp/sequoia"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/sequoia-pgp/sequoia/-/issues/1106"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2024-0345.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp",
  "withdrawn": "2025-07-28T15:36:45Z"
}

GHSA-G99M-3M46-4GM9

Vulnerability from github – Published: 2019-05-14 04:00 – Updated: 2021-08-03 21:31
VLAI
Summary
Infinite Loop in Apache Sanselan
Details

Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.sanselan:sanselan"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.97-incubator"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-17202"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2019-05-09T15:07:18Z",
    "nvd_published_at": "2019-05-06T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.",
  "id": "GHSA-g99m-3m46-4gm9",
  "modified": "2021-08-03T21:31:13Z",
  "published": "2019-05-14T04:00:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17202"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/69204376d12205b0d2d90e6fcbeebb99b894e6db88c8ff565c4e1efa@%3Cdev.commons.apache.org%3E"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Infinite Loop in Apache Sanselan"
}

GHSA-G9GF-WJCV-FPQ5

Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44
VLAI
Details

An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-18238"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-15T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.",
  "id": "GHSA-g9gf-wjcv-fpq5",
  "modified": "2022-05-13T01:44:38Z",
  "published": "2022-05-13T01:44:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18238"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2048"
    },
    {
      "type": "WEB",
      "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102483"
    },
    {
      "type": "WEB",
      "url": "https://cgit.freedesktop.org/exempi/commit/?id=886cd1d2314755adb1f4cdb99c16ff00830f0331"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3668-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G9XF-7F8Q-9MCJ

Vulnerability from github – Published: 2026-07-09 21:09 – Updated: 2026-07-09 21:09
VLAI
Summary
pypdf: Possible infinite loop when processing threads/articles in writer
Details

Impact

An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer.

Patches

This has been fixed in pypdf==6.13.1.

Workarounds

If users cannot upgrade yet, consider applying the changes from PR #3839.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pypdf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.13.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-54651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-09T21:09:53Z",
    "nvd_published_at": "2026-06-22T21:16:25Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer.\n\n### Patches\n\nThis has been fixed in [pypdf==6.13.1](https://github.com/py-pdf/pypdf/releases/tag/6.13.1).\n\n### Workarounds\n\nIf users cannot upgrade yet, consider applying the changes from PR [#3839](https://github.com/py-pdf/pypdf/pull/3839).",
  "id": "GHSA-g9xf-7f8q-9mcj",
  "modified": "2026-07-09T21:09:53Z",
  "published": "2026-07-09T21:09:53Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-g9xf-7f8q-9mcj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-54651"
    },
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/pull/3839"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/py-pdf/pypdf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "pypdf: Possible infinite loop when processing threads/articles in writer"
}

GHSA-GFH2-7JG5-653P

Vulnerability from github – Published: 2022-02-15 01:57 – Updated: 2021-05-20 16:29
VLAI
Summary
Denial of Service in docker2aci
Details

docker2aci <= 0.12.3 has an infinite loop when handling local images with cyclic dependency chain.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/appc/docker2aci"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.13.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2016-8579"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-20T16:29:42Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "docker2aci \u003c= 0.12.3 has an infinite loop when handling local images with cyclic dependency chain.",
  "id": "GHSA-gfh2-7jg5-653p",
  "modified": "2021-05-20T16:29:42Z",
  "published": "2022-02-15T01:57:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8579"
    },
    {
      "type": "WEB",
      "url": "https://github.com/appc/docker2aci/issues/203"
    },
    {
      "type": "WEB",
      "url": "https://github.com/appc/docker2aci/pull/204/commits/54331ec7020e102935c31096f336d31f6400064f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/appc/docker2aci/releases/tag/v0.13.0"
    },
    {
      "type": "WEB",
      "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8579"
    },
    {
      "type": "WEB",
      "url": "https://www.securityfocus.com/bid/93560"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of Service in docker2aci"
}

GHSA-GFVH-R99J-X28P

Vulnerability from github – Published: 2022-05-24 17:41 – Updated: 2022-05-24 17:41
VLAI
Details

Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-9307"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-11T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts).",
  "id": "GHSA-gfvh-r99j-x28p",
  "modified": "2022-05-24T17:41:54Z",
  "published": "2022-05-24T17:41:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9307"
    },
    {
      "type": "WEB",
      "url": "https://www.belden.com/dfsmedia/f1e38517e0cd4caa8b1acb6619890f5e/12276-source/options/view"
    },
    {
      "type": "WEB",
      "url": "https://www.belden.com/security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.