Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1057 vulnerabilities reference this CWE, most recent first.

GHSA-J3J5-W2HQ-CW74

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2023-02-03 21:30
VLAI
Details

An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-17350"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-08T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.",
  "id": "GHSA-j3j5-w2hq-cw74",
  "modified": "2023-02-03T21:30:27Z",
  "published": "2022-05-24T16:58:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17350"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2020/Jan/21"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4602"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xen.org/xsa/advisory-295.html"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-295.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J3VC-4CHV-32MW

Vulnerability from github – Published: 2024-04-12 15:37 – Updated: 2024-06-10 18:30
VLAI
Details

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-2397"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-12T14:15:07Z",
    "severity": "MODERATE"
  },
  "details": "Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile.  This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.",
  "id": "GHSA-j3vc-4chv-32mw",
  "modified": "2024-06-10T18:30:54Z",
  "published": "2024-04-12T15:37:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2397"
    },
    {
      "type": "WEB",
      "url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J3WR-M6XH-64HG

Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2026-02-24 16:08
VLAI
Summary
LlamaIndex Improper Handling of Exceptional Conditions vulnerability
Details

A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "llama-index-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.12.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-12704"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755",
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-21T17:40:52Z",
    "nvd_published_at": "2025-03-20T10:15:29Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely.",
  "id": "GHSA-j3wr-m6xh-64hg",
  "modified": "2026-02-24T16:08:07Z",
  "published": "2025-03-20T12:32:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12704"
    },
    {
      "type": "WEB",
      "url": "https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/run-llama/llama_index"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "LlamaIndex Improper Handling of Exceptional Conditions vulnerability"
}

GHSA-J49F-WWVQ-PVP4

Vulnerability from github – Published: 2026-04-22 15:31 – Updated: 2026-04-28 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

xfrm: iptfs: validate inner IPv4 header length in IPTFS payload

Add validation of the inner IPv4 packet tot_len and ihl fields parsed from decrypted IPTFS payloads in __input_process_payload(). A crafted ESP packet containing an inner IPv4 header with tot_len=0 causes an infinite loop: iplen=0 leads to capturelen=min(0, remaining)=0, so the data offset never advances and the while(data < tail) loop never terminates, spinning forever in softirq context.

Reject inner IPv4 packets where tot_len < ihl4 or ihl4 < sizeof(struct iphdr), which catches both the tot_len=0 case and malformed ihl values. The normal IP stack performs this validation in ip_rcv_core(), but IPTFS extracts and processes inner packets before they reach that layer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-31472"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-22T14:16:43Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: iptfs: validate inner IPv4 header length in IPTFS payload\n\nAdd validation of the inner IPv4 packet tot_len and ihl fields parsed\nfrom decrypted IPTFS payloads in __input_process_payload(). A crafted\nESP packet containing an inner IPv4 header with tot_len=0 causes an\ninfinite loop: iplen=0 leads to capturelen=min(0, remaining)=0, so the\ndata offset never advances and the while(data \u003c tail) loop never\nterminates, spinning forever in softirq context.\n\nReject inner IPv4 packets where tot_len \u003c ihl*4 or ihl*4 \u003c sizeof(struct\niphdr), which catches both the tot_len=0 case and malformed ihl values.\nThe normal IP stack performs this validation in ip_rcv_core(), but IPTFS\nextracts and processes inner packets before they reach that layer.",
  "id": "GHSA-j49f-wwvq-pvp4",
  "modified": "2026-04-28T00:31:40Z",
  "published": "2026-04-22T15:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31472"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0d10393d5eac33cbd92f7a41fddca12c41d3cb7e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3db7d4f777a00164582061ccaa99569cd85011a3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/de6d8e8ce5187f7402c9859b443355e7120c5f09"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J53J-GMR9-H8G3

Vulnerability from github – Published: 2018-10-17 15:50 – Updated: 2024-03-04 23:27
VLAI
Summary
Comparison errorr in org.apache.tika:tika-core
Details

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tika:tika-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2"
            },
            {
              "fixed": "1.19"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-8017"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:42:01Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.",
  "id": "GHSA-j53j-gmr9-h8g3",
  "modified": "2024-03-04T23:27:07Z",
  "published": "2018-10-17T15:50:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8017"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tika/commit/62926cae31a02d4f23d21148435804b96c543cc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tika/commit/8a6a9e1344f5b10ebfa1a189dc3c30d0da2b9d4"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-j53j-gmr9-h8g3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tika"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/72df7a3f0dda49a912143a1404b489837a11f374dfd1961061873a91@%3Cdev.tika.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105513"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Comparison errorr in org.apache.tika:tika-core"
}

GHSA-J586-X8F6-9XF2

Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-23 00:00
VLAI
Details

An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20257"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-16T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
  "id": "GHSA-j586-x8f6-9xf2",
  "modified": "2022-03-23T00:00:33Z",
  "published": "2022-03-17T00:00:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20257"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qemu/qemu/commit/3de46e6fc489c52c9431a8a832ad8170a7569bd8"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2021:5238"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2022:0081"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2021-20257"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930087"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg07428.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202208-27"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220425-0003"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2021/02/25/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J64C-QHGP-M2V8

Vulnerability from github – Published: 2023-07-19 18:30 – Updated: 2024-04-04 06:17
VLAI
Details

ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-37748"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-19T17:15:22Z",
    "severity": "MODERATE"
  },
  "details": "ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c.",
  "id": "GHSA-j64c-qhgp-m2v8",
  "modified": "2024-04-04T06:17:09Z",
  "published": "2023-07-19T18:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37748"
    },
    {
      "type": "WEB",
      "url": "https://github.com/miniupnp/ngiflib/issues/25"
    },
    {
      "type": "WEB",
      "url": "https://github.com/miniupnp/ngiflib"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J67Q-P2WH-CQGV

Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24
VLAI
Details

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8902"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-02-27T22:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.",
  "id": "GHSA-j67q-p2wh-cqgv",
  "modified": "2022-05-13T01:24:51Z",
  "published": "2022-05-13T01:24:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8902"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195269"
    },
    {
      "type": "WEB",
      "url": "http://trac.imagemagick.org/changeset/17855"
    },
    {
      "type": "WEB",
      "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26932"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J6MM-PJH3-2FH5

Vulnerability from github – Published: 2025-01-28 09:32 – Updated: 2025-01-28 09:32
VLAI
Details

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0290"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-28T09:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive.",
  "id": "GHSA-j6mm-pjh3-2fh5",
  "modified": "2025-01-28T09:32:34Z",
  "published": "2025-01-28T09:32:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0290"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/372134"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J6PC-6Q9Q-VR74

Vulnerability from github – Published: 2026-04-03 18:31 – Updated: 2026-04-27 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

bonding: prevent potential infinite loop in bond_header_parse()

bond_header_parse() can loop if a stack of two bonding devices is setup, because skb->dev always points to the hierarchy top.

Add new "const struct net_device *dev" parameter to (struct header_ops)->parse() method to make sure the recursion is bounded, and that the final leaf parse method is called.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-03T16:16:31Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: prevent potential infinite loop in bond_header_parse()\n\nbond_header_parse() can loop if a stack of two bonding devices is setup,\nbecause skb-\u003edev always points to the hierarchy top.\n\nAdd new \"const struct net_device *dev\" parameter to\n(struct header_ops)-\u003eparse() method to make sure the recursion\nis bounded, and that the final leaf parse method is called.",
  "id": "GHSA-j6pc-6q9q-vr74",
  "modified": "2026-04-27T15:30:31Z",
  "published": "2026-04-03T18:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23451"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4172a7901cf43fe1cc63ef7a2ef33735ff7b7d13"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/946bb6cacf0ccada7bc80f1cfa07c1ed79511c1c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9b49c854f14f5e2d493e562a1e28d2e57fe37371"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b7405dcf7385445e10821777143f18c3ce20fa04"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.