Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2024-53055 | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8, which can never reach the number found when that's bigger than 255, and is stored in a u32 variable. Also move it into the loops to have a smaller scope. Using a u32 there is fine, we limit the number of APs in the scan list and each has a limit on the number of RNR entries due to the frame size. | 5.5 |
| 2024-11-19 | CVE-2024-50272 | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper limit, and an iterator with a count that causes us to overflow that limit, then filemap_read() enters an infinite loop. This behaviour was discovered when testing xfstests generic/525 with the "localio" optimisation for loopback NFS mounts. | 5.5 |
| 2024-11-15 | CVE-2017-13313 | Infinite Loop vulnerability in Google Android In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. | 6.5 |
| 2024-11-12 | CVE-2024-50319 | Infinite Loop vulnerability in Ivanti Avalanche An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service. | 7.5 |
| 2024-11-12 | CVE-2024-50320 | Infinite Loop vulnerability in Ivanti Avalanche An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service. | 7.5 |
| 2024-11-12 | CVE-2024-50321 | Infinite Loop vulnerability in Ivanti Avalanche An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service. | 7.5 |
| 2024-11-12 | CVE-2024-11097 | Infinite Loop vulnerability in Razormist Student Record Management System 1.0 A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. | 5.5 |
| 2024-10-21 | CVE-2024-50011 | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required. | 5.5 |
| 2024-10-21 | CVE-2024-49856 | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside the while loop that looks for an available EPC page from remote nodes indefinitely, leading to a soft lockup. | 5.5 |
| 2024-09-13 | CVE-2024-46701 | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: libfs: fix infinite directory reads for offset dir After we switch tmpfs dir operations from simple_dir_operations to simple_offset_dir_operations, every rename happened will fill new dentry to dest dir's maple tree(&SHMEM_I(inode)->dir_offsets->mt) with a free key starting with octx->newx_offset, and then set newx_offset equals to free key + 1. | 5.5 |