Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-29 | CVE-2016-1981 | Infinite Loop vulnerability in multiple products QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. | 5.5 |
| 2016-11-04 | CVE-2016-8910 | Infinite Loop vulnerability in multiple products The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | 6.0 |
| 2016-11-04 | CVE-2016-8909 | Infinite Loop vulnerability in multiple products The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. | 6.0 |
| 2016-10-05 | CVE-2016-7909 | Infinite Loop vulnerability in multiple products The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0. | 4.9 |
| 2016-10-05 | CVE-2016-7908 | Infinite Loop vulnerability in multiple products The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags. | 4.4 |
| 2016-06-01 | CVE-2016-4453 | Infinite Loop vulnerability in multiple products The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command. | 4.9 |
| 2016-05-23 | CVE-2015-8558 | Infinite Loop vulnerability in multiple products The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list. | 5.5 |
| 2016-02-08 | CVE-2015-8785 | Infinite Loop vulnerability in multiple products The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov. | 4.9 |
| 2013-08-22 | CVE-2013-2789 | Infinite Loop vulnerability in Kepware Kepserverex The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service (master-station infinite loop) via crafted input over a serial line. | 7.8 |
| 2012-06-05 | CVE-2012-1186 | Infinite Loop vulnerability in multiple products Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. | 5.5 |