CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
Description
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Amplification
CVE-2025-32399Chain: library for implementing Profinet devices does not check an input for a loop condition (CWE-606), allowing an infinite loop (CWE-835) via a crafted RPC packet
CVE-2022-22224Chain: an operating system does not properly process malformed Open Shortest Path First (OSPF) Type/Length/Value Identifiers (TLV) (CWE-703), which can cause the process to enter an infinite loop (CWE-835)
CVE-2022-25304A Python machine communication platform did not account for receiving a malformed packet with a null size, causing the receiving function to never update the message buffer and be caught in an infinite loop.
CVE-2011-1027Chain: off-by-one error (CWE-193) leads to infinite loop (CWE-835) using invalid hex-encoded characters.
CVE-2011-1142Chain: self-referential values in recursive definitions lead to infinite loop.
CVE-2011-1002NULL UDP packet is never cleared from a queue, leading to infinite loop.
CVE-2006-6499Chain: web browser crashes due to infinite loop - "bad looping logic [that relies on] floating point math [CWE-1339] to exit the loop [CWE-835]"
CVE-2010-4476Floating point conversion routine cycles back and forth between two different values.
CVE-2010-4645Floating point conversion routine cycles back and forth between two different values.
CVE-2010-2534Chain: improperly clearing a pointer in a linked list leads to infinite loop.
+2 more examples
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now