CVE-2019-12068

LOW Year: 2019
CVSS v3 Score
3.8
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-835
View all →

Vulnerability Description

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.

Related Vulnerabilities

CVE-2022-1222

MEDIUM
CVSS:4.0(Medium)

Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV.

CWE-8352022

CVE-2024-6790

MEDIUM
CVSS:4.0(Medium)

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows ...

CWE-8352024

CVE-2015-6815

LOW
CVSS:3.5(Low)

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of serv...

CWE-8352015

CVE-2019-3819

MEDIUM
CVSS:4.2(Medium)

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local p...

CWE-8352019

CVE-2020-18442

LOW
CVSS:3.3(Low)

Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".

CWE-8352020

CVE-2021-22197

MEDIUM
CVSS:4.3(Medium)

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target...

CWE-8352021