Linux Distros Unpatched Vulnerability : CVE-2020-25641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could...

CVE-2025-7054

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

Linux Distros Unpatched Vulnerability : CVE-2019-16413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and...

quiche connection ID retirement can trigger an infinite loop

Impact Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000. Once the QUIC handshake completes, a local endpoint is responsible for...

GHSA-M3HH-F9GH-74C2 quiche connection ID retirement can trigger an infinite loop

Impact Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000. Once the QUIC handshake completes, a local endpoint is responsible for...

CVE-2025-7054

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

CVE-2025-7054

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

CVE-2025-7054 Infinite loop triggered by connection ID retirement

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

CVE-2025-7054 Infinite loop triggered by connection ID retirement

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

CVE-2025-7054

The CVE-2025-7054 entry concerns Cloudflare’s quiche QUIC/TLS library, where an unauthenticated attacker can trigger an infinite loop by sending RETIRE_CONNECTION_ID frames. The issue arises from how retirement across paths can synchronize multiple active connection IDs, allowing a retirement fra...

quiche -- Infinite loop triggered by connection ID retirement

Quiche Releases reports: This update includes 1 security fix: High CVE-2025-7054: Infinite loop triggered by connection ID retirement. Reported by Catena cyber on 2025-08-07...

quiche 安全漏洞

quiche is a Cloudflare open source implementation of the IETF-designated QUIC transport protocol and HTTP/3. A security vulnerability exists in quiche versions prior to 0.15.0 through 0.24.5, which stems from a potential infinite loop when sending a packet containing a RETIRECONNECTIONID frame...

PT-2025-32266 · Cloudflare · Cloudflare Quiche

Name of the Vulnerable Software and Affected Versions: Cloudflare quiche versions 0.15.0 through 0.24.5 Description: Cloudflare quiche is susceptible to an infinite loop when processing packets containing RETIRE CONNECTION ID frames. QUIC connections utilize connection identifiers IDs with sequen...

Linux Distros Unpatched Vulnerability : CVE-2021-47406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4extreplaysetiblocks If the call to ext4mapblocks fails due t...

Linux Distros Unpatched Vulnerability : CVE-2020-27152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ioapiclazyupdateeoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interactio...

Linux Distros Unpatched Vulnerability : CVE-2019-3900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite loop issue was found in the vhostnet kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handlerx. It cou...

CVE-2025-54575

CVE-2025-54575 affects SixLabors.ImageSharp (GIF decoding path). Versions before 2.1.11 and 3.0.0–3.1.10 are vulnerable to an infinite loop when processing specially crafted GIF files with a malformed comment extension block and missing terminator, leading to DoS. A fix is available in ImageSharp...

CVE-2025-54575 ImageSharp Triggers an Infinite Loop in its GIF Decoder When Skipping Malformed Comment Extension Blocks

ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block with a missing block terminator can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. Th...

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the GIF decoding process when handling malformed comment extension blocks lacking a block terminator. An attacker can cause the application to enter an infinite loop and exhaust...