CVE Vulnerabilities

CVE-2022-46285

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Feb 07, 2023 | Modified: Nov 21, 2024
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Libxpm X.org * 3.5.15 (excluding)
Red Hat Enterprise Linux 8 RedHat libXpm-0:3.5.12-9.el8_7 *
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions RedHat libXpm-0:3.5.12-9.el8_1 *
Red Hat Enterprise Linux 8.2 Advanced Update Support RedHat libXpm-0:3.5.12-9.el8_2 *
Red Hat Enterprise Linux 8.2 Telecommunications Update Service RedHat libXpm-0:3.5.12-9.el8_2 *
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions RedHat libXpm-0:3.5.12-9.el8_2 *
Red Hat Enterprise Linux 8.4 Extended Update Support RedHat libXpm-0:3.5.12-9.el8_4 *
Red Hat Enterprise Linux 8.6 Extended Update Support RedHat libXpm-0:3.5.12-9.el8_6 *
Red Hat Enterprise Linux 9 RedHat libXpm-0:3.5.13-8.el9_1 *
Red Hat Enterprise Linux 9.0 Extended Update Support RedHat libXpm-0:3.5.13-8.el9_0 *
Libxpm Ubuntu bionic *
Libxpm Ubuntu esm-infra/xenial *
Libxpm Ubuntu focal *
Libxpm Ubuntu jammy *
Libxpm Ubuntu kinetic *
Libxpm Ubuntu lunar *
Libxpm Ubuntu trusty *
Libxpm Ubuntu trusty/esm *
Libxpm Ubuntu upstream *
Libxpm Ubuntu xenial *
Motif Ubuntu bionic *
Motif Ubuntu kinetic *
Motif Ubuntu lunar *
Motif Ubuntu mantic *
Motif Ubuntu trusty *
Motif Ubuntu trusty/esm *
Motif Ubuntu xenial *

References