CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56375
https://notcve.org/view.php?id=CVE-2024-56375
22 Dec 2024 — An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a Manifest RPKI object containing an empty fileList. Fort dereferences (and, shortly afterwards, writes to) this array during a shuffle attempt, before the validation that would normally reject it when empty. This out-of-bounds access is caused by an integer underflow that causes the surrounding loop to iterate infinitely. Because the... • https://nicmx.github.io/FORT-validator/CVE.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56169
https://notcve.org/view.php?id=CVE-2024-56169
18 Dec 2024 — A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties (such as Fort) are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently uses its cache merely as a bandwidth saving tool (because fetching is performed through deltas). If a fetch fails midway or yields incorrect files, there is no viable fallback. • https://github.com/NICMx/FORT-validator/issues/82 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56170
https://notcve.org/view.php?id=CVE-2024-56170
18 Dec 2024 — A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be prioritized over other versions, to prevent replays, accidental or otherwise. Manifests contain the manifestNumber and thisUpdate fields, which can be used to gauge the relevance of a given manifest, when compared to other manifests. The former is a serial-like se... • https://nicmx.github.io/FORT-validator/CVE.html • CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45234
https://notcve.org/view.php?id=CVE-2024-45234
24 Aug 2024 — An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics when faced with data not encoded in DER. Because Fort is an RPKI Relying Party, a panic can lead to Route Origin Validation unavailability, which can lead to compromised routing. • https://nicmx.github.io/FORT-validator/CVE.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45235
https://notcve.org/view.php?id=CVE-2024-45235
24 Aug 2024 — An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field. Fort references this pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. • https://nicmx.github.io/FORT-validator/CVE.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45236
https://notcve.org/view.php?id=CVE-2024-45236
24 Aug 2024 — An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. • https://nicmx.github.io/FORT-validator/CVE.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45237
https://notcve.org/view.php?id=CVE-2024-45237
24 Aug 2024 — An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without properly sanitizing its length, leading to a buffer overflow. • https://nicmx.github.io/FORT-validator/CVE.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45238
https://notcve.org/view.php?id=CVE-2024-45238
24 Aug 2024 — An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsing, and when compiled with OpenSSL libcrypto versions below 3, Fort recklessly dereferences the pointer. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which ca... • https://nicmx.github.io/FORT-validator/CVE.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45239
https://notcve.org/view.php?id=CVE-2024-45239
24 Aug 2024 — An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. • https://nicmx.github.io/FORT-validator/CVE.html • CWE-476: NULL Pointer Dereference •