Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Debian 11: DLA-4066-1 moderate: fort-validator routing compromise

debian lts
Calendar Grey February 23, 2025
Dist Debian Esm H88
Critical issues in fort-validator compromise route verification; prompt upgrade advised for protection.
Multiple vulnerabilities have been discovered in fort-validator, a RPKI validator and RTR server

Summary

CVE-2024-45234

A malicious RPKI repository that descends from a (trusted) Trust
Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing
a signedAttrs encoded in non-canonical form. This bypasses Fort's
BER decoder, reaching a point in the code that panics when faced
with data not encoded in DER. Because Fort is an RPKI Relying Party,
a panic can lead to Route Origin Validation unavailability, which
can lead to compromised routing.


CVE-2024-45235

A malicious RPKI repository that descends from a (trusted) Trust
Anchor can serve (via rsync or RRDP) a resource certificate
containing an Authority Key Identifier extension that lacks the
keyIdentifier field. Fort references this pointer without sanitizing
it first. Because Fort is an RPKI Relying Party, a crash can lead to
Route Origin Validation unavailability, which can lead to
compromised routing.

CVE-2024-45236

A malicious RPKI repository that descends from a (trusted) Trust

Read the Full Advisory


Package: fort-validator
Version: 1.5.3-1~deb11u2
CVE ID: CVE-2024-45234 CVE-2024-45235 CVE-2024-45236 CVE-2024-45237

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here