CVE-2024-1622

Due to a mistake in error checking, Routinator will terminate when an incoming RTR connection is reset by the peer too quickly after opening.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/	Mailing List
https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt	Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/	Mailing List
https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:nlnetlabs:routinator:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:38:::::::*
	cpe:2.3:o:fedoraproject:fedora:39:::::::*
	cpe:2.3:o:fedoraproject:fedora:40:::::::*

History

27 Feb 2025, 03:05

Type	Values Removed	Values Added
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/ - Mailing List
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/ - Mailing List
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/ - Mailing List
References	~~() https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt -~~	() https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt - Vendor Advisory
CPE		cpe:2.3:o:fedoraproject:fedora:40:::::::* cpe:2.3:o:fedoraproject:fedora:38:::::::* cpe:2.3:a:nlnetlabs:routinator:::::::: cpe:2.3:o:fedoraproject:fedora:39:::::::*
First Time		Fedoraproject fedora Nlnetlabs routinator Nlnetlabs Fedoraproject
CWE		CWE-754

21 Nov 2024, 08:50

Type	Values Removed	Values Added
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/ -
References	~~() https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt -~~	() https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt -

23 Mar 2024, 03:15

Type	Values Removed	Values Added
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/ -

15 Mar 2024, 03:15

Type	Values Removed	Values Added
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/ -

15 Mar 2024, 02:15

Type	Values Removed	Values Added
Summary		(es) Debido a un error en la verificación de errores, Routinator finalizará cuando el interlocutor restablezca una conexión RTR entrante demasiado rápido después de abrirla.
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/ -

26 Feb 2024, 16:32

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-26 16:27

Updated : 2025-02-27 03:05

NVD link : CVE-2024-1622

Mitre link : CVE-2024-1622

CVE.ORG link : CVE-2024-1622

JSON object : View

Products Affected

fedoraproject

fedora

nlnetlabs

routinator

CWE

CWE-253

Incorrect Check of Function Return Value

CWE-754

Improper Check for Unusual or Exceptional Conditions

7.5 /10