CVE-2024-1622
HIGHRoutinator < 0.13.2 - Denial of Service via RTR Connection Reset
Title source: llmDescription
Due to a mistake in error checking, Routinator will terminate when an incoming RTR connection is reset by the peer too quickly after opening.
References (4)
Core 4
Core References
Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF/
Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/K52QRRYBHLP73RAS3CGOPBWYT7EZVP6O/
Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/N2N3N3SNBHSH7GN3JOLR7YUF5FCTQQ5O/
Vendor Advisory vendor-advisory
https://www.nlnetlabs.nl/downloads/routinator/CVE-2024-1622.txt
Scores
CVSS v3
7.5
EPSS
0.0020
EPSS Percentile
42.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-754
CWE-253
Status
published
Products (4)
fedoraproject/fedora
38
fedoraproject/fedora
39
fedoraproject/fedora
40
nlnetlabs/routinator
< 0.13.2
Published
Feb 26, 2024
Tracked Since
Feb 18, 2026