7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-3029

GHSA ID

GHSA-m4vx-ccrf-w399

EPSS Score

0.54877%

CWE

CWE-617

Published

9/14/2022

Updated

1/29/2023

KEV Status

Technology

Rust

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-3029

CVE-2022-3029: NLnet Labs Routinator has Reachable Assertion vulnerability

In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files which are not correctly base 64 encoded are treated as a fatal error and causes Routinator to exit. Worst case impact of this vulnerability is denial of service for the RPKI data that Routinator provides to routers. This may stop your network from validating route origins based on RPKI data. This vulnerability does not allow an attacker to manipulate RPKI data.

(GitHub Advisory)

7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-3029

GHSA ID

GHSA-m4vx-ccrf-w399

EPSS Score

0.54877%

CWE

CWE-617

Published

9/14/2022

Updated

1/29/2023

KEV Status

Technology

Rust

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
routinator	rust	>= 0.9.0, < 0.11.3	0.11.3

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from improper error handling in RRDP processing. Key evidence comes from the commit diff showing:

The removal of fatal error returns in SnapshotUpdate/DeltaUpdate's process_publish methods
Introduction of MaxSizeReadError to distinguish between size limits vs. read/decode errors
Modifications to RepositoryObject::create's error handling

Pre-patch code treated any non-size-related error (including Base64 decoding failures) as fatal via the 'Err(Failed)' path. The vulnerable functions directly handled error cases that should have been non-fatal, causing denial of service through process termination.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In NLn*t L**s Routin*tor *.*.* up to *n* in*lu*in* *.**.*, *u* to * mist*k* in *rror **n*lin*, **t* in RR*P sn*ps*ot *n* **lt* *il*s w*i** *r* not *orr**tly **s* ** *n*o*** *r* tr**t** *s * **t*l *rror *n* **us*s Routin*tor to *xit. Worst **s* imp**t

Reasoning

T** vuln*r**ility st*mm** *rom improp*r *rror **n*lin* in RR*P pro**ssin*. K*y *vi**n** *om*s *rom t** *ommit *i** s*owin*: *. T** r*mov*l o* **t*l *rror r*turns in Sn*ps*otUp**t*/**lt*Up**t*'s pro**ss_pu*lis* m*t*o*s *. Intro*u*tion o* M*xSiz*R****r

7.5

Basic Information

Concerned about an active attack path?

CVE-2022-3029: NLnet Labs Routinator has Reachable Assertion vulnerability

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI