CVE-2022-3029: NLnet Labs Routinator has Reachable Assertion vulnerability
7.5
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.54877%
CWE
Published
9/14/2022
Updated
1/29/2023
KEV Status
No
Technology
Rust
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
routinator | rust | >= 0.9.0, < 0.11.3 | 0.11.3 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stemmed from improper error handling in RRDP processing. Key evidence comes from the commit diff showing:
- The removal of fatal error returns in SnapshotUpdate/DeltaUpdate's process_publish methods
- Introduction of MaxSizeReadError to distinguish between size limits vs. read/decode errors
- Modifications to RepositoryObject::create's error handling
Pre-patch code treated any non-size-related error (including Base64 decoding failures) as fatal via the 'Err(Failed)' path. The vulnerable functions directly handled error cases that should have been non-fatal, causing denial of service through process termination.