vulnerability

Ubuntu: USN-7813-1 (CVE-2024-48943): FORT Validator vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:N/C:N/I:C/A:C)	Oct 8, 2025	Oct 10, 2025	Oct 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:C/A:C)

Published

Oct 8, 2025

Added

Oct 10, 2025

Modified

Oct 10, 2025

Description

Niklas Vogel and Haya Schulmann discovered that FORT Validator did not
perform proper input validation when parsing certain RPKI repository data.
A remote attacker could possibly use this issue to cause FORT Validator to
crash, resulting in a denial of service. (CVE-2024-45234, CVE-2024-45235,
CVE-2024-45236, CVE-2024-45238, CVE-2024-45239)

Niklas Vogel and Haya Schulmann discovered that FORT Validator did not
perform proper input validation when parsing resource certificates. A
remote attacker could possibly use this issue to cause a denial of service
or execute arbitrary code. (CVE-2024-45237)

Koen van Hove discovered that FORT Validator did not limit the duration of
data transfers when fetching RPKI repository data. A remote attacker could
possibly use this issue to cause FORT Validator to consume excessive
resources, resulting in a denial of service. (CVE-2024-48943)

Solution

ubuntu-pro-upgrade-fort-validator

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today