A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties (such as Fort) are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently uses its cache merely as a bandwidth saving tool (because fetching is performed through deltas). If a fetch fails midway or yields incorrect files, there is no viable fallback. This leads to incomplete route origin validation data.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56169.json",
"cna_assigner": "mitre",
"unresolved_ranges": [
{
"extracted_events": [
{
"fixed": "2.0.0"
}
],
"source": "DESCRIPTION"
}
]
}{
"cpe": "cpe:2.3:a:nicmx:fort_validator:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.6.4"
},
{
"last_affected": "1.6.6"
}
],
"source": [
"DESCRIPTION",
"CPE_RANGE"
]
}[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"125891005608191820770720877063515235555",
"316611299361116449666094811952290979834",
"128216587994527917137212365768304293579",
"221974358816444001466352480821069488281",
"3736484218255656514377126541270710995",
"147025275818387161275454253042588794037",
"339293208946729552126420443306772256070",
"117159239386617903839733277221997793612"
]
},
"target": {
"file": "src/object/certificate.c"
},
"id": "CVE-2024-56169-4656c08c",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/nicmx/fort-validator/commit/b0914e8cf864dabc99db81d247054e063c71e003",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"143721449560931799191158835214769215488",
"57087654008261763998719159489069014322",
"338290369151923393925060084543590778673",
"45497942197622468526934548201341809873",
"328731616568163051924845625805541950514",
"299441761249121804907079016085885198745",
"322033195409701495922415129337971157909",
"284981517908473252261470001461446537595",
"9824603760609492702629091530989179889"
]
},
"target": {
"file": "src/config.c"
},
"id": "CVE-2024-56169-bcdba9cb",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/nicmx/fort-validator/commit/b0914e8cf864dabc99db81d247054e063c71e003",
"deprecated": false
},
{
"digest": {
"function_hash": "125108124420554091507793346910900119124",
"length": 680.0
},
"target": {
"function": "print_usage",
"file": "src/config.c"
},
"id": "CVE-2024-56169-d452b134",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/nicmx/fort-validator/commit/b0914e8cf864dabc99db81d247054e063c71e003",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56169.json"
"2026-07-09T10:01:19Z"