CVE-2024-10603

Summary

Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances.

Affected Software

VendorProductVersion RangeStatus
GooglegVisorrelease-20241028.0unaffected

Weaknesses

  • CWE-340: CWE-340

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References