gVisor TCP/UDP source port prediction CVE-2024-10603
CVE-2024-10603 Published on January 30, 2025
Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances.
Weakness Type
Generation of Predictable Numbers or Identifiers
The product uses a scheme that generates numbers or identifiers that are more predictable than required.
Products Associated with CVE-2024-10603
Want to know whenever a new CVE is published for Google Gvisor? stack.watch will email you.
Affected Versions
Google gVisor Version release-20241028.0 is unaffected by CVE-2024-10603Exploit Probability
EPSS
0.13%
Percentile
32.43%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.