CVE-2024-10603
5.3MEDIUMWeaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances.
Publicado: 1/30/2025Atualizado: 7/29/2025
Descrição
Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances.
Análise IADesenvolvido por IA
Produtos Afetados
googlegvisor
googlegvisor
20231106.0
Referências
- https://github.com/google/gvisor/commit/5d2bf2546805afa09a6f6d9b23ec267823e32205Patch
- https://github.com/google/gvisor/commit/83f75082e5b03fafca9201d9d9939028f712b0b2Patch
- https://github.com/google/gvisor/commit/cbdb2c61b1f753834cedf2ebe68cbc335dadca52Patch
- https://www.ndss-symposium.org/wp-content/uploads/2025-122-paper.pdfExploitMitigationTechnical DescriptionThird Party Advisory