PT-2025-1598 · Google · Gvisor
Amit Klein
+2
·
Published
2025-01-30
·
Updated
2025-07-29
·
CVE-2024-10603
CVSS v4.0
6.3
Medium
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
Name of the Vulnerable Software and Affected Versions
gVisor (affected versions not specified)
Description
The issue concerns weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor. This allowed an external attacker to predict these values in certain circumstances.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gvisor