{"id":"CVE-2024-10603","details":"Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances.","modified":"2026-04-10T05:08:08.524105Z","published":"2025-01-30T20:15:32.803Z","references":[{"type":"FIX","url":"https://github.com/google/gvisor/commit/83f75082e5b03fafca9201d9d9939028f712b0b2"},{"type":"FIX","url":"https://github.com/google/gvisor/commit/cbdb2c61b1f753834cedf2ebe68cbc335dadca52"},{"type":"FIX","url":"https://github.com/google/gvisor/commit/5d2bf2546805afa09a6f6d9b23ec267823e32205"},{"type":"EVIDENCE","url":"https://www.ndss-symposium.org/wp-content/uploads/2025-122-paper.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/google/gvisor","events":[{"introduced":"0"},{"fixed":"bdc50df4596ae948685e26012094df3fd214dbfa"},{"introduced":"0"},{"last_affected":"42b69d0151b778b53cd23ec7dcca963903857294"},{"fixed":"5d2bf2546805afa09a6f6d9b23ec267823e32205"},{"fixed":"83f75082e5b03fafca9201d9d9939028f712b0b2"},{"fixed":"cbdb2c61b1f753834cedf2ebe68cbc335dadca52"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"20231030.0"},{"introduced":"0"},{"last_affected":"20231106.0"}]}}],"versions":["release-20190304.1","release-20190529.1","release-20190722.1","release-20190806.1","release-20191104.0","release-20191114.0","release-20191129.0","release-20191210.0","release-20191213.0","release-20200115.0","release-20200127.0","release-20200211.0","release-20200219.0","release-20200323.0","release-20200413.0","release-20200422.0","release-20200511.0","release-20200518.0","release-20200522.0","release-20200601.0","release-20200608.0","release-20200622.1","release-20200804.0","release-20200810.0","release-20200818.0","release-20200907.0","release-20200914.0","release-20200921.0","release-20200928.0","release-20201005.0","release-20201012.0","release-20201019.0","release-20201027.0","release-20201030.0","release-20201109.0","release-20201117.0","release-20201130.0","release-20201208.0","release-20201216.0","release-20210112.0","release-20210121.1","release-20210125.0","release-20210201.0","release-20210208.0","release-20210301.0","release-20210309.0","release-20210315.0","release-20210322.0","release-20210408.0","release-20210412.0","release-20210419.0","release-20210503.0","release-20210510.0","release-20210518.0","release-20210601.0","release-20210607.0","release-20210614.0","release-20210622.0","release-20210628.0","release-20210705.0","release-20210712.0","release-20210720.0","release-20210726.0","release-20210806.0","release-20210816.0","release-20210823.0","release-20210830.0","release-20210906.0","release-20210921.0","release-20210927.0","release-20211005.0","release-20211011.0","release-20211019.0","release-20211026.0","release-20211101.0","release-20211108.0","release-20211115.0","release-20211122.0","release-20211129.0","release-20220103.0","release-20220117.0","release-20220124.0","release-20220131.0","release-20220208.0","release-20220214.0","release-20220221.0","release-20220222.0","release-20220228.0","release-20220309.0","release-20220314.0","release-20220321.0","release-20220328.0","release-20220405.0","release-20220411.0","release-20220418.0","release-20220425.0","release-20220502.1","release-20220510.0","release-20220516.0","release-20220606.0","release-20220621.0","release-20220627.0","release-20220704.0","release-20220713.0","release-20220718.0","release-20220801.0","release-20220808.0","release-20220815.0","release-20220822.0","release-20220905.0","release-20220913.0","release-20220919.0","release-20220926.0","release-20221003.0","release-20221010.0","release-20221017.0","release-20221026.0","release-20221102.1","release-20221107.0","release-20221122.0","release-20221128.0","release-20221205.0","release-20221212.0","release-20221219.0","release-20230102.0","release-20230109.0","release-20230118.0","release-20230123.0","release-20230130.0","release-20230214.0","release-20230227.0","release-20230306.0","release-20230313.0","release-20230320.0","release-20230327.0","release-20230417.0","release-20230501.0","release-20230508.0","release-20230517.0","release-20230522.0","release-20230529.0","release-20230605.0","release-20230621.0","release-20230627.0","release-20230710.0","release-20230717.0","release-20230724.0","release-20230731.0","release-20230801.0","release-20230807.0","release-20230814.0","release-20230823.0","release-20230904.0","release-20230911.0","release-20230920.0","release-20230925.0","release-20231003.0","release-20231009.0","release-20231016.0","release-20231023.0","release-20231030.0","release-20231106.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-10603.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}