CVE-2024-10026
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-10026
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-10026.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-10026
- Downstream
- Published
- 2025-01-30T20:15:32.600Z
- Modified
- 2025-11-15T15:09:51.224526Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances.
- References
-
- https://www.ndss-symposium.org/wp-content/uploads/2025-122-paper.pdf
- https://github.com/google/gvisor/commit/83f75082e5b03fafca9201d9d9939028f712b0b2
- https://github.com/google/gvisor/commit/e54bfde79278cafadedbf73c68ee10cb5982f2af
- https://github.com/google/gvisor/commit/f956b5ac17ae1f60a4d21999b59ba18c55f86d56
Affected packages
Git / github.com/google/gvisor
Affected ranges
- Type
- GIT
- Repo
- https://github.com/google/gvisor
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixed
Affected versions
release-20190304.*
release-20190304.1
release-20190529.*
release-20190529.1
release-20190722.*
release-20190722.1
release-20190806.*
release-20190806.1
release-20191104.*
release-20191104.0
release-20191114.*
release-20191114.0
release-20191129.*
release-20191129.0
release-20191210.*
release-20191210.0
release-20191213.*
release-20191213.0
release-20200115.*
release-20200115.0
release-20200127.*
release-20200127.0
release-20200211.*
release-20200211.0
release-20200219.*
release-20200219.0
release-20200323.*
release-20200323.0
release-20200413.*
release-20200413.0
release-20200422.*
release-20200422.0
release-20200511.*
release-20200511.0
release-20200518.*
release-20200518.0
release-20200522.*
release-20200522.0
release-20200601.*
release-20200601.0
release-20200608.*
release-20200608.0
release-20200622.*
release-20200622.1
release-20200804.*
release-20200804.0
release-20200810.*
release-20200810.0
release-20200818.*
release-20200818.0
release-20200907.*
release-20200907.0
release-20200914.*
release-20200914.0
release-20200921.*
release-20200921.0
release-20200928.*
release-20200928.0
release-20201005.*
release-20201005.0
release-20201012.*
release-20201012.0
release-20201019.*
release-20201019.0
release-20201027.*
release-20201027.0
release-20201030.*
release-20201030.0
release-20201109.*
release-20201109.0
release-20201117.*
release-20201117.0
release-20201130.*
release-20201130.0
release-20201208.*
release-20201208.0
release-20201216.*
release-20201216.0
release-20210112.*
release-20210112.0
release-20210121.*
release-20210121.1
release-20210125.*
release-20210125.0
release-20210201.*
release-20210201.0
release-20210208.*
release-20210208.0
release-20210301.*
release-20210301.0
release-20210309.*
release-20210309.0
release-20210315.*
release-20210315.0
release-20210322.*
release-20210322.0
release-20210408.*
release-20210408.0
release-20210412.*
release-20210412.0
release-20210419.*
release-20210419.0
release-20210503.*
release-20210503.0
release-20210510.*
release-20210510.0
release-20210518.*
release-20210518.0
release-20210601.*
release-20210601.0
release-20210607.*
release-20210607.0
release-20210614.*
release-20210614.0
release-20210622.*
release-20210622.0
release-20210628.*
release-20210628.0
release-20210705.*
release-20210705.0
release-20210712.*
release-20210712.0
release-20210720.*
release-20210720.0
release-20210726.*
release-20210726.0
release-20210806.*
release-20210806.0
release-20210816.*
release-20210816.0
release-20210823.*
release-20210823.0
release-20210830.*
release-20210830.0
release-20210906.*
release-20210906.0
release-20210921.*
release-20210921.0
release-20210927.*
release-20210927.0
release-20211005.*
release-20211005.0
release-20211011.*
release-20211011.0
release-20211019.*
release-20211019.0
release-20211026.*
release-20211026.0
release-20211101.*
release-20211101.0
release-20211108.*
release-20211108.0
release-20211115.*
release-20211115.0
release-20211122.*
release-20211122.0
release-20211129.*
release-20211129.0
release-20220103.*
release-20220103.0
release-20220117.*
release-20220117.0
release-20220124.*
release-20220124.0
release-20220131.*
release-20220131.0
release-20220208.*
release-20220208.0
release-20220214.*
release-20220214.0
release-20220221.*
release-20220221.0
release-20220222.*
release-20220222.0
release-20220228.*
release-20220228.0
release-20220309.*
release-20220309.0
release-20220314.*
release-20220314.0
release-20220321.*
release-20220321.0
release-20220328.*
release-20220328.0
release-20220405.*
release-20220405.0
release-20220411.*
release-20220411.0
release-20220418.*
release-20220418.0
release-20220425.*
release-20220425.0
release-20220502.*
release-20220502.1
release-20220510.*
release-20220510.0
release-20220516.*
release-20220516.0
release-20220606.*
release-20220606.0
release-20220621.*
release-20220621.0
release-20220627.*
release-20220627.0
release-20220704.*
release-20220704.0
release-20220713.*
release-20220713.0
release-20220718.*
release-20220718.0
release-20220801.*
release-20220801.0
release-20220808.*
release-20220808.0
release-20220815.*
release-20220815.0
release-20220822.*
release-20220822.0
release-20220905.*
release-20220905.0
release-20220913.*
release-20220913.0
release-20220919.*
release-20220919.0
release-20220926.*
release-20220926.0
release-20221003.*
release-20221003.0
release-20221010.*
release-20221010.0
release-20221017.*
release-20221017.0
release-20221026.*
release-20221026.0
release-20221102.*
release-20221102.1
release-20221107.*
release-20221107.0
release-20221122.*
release-20221122.0
release-20221128.*
release-20221128.0
release-20221205.*
release-20221205.0
release-20221212.*
release-20221212.0
release-20221219.*
release-20221219.0
release-20230102.*
release-20230102.0
release-20230109.*
release-20230109.0
release-20230118.*
release-20230118.0
release-20230123.*
release-20230123.0
release-20230130.*
release-20230130.0
release-20230214.*
release-20230214.0
release-20230227.*
release-20230227.0
release-20230306.*
release-20230306.0
release-20230313.*
release-20230313.0
release-20230320.*
release-20230320.0
release-20230327.*
release-20230327.0
release-20230417.*
release-20230417.0
release-20230501.*
release-20230501.0
release-20230508.*
release-20230508.0
release-20230517.*
release-20230517.0
release-20230522.*
release-20230522.0
release-20230529.*
release-20230529.0
release-20230605.*
release-20230605.0
release-20230621.*
release-20230621.0
release-20230627.*
release-20230627.0
release-20230710.*
release-20230710.0
release-20230717.*
release-20230717.0
release-20230724.*
release-20230724.0
release-20230731.*
release-20230731.0
release-20230801.*
release-20230801.0
release-20230807.*
release-20230807.0
release-20230814.*
release-20230814.0
release-20230823.*
release-20230823.0
release-20230904.*
release-20230904.0
release-20230911.*
release-20230911.0
release-20230920.*
release-20230920.0
release-20230925.*
release-20230925.0
release-20231003.*
release-20231003.0
release-20231009.*
release-20231009.0
release-20231016.*
release-20231016.0
release-20231023.*
release-20231023.0