CVE-2024-10604 — MEDIUM (5.3)

Q: How severe is CVE-2024-10604?

CVE-2024-10604 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-10604?

Check the references section above for vendor advisories and patch information. Affected products include: Google Fuchsia.

Vulnerability Description

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Google	Fuchsia	< f16

Related Weaknesses (CWE)

CWE-330

References

https://fuchsia.googlesource.com/fuchsia/+/40e7fbcdcd013441daf4492f1ead349a9e5b8Patch
https://fuchsia.googlesource.com/fuchsia/+/a3c17a4d6b3140f9175d6cf6ac4eb4e775f8dPatch
https://www.ndss-symposium.org/wp-content/uploads/2025-122-paper.pdfExploitMitigationThird Party Advisory

FAQ

What is CVE-2024-10604?

CVE-2024-10604 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for the...

How severe is CVE-2024-10604?

CVE-2024-10604 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-10604?

Check the references section above for vendor advisories and patch information. Affected products include: Google Fuchsia.