Together, towards a better future

Linux Bug Lets You Hijack Encrypted VPN Connections

1 min read
Linux Bug Lets You Hijack Encrypted VPN Connections

Cybersecurity researchers have disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote ‘network adjacent attackers’ to spy on and tamper with encrypted VPN connections.

Tracked as CVE-2019-14899, resides in the networking stack of various operating systems and can be exploited against both IPv4 and IPv6 TCP streams.

This vulnerability can be exploited by a network attacker — controlling an access point or connected to the victim’s network — just by sending unsolicited network packets to a targeted device and observing replies, even if they are encrypted.

The researchers tested and successfully exploited the vulnerability against the following operating systems and the init systems, but they believe this list could go long as researchers test the flaw on more systems.

  • Ubuntu 19.10 (systemd)
  • Fedora (systemd)
  • Debian 10.2 (systemd)
  • Arch 2019.05 (systemd)
  • Manjaro 18.1.1 (systemd)
  • Devuan (sysV init)
  • MX Linux 19 (Mepis+antiX)
  • Void Linux (runit)
  • Slackware 14.2 (rc.d)
  • Deepin (rc.d)
  • FreeBSD (rc.d)
  • OpenBSD (rc.d)

While the researchers have not yet revealed technical details of the vulnerability, they are planning to publish an in-depth analysis of this flaw and its related implications, after affected vendors, including Systemd, Google, Apple, OpenVPN, WireGuard, and different Linux distros issue satisfactory workarounds and patches.

Get all the latest posts delivered straight to your inbox!
🎉 You've successfully subscribed to Hack Hex!