Researchers at the University of New Mexico have discovered a vulnerability affecting Ubuntu, Fedora, Debian, FreeBSD, OpenBSD, macOS, iOS Android, and other Unix-based operating systems. The problem allows you to eavesdrop, intercept and interfere with the operation of VPN connections.
The bug was identified as CVE-2019-14899, and the root of the problem lies in the network stacks of a number of Unix-based operating systems, or rather, in the way these operating systems react to unexpected network packets. An attacker can use the vulnerability to probe the device and reveal various details about the state of the user's VPN connection.
Attacks can be carried out on behalf of a malicious access point or router, or an attacker can be present on the same network to determine if another user is connected to the VPN, find out his virtual IP address assigned by the server, and determine if the victim is connected to a specific site. Worse, the bug allows you to determine the exact sequence of packets in certain VPN connections, which can be used to inject into the TCP data stream and compromise the connection.
The researchers report that they have successfully exploited the vulnerability in the following operating systems, and also write that the problem applies to Android, iOS and macOS:
Ubuntu 19.10 (systemd)
Fedora (systemd)
Debian 10.2 (systemd)
Arch 2019.05 (systemd)
Manjaro 18.1.1 (systemd)
Devuan (sysV init)
MX Linux 19 (Mepis + antiX)
Void Linux (runit)
Slackware 14.2 (rc.d))
Deepin (rc.d)
FreeBSD (rc.d)
OpenBSD (rc.d)
It is emphasized that the attack works against OpenVPN, WireGuard, and IKEv2 / IPSec and so on, since the VPN technology itself is irrelevant, nor does the use of IPv4 or IPv6.
