Three researchers from the University of New Mexico and Breakpointing Bad have identified vulnerability in the way Unix and Linux-based operating systems like the macOS handle the TCIP connections. Researchers believe that vulnerability can specifically affect VPN users by hijacking encrypted traffic.
See: Israeli firm buys Private Internet Access (PIA) VPN raising privacy concerns
The research team comprising of William Tolley, Beau Kujath, and Jedidiah Crandall have classified the vulnerability as CVE-2019-14899. They state it to be a security weakness present in a majority of Linux distros, and other operating systems like iOS, Android, FreeBSD, macOS, and OpenBSD.
They shared their findings with distros and Linux kernel security teams along with other firms that are directly affected including Apple, Google, Systemd, OpenVPN, and WireGuard. The list of affected systems is available below:
• MX Linux 19 (Mepis+antiX)
• FreeBSD (rc.d)
• Slackware 14.2 (rc.d)
• Ubuntu 19.10 (systemd)
• Fedora (systemd)
• Debian 10.2 (systemd)
• Devuan (sysV init)
• OpenBSD (rc.d)
• Arch 2019.05 (systemd)
• Manjaro 18.1.1 (systemd)
• Deepin (rc.d)
• Void Linux (runit)
The vulnerability is found in the systems’ routing table code and TCP code. Through this flaw, an attacker can analyze traffic by strategically using the encrypted DNS queries with error messages to obtain exclusive information about open TCP connection. That is, an attacker can assess when a user is connected to a VPN, obtain their IP address that is provided by the VPN server and iden ..
Support the originator by clicking the read the rest link below.
