Just wondering if this also affects GL routers and if there are patches planned?
" The researchers disclosed the security flaw they detected, tracked as CVE-2019-14899, to Linux distro makers, the Linux kernel security team and to others that are impacted including systemd, Google, Apple, OpenVPN and WireGuard.
As of now, the vulnerability is known to impact most Linux distributions as well as Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS and Android."
Interesting… assumes that one would have access to the AP, so one has to break into this first… unless of course, one is doing fun things with pineapple kind of stuff.
Let’s see what pops up in upstream OpenWRT-Master first…
There are 3 steps to this attack:
Determining the VPN client’s virtual IP address
Using the virtual IP address to make inferences about active
connections
Using the encrypted replies to unsolicited packets to determine the
sequence and acknowledgment numbers of the active connection to hijack
the TCP session
There are 4 components to the reproduction:
The Victim Device (connected to AP, 192.168.12.x, 10.8.0.8)
AP (controlled by attacker, 192.168.12.1)
VPN Server (not controlled by attacker, 10.8.0.1)
A Web Server (not controlled by the attacker, public IP in a real-
world scenario)