This flaw majorly impacts Linux based OS, but attackers can use the vulnerability to attack other users. Here is a partial list of all such OS –
Ubuntu 19.10 (systemd) Fedora (systemd) Debian 10.2 (systemd) Arch 2019.05 (systemd) Manjaro 18.1.1 (systemd) Devuan (sysV init) MX Linux 19 (Mepis+antiX) Void Linux (runit) Slackware 14.2 (rc.d) Deepin (rc.d) FreeBSD (rc.d) OpenBSD (rc.d)
How do attackers use this flaw?
This security flaw allows a network adjacent attacker to know if another user is connected to the same VPN server. The attacker can also find whether or not if the user is connected to a given website. Plus, they can determine the exact sequence and acknowledged numbers. After which they examine the packet send back, which leads to injecting of data and eventually hijacking the connection.
How to stay safe from this attack?
There is a very simple solution for this; all you need is to turn reverse path filtering on by using bogon filtering. Or by using filtering bogus IP address or encrypt packet size and timing. We suggest that you change this setting as quickly as possible; otherwise, you will be exposed to big vulnerability.
