Popular VPN closes critical vulnerability on Linux client

Someone using a VPN on a PC.
Image credit: Shutterstock (Image credit: Shutterstock)

The VPN service Private Internet Access (PIA) has released a new version of its Linux client which fixes a critical vulnerability that could have allowed remote attackers to bypass the software's kill switch.

The vulnerability, tracked as CVE-2020-15590, was discovered by Sick Codes and it affects versions 1.5 through 2.3 of PIA's Linux client.

The client's kill switch is configured to block all inbound and outbound network traffic when a VPN connection drops. However, privileged applications still have the ability to send and receive network traffic even when the kill switch is turned on if net.ipv4.ip_forward has been enabled in the system kernel parameters.

In a vulnerability disclosure on its site, Sick Codes explained that a Docker container running on a host with the VPN turned off and the kill switch turned on can continue using the internet and leak the host IP. This could allow a remote attacker to read sensitive information by intercepting network traffic.

Using Docker with a VPN

TechRadar Pro reached out to PIA regarding the now patched vulnerability and a spokesperson for the company provided the following statement explaining the issue:

“We were contacted in relation to the use of the Docker platform exclusively with the PIA Linux client in July 2020. Docker on Linux had not previously been supported by PIA as the Docker engine runs with root privileges, and we cannot guarantee that the killswitch will protect software that is itself able to control networking. The issue raised solely relates to using the PIA Linux client in the host while running other Docker containers on that same host. This issue relates to forwarded network connections on Linux, which are used by the Docker platform. This is not to be confused with common “VPN containers” used by users online, which create a VPN connection inside the container to be used for specific apps only.

“For the issue raised, we have no legacy customer support requests relating to this use case. We welcome input from community sources in addressing their usage and with this in mind, we took the decision to support this use case with our next Linux client release.”

PIA users running Docker on Linux should upgrade to version 2.4 of the company's client as soon as possible to avoid any potential attacks leveraging this vulnerability.

  • Also check out our complete list of the best VPN services
TOPICS
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.