diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2024-11-13 16:49:34 +0100 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2024-12-11 13:43:11 +0100 |
| commit | 28cb21840c6877de67a74a96b7eaca3f76651d72 (patch) | |
| tree | d3cb2fb38554a0d3f5857b6510bddc3fa6eb1da3 /docs | |
| parent | be76d1264e70ee796000e93a12a35eef3cf6e1be (diff) | |
| download | mullvadvpn-28cb21840c6877de67a74a96b7eaca3f76651d72.tar.xz mullvadvpn-28cb21840c6877de67a74a96b7eaca3f76651d72.zip | |
Add 2024 audit report and accompanying documentation
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/known-issues.md | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/known-issues.md b/docs/known-issues.md index 28d53b6af5..2e9a2887d1 100644 --- a/docs/known-issues.md +++ b/docs/known-issues.md @@ -229,6 +229,7 @@ it very difficult to properly secure them. ### Android exposes in-tunnel VPN IPs to network adjacent attackers via ARP +<a id="MLLVD-CR-24-03"></a> By default the kernel parameter [`arp_ignore`] is set to `0` on Android. This makes the device reply to ARP requests for any local target IP address, configured on any interface. This means that any @@ -251,8 +252,11 @@ tunnel IP. #### Timeline -* November 6, 2024 - Auditors reported this issue on Linux and Android, later classified as `MLLVD-CR-24-03`. +* November 6, 2024 - Auditors from X41 D-Sec reported this issue as part of the [2024 app audit]. + The issue was given the identifier [`MLLVD-CR-24-03`]. * November 14, 2024 - We reported the issue [upstream to Google]. [`arp_ignore`]: https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt +[2024 app audit]: ../audits/2024-12-10-X41-D-Sec.md +[`MLLVD-CR-24-03`]: ../audits/2024-12-10-X41-D-Sec.md#MLLVD-CR-24-03 [upstream to Google]: https://issuetracker.google.com/issues/378814597 |