From 12008a00b201427da42a06a11d32fe98ad988acb Mon Sep 17 00:00:00 2001
From: "advisory-database[bot]"
 <45398580+advisory-database[bot]@users.noreply.github.com>
Date: Fri, 27 Dec 2024 18:14:14 +0000
Subject: [PATCH] Publish GHSA-hqmp-g7ph-x543

---
 .../GHSA-hqmp-g7ph-x543.json                  | 59 +++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 advisories/github-reviewed/2024/12/GHSA-hqmp-g7ph-x543/GHSA-hqmp-g7ph-x543.json

diff --git a/advisories/github-reviewed/2024/12/GHSA-hqmp-g7ph-x543/GHSA-hqmp-g7ph-x543.json b/advisories/github-reviewed/2024/12/GHSA-hqmp-g7ph-x543/GHSA-hqmp-g7ph-x543.json
new file mode 100644
index 0000000000000..e58478dadab6a
--- /dev/null
+++ b/advisories/github-reviewed/2024/12/GHSA-hqmp-g7ph-x543/GHSA-hqmp-g7ph-x543.json
@@ -0,0 +1,59 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-hqmp-g7ph-x543",
+  "modified": "2024-12-27T18:12:47Z",
+  "published": "2024-12-27T18:12:47Z",
+  "aliases": [],
+  "summary": "TunnelVision - decloaking VPNs using DHCP",
+  "details": "A new decloaking technique for nearly all VPN implementations has been found, which allows attackers to inject entries into the routing tables of unsuspecting victims using DHCP option 121. This allows attackers to redirect traffic, which is supposed to be sent encrypted over the VPN, through the physical interface handling DHCP for the network the victim's computer is connected to, effectively bypassing the VPN connection.\n\n### Impact\nAll users are potentially affected, as this attack vector can be used against _any_ VPN implementation without mitigations in place.\n\n### Patches\nCurrently, there are no existing mitigations employed by Quincy.\n\n### Workarounds\nDisabling DHCP option 121 in the DHCP client is a potential workaround, as it prevents this kind of attack.\n\n### References\nhttps://www.leviathansecurity.com/blog/tunnelvision\n",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "crates.io",
+        "name": "quincy"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "0.13.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/M0dEx/quincy/security/advisories/GHSA-hqmp-g7ph-x543"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/M0dEx/quincy"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.leviathansecurity.com/blog/tunnelvision"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-200"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2024-12-27T18:12:47Z",
+    "nvd_published_at": null
+  }
+}
\ No newline at end of file