A new vulnerability allows remote ‘network adjacent attackers’ to spy on and tamper with encrypted VPN connections. The vulnerability, tracked as CVE-2019-14899, resides in the networking stack of various operating systems and can be exploited against both IPv4 and IPv6 TCP streams. Researchers tested and successfully exploited the vulnerability against the following Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, but they believe this list could go long as researchers test more systems.
Source: https://thehackernews.com/2019/12/linux-vpn-hacking.html