Your location: Your IP: Your status:ProtectedUnprotected · To the tests »

WLS2 Leak: Problem solved

WLS2 Leak: Problem solved

As recently reported, there is a leak when using Linux under WSL2 (Windows subsystem for Linux 2). An investigation showed that other VPN software from different vendors is also vulnerable to this leak.

Using Linux under WSL2, the Linux guest bypasses all normal layers of the WSP (the firewall on the Windows host). This means that the traffic goes out of the network unfiltered because all blockings by the Windows firewall are ignored.

If a VPN tunnel is active, the Linux guest will send the traffic over the VPN without any leak. But if a connection is lost or the server is changed, the traffic goes out through the regular network, even when the VPN tunnel is activated permanently.

Details about the Leak

The problem is due to the virtual Hyper-V networking used by WSL2. The data packets passes the firewall of the host. Therefore the virtual Hyper-V Ethernet adapter can send and receive all packets of the Linux guest without being checked by the Windows Firewall. In the lower layers of WFP (OSI layer2) the forwarded (NATed) packets are inspected as normal Ethernet frames. This leak can also occur in Windows Sandbox or Docker if the guest uses Hyper-V for the network.

The solution

This problem is solved in the new version of the Windows VPN Manager. We redirect the route where the leak may occur to a non-existent IP address. We therefore strongly recommend an update to the new version which supports the so-called null routing.

Your Perfect Privacy Team

This website uses cookies to analyze the traffic and to control our advertising. By using this site, you agree to the use of cookies. More information can be found in our privacy policy.