DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.
References
Link | Resource |
---|---|
https://issues.chromium.org/issues/b/342802975 | Broken Link |
https://issuetracker.google.com/issues/342802975 | Issue Tracking Mailing List |
Configurations
History
08 Jul 2025, 18:08
Type | Values Removed | Values Added |
---|---|---|
First Time |
Google chrome Os
|
|
References | () https://issues.chromium.org/issues/b/342802975 - Broken Link | |
References | () https://issuetracker.google.com/issues/342802975 - Issue Tracking, Mailing List | |
CPE | cpe:2.3:o:google:chrome_os:16002.23.0:*:*:*:*:*:*:* |
06 May 2025, 01:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
Summary | (en) DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions. |
17 Apr 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1319 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
16 Apr 2025, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-16 23:15
Updated : 2025-07-08 18:08
NVD link : CVE-2025-1566
Mitre link : CVE-2025-1566
CVE.ORG link : CVE-2025-1566
JSON object : View
Products Affected
- chrome_os
CWE
CWE-1319
Improper Protection against Electromagnetic Fault Injection (EM-FI)