Tailscale and TunnelVision: our analysis

The TunnelVision bug (CVE 2024-3661) disclosed by Leviathan Security has prompted questions about its impact on Tailscale, a VPN, overlay, and mesh networking service. While the bug does not pose a major security threat to most Tailscale users, its effects vary depending on usage, environment, and operating system. Tailscale’s routing management on Linux and Android prevents the attack, but Apple platforms, including macOS and iOS, are more susceptible due to DHCP-provided routes taking precedence. Tailscale on Windows is partially impacted, with some traffic issues arising when using exit nodes. Tailscale has updated its macOS client to warn users of DHCP Option 121 routes, and users can disable these warnings via system settings. Despite the challenges in mitigating the issue on iOS due to platform restrictions, the company advises users to manually check for suspicious routes and use secure application protocols to minimize risk. The company emphasizes that the bug's adverse effects stem from standard use of DHCP option 121 and stresses the importance of encrypted communication protocols like HTTPS and SSH to safeguard Internet traffic.