VPN provider Mullvad warns Android users about potential DNS leaks. These are caused by bugs in the OS and can be abused to access the rough location of users and find out which websites are visited.
Mullvad has found two scenarios where Android can leak DNS traffic. On the one hand, the system can be vulnerable when a VPN is active without a DNS server set up. On the other hand, DNS traffic may be exposed for a short time when the VPN tunnel is reconfigured or when the VPN is forcibly shut down or crashes.
According to the VPN service, these vulnerabilities are caused by bugs in Android itself and only certain apps are affected. The leaks are said to occur in multiple versions of the OS, including Android 14.
Mullvad indicates that the first problem can be easily resolved and that a fix should be available for the Android app soon. However, they say it is difficult to remedy the exposure when the tunnel is reset. The company reported the problems to Google and suggested improvements.
Tags: VPN service Mullvad warns DNS leaks Android Computer News