A “critical flaw” in macOS Sonoma’s firewall system can break Mullvad VPN and potentially other software dependent on packet filtering, according to the VPN provider — as noted by PCMag.

In a tweet Mullvad warned users about the problem, which has been popping up in the early versions of macOS Sonoma ahead of its release on Sept. 26. Here’s what the tweet said: The macOS 14 Sonoma betas and release candidate contain a bug that causes the firewall to not filter traffic correctly. As a result, our app does not work.

During the macOS 14 Sonoma beta period Apple introduced a bug in the macOS firewall, packet filter (PF). This bug prevents our app from working, and can result in leaks when some settings (e.g. local network sharing) are enabled. We cannot guarantee functionality or security for users on macOS 14, we have investigated this issue after the 6th beta was released and reported the bug to Apple. Unfortunately the bug is still present in later macOS 14 betas and the release candidate.

We have evaluated whether we can patch our VPN app in such a way that it works and keeps users secure in macOS 14. But unfortunately there is no good solution, as far as we can tell. We believe the firewall bugs must be fixed by Apple.

The bug affects much more than just the Mullvad VPN app. Firewall rules do not get applied properly to network traffic, and traffic that is not supposed to be allowed is allowed. We deem this to be a critical flaw in the firewall, anyone relying on PF filtering, or apps using it in the background on their macOS devices should be cautious about upgrading to macOS 14.

Our recommendations

MacOS 14 Sonoma is scheduled to be released on the 26th of September, if the bug is still present we recommend our users to remain on macOS 13 Ventura until it is fixed.




Article provided with permission from AppleWorld.Today