It seems that Google has let through a bug in its latest Android version that will affect anyone that uses VPN apps on Android 4.4. This bug can cause a variety of effects ranging from high CPU usage on network hosts, termination of connections, or packet loss when transmitting data over the network.
Based on the analysis of the bug reporter, the issue revolves around the miscalculation of the MSS or Maximum Segment Size used in a VPN connection. The MSS is practically used to avoid fragmentation when data is transferred in bits and pieces over a network. In the case of the bug, the MSS is calculated based on the wrong Maximum Transmission Unit (MTU), which is also used in determining the most efficient packet size for transmitting data that has been split into pieces over a network.
In some apps, such as Cisco’s AnyConnect VPN client, users will experience high amounts of packet loss, usually because of a packet size that is larger than what is currently allowed. This bug has been known to affect users of the Nexus 5, although the bug is likely present on any device running the latest Android 4.4.
While the bug is already reported, there has been no comment or acknowledgment from Google at the moment. Considering that Android 4.4 is not yet widely available and the number of VPN users among those might even be smaller, there is still a window of opportunity to fix the bug before it spreads. Those already experiencing the issue can attempt to adjust the VPN to compensate for the increased packet size or ask their VPN administrators to do so.