I saw many reactions whose content was, in essence, "this attack has been known for a long time". At the same time, I see a number of VPN vendors confirming that they are vulnerable, at least in part ( https://www.theregister.com/2023/08/10/tunnelcrack_vpn/ ), and the paper was accepted at usenix, and so far no one has been able to show me a source pointing out that this vulnerability was already known…
The vulnerability is known since DHCP accepts any routes it receives (by design) and because ISPs could always MITM your connection and log everything.