A code execution vulnerability exists in VS Code Jupyter 2022.9.100* and earlier versions.
An attacker can create arbitrarry kernels in the %PROGRAMDATA%/jupyter/kernels directory which ends up getting loaded by the Jupyter extension, and results in malicious proceses being launched within the context of the user.
Patches
The fix is available starting with Jupyter 2022.9.1100000000. The fix mitigates this attack by not loading kernlespecs from such untrusted locations.
Workarounds
It is advised that users create kernels in other directories as defined here which do not have such relaxed permission, or create a folder %PROGRAMDATA%\jupyter\kernels\ and configure it to be writable only by the current user.
Optionally, users could continue to use such kernels by updating the setting jupyter.kernels.trusted to include the path to such kernelspecs.
Updating the setting jupyter.kernels.trusted:
- Copy the fully qualified path to the kernelspec, e.g.
C:\ProgramData\Jupyter\kernels\Python3\kernel.json
- Open the VS User Settings UI using the command
Preferences: Open User Settings from the Command Palette.
- Search for the setting
jupyter.kernels.trusted
- Add a new value into the list using the
Add button
- Re-load VS Code
At any point it is possible to remove the above kernel from the setting there by disallowing this kernel to run in VS Code.
References
A code execution vulnerability exists in VS Code Jupyter 2022.9.100* and earlier versions.
An attacker can create arbitrarry kernels in the %PROGRAMDATA%/jupyter/kernels directory which ends up getting loaded by the Jupyter extension, and results in malicious proceses being launched within the context of the user.
Patches
The fix is available starting with Jupyter 2022.9.1100000000. The fix mitigates this attack by not loading kernlespecs from such untrusted locations.
Workarounds
It is advised that users create kernels in other directories as defined here which do not have such relaxed permission, or create a folder
%PROGRAMDATA%\jupyter\kernels\and configure it to be writable only by the current user.Optionally, users could continue to use such kernels by updating the setting
jupyter.kernels.trustedto include the path to such kernelspecs.Updating the setting
jupyter.kernels.trusted:C:\ProgramData\Jupyter\kernels\Python3\kernel.jsonPreferences: Open User Settingsfrom theCommand Palette.jupyter.kernels.trustedAddbuttonAt any point it is possible to remove the above kernel from the setting there by disallowing this kernel to run in VS Code.
References