CVE-2024-37325

Обходное решение

The following workaround can be used by customers to protect against this vulnerability if they can not immediately deploy the fix to existing DSVM deployments.

Delete and recreate DSVM credential

1. Open the command line console of the DSVM resource.
2. Delete the file containing the DSVM's credential by running this command:

   sudo rm -f /etc/jupyterhub/jupyterhub_cookie_secret

   .

3. Restart the DSVM's JupyterHub Service by running the following commands:

   sudo service jupyterhub stop

   followed by

   sudo service jupyterhub start

   .

Impact of workaround

The JuypterHub Service running on the DSVM resource will be restarted and the DSVM credential will be regenerated.

FAQ

What actions do customers need to take to protect themselves from this vulnerability?

Only customers using Linux/Ubuntu Data Science Virtual Machines (DSVM) with versions prior to 24.05.24 may be affected. For guidance on how to update your resources, reference the following: Upgrade your Data Science Virtual Machine to Ubuntu 20.04. Customers who deploy DSVMs using CLI or scripts may also need to update the DSVM version specified in their deployment parameters.

How could an attacker exploit this vulnerability?

An unauthenticated attacker could send a specially crafted request to the target machine to gain access to credentials of authorized users. This could enable an attacker to impersonate the user and perform any operations the compromised user is permitted to perform.

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain the privileges of the compromised user.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.