What Happened
Jupyter Enterprise Gateway has a prohibited UID and GID feature that prevents launching kernels with UID or GID 0 (root) by default. However, this feature can be bypassed using a specially crafted `KERNEL_UID` or `KERNEL_GID` value.
Who Is Affected
Organisations running Jupyter Enterprise Gateway to host Jupyter Kernels on Kubernetes clusters, and possibly on other supported container orchestration systems or systems that utilise the `KERNEL_UID` and `KERNEL_GID` variables with the `EG_PROHIBITED_UIDS` and `EG_PROHIBITED_GIDS` feature.
Severity & Impact
This input validation vulnerability allows running Jupyter kernels as root, which can be dangerous as it allows more attack surface, and may lead to container escapes, compromising the worker node and all workloads running on it. Repeated exploitation can compromise all worker nodes, and thus the entire Kubernetes cluster.
Mitigation
No specific mitigation steps are provided in the source data.