From 9a156d1c2ac9e7c2a82a7b96c8aac0e9df9885a9 Mon Sep 17 00:00:00 2001 From: Ziwen Ning Date: Wed, 1 May 2024 10:11:05 -0700 Subject: [PATCH] Add Dockerfiles for Neuron DLC with SDK 2.18.2 (#14) *Description of changes:* Add Dockerfiles for Neuron DLC with SDK 2.18.2 By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Ziwen Ning --- .../Dockerfile.neuron.cve_allowlist.json | 66 ++++++++----------- .../inference/1.13.1/Dockerfile.neuronx | 2 +- .../Dockerfile.neuronx.cve_allowlist.json | 66 ++++++++----------- .../inference/2.1.2/Dockerfile.neuronx | 2 +- .../Dockerfile.neuronx.cve_allowlist.json | 66 ++++++++----------- .../training/1.13.1/Dockerfile.neuronx | 2 +- .../Dockerfile.neuronx.cve_allowlist.json | 50 ++++++++++++++ .../pytorch/training/2.1.2/Dockerfile.neuronx | 2 +- .../Dockerfile.neuronx.cve_allowlist.json | 50 ++++++++++++++ 9 files changed, 191 insertions(+), 115 deletions(-) diff --git a/docker/pytorch/inference/1.13.1/Dockerfile.neuron.cve_allowlist.json b/docker/pytorch/inference/1.13.1/Dockerfile.neuron.cve_allowlist.json index 2ba4511..8ebcb7d 100644 --- a/docker/pytorch/inference/1.13.1/Dockerfile.neuron.cve_allowlist.json +++ b/docker/pytorch/inference/1.13.1/Dockerfile.neuron.cve_allowlist.json @@ -12,27 +12,27 @@ "source": "NVD", "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", "status": "ACTIVE", - "title": "CVE-2024-2511 - pyOpenSSL, cryptography", + "title": "CVE-2024-2511 - cryptography, pyOpenSSL", "vulnerability_id": "CVE-2024-2511", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA", - "name": "pyOpenSSL", + "filePath": "opt/conda/lib/python3.10/site-packages/cryptography-42.0.5.dist-info/METADATA", + "name": "cryptography", "packageManager": "PYTHONPKG", - "version": "24.0.0" + "version": "42.0.5" }, { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/cryptography-42.0.5.dist-info/METADATA", - "name": "cryptography", + "filePath": "opt/conda/lib/python3.10/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA", + "name": "pyOpenSSL", "packageManager": "PYTHONPKG", - "version": "42.0.5" + "version": "24.0.0" } ] }, - "GHSA-jjg7-2v4v-x38h": { - "description": "### Impact\nA specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service.\n\n### Patches\nThe function has been refined to reject such strings without the associated resource consumption in version 3.7.\n\n### Workarounds\nDomain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the `idna.encode()` function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.\n\n### References\n* https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb", + "CVE-2024-31580": { + "description": "PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.", "remediation": { "recommendation": { "text": "None Provided" @@ -40,52 +40,44 @@ }, "score": 0.0, "score_details": {}, - "severity": "MEDIUM", - "source": "GITHUB", - "source_url": "https://github.com/advisories/GHSA-jjg7-2v4v-x38h", + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31580", "status": "ACTIVE", - "title": "GHSA-jjg7-2v4v-x38h - idna", - "vulnerability_id": "GHSA-jjg7-2v4v-x38h", + "title": "CVE-2024-31580 - torch", + "vulnerability_id": "CVE-2024-31580", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/idna-3.6.dist-info/METADATA", - "name": "idna", + "filePath": "opt/conda/lib/python3.10/site-packages/torch-1.13.1.dist-info/METADATA", + "name": "torch", "packageManager": "PYTHONPKG", - "version": "3.6" + "version": "1.13.1" } ] }, - "SNYK-PYTHON-IDNA-6597975": { - "description": "## Overview\n\nAffected versions of this package are vulnerable to Resource Exhaustion via the `idna.encode` function. An attacker can consume significant resources and potentially cause a denial-of-service by supplying specially crafted arguments to this function. \r\n\r\n**Note:**\r\nThis is triggered by arbitrarily large inputs that would not occur in normal usage but may be passed to the library assuming there is no preliminary input validation by the higher-level application.\n## Remediation\nUpgrade `idna` to version 3.7 or higher.\n## References\n- [GitHub Commit](https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7)", + "CVE-2024-31583": { + "description": "Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.", "remediation": { "recommendation": { "text": "None Provided" } }, - "score": 6.2, - "score_details": { - "cvss": { - "adjustments": [], - "score": 6.2, - "scoreSource": "SNYK", - "scoringVector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "severity": "MEDIUM", - "source": "SNYK", - "source_url": "https://security.snyk.io/vuln/SNYK-PYTHON-IDNA-6597975", + "score": 0.0, + "score_details": {}, + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31583", "status": "ACTIVE", - "title": "IN1-PYTHON-IDNA-6597975 - idna", - "vulnerability_id": "SNYK-PYTHON-IDNA-6597975", + "title": "CVE-2024-31583 - torch", + "vulnerability_id": "CVE-2024-31583", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/idna-3.6.dist-info/METADATA", - "name": "idna", + "filePath": "opt/conda/lib/python3.10/site-packages/torch-1.13.1.dist-info/METADATA", + "name": "torch", "packageManager": "PYTHONPKG", - "version": "3.6" + "version": "1.13.1" } ] } diff --git a/docker/pytorch/inference/1.13.1/Dockerfile.neuronx b/docker/pytorch/inference/1.13.1/Dockerfile.neuronx index f635cea..027c00d 100644 --- a/docker/pytorch/inference/1.13.1/Dockerfile.neuronx +++ b/docker/pytorch/inference/1.13.1/Dockerfile.neuronx @@ -7,7 +7,7 @@ LABEL com.amazonaws.sagemaker.capabilities.accept-bind-to-port=true # Neuron SDK components version numbers ARG NEURONX_FRAMEWORK_VERSION=1.13.1.1.14.0 ARG NEURONX_DISTRIBUTED_VERSION=0.7.0 -ARG NEURONX_CC_VERSION=2.13.68.0 +ARG NEURONX_CC_VERSION=2.13.72.0 ARG NEURONX_TRANSFORMERS_VERSION=0.10.0.360 ARG NEURONX_COLLECTIVES_LIB_VERSION=2.20.22.0-c101c322e ARG NEURONX_RUNTIME_LIB_VERSION=2.20.22.0-1b3ca6425 diff --git a/docker/pytorch/inference/1.13.1/Dockerfile.neuronx.cve_allowlist.json b/docker/pytorch/inference/1.13.1/Dockerfile.neuronx.cve_allowlist.json index 2ba4511..8ebcb7d 100644 --- a/docker/pytorch/inference/1.13.1/Dockerfile.neuronx.cve_allowlist.json +++ b/docker/pytorch/inference/1.13.1/Dockerfile.neuronx.cve_allowlist.json @@ -12,27 +12,27 @@ "source": "NVD", "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", "status": "ACTIVE", - "title": "CVE-2024-2511 - pyOpenSSL, cryptography", + "title": "CVE-2024-2511 - cryptography, pyOpenSSL", "vulnerability_id": "CVE-2024-2511", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA", - "name": "pyOpenSSL", + "filePath": "opt/conda/lib/python3.10/site-packages/cryptography-42.0.5.dist-info/METADATA", + "name": "cryptography", "packageManager": "PYTHONPKG", - "version": "24.0.0" + "version": "42.0.5" }, { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/cryptography-42.0.5.dist-info/METADATA", - "name": "cryptography", + "filePath": "opt/conda/lib/python3.10/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA", + "name": "pyOpenSSL", "packageManager": "PYTHONPKG", - "version": "42.0.5" + "version": "24.0.0" } ] }, - "GHSA-jjg7-2v4v-x38h": { - "description": "### Impact\nA specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service.\n\n### Patches\nThe function has been refined to reject such strings without the associated resource consumption in version 3.7.\n\n### Workarounds\nDomain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the `idna.encode()` function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.\n\n### References\n* https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb", + "CVE-2024-31580": { + "description": "PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.", "remediation": { "recommendation": { "text": "None Provided" @@ -40,52 +40,44 @@ }, "score": 0.0, "score_details": {}, - "severity": "MEDIUM", - "source": "GITHUB", - "source_url": "https://github.com/advisories/GHSA-jjg7-2v4v-x38h", + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31580", "status": "ACTIVE", - "title": "GHSA-jjg7-2v4v-x38h - idna", - "vulnerability_id": "GHSA-jjg7-2v4v-x38h", + "title": "CVE-2024-31580 - torch", + "vulnerability_id": "CVE-2024-31580", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/idna-3.6.dist-info/METADATA", - "name": "idna", + "filePath": "opt/conda/lib/python3.10/site-packages/torch-1.13.1.dist-info/METADATA", + "name": "torch", "packageManager": "PYTHONPKG", - "version": "3.6" + "version": "1.13.1" } ] }, - "SNYK-PYTHON-IDNA-6597975": { - "description": "## Overview\n\nAffected versions of this package are vulnerable to Resource Exhaustion via the `idna.encode` function. An attacker can consume significant resources and potentially cause a denial-of-service by supplying specially crafted arguments to this function. \r\n\r\n**Note:**\r\nThis is triggered by arbitrarily large inputs that would not occur in normal usage but may be passed to the library assuming there is no preliminary input validation by the higher-level application.\n## Remediation\nUpgrade `idna` to version 3.7 or higher.\n## References\n- [GitHub Commit](https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7)", + "CVE-2024-31583": { + "description": "Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.", "remediation": { "recommendation": { "text": "None Provided" } }, - "score": 6.2, - "score_details": { - "cvss": { - "adjustments": [], - "score": 6.2, - "scoreSource": "SNYK", - "scoringVector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "severity": "MEDIUM", - "source": "SNYK", - "source_url": "https://security.snyk.io/vuln/SNYK-PYTHON-IDNA-6597975", + "score": 0.0, + "score_details": {}, + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31583", "status": "ACTIVE", - "title": "IN1-PYTHON-IDNA-6597975 - idna", - "vulnerability_id": "SNYK-PYTHON-IDNA-6597975", + "title": "CVE-2024-31583 - torch", + "vulnerability_id": "CVE-2024-31583", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/idna-3.6.dist-info/METADATA", - "name": "idna", + "filePath": "opt/conda/lib/python3.10/site-packages/torch-1.13.1.dist-info/METADATA", + "name": "torch", "packageManager": "PYTHONPKG", - "version": "3.6" + "version": "1.13.1" } ] } diff --git a/docker/pytorch/inference/2.1.2/Dockerfile.neuronx b/docker/pytorch/inference/2.1.2/Dockerfile.neuronx index c291bb4..45ee4be 100644 --- a/docker/pytorch/inference/2.1.2/Dockerfile.neuronx +++ b/docker/pytorch/inference/2.1.2/Dockerfile.neuronx @@ -6,7 +6,7 @@ LABEL com.amazonaws.sagemaker.capabilities.accept-bind-to-port=true # Neuron SDK components version numbers ARG NEURONX_DISTRIBUTED_VERSION=0.7.0 -ARG NEURONX_CC_VERSION=2.13.68.0 +ARG NEURONX_CC_VERSION=2.13.72.0 ARG NEURONX_FRAMEWORK_VERSION=2.1.2.2.1.0 ARG NEURONX_TRANSFORMERS_VERSION=0.10.0.360 ARG NEURONX_COLLECTIVES_LIB_VERSION=2.20.22.0-c101c322e diff --git a/docker/pytorch/inference/2.1.2/Dockerfile.neuronx.cve_allowlist.json b/docker/pytorch/inference/2.1.2/Dockerfile.neuronx.cve_allowlist.json index feb5473..13a6b82 100644 --- a/docker/pytorch/inference/2.1.2/Dockerfile.neuronx.cve_allowlist.json +++ b/docker/pytorch/inference/2.1.2/Dockerfile.neuronx.cve_allowlist.json @@ -12,27 +12,27 @@ "source": "NVD", "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", "status": "ACTIVE", - "title": "CVE-2024-2511 - cryptography, pyOpenSSL", + "title": "CVE-2024-2511 - pyOpenSSL, cryptography", "vulnerability_id": "CVE-2024-2511", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/cryptography-42.0.5.dist-info/METADATA", - "name": "cryptography", + "filePath": "opt/conda/lib/python3.10/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA", + "name": "pyOpenSSL", "packageManager": "PYTHONPKG", - "version": "42.0.5" + "version": "24.0.0" }, { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA", - "name": "pyOpenSSL", + "filePath": "opt/conda/lib/python3.10/site-packages/cryptography-42.0.5.dist-info/METADATA", + "name": "cryptography", "packageManager": "PYTHONPKG", - "version": "24.0.0" + "version": "42.0.5" } ] }, - "GHSA-jjg7-2v4v-x38h": { - "description": "### Impact\nA specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service.\n\n### Patches\nThe function has been refined to reject such strings without the associated resource consumption in version 3.7.\n\n### Workarounds\nDomain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the `idna.encode()` function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.\n\n### References\n* https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb", + "CVE-2024-31580": { + "description": "PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.", "remediation": { "recommendation": { "text": "None Provided" @@ -40,52 +40,44 @@ }, "score": 0.0, "score_details": {}, - "severity": "MEDIUM", - "source": "GITHUB", - "source_url": "https://github.com/advisories/GHSA-jjg7-2v4v-x38h", + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31580", "status": "ACTIVE", - "title": "GHSA-jjg7-2v4v-x38h - idna", - "vulnerability_id": "GHSA-jjg7-2v4v-x38h", + "title": "CVE-2024-31580 - torch", + "vulnerability_id": "CVE-2024-31580", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/idna-3.6.dist-info/METADATA", - "name": "idna", + "filePath": "opt/conda/lib/python3.10/site-packages/torch-2.1.2.dist-info/METADATA", + "name": "torch", "packageManager": "PYTHONPKG", - "version": "3.6" + "version": "2.1.2" } ] }, - "SNYK-PYTHON-IDNA-6597975": { - "description": "## Overview\n\nAffected versions of this package are vulnerable to Resource Exhaustion via the `idna.encode` function. An attacker can consume significant resources and potentially cause a denial-of-service by supplying specially crafted arguments to this function. \r\n\r\n**Note:**\r\nThis is triggered by arbitrarily large inputs that would not occur in normal usage but may be passed to the library assuming there is no preliminary input validation by the higher-level application.\n## Remediation\nUpgrade `idna` to version 3.7 or higher.\n## References\n- [GitHub Commit](https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7)", + "CVE-2024-31583": { + "description": "Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.", "remediation": { "recommendation": { "text": "None Provided" } }, - "score": 6.2, - "score_details": { - "cvss": { - "adjustments": [], - "score": 6.2, - "scoreSource": "SNYK", - "scoringVector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "severity": "MEDIUM", - "source": "SNYK", - "source_url": "https://security.snyk.io/vuln/SNYK-PYTHON-IDNA-6597975", + "score": 0.0, + "score_details": {}, + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31583", "status": "ACTIVE", - "title": "IN1-PYTHON-IDNA-6597975 - idna", - "vulnerability_id": "SNYK-PYTHON-IDNA-6597975", + "title": "CVE-2024-31583 - torch", + "vulnerability_id": "CVE-2024-31583", "vulnerable_packages": [ { "epoch": 0, - "filePath": "opt/conda/lib/python3.10/site-packages/idna-3.6.dist-info/METADATA", - "name": "idna", + "filePath": "opt/conda/lib/python3.10/site-packages/torch-2.1.2.dist-info/METADATA", + "name": "torch", "packageManager": "PYTHONPKG", - "version": "3.6" + "version": "2.1.2" } ] } diff --git a/docker/pytorch/training/1.13.1/Dockerfile.neuronx b/docker/pytorch/training/1.13.1/Dockerfile.neuronx index 34ec682..734c8f5 100644 --- a/docker/pytorch/training/1.13.1/Dockerfile.neuronx +++ b/docker/pytorch/training/1.13.1/Dockerfile.neuronx @@ -6,7 +6,7 @@ LABEL dlc_major_version="1" # Neuron SDK components version numbers ARG NEURONX_FRAMEWORK_VERSION=1.13.1.1.14.0 ARG NEURONX_DISTRIBUTED_VERSION=0.7.0 -ARG NEURONX_CC_VERSION=2.13.68.0 +ARG NEURONX_CC_VERSION=2.13.72.0 ARG NEURONX_COLLECTIVES_LIB_VERSION=2.20.22.0-c101c322e ARG NEURONX_RUNTIME_LIB_VERSION=2.20.22.0-1b3ca6425 ARG NEURONX_TOOLS_VERSION=2.17.1.0 diff --git a/docker/pytorch/training/1.13.1/Dockerfile.neuronx.cve_allowlist.json b/docker/pytorch/training/1.13.1/Dockerfile.neuronx.cve_allowlist.json index 6e64086..68bae57 100644 --- a/docker/pytorch/training/1.13.1/Dockerfile.neuronx.cve_allowlist.json +++ b/docker/pytorch/training/1.13.1/Dockerfile.neuronx.cve_allowlist.json @@ -24,6 +24,56 @@ } ] }, + "CVE-2024-31580": { + "description": "PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.", + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "score": 0.0, + "score_details": {}, + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31580", + "status": "ACTIVE", + "title": "CVE-2024-31580 - torch", + "vulnerability_id": "CVE-2024-31580", + "vulnerable_packages": [ + { + "epoch": 0, + "filePath": "usr/local/lib/python3.10/site-packages/torch-1.13.1.dist-info/METADATA", + "name": "torch", + "packageManager": "PYTHONPKG", + "version": "1.13.1" + } + ] + }, + "CVE-2024-31583": { + "description": "Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.", + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "score": 0.0, + "score_details": {}, + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31583", + "status": "ACTIVE", + "title": "CVE-2024-31583 - torch", + "vulnerability_id": "CVE-2024-31583", + "vulnerable_packages": [ + { + "epoch": 0, + "filePath": "usr/local/lib/python3.10/site-packages/torch-1.13.1.dist-info/METADATA", + "name": "torch", + "packageManager": "PYTHONPKG", + "version": "1.13.1" + } + ] + }, "CVE-2024-3568": { "description": "The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.", "remediation": { diff --git a/docker/pytorch/training/2.1.2/Dockerfile.neuronx b/docker/pytorch/training/2.1.2/Dockerfile.neuronx index 0fd9fff..59f5094 100644 --- a/docker/pytorch/training/2.1.2/Dockerfile.neuronx +++ b/docker/pytorch/training/2.1.2/Dockerfile.neuronx @@ -5,7 +5,7 @@ LABEL dlc_major_version="1" # Neuron SDK components version numbers ARG NEURONX_DISTRIBUTED_VERSION=0.7.0 -ARG NEURONX_CC_VERSION=2.13.68.0 +ARG NEURONX_CC_VERSION=2.13.72.0 ARG NEURONX_FRAMEWORK_VERSION=2.1.2.2.1.0 ARG NEURONX_COLLECTIVES_LIB_VERSION=2.20.22.0-c101c322e ARG NEURONX_RUNTIME_LIB_VERSION=2.20.22.0-1b3ca6425 diff --git a/docker/pytorch/training/2.1.2/Dockerfile.neuronx.cve_allowlist.json b/docker/pytorch/training/2.1.2/Dockerfile.neuronx.cve_allowlist.json index 6e64086..95a83f5 100644 --- a/docker/pytorch/training/2.1.2/Dockerfile.neuronx.cve_allowlist.json +++ b/docker/pytorch/training/2.1.2/Dockerfile.neuronx.cve_allowlist.json @@ -24,6 +24,56 @@ } ] }, + "CVE-2024-31580": { + "description": "PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.", + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "score": 0.0, + "score_details": {}, + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31580", + "status": "ACTIVE", + "title": "CVE-2024-31580 - torch", + "vulnerability_id": "CVE-2024-31580", + "vulnerable_packages": [ + { + "epoch": 0, + "filePath": "usr/local/lib/python3.10/site-packages/torch-2.1.2.dist-info/METADATA", + "name": "torch", + "packageManager": "PYTHONPKG", + "version": "2.1.2" + } + ] + }, + "CVE-2024-31583": { + "description": "Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.", + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "score": 0.0, + "score_details": {}, + "severity": "UNTRIAGED", + "source": "NVD", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31583", + "status": "ACTIVE", + "title": "CVE-2024-31583 - torch", + "vulnerability_id": "CVE-2024-31583", + "vulnerable_packages": [ + { + "epoch": 0, + "filePath": "usr/local/lib/python3.10/site-packages/torch-2.1.2.dist-info/METADATA", + "name": "torch", + "packageManager": "PYTHONPKG", + "version": "2.1.2" + } + ] + }, "CVE-2024-3568": { "description": "The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.", "remediation": {