diff --git a/autogluon/inference/buildspec-1-1-1.yml b/autogluon/inference/buildspec-1-1-1.yml new file mode 100644 index 000000000000..80bc7ce48497 --- /dev/null +++ b/autogluon/inference/buildspec-1-1-1.yml @@ -0,0 +1,53 @@ +account_id: &ACCOUNT_ID +region: ®ION +framework: &FRAMEWORK autogluon +version: &VERSION 1.1.1 +short_version: &SHORT_VERSION 1.1 +arch_type: x86 + +repository_info: + inference_repository: &INFERENCE_REPOSITORY + image_type: &INFERENCE_IMAGE_TYPE inference + root: !join [ *FRAMEWORK, "/", *INFERENCE_IMAGE_TYPE ] + repository_name: &REPOSITORY_NAME !join [pr, "-", *FRAMEWORK, "-", *INFERENCE_IMAGE_TYPE] + repository: &REPOSITORY !join [ *ACCOUNT_ID, .dkr.ecr., *REGION, .amazonaws.com/, *REPOSITORY_NAME ] + +context: + inference_context: &INFERENCE_CONTEXT + torchserve-entrypoint: + source: ../build_artifacts/inference/torchserve-entrypoint.py + target: torchserve-entrypoint.py + config: + source: ../build_artifacts/inference/config.properties + target: config.properties + deep_learning_container: + source: ../../src/deep_learning_container.py + target: deep_learning_container.py + +images: + BuildAutogluonCPUInferencePy3DockerImage: + <<: *INFERENCE_REPOSITORY + build: &AUTOGLUON_CPU_INFERENCE_PY3 false + image_size_baseline: 6399 + device_type: &DEVICE_TYPE cpu + python_version: &DOCKER_PYTHON_VERSION py3 + tag_python_version: &TAG_PYTHON_VERSION py311 + os_version: &OS_VERSION ubuntu20.04 + tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION ] + docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /Dockerfile., *DEVICE_TYPE ] + context: + <<: *INFERENCE_CONTEXT + + BuildAutogluonGPUInferencePy3DockerImage: + <<: *INFERENCE_REPOSITORY + build: &AUTOGLUON_GPU_INFERENCE_PY3 false + image_size_baseline: 19456 + device_type: &DEVICE_TYPE gpu + python_version: &DOCKER_PYTHON_VERSION py3 + tag_python_version: &TAG_PYTHON_VERSION py311 + cuda_version: &CUDA_VERSION cu121 + os_version: &OS_VERSION ubuntu20.04 + tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *CUDA_VERSION, "-", *OS_VERSION ] + docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /, *CUDA_VERSION, /Dockerfile., *DEVICE_TYPE ] + context: + <<: *INFERENCE_CONTEXT diff --git a/autogluon/inference/buildspec.yml b/autogluon/inference/buildspec.yml index 80bc7ce48497..80eba81150e4 100644 --- a/autogluon/inference/buildspec.yml +++ b/autogluon/inference/buildspec.yml @@ -1,8 +1,8 @@ account_id: &ACCOUNT_ID region: ®ION framework: &FRAMEWORK autogluon -version: &VERSION 1.1.1 -short_version: &SHORT_VERSION 1.1 +version: &VERSION 1.2.0 +short_version: &SHORT_VERSION 1.2 arch_type: x86 repository_info: @@ -32,7 +32,7 @@ images: device_type: &DEVICE_TYPE cpu python_version: &DOCKER_PYTHON_VERSION py3 tag_python_version: &TAG_PYTHON_VERSION py311 - os_version: &OS_VERSION ubuntu20.04 + os_version: &OS_VERSION ubuntu22.04 tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION ] docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /Dockerfile., *DEVICE_TYPE ] context: @@ -45,8 +45,8 @@ images: device_type: &DEVICE_TYPE gpu python_version: &DOCKER_PYTHON_VERSION py3 tag_python_version: &TAG_PYTHON_VERSION py311 - cuda_version: &CUDA_VERSION cu121 - os_version: &OS_VERSION ubuntu20.04 + cuda_version: &CUDA_VERSION cu124 + os_version: &OS_VERSION ubuntu22.04 tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *CUDA_VERSION, "-", *OS_VERSION ] docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /, *CUDA_VERSION, /Dockerfile., *DEVICE_TYPE ] context: diff --git a/autogluon/inference/docker/1.2/py3/Dockerfile.cpu b/autogluon/inference/docker/1.2/py3/Dockerfile.cpu new file mode 100644 index 000000000000..fab325268bec --- /dev/null +++ b/autogluon/inference/docker/1.2/py3/Dockerfile.cpu @@ -0,0 +1,61 @@ +ARG PYTHON_VERSION=3.11.9 + +FROM 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-inference:2.5.1-cpu-py311-ubuntu22.04-sagemaker + +# Specify accept-bind-to-port LABEL for inference pipelines to use SAGEMAKER_BIND_TO_PORT +# https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-real-time.html +LABEL com.amazonaws.sagemaker.capabilities.accept-bind-to-port=true +# Specify multi-models LABEL to indicate container is capable of loading and serving multiple models concurrently +# https://docs.aws.amazon.com/sagemaker/latest/dg/build-multi-model-build-container.html +LABEL com.amazonaws.sagemaker.capabilities.multi-models=true + +LABEL maintainer="Amazon AI" +LABEL dlc_major_version="1" + +RUN apt-get update \ + && apt-get -y upgrade \ + && apt-get autoremove -y \ + && apt-get install tesseract-ocr -y \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +ARG AUTOGLUON_VERSION=1.2.0 + +# Upgrading pip and installing/updating Python dependencies +# Comments are added to explain the reason behind each update +RUN pip install --no-cache-dir -U --trusted-host pypi.org --trusted-host files.pythonhosted.org pip \ + && pip install --no-cache-dir -U wheel \ + && pip uninstall -y dataclasses \ + && pip install --no-cache-dir -U numpy numba \ + # Install AutoGluon, ensuring no vulnerable dependencies are left behind + && pip install --no-cache-dir -U autogluon==${AUTOGLUON_VERSION} \ + # Capping setuptools to 69.5.1 to fix AutoMM tests + && pip install --no-cache-dir setuptools==69.5.1 \ + # Update urllib3 to fix vulnerability id 71608 + && pip install --no-cache-dir -U urllib3 \ + # Cap pillow & ninja to fix sanity test + && pip install --no-cache-dir "pillow<11.0.0" \ + && pip install --no-cache-dir "ninja<1.11.1.1" + + + +# add TS entrypoint +COPY config.properties /home/model-server + +COPY torchserve-entrypoint.py /usr/local/bin/dockerd-entrypoint.py +RUN chmod +x /usr/local/bin/dockerd-entrypoint.py + +RUN HOME_DIR=/root \ + && curl -o ${HOME_DIR}/oss_compliance.zip https://aws-dlinfra-utilities.s3.amazonaws.com/oss_compliance.zip \ + && unzip -o ${HOME_DIR}/oss_compliance.zip -d ${HOME_DIR}/ \ + && cp ${HOME_DIR}/oss_compliance/test/testOSSCompliance /usr/local/bin/testOSSCompliance \ + && chmod +x /usr/local/bin/testOSSCompliance \ + && chmod +x ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh \ + && ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh ${HOME_DIR} python \ + && rm -rf ${HOME_DIR}/oss_compliance* + +RUN curl -o /licenses-autogluon.txt https://autogluon.s3.us-west-2.amazonaws.com/licenses/THIRD-PARTY-LICENSES.txt + +EXPOSE 8080 8081 +ENTRYPOINT ["python", "/usr/local/bin/dockerd-entrypoint.py"] +CMD ["torchserve", "--start", "--ts-config", "/home/model-server/config.properties", "--model-store", "/home/model-server/"] diff --git a/autogluon/inference/docker/1.2/py3/Dockerfile.cpu.os_scan_allowlist.json b/autogluon/inference/docker/1.2/py3/Dockerfile.cpu.os_scan_allowlist.json new file mode 100644 index 000000000000..9fc990ce687e --- /dev/null +++ b/autogluon/inference/docker/1.2/py3/Dockerfile.cpu.os_scan_allowlist.json @@ -0,0 +1,358 @@ +{ + "linux": [ + { + "description": " In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_p", + "vulnerability_id": "CVE-2024-26898", + "name": "CVE-2024-26898", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26898.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26898 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\") 1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\") We have to save skb->network_header in a temporary variable in order to be able to recompute the network_header pointer after a pskb_inet_may_pull() call. pskb_inet_may_pull() makes sure the needed headers are in skb->head. syzbot reported: BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP_ECN_", + "vulnerability_id": "CVE-2024-26882", + "name": "CVE-2024-26882", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26882.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26882 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. So apply the same fix to hashtab, by moving the overflow check to before the roundup.", + "vulnerability_id": "CVE-2024-26884", + "name": "CVE-2024-26884", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26884.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26884 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create contexts from server: BUG: unable to handle page fault for address: ffff8881178d8cc3 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 4a01067 P4D 4a01067 PUD 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 1736 Comm: mount.cifs Not tainted 6.7.0-rc4 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014 RIP: 0010:smb2_parse_contexts+0xa0/0x3a0 [cifs] Code: f8 10 75 13 48 b8 93 ad 25 50 9c b4 11 e7 49 39 06 0f 84 d2 00 00 00 8b 45 00 85 c0 74 61 41 29 c5 48 01 c5 41 83 fd 0f 76 55 <0f> b7 7d 04 0f b7 45 06 4c 8d 74 3d 00 66 83 f8 04 75 bc ba 04 00 RSP: 0018:ffffc900007939e0 EFLAGS: 00010216 RAX: ffffc90000793c78 RBX: ffff8880180cc000 RCX: fff", + "vulnerability_id": "CVE-2023-52434", + "name": "CVE-2023-52434", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8, + "cvss_v30_score": 0, + "cvss_v31_score": 8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52434.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52434 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in __mutex_lock+0xe5/0xc30 Read of size 8 at addr ffff8881094223f8 by task stress/7789 CPU: 0 PID: 7789 Comm: stress Not tainted 6.0.0-rc1-00002-g0d53d2e882f9 #3 Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 Call Trace: .. __mutex_lock+0xe5/0xc30 .. z_erofs_do_read_page+0x8ce/0x1560 .. z_erofs_readahead+0x31c/0x580 .. Freed by task 7787 kasan_save_stack+0x1e/0x40 kasan_set_track+0x20/0x30 kasan_set_free_info+0x20/0x40 __kasan_slab_free+0x10c/0x190 kmem_cache_free+0xed/0x380 rcu_core+0x3d5/0xc90 __do_softirq+0x12d/0x389 Last potentially related work creation: kasan_save_stack+0x1e/0x40 __kasan_record_aux_stack+0x97/0xb0 call_rcu+0x3d/0x3f0 erofs_shrink_workstation+0x11f/0x210 erofs_shrink_scan+0xdc/0x170 shrink_slab.co", + "vulnerability_id": "CVE-2022-48674", + "name": "CVE-2022-48674", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-48674.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2022-48674 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ses. This fixes the following GPF when reading from /proc/fs/cifs/DebugData while mounting and umounting [ 816.251274] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI ... [ 816.260138] Call Trace: [ 816.260329] [ 816.260499] ? die_addr+0x36/0x90 [ 816.260762] ? exc_general_protection+0x1b3/0x410 [ 816.261126] ? asm_exc_general_protection+0x26/0x30 [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs] [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs] [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs] [ 816.262689] ? seq_read_iter+0x379/0x470 [ 816.262995] seq_read_iter+0x118/0x470 [ 816.263291] proc_reg_read_iter+0x53/0x90 [ 816.263596] ? srso_alias_return_thunk+0x5", + "vulnerability_id": "CVE-2023-52752", + "name": "CVE-2023-52752", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52752.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52752 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets.", + "vulnerability_id": "CVE-2024-36971", + "name": "CVE-2024-36971", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-36971.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-36971 - linux", + "reason_to_ignore": "No fix provided" + } + ], + "ray": [ + { + "description": "Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment", + "vulnerability_id": "CVE-2023-48022", + "name": "CVE-2023-48022", + "package_name": "ray", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray-2.10.0.dist-info/METADATA", + "name": "ray", + "package_manager": "PYTHONPKG", + "version": "2.10.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 9.8, + "cvss_v30_score": 0, + "cvss_v31_score": 9.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "CRITICAL", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022", + "source": "NVD", + "severity": "CRITICAL", + "status": "ACTIVE", + "title": "CVE-2023-48022 - ray", + "reason_to_ignore": "fix not available yet, autogluon uses Ray < 2.11" + } + ], + "idna": [ + { + "description": "A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.", + "vulnerability_id": "CVE-2024-3651", + "name": "CVE-2024-3651", + "package_name": "idna", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray/_private/runtime_env/agent/thirdparty_files/idna-3.6.dist-info/METADATA", + "name": "idna", + "package_manager": "PYTHONPKG", + "version": "3.6", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.5, + "cvss_v30_score": 0, + "cvss_v31_score": 7.5, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3651", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-3651 - idna", + "reason_to_ignore": "this is as false positive as autogluon uses idna >=3.7" + } + ], + "transformers": [ + { + "description": "Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.", + "vulnerability_id": "CVE-2024-11393", + "name": "CVE-2024-11393", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11393", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11393 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.", + "vulnerability_id": "CVE-2024-11392", + "name": "CVE-2024-11392", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11392", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11392 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.", + "vulnerability_id": "CVE-2024-11394", + "name": "CVE-2024-11394", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11394", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11394 - transformers", + "reason_to_ignore": "N/A" + } + ] +} \ No newline at end of file diff --git a/autogluon/inference/docker/1.2/py3/Dockerfile.cpu.py_scan_allowlist.json b/autogluon/inference/docker/1.2/py3/Dockerfile.cpu.py_scan_allowlist.json new file mode 100644 index 000000000000..5e18d4ec0979 --- /dev/null +++ b/autogluon/inference/docker/1.2/py3/Dockerfile.cpu.py_scan_allowlist.json @@ -0,0 +1,6 @@ +{ + "72236": "setuptools - autogluon uses setuptools == 69.5.1", + "72089": "NLTK - autogluon uses nltk <= 3.8.1", + "65189": "Ray - autogluon uses ray <= 2.39.0", + "74439": "Tornado - parent base image uses tornado 6.4.1" +} \ No newline at end of file diff --git a/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu b/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu new file mode 100644 index 000000000000..5c77f97a0351 --- /dev/null +++ b/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu @@ -0,0 +1,62 @@ +ARG CUDA_VER=12.4 +ARG PYTHON_VERSION=3.11.9 + +FROM 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-inference:2.5.1-gpu-py311-cu124-ubuntu22.04-sagemaker + +# Specify accept-bind-to-port LABEL for inference pipelines to use SAGEMAKER_BIND_TO_PORT +# https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-real-time.html +LABEL com.amazonaws.sagemaker.capabilities.accept-bind-to-port=true +# Specify multi-models LABEL to indicate container is capable of loading and serving multiple models concurrently +# https://docs.aws.amazon.com/sagemaker/latest/dg/build-multi-model-build-container.html +LABEL com.amazonaws.sagemaker.capabilities.multi-models=true + +LABEL maintainer="Amazon AI" +LABEL dlc_major_version="1" + +RUN apt-get update \ + && apt-get -y upgrade \ + && apt-get autoremove -y \ + && apt-get install tesseract-ocr -y \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +ARG AUTOGLUON_VERSION=1.2.0 + + +# Upgrading pip and installing/updating Python dependencies +# Comments are added to explain the reason behind each update +RUN pip install --no-cache-dir -U --trusted-host pypi.org --trusted-host files.pythonhosted.org pip \ + # Update setuptools to a secure version that fixes CVE-2022-40897 + && pip install --no-cache-dir -U wheel \ + && pip uninstall -y dataclasses \ + && pip install --no-cache-dir -U numpy numba \ + && pip install --no-cache-dir -U autogluon==${AUTOGLUON_VERSION} \ + # Capping setuptools to 69.5.1 to fix AutoMM tests + && pip install --no-cache-dir setuptools==69.5.1 \ + # Update urllib3 to fix vulnerability id 71608 + && pip install --no-cache-dir -U urllib3 \ + # Cap pillow & ninja to fix sanity test + && pip install --no-cache-dir "pillow<11.0.0" \ + && pip install --no-cache-dir "ninja<1.11.1.1" + + +# add TS entrypoint +COPY config.properties /home/model-server + +COPY torchserve-entrypoint.py /usr/local/bin/dockerd-entrypoint.py +RUN chmod +x /usr/local/bin/dockerd-entrypoint.py + +RUN HOME_DIR=/root \ + && curl -o ${HOME_DIR}/oss_compliance.zip https://aws-dlinfra-utilities.s3.amazonaws.com/oss_compliance.zip \ + && unzip -o ${HOME_DIR}/oss_compliance.zip -d ${HOME_DIR}/ \ + && cp ${HOME_DIR}/oss_compliance/test/testOSSCompliance /usr/local/bin/testOSSCompliance \ + && chmod +x /usr/local/bin/testOSSCompliance \ + && chmod +x ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh \ + && ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh ${HOME_DIR} python \ + && rm -rf ${HOME_DIR}/oss_compliance* + +RUN curl -o /licenses-autogluon.txt https://autogluon.s3.us-west-2.amazonaws.com/licenses/THIRD-PARTY-LICENSES.txt + +EXPOSE 8080 8081 +ENTRYPOINT ["python", "/usr/local/bin/dockerd-entrypoint.py"] +CMD ["torchserve", "--start", "--ts-config", "/home/model-server/config.properties", "--model-store", "/home/model-server/"] \ No newline at end of file diff --git a/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu.os_scan_allowlist.json b/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu.os_scan_allowlist.json new file mode 100644 index 000000000000..40b6a48536b0 --- /dev/null +++ b/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu.os_scan_allowlist.json @@ -0,0 +1,358 @@ +{ + "linux": [ + { + "description": " In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. So apply the same fix to hashtab, by moving the overflow check to before the roundup.", + "vulnerability_id": "CVE-2024-26884", + "name": "CVE-2024-26884", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26884.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26884 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_p", + "vulnerability_id": "CVE-2024-26898", + "name": "CVE-2024-26898", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26898.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26898 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\") 1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\") We have to save skb->network_header in a temporary variable in order to be able to recompute the network_header pointer after a pskb_inet_may_pull() call. pskb_inet_may_pull() makes sure the needed headers are in skb->head. syzbot reported: BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP_ECN_", + "vulnerability_id": "CVE-2024-26882", + "name": "CVE-2024-26882", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26882.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26882 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create contexts from server: BUG: unable to handle page fault for address: ffff8881178d8cc3 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 4a01067 P4D 4a01067 PUD 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 1736 Comm: mount.cifs Not tainted 6.7.0-rc4 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014 RIP: 0010:smb2_parse_contexts+0xa0/0x3a0 [cifs] Code: f8 10 75 13 48 b8 93 ad 25 50 9c b4 11 e7 49 39 06 0f 84 d2 00 00 00 8b 45 00 85 c0 74 61 41 29 c5 48 01 c5 41 83 fd 0f 76 55 <0f> b7 7d 04 0f b7 45 06 4c 8d 74 3d 00 66 83 f8 04 75 bc ba 04 00 RSP: 0018:ffffc900007939e0 EFLAGS: 00010216 RAX: ffffc90000793c78 RBX: ffff8880180cc000 RCX: fff", + "vulnerability_id": "CVE-2023-52434", + "name": "CVE-2023-52434", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8, + "cvss_v30_score": 0, + "cvss_v31_score": 8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52434.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52434 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in __mutex_lock+0xe5/0xc30 Read of size 8 at addr ffff8881094223f8 by task stress/7789 CPU: 0 PID: 7789 Comm: stress Not tainted 6.0.0-rc1-00002-g0d53d2e882f9 #3 Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 Call Trace: .. __mutex_lock+0xe5/0xc30 .. z_erofs_do_read_page+0x8ce/0x1560 .. z_erofs_readahead+0x31c/0x580 .. Freed by task 7787 kasan_save_stack+0x1e/0x40 kasan_set_track+0x20/0x30 kasan_set_free_info+0x20/0x40 __kasan_slab_free+0x10c/0x190 kmem_cache_free+0xed/0x380 rcu_core+0x3d5/0xc90 __do_softirq+0x12d/0x389 Last potentially related work creation: kasan_save_stack+0x1e/0x40 __kasan_record_aux_stack+0x97/0xb0 call_rcu+0x3d/0x3f0 erofs_shrink_workstation+0x11f/0x210 erofs_shrink_scan+0xdc/0x170 shrink_slab.co", + "vulnerability_id": "CVE-2022-48674", + "name": "CVE-2022-48674", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-48674.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2022-48674 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ses. This fixes the following GPF when reading from /proc/fs/cifs/DebugData while mounting and umounting [ 816.251274] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI ... [ 816.260138] Call Trace: [ 816.260329] [ 816.260499] ? die_addr+0x36/0x90 [ 816.260762] ? exc_general_protection+0x1b3/0x410 [ 816.261126] ? asm_exc_general_protection+0x26/0x30 [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs] [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs] [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs] [ 816.262689] ? seq_read_iter+0x379/0x470 [ 816.262995] seq_read_iter+0x118/0x470 [ 816.263291] proc_reg_read_iter+0x53/0x90 [ 816.263596] ? srso_alias_return_thunk+0x5", + "vulnerability_id": "CVE-2023-52752", + "name": "CVE-2023-52752", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52752.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52752 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets.", + "vulnerability_id": "CVE-2024-36971", + "name": "CVE-2024-36971", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-36971.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-36971 - linux", + "reason_to_ignore": "No fix provided" + } + ], + "ray": [ + { + "description": "Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment", + "vulnerability_id": "CVE-2023-48022", + "name": "CVE-2023-48022", + "package_name": "ray", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray-2.10.0.dist-info/METADATA", + "name": "ray", + "package_manager": "PYTHONPKG", + "version": "2.10.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 9.8, + "cvss_v30_score": 0, + "cvss_v31_score": 9.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "CRITICAL", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022", + "source": "NVD", + "severity": "CRITICAL", + "status": "ACTIVE", + "title": "CVE-2023-48022 - ray", + "reason_to_ignore": "fix not available yet, autogluon uses Ray < 2.11" + } + ], + "idna": [ + { + "description": "A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.", + "vulnerability_id": "CVE-2024-3651", + "name": "CVE-2024-3651", + "package_name": "idna", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray/_private/runtime_env/agent/thirdparty_files/idna-3.6.dist-info/METADATA", + "name": "idna", + "package_manager": "PYTHONPKG", + "version": "3.6", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.5, + "cvss_v30_score": 0, + "cvss_v31_score": 7.5, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3651", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-3651 - idna", + "reason_to_ignore": "this is as false positive as autogluon uses idna >=3.7" + } + ], + "transformers": [ + { + "description": "Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.", + "vulnerability_id": "CVE-2024-11393", + "name": "CVE-2024-11393", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11393", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11393 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.", + "vulnerability_id": "CVE-2024-11392", + "name": "CVE-2024-11392", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11392", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11392 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.", + "vulnerability_id": "CVE-2024-11394", + "name": "CVE-2024-11394", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11394", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11394 - transformers", + "reason_to_ignore": "N/A" + } + ] +} \ No newline at end of file diff --git a/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu.py_scan_allowlist.json b/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu.py_scan_allowlist.json new file mode 100644 index 000000000000..5e18d4ec0979 --- /dev/null +++ b/autogluon/inference/docker/1.2/py3/cu124/Dockerfile.gpu.py_scan_allowlist.json @@ -0,0 +1,6 @@ +{ + "72236": "setuptools - autogluon uses setuptools == 69.5.1", + "72089": "NLTK - autogluon uses nltk <= 3.8.1", + "65189": "Ray - autogluon uses ray <= 2.39.0", + "74439": "Tornado - parent base image uses tornado 6.4.1" +} \ No newline at end of file diff --git a/autogluon/training/buildspec-1-1-1.yml b/autogluon/training/buildspec-1-1-1.yml new file mode 100644 index 000000000000..b696c6160994 --- /dev/null +++ b/autogluon/training/buildspec-1-1-1.yml @@ -0,0 +1,50 @@ +account_id: &ACCOUNT_ID +region: ®ION +framework: &FRAMEWORK autogluon +version: &VERSION 1.1.1 +short_version: &SHORT_VERSION 1.1 +arch_type: x86 + +repository_info: + training_repository: &TRAINING_REPOSITORY + image_type: &TRAINING_IMAGE_TYPE training + root: !join [ *FRAMEWORK, "/", *TRAINING_IMAGE_TYPE ] + repository_name: &REPOSITORY_NAME !join [pr, "-", *FRAMEWORK, "-", *TRAINING_IMAGE_TYPE] + repository: &REPOSITORY !join [ *ACCOUNT_ID, .dkr.ecr., *REGION, .amazonaws.com/, *REPOSITORY_NAME ] + +context: + training_context: &TRAINING_CONTEXT + entrypoint: + source: docker/artifacts/dockerd-entrypoint.py + target: dockerd-entrypoint.py + deep_learning_container: + source: ../../src/deep_learning_container.py + target: deep_learning_container.py + +images: + BuildAutogluonCPUTrainPy3DockerImage: + <<: *TRAINING_REPOSITORY + build: &AUTOGLUON_CPU_TRAINING_PY3 false + image_size_baseline: 6825 + device_type: &DEVICE_TYPE cpu + python_version: &DOCKER_PYTHON_VERSION py3 + tag_python_version: &TAG_PYTHON_VERSION py311 + os_version: &OS_VERSION ubuntu20.04 + tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION ] + docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /Dockerfile., *DEVICE_TYPE ] + context: + <<: *TRAINING_CONTEXT + + BuildAutogluonGPUTrainPy3DockerImage: + <<: *TRAINING_REPOSITORY + build: &AUTOGLUON_GPU_TRAINING_PY3 false + image_size_baseline: 21000 + device_type: &DEVICE_TYPE gpu + python_version: &DOCKER_PYTHON_VERSION py3 + tag_python_version: &TAG_PYTHON_VERSION py311 + cuda_version: &CUDA_VERSION cu121 + os_version: &OS_VERSION ubuntu20.04 + tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *CUDA_VERSION, "-", *OS_VERSION ] + docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /, *CUDA_VERSION, /Dockerfile., *DEVICE_TYPE ] + context: + <<: *TRAINING_CONTEXT diff --git a/autogluon/training/buildspec.yml b/autogluon/training/buildspec.yml index b696c6160994..1f2010cdc7cd 100644 --- a/autogluon/training/buildspec.yml +++ b/autogluon/training/buildspec.yml @@ -1,8 +1,8 @@ account_id: &ACCOUNT_ID region: ®ION framework: &FRAMEWORK autogluon -version: &VERSION 1.1.1 -short_version: &SHORT_VERSION 1.1 +version: &VERSION 1.2.0 +short_version: &SHORT_VERSION 1.2 arch_type: x86 repository_info: @@ -29,7 +29,7 @@ images: device_type: &DEVICE_TYPE cpu python_version: &DOCKER_PYTHON_VERSION py3 tag_python_version: &TAG_PYTHON_VERSION py311 - os_version: &OS_VERSION ubuntu20.04 + os_version: &OS_VERSION ubuntu22.04 tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION ] docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /Dockerfile., *DEVICE_TYPE ] context: @@ -42,8 +42,8 @@ images: device_type: &DEVICE_TYPE gpu python_version: &DOCKER_PYTHON_VERSION py3 tag_python_version: &TAG_PYTHON_VERSION py311 - cuda_version: &CUDA_VERSION cu121 - os_version: &OS_VERSION ubuntu20.04 + cuda_version: &CUDA_VERSION cu124 + os_version: &OS_VERSION ubuntu22.04 tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *CUDA_VERSION, "-", *OS_VERSION ] docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /, *CUDA_VERSION, /Dockerfile., *DEVICE_TYPE ] context: diff --git a/autogluon/training/docker/1.2/py3/Dockerfile.cpu b/autogluon/training/docker/1.2/py3/Dockerfile.cpu new file mode 100644 index 000000000000..bc9aee5fb0ac --- /dev/null +++ b/autogluon/training/docker/1.2/py3/Dockerfile.cpu @@ -0,0 +1,55 @@ +ARG PYTHON_VERSION=3.11.9 + +FROM 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-training:2.5.1-cpu-py311-ubuntu22.04-sagemaker + +# PYTORCH_SKIP_CUDNN_COMPATIBILITY_CHECK - see https://github.com/autogluon/autogluon/issues/2534 +# ENV PYTORCH_SKIP_CUDNN_COMPATIBILITY_CHECK=1 + +LABEL maintainer="Amazon AI" +LABEL dlc_major_version="1" + +# Install dependencies +RUN apt-get update \ + && apt-get -y upgrade \ + && apt-get install -y --no-install-recommends \ + && apt-get autoremove -y \ + # Install tesseract-ocr to support automm document classification + && apt-get install tesseract-ocr -y \ + # Install rsync to support ray distributed training + && apt-get install rsync -y \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +ARG AUTOGLUON_VERSION=1.2.0 + +# Upgrading pip and installing/updating Python dependencies +# Comments are added to explain the reason behind each update +RUN pip install --no-cache-dir -U --trusted-host pypi.org --trusted-host files.pythonhosted.org pip \ + && pip install --no-cache-dir -U wheel \ + && pip install --no-cache-dir -U numpy numba \ + && pip install --no-cache-dir -U autogluon==${AUTOGLUON_VERSION} \ + # Capping setuptools to 69.5.1 to fix AutoMM tests + && pip install --no-cache-dir setuptools==69.5.1 \ + # update idna to a secure version that fixes vulnerability id 67895 + && pip install --no-cache-dir -U idna>=3.7.0 \ + # Cap pillow & ninja to fix sanity test + && pip install --no-cache-dir "pillow<11.0.0" \ + && pip install --no-cache-dir "ninja<1.11.1.1" \ + # Fix pip test + && pip install --no-cache-dir "datasets<3.1.0" \ + && pip install --no-cache-dir "pathos<0.3.3" + + +RUN HOME_DIR=/root \ + && curl -o ${HOME_DIR}/oss_compliance.zip https://aws-dlinfra-utilities.s3.amazonaws.com/oss_compliance.zip \ + && unzip -o ${HOME_DIR}/oss_compliance.zip -d ${HOME_DIR}/ \ + && cp ${HOME_DIR}/oss_compliance/test/testOSSCompliance /usr/local/bin/testOSSCompliance \ + && chmod +x /usr/local/bin/testOSSCompliance \ + && chmod +x ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh \ + && ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh ${HOME_DIR} python \ + && rm -rf ${HOME_DIR}/oss_compliance* \ + && rm -rf /tmp/tmp* + +RUN curl -o /licenses-autogluon.txt https://autogluon.s3.us-west-2.amazonaws.com/licenses/THIRD-PARTY-LICENSES.txt + +CMD ["/bin/bash"] diff --git a/autogluon/training/docker/1.2/py3/Dockerfile.cpu.os_scan_allowlist.json b/autogluon/training/docker/1.2/py3/Dockerfile.cpu.os_scan_allowlist.json new file mode 100644 index 000000000000..4abba9950bf1 --- /dev/null +++ b/autogluon/training/docker/1.2/py3/Dockerfile.cpu.os_scan_allowlist.json @@ -0,0 +1,358 @@ +{ + "linux": [ + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\") 1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\") We have to save skb->network_header in a temporary variable in order to be able to recompute the network_header pointer after a pskb_inet_may_pull() call. pskb_inet_may_pull() makes sure the needed headers are in skb->head. syzbot reported: BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP_ECN_", + "vulnerability_id": "CVE-2024-26882", + "name": "CVE-2024-26882", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26882.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26882 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_p", + "vulnerability_id": "CVE-2024-26898", + "name": "CVE-2024-26898", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26898.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26898 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. So apply the same fix to hashtab, by moving the overflow check to before the roundup.", + "vulnerability_id": "CVE-2024-26884", + "name": "CVE-2024-26884", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26884.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26884 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create contexts from server: BUG: unable to handle page fault for address: ffff8881178d8cc3 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 4a01067 P4D 4a01067 PUD 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 1736 Comm: mount.cifs Not tainted 6.7.0-rc4 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014 RIP: 0010:smb2_parse_contexts+0xa0/0x3a0 [cifs] Code: f8 10 75 13 48 b8 93 ad 25 50 9c b4 11 e7 49 39 06 0f 84 d2 00 00 00 8b 45 00 85 c0 74 61 41 29 c5 48 01 c5 41 83 fd 0f 76 55 <0f> b7 7d 04 0f b7 45 06 4c 8d 74 3d 00 66 83 f8 04 75 bc ba 04 00 RSP: 0018:ffffc900007939e0 EFLAGS: 00010216 RAX: ffffc90000793c78 RBX: ffff8880180cc000 RCX: fff", + "vulnerability_id": "CVE-2023-52434", + "name": "CVE-2023-52434", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8, + "cvss_v30_score": 0, + "cvss_v31_score": 8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52434.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52434 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in __mutex_lock+0xe5/0xc30 Read of size 8 at addr ffff8881094223f8 by task stress/7789 CPU: 0 PID: 7789 Comm: stress Not tainted 6.0.0-rc1-00002-g0d53d2e882f9 #3 Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 Call Trace: .. __mutex_lock+0xe5/0xc30 .. z_erofs_do_read_page+0x8ce/0x1560 .. z_erofs_readahead+0x31c/0x580 .. Freed by task 7787 kasan_save_stack+0x1e/0x40 kasan_set_track+0x20/0x30 kasan_set_free_info+0x20/0x40 __kasan_slab_free+0x10c/0x190 kmem_cache_free+0xed/0x380 rcu_core+0x3d5/0xc90 __do_softirq+0x12d/0x389 Last potentially related work creation: kasan_save_stack+0x1e/0x40 __kasan_record_aux_stack+0x97/0xb0 call_rcu+0x3d/0x3f0 erofs_shrink_workstation+0x11f/0x210 erofs_shrink_scan+0xdc/0x170 shrink_slab.co", + "vulnerability_id": "CVE-2022-48674", + "name": "CVE-2022-48674", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-48674.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2022-48674 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ses. This fixes the following GPF when reading from /proc/fs/cifs/DebugData while mounting and umounting [ 816.251274] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI ... [ 816.260138] Call Trace: [ 816.260329] [ 816.260499] ? die_addr+0x36/0x90 [ 816.260762] ? exc_general_protection+0x1b3/0x410 [ 816.261126] ? asm_exc_general_protection+0x26/0x30 [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs] [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs] [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs] [ 816.262689] ? seq_read_iter+0x379/0x470 [ 816.262995] seq_read_iter+0x118/0x470 [ 816.263291] proc_reg_read_iter+0x53/0x90 [ 816.263596] ? srso_alias_return_thunk+0x5", + "vulnerability_id": "CVE-2023-52752", + "name": "CVE-2023-52752", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52752.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52752 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets.", + "vulnerability_id": "CVE-2024-36971", + "name": "CVE-2024-36971", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-36971.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-36971 - linux", + "reason_to_ignore": "No fix provided" + } + ], + "ray": [ + { + "description": "Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment", + "vulnerability_id": "CVE-2023-48022", + "name": "CVE-2023-48022", + "package_name": "ray", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray-2.10.0.dist-info/METADATA", + "name": "ray", + "package_manager": "PYTHONPKG", + "version": "2.10.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 9.8, + "cvss_v30_score": 0, + "cvss_v31_score": 9.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "CRITICAL", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022", + "source": "NVD", + "severity": "CRITICAL", + "status": "ACTIVE", + "title": "CVE-2023-48022 - ray", + "reason_to_ignore": "fix not available yet, autogluon uses Ray < 2.11" + } + ], + "idna": [ + { + "description": "A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.", + "vulnerability_id": "CVE-2024-3651", + "name": "CVE-2024-3651", + "package_name": "idna", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray/_private/runtime_env/agent/thirdparty_files/idna-3.6.dist-info/METADATA", + "name": "idna", + "package_manager": "PYTHONPKG", + "version": "3.6", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.5, + "cvss_v30_score": 0, + "cvss_v31_score": 7.5, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3651", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-3651 - idna", + "reason_to_ignore": "this is as false positive as autogluon uses idna >=3.7" + } + ], + "transformers": [ + { + "description": "Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.", + "vulnerability_id": "CVE-2024-11393", + "name": "CVE-2024-11393", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11393", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11393 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.", + "vulnerability_id": "CVE-2024-11392", + "name": "CVE-2024-11392", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11392", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11392 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.", + "vulnerability_id": "CVE-2024-11394", + "name": "CVE-2024-11394", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11394", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11394 - transformers", + "reason_to_ignore": "N/A" + } + ] +} \ No newline at end of file diff --git a/autogluon/training/docker/1.2/py3/Dockerfile.cpu.py_scan_allowlist.json b/autogluon/training/docker/1.2/py3/Dockerfile.cpu.py_scan_allowlist.json new file mode 100644 index 000000000000..47a4a8decddb --- /dev/null +++ b/autogluon/training/docker/1.2/py3/Dockerfile.cpu.py_scan_allowlist.json @@ -0,0 +1,14 @@ +{ + "72236": "setuptools - autogluon uses setuptools == 69.5.1", + "72089": "NLTK - autogluon uses nltk <= 3.8.1", + "65189": "Ray - autogluon uses ray <= 2.39.0", + "71579": "mlflow - parent image uses mlflow <= 2.18.0", + "71587": "mlflow - parent image uses mlflow <= 2.18.0", + "71693": "mlflow - parent image uses mlflow <= 2.18.0", + "71578": "mlflow - parent image uses mlflow <= 2.18.0", + "71577": "mlflow - parent image uses mlflow <= 2.18.0", + "71692": "mlflow - parent image uses mlflow <= 2.18.0", + "71584": "mlflow - parent image uses mlflow <= 2.18.0", + "71589": "mlflow - parent image uses mlflow <= 2.18.0", + "74439": "Tornado - parent base image uses tornado 6.4.1" +} \ No newline at end of file diff --git a/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu b/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu new file mode 100644 index 000000000000..d65f30b80546 --- /dev/null +++ b/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu @@ -0,0 +1,54 @@ +ARG CUDA_VER=12.4 +ARG PYTHON_VERSION=3.11.9 + +FROM 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-training:2.5.1-gpu-py311-cu124-ubuntu22.04-sagemaker + +LABEL maintainer="Amazon AI" +LABEL dlc_major_version="1" + +RUN apt-get update \ + && apt-get -y upgrade \ + && apt-get install -y --no-install-recommends \ + && apt-get autoremove -y \ + # Install tesseract-ocr to support automm document classification + && apt-get install tesseract-ocr -y \ + # Install rsync to support ray distributed training + && apt-get install rsync -y \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* \ + && rm -rf /tmp/* + +ARG AUTOGLUON_VERSION=1.2.0 + + +# Upgrading pip and installing/updating Python dependencies +# Comments are added to explain the reason behind each update +RUN pip install --no-cache-dir -U --trusted-host pypi.org --trusted-host files.pythonhosted.org pip \ + && pip install --no-cache-dir -U wheel \ + && pip install --no-cache-dir -U numpy numba \ + && pip install --no-cache-dir -U autogluon==${AUTOGLUON_VERSION} \ + # Capping setuptools to 69.5.1 to fix AutoMM tests + && pip install --no-cache-dir setuptools==69.5.1 \ + # update idna to a secure version that fixes vulnerability id 67895 + && pip install --no-cache-dir -U idna>=3.7.0 \ + # Cap pillow & ninja to fix sanity test + && pip install --no-cache-dir "pillow<11.0.0" \ + && pip install --no-cache-dir "ninja<1.11.1.1" \ + # Fix pip test + && pip install --no-cache-dir "datasets<3.1.0" \ + && pip install --no-cache-dir "pathos<0.3.3" + + +RUN HOME_DIR=/root \ + && curl -o ${HOME_DIR}/oss_compliance.zip https://aws-dlinfra-utilities.s3.amazonaws.com/oss_compliance.zip \ + && unzip -o ${HOME_DIR}/oss_compliance.zip -d ${HOME_DIR}/ \ + && cp ${HOME_DIR}/oss_compliance/test/testOSSCompliance /usr/local/bin/testOSSCompliance \ + && chmod +x /usr/local/bin/testOSSCompliance \ + && chmod +x ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh \ + && ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh ${HOME_DIR} python \ + && rm -rf ${HOME_DIR}/oss_compliance* + +RUN curl -o /licenses-autogluon.txt https://autogluon.s3.us-west-2.amazonaws.com/licenses/THIRD-PARTY-LICENSES.txt + +CMD ["/bin/bash"] + diff --git a/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu.os_scan_allowlist.json b/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu.os_scan_allowlist.json new file mode 100644 index 000000000000..9fc990ce687e --- /dev/null +++ b/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu.os_scan_allowlist.json @@ -0,0 +1,358 @@ +{ + "linux": [ + { + "description": " In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_p", + "vulnerability_id": "CVE-2024-26898", + "name": "CVE-2024-26898", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26898.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26898 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\") 1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\") We have to save skb->network_header in a temporary variable in order to be able to recompute the network_header pointer after a pskb_inet_may_pull() call. pskb_inet_may_pull() makes sure the needed headers are in skb->head. syzbot reported: BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP_ECN_", + "vulnerability_id": "CVE-2024-26882", + "name": "CVE-2024-26882", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26882.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26882 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. So apply the same fix to hashtab, by moving the overflow check to before the roundup.", + "vulnerability_id": "CVE-2024-26884", + "name": "CVE-2024-26884", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "187.207" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26884.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-26884 - linux", + "reason_to_ignore": "vulnerability from Linux kernel 5.4.0 in base image" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create contexts from server: BUG: unable to handle page fault for address: ffff8881178d8cc3 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 4a01067 P4D 4a01067 PUD 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 1736 Comm: mount.cifs Not tainted 6.7.0-rc4 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014 RIP: 0010:smb2_parse_contexts+0xa0/0x3a0 [cifs] Code: f8 10 75 13 48 b8 93 ad 25 50 9c b4 11 e7 49 39 06 0f 84 d2 00 00 00 8b 45 00 85 c0 74 61 41 29 c5 48 01 c5 41 83 fd 0f 76 55 <0f> b7 7d 04 0f b7 45 06 4c 8d 74 3d 00 66 83 f8 04 75 bc ba 04 00 RSP: 0018:ffffc900007939e0 EFLAGS: 00010216 RAX: ffffc90000793c78 RBX: ffff8880180cc000 RCX: fff", + "vulnerability_id": "CVE-2023-52434", + "name": "CVE-2023-52434", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8, + "cvss_v30_score": 0, + "cvss_v31_score": 8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52434.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52434 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in __mutex_lock+0xe5/0xc30 Read of size 8 at addr ffff8881094223f8 by task stress/7789 CPU: 0 PID: 7789 Comm: stress Not tainted 6.0.0-rc1-00002-g0d53d2e882f9 #3 Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 Call Trace: .. __mutex_lock+0xe5/0xc30 .. z_erofs_do_read_page+0x8ce/0x1560 .. z_erofs_readahead+0x31c/0x580 .. Freed by task 7787 kasan_save_stack+0x1e/0x40 kasan_set_track+0x20/0x30 kasan_set_free_info+0x20/0x40 __kasan_slab_free+0x10c/0x190 kmem_cache_free+0xed/0x380 rcu_core+0x3d5/0xc90 __do_softirq+0x12d/0x389 Last potentially related work creation: kasan_save_stack+0x1e/0x40 __kasan_record_aux_stack+0x97/0xb0 call_rcu+0x3d/0x3f0 erofs_shrink_workstation+0x11f/0x210 erofs_shrink_scan+0xdc/0x170 shrink_slab.co", + "vulnerability_id": "CVE-2022-48674", + "name": "CVE-2022-48674", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-48674.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2022-48674 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ses. This fixes the following GPF when reading from /proc/fs/cifs/DebugData while mounting and umounting [ 816.251274] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI ... [ 816.260138] Call Trace: [ 816.260329] [ 816.260499] ? die_addr+0x36/0x90 [ 816.260762] ? exc_general_protection+0x1b3/0x410 [ 816.261126] ? asm_exc_general_protection+0x26/0x30 [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs] [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs] [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs] [ 816.262689] ? seq_read_iter+0x379/0x470 [ 816.262995] seq_read_iter+0x118/0x470 [ 816.263291] proc_reg_read_iter+0x53/0x90 [ 816.263596] ? srso_alias_return_thunk+0x5", + "vulnerability_id": "CVE-2023-52752", + "name": "CVE-2023-52752", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-52752.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2023-52752 - linux", + "reason_to_ignore": "No fix provided" + }, + { + "description": " In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets.", + "vulnerability_id": "CVE-2024-36971", + "name": "CVE-2024-36971", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "190.210" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-36971.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-36971 - linux", + "reason_to_ignore": "No fix provided" + } + ], + "ray": [ + { + "description": "Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment", + "vulnerability_id": "CVE-2023-48022", + "name": "CVE-2023-48022", + "package_name": "ray", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray-2.10.0.dist-info/METADATA", + "name": "ray", + "package_manager": "PYTHONPKG", + "version": "2.10.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 9.8, + "cvss_v30_score": 0, + "cvss_v31_score": 9.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "CRITICAL", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022", + "source": "NVD", + "severity": "CRITICAL", + "status": "ACTIVE", + "title": "CVE-2023-48022 - ray", + "reason_to_ignore": "fix not available yet, autogluon uses Ray < 2.11" + } + ], + "idna": [ + { + "description": "A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.", + "vulnerability_id": "CVE-2024-3651", + "name": "CVE-2024-3651", + "package_name": "idna", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/ray/_private/runtime_env/agent/thirdparty_files/idna-3.6.dist-info/METADATA", + "name": "idna", + "package_manager": "PYTHONPKG", + "version": "3.6", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.5, + "cvss_v30_score": 0, + "cvss_v31_score": 7.5, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3651", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-3651 - idna", + "reason_to_ignore": "this is as false positive as autogluon uses idna >=3.7" + } + ], + "transformers": [ + { + "description": "Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.", + "vulnerability_id": "CVE-2024-11393", + "name": "CVE-2024-11393", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11393", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11393 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.", + "vulnerability_id": "CVE-2024-11392", + "name": "CVE-2024-11392", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11392", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11392 - transformers", + "reason_to_ignore": "N/A" + }, + { + "description": "Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.", + "vulnerability_id": "CVE-2024-11394", + "name": "CVE-2024-11394", + "package_name": "transformers", + "package_details": { + "file_path": "opt/conda/lib/python3.11/site-packages/transformers-4.47.0.dist-info/METADATA", + "name": "transformers", + "package_manager": "PYTHONPKG", + "version": "4.47.0", + "release": null + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 8.8, + "cvss_v30_score": 0, + "cvss_v31_score": 8.8, + "cvss_v2_score": 0, + "cvss_v3_severity": "HIGH", + "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11394", + "source": "NVD", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-11394 - transformers", + "reason_to_ignore": "N/A" + } + ] +} \ No newline at end of file diff --git a/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu.py_scan_allowlist.json b/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu.py_scan_allowlist.json new file mode 100644 index 000000000000..47a4a8decddb --- /dev/null +++ b/autogluon/training/docker/1.2/py3/cu124/Dockerfile.gpu.py_scan_allowlist.json @@ -0,0 +1,14 @@ +{ + "72236": "setuptools - autogluon uses setuptools == 69.5.1", + "72089": "NLTK - autogluon uses nltk <= 3.8.1", + "65189": "Ray - autogluon uses ray <= 2.39.0", + "71579": "mlflow - parent image uses mlflow <= 2.18.0", + "71587": "mlflow - parent image uses mlflow <= 2.18.0", + "71693": "mlflow - parent image uses mlflow <= 2.18.0", + "71578": "mlflow - parent image uses mlflow <= 2.18.0", + "71577": "mlflow - parent image uses mlflow <= 2.18.0", + "71692": "mlflow - parent image uses mlflow <= 2.18.0", + "71584": "mlflow - parent image uses mlflow <= 2.18.0", + "71589": "mlflow - parent image uses mlflow <= 2.18.0", + "74439": "Tornado - parent base image uses tornado 6.4.1" +} \ No newline at end of file diff --git a/test/dlc_tests/sanity/test_pre_release.py b/test/dlc_tests/sanity/test_pre_release.py index eadbb39a6fd5..c700fa5630c3 100644 --- a/test/dlc_tests/sanity/test_pre_release.py +++ b/test/dlc_tests/sanity/test_pre_release.py @@ -373,6 +373,10 @@ def test_framework_version_cpu(image): # '0.3.2': '0.3.1', } version_to_check = versions_map.get(tag_framework_version, tag_framework_version) + # Exception for AutoGluon v1.2 as __version__ is displayed as 1.2 instead of 1.2.0 + # will be removed once we remove support for v1.2 + if output == "1.2": + output = "1.2.0" assert output.startswith(version_to_check) # Habana v1.2 binary does not follow the X.Y.Z+cpu naming convention elif "habana" not in image_repo_name: diff --git a/test/sagemaker_tests/autogluon/inference/conftest.py b/test/sagemaker_tests/autogluon/inference/conftest.py index 923092f336bd..ea42d7108b2c 100644 --- a/test/sagemaker_tests/autogluon/inference/conftest.py +++ b/test/sagemaker_tests/autogluon/inference/conftest.py @@ -87,7 +87,7 @@ def pytest_addoption(parser): parser.addoption("--docker-base-name", default="autogluon") parser.addoption("--region", default="us-west-2") parser.addoption("--framework-version", default="") - parser.addoption("--py-version", choices=["38", "39", "310", "311"], default="311") + parser.addoption("--py-version", choices=["39", "310", "311"], default="311") parser.addoption("--processor", choices=["gpu", "cpu"], default="cpu") # If not specified, will default to {framework-version}-{processor}-py{py-version} diff --git a/test/sagemaker_tests/autogluon/inference/resources/model/model_1.2.0.tar.gz b/test/sagemaker_tests/autogluon/inference/resources/model/model_1.2.0.tar.gz new file mode 100644 index 000000000000..b07b8346f4c2 Binary files /dev/null and b/test/sagemaker_tests/autogluon/inference/resources/model/model_1.2.0.tar.gz differ diff --git a/test/sagemaker_tests/autogluon/training/conftest.py b/test/sagemaker_tests/autogluon/training/conftest.py index 3d5fd51b4d17..234767ef9495 100644 --- a/test/sagemaker_tests/autogluon/training/conftest.py +++ b/test/sagemaker_tests/autogluon/training/conftest.py @@ -91,7 +91,7 @@ def pytest_addoption(parser): parser.addoption("--docker-base-name", default="autogluon") parser.addoption("--region", default="us-west-2") parser.addoption("--framework-version", default="") - parser.addoption("--py-version", choices=["38", "39", "310", "311"], default="311") + parser.addoption("--py-version", choices=["39", "310", "311"], default="311") parser.addoption("--processor", choices=["gpu", "cpu"], default="cpu") # If not specified, will default to {framework-version}-{processor}-py{py-version}