diff --git a/pytorch/inference/buildspec-arm64.yml b/pytorch/inference/buildspec-arm64.yml index 40dc6c936417..82cfaee1feb0 100644 --- a/pytorch/inference/buildspec-arm64.yml +++ b/pytorch/inference/buildspec-arm64.yml @@ -1 +1 @@ -buildspec_pointer: buildspec-arm64-2-6-ec2.yml +buildspec_pointer: buildspec-arm64-2-6-ec2.yml \ No newline at end of file diff --git a/pytorch/inference/docker/2.6/py3/Dockerfile.arm64.cpu b/pytorch/inference/docker/2.6/py3/Dockerfile.arm64.cpu index 3281081505e6..3af1e8b34153 100644 --- a/pytorch/inference/docker/2.6/py3/Dockerfile.arm64.cpu +++ b/pytorch/inference/docker/2.6/py3/Dockerfile.arm64.cpu @@ -190,7 +190,6 @@ RUN chmod +x /usr/local/bin/dockerd-entrypoint.py # add telemetry COPY deep_learning_container.py /usr/local/bin/deep_learning_container.py RUN chmod +x /usr/local/bin/deep_learning_container.py -# COPY sitecustomize.py /usr/local/lib/${PYTHON_SHORT_VERSION}/sitecustomize.py RUN HOME_DIR=/root \ && curl -o ${HOME_DIR}/oss_compliance.zip https://aws-dlinfra-utilities.s3.amazonaws.com/oss_compliance.zip \ diff --git a/pytorch/inference/docker/2.6/py3/Dockerfile.ec2.arm64.cpu.py_scan_allowlist.json b/pytorch/inference/docker/2.6/py3/Dockerfile.ec2.arm64.cpu.py_scan_allowlist.json new file mode 100644 index 000000000000..4882e42c6ceb --- /dev/null +++ b/pytorch/inference/docker/2.6/py3/Dockerfile.ec2.arm64.cpu.py_scan_allowlist.json @@ -0,0 +1,3 @@ +{ + "78828": "Affected versions of the PyTorch package are vulnerable to Denial of Service (DoS) due to improper handling in the MKLDNN pooling implementation. The torch.mkldnn_max_pool2d function fails to properly validate input parameters, allowing crafted inputs to trigger resource exhaustion or crashes in the underlying MKLDNN library. An attacker with local access can exploit this vulnerability by passing specially crafted tensor dimensions or parameters to the max pooling function, causing the application to become unresponsive or crash." +} diff --git a/pytorch/inference/docker/2.6/py3/cu124/Dockerfile.arm64.gpu b/pytorch/inference/docker/2.6/py3/cu124/Dockerfile.arm64.gpu index 83af40c0335f..4e350258dd11 100644 --- a/pytorch/inference/docker/2.6/py3/cu124/Dockerfile.arm64.gpu +++ b/pytorch/inference/docker/2.6/py3/cu124/Dockerfile.arm64.gpu @@ -173,6 +173,7 @@ RUN pip install --no-cache-dir \ boto3 \ scipy \ opencv-python \ + arrow==1.3.0 \ nvgpu \ numpy \ pyopenssl \ @@ -218,7 +219,6 @@ RUN chmod +x /usr/local/bin/dockerd-entrypoint.py # add telemetry COPY deep_learning_container.py /usr/local/bin/deep_learning_container.py -COPY sitecustomize.py /usr/local/lib/${PYTHON_SHORT_VERSION}/sitecustomize.py RUN chmod +x /usr/local/bin/deep_learning_container.py RUN HOME_DIR=/root \ diff --git a/pytorch/inference/docker/2.6/py3/cu124/Dockerfile.ec2.arm64.gpu.py_scan_allowlist.json b/pytorch/inference/docker/2.6/py3/cu124/Dockerfile.ec2.arm64.gpu.py_scan_allowlist.json new file mode 100644 index 000000000000..4882e42c6ceb --- /dev/null +++ b/pytorch/inference/docker/2.6/py3/cu124/Dockerfile.ec2.arm64.gpu.py_scan_allowlist.json @@ -0,0 +1,3 @@ +{ + "78828": "Affected versions of the PyTorch package are vulnerable to Denial of Service (DoS) due to improper handling in the MKLDNN pooling implementation. The torch.mkldnn_max_pool2d function fails to properly validate input parameters, allowing crafted inputs to trigger resource exhaustion or crashes in the underlying MKLDNN library. An attacker with local access can exploit this vulnerability by passing specially crafted tensor dimensions or parameters to the max pooling function, causing the application to become unresponsive or crash." +}