From 78679e1c7da76d0cdd3d24977f80324cff95114c Mon Sep 17 00:00:00 2001 From: Sirut Buasai <73297481+sirutBuasai@users.noreply.github.com> Date: Tue, 10 Dec 2024 10:25:56 -0800 Subject: [PATCH 1/3] Remove whitespace (#4458) --- release_images_training.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release_images_training.yml b/release_images_training.yml index 5c4c642db0b0..b4b8a5daab6e 100644 --- a/release_images_training.yml +++ b/release_images_training.yml @@ -76,4 +76,4 @@ release_images: cuda_version: "cu121" example: False disable_sm_tag: False - force_release: False \ No newline at end of file + force_release: False From ed09ea4108f840672b57563b0c0355a6b6f77dfc Mon Sep 17 00:00:00 2001 From: Siddharth Venkatesan Date: Tue, 10 Dec 2024 14:26:12 -0700 Subject: [PATCH 2/3] [djl] patch update for 0.27.0 deepspeed container (#4459) --- release_images_inference.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/release_images_inference.yml b/release_images_inference.yml index 478c21919e6a..1e24848094be 100644 --- a/release_images_inference.yml +++ b/release_images_inference.yml @@ -58,14 +58,14 @@ release_images: force_release: False 5: framework: "djl" - version: "0.31.0" + version: "0.27.0" arch_type: "x86" inference: device_types: [ "gpu" ] - python_versions: [ "py311" ] + python_versions: [ "py310" ] os_version: "ubuntu22.04" - lmi_version: "13.0.0" - cuda_version: "cu124" + deepspeed_version: "0.12.6" + cuda_version: "cu121" example: False disable_sm_tag: True force_release: False From 9cb4ebfcf2909006396371b6e0cbffb2f45fbeaf Mon Sep 17 00:00:00 2001 From: AWS Deep Learning Infrastructure <57232265+aws-dlinfra-bot@users.noreply.github.com> Date: Wed, 11 Dec 2024 14:32:04 -0800 Subject: [PATCH 3/3] Tensorflow-Inference-2.16.1-ec2 [Patch] (#4219) * update * update * update * update --------- Co-authored-by: arjkesh <33526713+arjkesh@users.noreply.github.com> --- .../Dockerfile.ec2.cpu.os_scan_allowlist.json | 700 +++++++++++++----- .../Dockerfile.ec2.cpu.overall_history.txt | 22 + .../Dockerfile.ec2.gpu.os_scan_allowlist.json | 700 +++++++++++++----- .../Dockerfile.ec2.gpu.overall_history.txt | 22 + 4 files changed, 1092 insertions(+), 352 deletions(-) create mode 100644 tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.overall_history.txt create mode 100644 tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.overall_history.txt diff --git a/tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.os_scan_allowlist.json b/tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.os_scan_allowlist.json index ca1a511ba81f..15998fdc0a92 100644 --- a/tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.os_scan_allowlist.json +++ b/tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.os_scan_allowlist.json @@ -1,178 +1,526 @@ { - "linux":[ - { - "description":" In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_p", - "vulnerability_id":"CVE-2024-26898", - "name":"CVE-2024-26898", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26898.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26898 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process.", - "vulnerability_id":"CVE-2024-27020", - "name":"CVE-2024-27020", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.0, - "cvss_v30_score":0.0, - "cvss_v31_score":7.0, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-27020.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-27020 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. The commit in the fixes tag actually attempted to fix this, but the fix did not account for the UB, so the fix only works on CPUs where an overflow does result in a neat truncation to zero, which is not guaranteed. Checking the value before rounding does not have this problem.", - "vulnerability_id":"CVE-2024-26883", - "name":"CVE-2024-26883", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26883.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26883 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device lock on an ancestor device: It calls usb_deauthorize_interface(), which locks the interface's parent USB device. The will lead to deadlock if another process already owns that lock and tries to remove the interface, whether through a configuration change or because the device has been disconnected. As part of the removal procedure, device_del() waits for all ongoing sysfs attribute callbacks to complete. But usb_deauthorize_interface() can't complete until the device lock has been released, and the lock won't be released until the removal has finished. The mechanism provided by sysfs to prevent this kind of deadlock is to use the sysfs_break_active_protection() function, which tells sysfs not to wait for the attribute callback. Reported", - "vulnerability_id":"CVE-2024-26934", - "name":"CVE-2024-26934", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26934.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26934 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\") 1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\") We have to save skb->network_header in a temporary variable in order to be able to recompute the network_header pointer after a pskb_inet_may_pull() call. pskb_inet_may_pull() makes sure the needed headers are in skb->head. syzbot reported: BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP_ECN_", - "vulnerability_id":"CVE-2024-26882", - "name":"CVE-2024-26882", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26882.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26882 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. So apply the same fix to hashtab, by moving the overflow check to before the roundup.", - "vulnerability_id":"CVE-2024-26884", - "name":"CVE-2024-26884", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26884.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26884 - linux", - "reason_to_ignore":"N/A" - } - ] + "linux": [ + { + "description": "In the Linux kernel, the following vulnerability has been resolved: greybus: Fix use-after-free bug in gb_interface_release due to race condition. In gb_interface_create, &intf->mode_switch_completion is bound with gb_interface_mode_switch_work. Then it will be started by gb_interface_request_mode_switch. Here is the relevant code. if (!queue_work(system_long_wq, &intf->mode_switch_work)) { ... } If we call gb_interface_release to make cleanup, there may be an unfinished work. This function will call kfree to free the object \"intf\". However, if gb_interface_mode_switch_work is scheduled to run after kfree, it may cause use-after-free error as gb_interface_mode_switch_work will use the object \"intf\". The possible execution flow that may lead to the issue is as follows: CPU0 CPU1 | gb_interface_create | gb_interface_request_mode_switch gb_interface_release | kfree(intf) (free) | | gb_interface_mode_switch_work | mutex_lock(&intf->mutex) (use) Fix it by canceling the work before kfree.", + "vulnerability_id": "CVE-2024-39495", + "name": "CVE-2024-39495", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-39495.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-39495 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. Commit fb6791d100d1b started exploiting this behavior to speed up filesystem unmount: gfs2 would simply free glocks it didn't want to unlock and then release the lockspace. This didn't take the bast callbacks for asynchronous lock contention notifications into account, which remain active until until a lock is unlocked or its lockspace is released. To prevent those callbacks from accessing deallocated objects, put the glocks that should not be unlocked on the sd_dead_glocks list, release the lockspace, and only then free those glocks. As an additional measure, ignore unexpected ast and bast callbacks if the receiving glock is dead.", + "vulnerability_id": "CVE-2024-38570", + "name": "CVE-2024-38570", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-38570.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-38570 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix double free in detach The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.", + "vulnerability_id": "CVE-2024-41046", + "name": "CVE-2024-41046", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-41046.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-41046 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcount_warn_saturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890 Comm: tun Not tainted 6.10.0-rc3-00100-gcaa4f9578aba-dirty #310 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 RIP: 0010:refcount_warn_saturate+0xdf/0x1d0 Code: 41 49 04 31 ff 89 de e8 9f 1e cd fe 84 db 75 9c e8 76 26 cd fe c6 05 b6 41 49 04 01 90 48 c7 c7 b8 8e 25 86 e8 d2 05 b5 fe 90 <0f> 0b 90 90 e9 79 ff ff ff e8 53 26 cd fe 0f b6 1 RSP: 0018:ffff8881067b7da0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c72ac RDX: ffff8881026a2140 RSI: ffffffff811c72b5 RDI: 0000000000000001 RBP: ffff8881067b7db0 R08: 0000000000000000 R09: 205b5d3730353139 R10: 0000000000000000 R11: 205d303938375420 R12: ffff8881086500c4 R13: ffff8881086500c4 R14: ffff8881086500", + "vulnerability_id": "CVE-2024-40958", + "name": "CVE-2024-40958", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-40958.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-40958 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).", + "vulnerability_id": "CVE-2024-42154", + "name": "CVE-2024-42154", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 9.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 9.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "CRITICAL", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42154.html", + "source": "UBUNTU_CVE", + "severity": "CRITICAL", + "status": "ACTIVE", + "title": "CVE-2024-42154 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which triggers a kernel bug in lru_add_fn(). As Jan Kara pointed out, this is because the link count of a metadata file gets corrupted to 0, and nilfs_evict_inode(), which is called from iput(), tries to delete that inode (ifile inode in this case). The inconsistency occurs because directories containing the inode numbers of these metadata files that should not be visible in the namespace are read without checking. Fix this issue by treating the inode numbers of these internal files as errors in the sanity check helper when reading directory folios/pages. Also thanks to Hillf Danton and Matthew Wilcox for their initial mm-layer analysis.", + "vulnerability_id": "CVE-2024-42104", + "name": "CVE-2024-42104", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42104.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42104 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code should always use *cpumask_var API(s) to allocate cpumask var in config-neutral way, leaving allocation strategy to CONFIG_CPUMASK_OFFSTACK. Use *cpumask_var API(s) to address it.", + "vulnerability_id": "CVE-2024-42094", + "name": "CVE-2024-42094", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42094.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42094 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 (\"net: dsa: mv88e6xxx: Support multiple MDIO busses\") mv88e6xxx_default_mdio_bus() has checked that the return value of list_first_entry() is non-NULL. This appears to be intended to guard against the list chip->mdios being empty. However, it is not the correct check as the implementation of list_first_entry is not designed to return NULL for empty lists. Instead, use list_first_entry_or_null() which does return NULL if the list is empty. Flagged by Smatch. Compile tested only.", + "vulnerability_id": "CVE-2024-42224", + "name": "CVE-2024-42224", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42224.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42224 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherwise, an out-of-bounds write will occur.", + "vulnerability_id": "CVE-2024-36978", + "name": "CVE-2024-36978", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-36978.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-36978 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its parent, ->i_rwsem exclusive on the parent's inode, rename_lock), but none of those are met at any of the sites. Take a stable snapshot of the name instead.", + "vulnerability_id": "CVE-2024-39494", + "name": "CVE-2024-39494", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-39494.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-39494 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001. V2: To really improve the handling we would actually need to have a separate value of 0xffffffff.(Christian)", + "vulnerability_id": "CVE-2024-42228", + "name": "CVE-2024-42228", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.0, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.0, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42228.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42228 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after-free may occur if a TMF sas_task is aborted before we handle the IO completion in mpi_ssp_completion(). The abort occurs due to timeout. When the timeout occurs, the SAS_TASK_STATE_ABORTED flag is set and the sas_task is freed in pm8001_exec_internal_tmf_task(). However, if the I/O completion occurs later, the I/O completion still thinks that the sas_task is available. Fix this by clearing the ccb->task if the TMF times out - the I/O completion handler does nothing if this pointer is cleared.", + "vulnerability_id": "CVE-2022-48791", + "name": "CVE-2022-48791", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-48791.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2022-48791 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "A out-of-bound vulnerability is found in the jfs subsystem. When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than the expected size, printing it out can cause an access off the end of the buffer. This may lead to system crash.", + "vulnerability_id": "CVE-2024-40902", + "name": "CVE-2024-40902", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-40902.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-40902 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to check validation of fault attrs in parse_options(), let's fix to add check condition in f2fs_build_fault_attr(). - Use f2fs_build_fault_attr() in __sbi_store() to clean up code.", + "vulnerability_id": "CVE-2024-42160", + "name": "CVE-2024-42160", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42160.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42160 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock. Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.", + "vulnerability_id": "CVE-2024-41049", + "name": "CVE-2024-41049", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-41049.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-41049 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will trigger a call to ata_host_release(). ata_host_release() calls kfree(host), so executing the kfree(host) in ata_host_alloc() will lead to a double free: kernel BUG at mm/slub.c:553! Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 11 PID: 599 Comm: (udev-worker) Not tainted 6.10.0-rc5 #47 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:kfree+0x2cf/0x2f0 Code: 5d 41 5e 41 5f 5d e9 80 d6 ff ff 4d 89 f1 41 b8 01 00 00 00 48 89 d9 48 89 da RSP: 0018:ffffc90000f377f0 EFLAGS: 00010246 RAX: ffff888112b1f2c0 RBX: ffff888112b1f2c0 RCX: ffff888112b1f320 RDX: 000000000000400b RSI: ffffffffc02c9de5 RDI: ffff888112b1f2c0 RBP: ffffc90000f37830 R08: 0000000000000000 R09: 0000000000000000 R10: ffffc9000", + "vulnerability_id": "CVE-2024-41087", + "name": "CVE-2024-41087", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-41087.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-41087 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->string is an empty string, newval->string+1 will point to the byte after the string, causing an out-of-bound read. BUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418 Read of size 1 at addr ffff8881119c4781 by task syz-executor665/8107 CPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:364 [inline] print_report+0xc1/0x5e0 mm/kasan/report.c:475 kasan_report+0xbe/0xf0 mm/kasan/report.c:588 strlen+0x7d/0xa0 lib/string.c:418 __fortify_strlen include/linux/fortify-string.h:210 [inline] in4_pton+0xa3/0x3f0 net/core/utils.c:130 bond_option_arp_ip_targets_set+0xc2/0x910 d", + "vulnerability_id": "CVE-2024-39487", + "name": "CVE-2024-39487", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.1, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.1, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-39487.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-39487 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code should always use *cpumask_var API(s) to allocate cpumask var in config-neutral way, leaving allocation strategy to CONFIG_CPUMASK_OFFSTACK. Use *cpumask_var API(s) to address it.", + "vulnerability_id": "CVE-2024-42093", + "name": "CVE-2024-42093", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42093.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42093 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + } + ] } \ No newline at end of file diff --git a/tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.overall_history.txt b/tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.overall_history.txt new file mode 100644 index 000000000000..1d535ba1d971 --- /dev/null +++ b/tensorflow/inference/docker/2.16/py3/Dockerfile.ec2.cpu.overall_history.txt @@ -0,0 +1,22 @@ +#### First image: sha256:3cee248fb5171ec8e75127f650b2257e6b091f1b20eeac800adae0ef5d3cf9c9 #### +#### Patch contents for patch-1: sha256:109e7b00696ae371b51e23d973e2d72721f2f5d818852d7caaf4b850be17f3f0 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade libgtk-3-0 linux-libc-dev +#### Patch contents for patch-2: sha256:57c0eea3c723f073d5b5df5101aa6dcf93a4911e6bb456e2ab972d1ec5a32401 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade libgtk-3-0 linux-libc-dev +#### Patch contents for patch-3: sha256:8e0fc469db41b2bd3e79fc98e4ffdbb864f9bae1ff4edb1930577e442038f045 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade imagemagick-6-common libgtk-3-0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 linux-libc-dev +#### Patch contents for patch-4: sha256:2a8c6c899820642d3b28a60359f36847877b2fb36867dd122b9073f67430ace4 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev +#### Patch contents for patch-5: sha256:49c315d3c7ca831cfce82285268661d39b8096e9ab3d145ec45fbec80d4c1668 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev +#### Patch contents for patch-6: sha256:3af14eeb8d144524f1b91e3cc4c4f623443d3361c6018a11227895be5b4fb2ca #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev +#### Current Patch contents #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev diff --git a/tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.os_scan_allowlist.json b/tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.os_scan_allowlist.json index c096fbd3b395..04d994ae380d 100644 --- a/tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.os_scan_allowlist.json +++ b/tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.os_scan_allowlist.json @@ -1,178 +1,526 @@ { - "linux":[ - { - "description":" In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\") 1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\") We have to save skb->network_header in a temporary variable in order to be able to recompute the network_header pointer after a pskb_inet_may_pull() call. pskb_inet_may_pull() makes sure the needed headers are in skb->head. syzbot reported: BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP_ECN_", - "vulnerability_id":"CVE-2024-26882", - "name":"CVE-2024-26882", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26882.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26882 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process.", - "vulnerability_id":"CVE-2024-27020", - "name":"CVE-2024-27020", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.0, - "cvss_v30_score":0.0, - "cvss_v31_score":7.0, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-27020.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-27020 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_p", - "vulnerability_id":"CVE-2024-26898", - "name":"CVE-2024-26898", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26898.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26898 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device lock on an ancestor device: It calls usb_deauthorize_interface(), which locks the interface's parent USB device. The will lead to deadlock if another process already owns that lock and tries to remove the interface, whether through a configuration change or because the device has been disconnected. As part of the removal procedure, device_del() waits for all ongoing sysfs attribute callbacks to complete. But usb_deauthorize_interface() can't complete until the device lock has been released, and the lock won't be released until the removal has finished. The mechanism provided by sysfs to prevent this kind of deadlock is to use the sysfs_break_active_protection() function, which tells sysfs not to wait for the attribute callback. Reported", - "vulnerability_id":"CVE-2024-26934", - "name":"CVE-2024-26934", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26934.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26934 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. The commit in the fixes tag actually attempted to fix this, but the fix did not account for the UB, so the fix only works on CPUs where an overflow does result in a neat truncation to zero, which is not guaranteed. Checking the value before rounding does not have this problem.", - "vulnerability_id":"CVE-2024-26883", - "name":"CVE-2024-26883", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26883.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26883 - linux", - "reason_to_ignore":"N/A" - }, - { - "description":" In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. So apply the same fix to hashtab, by moving the overflow check to before the roundup.", - "vulnerability_id":"CVE-2024-26884", - "name":"CVE-2024-26884", - "package_name":"linux", - "package_details":{ - "file_path":null, - "name":"linux", - "package_manager":"OS", - "version":"5.4.0", - "release":"187.207" - }, - "remediation":{ - "recommendation":{ - "text":"None Provided" - } - }, - "cvss_v3_score":7.8, - "cvss_v30_score":0.0, - "cvss_v31_score":7.8, - "cvss_v2_score":0.0, - "cvss_v3_severity":"HIGH", - "source_url":"https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-26884.html", - "source":"UBUNTU_CVE", - "severity":"HIGH", - "status":"ACTIVE", - "title":"CVE-2024-26884 - linux", - "reason_to_ignore":"N/A" - } - ] + "linux": [ + { + "description": "In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. Commit fb6791d100d1b started exploiting this behavior to speed up filesystem unmount: gfs2 would simply free glocks it didn't want to unlock and then release the lockspace. This didn't take the bast callbacks for asynchronous lock contention notifications into account, which remain active until until a lock is unlocked or its lockspace is released. To prevent those callbacks from accessing deallocated objects, put the glocks that should not be unlocked on the sd_dead_glocks list, release the lockspace, and only then free those glocks. As an additional measure, ignore unexpected ast and bast callbacks if the receiving glock is dead.", + "vulnerability_id": "CVE-2024-38570", + "name": "CVE-2024-38570", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-38570.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-38570 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which triggers a kernel bug in lru_add_fn(). As Jan Kara pointed out, this is because the link count of a metadata file gets corrupted to 0, and nilfs_evict_inode(), which is called from iput(), tries to delete that inode (ifile inode in this case). The inconsistency occurs because directories containing the inode numbers of these metadata files that should not be visible in the namespace are read without checking. Fix this issue by treating the inode numbers of these internal files as errors in the sanity check helper when reading directory folios/pages. Also thanks to Hillf Danton and Matthew Wilcox for their initial mm-layer analysis.", + "vulnerability_id": "CVE-2024-42104", + "name": "CVE-2024-42104", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42104.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42104 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).", + "vulnerability_id": "CVE-2024-42154", + "name": "CVE-2024-42154", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 9.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 9.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "CRITICAL", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42154.html", + "source": "UBUNTU_CVE", + "severity": "CRITICAL", + "status": "ACTIVE", + "title": "CVE-2024-42154 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcount_warn_saturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890 Comm: tun Not tainted 6.10.0-rc3-00100-gcaa4f9578aba-dirty #310 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 RIP: 0010:refcount_warn_saturate+0xdf/0x1d0 Code: 41 49 04 31 ff 89 de e8 9f 1e cd fe 84 db 75 9c e8 76 26 cd fe c6 05 b6 41 49 04 01 90 48 c7 c7 b8 8e 25 86 e8 d2 05 b5 fe 90 <0f> 0b 90 90 e9 79 ff ff ff e8 53 26 cd fe 0f b6 1 RSP: 0018:ffff8881067b7da0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c72ac RDX: ffff8881026a2140 RSI: ffffffff811c72b5 RDI: 0000000000000001 RBP: ffff8881067b7db0 R08: 0000000000000000 R09: 205b5d3730353139 R10: 0000000000000000 R11: 205d303938375420 R12: ffff8881086500c4 R13: ffff8881086500c4 R14: ffff8881086500", + "vulnerability_id": "CVE-2024-40958", + "name": "CVE-2024-40958", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-40958.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-40958 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code should always use *cpumask_var API(s) to allocate cpumask var in config-neutral way, leaving allocation strategy to CONFIG_CPUMASK_OFFSTACK. Use *cpumask_var API(s) to address it.", + "vulnerability_id": "CVE-2024-42094", + "name": "CVE-2024-42094", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42094.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42094 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code should always use *cpumask_var API(s) to allocate cpumask var in config-neutral way, leaving allocation strategy to CONFIG_CPUMASK_OFFSTACK. Use *cpumask_var API(s) to address it.", + "vulnerability_id": "CVE-2024-42093", + "name": "CVE-2024-42093", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42093.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42093 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its parent, ->i_rwsem exclusive on the parent's inode, rename_lock), but none of those are met at any of the sites. Take a stable snapshot of the name instead.", + "vulnerability_id": "CVE-2024-39494", + "name": "CVE-2024-39494", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-39494.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-39494 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "A out-of-bound vulnerability is found in the jfs subsystem. When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than the expected size, printing it out can cause an access off the end of the buffer. This may lead to system crash.", + "vulnerability_id": "CVE-2024-40902", + "name": "CVE-2024-40902", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-40902.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-40902 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherwise, an out-of-bounds write will occur.", + "vulnerability_id": "CVE-2024-36978", + "name": "CVE-2024-36978", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-36978.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-36978 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->string is an empty string, newval->string+1 will point to the byte after the string, causing an out-of-bound read. BUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418 Read of size 1 at addr ffff8881119c4781 by task syz-executor665/8107 CPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:364 [inline] print_report+0xc1/0x5e0 mm/kasan/report.c:475 kasan_report+0xbe/0xf0 mm/kasan/report.c:588 strlen+0x7d/0xa0 lib/string.c:418 __fortify_strlen include/linux/fortify-string.h:210 [inline] in4_pton+0xa3/0x3f0 net/core/utils.c:130 bond_option_arp_ip_targets_set+0xc2/0x910 d", + "vulnerability_id": "CVE-2024-39487", + "name": "CVE-2024-39487", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.1, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.1, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-39487.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-39487 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix double free in detach The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.", + "vulnerability_id": "CVE-2024-41046", + "name": "CVE-2024-41046", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-41046.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-41046 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001. V2: To really improve the handling we would actually need to have a separate value of 0xffffffff.(Christian)", + "vulnerability_id": "CVE-2024-42228", + "name": "CVE-2024-42228", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.0, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.0, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42228.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42228 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after-free may occur if a TMF sas_task is aborted before we handle the IO completion in mpi_ssp_completion(). The abort occurs due to timeout. When the timeout occurs, the SAS_TASK_STATE_ABORTED flag is set and the sas_task is freed in pm8001_exec_internal_tmf_task(). However, if the I/O completion occurs later, the I/O completion still thinks that the sas_task is available. Fix this by clearing the ccb->task if the TMF times out - the I/O completion handler does nothing if this pointer is cleared.", + "vulnerability_id": "CVE-2022-48791", + "name": "CVE-2022-48791", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-48791.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2022-48791 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 (\"net: dsa: mv88e6xxx: Support multiple MDIO busses\") mv88e6xxx_default_mdio_bus() has checked that the return value of list_first_entry() is non-NULL. This appears to be intended to guard against the list chip->mdios being empty. However, it is not the correct check as the implementation of list_first_entry is not designed to return NULL for empty lists. Instead, use list_first_entry_or_null() which does return NULL if the list is empty. Flagged by Smatch. Compile tested only.", + "vulnerability_id": "CVE-2024-42224", + "name": "CVE-2024-42224", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42224.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42224 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will trigger a call to ata_host_release(). ata_host_release() calls kfree(host), so executing the kfree(host) in ata_host_alloc() will lead to a double free: kernel BUG at mm/slub.c:553! Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 11 PID: 599 Comm: (udev-worker) Not tainted 6.10.0-rc5 #47 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:kfree+0x2cf/0x2f0 Code: 5d 41 5e 41 5f 5d e9 80 d6 ff ff 4d 89 f1 41 b8 01 00 00 00 48 89 d9 48 89 da RSP: 0018:ffffc90000f377f0 EFLAGS: 00010246 RAX: ffff888112b1f2c0 RBX: ffff888112b1f2c0 RCX: ffff888112b1f320 RDX: 000000000000400b RSI: ffffffffc02c9de5 RDI: ffff888112b1f2c0 RBP: ffffc90000f37830 R08: 0000000000000000 R09: 0000000000000000 R10: ffffc9000", + "vulnerability_id": "CVE-2024-41087", + "name": "CVE-2024-41087", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-41087.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-41087 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to check validation of fault attrs in parse_options(), let's fix to add check condition in f2fs_build_fault_attr(). - Use f2fs_build_fault_attr() in __sbi_store() to clean up code.", + "vulnerability_id": "CVE-2024-42160", + "name": "CVE-2024-42160", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-42160.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-42160 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock. Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.", + "vulnerability_id": "CVE-2024-41049", + "name": "CVE-2024-41049", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-41049.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-41049 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + }, + { + "description": "In the Linux kernel, the following vulnerability has been resolved: greybus: Fix use-after-free bug in gb_interface_release due to race condition. In gb_interface_create, &intf->mode_switch_completion is bound with gb_interface_mode_switch_work. Then it will be started by gb_interface_request_mode_switch. Here is the relevant code. if (!queue_work(system_long_wq, &intf->mode_switch_work)) { ... } If we call gb_interface_release to make cleanup, there may be an unfinished work. This function will call kfree to free the object \"intf\". However, if gb_interface_mode_switch_work is scheduled to run after kfree, it may cause use-after-free error as gb_interface_mode_switch_work will use the object \"intf\". The possible execution flow that may lead to the issue is as follows: CPU0 CPU1 | gb_interface_create | gb_interface_request_mode_switch gb_interface_release | kfree(intf) (free) | | gb_interface_mode_switch_work | mutex_lock(&intf->mutex) (use) Fix it by canceling the work before kfree.", + "vulnerability_id": "CVE-2024-39495", + "name": "CVE-2024-39495", + "package_name": "linux", + "package_details": { + "file_path": null, + "name": "linux", + "package_manager": "OS", + "version": "5.4.0", + "release": "193.213" + }, + "remediation": { + "recommendation": { + "text": "None Provided" + } + }, + "cvss_v3_score": 7.8, + "cvss_v30_score": 0.0, + "cvss_v31_score": 7.8, + "cvss_v2_score": 0.0, + "cvss_v3_severity": "HIGH", + "source_url": "https://people.canonical.com/~ubuntu-security/cve/2024/CVE-2024-39495.html", + "source": "UBUNTU_CVE", + "severity": "HIGH", + "status": "ACTIVE", + "title": "CVE-2024-39495 - linux", + "reason_to_ignore": "Package and its binaries cannot be upgraded further. Packages: linux-libc-dev have been upgraded." + } + ] } \ No newline at end of file diff --git a/tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.overall_history.txt b/tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.overall_history.txt new file mode 100644 index 000000000000..a319857eb528 --- /dev/null +++ b/tensorflow/inference/docker/2.16/py3/cu122/Dockerfile.ec2.gpu.overall_history.txt @@ -0,0 +1,22 @@ +#### First image: sha256:17ffd44b7c4988cfbf03f7f2029d529b1210aab70c35002efb099591ea9fc946 #### +#### Patch contents for patch-1: sha256:43683db4610a9fe0664e85adce6f264f2943af4c8928d47ee87275bab09d9e36 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade libgtk-3-0 linux-libc-dev +#### Patch contents for patch-2: sha256:7e52cb1d5d44e6ad711b4b29c61138b12d8c1bd0184d0bc528ecb792ad5043ee #### +echo N/A +apt-get update && apt-get install -y --only-upgrade libgtk-3-0 linux-libc-dev +#### Patch contents for patch-3: sha256:ac5bbe279a9d36751164332e541f94930e834d0b2201defc2b157b155ee44ca7 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade imagemagick-6-common libgtk-3-0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 linux-libc-dev +#### Patch contents for patch-4: sha256:bbaa5f80ba3cbccef9f0c2b72f504d77a3e29ad1bf3d89642d30f2cec7358edb #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev python3.8-minimal python3.8 +#### Patch contents for patch-5: sha256:9666b18491bb5e5a1cac7c80b019817ff7f22c14d5f66e193220afe0ef731f5f #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev python3.8-minimal python3.8 +#### Patch contents for patch-6: sha256:ab6e65d6f5e8ef34ab77c863e13417462d2e9825bb9f0353d9c4812c877c5373 #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev python3.8-minimal python3.8 +#### Current Patch contents #### +echo N/A +apt-get update && apt-get install -y --only-upgrade curl imagemagick-6-common libcurl3-gnutls libcurl4 libgssapi-krb5-2 libgtk-3-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libpython3.8-minimal libpython3.8-stdlib libpython3.8 libssl1.1 linux-libc-dev python3.8-minimal python3.8