-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Dockerfiles for Neuron DLC with SDK 2.18.0 (#9)
*Description of changes:* Add Dockerfiles for Neuron DLC with SDK 2.18.0 By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Ziwen Ning <[email protected]>
- Loading branch information
Showing
13 changed files
with
67 additions
and
1,041 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,2 @@ | ||
| .idea/ | ||
| .DS_Store |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
195 changes: 0 additions & 195 deletions
195
docker/pytorch/inference/1.13.1/Dockerfile.neuron.cve_allowlist.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,197 +1,2 @@ | ||
| { | ||
| "CVE-2023-51779": { | ||
| "description": "\n It was discovered that a race condition existed in the Bluetooth subsystem\n of the Linux kernel, leading to a use-after-free vulnerability. A local\n attacker could use this to cause a denial of service (system crash) or\n possibly execute arbitrary code.", | ||
| "remediation": { | ||
| "recommendation": { | ||
| "text": "None Provided" | ||
| } | ||
| }, | ||
| "score": 0.0, | ||
| "score_details": {}, | ||
| "severity": "MEDIUM", | ||
| "source": "UBUNTU_CVE", | ||
| "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-51779.html", | ||
| "status": "ACTIVE", | ||
| "title": "CVE-2023-51779 - linux", | ||
| "vulnerability_id": "CVE-2023-51779", | ||
| "vulnerable_packages": [ | ||
| { | ||
| "arch": "AMD64", | ||
| "epoch": 0, | ||
| "name": "linux", | ||
| "packageManager": "OS", | ||
| "release": "171.189", | ||
| "version": "5.4.0" | ||
| } | ||
| ] | ||
| }, | ||
| "CVE-2023-51780": { | ||
| "description": "\n It was discovered that a race condition existed in the ATM\n (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading\n to a use-after-free vulnerability. A local attacker could use this\n to cause a denial of service (system crash) or possibly execute\n arbitrary code.", | ||
| "remediation": { | ||
| "recommendation": { | ||
| "text": "None Provided" | ||
| } | ||
| }, | ||
| "score": 7.0, | ||
| "score_details": { | ||
| "cvss": { | ||
| "adjustments": [], | ||
| "score": 7.0, | ||
| "scoreSource": "UBUNTU_CVE", | ||
| "scoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "version": "3.1" | ||
| } | ||
| }, | ||
| "severity": "HIGH", | ||
| "source": "UBUNTU_CVE", | ||
| "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-51780.html", | ||
| "status": "ACTIVE", | ||
| "title": "CVE-2023-51780 - linux", | ||
| "vulnerability_id": "CVE-2023-51780", | ||
| "vulnerable_packages": [ | ||
| { | ||
| "arch": "AMD64", | ||
| "epoch": 0, | ||
| "name": "linux", | ||
| "packageManager": "OS", | ||
| "release": "171.189", | ||
| "version": "5.4.0" | ||
| } | ||
| ] | ||
| }, | ||
| "CVE-2023-51781": { | ||
| "description": "\n It was discovered that a race condition existed in the AppleTalk\n networking subsystem of the Linux kernel, leading to a use-after-free\n vulnerability. A local attacker could use this to cause a denial of\n service (system crash) or possibly execute arbitrary code.", | ||
| "remediation": { | ||
| "recommendation": { | ||
| "text": "None Provided" | ||
| } | ||
| }, | ||
| "score": 7.0, | ||
| "score_details": { | ||
| "cvss": { | ||
| "adjustments": [], | ||
| "score": 7.0, | ||
| "scoreSource": "UBUNTU_CVE", | ||
| "scoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "version": "3.1" | ||
| } | ||
| }, | ||
| "severity": "HIGH", | ||
| "source": "UBUNTU_CVE", | ||
| "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-51781.html", | ||
| "status": "ACTIVE", | ||
| "title": "CVE-2023-51781 - linux", | ||
| "vulnerability_id": "CVE-2023-51781", | ||
| "vulnerable_packages": [ | ||
| { | ||
| "arch": "AMD64", | ||
| "epoch": 0, | ||
| "name": "linux", | ||
| "packageManager": "OS", | ||
| "release": "171.189", | ||
| "version": "5.4.0" | ||
| } | ||
| ] | ||
| }, | ||
| "CVE-2023-51782": { | ||
| "description": "\n It was discovered that a race condition existed in the Rose X.25\n protocol implementation in the Linux kernel, leading to a use-after-\n free vulnerability. A local attacker could use this to cause a denial\n of service (system crash) or possibly execute arbitrary code.", | ||
| "remediation": { | ||
| "recommendation": { | ||
| "text": "None Provided" | ||
| } | ||
| }, | ||
| "score": 7.0, | ||
| "score_details": { | ||
| "cvss": { | ||
| "adjustments": [], | ||
| "score": 7.0, | ||
| "scoreSource": "UBUNTU_CVE", | ||
| "scoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "version": "3.1" | ||
| } | ||
| }, | ||
| "severity": "HIGH", | ||
| "source": "UBUNTU_CVE", | ||
| "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-51782.html", | ||
| "status": "ACTIVE", | ||
| "title": "CVE-2023-51782 - linux", | ||
| "vulnerability_id": "CVE-2023-51782", | ||
| "vulnerable_packages": [ | ||
| { | ||
| "arch": "AMD64", | ||
| "epoch": 0, | ||
| "name": "linux", | ||
| "packageManager": "OS", | ||
| "release": "171.189", | ||
| "version": "5.4.0" | ||
| } | ||
| ] | ||
| }, | ||
| "CVE-2023-6129": { | ||
| "description": "Issue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications running\non PowerPC CPU based platforms if the CPU provides vector instructions.\n\nImpact summary: If an attacker can influence whether the POLY1305 MAC\nalgorithm is used, the application state might be corrupted with various\napplication dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for\nPowerPC CPUs restores the contents of vector registers in a different order\nthan they are saved. Thus the contents of some of these vector registers\nare corrupted when returning to the caller. The vulnerable code is used only\non newer PowerPC processors supporting the PowerISA 2.07 instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where th", | ||
| "remediation": { | ||
| "recommendation": { | ||
| "text": "None Provided" | ||
| } | ||
| }, | ||
| "score": 6.5, | ||
| "score_details": { | ||
| "cvss": { | ||
| "adjustments": [], | ||
| "score": 6.5, | ||
| "scoreSource": "NVD", | ||
| "scoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", | ||
| "version": "3.1" | ||
| } | ||
| }, | ||
| "severity": "MEDIUM", | ||
| "source": "NVD", | ||
| "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129", | ||
| "status": "ACTIVE", | ||
| "title": "CVE-2023-6129 - pyOpenSSL", | ||
| "vulnerability_id": "CVE-2023-6129", | ||
| "vulnerable_packages": [ | ||
| { | ||
| "epoch": 0, | ||
| "filePath": "opt/conda/lib/python3.10/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA", | ||
| "name": "pyOpenSSL", | ||
| "packageManager": "PYTHONPKG", | ||
| "version": "24.0.0" | ||
| } | ||
| ] | ||
| }, | ||
| "CVE-2023-6915": { | ||
| "description": " A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.", | ||
| "remediation": { | ||
| "recommendation": { | ||
| "text": "None Provided" | ||
| } | ||
| }, | ||
| "score": 5.5, | ||
| "score_details": { | ||
| "cvss": { | ||
| "adjustments": [], | ||
| "score": 5.5, | ||
| "scoreSource": "UBUNTU_CVE", | ||
| "scoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", | ||
| "version": "3.1" | ||
| } | ||
| }, | ||
| "severity": "MEDIUM", | ||
| "source": "UBUNTU_CVE", | ||
| "source_url": "https://people.canonical.com/~ubuntu-security/cve/2023/CVE-2023-6915.html", | ||
| "status": "ACTIVE", | ||
| "title": "CVE-2023-6915 - linux", | ||
| "vulnerability_id": "CVE-2023-6915", | ||
| "vulnerable_packages": [ | ||
| { | ||
| "arch": "AMD64", | ||
| "epoch": 0, | ||
| "name": "linux", | ||
| "packageManager": "OS", | ||
| "release": "171.189", | ||
| "version": "5.4.0" | ||
| } | ||
| ] | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.