Publication Date: 2023/10/02 02:00 PM EDT
AWS is aware of CVE-2023-43654 and CVE-2022-1471 in PyTorch TorchServe versions 0.3.0 to 0.8.1, which use a version of the SnakeYAML v1.31 open source library. TorchServe version 0.8.2 resolves these issues. AWS recommends customers using PyTorch inference Deep Learning Containers (DLC) 1.13.1, 2.0.0, or 2.0.1 in EC2, EKS, or ECS released prior to September 11, 2023, update to TorchServe version 0.8.2.
Customers using PyTorch inference Deep Learning Containers (DLC) through Amazon SageMaker are not affected.
Customers can use the following new image tags to pull DLCs that ship with patched TorchServe version 0.8.2:
| x86 GPU | v1.9-pt-ec2-2.0.1-inf-gpu-py310 |
| x86 CPU | v1.8-pt-ec2-2.0.1-inf-cpu-py310 |
| Graviton | v1.7-pt-graviton-ec2-2.0.1-inf-cpu-py310 |
| Neuron | 1.13.1-neuron-py310-sdk2.13.2-ubuntu20.04 1.13.1-neuronx-py310-sdk2.13.2-ubuntu20.04 1.13.1-neuronx-py310-sdk2.13.2-ubuntu20.04 |
The full DLC image URI details can be found at: https://github.com/aws/deep-learning-containers/blob/master/available_images.md#available-deep-learning-containers-images.
We would like to thank Oligo Security for responsibly disclosing this issue and working with the PyTorch maintainers on its resolution.
If you have any questions or comments about this advisory, we ask that you contact AWS/Amazon Security via our vulnerability reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.