The following describes all security bulletins related to Vertex AI.
To get the latest security bulletins delivered to you, do one of the following:
- Add the URL of this page to your feed reader.
Add the feed URL directly to your feed reader:
https://cloud.google.com/feeds/vertex-ai-security-bulletins.xml
GCP-2023-036
Published: 2023-10-30
Description | Severity | Notes |
---|---|---|
Deep Learning VM Images is a set of prepackaged virtual machine images with a deep learning framework that are ready to be run out of the box. Recently, an out-of-bounds write vulnerability was discovered in the `ReadHuffmanCodes()` function in the `libwebp` library. This might impact images that use this library. Google Cloud continuously scans its publicly published images and updates the packages to assure patched distros are included in the latest releases available for customer adoption. Deep Learning VM Images have been updated to ensure that the latest VM images include the patched distros. Customers adopting the latest VM images are not exposed to this vulnerability. What should I do? Google Cloud customers using published VM images should ensure that they are adopting the latest images and that their environments are up to date as per the shared responsibility model. CVE-2023-4863 could be exploited by an attacker to execute arbitrary code. This vulnerability was identified in Google Chrome prior to 116.0.5845.187 and in `libwebp` prior to 1.3.2 and is being listed under CVE-2023-4863. |
High | CVE-2023-4863 |
GCP-2023-029
Published: 2023-10-03
Description | Severity | Notes |
---|---|---|
TorchServe is used to host PyTorch machine learning models for online prediction. Vertex AI provides prebuilt PyTorch model serving containers which depend on TorchServe. Vulnerabilities were recently discovered in TorchServe which would allow an attacker to take control of a TorchServe deployment if its model management API is exposed. Customers with PyTorch models deployed to Vertex AI online prediction are not affected by these vulnerabilities, since Vertex AI does not expose TorchServe's model management API. Customers using TorchServe outside of Vertex AI should take precautions to ensure their deployments are set up securely. What should I do? Vertex AI customers with deployed models using Vertex AI's prebuilt PyTorch serving containers do not need to take any action to address the vulnerabilities, since Vertex AI's deployments do not expose TorchServe's management server to the internet. Customers who are using the prebuilt PyTorch containers in other contexts, or who are using a custom-built or third-party distribution of TorchServe, should do the following:
What vulnerabilities are being addressed? TorchServe's management API is bound to CVE-2023-43654 and CVE-2022-1471 allow a user with access to the management API to load models from arbitrary sources and remotely execute code. Mitigations for both of these issues are included in TorchServe 0.8.2: the remote code execution path is removed, and a warning is emitted if the default value for |
High | CVE-2023-43654, CVE-2022-1471 |