update EFA version for pytorch 2.4 training (#5048)

Author: junpuf

dlc_developer_config.toml

@@ -72,12 +72,15 @@ ec2_benchmark_tests = false
 ### These tests are run in EC2 test jobs, so ec2_tests must be true if ec2_tests_on_heavy_instances is true.
 ### Off by default (set to false)
 ec2_tests_on_heavy_instances = false
+
 ### SM specific tests
 ### On by default
 sagemaker_local_tests = true
+
 ### Set enable_ipv6 = true to run tests with IPv6-enabled resources
 ### Off by default (set to false)
 enable_ipv6 = false
+
 ### Set the VPC name to be used for IPv6 testing, this variable is empty by default
 ### To create an IPv6-enabled VPC and its related resources:
 ### 1. Follow this AWS doc: https://docs.aws.amazon.com/vpc/latest/userguide/create-vpc.html#create-vpc-and-other-resources

pytorch/training/buildspec-2-4-ec2.yml

@@ -5,7 +5,7 @@ framework: &FRAMEWORK pytorch
 version: &VERSION 2.4.0
 short_version: &SHORT_VERSION "2.4"
 arch_type: x86
-autopatch_build: "True"
+autopatch_build: "False"
 
 repository_info:
   training_repository: &TRAINING_REPOSITORY

pytorch/training/docker/2.4/py3/Dockerfile.cpu

@@ -166,15 +166,20 @@ RUN /opt/conda/bin/mamba install -y -c conda-forge \
     fsspec \
     "idna>=3.7" \
     "tqdm>=4.66.3" \
-    "requests>=2.32.0" \
-    "setuptools>=70.0.0" \
-    "urllib3<2" \
+    "requests>=2.32.4" \
+    "setuptools>=78.1.1" \
+    "urllib3==2.5.0" \
     "awscli<2" \
+    "pip>=25.0" \
  && /opt/conda/bin/mamba clean -afy \
  && rm -rf /etc/apt/sources.list.d/*
 
 # Install common pip packages (in case of conda package is not available)
-RUN pip install --no-cache-dir opencv-python mpi4py
+RUN pip install --no-cache-dir \
+    # pin numpy version
+    "numpy<2" \
+    opencv-python \
+    mpi4py
 
 RUN curl -o /license.txt https://aws-dlc-licenses.s3.amazonaws.com/pytorch-2.4/license.txt
 
@@ -217,9 +222,9 @@ RUN pip install --no-cache-dir -U \
     ${TORCHAUDIO_URL} \
     ${TORCHTEXT_URL} \
     torchtnt \
-    s3torchconnector \
-    fastai \
-    accelerate \
+    "s3torchconnector==1.2.6" \
+    "fastai==2.7.18" \
+    "accelerate==1.0.1" \
     # pin numpy requirement for fastai dependency
     # requires explicit declaration of spacy, thic, blis
     spacy \

pytorch/training/docker/2.4/py3/Dockerfile.ec2.cpu.core_packages.json

@@ -43,7 +43,7 @@
     "version_specifier": ">=70.0.0"
   },
   "urllib3": {
-    "version_specifier": "<2"
+    "version_specifier": "==2.5.0"
   },
   "awscli": {
     "version_specifier": "<2"

pytorch/training/docker/2.4/py3/Dockerfile.ec2.cpu.os_scan_allowlist.json

@@ -27,7 +27,7 @@
       "severity": "CRITICAL",
       "status": "ACTIVE",
       "title": "CVE-2025-32434 - torch",
-      "reason_to_ignore": "this container is specifically pytorch 2.5.x so we can’t upgrade to 2.6"
+      "reason_to_ignore": "this container is specifically pytorch 2.4.x so we cant upgrade to later minor versions"
     },
     {
       "description": "PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0.",
@@ -57,6 +57,35 @@
       "status": "ACTIVE",
       "title": "CVE-2025-32434 - torch",
       "reason_to_ignore": "N/A"
+    },
+    {
+      "description": "In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing.",
+      "vulnerability_id": "CVE-2024-48063",
+      "name": "CVE-2024-48063",
+      "package_name": "torch",
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/torch-2.4.0+cpu.dist-info/METADATA",
+        "name": "torch",
+        "package_manager": "PYTHON",
+        "version": "2.4.0+cpu",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 9.8,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 9.8,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "CRITICAL",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48063",
+      "source": "NVD",
+      "severity": "CRITICAL",
+      "status": "ACTIVE",
+      "title": "CVE-2024-48063 - torch",
+      "reason_to_ignore": "this container is specifically pytorch 2.4.x so we cant upgrade to later minor versions"
     }
   ],
   "jupyter_core": [
@@ -89,5 +118,36 @@
       "title": "CVE-2025-30167 - jupyter_core",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "libgdk-pixbuf-2.0-0": [
+    {
+      "description": "A flaw exists in gdk\u2011pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib\u2019s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.",
+      "vulnerability_id": "CVE-2025-7345",
+      "name": "CVE-2025-7345",
+      "package_name": "libgdk-pixbuf-2.0-0",
+      "package_details": {
+        "file_path": null,
+        "name": "libgdk-pixbuf-2.0-0",
+        "package_manager": "OS",
+        "version": "2.42.8+dfsg",
+        "release": "1ubuntu0.3"
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 7.5,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 7.5,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-7345.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-7345 - libgdk-pixbuf-2.0-0",
+      "reason_to_ignore": "No fix"
+    }
   ]
 }

pytorch/training/docker/2.4/py3/Dockerfile.sagemaker.cpu.os_scan_allowlist.json

@@ -57,6 +57,35 @@
       "status": "ACTIVE",
       "title": "CVE-2025-32434 - torch",
       "reason_to_ignore": "N/A"
+    },
+    {
+      "description": "In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing.",
+      "vulnerability_id": "CVE-2024-48063",
+      "name": "CVE-2024-48063",
+      "package_name": "torch",
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/torch-2.4.0+cpu.dist-info/METADATA",
+        "name": "torch",
+        "package_manager": "PYTHON",
+        "version": "2.4.0+cpu",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 9.8,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 9.8,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "CRITICAL",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48063",
+      "source": "NVD",
+      "severity": "CRITICAL",
+      "status": "ACTIVE",
+      "title": "CVE-2024-48063 - torch",
+      "reason_to_ignore": "this container is specifically pytorch 2.4.x so we cant upgrade to later minor versions"
     }
   ],
   "libxml2": [
@@ -149,5 +178,36 @@
       "title": "CVE-2025-30167 - jupyter_core",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "libgdk-pixbuf-2.0-0": [
+    {
+      "description": "A flaw exists in gdk\u2011pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib\u2019s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.",
+      "vulnerability_id": "CVE-2025-7345",
+      "name": "CVE-2025-7345",
+      "package_name": "libgdk-pixbuf-2.0-0",
+      "package_details": {
+        "file_path": null,
+        "name": "libgdk-pixbuf-2.0-0",
+        "package_manager": "OS",
+        "version": "2.42.8+dfsg",
+        "release": "1ubuntu0.3"
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 7.5,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 7.5,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-7345.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-7345 - libgdk-pixbuf-2.0-0",
+      "reason_to_ignore": "No fix"
+    }
   ]
 }

pytorch/training/docker/2.4/py3/cu124/Dockerfile.ec2.gpu.core_packages.json

@@ -47,12 +47,15 @@
     "version_specifier": ">=70.0.0"
   },
   "urllib3": {
-    "version_specifier": "<2"
+    "version_specifier": "==2.5.0"
   },
   "awscli": {
     "version_specifier": "<2"
   },
   "numpy": {
     "version_specifier": "<2"
+  },
+  "triton": {
+    "version_specifier": "==3.1.0"
   }
 }

pytorch/training/docker/2.4/py3/cu124/Dockerfile.ec2.gpu.os_scan_allowlist.json

@@ -906,6 +906,35 @@
       "status": "ACTIVE",
       "title": "CVE-2025-32434 - torch",
       "reason_to_ignore": "N/A"
+    },
+    {
+      "description": "In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing.",
+      "vulnerability_id": "CVE-2024-48063",
+      "name": "CVE-2024-48063",
+      "package_name": "torch",
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/torch-2.4.0+cu124.dist-info/METADATA",
+        "name": "torch",
+        "package_manager": "PYTHON",
+        "version": "2.4.0+cu124",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 9.8,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 9.8,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "CRITICAL",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48063",
+      "source": "NVD",
+      "severity": "CRITICAL",
+      "status": "ACTIVE",
+      "title": "CVE-2024-48063 - torch",
+      "reason_to_ignore": "this container is specifically pytorch 2.4.x so we cant upgrade to later minor versions"
     }
   ],
     "jupyter_core": [
@@ -938,5 +967,36 @@
       "title": "CVE-2025-30167 - jupyter_core",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "libgdk-pixbuf-2.0-0": [
+    {
+      "description": "A flaw exists in gdk\u2011pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib\u2019s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.",
+      "vulnerability_id": "CVE-2025-7345",
+      "name": "CVE-2025-7345",
+      "package_name": "libgdk-pixbuf-2.0-0",
+      "package_details": {
+        "file_path": null,
+        "name": "libgdk-pixbuf-2.0-0",
+        "package_manager": "OS",
+        "version": "2.42.8+dfsg",
+        "release": "1ubuntu0.3"
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 7.5,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 7.5,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-7345.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-7345 - libgdk-pixbuf-2.0-0",
+      "reason_to_ignore": "No fix"
+    }
   ]
 }