MrBoJo84
commented
1 year ago @carlwang87 I am part of the GPU Operator Product team at NVIDIA. I would like to better understand your general use case and expectations in regards to the CVEs. Please reach out to operator_feedback@nvidia.com and I will get in touch with you.
Also note that the vast majority of the CVEs are derived from the base image that the operator and the operands use. We generally update those images with every patch release.
Please continue to reach out for any immediate requirements or feedback.
What happened: trivy image scan lists critical and high vulnerability against latest images in gpu operator.
What you expected to happen: No critical or high vulnerability issues.
How to reproduce it: trivy image --ignore-unfixed --severity HIGH,CRITICAL --format template --template "@/usr/local/share/trivy/templates/html.tpl" -o report.html
Currently I'm using trivy to scan vulnerability of images used in gpu operator, and found lots of critical and high vulnerability.The below lists each image vulnerability.
1.nvcr.io/nvidia/gpu-operator:v22.9.0 gpu-operator_v22.9.0.pdf
2.nvcr.io/nvidia/cloud-native/gpu-operator-validator:v22.9.0 gpu-operator-validator_v22.9.0.pdf
3.nvcr.io/nvidia/driver:515.65.01-rhel8.4 driver_515.65.01-rhel8.4.pdf
4.nvcr.io/nvidia/cloud-native/k8s-driver-manager:v0.4.2 k8s-driver-manager_v0.4.2.pdf
5.nvcr.io/nvidia/cloud-native/k8s-mig-manager:v0.5.0-ubi8 k8s-mig-manager_v0.5.0-ubi8.pdf
6.nvcr.io/nvidia/kubevirt-gpu-device-plugin:v1.2.1 kubevirt-gpu-device-plugin_v1.2.1.pdf
7.nvcr.io/nvidia/gpu-feature-discovery:v0.6.2-ubi8 gpu-feature-discovery_v0.6.2-ubi8.pdf
8.nvcr.io/nvidia/k8s-device-plugin:v0.12.3-ubi8 k8s-device-plugin_v0.12.3-ubi8.pdf
9.nvcr.io/nvidia/k8s/container-toolkit:v1.11.0-ubi8 k8s_container-toolkit_v1.11.0-ubi8.pdf
10.nvcr.io/nvidia/cloud-native/dcgm:3.0.4-1-ubi8 dcgm_3.0.4-1-ubi8.pdf
11.nvcr.io/nvidia/k8s/dcgm-exporter:3.0.4-3.0.0-ubi dcgm-exporter_3.0.4-3.0.0-ubi8.pdf
12.nvcr.io/nvidia/cloud-native/vgpu-device-manager:v0.2.0 vgpu-device-manager_v0.2.0.pdf
Thanks.