fix CVE-2026-23490 + CVE-2026-30922, pyasn1>=0.6.3 override (runtimes + jupyter)#2192
fix CVE-2026-23490 + CVE-2026-30922, pyasn1>=0.6.3 override (runtimes + jupyter)#2192BabbarPB08 wants to merge 2 commits intorhoai-3.3from
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (30)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughThis PR updates multiple environment-specific Changespyasn1 override across environment pyproject.toml files
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
|
@atheo89 @ysok Could you please review this CVE fix? It's a straightforward pyasn1>=0.6.2 override across 16 pyproject.toml files to address CVE-2026-23490 (CVSS 7.5 HIGH DoS vulnerability). |
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (2)
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1)
45-51: LGTM — correct fix applied.One pre-existing observation (not introduced by this PR): unlike the
jupyter/*andcodeserverimages, this runtime'soverride-dependenciesblock has nourllib3>=2.6.0entry for CVE-2025-66418. Worth tracking separately if the TF runtime exposes any http clients that pull urllib3.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml` around lines 45 - 51, The override-dependencies block in pyproject.toml is missing an entry to address CVE-2025-66418; update the override-dependencies list (the same block containing "pyasn1>=0.6.2", "protobuf==6.31.1", "keras~=3.12.0") to include "urllib3>=2.6.0" so the runtime protects against the vulnerability that other images already mitigate.runtimes/tensorflow/ubi9-python-3.12/pyproject.toml (1)
43-49: LGTM — consistent with the rest of the PR.Same pre-existing gap noted in
runtimes/rocm-tensorflow: nourllib3>=2.6.0override for CVE-2025-66418 in this file either.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@runtimes/tensorflow/ubi9-python-3.12/pyproject.toml` around lines 43 - 49, Missing urllib3 CVE mitigation: add "urllib3>=2.6.0" to the override-dependencies array in this pyproject.toml so the package override includes the CVE-2025-66418 fix; update the same override-dependencies array in the corresponding rocm-tensorflow pyproject.toml as well to keep both runtime variants consistent (look for the existing override-dependencies block near "pyasn1", "protobuf", "keras" to insert the new entry).
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@jupyter/pytorch`+llmcompressor/ubi9-python-3.12/pyproject.toml:
- Around line 94-95: The override line specifying "pyasn1>=0.6.2" is correct but
the lock (uv.lock) still pins pyasn1-0.6.1, so regenerate the lock to pick up
pyasn1 >=0.6.2: run the repository’s lock/resolve command (the tool you use to
produce uv.lock) to refresh dependencies so uv.lock contains pyasn1 0.6.2+; if
dependency conflicts (e.g., from pillow/llmcompressor) prevent upgrading, remove
or relax the explicit "pyasn1>=0.6.2" override and document the conflict, then
re-run the lock generation so the lock accurately reflects the allowed version
set.
In `@runtimes/pytorch`+llmcompressor/ubi9-python-3.12/pyproject.toml:
- Around line 55-58: The lock file isn't being regenerated so the
override-dependencies entry ("pyasn1>=0.6.2") in pyproject.toml is ineffective;
create a tracked issue (or update an existing one) to resolve the
llmcompressor==0.9.0 ↔ pillow version conflict (pillow<=12.0.0 vs
pillow==12.2.0) and document that until that conflict is fixed and the lockfile
for the pytorch+llmcompressor image is regenerated the CVE fix won't be applied;
include references to the exact symbols llmcompressor==0.9.0, pillow (<=12.0.0
vs ==12.2.0), and override-dependencies/pyasn1>=0.6.2 in the issue and link it
from the pyproject.toml comment or repo vulnerability tracker.
---
Nitpick comments:
In `@runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml`:
- Around line 45-51: The override-dependencies block in pyproject.toml is
missing an entry to address CVE-2025-66418; update the override-dependencies
list (the same block containing "pyasn1>=0.6.2", "protobuf==6.31.1",
"keras~=3.12.0") to include "urllib3>=2.6.0" so the runtime protects against the
vulnerability that other images already mitigate.
In `@runtimes/tensorflow/ubi9-python-3.12/pyproject.toml`:
- Around line 43-49: Missing urllib3 CVE mitigation: add "urllib3>=2.6.0" to the
override-dependencies array in this pyproject.toml so the package override
includes the CVE-2025-66418 fix; update the same override-dependencies array in
the corresponding rocm-tensorflow pyproject.toml as well to keep both runtime
variants consistent (look for the existing override-dependencies block near
"pyasn1", "protobuf", "keras" to insert the new entry).
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 6546ef7e-3b96-4ee4-bf41-da42cf9ecc15
📒 Files selected for processing (16)
codeserver/ubi9-python-3.12/pyproject.tomljupyter/datascience/ubi9-python-3.12/pyproject.tomljupyter/minimal/ubi9-python-3.12/pyproject.tomljupyter/pytorch+llmcompressor/ubi9-python-3.12/pyproject.tomljupyter/pytorch/ubi9-python-3.12/pyproject.tomljupyter/rocm/pytorch/ubi9-python-3.12/pyproject.tomljupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.tomljupyter/tensorflow/ubi9-python-3.12/pyproject.tomljupyter/trustyai/ubi9-python-3.12/pyproject.tomlruntimes/datascience/ubi9-python-3.12/pyproject.tomlruntimes/minimal/ubi9-python-3.12/pyproject.tomlruntimes/pytorch+llmcompressor/ubi9-python-3.12/pyproject.tomlruntimes/pytorch/ubi9-python-3.12/pyproject.tomlruntimes/rocm-pytorch/ubi9-python-3.12/pyproject.tomlruntimes/rocm-tensorflow/ubi9-python-3.12/pyproject.tomlruntimes/tensorflow/ubi9-python-3.12/pyproject.toml
| # RHOAIENG-59282: CVE-2026-23490 pyasn1 DoS via malformed RELATIVE-OID parsing | ||
| "pyasn1>=0.6.2", |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "== Locate candidate lock/constraints files =="
fd -HI -t f '(^uv\.lock$|.*\.lock$|^requirements.*\.txt$)'
echo
echo "== Show pyasn1/pillow/llmcompressor entries from candidate files =="
fd -HI -t f '(^uv\.lock$|.*\.lock$|^requirements.*\.txt$)' | while read -r f; do
if rg -q 'pyasn1|pillow|llmcompressor' "$f"; then
echo "---- $f ----"
rg -n 'pyasn1|pillow|llmcompressor' "$f"
echo
fi
doneRepository: red-hat-data-services/notebooks
Length of output: 2222
The CVE-2026-23490 fix is not effective—uv.lock contains pyasn1-0.6.1 instead of the required 0.6.2+.
Lines 94-95 correctly specify pyasn1>=0.6.2 in the override, but the root uv.lock file locks pyasn1-0.6.1 (sdist from 2024-09-10). This means the CVE mitigation does not apply at runtime. The lock must be regenerated to resolve pyasn1>=0.6.2, or the constraint must be removed if the pillow/llmcompressor conflict prevents it.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@jupyter/pytorch`+llmcompressor/ubi9-python-3.12/pyproject.toml around lines
94 - 95, The override line specifying "pyasn1>=0.6.2" is correct but the lock
(uv.lock) still pins pyasn1-0.6.1, so regenerate the lock to pick up pyasn1
>=0.6.2: run the repository’s lock/resolve command (the tool you use to produce
uv.lock) to refresh dependencies so uv.lock contains pyasn1 0.6.2+; if
dependency conflicts (e.g., from pillow/llmcompressor) prevent upgrading, remove
or relax the explicit "pyasn1>=0.6.2" override and document the conflict, then
re-run the lock generation so the lock accurately reflects the allowed version
set.
There was a problem hiding this comment.
thet root uv.lock does not enter into any images we build here, that's essentially dev-only dependencies
There was a problem hiding this comment.
@jiridanek, thanks for the clarification! That makes sense — each image has its own pyproject.toml (and its own lock resolution at build time), and the root uv.lock is only for workspace-level dev tooling. My concern about the root lock file was misplaced; the pyasn1>=0.6.2 override in each image's pyproject.toml is what drives the effective version resolved into the image. The CVE fix is valid as-is.
ᓚᘏᗢ ← curious rabbit acknowledges the correction
✏️ Learnings added
Learnt from: jiridanek
Repo: red-hat-data-services/notebooks PR: 2192
File: jupyter/pytorch+llmcompressor/ubi9-python-3.12/pyproject.toml:94-95
Timestamp: 2026-05-05T11:11:41.161Z
Learning: In the red-hat-data-services/notebooks repository, the root `uv.lock` file is dev-only and does not enter any built container images. Each image's dependency resolution is driven by its own `pyproject.toml` (and its own per-image lock file generated at build time). Do not flag the root `uv.lock` as a security or correctness concern for image runtime dependencies.
Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.
|
Good point, regenerated all pylock.toml files (14 images, excluding pytorch+llmcompressor). pyasn1 now resolves to 0.6.3 in all of them. The pytorch+llmcompressor images still have the pre-existing pillow conflict blocking their lock regen. |
BabbarPB08
force-pushed
the
BabbarPB08/runtime-jupyter-cve-2026-23490
branch
from
d5aae0a to
0acdb8f
Compare
BabbarPB08
changed the title
|
Updated: bumped override from pyasn1>=0.6.2 to pyasn1>=0.6.3 to also cover CVE-2026-30922 (DoS via unbounded recursion, distinct from CVE-2026-23490). Regenerated all pylock.toml files. pyasn1 resolves to 0.6.3 across all 14 images. pytorch+llmcompressor excluded (pre-existing pillow conflict, tickets already closed by @jiridanek). |
|
@jiridanek The pylock.toml files are now regenerated and the override is bumped to >=0.6.3 to cover both CVEs. Could you /lgtm when you get a chance? @ysok Could you please /approve this CVE fix? |
2 participants
Summary
Jira Tickets
CVE-2026-23490
RHOAIENG-59303, RHOAIENG-59304, RHOAIENG-59305, RHOAIENG-59307,
RHOAIENG-59308, RHOAIENG-59309, RHOAIENG-59313, RHOAIENG-59314,
RHOAIENG-59315, RHOAIENG-59316, RHOAIENG-59317, RHOAIENG-59318,
RHOAIENG-59320, RHOAIENG-59321, RHOAIENG-59322, RHOAIENG-59323
CVE-2026-30922
RHOAIENG-54250, RHOAIENG-54252, RHOAIENG-54254, RHOAIENG-54255,
RHOAIENG-54256, RHOAIENG-54260, RHOAIENG-54261, RHOAIENG-54265,
RHOAIENG-54266, RHOAIENG-54267, RHOAIENG-54268, RHOAIENG-54269,
RHOAIENG-54270
How Has This Been Tested?
Note
pytorch+llmcompressor images (RHOAIENG-59306, RHOAIENG-59319, RHOAIENG-54253, RHOAIENG-54266)
excluded -- lock regen blocked by pre-existing pillow conflict
(llmcompressor==0.9.0 requires pillow<=12.0.0 vs pillow==12.2.0 from CVE-2026-40192 fix).
These tickets were already closed by @jiridanek.