Azure Machine Learning
An Azure machine learning service for building and deploying models.
FFmpeg vulnerabilities when extending latest AzureML recommended base image (Ubuntu / no Ubuntu Pro)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 48%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFP%3C/text%3E%3C/svg%3E)
Francesco Picetti
0
Reputation points Microsoft Employee
I am creating a custom Docker image for Azure Machine Learning by extending one of the most recent recommended base images from the official Azure/AzureML‑Containers repository, pulled from Microsoft Container Registry (MCR).
Starting from this base image, my Dockerfile performs only the following steps:
- Pull the latest recommended AzureML base image
- Install FFmpeg using the Ubuntu package manager (
apt install ffmpeg) - Install Python dependencies using
uv(no additional system packages or custom builds)
Despite this minimal and fully documented setup, the resulting image is flagged by container vulnerability scanners due to FFmpeg‑related vulnerabilities originating from Ubuntu Universe packages.
For example: USN-7823-1
From my investigation:
- The vulnerable FFmpeg packages come directly from the Ubuntu repositories used by the AzureML base image
- There does not appear to be a patched FFmpeg version available via standard
aptupdates without enabling Ubuntu Pro / ESM - Following AzureML guidance (using recommended base images and standard package installation) still results in images flagged as vulnerable
- Workarounds such as rebuilding FFmpeg from source or removing features significantly increase image complexity and long‑term maintenance burden
Question: What is the recommended way to address this scenario when building custom AzureML Docker images?
Specifically:
- Is this a known limitation when using Ubuntu‑based AzureML images?
- Are users expected to manually rebuild FFmpeg or accept Ubuntu Pro dependencies for compliance‑sensitive environments?
- Are there plans to refresh AzureML base images with mitigations for these FFmpeg vulnerabilities?
- Is there official guidance on handling vulnerabilities inherited from Ubuntu Universe packages when no standard patches are available?
Any guidance on the intended or supported approach would be greatly appreciated.
Azure Machine Learning
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 39%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Sridhar M 3,160 Reputation points Microsoft External Staff Moderator2025-12-20T02:27:07.99+00:00 Welcome to the Microsoft Q&A
you are seeing is an expected limitation when using Ubuntu‑based AzureML base images that rely on Ubuntu Universe packages. AzureML base images are patched frequently, with updates released every ~2 weeks and a policy to avoid vulnerabilities older than 30 days only when Canonical publishes fixes in the public Ubuntu repositories. FFmpeg resides in the Ubuntu Universe repo, and Universe packages do not receive full security maintenance unless Ubuntu Pro / ESM‑Apps is enabled. Therefore, even if the AzureML image itself is up‑to‑date, installing
ffmpegfrom the normal Ubuntu apt repositories re‑introduces vulnerabilities that Ubuntu fixes only in the ESM‑Apps channel.patches are not available via standard apt:
The specific FFmpeg vulnerabilities (e.g., USN‑7823‑1) are fixed only in ESM‑Apps builds, which Canonical distributes exclusively under Ubuntu Pro. Standard Ubuntu LTS apt repositories do not receive patched FFmpeg builds for Universe packages. This is consistent with Ubuntu’s maintenance model: Universe components get community support only, and paid Ubuntu Pro subscribers get 10‑year Expanded Security Maintenance for Universe.
Reference: [ubuntu.com], [linuxsecurity.com]
AzureML has a strong patching policy: base images are rebuilt every ~2 weeks, and they patch everything for which a fix exists in the upstream Ubuntu repos. But AzureML cannot ship patched Universe packages (including FFmpeg) if Canonical does not publish a fix in the standard public apt channels. AzureML cannot backport patches independently — its patch cycle depends fully on Ubuntu’s published security streams.
[learn.microsoft.com], [github.com]
users are expected to rebuild FFmpeg:
if you require a vulnerability‑free FFmpeg for compliance, and you cannot enable Ubuntu Pro, then you must either
- rebuild FFmpeg yourself,
- use a trusted FFmpeg build from a different repository, or
- avoid installing FFmpeg entirely and switch to a supported alternative library.
- AzureML documentation states that mitigating vulnerabilities often requires upgrading or migrating dependencies, and that users own all custom packages they introduce into the environment. Sources: [Troublesho...soft Learn | Learn.Microsoft.com]
AzureML cannot provide patched FFmpeg inside base images unless Canonical releases a patched version in the standard repo. Since FFmpeg is a Universe package, Canonical requires Ubuntu Pro for security fixes. AzureML cannot ship patched FFmpeg without changing OS policy or redistributing modified Universe packages which they currently do not do.
AzureML will continue refreshing base images on their normal cadence, but FFmpeg vulnerabilities sourced from Universe apt packages will remain unless you use ESM‑Apps or build FFmpeg yourself.
Official guidance for vulnerabilities with no available public patches:
Microsoft’s official guidance is:
- Minimize dependencies (avoid adding packages with no security support).
- Understand the relevance of vulnerabilities, because some findings may not be exploitable in your execution context.
- Use Ubuntu Pro / ESM‑Apps if your compliance framework requires zero known CVEs from Universe.
- If a fix does not exist in the upstream repositories, you must either accept risk with compensating controls or replace / rebuild the component manually.
Reference:
[Troublesho...soft Learn | Learn.Microsoft.com]
I Hope this helps. Do let me know if you have any further queries.
Thank you!
Sign in to comment
Sign in to answer