AndreHamilton-MSFT
commented
4 months ago Closing due to age. If you see an image on mcr.microsoft.com that is vulnerable please file an issue with https://www.microsoft.com/en-us/msrc who will route request to the appropriate team
A vulnerability was found with PolKit, making it so Polkit’s pkexec command can be used to execute commands with root privileges. More can be found here: https://www.securityweek.com/polkit-vulnerability-provides-root-privileges-linux-systems
Want to ensure a patch will be pushed out to these containers for future use.