What is MathWorks’ response to the Shellshock vulnerability?

6 views (last 30 days)
The Shellshock security vulnerability was disclosed on September 24, 2014. How does the Shellshock software bug affect MathWorks products?

Accepted Answer

George
George on 14 Oct 2014
Edited: George on 17 Nov 2014
MathWorks products such as MATLAB, Simulink, and Toolboxes do not contain the Bash shell and are not affected by the Shellshock vulnerability.
The Raspberry Pi v14.2 hardware support package contained a vulnerable version of the Bash shell and was fixed on October 1, 2014.
The Beagle Board hardware support package contained a vulnerable version of the Bash shell and was fixed on November 17, 2014.
Support packages for PandaBoard (v14.2) and Gumstix (v14.2) contain vulnerable versions of the Bash shell. The default configuration of these support packages does not expose this vulnerability to a network connection. We recommend running these devices inside of a trusted network or behind a firewall. We will update these packages as updated software is available.

More Answers (1)

Stefan David
Stefan David on 9 Nov 2017
Hi, I just found the question about heartbleed here and thought it may be good to connect it to the referenced article below, as MathWorks has tools that can detect issues such as Heartbleed and help to harden applications against security vulnerabilities:
https://blogs.mathworks.com/simulink/2014/04/10/how-polyspace-could-have-detected-the-vulnerability-in-apples-ios/

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!