Wolfram Computation Meets Knowledge

Fix for security vulnerability in Wolfram Systems 11.1–11.3 on Linux

Summary

Recent versions of Wolfram systems containing VernierLink were shipped with a vulnerability potentially allowing non-root users to run arbitrary commands as root. This only affects machines where the Wolfram System was installed as root. We therefore strongly recommend you apply the following steps to all Linux systems on which any of these Wolfram System versions are installed.

Details

When run as root, the program installer created a file “/etc/udev/rules.d/wolfram-vernierlink-libusb.rules”. This file assists in communicating with Vernier devices and is run automatically as root each time the affected machine reboots. This was world-writable by default, so non-root users could edit this file.

Affected Wolfram Systems

The following products create the file with world-writable permissions:

Product Versions Operating Systems
Mathematica 11.1, 11.2, 11.3* Linux
Wolfram Desktop 11.1, 11.2, 11.3* Linux
Wolfram Programming Lab 11.1, 11.2, 11.3* Linux
Wolfram Player
Wolfram Player Pro
11.1, 11.2, 11.3* Linux
gridMathematica 11.1, 11.2, 11.3* Linux


*11.3 only if installer was downloaded before May 15, 2018.

A patched Version 11.3 for each of these products with this vulnerability addressed is now available in the Wolfram User Portal.

Resolution

If you do not use or plan to use the VernierLink functionality in Mathematica, remove the vulnerable file:

sudo rm /etc/udev/rules.d/wolfram-vernierlink-libusb.rules 

You may be prompted to provide admin-level credentials to complete this action.

If you are connecting Mathematica to Vernier-branded external devices using VernierLink,
adjust the permissions of this file:

sudo chmod 644 /etc/udev/rules.d/wolfram-vernierlink-libusb.rules 

You may be prompted to provide admin-level credentials to complete this action.

If you have any questions or concerns, please contact Wolfram Technical Support.

설명이 도움이 되었나요?
아니오

하실 말씀이 있습니까?

피드백 감사합니다.

제출하기

지원 문의

청구서, 제품 동기화에 관한 질문에서 기술적인 질문까지 부담없이 문의하세요.

1-800-WOLFRAM (국제 전화는 +1-217-398-0700)

고객 지원

월요일 - 금요일
8am–5pm 중부 표준시

  • 제품 등록 및 동기화
  • 구매 전 정보 및 주문
  • 설치 및 동작

고급 기술지원 (해당 고객을 대상으로)

월요일 - 목요일
8am–7pm 중부 표준시

금요일
8:30–10am & 11am–5pm 중부 표준시

  • 우선적 기술지원
  • Wolfram 전문가들의 제품 지원
  • Wolfram 프로그래밍
  • 고급 설치 지원