CVE-2023-29146
- EPSS 0.12%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 09.06.2026 20:16:29
The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer...
CVE-2023-29147
- EPSS 0.27%
- Veröffentlicht 30.06.2023 21:15:08
- Zuletzt bearbeitet 26.11.2024 20:15:20
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identi...
CVE-2023-29145
- EPSS 0.3%
- Veröffentlicht 30.06.2023 20:15:09
- Zuletzt bearbeitet 26.11.2024 21:15:05
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file i...