CVE-2023-29145

Name of the Vulnerable Software and Affected Versions Malwarebytes EDR version 1.0.11 for Linux

Description The Malwarebytes EDR for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. An attacker can exploit this by setting LD LIBRARY PATH, setting LD PRELOAD, or running an executable file in a debugger.

Recommendations For Malwarebytes EDR version 1.0.11 for Linux, as a temporary workaround, consider restricting the use of the vulnerable driver until a patch is available. Avoid setting LD LIBRARY PATH or LD PRELOAD to minimize the risk of exploitation. Restrict access to the debugger for executable files to prevent potential attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.