The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-640 | |
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-06-30T00:00:00
Updated: 2024-11-26T20:19:18.517Z
Reserved: 2023-03-31T00:00:00
Link: CVE-2023-29145
Vulnrichment
Updated: 2024-08-02T14:00:15.444Z
NVD
Status : Modified
Published: 2023-06-30T20:15:09.427
Modified: 2024-11-26T21:15:05.140
Link: CVE-2023-29145
Redhat
No data.