CVE-2023-29146 – Malwarebytes Agents – Collisione di hash

SOMMARIO:

The utility functions used, by Malwarebytes Endpoint Agent for Linux before 1.1.64 and Malwarebytes for Windows v5 having an update package version < 1.0.106875 , for calculating a cryptographic hash of data bytes, truncate the hashed data if it exceeds 4GB. This could lead to colliding hash values for two different strings in some scenarios and detection misses.

VERSIONI INTERESSATE

  • Endpoint Agent for Linux < 1.1.64
  • Malwarebytes for Windows v5 having an update package version <1.0.106875

VERSIONI PATCHATE

  • Agente endpoint per Linux >= 1.1.64
  • Malwarebytes Windows >= 5.2.6.163 | Versione del pacchetto di aggiornamento >= 1.0.106875

CONSIGLI PER LA MITIGAZIONE

Si consiglia di aggiornare gli endpoint interessati alle versioni patchate.

DETTAGLI

CWECVS 3.xVettoriale
CWE-190: Overflow di interi8.2 AltaLocale

RICONOSCIMENTO

X41-Dsec

RIFERIMENTI

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29146