CVE-2023-29146
HighCVSS 8.2Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value (32-bit).
Risk Assessment
Attackers could create a colliding hash value for two different strings by attaching 4GB of data to a string that is less than 4GB in size. This poses a risk of data fraud and manipulation.
Recommendation
It is recommended to update to a newer version of Malwarebytes EDR that fixes the hashing calculation issue to avoid overflow problems. Additionally, monitoring and analyzing data for potential attacks is advised.
Original NVD description (English source)
The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value (32-bit). Attackers could create a colliding hash value for two different strings by attaching 4GB of data to a string that is less than 4GB in size.

