CVE-2023-29144 – Malwarebytes 1.0.14 for Linux has a signature c... (How to Fix)

Q: What is the severity of CVE-2023-29144?

CVE-2023-29144 has a CVSS score of 3.3 (LOW). Malwarebytes 1.0.14 for Linux has a signature computation vulnerability that allows malware to bypass detection. This affects Linux systems running this specific version of Malwarebytes antivirus software.

📋 TL;DR

Malwarebytes 1.0.14 for Linux has a signature computation vulnerability that allows malware to bypass detection. This affects Linux systems running this specific version of Malwarebytes antivirus software.

💻 Affected Systems

Products:

Malwarebytes for Linux

Versions: 1.0.14

Operating Systems: Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Linux version 1.0.14; other versions and platforms are not vulnerable.

📦 What is this software?

Malwarebytes by Malwarebytes

View all CVEs affecting Malwarebytes →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malware executes undetected, leading to system compromise, data theft, or ransomware infection.

🟠

Likely Case

Targeted malware evades detection, potentially causing data exfiltration or persistence on affected systems.

🟢

If Mitigated

Limited impact due to layered security controls, network segmentation, and regular system monitoring.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires malware to be present on the system and specifically crafted to bypass signature detection.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.15 or later

Vendor Advisory: https://www.malwarebytes.com/secure/cves/cve-2023-29144

Restart Required: Yes

Instructions:

1. Update Malwarebytes using your package manager. 2. For Ubuntu/Debian: sudo apt update && sudo apt upgrade malwarebytes. 3. For RHEL/CentOS: sudo yum update malwarebytes. 4. Restart the Malwarebytes service: sudo systemctl restart malwarebytes.

🔧 Temporary Workarounds

Disable Malwarebytes temporarily

linux

Stop Malwarebytes service to prevent false sense of security while vulnerable

sudo systemctl stop malwarebytes

Use alternative antivirus

linux

Temporarily deploy another antivirus solution while vulnerable

🧯 If You Can't Patch

Implement network segmentation to limit spread of potential malware
Enable additional endpoint detection and response (EDR) tools

🔍 How to Verify

Check if Vulnerable:

Check Malwarebytes version: malwarebytes --version

Check Version:

malwarebytes --version

Verify Fix Applied:

Verify version is 1.0.15 or later: malwarebytes --version

📡 Detection & Monitoring

Log Indicators:

Failed malware detections
Unusual process executions bypassing antivirus

Network Indicators:

Unexpected outbound connections from systems with Malwarebytes

SIEM Query:

source="malwarebytes" AND (event="scan_failed" OR event="bypass_detected")

📊 Metadata

CVE ID: CVE-2023-29144

CVSS v3 Score: 3.3 (LOW)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-190

EPSS Score: 0.02% exploit probability (3.1th percentile)

Published: December 12, 2025

Last Updated: December 19, 2025

🔗 References

https://malwarebytes.com Product
https://www.malwarebytes.com/secure/cves/cve-2023-29144 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29144, you might also want to check these: