Skip Navigation

A large number of DYLD Injection violations are reported by Linux devices

Possible cause

Certain third-party applications, such as
, Dynatrace, AppDynamics, and DataDog, try to preload modules (LD_PRELOAD environment variable for a process), causing DYLD Injection violation events for any process monitored by the application.

Possible solution

Do the following:
  1. If you are using a version of the
    CylancePROTECT Desktop
    agent earlier than 2.1.1574, upgrade to 2.1.1574 or later.
    strongly recommends upgrading to the latest available version of the agent to benefit from the latest enhancements.
  2. Add memory protection exclusions for the .so components that a third-party application tries to inject. Inspect the LD_PRELOAD variable to determine the .so components that you need to add exclusions for (“man” can provide some guidance). It is a best practice to contact the support resources for the third-party application to identify the applicable .so files.