The final signature by itself is malleable, because for every ECDSA signature (r,s), the signature (r, -s (mod N)) is also a valid signature (of the same message.)
This can be solved by requiring that "s" always be an even number. Since N is odd, only one signature is accepted as canonical.