CVE-2023-29147
https://notcve.org/view.php?id=CVE-2023-29147
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier. • https://malwarebytes.com https://www.malwarebytes.com/secure/cves/cve-2023-29147 •
CVE-2023-29145
https://notcve.org/view.php?id=CVE-2023-29145
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger. • https://malwarebytes.com https://www.malwarebytes.com/secure/cves/cve-2023-29145 •