Security News > 2024 > July > CrowdStrike's Falcon Sensor also linked to Linux kernel panics and crashes

CrowdStrike's Falcon Sensor also linked to Linux kernel panics and crashes
2024-07-21 23:51

CrowdStrike's now-infamous Falcon Sensor software, which last week led to widespread outages of Windows-powered computers, has also caused crashes of Linux machines.

A second issue titled "System crashed at cshook network ops inet6 sockraw release+0x171a9" advised users "For assistance with troubleshooting potential issues with the falcon lsm serviceable kernel module provided from the CrowdStrike Falcon Sensor/Agent security software suite." Red Hat also advised that "Disabling the CrowdStrike Falcon Sensor/Agent software suite will mitigate the crashes and provide temporary stability to the system in question while the issue is investigated." The issue was "Observed but not limited to release 6 and 7.".

The occurrence of kernel panics mere weeks before CrowdStrike broke many Windows implementations therefore hints at wider issues at the security vendor.

The Register has asked CrowdStrike to comment on the issues identified by Red Hat, and will update this story if we receive substantial information.

CrowdStrike on Sunday teased a rapid recovery tool for the mess it made.

The extent of disruption caused by CrowdStrike remains uncertain, but we've read accounts of over 6,800 flights cancelled last Friday alone, and of some airlines only restoring systems on Sunday evening.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/07/21/crowdstrike_linux_crashes_restoration_tools/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2337 1502 67 3970
Kernel 3 0 8 4 1 13