Security News > 2024 > July > CrowdStrike's Falcon Sensor also linked to Linux kernel panics and crashes
CrowdStrike's now-infamous Falcon Sensor software, which last week led to widespread outages of Windows-powered computers, has also caused crashes of Linux machines.
A second issue titled "System crashed at cshook network ops inet6 sockraw release+0x171a9" advised users "For assistance with troubleshooting potential issues with the falcon lsm serviceable kernel module provided from the CrowdStrike Falcon Sensor/Agent security software suite." Red Hat also advised that "Disabling the CrowdStrike Falcon Sensor/Agent software suite will mitigate the crashes and provide temporary stability to the system in question while the issue is investigated." The issue was "Observed but not limited to release 6 and 7.".
The occurrence of kernel panics mere weeks before CrowdStrike broke many Windows implementations therefore hints at wider issues at the security vendor.
The Register has asked CrowdStrike to comment on the issues identified by Red Hat, and will update this story if we receive substantial information.
CrowdStrike on Sunday teased a rapid recovery tool for the mess it made.
The extent of disruption caused by CrowdStrike remains uncertain, but we've read accounts of over 6,800 flights cancelled last Friday alone, and of some airlines only restoring systems on Sunday evening.
News URL
Related news
- EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft (source)
- Post-CrowdStrike, Microsoft to discourage use of kernel drivers by security tools (source)
- Post-CrowdStrike, Microsoft to discourage use of kernel drivers by security tools (source)
- Linux kernel impacted by new SLUBStick cross-cache attack (source)
- New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers (source)