07-23-2024, 04:17 AM
Who knew? This from Tom's Hardware:
https://www.msn.com/en-us/money/other/cr...df07&ei=28
CrowdStrike issues go beyond Windows: company's security software has reportedly been causing Linux kernel panics since at least April
Story by Christopher Harper • 7h
But as it turns out, the problem isn't just isolated to modern Windows operating systems. Linux users have been reporting kernel panics and crashes related to the same software since as early as April of this year, per a report from The Register.
So, how is this issue cross-platform? Chances are the specific issue that caused chaos over the last few days is not— after all, we would've seen it cripple Windows machines much sooner if that were the case. However, what this does demonstrate is that CrowdStrike has apparently been lax with its Falcon Sensor Security software for quite a while now. .....
Linux users who have been impacted reportedly include those using Red Hat Enterprise Linux, Debian Linux (and Debian is the basis for the more-widespread Ubuntu), and Rocky Linux. All of the issues in question are impacting the underlying Linux kernel (universal across Linux distributions), though, seemingly crashing any Linux distributions using kernel versions 5.14.0-42713.1 and newer.
Linux users do seem to have more recourse for issues like this— including switching to an eBPF "User Mode"— but it speaks to the severity of CrowdStrike's kernel software development issues if the company is managing to cripple Linux and Windows operating systems.
It also shows that there were warning signs for this past global outage, and that systems should have been in place at CrowdStrike some time ago to test these enterprise and government-targeted updates vigorously enough to prevent these kernel-level crashes. After all, most impacted users in these strictly-controlled environments likely don't have the administrative access or knowledge required to fix these problems once they occur. In other words, much-improved QA testing would seem to be mandatory for CrowdStrike's continued long-term success.
https://www.msn.com/en-us/money/other/cr...df07&ei=28
CrowdStrike issues go beyond Windows: company's security software has reportedly been causing Linux kernel panics since at least April
Story by Christopher Harper • 7h
But as it turns out, the problem isn't just isolated to modern Windows operating systems. Linux users have been reporting kernel panics and crashes related to the same software since as early as April of this year, per a report from The Register.
So, how is this issue cross-platform? Chances are the specific issue that caused chaos over the last few days is not— after all, we would've seen it cripple Windows machines much sooner if that were the case. However, what this does demonstrate is that CrowdStrike has apparently been lax with its Falcon Sensor Security software for quite a while now. .....
Linux users who have been impacted reportedly include those using Red Hat Enterprise Linux, Debian Linux (and Debian is the basis for the more-widespread Ubuntu), and Rocky Linux. All of the issues in question are impacting the underlying Linux kernel (universal across Linux distributions), though, seemingly crashing any Linux distributions using kernel versions 5.14.0-42713.1 and newer.
Linux users do seem to have more recourse for issues like this— including switching to an eBPF "User Mode"— but it speaks to the severity of CrowdStrike's kernel software development issues if the company is managing to cripple Linux and Windows operating systems.
It also shows that there were warning signs for this past global outage, and that systems should have been in place at CrowdStrike some time ago to test these enterprise and government-targeted updates vigorously enough to prevent these kernel-level crashes. After all, most impacted users in these strictly-controlled environments likely don't have the administrative access or knowledge required to fix these problems once they occur. In other words, much-improved QA testing would seem to be mandatory for CrowdStrike's continued long-term success.
