Last week, the world was shaken large-scale computer failure. Due to the “blue screen of death” and cyclic reboots of Windows, computers in many organizations, including banks, transport and financial companies, etc. stopped functioning. Later, it turned out that the culprit was not Windows, but the CrowdStrike Falcon Sensor corporate antivirus.
However, it turned out that the problem affects not only modern Windows operating systems. According to a report by The Register, Linux users have been reporting kernel panics and crashes related to CrowdStrike software since April of this year.
The kernel is a separate layer of the operating system that is directly connected to the hardware and isolated from the user shell. Very little computer software needs access to the kernel to do its job. And while security software can certainly be an exception, it is still very important to make sure that it does not cause kernel instability and crashes on any target platform.
However, in the case of CrowdStrike, something went wrong. Linux users using Red Hat Enterprise Linux, Debian Linux (and Debian is the basis for the more common Ubuntu), and Rocky Linux are reportedly affected. All of the issues in question affect the underlying Linux kernel and cause any Linux distributions that use kernel versions 5.14.0-42713.1 and later to crash.
Interestingly enough, the current CEO of CrowdStrike, George Kurtz, was also the CEO of McAFee during the infamous 2010 update that caused some PCs to get stuck in an endless boot loop. This likely makes George Kurtz the first CEO in history to be implicated in two major global PC crashes caused by bad security software updates.
Source: tomshardware