this post was submitted on 20 Jul 2024
474 points (97.8% liked)

Linux

4944 readers
124 users here now

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 1 year ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
474
CrowdStrike broke Debian and Rocky Linux months ago, but no one noticed (www.neowin.net)
submitted 1 month ago by lemmee_in@lemm.ee to c/linux@programming.dev
63 comments fedilink hide all child comments
 

A widespread Blue Screen of Death (BSOD) issue on Windows PCs disrupted operations across various sectors, notably impacting airlines, banks, and healthcare providers. The issue was caused by a problematic channel file delivered via an update from the popular cybersecurity service provider, CrowdStrike. CrowdStrike confirmed that this crash did not impact Mac or Linux PCs.

It turns out that similar problems have been occurring for months without much awareness, despite the fact that many may view this as an isolated incident. Users of Debian and Rocky Linux also experienced significant disruptions as a result of CrowdStrike updates, raising serious concerns about the company's software update and testing procedures. These occurrences highlight potential risks for customers who rely on their products daily.

you are viewing a single comment's thread
view the rest of the comments
[–] Akuma@pawb.social 9 points 1 month ago (2 children)

Do you have a source for that? I'm intrigued. Their own blog post is only talking about a "logic error".

[–] lemmyvore@feddit.nl 5 points 1 month ago (2 children)

I heard a different rumor, that the driver file they pushed was all zeros. I'm inclined to believe that one.

[–] 01189998819991197253@infosec.pub 2 points 1 month ago

They were talking about the Linux instance, not the windows one.

[–] themoonisacheese@sh.itjust.works 3 points 1 month ago (1 children)

It's a very educated guess based on the following:

The crash is a null pointer dereference, which a linter ought to catch.

The crash does not happen if you have crowdstrike sensor installed, which is weird because crowdstrike sensor's job is not to prevent any crashes.

Hence the guess: the update the pushed tries accessing memory in sensor, but if it's not installed the pointer is null and that's Bye-Bye.

[–] Akuma@pawb.social 1 points 1 month ago

I see, thanks for the clarification. Sounds plausible.