How much did crowdstrrike debacle affect TW update schedule if at all?

I usually see some updates for TW every couple of days but haven’t seen any update since the 7/16 release. I know its not a very long time but i was wondering if the Crowdstrike thing had any effect on it, even though i know Crowdstrike was a windows update issue.

No impact. As you noted, it was a Windows-only issue.

But, Apple and Linux were not affected because CrowdStrike hadn’t rolled out the update for those platforms …

On the other hand, the following issues were reported with Linux systems –

  • April 19, 2024 – incompatible with up-to-date Debian Linux builds …
  • May 13, 2024 – due to a Linux Sensor in user mode combined with specific 6.x kernel versions.
1 Like

is Crowdstrike something we have by default on openSUSE systems? :thinking:
(I understand there are people who might’ve installed it manually, but I was wondering about the rest)

Do you really assume it is Open Source?

@erbenton Summer time, folks have holidays :wink: But also I suspect systemd-boot work going on…

No.

Crowdstrike is a commercial product, and is only sold to businesses, not to individuals. A quick search of their website will turn that information up.

And the root cause of the problem very likely wouldn’t have caused issues on non-Windows systems.

I don’t know much of anything about Crowdstrike, so I didn’t really assume anything (except that it’s probably not included in openSUSE)

I saw a reverse-engineering analysis of the CrowdStrike problem which pointed to an issue where an attempt to dereference the NULL pointer seemed to be the root cause –

  • These issues usually result in the application dumping core with an exception error – regardless of the operating system …

Well, on Windows it runs in ring 0 as I understand it.

Does it run in ring 0 on Linux? I don’t know - but I don’t think it does.

In any event, it’s not something that’s used (as far as I’m aware) on any of our infrastructure, so the point’s moot from the standpoint of this discussion.

@hendersj AFAIK it was only because the kernel level access on Windows systems, only user-space on MacOS and Linux?

I believe that to be correct.

But, Apple and Linux were not affected because CrowdStrike hadn’t rolled out the update for those platforms …

not sure if that’s connected because alternative apps and browsers aren’t not supposed to be at kernel level, but at the bottom of the article there’s “… currently trying to force Apple to give access to its iPhone to allow alternative app stores and web browsers to be used” in the same article about antivirus updates

Crowdstrike has some elements with Linux CrowdStrike’s Falcon Sensor linked to Linux crashes, too • The Register

Are you following the factory mailing list? I was just thinking the other day, these snapshots are coming frequently. I hope Leap is still around for awhile.

Yes, leap is still going to be around for a while. There’s been news posts about it, and it’s been brought up plenty of times here in the forums.

I’ve read it, and the only thing I’m sure of is Leap will be much different with 16. The “classical” installation will be available, but I worry support will be limited.

With or without ALP, both will continue to be supported.

Clear Course is Set for openSUSE Leap - openSUSE News makes this pretty clear.