This was their newer eBPF falcon sensor that was trying to load a bpf program in the kernel and triggered kernel panic. This shouldn’t have happened and was definitely a bug in the kernel.
For the kernel mode, their software will flag an unknown kernel as unsupported and go into a reduced functionality mode (rfm).
The idiots didn’t know that RH E4S was a thing for like 3+ years.. I’m still baffled by how clueless most of the security people and vendors are when it comes to backporting and different streams / channels that are offered by multiple Linux OS vendors.
For the kernel mode, their software will flag an unknown kernel as unsupported and go into a reduced functionality mode (rfm).
The idiots didn’t know that RH E4S was a thing for like 3+ years.. I’m still baffled by how clueless most of the security people and vendors are when it comes to backporting and different streams / channels that are offered by multiple Linux OS vendors.
https://access.redhat.com/solutions/7001909