Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: Resource Leak Related to Network Connections

Endpoint Standard: Resource Leak Related to Network Connections

Environment

  • Carbon Black Cloud Windows Sensor: Versions 3.6.0.1791 and 3.6.0.1897
    • Endpoint Standard (formerly CB Defense)
  • Microsoft Windows: All Supported Versions

Symptoms

  • Carbon Black sensor, repmgr.exe, handle count increases continuously without reduction or bound
  • System may eventually crash, hang, or experience performance degradation as resources are eventually overwhelmed

Cause

This issue is the result of a code flaw in the specified sensor versions which causes the resource leak (DSEN-11344)

Resolution

  • The resource leak is fixed in sensor versions 3.6.0.1941 and later
  • A reboot of the machine or a restart of repmgr.exe resets the handle count to zero, and can be used as a work-around until the sensor version can be upgraded

Additional Notes

  • We strongly recommend customers upgrade to the latest sensor release as soon as possible
  • Customers with only Enterprise EDR (formerly CB ThreatHunter) and/or Audit and Remediation (formerly CB LiveOps) are not impacted

Related Content


Was this article helpful? Yes No
100% helpful (4/4)
Article Information
Author:
Creation Date:
‎11-12-2020
Views:
3371
Contributors