Hello Everyone,
Like probably several other Enterprise customers and more, we have been bitten by a bug with regards to VPN and Endpoint Security and the new M5 / M5 Pro SoCs shipping in the latest MacBook devices.
I have raised the following feedback IDFB22753954 (which itself references an internal issue I believe, if we need to mark it as a dupe: 172793638 ).
The technical sequence leading to the crash is as follows I believe:
- The macOS system process neagent successfully initializes the GlobalProtect network extension.
- The GP Network extension transitions from an 'inactive' state to a 'running' state.
- As network traffic begins flowing through the extension, a critical flaw in the macOS kernel's memory allocation (specifically related to the Apple Network Extension framework) is triggered.
- This memory management failure at the kernel level results in a kernel panic at an unpredictable point during packet processing.
Because this is a core operating system vulnerability, any third-party application or security solution that leverages Apple's Network Extension framework is susceptible to these crashes. This has been confirmed across multiple vendors within the cybersecurity industry from what I understand.
Thank you in advance for your help!
Kind Regards,
Goffredo