Help

10.13.2 kernel panic or boot loop

Go to solution
pdanielewski
New Contributor II

Posted on ‎12-06-2017 12:25 PM

We've had multiple JSS managed computers kernel panic after installing 10.13.2

The computer installs the update, requires a restart, and after FV2 drive unlock either goes into a boot loop or kernel panics. Has anyone else seen this? What's the solution here?

0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
osxadmin
Contributor II

Posted on ‎12-06-2017 12:28 PM

@pdanielewski it might be due to an "antivirus/antimalware" software that you have installed.
for example Cb Response this is what they have:

Based on internal testing, if you update to 10.13.2 Beta with the Cb Response MacOS sensor installed, you will experience a kernel panic on boot. In order to make affected machines usable again, you will need to boot into Safe Mode on each affected machine, remove the Cb Response kexts manually, and then restart. Please do not upgrade to MacOS 10.13.2 Beta on any system with Cb Response installed until we provide a sensor version that officially supports this new OS version. Please follow this post for updates and additional details.

View solution in original post

Reply
7 REPLIES 7

Go to solution
osxadmin
Contributor II

Posted on ‎12-06-2017 12:28 PM

@pdanielewski it might be due to an "antivirus/antimalware" software that you have installed.
for example Cb Response this is what they have:

Based on internal testing, if you update to 10.13.2 Beta with the Cb Response MacOS sensor installed, you will experience a kernel panic on boot. In order to make affected machines usable again, you will need to boot into Safe Mode on each affected machine, remove the Cb Response kexts manually, and then restart. Please do not upgrade to MacOS 10.13.2 Beta on any system with Cb Response installed until we provide a sensor version that officially supports this new OS version. Please follow this post for updates and additional details.
Reply

Go to solution
pdanielewski
New Contributor II

Posted on ‎12-06-2017 12:34 PM

We're investigating now further.

0 Kudos
Reply

Go to solution
JPDyson
Valued Contributor

Posted on ‎12-06-2017 12:46 PM

Can you share some of the output from the dump - at least what was in the backtrace?

Focus on anything you're deploying that's a non-MAS app, in particular if you know it installs kexts.

0 Kudos
Reply

Go to solution
pdanielewski
New Contributor II

Posted on ‎12-06-2017 12:59 PM

Confirmed. It was our antivirus/antimalware agent causing the problem. Thank you!

0 Kudos
Reply

Go to solution
osxadmin
Contributor II

Posted on ‎12-06-2017 01:01 PM

@pdanielewski perfect!

if you are planning on blocking update 10.13.2 do you mind sharing that....I'm having a hard time trying to block 10.13.2 for our macs that currently have 10.13 and 10.13.1

thank you.

0 Kudos
Reply

Go to solution
pdanielewski
New Contributor II

Posted on ‎12-06-2017 01:01 PM

@JPDyson we didn't have time to dig in much more. Only one of the affected computers was nearby to test, and we had already started wiping it as this was an important user who needed a quick solution. BTW, a reinstall without wipe obviously didn't work.

However, we found an article on our EP vendor's page outlining a problem and we verified with remote users that removing the EP client in recovery mode brought the computer "back to life".

0 Kudos
Reply

Go to solution
hulsebus
New Contributor III

Posted on ‎12-07-2017 10:31 AM

I know this was marked 'Solved', but we're experiencing the same problem with some non-AV software. Haven't gotten too deep you but the software is loading a kernel module and whenever the module enables (during bootup or with a manual safe-mode gui install) it panics. We're using a version that is supposed to be 10.13 compatible...? 10.13 and 10.13.1 are working fine.

0 Kudos
Reply