You notice when logging into a linux system that sisamddaemon uses a large amount of CPU and memory resources.
The memory usage will continue to increase until OOM killer eventually kills the process.
/var/log/messages
Mar 4 13:46:24 sepclient01 kernel: Out of memory: Killed process 114761 (sisamddaemon) total-vm:18100244kB, anon-rss:7493384kB, file-rss:0kB, shmem-rss:4924kB, UID:0 pgtables:31148kB oom_score_adj:0
The issue can be reproduced on any ssh login attempt. The issue does not happen if you disable EDR.
Release : 14.3.2147.4000
Component : EDR
This issue is resolved with the latest definitions which include SEF engine version 1.7.9.37. To check the engine version, run the following command:
/opt/Symantec/sdcssagent/AMD/tools/sav info -e
An additional memory optimization fix is also available in product version 14.3.2167.4000.
CRE-9357