Carbon Black Cloud sensor with XDR feature enabled might start causing servers to crash under high network I/O load, with similar stack trace like below:

STACK_TEXT: 
ffffe904`d4e558d8 fffff807`1f644129     : 00000000`00000139 00000000`00000003 ffffe904`d4e55c00 ffffe904`d4e55b58 : nt!KeBugCheckEx
ffffe904`d4e558e0 fffff807`1f6446b2     : ffffd888`dda57220 fffff807`26cdcbee 00000000`00000018 ffffd888`dd9f58e0 : nt!KiBugCheckDispatch+0x69
ffffe904`d4e55a20 fffff807`1f6424f3     : 00000000`00000002 ffffb70a`5bfc50a0 00000000`00000000 00000000`01800080 : nt!KiFastFailDispatch+0xb2
ffffe904`d4e55c00 fffff807`26cfdd80     : 00000000`00000000 01000000`00000000 6423233d`df1c071c ffffb70a`5b1cdd98 : nt!KiRaiseSecurityCheckFailure+0x333
ffffe904`d4e55d90 fffff807`26cfe3f7     : ffffb70a`58b17f30 ffffe904`d4e55e99 ffffb70a`558c1080 ffffb70a`55adf428 : ctinet+0x8dd80
ffffe904`d4e55e20 fffff807`26cfd35b     : ffffb70a`55adf428 ffffe904`d4e42390 ffffb70a`55adf428 7e090a7b`00000002 : ctinet+0x8e3f7
ffffe904`d4e55f00 fffff807`1f6333ce     : ffffe904`d4e55fb1 ffffe904`d4e56000 090c7909`8c7d0a15 ffffb70a`558c1080 : ctinet+0x8d35b
ffffe904`d4e55f60 fffff807`1f63338c     : ffffe904`d4e55fb1 ffffb70a`558c1080 00000000`00000000 fffff807`1f56b46b : nt!KxSwitchKernelStackCallout+0x2e
ffffe904`d4e42390 fffff807`1f56b46b     : ffffe904`d4e55fb1 ffffb70a`558c1080 ffffe904`d4e56000 ffffb70a`558c1080 : nt!KiSwitchKernelStackContinue
ffffe904`d4e423b0 fffff807`1f56b29b     : fffff807`26cfd2c0 ffffb70a`55adf428 00000000`00000000 6e61422e`00000002 : nt!KiExpandKernelStackAndCalloutOnStackSegment+0x19b
ffffe904`d4e42440 fffff807`1f56b0b3     : fffff807`26cfd200 ffffb70a`55adf428 6e61422e`00000000 ffffb70a`4b29a040 : nt!KiExpandKernelStackAndCalloutSwitchStack+0x13b
ffffe904`d4e424b0 fffff807`1f56b06d     : fffff807`26cfd2c0 ffffb70a`55adf428 ffffb70a`55adf428 5845006e`65472e5a : nt!KeExpandKernelStackAndCalloutInternal+0x33
ffffe904`d4e42520 fffff807`26cfd228     : 00140451`008102fe 00000002`00000048 00000000`00000004 6f6c6e61`422e4156 : nt!KeExpandKernelStackAndCalloutEx+0x1d
ffffe904`d4e42560 fffff807`1f4b1d45     : ffffb70a`558c1080 fffff807`26cfd200 ffffb70a`55adf428 64616f6c`6e614200 : ctinet+0x8d228
ffffe904`d4e425b0 fffff807`1f6337d8     : ffffc881`0a308180 ffffb70a`558c1080 fffff807`1f4b1cf0 562e6461`6f6c6e61 : nt!PspSystemThreadStartup+0x55
ffffe904`d4e42600 00000000`00000000     : ffffe904`d4e43000 ffffe904`d4e3c000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28

Carbon Black Cloud sensor 4.1.0

Race Condition that is leaving the sensor in an inconsistent state due to defect CRE-22422.

Disable XDR for the policies to which the sensors are assigned.

The Defect CRE-22422 will be fixed in 4.2