KernelCare Blog - CloudLinux Blog
KernelCare Blog

unnamed

Why you should automate Linux kernel updates

unnamed
Linux doesn't self-update. The major vendors support unattended updates, but kernel patches mean reboots. An unpatched kernel is a vulnerable one. This article on KernelCare.com looks at the dilemma Linux system administrators face in trying to keep servers safe without rebooting them, and what they can do to resolve it.  
  918 Hits
  0 Comments
RSAC 2019

KernelCare at 2019 RSA Conference

RSAC 2019
Come and meet  KernelCare at the 2019 RSA Conference in San Fran, USA, March 4-8. Register for free with our promo code XEU9CLDLNX . CEO Igor Seletskiy and CRO Jim Jackson will be there. There’ll be a raffle, too! More details  here .
  549 Hits
  0 Comments
vulnerability7

Major 9.8 vulnerability affects multiple Linux kernels— CVE-2019-8912 (af_alg_release())

vulnerability7
The KernelCare team are tracking a new vulnerability, CVE-2019-8912 . Our assessment is that the cause is this commit , the introduction of a " sockfs_setattr() "  function. This function neglects to null-out values in a structure, making their values usable after exiting from the function (a so-called ‘use-after-free’ error). Our team have al...
Continue reading
Recent Comments
Igor Seletskiy
Correct. We initially thought that it was, but after detailed investigation figured out that only kernels 4.9 and higher are affec... Read More
Friday, 22 February 2019 19:06
Igor Seletskiy
CloudLinux 6 / CentOS 6 are not affected. SecurityFocus is wrong. We posted this post partially based on info from securityfocus. ... Read More
Friday, 22 February 2019 22:54
  5956 Hits
  7 Comments
vulnerability_huge3

CVE-2019-8912

vulnerability_huge3
We have started working on patching CVE-2019-8912. We expect to start releasing patches for different kernels on Friday, 22nd February 2019, with all kernels patched up by Sunday.   We will provide more information as it becomes available. https://nvd.nist.gov/vuln/detail/CVE-2019-8912
  3500 Hits
  0 Comments
KernelCare / KVM crash on EL6

KernelCare / KVM crash on EL6

KernelCare / KVM crash on EL6
The latest KernelCare patchset for EL6 distributions had a bug that triggered crashes KVM hosts in some of the configurations. The patch was rolled back within ~50 minutes, and only a small number of customers were affected. No customers on delayed feeds were affected: http://docs.kernelcare.com/ index.html?delayed_feed.htm   No customers on e...
Continue reading
  2007 Hits
  0 Comments
5 Bad Reasons to Update Your Linux Kernel

5 Bad Reasons to Update Your Linux Kernel

5 Bad Reasons to Update Your Linux Kernel
A Linux kernel update is not to be taken lightly—change means risk. Whatever reasons you think you might have, there is really only one that matters. I tell you what it is in this blog post .
  1361 Hits
  0 Comments
L1 Terminal Fault (L1TF) patches are available in TEST feed

L1 Terminal Fault (L1TF) patches are available in TEST feed

L1 Terminal Fault (L1TF) patches are available in TEST feed
We are glad to announce that the patches for the fix of L1 Terminal Fault (L1TF) are now available for download from our test feed. The patches are ready for the following distros: RHEL6 OpenVZ CloudLinux 6 Hybrid Oracle Enterprise Linux 6 Oracle Enterprise Linux 7 CentOS 7 CentOS 6 CentOS 6 Plus CloudLinux 6 CloudLinux 7 To deploy them, edit /etc/...
Continue reading
  1159 Hits
  0 Comments
Tags:

Release note of kernelcare 2.16-1

We are going to release kernelcare 2.16-1 with updated user text output. In case you have any automation set-up based on the system messages, you can review new messages here    To apply updates run: yum update kernelcare
  963 Hits
  0 Comments
The worst-kept secret (your password)
Tags:

The worst-kept secret (your password)

The worst-kept secret (your password)
Ineffective passwords continue to be a significant cause of cybersecurity breaches, despite the wealth of advice issued by governments and security companies, and despite the prevalence of password management programs and the enforcement of strict password policies. The latest article by Imunify360’s Greg Zemskov looks into the psychology behind pa...
Continue reading
  1252 Hits
  0 Comments
Kernel Update Methods: 3 Different Ways

Kernel Update Methods: 3 Different Ways

Kernel Update Methods: 3 Different Ways
If variety is the spice of life, then you'll want to know all about the different ways you can update a Linux kernel. This blog post runs the gamut, from a standard command-line update, through the use of 'kexec', and onto the live-patching solutions of which KernelCare is but one. It's a topic that straddles both security and stability: security, ...
Continue reading
  1170 Hits
  0 Comments