We are pleased to announce that a new updated KernelCare agent version 2.61-1 is now available.
Many high-level technologies in the IT industry, in fact most of them, are built on top of existing features. Containers are a prime example of this. This lightweight virtualization layer is built on top of a foundation that, among other things, relies heavily on cgroups. Cgroups, aka control groups, are an abstraction that allows specific system components like memory, CPU, or networking to be separated by access levels. This is useful for hiding parts of the system from specific processes running on it, enabling some processes to run “isolated” from the rest of the system or “inside a container”.
But this layering of technologies brings some risks. When a vulnerability that affects one of the foundation components appears, the whole stack is potentially vulnerable. This is what happened with CVE-2022-25636, a recently divulged vulnerability that affects the cgroups’ networking code. It impacts distributions running Kernel 4.18.0-240.el8 and above (RHEL 8 and derivatives like AlmaLinux 8, CentOS 8, Oracle EL 8, as well as Ubuntu and others). It allows privilege escalation for local users. KernelCare Enterprise patches will be made available soon and this post will be updated to reflect such availability as it happens.
The TuxCare Team is always looking for new ways to improve the experience provided by our products. A pain point we identified was the amount of storage space required to hold KernelCare patchsets and the network bandwidth required to transfer that information to ePortal deployments.
One of the improvements currently being developed is the ability to configure ePortal to function in a new cache mode, where full functionality is retained while reducing storage requirements by up to 80% in some scenarios.
Samba, the widely used file sharing tool, has a well-established presence, especially in mixed system environments, where file shares have to be accessed from different operating systems. Like NFS, it has a well-deserved reputation for compatibility, availability, and, most importantly, security.
High-profile services like Samba are enticing targets for attackers, and vulnerabilities found in these services can often have far-reaching consequences that are sometimes lost in the noise around CVE announcements. CVE-2021-44142, one of the recently disclosed vulnerabilities affecting Samba, has managed to rise above the rest. It is a remotely exploitable vector that could trigger remote code execution. Does anyone else remember Log4j?
We are pleased to announce that a new updated ePortal version 1.31-1 is now available.
We are pleased to announce that a new updated KernelCare agent version 2.60-2 is now available.
Delivering solutions in complex technology environments means balancing many competing priorities, both internal and external. There’s always a risk that the customer experience takes a back seat, with predictable consequences.
That’s why CX – customer experience – has become such a hot topic across the tech industry as vendors try to find ways to improve and maintain the customer experience.
Here at TuxCare we recognize that, beyond just delivering industry-leading technology, we also need to deliver an outstanding customer experience. That’s why, in 2021, we appointed David Mello as Chief Experience Officer (CXO) for TuxCare.
David joined us to make sure that the customer’s voice gets heard every step of the way – from the boardroom, right through to the individual TuxCare staff members that make our products great. In this article, we outline the role of our CXO, what we achieved so far, and why it matters so much for our customers.
Welcome to the January instalment of our monthly news round-up, bought to you by TuxCare. Proud to be a trusted maintenance service provider for the Enterprise Linux industry. Our live patching solutions maximize system security and uptime while minimizing maintenance workload and system disruption.