We are glad to announce that the patches for the fix of L1 Terminal Fault (L1TF) are now available for download from our production feed.
The patches are ready for the following distros:
- CloudLinux 6 Hybrid
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 7
- CentOS 7
- CentOS 6
- CentOS 6 Plus
- CloudLinux 6
- CloudLinux 7
To deploy them, edit /etc/sysconfig/kcare/kcare.conf by adding the following string:
Then run the following command:
- Zombieload 2: KernelCare Team is on it!
- Zombieload 2: The Patches for CVE-2018-12207 are in the Test Feed!
- SWAPGS: KernelCare patches on the way
- RIDL – Another MDS Attack that Live Patching Would Have Saved You From
- QEMU-KVM vhost/vhost_net Guest to Host Kernel Escape Vulnerability
- New vulnerability found in Linux kernel, patched by KernelCare
- SACK Panic & Slowness: KernelCare Live Patches Are Here
- Intel DDIO ‘NetCat’ Vulnerability Report
- Fallout – the MDS Side Channel Attack That Isn’t Zombieload
KernelCare is a live patching system that patches Linux kernel vulnerabilities automatically, with no reboots. It’s used on over 300,000 servers, and has been used to patch servers running for 6+ years. It works with all major Linux distributions, such as RHEL, CentOS, Amazon Linux, and Ubuntu. It also interoperates with common vulnerability scanners such as Nessus, Tenable, Rapid7, and Qualys. To talk with a consultant about how KernelCare might meet your enterprise’s specific needs, contact us directly at [email protected].