LibraryCare

Rebootless security updates for shared libraries

TALK TO AN EXPERT

To securely operate servers, it’s not enough to patch their Linux kernels. Their shared software libraries must be patched as well. Otherwise, an enterprise lays itself open to attacks that exploit vulnerabilities such as Heartbleed or GHOST. Enterprises usually deal with library vulnerabilities by rebooting their servers or restarting the applications. This causes downtime and windows of exposure. Admins rarely know the exact libraries that services were using, so they just reboot the whole server to update them.

If servers have been patched manually, shared libraries may still contain vulnerabilities without a reboot. When libraries are updated on disk, old unpatched files can persist in a server’s memory. Vulnerability scanners don’t detect these old unpatched library files in memory.

Out-of-the-box Integrations

You can integrate KernelCare Enterprise with leading patch management and vulnerability scanning tools with Nessus, Qualys, Rapid7, Puppet, Ansible, Chef, Datadog, and Crowdstrike

    • HEARTBLEED
    • Attackers exploiting this OpenSSL request validation flaw could read a server’s memory, then gain control of it. This vulnerability still exists on many systems, even though patches for it have been available since 2014.
    • GHOST
    • Attackers exploiting this glibc buffer overflow flaw could use gethostby functions to make network requests that enabled them to gain control of a server.
    • CVE-2021-22876
    • 20-year-old vulnerability, that allows a specially configured web server to have access to credentials entered in a different web server, through improper behavior in libcurl.

Pricing

  • $1.95 Monthly
  • $19.50 Yearly(-15%)
TALK TO AN EXPERT

TuxCare Live Patching Services Available
for All Major Linux Distributions

With 40+ Linux distributions supported by TuxCare, IT teams can be sure all enterprise systems stay compliant, without service interruptions.

For a complete list of supported kernels and patches, visit this page

Live Patching Services from TuxCare

KernelCare Enterprise

Automated live patching for Linux kernels, with centralized management and common automation and vulnerability management tools integration.

LEARN MORE

KernelCare IoT

Provides live patching for Linux kernels in IoT devices without disrupting ongoing processes and operations.

LEARN MORE

QEMUCare

Protects enterprise virtualization stack with live patching that does not affect virtual machines or requires migrating them to other servers.

LEARN MORE

DBcare

DBcare keeps the most important enterprise asset, data, safe by live patching the database server without needing to restart the database or any applications using it.

LEARN MORE

Add More Security to your Enterprise
Infrastructure with other TuxCare solutions

Extended Lifecycle Support for Linux End of Life
Extended Lifecycle Support for Linux End of Life

Eliminate security vulnerabilities while running end of life Linux

LEARN MORE
Linux Support Services
Linux Support
Services

Keep all components of production Linux systems always up-to-date

LEARN MORE

Talk to a TuxCare Expert