Monthly KernelCare Update – March 2021

In this month’s update, we highlight CVEs that just won’t die. We’ve also published some critical information regarding live patching the Microsoft Azure IoT Hub with KernelCare IoT integrations. Additionally, we know many still love their old, unsupported distros. The KernelCare team presents an in-depth checklist on how to upgrade an unsupported OS. Keep reading for more details or watch a quick video recap.
.

{% video_player “embed_player” overrideable=False, type=’scriptV4′, hide_playlist=True, viral_sharing=False, embed_button=False, autoplay=False, hidden_controls=False, loop=False, muted=False, full_width=True, width=’1920′, height=’1080′, player_id=’44341854981′, style=” %}

Old and New Exploits Abound!

March was a busy month for CVE research and identification. Turns out Spectre is still a threat, and three new Zombie Kernel Bugs were identified. Not to mention the relisting of the Mmap Kernel Vulnerability. For in-depth analyses, check out the links below.

Mmap Kernel Vulnerability is Relisted

Three More Zombie Kernel Bugs Prove Why You Must Patch Consistently

Thought Spectre is history? It’s still alive, and Kicking

Two more vulnerabilities uncovered in OpenSSL

Extended Lifecycle Support service providing updated OpenSSL to address CVE-2021-23841

A maliciously created X509 certificate with specially crafted Issuer and Serial Numbers fields can potentially cause OpenSSL failure that in turn spits out a NULL value. This can cause a crash from the application calling the function. OpenSSL does not call functions; only the third-party application is at risk of the exploit. Head over to the blog and find out what KernelCare is doing to alleviate this persistent threat.

The IoT and industrial control systems (ICS) are revolutionizing how industries automate by offering low power and low-cost computing. This comes with a price. ICS devices running on the IoT can be a management and security nightmare. Microsoft has stepped in to offer the Azure IoT Hub helps organizations catalog, manage, and integrate large fleets of IoT devices. In closing a service gap, we are excited to announce that KernelCare for IoT fully integrates with Device Update for the Azure IoT Hub from Microsoft. Find out more here.

Last but Not Least—AlmaLinux

Just in case you missed it, we released AlmaLinux OS, a new community-driven distro on 30 March to much fanfare. You can install KernelCare on the AlmaLinux OS for security fixes with no downtime. Always available and always secure.

Get a FREE 7-Day Supported Trial of KernelCare 

Do not forget to check out previous KernelCare updates:

Monthly KernelCare Update – August 2020

Monthly KernelCare Update – September 2020

Monthly KernelCare Update – October 2020

Monthly KernelCare Update – November 2020

Monthly KernelCare Update – December 2020

Monthly KernelCare Update – January 2021

Monthly KernelCare Update – February 2021