Tag: KernelCare Blog

Our April 2021 blog post is out. We’ve got lots to tell you about, so let’s get started. First up, we highlight UChecker, a tool that checks for vulnerable libraries in your Linux system. Next up is the monthly CVE report. This month, a 20-year-old vulnerability rears its ugly head, and a BPF code vulnerability reveals itself. Next, we’ve updated the KernelCare ePortal. This month we have a guest article about securing your non-commercial IoT devices. We also focus on two informative videos. Last but not least, CentOS AlmaLinux to receive CloudLinux support.

---

Continue reading “Monthly KernelCare Update – April 2021”

In this month’s update, we highlight CVEs that just won’t die. We’ve also published some critical information regarding live patching the Microsoft Azure IoT Hub with KernelCare IoT integrations. Additionally, we know many still love their old, unsupported distros. The KernelCare team presents an in-depth checklist on how to upgrade an unsupported OS. Keep reading for more details or watch a quick video recap.
. Continue reading “Monthly KernelCare Update – March 2021”

We know that frequently updating Linux kernels is critical to the safety of cloud environments – kernels are, after all, a cybersecurity blind spot. But updating kernels is time-consuming and often requires a server restart which can disrupt services.

Continue reading “Amazon Kernel Live Patching: Overview of Live Patching for Enterprise”

Cloud provisioning has steadily replaced locally hosted servers. It’s simply much faster, and often cheaper, to fire up cloud-hosted Linux VMs to handle workloads and to scale in response to demand. Continue reading “Cloud Servers Need Updating Too”

There are currently a whole host of live patching tools on the market. Such options vary significantly in cost, with some significantly more affordable or expensive than others. Moreover, there are live patching tools that are more suitable for only one or two distributions, and then there are distribution-agnostic tools. So much variety can make it challenging to select the perfect option for your business.

Continue reading “kpatch: Overview of Enterprise Live Patching Services”

Server live patching is an essential tool that reduces system downtime, lowers maintenance expenses, and enhances security. Initially introduced in 2008, live patching is an automatic system for applying kernel security patches that does not necessitate rebooting. This allows users to avoid any server compromisation or security vulnerabilities during a patch update. And with server configuration management tools, every server can be automatically updated at the same time, effectively eliminating a host of significant cybersecurity blindspots. Continue reading “Canonical Livepatch: Overview of Enterprise Live Patching Services”

 

Before 2008, the only way to install new patches to Linux kernels was the yum update kernel command. It quickly became clear that those who use 24/7 servers would become annoyed by constant updates, as would the administrators who had to update hundreds of servers manually. The only solution for downtime was to delay the installation until the weekend, which gave hackers enough time to exploit vulnerabilities.

The commercial history of kernel live patching started with Ksplice. Nowadays, besides Linux kernels, Ksplice also releases patches for shared libraries and APIs. These patches can be applied live as long as they do not make changes to the data’s infrastructure. 

Continue reading “Ksplice: Overview of Enterprise Live Patching Services”

KernelCare is now available with a 15% discount as part of a package with CloudLinux’s extended lifecycle support (ELS)* for CentOS® 6. This KernelCare & CentOS® 6 ELS package provides security protection to organisations still running CentOS® 6 after November of 2020 when the OS reaches its end-of-life. 

Continue reading “Buy KernelCare with a Discount in CentOS® 6 ELS Bundle”

Updating Linux kernels is a routine – as dull as taxes and only slightly less inconvenient than death. New security vulnerabilities in the Linux kernel seem to appear with tedious regularity and even get fancy names. In most but not all cases, the patches needed to fix them follow swiftly after. There is work involved in patching the kernel the latest Linux kernel security updates, and danger if you delay–leave it too long and bad actors might take advantage of the period of vulnerability.

Continue reading “Updating Linux Kernel Without Reboots [Live Patching Tools Overview]”