Monthly KernelCare Update - June 2020

Published Jul 6, 2020 4:00:00 PM / Last update: Jul 6, 2020
by Alexandra Mitroshkina posted in monthly updates

0 Comments

Every month we do a lot of under-the-hood improvements to KernelCare which you may not notice, but trust us, it makes your KernelCare experience better. We've decided to share such updates with you on a monthly basis. Read the June update in this article.

Read More

New Kernel Vulnerability Found by Virtuozzo Live-Patched by KernelCare

Published Jul 6, 2020 2:00:00 PM / Last update: Jul 6, 2020
by KernelCare Team posted in CVE

0 Comments

A month ago, Virtuozzo's Team discovered the new security vulnerability in the kernel - CVE-2020-14305. It corrupts the memory in kernels from v3.5 to v4.10 and affects various Linux distributions. KernelCare is preparing the patches for this CVE which will be available this week. Read this article to learn about how the vulnerability was discovered and what is the mitigation for it.

Read More

Benefits and Future of Working from Home [Podcast]

Published Jul 1, 2020 4:00:00 PM / Last update: Jul 1, 2020
by KernelCare Team posted in Podcast

2 Comments

In this podcast episode, KernelCare CEO Igor Seletskiy talks with Gaper.io’s Mark Allen about CloudLinux, and why it’s a fully remote company. In this article you will find a podcast recording and an overview of what they talked about during their conversation. 

Read More

Why Rebootless Updates are Important for Servers [Podcast]

Published Jun 26, 2020 8:58:07 PM / Last update: Jun 26, 2020
by KernelCare Team posted in Podcast

0 Comments

On 18 June, KernelCare CEO Igor Seletskiy was interviewed by Adam Torres on his Mission Matters Innovation podcast. The topic was rebootless updates, and why they’re important for servers. In this blog post you will find the answer to this question and an overview of what other insights were discussed during the podcast.

Read More

Updating Linux Kernel Without Reboots [Live Patching Tools Overview]

Published Jun 26, 2020 4:16:00 PM / Last update: Jul 9, 2020
by KernelCare Team posted in KernelCare Blog

0 Comments

Updating Linux kernels is a routine – as dull as taxes and only slightly less inconvenient than death. New security vulnerabilities in the Linux kernel seem to appear with tedious regularity and even get fancy names. In most but not all cases, the patches needed to fix them follow swiftly after. There is work involved in patching the kernel the latest Linux kernel security updates, and danger if you delay–leave it too long and bad actors might take advantage of the period of vulnerability.

Read More

Stack unwinding in AArch64 processors: what is it and how it works

Published Jun 25, 2020 2:50:02 PM / Last update: Jun 29, 2020
by Nikita Popov posted in iot, Developer Blog

0 Comments

For the past nine months, KernelCare’s Linux kernel live patching software has supported ARMv8 (AArch64) in addition to x86_64 (Intel IA32/AMD AMD64). To get KernelCare running on Arm, we needed a stack frame unwinder.

This article explains what they are, what they’re used for, and why we had to write our own.

Read More

Developer Tutorial: Live patching Ubuntu 20.04 LTS Focal Fossa Linux kernel with Kpatch

Published Jun 23, 2020 1:37:42 PM / Last update: Jul 4, 2020
by KernelCare Team posted in Developer Blog

0 Comments

Live patching is a way of updating a Linux kernel without interruption. Because kernel updates don’t take effect until the system is rebooted, Linux kernel live patching is most commonly used to patch severe Linux kernel vulnerabilities without rebooting servers.

Aside from improved service continuity and uptime, organizations with large server fleets also use live patching to avoid the administrative overhead associated with the coordination and planning needed to reboot multiple systems.

This tutorial will show how to use Kpatch to change the behavior of a running Ubuntu 20.04 LTS Focal Fossa kernel without stopping it, changing the contents of /proc/uptime (and the uptime command) so that the system’s reported uptime is 10 years greater.

Read More

KernelCare Patches Against Spectre Vulnerability Are On The Way

Published Jun 22, 2020 1:51:18 PM / Last update: Jun 22, 2020
by KernelCare Team posted in Spectre, CVE

0 Comments

On 9 June, Anthony Steinhauser, an engineer at Google, made some urgent posts to the Linux kernel mailing list. In them, he pointed out that hardware bugs in Intel and AMD chips are leaving servers vulnerable to Spectre exploits--even after the kernel is patched. Fortunately, a fix for this problem is being developed by the KernelCare team. First patches will be available by the end of the week of 22 June.

Read More

Live Patching Linux On AWS EC2

Published Jun 19, 2020 4:07:36 PM / Last update: Jun 19, 2020
by KernelCare Team posted in AWS KernelCare

0 Comments

CloudLinux is an Amazon Web Services (AWS) Advanced Technology Partner, and our live patching system, KernelCare, is currently being used to patch AWS Elastic Compute Cloud (EC2) systems.

How does KernelCare patch Linux kernels on AWS EC2 servers? Read on to find out. 

Read More

New Version of KernelCare ePortal has been Released

Published Jun 18, 2020 10:57:28 AM / Last update: Jun 18, 2020
by KernelCare Team posted in ePortal

0 Comments

A new version of KernelCare ePortal allows using custom paths for certificates and uses system certificates by default, as opposed to the previous version which worked with certificates from certifi lib.

Read More

    cover for blog

    Download Whitepaper

    Subscribe to Email Updates

    Recent Posts