<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=645174729237247&amp;ev=PageView&amp;noscript=1">
We are updating the structure and design of KernelCare blog for your convenience. Today, you may experience some text formatting inconvenience which will be fixed shortly.
Latest Articles

KernelCare supports AlmaLinux OS

KernelCare supports AlmaLinux OS

KernelCare added support for AlmaLinux OS. This new linux distribution is a community driven project that intends to fill the gap left by the change in direction of CentOS, in terms of stability and support. It is a stable enterprise-grade server OS, with long support windows. Forever free and open-source, AlmaLinux OS is backed by CloudLinux and has a growing community gathering around it, helping guide it's direction and strategy. Alma means soul in some latin-based languages and the name aims to celebrate the soul of linux - it’s users and community.

 

KernelCare supports AlmaLinux OS

KernelCare supports AlmaLinux OS

KernelCare added support for AlmaLinux OS. This new linux distribution is a community driven project that intends to fill the gap left by the change in direction of CentOS, in terms of stability and support. It is a stable enterprise-grade server OS, with long support windows. Forever free and open-source, AlmaLinux OS is backed by CloudLinux and has a growing community gathering around it, helping guide it's direction and strategy. Alma means soul in some latin-based languages and the name aims to celebrate the soul of linux - it’s users and community.

 

How to migrate your KernelCare license to a new server

How to migrate your KernelCare license to a new server

 

 

KernelCare is a solution to the problem of applying patches in a timely manner and keeping your system running without disruption, but sometimes you have to replace a server or migrate the service to another system. This short guide will show you how to move your KernelCare license to the new server.

How to migrate your KernelCare license to a new server

How to migrate your KernelCare license to a new server

 

 

KernelCare is a solution to the problem of applying patches in a timely manner and keeping your system running without disruption, but sometimes you have to replace a server or migrate the service to another system. This short guide will show you how to move your KernelCare license to the new server.

Understanding the new AF_VSOCK Linux kernel vulnerability

Understanding the new AF_VSOCK Linux kernel vulnerabilityThe discovery of a new Linux kernel vulnerability is not a major surprise in its own right. It happens all the time. However, sometimes it appears as if, whenever a security researcher goes looking, the researcher discovers a new, serious vulnerability in the Linux kernel – and that it happens just too often for comfort.

This February, a new vulnerability was reported in a relatively obscure corner of the Linux kernel – in a function that facilitates communications between virtual machine host and guest. Though just discovered, it is already listed as CVE-2021-26708.

In this article we outline the vulnerability, explain how it emerged, and point to the potential risks the new vulnerability holds.

Understanding the new AF_VSOCK Linux kernel vulnerability

Understanding the new AF_VSOCK Linux kernel vulnerabilityThe discovery of a new Linux kernel vulnerability is not a major surprise in its own right. It happens all the time. However, sometimes it appears as if, whenever a security researcher goes looking, the researcher discovers a new, serious vulnerability in the Linux kernel – and that it happens just too often for comfort.

This February, a new vulnerability was reported in a relatively obscure corner of the Linux kernel – in a function that facilitates communications between virtual machine host and guest. Though just discovered, it is already listed as CVE-2021-26708.

In this article we outline the vulnerability, explain how it emerged, and point to the potential risks the new vulnerability holds.

Identify, mitigate & prevent buffer overflow attacks on your systems

How to identify, mitigate and prevent buffer overflow attacks on your systemsBuffer overflow vulnerabilities remain a common way in which cyber criminals gain illegal entry into computer systems. According to the National Vulnerability Database, there has been a steady increase in reported buffer overflow vulnerabilities over the decades – with 842 reported just last year.

Identify, mitigate & prevent buffer overflow attacks on your systems

How to identify, mitigate and prevent buffer overflow attacks on your systemsBuffer overflow vulnerabilities remain a common way in which cyber criminals gain illegal entry into computer systems. According to the National Vulnerability Database, there has been a steady increase in reported buffer overflow vulnerabilities over the decades – with 842 reported just last year.

Patches for CVE-2021-26708 are being delivered

patches for CVE-2021-26708 are being delivered

 

A new week, a new vulnerability announced. This time, it affects kernels starting from version 5.5-rc1 (November 2019) up 5.10.13 (February 2021).


This vulnerability is an improperly handled race condition in the AF_VSOCK implementation, a kernel facility available to unprivileged users that is shipped as a kernel module in all major distributions.

Patches for CVE-2021-26708 are being delivered

patches for CVE-2021-26708 are being delivered

 

A new week, a new vulnerability announced. This time, it affects kernels starting from version 5.5-rc1 (November 2019) up 5.10.13 (February 2021).


This vulnerability is an improperly handled race condition in the AF_VSOCK implementation, a kernel facility available to unprivileged users that is shipped as a kernel module in all major distributions.

Patch Raspberry Pi systems without a reboot for free with KernelCare

Cover-1 (1)-minYour Raspberry Pi might be a hobby or a critical part of your home network, but regardless of its purpose it can be a target for hackers. You may be familiar with common security for Raspberry Pi such as requiring a password to use sudo, changing the default sudo password, changing your default username, and the use of key-based authentication for SSH. These strategies improve your security, but the most critical part of Raspberry Pi protection is keeping it up to date with the latest security patches. KernelCare will help you live patch your Raspberry Pi device automatically for free.

Patch Raspberry Pi systems without a reboot for free with KernelCare

Cover-1 (1)-minYour Raspberry Pi might be a hobby or a critical part of your home network, but regardless of its purpose it can be a target for hackers. You may be familiar with common security for Raspberry Pi such as requiring a password to use sudo, changing the default sudo password, changing your default username, and the use of key-based authentication for SSH. These strategies improve your security, but the most critical part of Raspberry Pi protection is keeping it up to date with the latest security patches. KernelCare will help you live patch your Raspberry Pi device automatically for free.

Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)

Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)

Linux vulnerabilities pile up. Year in, year out. You could say it’s inevitable really, given today’s complex computing environment. It is nonetheless frustrating when the same critical elements of the Linux OS kernel continue to surface as a vulnerable area.

Up to and including 2020, there are fourteen listed CVEs that cover the Linux futex implementation. Granted, futexes are formidably complex. Though futexes provide essential functionality, futexes are often not clearly understood, and some might argue that vulnerabilities are inevitable given the complexity of futex implementation.

Unfortunately, at the end of January 2021, another Linux kernel vulnerability that involves futex mishandling emerged. Worse, it involves a dangerous use-after-free vulnerability.

Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)

Yet Another Futex Vulnerability Found in the Kernel (CVE-2021-3347)

Linux vulnerabilities pile up. Year in, year out. You could say it’s inevitable really, given today’s complex computing environment. It is nonetheless frustrating when the same critical elements of the Linux OS kernel continue to surface as a vulnerable area.

Up to and including 2020, there are fourteen listed CVEs that cover the Linux futex implementation. Granted, futexes are formidably complex. Though futexes provide essential functionality, futexes are often not clearly understood, and some might argue that vulnerabilities are inevitable given the complexity of futex implementation.

Unfortunately, at the end of January 2021, another Linux kernel vulnerability that involves futex mishandling emerged. Worse, it involves a dangerous use-after-free vulnerability.

Monthly KernelCare Update - January 2021

Monthly KernelCare Update - January 2021

It's hard to believe the first month of 2021 has come and gone. In this issue of KernelCare monthly blog, you'll find useful information that will keep your start to 2021 going smoothly. As always, we've included a video recap of our January highlights. But, for a deep dive into current topics, read on!

Monthly KernelCare Update - January 2021

Monthly KernelCare Update - January 2021

It's hard to believe the first month of 2021 has come and gone. In this issue of KernelCare monthly blog, you'll find useful information that will keep your start to 2021 going smoothly. As always, we've included a video recap of our January highlights. But, for a deep dive into current topics, read on!

Patches for CVE-2021-3347 are being delivered

patches for cve-2021-3347 are being delivered

Very recently a new vulnerability of the Linux Kernel was announced. It has been assigned CVE-2021-3347, and is (yet another) futex-related vulnerability.

Patches for CVE-2021-3347 are being delivered

patches for cve-2021-3347 are being delivered

Very recently a new vulnerability of the Linux Kernel was announced. It has been assigned CVE-2021-3347, and is (yet another) futex-related vulnerability.

Why immature SecOps will cost your company dearly – and how to fix it

Why immature secops will cost your company dearly - and how to fix it

There’s little question that the technology world is changing quickly. 2020 was a great accelerator in many ways, with the pandemic leading to rapid changes in working habits and the structure of consumer demand.

Why immature SecOps will cost your company dearly – and how to fix it

Why immature secops will cost your company dearly - and how to fix it

There’s little question that the technology world is changing quickly. 2020 was a great accelerator in many ways, with the pandemic leading to rapid changes in working habits and the structure of consumer demand.