Take Part In The KernelCare Survey To Win A CKA Certification

KernelCare added support for AlmaLinux OS. This new linux distribution is a community driven project that intends to fill the gap left by the change in direction of CentOS, in terms of stability and support. It is a stable enterprise-grade server OS, with long support windows. Forever free and open-source, AlmaLinux OS is backed by CloudLinux and has a growing community gathering around it, helping guide it's direction and strategy. Alma means soul in some latin-based languages and the name aims to celebrate the soul of linux - it’s users and community.

KernelCare is a solution to the problem of applying patches in a timely manner and keeping your system running without disruption, but sometimes you have to replace a server or migrate the service to another system. This short guide will show you how to move your KernelCare license to the new server.

The discovery of a new Linux kernel vulnerability is not a major surprise in its own right. It happens all the time. However, sometimes it appears as if, whenever a security researcher goes looking, the researcher discovers a new, serious vulnerability in the Linux kernel – and that it happens just too often for comfort.

This February, a new vulnerability was reported in a relatively obscure corner of the Linux kernel – in a function that facilitates communications between virtual machine host and guest. Though just discovered, it is already listed as CVE-2021-26708.

In this article we outline the vulnerability, explain how it emerged, and point to the potential risks the new vulnerability holds.

Buffer overflow vulnerabilities remain a common way in which cyber criminals gain illegal entry into computer systems. According to the National Vulnerability Database, there has been a steady increase in reported buffer overflow vulnerabilities over the decades – with 842 reported just last year.

A new week, a new vulnerability announced. This time, it affects kernels starting from version 5.5-rc1 (November 2019) up 5.10.13 (February 2021).

This vulnerability is an improperly handled race condition in the AF_VSOCK implementation, a kernel facility available to unprivileged users that is shipped as a kernel module in all major distributions.

Your Raspberry Pi might be a hobby or a critical part of your home network, but regardless of its purpose it can be a target for hackers. You may be familiar with common security for Raspberry Pi such as requiring a password to use sudo, changing the default sudo password, changing your default username, and the use of key-based authentication for SSH. These strategies improve your security, but the most critical part of Raspberry Pi protection is keeping it up to date with the latest security patches. KernelCare will help you live patch your Raspberry Pi device automatically for free.

Linux vulnerabilities pile up. Year in, year out. You could say it’s inevitable really, given today’s complex computing environment. It is nonetheless frustrating when the same critical elements of the Linux OS kernel continue to surface as a vulnerable area.

Up to and including 2020, there are fourteen listed CVEs that cover the Linux futex implementation. Granted, futexes are formidably complex. Though futexes provide essential functionality, futexes are often not clearly understood, and some might argue that vulnerabilities are inevitable given the complexity of futex implementation.

Unfortunately, at the end of January 2021, another Linux kernel vulnerability that involves futex mishandling emerged. Worse, it involves a dangerous use-after-free vulnerability.

It's hard to believe the first month of 2021 has come and gone. In this issue of KernelCare monthly blog, you'll find useful information that will keep your start to 2021 going smoothly. As always, we've included a video recap of our January highlights. But, for a deep dive into current topics, read on!

Very recently a new vulnerability of the Linux Kernel was announced. It has been assigned CVE-2021-3347, and is (yet another) futex-related vulnerability.

There’s little question that the technology world is changing quickly. 2020 was a great accelerator in many ways, with the pandemic leading to rapid changes in working habits and the structure of consumer demand.