I am thrilled to let you know that we have published a toolset for livepatching of user space software, called LibCare, to GitHub. It is released under the GPL2 license and allows software developers to develop and apply patches to their running software without the need to restart it.
Similar to our commercially available KernelCare service, which livepatches kernels for various Linux distributions, the LibCare toolset allows developers to live patch any software, as long as the source code of the software is available. This ensures that business-critical software with nontrivial update processes doesn’t require users to restart during an update. Perfect application of this technology is within databases, Web servers, libraries, virtualization technologies, and more.
We often see vulnerabilities in QEMU or GLIBC that are not cured by a simple update and instead require a reboot or a substantial amount of work to make sure everything is updated and secure. With LibCare, software developers can offer live user space patching to avoid downtime and security risks. There is nothing like that available on the market as open source, and we are excited to be able to offer this to software developers to make their applications more secure and more reliable for customers.
You can download the LibCare source code from GitHub at https://github.com/cloudlinux/libcare.
KernelCare is a live patching system that patches Linux kernel vulnerabilities automatically, with no reboots. It's used on over 300,000 servers, and has been used to patch servers running for 6+ years. It works with all major Linux distributions, such as RHEL, CentOS, Amazon Linux, and Ubuntu. It also interoperates with common vulnerability scanners such as Nessus, Tenable, Rapid7, and Qualys. To talk with a consultant about how KernelCare might meet your enterprise’s specific needs, contact us directly at email@example.com.