New KernelCare+ patches Linux libraries and kernels

Feb 10, 2020 4:55:00 PM / by Paul Jacobs

KC+

You want more—more protection for business-critical applications running on Linux, applications that depend on glibc and OpenSSL.

As with the kernel, vulnerabilities in glibc or OpenSSL can’t wait to be patched.

That’s why, last November, we announced KernelCare+, an enhanced variant of KernelCare, one that patches vulnerabilities in essential user space libraries in addition to those in the Linux kernel. And as with KernelCare’s Linux kernel live patching, KernelCare+ updates applications without affecting their operational state—no restarts, no reboots.

Glibc and OpenSSL are critical libraries used by almost all popular applications running on Linux.

  • The GNU C Library, commonly known as glibc, is the most popular implementation of the standard C library. Many Linux applications and the Linux kernel itself are written in C.
  • OpenSSL is the library responsible for security between networked applications and operating systems. It performs network encryption and is the ‘S’ in the ‘HTTPS’ protocol used to serve secure web pages.

When a software vulnerability is discovered in either of these libraries, it can affect any number of dependent applications, applications that you’d rather not restart (databases and web servers, for example).

KernelCare+ extends to applications the same philosophy that protects Linux kernels.

KernelCare’s live patching experience now brings you non-impact vulnerability patching for glibc and OpenSSL, keeping applications safe without interrupting their processing or information states. That’s the added power of KernelCare+, which is now available for beta testing.

This important new addition to the CloudLinux product line-up means you can get closer to the dream of always-compliant servers that never need downtime.

We haven’t forgotten an important enabling factor in this dream: the need to automate. That’s why KernelCare+ also brings integrations with major automation tools Ansible, Chef, and Puppet, and vulnerability scanning and reporting tools Nessus, Qualys and Rapid7.

KernelCare+ has two simple monthly pricing bands:

  • $5.95 per server for 0 to 500 servers
  • $3.95 for 500 or more servers

Remember, this is KernelCare+, so in addition to user space patching of critical vulnerabilities in glibc and OpenSSL, you also get Linux kernel vulnerability patching. Unpatched vulnerabilities in any software, user or kernel space, are a major cause of data leaks and hacker infiltration.

 

Register for KernelCare+ Beta

 

Topics: KernelCarePlus

Paul Jacobs

Written by Paul Jacobs

With more than a quarter of a century in IT, Paul brings with him a kaleidoscope of experiences and insight which he uses to drill into and pick apart the complexities of Linux server security and hosting issues, as Technical Evangelist and Content Writer for CloudLinux.