QEMU-KVM vhost/vhost_net Guest to Host Kernel Escape Vulnerability

Sep 17, 2019 10:57:42 PM / by Mikhail Pobirsky posted in KernelCare, KernelCare Blog, Vulnerability fix, CVE

0 Comments

The KernelCare team are following developments for a recently-reported vulnerability involving QEMU-KVM guests running Linux kernels.

Read More

KernelCare is heading to Arm TechCon 2019

Aug 19, 2019 4:07:00 PM / by KernelCare Team posted in KernelCare, KernelCare Blog, #ArmTechCon

0 Comments

As you may know, KernelCare have been live patching Linux kernels on Arm architectures for a while now. But we’re not done spreading the word about live patching Arm-based equipment. To further share our expertise in rebootless Linux kernel updates, we are attending the Arm TechCon 2019, in San Jose, on October 8 - 10, 2019, at the San Jose Convention Center. 

Read More

SWAPGS: KernelCare patches are on the way

Aug 7, 2019 5:30:37 PM / by KernelCare Team posted in KernelCare Blog, SWAPGS, Vulnerability fix, CVE

0 Comments

KernelCare patches will start rolling out on Monday, 12 August.

Read More

SWAPGS: KernelCare patches on the way

Aug 7, 2019 3:22:40 PM / by KernelCare Team posted in KernelCare Blog, SWAPGS, Vulnerability fix, CVE

0 Comments

A new month has started—Summer is in full swing—Must be time for another CPU vulnerability. (Let’s hope this one has a catchy name.)

Read More

SACK Panic & Slowness: KernelCare patches are on the way

Jun 20, 2019 11:12:24 AM / by Alexandra Mitroshkina posted in KernelCare Blog

2 Comments

Netflix has a new hit on its hands. They’ve discovered new Linux kernel vulnerabilities and describe how a properly formed TCP network packet can cause the kernel to panic or slow down. There are three kinds. Two affect Linux kernels. (The other is for FreeBSD so won’t be described further.) All are dangerous because they can be executed remotely.

Read More

How to Secure Linux by Patching in Real-Time

Jun 18, 2019 7:34:00 PM / by KernelCare Team posted in KernelCare Blog

0 Comments

How to Secure Linux by Patching in Real-Time

If anyone tells you that they know how to secure linux, but they fail to mention live patching – don’t listen to them. Keeping servers automatically up to date is key to keeping them safe. In the complex security question of how to secure Linux, patching live, in real-time, is the missing link.

Read More

Why Waiting For Your Next Linux Reboot is Making You Insecure

Jun 13, 2019 9:13:00 PM / by KernelCare Team posted in KernelCare Blog

0 Comments

Why Waiting For Your Next Linux Reboot is Making You Insecure

You've just installed a kernel update, and now you need to carry out a Linux reboot. Except guess what? You don’t. Word is only just starting to get out, but times have changed, and rebooting is a thing of the past. This is a very positive development: because rebooting to patch is a hassle, companies frequently delay it for as long as they can – with damaging consequences.

Read More

5 Bad Reasons to Update Your Linux Kernel

Jun 5, 2019 8:29:32 PM / by Igor Seletskiy posted in KernelCare Blog

0 Comments

A Linux kernel update is not to be taken lightly—change means risk. Whatever reasons you think you might have, there is really only one that matters. Igor Seletskiy, CEO of CloudLinux, tells you what it is in this blog post.

Read More

Avoid Death, Taxes and Linux Server Reboots – Linux Kernel Updates, 3 Different Ways

Jun 5, 2019 8:27:49 PM / by Igor Seletskiy posted in KernelCare Blog

0 Comments

Linux kernel updates are a fact of life–as dull as taxes and only slightly less inconvenient than death. Newly discovered security vulnerabilities in the Linux kernel seem to appear with monotonous regularity. In most but not all cases, the patches needed to fix them follow swiftly after. There is work involved in installing the latest Linux kernel security patches, and danger if you delay–leave it too long and threat actors might take advantage of the period of vulnerability.

Read More

How I Validated KernelCare for VMware Cloud on AWS

May 29, 2019 5:23:43 PM / by Vitaly Daragan posted in KernelCare Blog

0 Comments


VMware has been a part of my working life for some time now. As a former Linux System Administrator, I've used it many times in different places. It's been one of my favorite ways to try out new operating systems (read: distro hopping) without having to buy more hardware. 

Read More