<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=645174729237247&amp;ev=PageView&amp;noscript=1">
We are updating the structure and design of KernelCare blog for your convenience. Today, you may experience some text formatting inconvenience which will be fixed shortly.
Tag: articles

Why you should automate Linux kernel updates

Why you should automate Linux kernel updates

Software is complex and constantly changing. Bugs are inevitable. Before the internet age, bugs were just faults to fix. Now, they are opportunities, one of the ways hackers get unauthorized access to systems. The cybersecurity industry thrives on this threat. Their products 'defend' and 'protect' but cannot plug a simple security loophole: the exploitation of vulnerabilities that persist in outdated and unpatched operating systems and applications.

This article reviews the background to this problem, and gives tips to remedy it using unattended update packages for Ubuntu, Red Hat and Fedora, and live patching solutions from KernelCare, Kgraft, Ksplice, and Livepatch.

Zombieload - Critical Linux CVE Affects Almost All Intel CPUs

Critical MDS affects almost all Intel CPUs
Contents

  1. What is Zombieload Vulnerability?
  2. What is MDS attack?
  3. Which CPUs are affected by Zombieload?
  4. How to mitigate the MDS/Zombieload Vulnerability?
  5. MDS/Zombieload Vulnerability Patch Release Schedule

What is Zombieload Vulnerability?

Linux vulnerabilities are becoming like celebrities, with freaky names and their own websites.

The latest ones to hit the scene are Zombieload, RIDL and Fallout, also known as Microarchitectural Data Sampling, (MDS for short), discovered by Intel and researched by academic departments at security-focused institutions around the world. These vulnerabilities are in the same vein as Spectre and Meltdown, being design flaws that reveal data. Zombieload is particularly worrying because it affects all Intel Core and Xeon CPUs manufactured since 2011.

Custom Kernel Patching with Rebootless Updates

Custom Kernel Patching with Rebootless Updates

Do you want to use KernelCare for rebootless kernel updates? But what if you are running an unsupported distribution? What if your kernel is custom, self-compiled, special, or just old? KernelCare provides Custom Kernel Patching so that your company can benefit from live patching service for your kernel. The experts on our security and kernel development team can update your kernels using KernelCare technology to apply patches to the running kernel without the need to reboot servers.