It is Fall in the Northern Hemisphere, and everyone’s out gazing into the clear dark skies when they should be indoors looking after their servers. Why?
Because yet another 10-year-old flaw has been found in the Linux kernel, this time in the create_elf_tables() function, that, when subject to an integer overflow condition, can allow root-level privileged code to run.
This vulnerability, also known as CVE–2018–14634, and existing in Red Hat Enterprise Linux and CentOS, was automatically patched on systems running KernelCare, the kernel security software which patches kernels without reboots.
Avoid Too Many Arguments by reading about the patch here.
KernelCare is a live patching system that patches Linux kernel vulnerabilities automatically, with no reboots. It's used on over 300,000 servers, and has been used to patch servers running for 6+ years. It works with all major Linux distributions, such as RHEL, CentOS, Amazon Linux, and Ubuntu. It also interoperates with common vulnerability scanners such as Nessus, Tenable, Rapid7, and Qualys. To talk with a consultant about how KernelCare might meet your enterprise’s specific needs, contact us directly at firstname.lastname@example.org.