CloudLinux - KernelCare live patches Linux kernels on Arm

KernelCare live patches Linux kernels on Arm

KernelCare has released automated kernel security updates for Arm-based devices.

September 16, 2019 – KernelCare, the automated and rebootless Linux kernel security updates company, announced that it has released support for Arm®-based processors to protect IoT devices and servers running on Linux from security vulnerabilities.

By 2020, more than 25% of identified cybersecurity attacks in enterprises will involve the IoT. This means that enterprise IoT devices and servers based on Arm processor technology and running on the Linux kernel require watertight-security. Traditionally, companies have patched such devices via a reboot, but reboot cycles require planning and often times can cause system downtime.

KernelCare's automated kernel security updates for Arm-based devices work differently, by updating the Linux kernel on Arm-based processors without stopping the environment in which it’s running, be it bare-metal or virtualized. The software is easy to deploy and is available for CentOS, Oracle Linux, Amazon Linux, RedHat, Ubuntu, Debian OpenVZ, Virtuozzo, and CloudLinux OS servers.

KernelCare patches live, running kernel code at the binary level, in memory, without power-cycling. Applications and users see nothing; for them, the kernel never stops running. System processes wait milliseconds while the kernel module suspends and restarts processor threads.

“It started as a challenge: to see if we could live-patch a Linux kernel running on Arm,” said Mikhail Pobirsky, KernelCare’s Product Manager. “Within a few months,” he went on, “we successfully completed a proof-of-concept on Amazon EC2 instances, and are confident we can automatically patch most IoT and network devices, from Raspberry Pi-based equipment to network routers.”

Mikhail continued: “We believe the ability to live-patch Arm processors running Linux will greatly benefit servers that run non-stop in remote locations. Arm’s low power consumption characteristics coupled with the ability to patch the Linux kernel without rebooting will be key to the expansion of edge cloud computing and other always-on, low-power application areas, such as supercomputing and AI.”

Linux kernel live-patching for Arm-based processors can be used by IoT and Arm-based server manufacturers via embedded original equipment manufacturers (OEMs).

KernelCare is actively seeking early adopters interested in arming their IoT devices with live-patching. Apply to get a free trial here:

About KernelCare

KernelCare keeps Linux servers secure with the latest kernel patches automatically applied to the running kernel without downtime. It ensures servers are always on and available, and eliminates interruption to critical applications, databases, and business processes.

KernelCare is a product of CloudLinux, the maker of the #1 OS for shared hosting providers.
More information about KernelCare can be found at

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.