CloudLinux - CloudLinux Blog - How to fix Dirty COW without rebooting servers

How to fix Dirty COW without rebooting servers

How to fix Dirty COW without rebooting servers

The Dirty Cow exploit (CVE-2016-5195) is said to be the “Most serious” Linux privilege-escalation bug, ever. Within a few days of its discovery, various Linux distributions have released patches to fix it, but to apply those, you need to reboot servers. You either need to suffer downtime you haven’t planned for, or wait for the next maintenance window, remaining vulnerable until then. But with KernelCare, you can livepatch your servers instantly, protecting yourself from critical vulnerabilities such as Dirty Cow WITHOUT rebooting servers.

When you install KernelCare, whether a paid or a trial version, it brings your kernels up to date with all patches, instantly. It installs with a single line of code in just minutes, and without a reboot, and will ensure you never miss another kernel security patch, as they will be automatically installed to your live kernel going forward.

Live security patching of kernels is a premium service offered by several Linux distributions as part of their costly enterprise support. KernelCare live patching software works for most popular Linux distributions and installs kernel security updates without the need to reboot the server for under $3 per server per month. Whether you have a mixed Linux environment or prefer a single distribution, KernelCare will keep your kernels always up-to-date and servers up and running.

Sign up for a free 30-day trial - this trial will patch your kernels instantly, and whether you decide to continue after the trial or not, it will, at a minimum, bring your security patches up to date, and fix the Dirty Cow vulnerability now.

Click here to learn more about KernelCare.

* * *

Out-of-the-box install of KernelCare is supported on most popular Linux distributions including:

  • Red Hat RHEL 5.x, 6.x and 7.x
  • CentOS 5.x, 6.x and 7.x
  • Ubuntu 14.04 LTS and 16.04 LTS
  • Xen4CentOS 6 and Xen4CentOS 7
  • Virtuozzo/OpenVZ 2.6.32
  • Debian 6 and 7
  • See the complete list here


Managing KernelCare with Puppet
Nonprofits can now live patch kernels for free

By accepting you will be accessing a service provided by a third-party external to