CloudLinux - CloudLinux Blog - KernelCare fixes Meltdown and Spectre without reboots!

KernelCare fixes Meltdown and Spectre without reboots!

KernelCare fixes Meltdown and Spectre without reboots!

KernelCare now live patches Meltdown and Spectre (spectre-v1) that exploit critical vulnerabilities in modern processors. The list of supported distributions is available below. Free trial supports updates too.

By now, you might have thought that the topic of Meltdown and Spectre vulnerabilities is taking a backstage in the news. Not so, as the impact and the solutions to resolve the issues seem to be the talk of the technical community still.

Manu talented engineers across OS vendors, cloud computing companies, and many other technology companies have worked around the clock to develop fixes, to test them, and to apply. Those fixes are designed to eradicate the issue that could cause a massive security breach, and eliminate performance slowdowns. The fixes are meant to prevent programs from peaking inside the kernel’s memory and the impact of which, especially in the hosting community, can be severe.

There are instances of proof of concept code available publicly that can exploit Meltdown and Specter vulnerabilities. It is suspected that hackers are weaponizing them. Not addressing these vulnerabilities, now that after 20 years they have been made public, is not really an option.

Many cloud providers and enterprises are looking to release fixes but the need for a reboot complicates the process as it brings down servers of all of their customers and business units. Not to mention the amount of internal resources and organizations needed for such operation is massive. Because of that, many companies have not yet updated their servers. All our customers have been challenged with this issue, and many have contacted us asking for a solution.

More than half-dozen of our kernel developers have been working diligently to come up with the KernelCare solution - patches that would fix the Meltdown and Spectre issues without customers needing to reboot servers. It proved to be a challenging task, but after working continuously on developing a solution, they finally did!

Our live patching technology, KernelCare, delivers uninterrupted security updates of the kernel -- without any interference or downtime for software running on the server. It fixes only the affected part, without actually rebooting or restarting the server. With these pinpointed updates, we can minimize the change and do it live. Launched over 3 years ago, now with over 100,000 servers running KernelCare, we are the only live patching vendor for the below-mentioned distributions delivering patches for Meltdown and Spectre (spectre-v1) vulnerabilities.

Meltdown and Spectre fixes require reboots. Not with KernelCare. If you don't have KernelCare, you can get the FREE TRIAL, and update all kernels, on an unlimited number of servers, without reboots now. 

. . .

Currently, we have launched Meltdown / Spectre patches for:

  • CentOS 7 and CentOS 7 Plus
  • RHEL 7
  • CloudLinux 7, hybrid
  • Proxmox VE3.10

Coming soon:

  • CentOS 6
  • RHEL 6
  • CloudLinux 6
  • Virtuozzo 6
  • Ubuntu
  • Debian
  • others

This blog post outlines timely updates


Beta: MySQL Governor updated
Beta: LVE Manager, CageFS, and liblve updated

By accepting you will be accessing a service provided by a third-party external to

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.