KernelCare Blog - CloudLinux Blog - Page 2
KernelCare Blog

CloudLinux CLN downtime Monday, January 22nd, starting at 1:00 am EST
Tags:
cln

CloudLinux CLN downtime Monday, January 22nd, starting at 1:00 am EST

CloudLinux CLN downtime Monday, January 22nd, starting at 1:00 am EST
We will be performing planned CLN hardware upgrade from 1:00 am EST (6:00 am GMT) to 4:00 am EST (9:00 am GMT) on Monday, January 22nd, 2018. During that time you might experience issues with accessing CLN, registering new servers, converting servers to CloudLinux, registering new IP-based licenses using partner API, as well us updating servers. It...
Continue reading
  3751 Hits
  0 Comments
Intel CPU Bug - Meltdown and Spectre - KernelCare and CloudLinux

Intel CPU Bug - Meltdown and Spectre - KernelCare and CloudLinux

Intel CPU Bug - Meltdown and Spectre - KernelCare and CloudLinux
Update [May 29, 2018 12:25am PT] Meltdown fixes for Ubuntu 16.04 are now on test. To deploy them:edit /etc/sysconfig/kcare/kcare.conf Add:PREFIX=test Run:kcarectl --update TAGNAME: update-2018-05-29-test-1ubuntu-xenial:  CVE-2017-5754: Systems with microprocessors utilizing speculative execution and    indirect branch prediction may ...
Continue reading
Recent Comments
Guest — Richard Hordern
A bit more info has been recently published here: https://newsroom.intel.com/news/intel-responds-to-security-research-findings/ I... Read More
Wednesday, 03 January 2018 21:02
Guest — Miguel
When do you expect to have a solution?still waiting
Thursday, 04 January 2018 19:10
Guest — somebody
I just want to say thanks for your outstanding work. I hope there will be soon patches for kernelcare, specially for OpenVZ and Ce... Read More
Thursday, 04 January 2018 22:26
  111918 Hits
  147 Comments
KernelCare crashes on CloudLinux 7 & CloudLinux 6 Hybrid

KernelCare crashes on CloudLinux 7 & CloudLinux 6 Hybrid

KernelCare crashes on CloudLinux 7 & CloudLinux 6 Hybrid
Updated: Dec 7, 2017, 8AM PT Our previous patch provided the fix of ext4 bug with KernelCare included a bug in unpatch. The bug was triggered by latest patch, and caused some number of servers to crash. The effect of the bug is that servers that use ext4 will crash. If they didn't crash - they will not crash now. Note that the new patch that trigge...
Continue reading
Recent Comments
Guest — Rodrigo Gomes
I'm going to migrate to Cloudlinux today from CentOS 7. I already have KernelCare installed on CentOS with extra symlink protectio... Read More
Thursday, 07 December 2017 20:14
Guest — Irina
You should not worry, CentOS kernels are NOT affected.
Friday, 08 December 2017 06:33
Guest — Aleksei
When you migrate to CloudLinux, you will receive latest kernel, which is not affected. So please proceed with the migration.... Read More
Monday, 11 December 2017 13:51
  6193 Hits
  8 Comments
Updates for a blog post "The Symlink Protection patchset"

Updates for a blog post "The Symlink Protection patchset"

Updates for a blog post "The Symlink Protection patchset"
Please note that we have updated a blog post The Symlink Protection patchset. We have eliminated errors and implemented changes. Now you can confidently use these instructions to get the patches. We apologize for the inconveniences.
  2254 Hits
  0 Comments
The Symlink Protection patchset is available for free for CentOS 6 & 7, even if you are not running KernelCare
Tags:

The Symlink Protection patchset is available for free for CentOS 6 & 7, even if you are not running KernelCare

The Symlink Protection patchset is available for free for CentOS 6 & 7, even if you are not running KernelCare
A few weeks ago we released the KernelCare "Extra" Patchset with the security fixes and the symlink protection available to all KernelCare customers running CentOS kernels. Today we are pleased to share that you can get the Symlink Protection Patchset for CentOS 6 and 7 at no cost, even if you don’t have licenses of KernelCare. We’ve been discussin...
Continue reading
Recent Comments
Guest — Youssef B.
Thank you, But it doesn't work for me. .. Running Transaction Installing : kernelcare-2.13-1.x86_64 ... Read More
Wednesday, 04 October 2017 23:44
Igor Seletskiy
sorry, it should have been: kcarectl --set-patch-type free
Thursday, 05 October 2017 00:49
Guest — Micheal
Thank you for this support. Are patches disabled in kernel updates we made manually?
Thursday, 05 October 2017 21:32
  47584 Hits
  95 Comments
The KernelCare "Extra" Patchset for CentOS 6 & 7 with symlink protection is here

The KernelCare "Extra" Patchset for CentOS 6 & 7 with symlink protection is here

The KernelCare "Extra" Patchset for CentOS 6 & 7 with symlink protection is here
The KernelCare extra patchset includes all the security fixes from KernelCare for CentOS 6 and CentOS 7, as well as the symlink protection against a symlink race. A symlink race attack is often used against shared hosting servers. It allows a malicious user to serve files that belong to other users by creating a symbolic link to those files. It is ...
Continue reading
Recent Comments
Guest — john
not working for me, plus you type some of it wrong kcarectl --set-patch-type extra --update usage: kcarectl [-h] [-i] [-u] [--un... Read More
Tuesday, 22 August 2017 19:19
Igor Seletskiy
Make sure you have the latest version of kernelcare. Do yum update kernelcare --> it should help.
Wednesday, 23 August 2017 02:07
Guest — adm
kcarectl --set-patch-type extra --update 'extra' patch type selected Downloading updates HTTP Error 404: Not Found, Retrying in 3 ... Read More
Tuesday, 22 August 2017 20:07
  20458 Hits
  17 Comments
New privilege escalation vulnerability found in Linux kernel

New privilege escalation vulnerability found in Linux kernel

New privilege escalation vulnerability found in Linux kernel
A race condition in Linux kernel was disclosed today, August 3rd, 2017 (see CVE-2017-7533). It can be exploited to allows an unprivileged local user to gain root access to the server. Currently, there is an existing working exploit allowing privileges escalation for 32 bit kernels. It is unclear whether such exploit exists for 64 bit kernels, but s...
Continue reading
  7806 Hits
  0 Comments
LibCare, a toolset for livepatching of user space software, is now available as Open Source on GitHub
Tags:

LibCare, a toolset for livepatching of user space software, is now available as Open Source on GitHub

LibCare, a toolset for livepatching of user space software, is now available as Open Source on GitHub
I am super thrilled to let you know that we have published a toolset for livepathing of user space software, called LibCare, to GitHub. It is released under the GPL2 license and allows software developers to develop and apply patches to their running software without the need to restart it. Similar to our commercially available KernelCare service, ...
Continue reading
Recent comment in this post
Guest — Mark
Very cool indeed!
Friday, 14 July 2017 15:13
  5874 Hits
  1 Comment
Major vulnerability: The Stack Clash security issue found that affects most Linux kernels
Tags:

Major vulnerability: The Stack Clash security issue found that affects most Linux kernels

Major vulnerability: The Stack Clash security issue found that affects most Linux kernels
[Last updated Jun 22, 12:05PM PDT] A new major local privilege escalation vulnerability in the Linux kernel was disclosed yesterday, June 19th, 2017 (CVE-2017-1000364). The vulnerability can be exploited to allows an unprivileged local user to gain root access to the server. The Qualys' security advisory shows practical methods for circumventing an...
Continue reading
Recent Comments
Guest — Patrick Heinz
Hello, Where we'll be advised when patch become available? Thanks
Tuesday, 20 June 2017 20:00
Igor Seletskiy
Yes, we will notify as it hits production. We just pushed CL7/CL6Hybrid patches to test. If anyone can test by running: kcarectl -... Read More
Tuesday, 20 June 2017 21:08
Guest — Amar
So is there any timeline for older versions like CentOS 5 and RHEL 5 ??
Wednesday, 21 June 2017 05:07
  18444 Hits
  14 Comments
Issues caused by the latest KernelCare update and what we will do to ensure it never happens again

Issues caused by the latest KernelCare update and what we will do to ensure it never happens again

Issues caused by the latest KernelCare update and what we will do to ensure it never happens again
UPDATE: Mar 30 - 10am pacific timezone. 24h feed was updated with the same issue due to technician incorrectly removing "at" job. This has been fixed shortly, but some systems have been affected. We want to apologize for the KernelCare incident that affected some of our customers yesterday. Unfortunately, the bug in POSIX ACL patch for CVE-2016-709...
Continue reading
Recent Comments
Guest — Marco
Hello, you should have a system where we can manage our servers. So we can change all our servers to manually updating instead of... Read More
Thursday, 30 March 2017 09:44
Igor Seletskiy
Thank you for the suggestion. We will implement such global controls. Right now this can be done using config file & AUTO_UPDATE s... Read More
Thursday, 30 March 2017 11:34
Guest — Pissed Customer
Hello we´re not happy about you kind of communication! We recognized server crashes and was NOT informed by you, that we have to ... Read More
Thursday, 30 March 2017 09:52
  9605 Hits
  15 Comments

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.