KernelCare Blog

KernelCare Blog

by / Tuesday, 15 November 2016
Managing KernelCare with Puppet

By guest author Christian Reiß

If you haven’t felt it before: when Dirty Cow hit you did. The Linux Kernel is rock solid, proven but also has security issues. In this case: Root rights for everyone! And on top of that this bug is so trivially easy to exploit (several proof-of-concepts are out...

Continue reading

Topic: in KernelCare Blog


by / Friday, 28 October 2016
Dirty Cow: visual patch release timeline
Linux distributions took Dirty Cow vulnerability seriously, releasing patches as quickly as possible. Some did better than others. Here, we’ve put together a visual chart of when major Linux distributions have released their patches, and when live patch technologies, like our own KernelCare...

Continue reading

Topic: in KernelCare Blog


by / Wednesday, 26 October 2016
How to fix Dirty COW without rebooting servers

Dirty Cow CVE-2016-5195 exploit is said to be the “Most serious” Linux privilege-escalation bug ever. Within a few days of its discovery, various Linux distributions have released patches to fix it, but to apply those, you need to reboot servers. You either need to cause downtime you...

Continue reading

Topic: in KernelCare Blog


by / Tuesday, 25 October 2016
Nonprofits can now live patch kernels for free

In light of the recent Dirty Cow exploit, said by experts to be the “Most serious” Linux privilege-escalation bug ever, we’ve decided to push forward our prior plans to offer KernelCare for free for nonprofit organizations so that they can protect themselves from critical vulnerabilities...

Continue reading

Topic: in KernelCare Blog


by / Monday, 24 October 2016
Live patching for your custom kernel

Do you want to use KernelCare for rebootless kernel updates? But what if you are running an unsupported distribution? What if your kernel is custom, self-compiled, special, or just old?

Look no further than KernelCare. It provides Custom Kernel Patching so that you can benefit from live patching...

Continue reading

Topic: in KernelCare Blog


by / Saturday, 22 October 2016
KernelCare, Dirty Cow, systemtap and CentOS/RHEL/CL 5 - Important!!!

The systemtap scripts recommended by RedHat https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13 and many other people as workaround against CVE-2016-5195 DirtyCow might be ineffective against new variations of the attack like this one:

Continue reading

Topic: in CloudLinux OS Blog KernelCare Blog


by / Friday, 21 October 2016
Dirty Cow vulnerability: the fix is here!

A vulnerability has been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. KernelCare team is working on fixing of the so-called Dirty Cow issue.

CVE-2016-5195: a race condition in the memory management code can be used for local...

Continue reading

Topic: in KernelCare Blog


by / Friday, 15 July 2016
Running InfiniBand hardware? Your servers might be vulnerable.
Recently a flaw was found in Linux kernel 2.6.32 that allows local users to escalate their privileges for servers with InfiniBand. 
 
If your servers have InfiniBand and you are running CentOS/RedHat/CloudLinux 6, Virtuozzo/OpenVZ, Proxmox 2.x WITHOUT KernelCare, you are vulnerable. We recommend...

Continue reading

Topic: in KernelCare Blog


by / Monday, 27 June 2016
New vulnerability makes it easy to escape from the container

CVE-2016-4997 and CVE-2016-4998 were issued for a vulnerability that lets user inside container to escalate priveleges and escape the containment. The issue affects Virtuozzo, OpenVZ, LXC and Docker containers.

If you are running KernelCare -- your servers are already patched, and safe. If you...

Continue reading

Topic: in KernelCare Blog


by / Tuesday, 14 June 2016
Hackers are using local DoS attack using CVE-2016-4581 against hosting provider

Distributions have yet to patch CVE-2016-4581 in CentOS/RHEL/CloudLinux 7 kernels. At the same time, the vulnerability is already known to be used in attacks against hosting providers to crash servers. We are working hard to release new CloudLinux 7 kernel that fixes this bug. 

Yet, if you want...

Continue reading

Topic: in CloudLinux OS Blog KernelCare Blog


1 2 3 4 5 6 7 8 9