KernelCare Blog - CloudLinux Blog - Page 5
KernelCare Blog

Major vulnerability CVE-2017-2636 found in Linux kernels that affects many distributions
Tags:

Major vulnerability CVE-2017-2636 found in Linux kernels that affects many distributions

Major vulnerability CVE-2017-2636 found in Linux kernels that affects many distributions
A new major local privilege escalation vulnerability in the Linux kernel was disclosed on March 7th by Alexander Popov ( see CVE-2017-2636 ). It is a race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 that allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline and ...
Continue reading
  9080 Hits
  0 Comments
CloudLinux CLN downtime Friday, March 10th, starting at 1:30 am EST
Tags:
cln

CloudLinux CLN downtime Friday, March 10th, starting at 1:30 am EST

CloudLinux CLN downtime Friday, March 10th, starting at 1:30 am EST
We will be performing planned maintenance for CLN from 1:30 am EST (6:30 am GMT) to 4:30 am EST (9:30 am GMT) on Friday, March 10th, 2017. During that time you might experience issues with accessing CLN, registering new servers, converting servers to CloudLinux, registering new IP-based licenses using partner API, as well us updating servers. It wi...
Continue reading
  2005 Hits
  0 Comments
Security warning: major vulnerability found in Linux kernels that affects most kernels
Tags:

Security warning: major vulnerability found in Linux kernels that affects most kernels

Security warning: major vulnerability found in Linux kernels that affects most kernels
A new major local privilege escalation vulnerability in the Linux kernel was disclosed today by Andrey Konovalov ( see CVE-2017-6074 ). It is a memory corruption vulnerability where the same memory location is freed by kernel twice. The vulnerability can be exploited to escalate privileges and allows an unprivileged local user to gain root access t...
Continue reading
Recent Comments
Igor Seletskiy
yes, it would be. Yet, linux-distro list where such things are disclosed had been dysfunctional and doesn't accept any new members... Read More
Thursday, 23 February 2017 13:06
Igor Seletskiy
It takes much longer to prepare & test the fix for the full kernel.
Friday, 24 February 2017 13:01
Kateryna Obiidykhata
1. Here you can find the announcement about the vulnerability found - http://seclists.org/oss-sec/2017/q1/471 2. Because you have ... Read More
Friday, 24 February 2017 12:47
  15976 Hits
  12 Comments
The new CloudLinux and Imunify360 Forums have arrived
Tags:

The new CloudLinux and Imunify360 Forums have arrived

The new CloudLinux and Imunify360 Forums have arrived
We are excited to announce the updated CloudLinux Forum 2.0 with the new Imunify360 section, just in time to get the conversation started! If you haven’t visited our forums for a while, check it out . This is the place for you to ask questions and get responses from the community as well as the CloudLinux team. There, you can navigate to the new Im...
Continue reading
  2412 Hits
  0 Comments
The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!

The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!

The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!
A new vulnerability CVE-2016-8655 in the Linux kernel was discovered yesterday by Philip Pettersson. It is a race-condition in Linux (net/packet/af_packet.c) that can be exploited to gain kernel code execution from unprivileged processes. This exploit may lead to a privilege escalation, cause a denial of service attacks (server crash) and informati...
Continue reading
  3255 Hits
  0 Comments
KernelCare is now available in Plesk
Tags:

KernelCare is now available in Plesk

KernelCare is now available in Plesk
“plesk
plesk screenshot
Live patching and better security is now available right inside Plesk’s extensions catalog! With KernelCare, Plesk users will no longer need to bring their servers down due to security patching. It installs in minutes with a single line of code and without a reboot, and allows companies get rid of current and newly discovered kernel vulnerabilities...
Continue reading
  2725 Hits
  0 Comments
Managing KernelCare with Puppet

Managing KernelCare with Puppet

Managing KernelCare with Puppet
By guest author Christian Reiß If you haven’t felt it before: when Dirty Cow hit you did. The Linux Kernel is rock solid, proven but also has security issues. In this case: Root rights for everyone! And on top of that this bug is so trivially easy to exploit (several proof-of-concepts are out there that can easily converted into a life, working gun...
Continue reading
  2707 Hits
  0 Comments
Dirty Cow: visual patch release timeline

Dirty Cow: visual patch release timeline

Dirty Cow: visual patch release timeline
Dirty Cow Patch Release
Dirty Cow Patch Release
All Linux distributors took the Dirty Cow vulnerability seriously, releasing patches as quickly as possible. However, some did better than others. Here, we’ve put together a visual chart of when major Linux distributions released their patches, and when live patch technologies, like our own KernelCare (which supports most distributions ), and Oracl...
Continue reading
  23559 Hits
  0 Comments
How to fix Dirty COW without rebooting servers

How to fix Dirty COW without rebooting servers

How to fix Dirty COW without rebooting servers
The Dirty Cow exploit (CVE-2016-5195) is said to be the “Most serious” Linux privilege-escalation bug, ever. Within a few days of its discovery, various Linux distributions have released patches to fix it, but to apply those, you need to reboot servers. You either need to suffer downtime you haven’t planned for, or wait for the next maintenanc...
Continue reading
  59146 Hits
  1 Comment
Nonprofits can now live patch kernels for free
Tags:

Nonprofits can now live patch kernels for free

Nonprofits can now live patch kernels for free
In light of the recent Dirty Cow exploit, said by experts to be the “Most serious” Linux privilege-escalation bug ever, we’ve decided to push forward our prior plans to offer KernelCare for free for nonprofit organizations so that they can protect themselves from critical vulnerabilities including the Dirty Cow CVE-2016-5195. KernelCare provides ti...
Continue reading
  2822 Hits
  0 Comments