KernelCare Blog - CloudLinux Blog - Page 5
KernelCare Blog

Endurance implemented rebootless updates with KernelCare

Endurance implemented rebootless updates with KernelCare

Endurance implemented rebootless updates with KernelCare
A few days ago, Endurance has announced that they have implemented KernelCare to keep their servers secure and limit interruptions. Endurance is a leading provider of cloud-based platform solutions, and they have deployed KernelCare rebootless update service on shared and dedicated web servers for the Endurance family of brands including HostGator ...
Continue reading
  2248 Hits
  0 Comments
Issues caused by the latest KernelCare update and what we will do to ensure it never happens again

Issues caused by the latest KernelCare update and what we will do to ensure it never happens again

Issues caused by the latest KernelCare update and what we will do to ensure it never happens again
UPDATE: Mar 30 - 10am pacific timezone. 24h feed was updated with the same issue due to technician incorrectly removing "at" job. This has been fixed shortly, but some systems have been affected. We want to apologize for the KernelCare incident that affected some of our customers yesterday. Unfortunately, the bug in POSIX ACL patch for CVE-2016-709...
Continue reading
Recent Comments
Igor Seletskiy
Thank you for the suggestion. We will implement such global controls. Right now this can be done using config file & AUTO_UPDATE s... Read More
Thursday, 30 March 2017 11:34
Igor Seletskiy
I want to personally apologize for that. It was suggested during initial half hour by one of our team members, but I chose not to ... Read More
Thursday, 30 March 2017 11:45
Igor Seletskiy
I am finally back in US - and that makes things a little easier from logistics standpoint. To all those who are rightfully pissed... Read More
Saturday, 01 April 2017 03:36
  6282 Hits
  15 Comments

Issues caused by the latest KernelCare update

We’ve received reports that our latest patchset affected some CentOS/CloudLinux/OpenVZ 6 kernels. We’ve immediately rolled back the patch, have evaluated the issue and identified the cause to prevent issues in the future releases. Please accept our apologies and standby for additional updates on the cause of the issue. Igor Seletskiy
  2647 Hits
  0 Comments
Major vulnerability CVE-2017-2636 found in Linux kernels that affects many distributions
Tags:

Major vulnerability CVE-2017-2636 found in Linux kernels that affects many distributions

Major vulnerability CVE-2017-2636 found in Linux kernels that affects many distributions
A new major local privilege escalation vulnerability in the Linux kernel was disclosed on March 7th by Alexander Popov ( see CVE-2017-2636 ). It is a race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 that allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline and ...
Continue reading
  10014 Hits
  0 Comments
Security warning: major vulnerability found in Linux kernels that affects most kernels
Tags:

Security warning: major vulnerability found in Linux kernels that affects most kernels

Security warning: major vulnerability found in Linux kernels that affects most kernels
A new major local privilege escalation vulnerability in the Linux kernel was disclosed today by Andrey Konovalov ( see CVE-2017-6074 ). It is a memory corruption vulnerability where the same memory location is freed by kernel twice. The vulnerability can be exploited to escalate privileges and allows an unprivileged local user to gain root access t...
Continue reading
Recent Comments
Igor Seletskiy
yes, it would be. Yet, linux-distro list where such things are disclosed had been dysfunctional and doesn't accept any new members... Read More
Thursday, 23 February 2017 13:06
Igor Seletskiy
It takes much longer to prepare & test the fix for the full kernel.
Friday, 24 February 2017 13:01
Kateryna Obiidykhata
1. Here you can find the announcement about the vulnerability found - http://seclists.org/oss-sec/2017/q1/471 2. Because you have ... Read More
Friday, 24 February 2017 12:47
  16870 Hits
  12 Comments
The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!

The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!

The KernelCare Update: The patch to fix CVE-2016-8655 exploit is here!
A new vulnerability CVE-2016-8655 in the Linux kernel was discovered yesterday by Philip Pettersson. It is a race-condition in Linux (net/packet/af_packet.c) that can be exploited to gain kernel code execution from unprivileged processes. This exploit may lead to a privilege escalation, cause a denial of service attacks (server crash) and informati...
Continue reading
  4324 Hits
  0 Comments
New vulnerability discovered - the fix for CVE-2016-8655 for CloudLinux OS 7 is here with KernelCare

New vulnerability discovered - the fix for CVE-2016-8655 for CloudLinux OS 7 is here with KernelCare

New vulnerability discovered - the fix for CVE-2016-8655 for CloudLinux OS 7 is here with KernelCare
The patch for CloudLinux OS 7 is here if you are running KernelCare. Fixed CloudLinux OS 7 kernel is coming soon. CloudLinux OS 5 & 6 are not affected. A new vulnerability CVE-2016-8655 in the Linux kernel was discovered by Philip Pettersson. It is a race-condition in Linux (net/packet/af_packet.c) that can be exploited to gain kernel code exec...
Continue reading
  3860 Hits
  0 Comments
KernelCare is now available in Plesk
Tags:

KernelCare is now available in Plesk

KernelCare is now available in Plesk
“plesk
plesk screenshot
Live patching and better security is now available right inside Plesk’s extensions catalog! With KernelCare, Plesk users will no longer need to bring their servers down due to security patching. It installs in minutes with a single line of code and without a reboot, and allows companies get rid of current and newly discovered kernel vulnerabilities...
Continue reading
  4396 Hits
  0 Comments
Managing KernelCare with Puppet

Managing KernelCare with Puppet

Managing KernelCare with Puppet
By guest author Christian Reiß If you haven’t felt it before: when Dirty Cow hit you did. The Linux Kernel is rock solid, proven but also has security issues. In this case: Root rights for everyone! And on top of that this bug is so trivially easy to exploit (several proof-of-concepts are out there that can easily converted into a life, working gun...
Continue reading
  4667 Hits
  0 Comments
Dirty Cow: visual patch release timeline

Dirty Cow: visual patch release timeline

Dirty Cow: visual patch release timeline
Dirty Cow Patch Release
Dirty Cow Patch Release
All Linux distributors took the Dirty Cow vulnerability seriously, releasing patches as quickly as possible. However, some did better than others. Here, we’ve put together a visual chart of when major Linux distributions released their patches, and when live patch technologies, like our own KernelCare (which supports most distributions ), and Oracl...
Continue reading
  24664 Hits
  0 Comments