KernelCare Blog - CloudLinux Blog - Page 5
KernelCare Blog

Ubuntu LTS kernels patches to latest version with KernelCare

Ubuntu LTS kernels patches to latest version with KernelCare

Ubuntu LTS kernels patches to latest version with KernelCare
  Ubuntu LTS kernels were updated to latest version. The update includes a number of security bug fixes. Systems with AUTO_UPDATE=True (DEFAULT) in /etc/sysconfig/kcare/kcare. conf will automatically update, and no action is needed for them. You can manually update the server by running:# /usr/bin/kcarectl --update Changelog:ubuntu-t...
Continue reading
  5055 Hits
  0 Comments
CentOS/RHEL 7 kernels are patched to 3.10.0-327.10.1
Tags:

CentOS/RHEL 7 kernels are patched to 3.10.0-327.10.1

CentOS/RHEL 7 kernels are patched to 3.10.0-327.10.1
This update has no security fixes, as CVE-2015-7872 was fixed earlier. Systems with AUTO_UPDATE=True (DEFAULT) in /etc/sysconfig/kcare/kcare.conf will automatically update, and no action is needed for them. You can manually update the server by running: # /usr/bin/kcarectl --update
  4961 Hits
  0 Comments
Fix for quota inside the container vzkernel-2.6.32-042stab113.11

Fix for quota inside the container vzkernel-2.6.32-042stab113.11

Fix for quota inside the container vzkernel-2.6.32-042stab113.11
Some people were hit by a bug in recent vzkernel-2.6.32-042stab113.11 bug which made quota inside container for simfs not usable. We have released the patch to address the underlying problem. Yet, due to the nature of the bug, and time when devices are created (on boot) - it requires user to run command before quota will start working again. After ...
Continue reading
Recent comment in this post
Guest — LielZ
Great
Saturday, 06 February 2016 18:40
  4555 Hits
  1 Comment
Friday Humor, Episode 2.

Friday Humor, Episode 2.

Friday Humor, Episode 2.
Servers always reboot at the wrong time!
  6441 Hits
  0 Comments
Friday Humor, Episode 1

Friday Humor, Episode 1

Friday Humor, Episode 1
Every time you reboot a server, a kitten dies!
  7143 Hits
  0 Comments
KernelCare protection against Rowhammer privilege escallation

KernelCare protection against Rowhammer privilege escallation

KernelCare protection against Rowhammer privilege escallation
The rmemory hardware issue "Rowhammer" was recently discovered to allows privileged escalation. The issue can be mitigated (at least in its current form) by preventing user from reading /proc/$(pid)/pagemap, /proc/kpageflags, /proc/kpagecount files. Yet, this protection is not available from RedHat, CentOS, Parallels. It is not available as part of...
Continue reading
  4612 Hits
  0 Comments
KernelCare: How does it work?

KernelCare: How does it work?

KernelCare: How does it work?

Rebooting is a pain

Rebooting server is a pain. It is often scheduled for the darkest of the night. It requires minutes of downtime, and it can take up to 15 minutes for the server performance to stabilize, and catches to warm up. This is not something you want to do often.Yet, any time there is a security vulnerability in the kernel, a server should be rebooted. This is where KernelCare comes in. It provides a service that will patch security vulnerabilities inside the running kernel - without any downtime or service interruption.

Continue reading
  8309 Hits
  0 Comments

KernelCare support for Ubuntu 14.04 LTS (Trusty Tahr) added

We have added KernelCare support for Ubuntu 14.04 LTS (Trusty Tahr) As of now we support: RHEL/CentOS 5, 6 & 7 CloudLinux 5, 6, 5hybrid Debian 6, 7 Ubuntu 14.04
  4853 Hits
  0 Comments

KernelCare local privilege escalation patch for PCS/OpenVZ/CL6/CL5h/CentOS6/RHEL6 CVE-2014-9322

This update includes patch for CVE-2014-9322 vulnerability. I am sorry about unusual delay with this patch. This patch was the most complex patch we have seen so far. It was in assembler code, while most patches are in C. It was altering how interrupt handlers work. It is highly unusual, and there were no such security patches in the past 3 years. ...
Continue reading
  3485 Hits
  0 Comments

KernelCare CVE-2014-9322 patch

Update: The patch has been released on Dec 18, 2014 at 1pm ET. You can read more about it here: http://www.cloudlinux.com/blog/clnews/kernelcare-local-privilege-escalation-patch-for-pcsopenvzcl6cl5hcentos.php We have received numerous requests for CVE-2014-9322 patch. Right now we are running burn in tests that should finish in a few hours. This pa...
Continue reading
  3936 Hits
  0 Comments