At Interop ITX 2018 in Las Vegas earlier this month, visitors had the chance to stop by the KernelCare booth, meet our team and talk about our rebootless and automated kernel security updates service. They also had a chance to participate in a raffle – every visitor had an option to receive an instant-win scratch card for a chance to win one of 7 totally awesome portable speakers. And in the end, they all earned additional ways to enter into a big giveaway to win Bose QuietComfort 35 (Series I) wireless headphones for trying out KernelCare, or simply engaging with us through our social media channels. And as always, purchasing KernelCare was not required.
ptrace virtualization code to the debug registers has an incorrect error handling which was discovered by Andy Lutomirski and disclosed today (CVE–2018–1000199). This vulnerability can lead to corruption and DoS. In practice, if an illegal value is written, such as DR0, the internal state of the kernel’s breakpoint tracking can become corrupt even though the
ptrace() call will return -EINVAL.
The 2018 Best of Interop ITX awards finalists were just revealed, and we are thrilled to share that KernelCare has been selected as the finalist in the Infrastructure category. Traditional IT infrastructure is changing giving way to new software-defined technologies, cloud, and automation. In this category, Interop ITX 2018 recognizes products that help enterprises adapt to the new era of infrastructure.
KernelCare supports a large number of distributions and kernel versions. List of all supported distributions, kernels, as well as patches for them is available at http://patches.kernelcare.com.
A few weeks ago we released the KernelCare “Extra” Patchset with the security fixes and the symlink protection available to all KernelCare customers running CentOS kernels. Today we are pleased to share that you can get the Symlink Protection Patchset for CentOS 6 and 7 at no cost, even if you don’t have licenses of KernelCare.
By now, you might have thought that the topic of Meltdown and Spectre vulnerabilities is taking a backstage in the news. Not so, as the impact and the solutions to resolve the issues seem to be the talk of the technical community still.
Do you want to use KernelCare for rebootless kernel updates? But what if you are running an unsupported distribution? What if your kernel is custom, self-compiled, special, or just old? KernelCare provides Custom Kernel Patching so that your company can benefit from live patching service for your kernel. The experts on our security and kernel development team can update your kernels using KernelCare technology to apply patches to the running kernel without the need to reboot servers.
I am thrilled to let you know that we have published a toolset for livepatching of user space software, called LibCare, to GitHub. It is released under the GPL2 license and allows software developers to develop and apply patches to their running software without the need to restart it.
KernelCare is often deployed on a large number of servers. Adding those servers one by one is a hassle. In that case, KernelCare key can be used to deploy and register multiple servers at once.
Registration is still straightforward:
kcarectl --register [YOUR KEY]
The key can be obtained from CLN (see image).
A few days ago, Endurance has announced that they have implemented KernelCare to keep their servers secure and limit interruptions. Endurance is a leading provider of cloud-based platform solutions, and they have deployed KernelCare rebootless update service on shared and dedicated web servers for the Endurance family of brands including HostGator and Bluehost, among others.