KernelCare Blog


Contents
1. About the Zombieload/MDS Vulnerability
2. Patch Release Schedule

About the Zombieload/MDS Vulnerability

Vulnerabilities are becoming like celebrities, with freaky names and their own websites.

The latest ones to hit the scene are Zombieload, RIDL and Fallout, also known as Microarchitectural Data Sampling, (MDS for short), discovered by Intel and researched by academic departments at security-focused institutions around the world. These vulnerabilities are in the same vein as Spectre and Meltdown, being design flaws that reveal data. Zombieload is particularly worrying because it affects all Intel Core and Xeon CPUs manufactured since 2011.

Read More

Organizations use cloud services like AWS to be more agile and more profitable. This doesn’t stop them spending millions of dollars on cybersecurity, investing in network defense and end-point protection, hiring consultants, and purchasing threat intelligence reports.

But companies still get hacked, and still suffer data breaches and server compromises, often traceable to out-of-date software, either at the application level, or in the OS itself.

Read More

Introduction

Software is complex and constantly changing. Bugs are inevitable. Before the internet age, bugs were just faults to fix. Now, they are opportunities, one of the ways hackers get unauthorized access to systems. The cybersecurity industry thrives on this threat. Their products 'defend' and 'protect' but cannot plug a simple security loophole: the exploitation of vulnerabilities that persist in outdated and unpatched operating systems and applications.

This article reviews the background to this problem, and gives tips to remedy it using unattended update packages for Ubuntu, Red Hat and Fedora, and live patching solutions from KernelCare, Kgraft, Ksplice, and Livepatch.

Read More

It is Fall in the Northern Hemisphere, and everyone’s out gazing into the clear dark skies when they should be indoors looking after their servers. Why? 

Because yet another 10-year-old flaw has been found in the Linux kernel, this time in the create_elf_tables() function, that, when subject to an integer overflow condition, can allow root-level privileged code to run. 

Read More