KernelCare Blog

We’ve just published a Technical White Paper called KernelCare: Live Kernel Patching for Linux. It covers what KernelCare is, how it works and why you need it. We give an overview of setting up custom patch servers, both within and without firewalls, and we show what the patch management GUI looks like. We explain what delayed and sticky patches are, take a quick look at automating patch monitoring (through Nagios, Zabbix or the REST API) and show how to integrate with Rapid7 Nexpose.

It’s a great overview of KernelCare and a good, compact source of reference information. You can get a copy here.

UPDATE as of August 28th: UEK version 4 is now also supported!

If you are running the Unbreakable Enterprise Kernel (UEK), which is included as part of Oracle Linux, you already know that it is optimized for stability and security for enterprise cloud workloads. The UEK includes enhancements that benefit Oracle Database, middleware, applications and hardware. It is thoroughly tested and is recommended for all enterprise deployments. It powers the Oracle Cloud and the Oracle Engineered Systems.

Read More

Rebooting your servers hurts your customers and hurts you. It is often done deep in the night to minimize the impact on peak-time services. It forces downtime on you and your business. A server reboot can take 15 minutes or more to complete. It can take even longer for performance to stabilize and for you to confirm all services are running. Rebooting is not something you want to do often. But a reboot is the only way to apply patches for kernel security vulnerabilities.

Until now. 

Now there is KernelCare. It is a nifty solution for automatically updating Linux kernels without rebooting servers.

Take a look at this quick-read e-book to see how it works (PDF).

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in the EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. 

Read More

At Interop ITX 2018 in Las Vegas earlier this month, visitors had the chance to stop by the KernelCare booth, meet our team and talk about our rebootless and automated kernel security updates service. They also had a chance to participate in a raffle - every visitor had an option to receive an instant-win scratch card for a chance to win one of 7 totally awesome portable speakers. And in the end, they all earned additional ways to enter into a big giveaway to win Bose QuietComfort 35 (Series I) wireless headphones for trying out KernelCare, or simply engaging with us through our social media channels. And as always, purchasing KernelCare was not required. 

Read More

A ptrace virtualization code to the debug registers has an incorrect error handling which was discovered by Andy Lutomirski and disclosed today (CVE–2018–1000199). This vulnerability can lead to corruption and DoS. In practice, if an illegal value is written, such as DR0, the internal state of the kernel’s breakpoint tracking can become corrupt even though the ptrace() call will return -EINVAL.

Read More

The 2018 Best of Interop ITX awards finalists were just revealed, and we are thrilled to share that KernelCare has been selected as the finalist in the Infrastructure category. Traditional IT infrastructure is changing giving way to new software-defined technologies, cloud, and automation. In this category, Interop ITX 2018 recognizes products that help enterprises adapt to the new era of infrastructure.

Read More