KernelCare Blog


Software is complex and constantly changing. Bugs are inevitable. Before the internet age, bugs were just faults to fix. Now, they are opportunities, one of the ways hackers get unauthorized access to systems. The cybersecurity industry thrives on this threat. Their products ‘defend’ and ‘protect’ but cannot plug a simple security loophole: the exploitation of vulnerabilities that persist in outdated and unpatched operating systems and applications.

This article reviews the background to this problem, and gives tips to remedy it using unattended update packages for Ubuntu, Red Hat and Fedora, and live patching solutions from KernelCare, Kgraft, Ksplice, and Livepatch.

Read More

KernelCare will be at the 2019 RSA Conference in San Francisco, USA.

This year running from 4-8 March, the RSA Conference is an important information security event, connecting you to industry leaders and cybersecurity trends. Attending this year will be our CEO, Igor Seletskiy, and our President and CRO, Jim Jackson. Aaron Harvey will be on hand to calm your nerves after speaking to such illustrious names.

If you want to come, it’s not too late. Register for free using our promo code:


For those of you lucky enough to come, we’ll be raffling off some great prizes, including some awesome Wonderboom wireless speakers. Watch our web site and social media where we’ll announce the winners a week after the event, on March 15th. Good luck and see you there!

Linux kernel updates are a fact of life–as dull as taxes and only slightly less inconvenient than death. Newly discovered security vulnerabilities in the Linux kernel seem to appear with monotonous regularity. In most but not all cases, the patches needed to fix them follow swiftly after. There is work involved in installing the latest Linux kernel security patches, and danger if you delay–leave it too long and threat actors might take advantage of the period of vulnerability.

Read More

It is Fall in the Northern Hemisphere, and everyone’s out gazing into the clear dark skies when they should be indoors looking after their servers. Why? 

Because yet another 10-year-old flaw has been found in the Linux kernel, this time in the create_elf_tables() function, that, when subject to an integer overflow condition, can allow root-level privileged code to run. 

Read More

We’ve just published a Technical White Paper called KernelCare: Live Kernel Patching for Linux. It covers what KernelCare is, how it works and why you need it. We give an overview of setting up custom patch servers, both within and without firewalls, and we show what the patch management GUI looks like. We explain what delayed and sticky patches are, take a quick look at automating patch monitoring (through Nagios, Zabbix or the REST API) and show how to integrate with Rapid7 Nexpose.

It’s a great overview of KernelCare and a good, compact source of reference information. You can get a copy here.

UPDATE as of August 28th: UEK version 4 is now also supported!

If you are running the Unbreakable Enterprise Kernel (UEK), which is included as part of Oracle Linux, you already know that it is optimized for stability and security for enterprise cloud workloads. The UEK includes enhancements that benefit Oracle Database, middleware, applications and hardware. It is thoroughly tested and is recommended for all enterprise deployments. It powers the Oracle Cloud and the Oracle Engineered Systems.

Read More

Rebooting your servers hurts your customers and hurts you. It is often done deep in the night to minimize the impact on peak-time services. It forces downtime on you and your business. A server reboot can take 15 minutes or more to complete. It can take even longer for performance to stabilize and for you to confirm all services are running. Rebooting is not something you want to do often. But a reboot is the only way to apply patches for kernel security vulnerabilities.

Until now. 

Now there is KernelCare. It is a nifty solution for automatically updating Linux kernels without rebooting servers.

Take a look at this quick-read e-book to see how it works (PDF).

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in the EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. 

Read More