CloudLinux has knowledgeable Softpedia concerning the availability of a brand new model of its KernelCare rebootless kernel patching service for Linux-based working programs, promising to mitigate the Meltdown and Spectre safety vulnerabilities without reboots.
Meltdown and Spectre have an effect on the kernel and different elements of a Linux-based working system, together with QEMU, Xen, Nvidia graphics drivers, in addition to internet browsers like Firefox, Chrome, and Opera. To patch your Linux laptop towards these bugs that affect billions of devices, requires you to reboot your programs, however not with KernelCare, a industrial stay patching service from CloudLinux.
According to CloudLinux, KernelCare is now able to stay patching the Meltdown vulnerability and the primary variant of the Spectre exploit on CloudLinux 7 collection of working programs, in addition to Red Hat Enterprise Linux 7, CentOS 7 and CentOS 7 Plus, and Proxmox Virtual Environment three.10.
“Our live patching technology, KernelCare, delivers uninterrupted security updates of the kernel — without any interference or downtime for software running on the server. It fixes only the affected part, without actually rebooting or restarting the server,” says CloudLinux in a press announcement.
Ubuntu and Debian will quickly be supported too
To use KernelCare in your CloudLinux, CentOS, Red Hat Enterprise Linux, and Proxmox VE programs, you’ll have to pay from $2.25 USD per server month-to-month, however there’s additionally a free trial that helps updates for all Linux kernels on an infinite variety of servers, and CloudLinux even guarantees to carry assist for extra GNU/Linux distributions quickly.
These embrace CloudLinux 6, CentOS 6, Red Hat Enterprise Linux 6, and Virtuozzo 6 collection, in addition to Ubuntu, Debian, and different distros. However, CloudLinux famous the truth that Xen PV just isn’t and received’t be supported on KernelCare, which is extensively used amongst cloud suppliers and enterprises.
Some long-term supported Ubuntu programs use the same stay patching service, known as Canonical Livepatch Service, nevertheless it doesn’t seem to be able to stay patching the Meltdown and Spectre safety vulnerabilities on the time of writing. So till Canonical steps up to include a greater answer, you should use CloudLinux’s KernelCare.