[CPANEL-24474] Offer advice in the Security Advisor when the "KernelCare Gap" is in effect
I also have a similar issue after updating the kernel
Cron /usr/bin/kcarectl --auto-update
Unknown Kernel (CentOS Linux 3.10.0-957.1.3.el7.x86_64)
EDIT: I have found this to be a kernelcare issue (not patched yet) and there's a post on their forum:
Unknown Kernel (CentOS Linux 3.10.0-957.1.3.el7.x86_64)
-
I'm also seeing this. I note that the RHEL/CentOS release level of kernel on most recent updates was incremented. (862 to 957). There is not yet a patch available in the KernelCare download directory for this kernel. I do not remember activating this free service. Was this automatically done by a cPanel update? Is there a way to check status of free patch installation and installation date? 0 -
Hello Everyone, Internal case CPANEL-24474 is open to add functionality in Security Advisor that will detect and advise administrators about the KernelCare "gap" that occurs when KernelCare has yet to release a patched kernel that's as up to date as the CentOS/RHEL kernel. I'll update this thread with more information on the status of this case as it becomes available. Thank you. 0 -
I do not remember activating this free service. Was this automatically done by a cPanel update? Is there a way to check status of free patch installation and installation date?
Hi @jsw4, KernelCare is not automatically installed. Is it possible you enabled it per the instructions in WHM >> Security Advisor? You can read about it at: Symlink Race Condition Protection - EasyApache 4 - cPanel Documentation As far as the installation history, your YUM log should have that information:grep kernel /var/log/yum.log
Thank you.0 -
Hello, i went automatically at 78.0.18 version and my VPSs need to reboot. I did them. After that i run "Security Advisor". I had to run "yum update" and the reboot. I did it. After that i run again "Security Advisor". I had the red notice "Add KernelCare's Free Symlink Protection". I clicked at link "Add KernelCare's Free Symlink Protection", then the page reload and i had the same message "Add KernelCare's Free Symlink Protection" I did this 3-4 times, also i did a reboot, but i have the same problem. I have the same problem with my two VPSs (CENTOS 7.6 v78.0.18) Any help? 0 -
Hello @thanasis, This can happen when KernelCare has yet to release a patch for the current CentOS/RHEL kernel installed on your system. KernelCare patches are typically published a few days after the stock CentOS/RHEL kernels are published. You can confirm this by running the following commands: uname -r kcarectl --info
If you've recently updated your kernel, then you're likely to see the following output:# uname -r 3.10.0-957.10.1.el7.x86_64 # kcarectl --latest-patch-info No patches available
As you can see on the Thank you.0 -
Thank you. 0 -
Yes, I also have the above issue, so just adding my voice to the thread. updated to kernel 3.10.0-957.10.1.el7 and also seeing "Kernel does not support the prevention of symlink ownership attacks." I assume when Kernelcare release a patch, will it be added automatically? Glad to hear an kernelcare gap message is coming, would be useful. 0 -
Hello Everyone, I've merged the posts from additional threads here to keep better track of the number of reports we've received. I'll continue to monitor CPANEL-24474 and update this thread with more information as it becomes available. Thank you. 0 -
I received an Update notification from inside WHM. Looks like the new patch is ready - it requires to be installed from command line SSH; A KernelCare update is available.You must take one of the following actions to ensure the system is up-to-date: - Patch the kernel (run "kcarectl --update" on the command line).
- Update the system (run "yum -y update" on the command line), and reboot the system.
0
Please sign in to leave a comment.
Comments
12 comments