A guide to kernel live patching on Red Hat Enterprise Linux 7 and 8
Updated -
Kernel live patching is a solution that allows you to patch a running kernel with selected critical and important CVEs without rebooting your system.
For more information about the kernel live patching solution and how it works in Red Hat Enterprise Linux 7 see Applying patches with kernel live patching in the Kernel administration guide or refer to the release note notation. In RHEL 7 the live patching solution is supported from version 7.7.
In RHEL 8 the kernel live patching solution is supported from version 8.1 and the usage is identical to RHEL 7. The documentation will be available with the RHEL 8.1 release on November 5 2019.
3 Comments
What type of subscription should I have to access kpatch Hot Fixes like 'kpatch-patch-7.0-2.el7.x86_64.rpm' ? Also in which repository it should be available ?
I'm interested in test kpatch tecnology. In wich repository are available de kpatch-XXX.rpm?
Hello Luis,
kpatch is available in the Red Hat Enterprise Linux 7 repository - currently for the
RHEL 7.7kernel. With the subscriptions from your company, kpatch is also supported for RHEL 7.4, RHEL 7.5, RHEL 7.6, and RHEL 8. If you need a kpatch for any of those versions, open a case. Each kpatch supports a specific kernel build, so if you request a kpatch include the kernel version - as returned byuname -r.More details on how to use kpatch are in the following documentation: Applying patches with kernel live patching.
Regards,
Marc Milgram Senior software maintenance engineer