• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

Understanding Ksplice Effective Kernel Version

by admin

This post will explain the meaning behind the output of the “ksplice kernel uname” (Ksplice Enhanced client) or “uptrack-uname” (Ksplice Uptrack client) command and how to interpret Ksplice’s effective kernel version string.

The effective kernel version that is reported by Ksplice when running the command “ksplice kernel uname -r” reflects the security position of the kernel that is running based on the patches that have been applied by Ksplice. This effective kernel version usually differs from the version of the kernel that was booted and is intended to reflect the current state of the kernel with regard to potential vulnerabilities or critical bugs.

In the case where a booted kernel is locked to a version that did not receive the initial patches for the Spectre/Meltdown vulnerabilities, these patches cannot be applied with Ksplice. Although Ksplice continues to update the kernel with patches for subsequent CVEs, the effective kernel version is not updated so as to accurately reflect that the currently loaded kernel is still vulnerable to the Spectre/Meltdown vulnerabilities, even if patched for other potential attack vectors.

You can check your booted kernel version by running “uname -r”. Compare it to the version reported by Ksplice. If these versions match, your kernel is likely to still be vulnerable to Spectre/Meltdown and you should consider upgrading kernel and rebooting for Ksplice to be fully effective.

You can check which specific CVE vulnerabilities and critical bug fixes have been applied to the running kernel by running “ksplice kernel show“.

Filed Under: Linux, OEL 6, OEL 7

Some more articles you might also be interested in …

  1. Linux “shutdown”, “poweroff”, “halt”, “reboot” Commands
  2. What is umask in UNIX/Linux
  3. UNIX / Linux : How to delete root equivalent user (Non-Root User with UID 0)
  4. Linux OS Service ‘squid’
  5. Using cut on Linux Terminal
  6. ipcrm: command not found
  7. netcat Command Examples in Linux
  8. How to uninstall scons package from Ubuntu
  9. How to Check Btrfs FileSystem Usage and Perform Balancing
  10. daemon: command not found

You May Also Like

Primary Sidebar

Recent Posts

  • “aws workmail” Command Examples
  • aws-vault Command Examples (A vault for securely storing and accessing AWS credentials in development environments)
  • “aws sts” Command Examples
  • “aws sqs” Command Examples

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright