Issue
How to check if a server is patched against a specific CVE using KernelCare?
Environment
- Any operating system supported by KernelCare
Solution
Use the kcarectl tool with the --patch-info flag to get information about the currently applied patches. For example:
kcarectl --patch-info | grep CVE-2022-0847
You will see the following output if the patch is applied:
kpatch-name: 4.18.0/CVE-2022-0847-lib-iov_iter-initialize-flags-in-new-pipe_buffer.patch
kpatch-cve: CVE-2022-0847
kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2022-0847 (https://access.redhat.com/security/cve/CVE-2022-0847)
The empty output means no such patch. Maybe you need to update/apply patches with the kcarectl -u command. Or the patch isn't available for your system (yet).
Useful links
https://docs.tuxcare.com/live-patching-services/#command-line-tools
Comments
0 comments
Please sign in to leave a comment.