Cloud Insidr

Cybersecurity in the Age of the Machine

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home cybersecurity and cyber warfare A fix for Spectre & Meltdown: update your Linux kernel in place (running CentOS/RHEL 7 or above), and live happily ever after
A fix for Spectre & Meltdown: update your Linux kernel in place (running CentOS/RHEL 7 or above), and live happily ever after

Cloud Insidr 2018-04-04 5 Comments

A fix for Spectre & Meltdown: update your Linux kernel in place (running CentOS/RHEL 7 or above), and live happily ever after

If you launch an instance from the official CentOS or RHEL 7.x AMI on AWS, you will be running kernel 3.1 as of this writing. That’s not a good idea. You can easily take advantage of improved security features of newer kernels that are already available in a stable release. The renowned Linux kernel maintainer Greg Kroah-Hartman released the Linux Kernel 4.14.15, which includes important fixes for Spectre & Meltdown. Here is how to update your Linux kernel from 3.1 to 4.16.11 in place.

Step 1. Import the repo key

First, import the GPG key for the repository:

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

Step 2. Install the repository

Install the repository that holds your new kernel:

yum install http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

Before you enable the new repo, you can peek inside its configuration file to see what it will be doing:

nano /etc/yum.repos.d/elrepo.repo

Step 3. Enable the repository

Enable the repository with this command:

yum --enablerepo=elrepo-kernel install kernel-ml

Step 4. Install the RPM of your new kernel

To install your new kernel for CentOS/RHEL 7.03, run this command:

yum install http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

Step 5. List all available kernels

List all kernels that are available to the grub bootloader on your system:

awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg

Step 6. Select the new kernel

From the list of available kernels, select the new kernel:

grub2-set-default 0

The number 0 denotes the first kernel in the list.

Step 7. Save the new configuration and reboot

Save your new configuration:

grub2-mkconfig -o /boot/grub2/grub.cfg

Reboot.

Filed Under: cybersecurity and cyber warfare, Linux Tagged With: AWS, grub, kernel, Linux

Comments

  1. minecraft says

    2019-04-24 at 1:19 am

    Does your blog have a contact page? I’m having a tough time locating it but, I’d like to send you an e-mail.
    I’ve got some suggestions for your blog you might
    be interested in hearing. Either way, great blog and I look forward to seeing it grow over time.

    Reply
    • Cloud Insidr says

      2019-04-24 at 1:21 am

      https://www.cloudinsidr.com/content/contact-us/

      Reply
  2. Dario Porterfield says

    2019-04-15 at 8:04 pm

    Excellent article. I’m facing a few of these issues as well..

    Reply
  3. minecraft says

    2019-04-13 at 6:53 pm

    I love your blog.. very nice colors & theme. Did you design this
    website yourself or did you hire someone to do it
    for you? Plz reply as I’m looking to design my own blog and would like to know where u got this from.
    thanks a lot

    Reply
    • Cloud Insidr says

      2019-04-13 at 7:54 pm

      You can join Cloud Insidrs and we will soon publish a way to to run your own website fast, secure & cool!
      Stay tuned cameronsherrod@googlemail.com !

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Subscribe

SSL/TLS Certificate Square (250 x 250)

Tag Cloud

AWS AWS Billing Dashboard AWS Config AWS Cost Explorer AWS Resource Explorer AWS Tag Editor AWS Trusted Advisor cipher suites Diffie-Hellman ECDHE FLAME HSTS HTTP/2 NGINX SHA-1 SHA-2 SSL TLS

Pearson Education (InformIT)

SSL/TLS Certificate Medium Rectangle (300 x 250)

©2022 CybrAnalytiqa OÜ

  • Content purchasing and syndication