Red Hat Enterprise Linux kPatch

kpatch is a live kernel patching solution that allows you to patch a running kernel without rebooting or restarting any processes.

It enables system administrators to apply critical security patches to the kernel immediately, without having to wait for long-running tasks to complete, for users to log off, or for scheduled reboot windows. It gives more control over uptime without sacrificing security or stability.

 

Scope of Support for kpatch

Live kernel patching with kpatch is supported from Red Hat Enterprise Linux 7.2 onwards.

Live kernel patching is supported for customers with Premium SLA subscriptions.

Live kernel patching is only supported on the active Red Hat Enterprise Linux 7 maintenance stream that is within the current async errata phase.

Live kernel patching is not available on the Extended Update Support (EUS) at this time.

kpatch is currently not supported on the Red Hat Enterprise Linux Real Time (RT) kernel.

kpatch is not supported on Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.

Only one live kernel patch may be installed on the kernel at any given time.

Not all issues may be covered under live kernel patching, including hardware enablement.

 

Access and Delivery of Live Kernel Patching

Live kernel patching capability is implemented via a kernel module (kmod) that is delivered as an RPM package. The kpatch utility is used to install and remove the kernel modules for live kernel patching.

Red Hat Customers with Premium subscriptions are eligible to request a live kernel patch as part of an accelerated fix solution from Red Hat Support.

Customers with Premium subscriptions who typically used 'hotfix' kernels which required a reboot can now request a kpatch kmod that requires no down time. The kpatch patch will be supported 30 days after the errata that contains the fix is released, in the same manner as 'hotfix' kernels.

Customers should open a support case directly in the Red Hat Customer Portal and discuss appropriate accelerated fix options.