Kernel care by cloudlinux allow us to apply latest security patches on a live server without rebooting it. To manage kernel care, we can use kcarectl command line tool. Below are some of the commands to stay updated and secured.
To see the latest kernel installed, run
```
# /usr/bin/kcarectl --uname
3.10.0-427.36.1.lve1.4.47.el7
```
The kernel 3.10.0-427.36.1.lve1.4.44 was introduced to fix the bug for CVE-2017-7895. To see if it is applied to our kernel, please run the below command.
```
# kcarectl --patch-info | grep CVE-2017-7895
kpatch-cve: CVE-2017-7895
```
The above command option –patch-info will list the applied patches.
To download latest patch and apply to the current kernel, please run
```
kcarectl -u
```
To see if any patchset is available, run
```
# kcarectl --check
The latest patch is applied
```