Livepatch, a technology to apply patches to a running kernel, has been available for some time. Now Ubuntu LTS 16.04 became the first major Linux distribution to enable it in their kernel.
We’ve been asked what this really means, and does it make KernelCare obsolete? The answer is: not at all.
Yes, the technology to apply the patches is here (after all, we’ve been applying patches to the running kernel for 2 years now, so we are not surprised). But where are the patches?
Ubuntu doesn’t provide the actual patches. So, next time there is a vulnerability in a kernel, you would have to roll up your sleeves, and prepare a kernel patch yourself. And this is no trivial task. We know because we have a team of kernel developers working full time on just monitoring security and kernel mailing lists and preparing the patches. This patch creation requires a strong background in kernel development as well as a powerful toolset to prepare and test the patches. So, while Ubuntu LTS 16.04 makes it possible for anyone to live patch the kernel… KernelCare is the only one who is actually providing the patches keeping your kernel always secure.
If you haven’t tested KernelCare yet, take it for a spin now - it will bring your kernel up-to-date with all security patches instantly, and even KernelCare installation does not require a reboot.