The Livepatch tool is a valuable solution for resolving critical and high-security kernel CVEs without requiring an immediate system reboot. However, it is not a substitute for regular maintenance windows and reboots, as some CVEs still require a system reboot. Additionally, Livepatch only covers security-related kernel updates, not non-security bug fixes, lower-priority security fixes, or performance improvements. Canonical has introduced a sliding support window of 13 months for each GA kernel version revision of all its Ubuntu LTS releases to ensure adherence to industry best practices. If a customer has not rebooted their system within 13 months, they will need to install the latest kernel update and reboot to receive further livepatches. Canonical still supports LTS releases for 5 years as part of their LTS commitments and 10 years for Ubuntu Pro subscribers. Customers have the option to upgrade to the latest available HWE kernel if they choose to reboot, regardless of the kernel they use. Canonical addresses kernel vulnerabilities through Stable Release Updates released every few weeks, allowing customers to either livepatch or update their kernel every few weeks. The 13-month sliding support window allows customers to continue using the same kernel revision for up to 13 months while benefiting from Livepatch, and not rebooting for more than 13 months will result in no longer receiving livepatches for that particular kernel version revision.

Livepatch allows Ubuntu users to fix critical and high kernel vulnerabilities at runtime, which reduces the need for unplanned reboots. Until now, Livepatch has only been available for Long-Term Release (LTS) kernels, but starting with the release of Ubuntu’s interim release of 23.04 Lunar Lobster in April 2023, it will also be available on Hardware Enablement (HWE) kernels. This means that users will be able to keep their kernels updated and secure with Livepatch, regardless of which kernel they choose to run with their Ubuntu LTS release. Ubuntu public cloud customers will also benefit from this new feature, as they will be able to have the latest hardware and software support on their Ubuntu instances.Data driven