How to check kernel "livepatch" version?
Colin Watson
cjwatson at ubuntu.com
Mon May 7 23:08:27 UTC 2018
On Mon, May 07, 2018 at 01:05:52PM -0700, Daniel Howard wrote:
> Regarding LSN-0037-1, posted to ubuntu-security last week: how does one
> verify that they are running a properly patched kernel? All of my apt-based
> tools refer to the kernel version as, for example, 4.4.0.121.127, but the
> security announcement refers to a "livepatch version" ... which appears to
> be a commercial subscription service.
Yes, although it's free-as-in-beer for personal use for up to three
machines.
https://www.ubuntu.com/server/livepatch
If installed, "canonical-livepatch status" shows the livepatch version
among its output.
> If I am not a livepatch subscriber, what kernel version should I be running
> to be safe against the vulnerabilities disclosed in LSN-0037-1?
I *think* non-livepatch fixes for these are still in progress
(4.4.0-123.147, possibly), but I'm not a kernel developer so I could
well be very wrong. My main point in sending this message was to
provide information on the status command.
--
Colin Watson [cjwatson at ubuntu.com]
More information about the ubuntu-users
mailing list