Skip to main content
  1. Blog
  2. Article

Lech Sandecki
on 22 October 2019


Linux security is central to each release of Ubuntu, the most widely-used Linux distribution. With Ubuntu’s predictable six-month release cycle, users know when to expect the latest upstream open source capabilities and security.

Long Term Support (LTS) vs Interim releases

Every two years in April, a Long Term Support (LTS) release is published. Ubuntu LTS releases are commonly used in enterprise environments, with more than 60% of large-scale production clouds running Ubuntu LTS images.

Ubuntu 18.04 LTS (Bionic Beaver) is the latest Ubuntu LTS release, with Ubuntu 20.04 LTS coming in April 2020. Each new LTS release is supported for ten years total; five years of standard support, and five additional years of support under Ubuntu Advantage for Infrastructure (UA-I). UA-I provides users and organisations access to key security fixes and patches, including Canonical’s Extended Security Maintenance (ESM) and Kernel Livepatch services.

Twice every year, in April and October, interim releases are published. They are commonly used by those interested in the latest features and capable of upgrading more frequently.

Our latest interim release, which arrived last week, is Ubuntu 19.10 (Eoan Ermine). Its enhanced capabilities include the latest OpenStack Train release for live-migration assistance, improved security for Kubernetes deployments at the edge and significant updates to desktop performance. Standard support for an interim release is provided for nine months with no additional support extension offered.

10 years of continuous security under the Extended Security Maintenance (ESM)

ESM provides Linux security patches against high and critical security vulnerabilities for an extended period of time. The ESM service is the result of Canonical’s commitment to continuously provide security patches for Ubuntu LTS releases to secure Ubuntu systems and enterprise workloads in production for those unable to upgrade their systems more frequently.

Ubuntu 14.04 (Trusty Tahr) transitioned into the ESM support phase in April of this year, with many utilising this service to secure their Ubuntu environments. The next release to be covered by ESM is Ubuntu 16.04 LTS (Xenial Xerus, which is currently under standard support until 2021).

Kernel Livepatch – automated security patches

Security, automation and efficiency are the main tenets behind Canonical’s product and support offerings. Kernel Livepatch is a service that embodies all of these tenets, as it automatically applies the latest kernel security patches without rebooting. 

Livepatch is not only the most secure way to keep the kernel up-to-date. It also saves time and effort needed to apply patches manually. As a result, it increases the overall availability of an organisation’s infrastructure. 

To test and get started with Livepatch, anyone can subscribe up to 3 machines for free. For those needing security coverage on a larger scale, go ahead to buy Ubuntu Advantage for Infrastructure to get access to Kernel Livepatch, ESM, and more.

Want the full Ubuntu Linux security story?

To learn more about securing Linux and your Ubuntu systems register for our upcoming webinar.

Related posts


Luci Stanescu
1 July 2026

DirtyClone Linux kernel local privilege escalation vulnerability fixes available

Ubuntu Article

On June 25, 2026, JFrog published their research into CVE-2026-43503, referring to the vulnerability as DirtyClone. The vulnerability had previously been responsibly disclosed to the Linux kernel maintainers and the CVE record published on May 23, 2026. The vulnerability affects multiple Linux distributions, including all Ubuntu releases. ...


Luci Stanescu
1 July 2026

pedit COW kernel local privilege escalation vulnerability mitigations

Ubuntu Article

Mitigations are available for the Linux vulnerability with CVE ID CVE-2026-46331. The CVE ID was assigned on June 16 2026 and highlighted as a local privilege escalation (LPE) vulnerability on June 26, 2026. Known as “pedit COW”, this vulnerability affects multiple Linux distributions, including all Ubuntu releases starting with Bionic Be ...


Rajan Patel
23 June 2026

Canonical announces live kernel patching for Arm64

Security Article

Canonical Livepatch now officially supports Arm64, further expanding its security patching automation capabilities. For the first time, Ubuntu on an Arm64 machine can apply critical kernel updates, without service interruption or rebooting. Starting with Ubuntu Core 26 for Arm64, and for Ubuntu Core 20 and onwards for AMD64 machines, a wi ...