livepatch

Apply critical kernel patches without rebooting.

Personal users of Ubuntu can subscribe three machines (laptop, server or cloud) free of charge.

Livepatch is available on LTS based systems,
starting with Ubuntu 14.04 LTS, within its normal support cycle.

The Livepatch Service intends to address high and critical severity Linux kernel security vulnerabilities,
as identified by Ubuntu Security Notices and the CVE tracker.

high

A real problem, exploitable for many people in a default installation.
Includes serious remote denial of services, local root privilege escalations, or data loss.

critical

A world-burning problem, exploitable for nearly all people in a default installation of Ubuntu.
Includes remote root privilege escalations, or massive data loss.

# Generate your credentials via the Canonical Livepatch portal.

https://auth.livepatch.canonical.com/

# latest version of snapd (at least 2.15) are needed
sudo snap install canonical-livepatch

sudo canonical-livepatch enable [TOKEN]