Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Dustin Kirkland
on 8 December 2016

Ubuntu 16.04 LTS Security: A Comprehensive Overview

cloud Security Server

From Linux kernel livepatches to encryption to ASLR to compiler optimizations and configuration hardening, we strive to ensure that Ubuntu 16.04 LTS is the most secure Linux distribution out of the box.

The slides above try to briefly explain:

  • what we do to secure Ubuntu
  • how the underlying technology works
  • when the features took effect in Ubuntu

I hope you find this slide deck informative and useful!  The information herein is largely collected from the Ubuntu Security Features wiki page, where you can always find up to date information.

Original article

Related posts

Rajan Patel
1 July 2025

Update Livepatch Client for the newest kernel module signing certificate

Security Article

The kernel engineering team at Canonical has generated a new module signing certificate on May 16, 2025, and it is embedded in all Ubuntu kernels published after that date. Livepatch Client version 10.11.2 published on June 13, 2025 includes this new certificate. Livepatch Client 10.11.2 or greater is required to successfully Livepatch al ...

Rajan Patel
27 June 2025

How is Livepatch safeguarded against bad actors?

Security Article

What safeguards the Livepatch security patching solution against bad actors and malicious code masquerading as an update? Learn about Secure Boot and module signing. ...

ebarretto
18 June 2025

Fixes available for local privilege escalation vulnerability in libblockdev using udisks

Ubuntu Article

Qualys discovered two vulnerabilities in various Linux distributions which allow local attackers to escalate privileges. The first vulnerability (CVE-2025-6018) was found in the PAM configuration. This CVE does not impact default Ubuntu installations because of how the pam_systemd.so and pam_env.so modules are invoked. The second vulnerab ...