Livepatch - uname not showing new kernel

timocam · October 8, 2025, 12:13pm

Ubuntu Version: 22.04.5 LTS

Environment : AWS EC2

Problem Description:

Ubuntu Pro livepatch installed and enabled
Ubuntu Pro esm-apps installed and enabled
Ubuntu Pro esm-infra installed and enabled

Ran sudo unattended-upgrade with no errors.
uname -a shows kernel - 6.8.0-1036-aws #38~22.04.1-Ubuntu
expecting 6.8.0-1040-aws #42~22.04.1-Ubuntu
but only get uname -a to show new kernel after reboot.
expecting not to have to reboot to use new kernel.

What I’ve Tried:
Checked no /var/run/reboot-required - there is no such file
Found in /var/log/apt

term.log:update-initramfs: Generating /boot/initrd.img-6.8.0-1040-aws
term.log:Found linux image: /boot/vmlinuz-6.8.0-1040-aws
term.log:Found initrd image: /boot/microcode.cpio /boot/initrd.img-6.8.0-1040-aws
term.log:Found linux image: /boot/vmlinuz-6.8.0-1040-aws
term.log:Found initrd image: /boot/microcode.cpio /boot/initrd.img-6.8.0-1040-aws

ogra · October 8, 2025, 2:04pm

This is not how live patching works…

A live patch to your running kernel is like a module you load, it then overlays the malicious code in the existing kernel… Your actual kernel does not change at all, only the vulnerable code gets replaced on the fly…

At the same time if a new kernel with the fixes shows up it will be installed but due to the nature of kernels it will only become active after reboot…

The purpose of livepatch is to protect the currently running kernel from open security holes while you can not reboot yet to make the kernel that carries the actual fix active…

So the behavior is exactly as expected

system · November 7, 2025, 12:13pm

This topic was automatically closed after 30 days. New replies are no longer allowed.