Author(s): Charly Kühnast There is only one thing Charly appreciates even less than security holes in the kernel: downtime of his machines. That's why he patches his Ubuntu systems with Canonical's Livepatch on the fly. Vulnerabilities in the kernel are always ugly, but since the Linux kernel is a very complex piece of software, admins have to come up with a strategy to deal with them. Fortunately, patches are often available shortly after the discovery of a vulnerability, but the application and the subsequent reboot will lead to an – admittedly usually short – period of unavailability of the system.