It’s the end of the year for official duties for the Ubuntu Security team so
we take a look back on the security highlights of 2024 for Ubuntu and predict
what is coming in 2025.
Show Notes
Overview
It’s the end of the year for official duties for the Ubuntu Security team so we
take a look back on the security highlights of 2024 for Ubuntu and predict what is coming in 2025.
didn’t mention it earlier but we covered a number of Linux malware teardowns
this year and expect that trend to increase as Linux keeps growing in
popularity
Full LSM stacking still won’t make it into the upstream Linux kernel
Integrity of code and data will play more of a role
both in terms of software supply chain and integrity of distro repos etc,
but also efforts to try and guarantee the integrity of a Linux system
itself - whether via new IPE LSM or other mechanisms - mainstream distros
will start to care about integrity more
More collaboration across distros to aid in efforts to collectively handle
deluge of CVEs
More efforts to try and fund OSS to learn from lessons of Heartbleed and xz-utils
some more and less successful
More interesting vulns in more software
During 2024 Qualys have done some of the most interesting vuln research on
Linux - expect more from them and from others (whether aided by AI or not)