Canonical ships Ubuntu Core 26 with 15 years of security maintenance

Operators of industrial sensors, edge AI controllers, and connected medical equipment now have a refreshed long-term Linux option for fleets that must stay patched for more than a decade. Canonical released Ubuntu Core 26, the latest long-term supported version of its minimal, immutable operating system, with security maintenance lasting up to 15 years.

The release targets devices subject to the European Union’s Cyber Resilience Act and customers running attested edge AI workloads. Every component on a Core system ships as a sandboxed, cryptographically signed snap, producing a measured boot chain in which only verified software runs.

Smaller updates and quicker installs

Over-the-air updates are a recurring cost for operators managing large device fleets across long product lifecycles. Ubuntu Core 26 introduces an improved snap-delta format that cuts update sizes by 50% to 90% for most snaps. Updates to the Core base snaps now weigh 1.5MB, down from 16MB. Initramfs-based installations skip redundant reboots by default, shortening the time required to provision a device.

Renesas worked with Canonical on integrating Core with its RZ family of microprocessor units. Mohammed Dogar, VP of the Embedded Processing Product Group at Renesas, said the combination delivers accelerated boot times and a reduced base image footprint for resource-constrained hardware running AI workloads.

Chisel build system replaces layered recipes

The headline engineering change is a new build system based on Chisel, Canonical’s tool for assembling filesystems from release-specific package slice definitions. Every file in a Core 26 image can be traced to its originating slice and source package, which improves the accuracy of integrity checks and vulnerability triage. The approach differs from Yocto builds, where provenance and dependency closure sit implicitly inside layered recipes and post-processing scripts. The new build path also trims base image size by 7%.

Ubuntu Core 26 moves u-boot configuration to a single raw partition with redundant environment support, enabling safer writes for both u-boot and snapd and removing recovery issues tied to file-based storage.

Hardware-rooted keys and CRA accountability

Full disk encryption sees foundational changes in this release. TPM-sealed keys are now stored directly within the LUKS2 header, reducing the risk of key reuse across device states. Native OP-TEE integration brings ARM TrustZone hardware-rooted key protection to embedded deployments, sealing and unsealing disk encryption keys through the Trusted Execution Environment and limiting key exposure to the normal operating system.

Canonical assumes Manufacturer responsibilities under the Cyber Resilience Act for the operating system’s release cycle, covering security maintenance for core modules, continuous CVE monitoring, coordinated disclosure, and compliance with IEC 62443-4-1.

Livepatch, Canonical’s rebootless kernel patching service, now covers ARM64 starting with Ubuntu Core 26 and is officially supported on AMD64 across all releases from Ubuntu Core 20 onwards. The expansion extends zero-downtime kernel updates to a wider range of devices, addressing one of the CRA’s vulnerability-remediation requirements.

Jon Seager, VP of Ubuntu Engineering at Canonical, said the Core security model of strictly confined components, transactional updates, and independent verifiability is reflected in emerging industry standards ten years after the platform first appeared.

Developer tooling and observability

Ubuntu Frame, the Core display server for embedded graphical applications, now supports multiple graphical applications on a single display, with configurable layouts, custom client placement, and a new accessibility launcher. A gpu-2604 interface brings graphics acceleration to Core 26 applications through a Snapcraft extension.

Devices can stream logs and metrics to the Canonical Observability Stack, which runs on Juju and Kubernetes with Grafana, Loki, and Prometheus deployed in the cloud or on-premises. Snapcraft introduces components, a packaging feature first tested in Ubuntu Core 24 for delivering NVIDIA drivers, allowing maintainers to distribute optional resources such as debug symbols, translations, or extra drivers alongside a main snap.