Most of the patched kernel vulnerabilities in these updates are new, and they’ve been recently fixed upstream in the Linux kernel. Therefore, it’s now time for OS integrators to update their repositories and keep users safe, and Canonical is always known for doing a great job releasing up-to-date kernels for Ubuntu. The first vulnerability (CVE-2017-1000364) was discovered in Linux kernel’s stack guard page for processes, which appears not to be sufficiently large to prevent overlapping with the heap, therefore allowing an attacker to use another vulnerability to either gain administrative privileges or execute arbitrary code.