The vulnerabilities in the Linux kernels are found and patched frequently. I would say it will be better to have updates applied automatically, make sure the ‘unattended-upgrades’ package is installed, then run ‘sudo dpkg-reconfigure unattended-upgrades’. Please note that updates may restart services on your machine, so this may not be appropriate for all environments.

A vulnerability announced by Canonical on July 2nd. ->