Linux kernels between v5.14 and v6.6, including Debian, Ubuntu are affected by CVE-2024-1086 security bug.
Will Zorin give us a fix for this:
When it is a Security Issue directly in the Kernel, the Update comes from the Ubuntu Sources because the Kernel comes from Ubuntu. So, when a Kernel Updtae is coming You could use the Software Updater and there You can look in the Description if this CVE is closed.
of course, ZorinOS includes security patches in essentially the same fashion that Ubuntu does it, although usually at newer kernel versions. The Kernel is regularly updated.