Due to the way Linux people handle security fixes, a lot of the time the code fix goes in at first, then people decide it's an exploitable vulnerability, and then they have an embargo period without public discussion so everyone[1] can release a security patch at the same time. So hopefully Ubuntu has a kernel update ready to be released and they will send it out just about now.
Unfortunately in this case Ubuntu's CVE tracker just shows "needs-triage" or "does not exist" for CVE-2016-7117.
[1] Well, most Linux systems don't get timely security patches, like most Android phones or most embedded/iot products, but you get the idea
