This is one of the big problems with using 'vendor' kernels
They are supposed to be more reliable because they have better testing, but that testing takes time, and no distro ships the latest upstream kernel, so every distro has the added delay that they need to
1. notice that a change needs to be backported to their private kernel (I'm sure the usual suspects will again blast the kernel developers for not labeling every patch with it's security implication so that people could only look at 'security' patches, but that's a very old debate)
2. backport the change (figuring out if the patch has other implications due to other, unrelated changes that have taken place in the meantime)
3. test the 'new' kernel
4. ship the 'new' kernel to users.
All of this takes a long time, a few months of delay is actually surprisingly good (although 11-13 months seems to be a bit on the long side)