If you are using Linux there is a large update to the kernel with 4.4.0 to deal with some problems in the heap. A security audit noticed that elevated applications could access sensitive areas in the heap potentially causing some security problems. The stack used my processors can be configured to be range bound which is what the update has been configured to do. Range checking does add slightly to the CPU load however modern servers are more than adequate to cope.

Using an exception is a safer way to secure the system which is goal of the security updates.

The update can take some time for user in data centers with shared blades. Reboots will be needed following the updates.