Last year we had two (Heartbleed and the Bash-bug), this year we had one (so far). I am affected by none of them. (My DNS-requests only go to my ISP and I am not afraid they will hack their clients - and yes, I did patch it anyway.)
Before that we had several years without any serious one.
IIRC, the only one that ever affected me was 2002 (or so?), the big SSH vulnerability.
In all other cases some special conditions were needed for the exploit that didn't apply to me (for example the Bash-bug didn't affect any of my servers because I don't run CGI and on top the default /bin/sh points to dash and not bash.)
However every serious Linux vulnerability is immediately going through the media - because it is so rare.
In the future, these bugs seem also increasingly unlikely because people immediately check the affected packages for security vulnerabilities (and AFAIK they also fixed a couple in bash).