DISA maintains all the STIGs on their website. There currently is no STIG for Ubuntu. The closest thing (am I right on this?) is the one for Debian, dated Mar 27, 2017 ("SCC 4.2 Debian AMD64"). Has anyone attempted to run the SCAP Compliance Checker (SCC) for Debian against an Ubuntu install?
The DISA STIG site is here: http://iase.disa.mil/stigs/Pages/index.aspx, look under the "STIGs" pulldown, "STIGS Master List A-Z", second page lists the various SCCs. I realize that these SCCs are behind the PKI firewall, so I am not asking anyone to provide them to me! I am just asking if anyone has tried running the Linux-related ones against Ubuntu, and if so, how did it go?
I'm a little late to the party, but there are now officially published STIGs that cover Ubuntu - but only version 16.04 LTS. The direct link to the STIG is: direct download link (as of 19-Jan-2020).
Canonical's press announcement was provided as a shortened URL link displayed in my Server 18.04.1 LTS banner page: Canonical's Current Security Certifications
I will edit this answer if/when I get an opportunity to apply the STIG.
Since websites are dynamic, below is an image of the pertinent DISA page with a link to that page here (in case the STIG is updated or new versions are added): DISA UNIX / Linux STIG page: