No real need currently just updates, AppArmor, Firewall, AVs arent really functional in Linux cause theyre just sig based so if something goes by youre doomed anyway.
perhaps if your running a server .but even if an unknown executable was to get on to your linux system it cant do anything unless you give it root permissions. also linux has mitigations in place like seccomp filters etc. only download software from the official repositries and trusted sources and you should be okay.
The firewall works out of the box because is part of the Kernel, it's called netfilter. Some Distros include a GUI like Gufw and that may be turned off by default. https://help.ubuntu.com/community/Firewall
You should say "in theory". In practice, every known OS kernel created by man so far has bugs. One of the most serious privilege-escalation exploits was announced just this past October in fact, and had gone unpatched within the kernel "for nine years in virtually all versions of the Linux operating system". I personally think an AV solution is worthwhile for all common personal OS's. "The systems using a Linux kernel are right now running with security flaws," Cook wrote. "Those flaws are just not known to the developers yet, but they’re likely known to attackers." I think that is a safe attitude to take in regards to nearly all desktop software.
This may be true. However, how is an AV that primarily protects against Windows malware supposed to improve Linux security? An AV wouldn't have protected against the dirty cow vulnerability mentioned in that Ars article at all. That vulnerability was bad. But the chances that it would have been exploited on a Linux desktop system were extremely small. Where from and how would you have gotten malware targeting that vulnerability? And how would it have been executed on your system? Instead of installing a useless AV it's much more prudent to run your browser and other critical software in Firejail. And use uBlock Origin in your browser to stop malicious ads.