Kernel code removals driven by LLM-created security reports

https://lwn.net/Articles/1068928/

Article

TL;DR

AI-generated bug report floods overwhelmed unmaintained Linux module maintainers, forcing removals including AX.25.

Key Takeaways

  • AX.25 amateur radio module removed — maintainers couldn’t absorb AI-generated report volume
  • LLMs efficiently surface real bugs in unmaintained code no human is actively watching
  • AI report spam is a new attack surface: legitimate projects can be destabilized by volume alone

Discussion

Top comments:

  • [s20n]: AX.25 removal is collateral damage — maintainers buried, not the code itself fatally broken

    since nobody stepped up to help us deal with the influx of the AI-generated bug reports we need to move it out of tree to protect our sanity.

  • [sscaryterry]: These are pre-existing bugs — LLMs just shine a light on what was always there
  • [KJs6ZxELzQM37O]: Money floods into finding bugs but not fixing them — misaligned incentives
  • [mmsc]: Unmaintained code is itself a security liability; removals are net positive regardless of cause

Discuss on HN

Type Link
Added Apr 22, 2026
Modified Apr 22, 2026
comments 41
hn_id 47862230
score 66
target_url https://lwn.net/Articles/1068928/
🔥 Top Stories 531 items