Kernel code removals driven by LLM-created security reports

· security open-source ai · Source ↗

Article

TL;DR

Linux removes AX.25 and other legacy modules after AI-generated bug reports overwhelm understaffed maintainers.

Key Takeaways

  • AX.25 ham radio module removed; AI bug flood cited as direct trigger by maintainers
  • LLMs surface real bugs in unmaintained code but nobody steps up to fix them
  • Removing unmaintained legacy code is net-positive regardless of how bugs were found

Discussion

Top comments:

  • [s20n]: AX.25 removal is genuinely sad; useful for mesh networking beyond just ham radio
  • [sscaryterry]: All these bugs existed before; LLMs are just shining a bright light on them
  • [KJs6ZxELzQM37O]: Money funds finding bugs but not fixing them; wrong incentive structure
  • [mmsc]: Unmaintained code is itself a security liability; removal is net positive

Discuss on HN