Kernel code removals driven by LLM-created security reports

· open-source security llm · Source ↗

Article

TL;DR

Linux is removing unmaintained subsystems like AX.25 because AI-generated bug reports overwhelmed volunteer maintainers.

Key Takeaways

  • AX.25 HAM radio and ISDN modules removed after AI bug flood with no maintainers to respond
  • Unmaintained code is a security liability regardless of source; removals are net positive
  • AI bug finders can expose code surface faster than open source communities can absorb reports

Discussion

Top comments:

  • [mmsc]: Unmaintained code is itself a security issue; removals are a net benefit
  • [tristor]: Removed components are unused in modern hardware; out-of-tree modules still possible
  • [s20n]: AX.25 removal is a loss for HAM radio on Linux; nobody stepped up to help
  • [KJs6ZxELzQM37O]: Money funding LLM bug finders should also fund humans to fix the bugs found

Discuss on HN