Linus Torvalds says AI bug reports have made the Linux security mailing list 'almost entirely unmanageable' — flood of duplicate vulnerability reports prompts switch to public disclosure
Linus Torvalds has expressed concerns that AI-generated bug reports have overwhelmed the Linux security mailing list, making it nearly unmanageable. The influx of duplicate reports from researchers using similar AI tools has prompted a shift to public disclosure for AI-found vulnerabilities. New documentation now requires these reports to be submitted directly to maintainers rather than through the private mailing list.
- ▪Torvalds stated that the private security mailing list is now 'almost entirely unmanageable' due to duplicate reports.
- ▪The Linux kernel's new documentation mandates that AI-found bugs be reported publicly.
- ▪The volume of reports has increased from two to three per week to five to ten per day, causing triage issues.
Opening excerpt (first ~120 words) tap to expand
Software Operating Systems Linux Linus Torvalds says AI bug reports have made the Linux security mailing list 'almost entirely unmanageable' — flood of duplicate vulnerability reports prompts switch to public disclosure News By Luke James published 18 May 2026 New kernel documentation now formally requires AI-found bugs to be reported publicly. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Getty) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Linus Torvalds declared the Linux kernel's private security mailing list "almost entirely unmanageable" on Sunday in his weekly post…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Tom's Hardware.
Discussion
0 commentsMore from Tom's Hardware
