AI Bug Reports Overwhelm Linux Security List, Torvalds Says

Key Takeaways

• The Linux kernel's private security list went from 2-3 reports per week to 5-10 per day, mostly duplicates from AI tools
• New policy requires AI-found vulnerabilities to be submitted publicly, not through private security channels
• Torvalds urges researchers to write patches, not just file raw AI findings

Linus Torvalds declared the Linux kernel's private security mailing list "almost entirely unmanageable" on Sunday. The culprit: a flood of duplicate vulnerability reports from researchers running the same AI tools against the same code.

The complaint came in Torvalds' weekly post to the Linux Kernel Mailing List (LKML), alongside the release of Linux 7.1-rc4. He pointed developers to newly merged documentation that formalizes how AI-assisted bug reports should be handled going forward.

The Duplication Problem

The core issue is volume combined with redundancy. Multiple researchers independently discover identical bugs using automated tools, then file them separately on a private mailing list where nobody can see what has already been submitted. Maintainers spend their time triaging duplicates and directing reporters to fixes that were merged weeks earlier.

“AI detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved.”

— Linus Torvalds, on LKML

Willy Tarreau, creator of HAProxy and a longtime Linux kernel stable maintainer, provided concrete numbers in March. He said the security list received roughly two to three reports per week two years ago. Now it receives five to 10 reports per day. Most are solid finds, but the duplication across researchers using similar tooling has overwhelmed the existing triage process.

New Rules for AI-Found Bugs

The project's updated security documentation states that vulnerabilities found using AI tools should be treated as public disclosures. Researchers should submit them directly to the relevant maintainers, not route them through the private security list. Reports must be concise, formatted in plain text, and include a verified reproducer.

Torvalds urged researchers to go beyond filing raw findings.

“If you actually want to add value, read the documentation, create a patch too, and add some real value on top of what the AI did. Don't be the drive-by 'send a random report with no real understanding' kind of person.”

— Linus Torvalds

The Clanker T1000 Model

Torvalds' approach matches what fellow maintainer Greg Kroah-Hartman has been doing with his "Clanker T1000" system. This Framework Desktop-powered bug-finding tool follows a complete workflow: discover the issue, write the fix, take responsibility for the patch, and submit it publicly.

The Linux kernel project formalized its broader stance on AI-assisted contributions last month. The project-wide policy permits AI-generated code provided developers follow strict disclosure rules. Under that policy, AI agents cannot use the legally binding "Signed-off-by" tag. Contributors must use a new "Assisted-by" tag for transparency.

Why This Matters for Open Source

The Linux kernel is the foundation of Android, most cloud infrastructure, and countless embedded systems. Its security process affects billions of devices. When that process gets clogged with duplicate reports, legitimate vulnerabilities can get lost in the noise.

The shift to public disclosure for AI-found bugs also reflects a practical reality: if 50 researchers can find the same bug with the same tool, the bug is not secret. Treating it as confidential just wastes maintainer time without providing any actual security benefit.

Frequently Asked Questions

Why is the Linux security mailing list overwhelmed?

Multiple researchers are using the same AI tools to find identical bugs, then filing separate reports on a private list where nobody can see what's already been submitted. Report volume jumped from 2-3 per week to 5-10 per day.

What are the new rules for AI-found Linux bugs?

AI-discovered vulnerabilities must be submitted publicly to relevant maintainers, not through the private security list. Reports need to be concise, in plain text, and include a verified reproducer.

Can AI-generated code be contributed to the Linux kernel?

Yes, but with restrictions. AI agents cannot use the legally binding "Signed-off-by" tag. Contributors must use a new "Assisted-by" tag for transparency, and humans remain responsible for all code.

What is the Clanker T1000 system?

It's maintainer Greg Kroah-Hartman's AI bug-finding tool that follows the complete workflow Torvalds endorses: find the bug, write the fix, take responsibility, and submit publicly.

Source: Latest from Tom's Hardware