Linus Torvalds has had enough. The Linux kernel chief declared the project’s security mailing list “almost entirely unmanageable.” The culprit? A flood of duplicate reports generated by AI tools.
Torvalds dropped the blunt assessment in his weekly state-of-the-kernel update on May 17, 2026. He had just shipped release candidate four for Linux 7.1. Progress looked “fairly normal.” Then he turned to the documentation. And he made it clear why it needed highlighting now.
“The continued flood of AI reports has basically made the security list almost entirely unmanageable, with enormous duplication due to different people finding the same things with the same tools,” he wrote. Short. Direct. Frustrating.
Developers waste hours forwarding messages. They repeat that a bug was fixed weeks ago. They point to public discussions already underway. All entirely pointless churn.
Torvalds sees the core problem. AI-detected bugs aren’t secret. By design. Multiple researchers run the same models against the same code. They spot identical issues. Yet they send reports to a private list. Reporters can’t see each other’s submissions. The duplication explodes. The list drowns.
He offered clear advice. “AI tools are great, but only if they actually help, rather than cause unnecessary pain and pointless make-believe work.” Feel free to use them. But make the experience better. Not worse.
The message lands with force. Torvalds rarely minces words on process failures. This one hits at the heart of how the kernel project handles vulnerabilities. Private lists exist for good reason. Real exploits that demand coordinated disclosure. Not every AI scan result.
New guidelines aim to restore order.
Just days earlier, Torvalds merged updated documentation that spells out exactly what counts as a security bug. Willy Tarreau, longtime kernel contributor known for stable releases and HAProxy, authored the new text. It lays out a threat model. It defines when a bug violates user isolation, process separation, or capability restrictions.
The docs draw a sharp line. Most security-related problems belong in public discussion. Broader review produces stronger fixes. The private security list stays reserved for urgent cases. Easily exploitable flaws that hit many users hard. That allow privilege escalation without special conditions.
AI reports get special callouts. Issues found with large language models should usually go public. Multiple people will find them anyway. The guidance demands plain text. No Markdown. Key facts first. Verified impact. Not speculation. Reporters must test any generated exploit. Confirm reproducibility. Better yet, bring a patch. Add value beyond the model’s output.
This update directly tackles the noise Torvalds described. It encourages using AI to develop fixes, not just surface leads. It rejects low-effort drive-by reports. The kind that say “AI found this” without understanding or follow-through.
The contrast with earlier views stands out. In March, kernel maintainer Greg Kroah-Hartman told The Register that AI reports had improved dramatically. “Months ago, we were getting what we called ‘AI slop,'” he said. “Something happened a month ago, and the world switched. Now we have real reports.”
Kroah-Hartman saw the shift as positive for open source overall. Tools got better. People used them more effectively. The kernel’s large team could absorb the volume. Smaller projects struggled more. Yet by May, Torvalds painted a different picture. The volume had crossed into dysfunction on the security list specifically.
Recent coverage shows the issue isn’t isolated. Linuxiac reported on the merged guidelines just yesterday. The new docs address the surge in low-quality submissions. They set quality bars for AI-assisted reports. They stress concise, actionable detail. Maintainers will deprioritize reports that lack it.
Other developments add context. Earlier this year, proposals surfaced to drop support for older network drivers. The reason? AI-generated bug reports made maintenance unsustainable. False positives and duplicate noise overwhelmed volunteers. One patch series from Andrew Lunn highlighted how legacy code now carries too high a cost.
Torvalds’ frustration echoes broader tensions. AI accelerates discovery. It finds corner cases humans might miss. It scales analysis across millions of lines. But it doesn’t replace judgment. It doesn’t triage. It doesn’t write patches that account for kernel internals, stable rules, or long-term maintainability.
The Linux project has adapted before. It set rules for AI-assisted code contributions last year. Humans remain responsible. Code must meet license terms. Now the security process gets the same treatment. Documentation serves as both instruction and defense. It tells reporters what to do. It protects maintainer time.
But. The list stays flooded today. Forwarding. Duplicate acknowledgments. “Already fixed.” These tasks eat hours. They pull focus from real vulnerabilities that require careful handling. From architectural improvements. From the next release cycle.
Torvalds wants contribution that adds value. Read the docs. Understand the bug. Create a patch. Test it. Explain the impact clearly. Don’t send random AI output. Don’t expect the private list to act as first filter for every scan result.
His final words in the post carried edge. “If you found a bug using AI tools, the chances are somebody else found it too. If you actually want to add value, read the documentation, create a patch too, and add some real value on top of what the AI did. Don’t be the drive-by ‘send a random report with no real understanding’ kind of person. OK?”
The kernel community has grown massive. It powers everything from smartphones to supercomputers. Its security processes evolved for human-scale reporting. Coordinated disclosures. Responsible researchers. Now AI scales the input side without scaling the judgment or collaboration.
So the project pushes back. With clearer rules. With public-by-default for most AI findings. With explicit quality standards. With a threat model that focuses effort where it matters.
Whether that stems the tide remains open. Tools improve fast. More researchers adopt them. The duplication problem could worsen before processes catch up. Yet Torvalds’ message sets expectations. AI is welcome. Low-effort noise is not.
The documentation Torvalds highlighted now carries new weight. It isn’t optional reading. For AI-powered bug hunters, it’s the price of admission. Get it right. Or watch your report disappear into the churn.
WebProNews is an iEntry Publication