The man who built Linux from scratch just drew a hard line. Linus Torvalds went public this week with a warning that is shaking the open-source world: AI-generated bug reports have pushed the Linux kernel’s security mailing list to its breaking point. And the problem, he says, is only getting worse.
A Security List Buried in Noise
Torvalds delivered the warning in his weekly “state of the kernel” post on May 17, 2026, alongside the release of Linux 7.1 RC4. He did not hold back.
“The continued flood of AI reports has basically made the security list almost entirely unmanageable, with enormous duplication due to different people finding the same things with the same tools,” Torvalds wrote directly on the Linux Kernel Mailing List.
The root problem is straightforward. Multiple independent researchers are running the same AI scanning tools against the same Linux codebase. Each one finds the same bugs. Each one files a separate private report. Nobody on that private list can see what others have already submitted. So the same issues pile up again and again, sometimes for problems that were fixed weeks or even months earlier.
Kernel maintainers are now burning hours on work that moves nothing forward. As Torvalds put it, “People spend all their time just forwarding things to the right people or saying ‘that was already fixed a week/month ago.'” He called it “entirely pointless churn.”
AI-generated bug reports overwhelming Linux kernel security workflow
Why the Private List Makes Things Worse
Torvalds made a sharp and logical argument about where the problem lives. AI-detected bugs are, by their very nature, not secret. If an AI tool can find a bug, then every researcher with access to the same tool can find the exact same bug, often on the same day.
“AI detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved.”
That logic exposes something important. The private security mailing list exists to handle truly sensitive, zero-day vulnerabilities that could give an attacker unexpected access to a correctly configured production system before a fix is ready. Filing an AI-generated scan result in that channel does not make the bug secret. It just hides the report from other researchers who may have already found and filed the same issue.
The result is a broken feedback loop. Duplication goes up. Response quality goes down. Real vulnerabilities that genuinely need confidential handling get buried under the noise.
What Torvalds Actually Wants Researchers to Do
Torvalds was blunt that he is not pushing AI tools out of Linux development. His frustration is aimed at how those tools are being used, not the tools themselves.
Here is what the new Linux kernel documentation now formally requires for AI-assisted security reports:
- Treat AI-found bugs as public disclosures, not private security issues
- Submit directly to the relevant maintainers, not through the private security list
- Reports must be concise and formatted in plain text
- A verified reproducer must be included
- Go beyond the raw finding and provide a patch where possible
“If you found a bug using AI tools, the chances are somebody else found it too,” Torvalds wrote. “If you actually want to add value, read the documentation, create a patch too, and add some real value on top of what the AI did. Don’t be the drive-by ‘send a random report with no real understanding’ kind of person.”
That last phrase captures exactly what has gone wrong. AI has made it trivially easy to generate a report. It has not made it any easier for a maintainer to review one. The cost of submission has collapsed. The cost of triage has not moved at all.
A Split at the Top of the Linux World
The timing of Torvalds’ warning creates an interesting contrast inside Linux’s own leadership. Just as Torvalds was calling out the flood of low-quality AI reports from outside researchers, his closest lieutenant was doing the opposite with AI from the inside.
Greg Kroah-Hartman, widely considered the second most powerful figure in Linux kernel development, has been running his own AI-powered bug-hunting system called the “Clanker T1000.” The setup runs entirely on a Framework Desktop powered by an AMD Ryzen AI Max+ processor, using a local large language model to scan kernel code without any cloud dependency. Since April 7, 2026, the system has helped produce nearly two dozen patches merged into the mainline kernel, covering areas including ALSA, HID, SMB, Nouveau, and IO_uring.
The key difference is process. Kroah-Hartman reviews every finding personally, writes the fix himself, and takes full responsibility before anything gets submitted. Each patch carries a “Assisted-by: gregkh_clanker_t1000” tag. Nothing gets through without human judgment and accountability at every step.
In March 2026, Kroah-Hartman had told The Register that AI bug reports had shifted from low-quality noise to genuinely useful contributions, describing what he called an inflection point where “the world switched” and real reports started coming in. That view sits in direct tension with what Torvalds is seeing from the wider research community flooding the private security list right now.
Linux Is Not the Only Project Feeling This Pain
This crisis is not unique to Linux. It is playing out across the open-source world, and the consequences are getting serious.
In January 2026, the curl project shut down its long-running HackerOne bug bounty program entirely. The program had run since 2019, confirmed 87 real vulnerabilities, and paid out over $100,000 in rewards. Creator Daniel Stenberg ended it after the confirmed-vulnerability rate collapsed from above 15 percent to below 5 percent, driven by a surge in low-quality AI-generated submissions. In the first 16 hours of a single week in January 2026, seven new reports arrived. None identified a real vulnerability.
HackerOne itself later paused its Internet Bug Bounty program in April 2026, citing the unsustainable volume of AI-assisted reports overwhelming maintainers’ ability to process them. Django, Node.js, and other major open-source projects have each introduced stricter rules or filters to cope with the same pressure.
The pattern is the same everywhere. As one analysis summed it up precisely: AI removed the cost of generating a report while leaving the cost of reviewing it completely unchanged. That gap is now breaking programs that the open-source security community spent years building.
The Linux kernel’s new documentation lays out the community’s answer clearly. AI is welcome. Unverified, drive-by reports filed with no patch, no understanding, and no accountability are not. The line Torvalds has drawn is not between human and machine. It is between contributors who take responsibility and those who use AI as a shortcut to skip it. For one of the most critical pieces of software powering the modern internet, that distinction matters more than most people realize. What do you think? Is the open-source security model strong enough to survive the AI era? Drop your opinion in the comments below.
