Re: Fear mongering
I think you’re being paranoid. If problems like this weren’t disclosed at all, the vulnerability of the process might remain ad infinitum. Then Linux’s reputation could be easily torn to shreds by an unusually high level of exploited bugs that had the hallmarks of an inside job, a traitor in the kernel community, but wasn’t. Publication of artIcles about the problem clears out that possibility, and any fix for this problem is instantly understood.
The fix might be a bit of a blunt instrument - eg the kernel devs have a closed private repo where they fix severe bugs out of sight - and it would still be possible to know something was up. But giving away that “something’s up” is hardly going to be unusual. Things get fixed all the time.