Kernel code removals driven by LLM-created security reports
TL;DR Highlight
Linux kernel maintainers are removing legacy drivers—ISA, PCMCIA, AX.25, ATM, and ISDN—after AI-generated security bug reports overwhelmed them, demonstrating a drastic response to unmanageable code.
Who Should Read
Linux kernel contributors, open-source project maintainers, or developers utilizing or considering LLM-based automation tools for vulnerability detection.
Core Mechanics
- Linux kernel maintainers proposed patches to remove ISA/PCMCIA Ethernet drivers, parts of the PCI driver, the AX.25 and amateur radio subsystem, ATM protocols and drivers, and the ISDN subsystem.
- The removal reason isn't technical flaws, but a surge in security bug reports automatically generated by LLMs. Maintainer comments explicitly state the need to remove code to protect mental health due to the inability to process AI-generated reports.
- AX.25 (amateur radio packet communication protocol) and related HAM radio drivers already received many bug reports from syzbot (kernel automated fuzzing tool), and the influx of AI reports finalized the removal decision.
- Most of the removed code are drivers or protocols for legacy hardware primarily used before the 2010s. ATM has been replaced by MPLS/MetroE, ISDN is virtually obsolete, and laptops with PCMCIA slots haven’t been produced since 2008.
- These codes were in a ‘non-maintained state’ but were included in a large project (Linux kernel), giving the illusion of maintenance. Had they been independent projects, their inactive status would have been apparent years ago.
- The validity of bug reports generated by LLMs is debated. Some linked emails highlight the issue of ‘junk reports’ from AI increasing review burden without adding value.
- The removed code can potentially be continued as out-of-tree kernel modules or userspace implementations. The HAM radio community has already begun discussing a userspace protocol implementation written in a more modern language.
Evidence
- "HAM radio community users expressed regret over the AX.25 removal, and a thread explaining the decision’s background appeared on the linux-hams mailing list, alongside optimistic views about a modern userspace protocol becoming the new standard."
How to Apply
- When integrating LLM-based security scanners or automated bug reporting tools into open-source projects, a report quality filtering layer is essential. Failing to validate AI-generated issues can overwhelm maintainers and lead to code removal, as seen in this case.
- If your project includes legacy drivers or modules that are effectively unmaintained, assess their maintenance status before deploying LLM-based vulnerability scanners. AI tends to report more pattern-based vulnerabilities in older code, potentially flooding the issue tracker with noise.
- If you operate industrial environments requiring legacy hardware support in kernels or system software, verify whether your drivers are on the removal list (ISA, PCMCIA, ATM, AX.25, ISDN) and prepare for out-of-tree module maintenance or userspace alternatives.
Terminology
syzbotGoogle's Linux kernel automated fuzzing system. It continuously inputs random data into kernel code to automatically find and report crashes and bugs.
out-of-tree moduleA kernel module managed separately from the official Linux kernel source tree. It doesn't need to be included in the kernel mainline and can be built and installed by users directly or as a separate package.
AX.25A packet data protocol used in amateur radio (HAM radio) communication. It's a legacy communication protocol that predates the internet.
ATMAsynchronous Transfer Mode. A high-speed data transmission protocol used in carrier backbones in the 1990s and early 2000s, now largely replaced by MPLS or standard internet connections.
ISDNIntegrated Services Digital Network. A technology for transmitting digital data over telephone lines, used as an internet connection method in Korea before ADSL. It is now virtually unused.
fuzzingAn automated testing technique that injects random or unexpected inputs into software to discover crashes, bugs, and vulnerabilities.