Multiple release breaches are a pain for many reasons. It's very unlikely that companies would spend time doing that, even if they were given a chance to do so.
I can certainly see why multiple branches aren't popular - device fragmentation is bad enough without trying to identify which update branches are affected by some new security bug.
That said, I think companies that require up-to-date devices for security fixes deserve less leeway about the contents of their non-security releases. I've gotten multiple smartphone updates which I considered entirely harmful - they traded cosmetic or vendor-friendly changes against worse battery/performance/usability - and I think "let us break your device or you can't have security" is an unacceptable proposition.