[sirdarckcat]

> Sometimes I wish there was a Linux kernel security advisory process, but this would need funding or a dedicated volunteer.

This is already happening https://osv.dev/list?q=Kernel&affected_only=true&page=1&ecos...

[amluto]

As far as I know, this doesn’t get information from upstream maintainers. For this to work well, I think we would want actual advisories generated around commit time, embargoed early notification, and a process for publication.