Well, I haven't noticed the DoS in the bug report for the first look, I had to do a search in
I think there are very very few security consious developers like yourself. Most of them won't
notice that a "double free" is a security bug. Most of them start to read the bugzilla entry
from the "Description" part and would miss the summary.
Given the speed of kernel development, the amount of changes and the lack of common bug
database (and it's integration with the version control system), I still think it's
incompetence, not malice. I haven't examined all of the links in details, but haven't read a
"it's a security fault, let's hide it" comment which would prove malice.
Not that's it all that reassuring.