From my perspective, it seems like it would be nice for someone to do the work of identifying
security bugs specifically and explaining, for each one, what sort of situations expose the
user to danger, how to work-around it, and what patch(es) fix it.
We've already heard that GregKH and Linus aren't going to do that.
Perhaps there's an opportunity for some other motivated, skilled person to offer that service?
Such a service would help some users manage their risks better, and it would provide a
valuable "feedback loop" to the kernel developers by documenting the issues.