>> reveal security implications you already know of.
> And the simple answer has been given over and over: "There are very, very few of those
Are you kidding? There are very, very many of those.
A more complex answer would be more accurate: "Sometimes people are sloppy or forgetful, sometimes they do not want to reveal how to exploit a bug, and sometimes by some strange fluke they actually do do a good job of explaining what a patch fixes". And while it is right to be concerned that some patches do a poor job of explaining their impact and why anyone would want the change they make (which is what a change description should do), mischaracterising the problem and helplessly demanding that other people solve it instead of, say, reviewing patches as they appear on the linux-kernel@ list and providing feedback to help their authors, does not seem like a particularly good way to improve, well, anything.