[...]
These are real bugs though. Dan Guido, CEO of Trail of Bits, a security company with a proven track-record, tweeted: "Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public afaik), and their exploit code works." But, Guido admitted, "Yes, all the flaws require admin [privileges] but all are flaws, not expected functionality".
Torvalds agrees these are bugs, but all the hype annoys the heck out of him because they do not matter in the real world.
They require a system administrator to be almost criminally negligent to work. To Torvalds, inflammatory security reports are annoying distractions from getting real work done. He said that a recent Linux "vulnerability", Chaos, required the attacker to have the root password.
"News flash: If an attacker has the root password, your system is already completely hosed. Everything else is just details."
[...]