The worst thing would be to exploit or sell it for profit. Instead of that, publicizing the exploit is closer to neutral–good in my books, that did trigger a really quick reaction from the different actors to patch their kernels and systems

▲

ori_b 6 hours ago | parent [-]

Imagine how much quicker the distros would have reacted if they were given a heads up a month ago. But, sure, I guess kudos to this company for not being actively criminal, and merely bumblingly incompetent and overly eager to get their marketing pitch out the door.

	▲	x4132 2 hours ago \| parent [-]
		to which distros? how do you ensure fairness? Do you report this to the maintainer of Red Star OS (north korea)? The kernel security team was given the heads up a month ago. At that point it is their decision.