One is remotely accessible. The other is locally accessible.

The GP you were replying to mentioned a vulnerability "present by default and an attacker can trivially cause it to be loaded".

You responded contrasting a network service with an administrator-loadable module.

This is neither of those. It's an LPE, not a remote exploit. It doesn't require an administrator (root) to load anything. In context of this vuln, it's exactly analogous to socket activation. The scope of an LPE vuln is local; yes. What does that have to do with the rest of your comments?

	▲	akerl_ an hour ago \| parent [-]
		I don't understand what point you're trying to make here. I originally replied to a comment saying "This feels like the practice of Linux distros back in 1999 when they'd ship default installs with dozens of network services exposed to the internet". It is not like that.