Linux, gaming and the long life of kernel bugs
Linux has become a serious contender for PC gaming. With gaming focused distributions like SteamOS, Bazzite and Nobara, more players are trying Linux on their desktops and handheld gaming PCs. But along with that new freedom comes an uncomfortable reality. Some Linux bugs can live in the kernel for years before they are found and fixed.
Researcher and developer Jenny Guanni Qu recently analyzed Linux kernel bug fixes going back to 2005. Her work highlights how long some issues can stick around under the hood of the operating system that powers many gaming rigs and handhelds.
For anyone thinking about switching from Windows to Linux for gaming this kind of data can either be reassuring or worrying depending on how you look at it.
What the research found inside the Linux kernel
Qu built a tool to sift through Linux kernel changes and track any commit that fixed a vulnerability. After crunching the data she ended up with 125,183 vulnerability records spanning about two decades of kernel development.
From that huge data set a few key stats stand out.
- The average lifetime of a bug in the Linux kernel is about 2.1 years. That means from the moment a bug is introduced to the moment it is fixed there is often a multi year window where it can affect users.
- Thirteen percent of all bugs had been around for five years or more before finally being patched.
- Looking just at bugs fixed in 2025 around 20 percent of those had been hiding for five or more years. This jump is partly a statistical artifact because it is a small time slice but it also shows how many old issues are still being uncovered.
At first glance the trend seems very positive. Qu notes that bugs introduced in 2010 took nearly ten years on average to be discovered while bugs introduced in 2024 were found in roughly five months. That sounds like a massive improvement but there is a catch.
This data is affected by what statisticians call right censoring. We simply have not reached the full lifetime of many recent bugs yet. A bug introduced in 2022 cannot show a ten year lifetime today because we are not ten years into its existence. More of those bugs may be discovered later which will pull the averages upward.
When you correct for that bias the more realistic picture is still encouraging. According to Qu we are doing two things at once.
- Finding new bugs faster thanks to better tooling and more active review.
- Slowly working through roughly 5,400 long lived bugs that have been hiding in the kernel for more than five years.
So the Linux kernel community is improving both its speed at catching fresh issues and its ability to dig out ancient ones that have been sitting unnoticed in less traveled corners of the code.
Why some bugs matter more for gamers
Not every kernel bug affects your gaming session in the same way. Qu’s analysis suggests that certain types of components and issues tend to be fixed faster while others linger.
One interesting detail for PC gamers is that GPU related bugs are usually resolved more quickly than some other categories. That makes sense. Graphics issues are highly visible and are more likely to be triggered regularly by games benchmarks and demanding 3D workloads. When a GPU driver or kernel interface bug crashes your system during a match it tends to get attention.
Networking bugs by contrast often take longer to fix. Some of them might show up only under special traffic patterns or rare testing sequences. For competitive gamers who rely on stable low latency connections that category still matters but those bugs are simply harder to reproduce and diagnose.
Qu highlights several common root causes that are often behind long lived bugs.
- Reference counting errors
- Missing NULL checks after dereference
- Integer overflow in size calculations
- Race conditions in state machines
Race conditions are a classic example of the kind of bug that can live for ages. They depend on very specific timing that might only occur once in a million executions. A kernel path that only gets hit in a rare test or under weird workload mix might stay broken for years simply because almost nobody triggers it.
One of the oldest networking bugs Qu found had survived unfixed for 19 years. The reason was surprisingly simple. It only appeared when running a very specific test sequence for a specific length of time and for nearly two decades nobody ran that exact combination.
AI tools, Linux gaming and what this means for you
The research is not just an academic curiosity. Qu presents it as a motivation for a tool called VulnBERT. This is an AI model trained to predict whether a given commit to the Linux kernel is likely to introduce a vulnerability. According to the results it can flag about 92.2 percent of the commits that actually introduce bugs.
For kernel developers and maintainers that is potentially huge. It means automated systems can help review the firehose of incoming changes and point humans toward risky areas before those changes ever ship in a distribution like SteamOS or a custom handheld image such as Bazzite.
For everyday players the takeaway is more about expectations. Linux’s open and modular nature makes it fantastic for tinkering and for specialized gaming builds. You really can own and shape your software stack. That same complexity also means some bugs are going to lurk in obscure code paths for a long time.
If you are coming from Windows you might already know that no platform is perfect when it comes to bugs. Linux has its own style of issues and sometimes a misbehaving kernel component or driver can be enough to push a gamer back to a more familiar OS. On the flip side the transparency of open source and the growing use of AI assisted code review suggest that Linux should keep getting more reliable over time for gaming workloads.
With major hardware vendors showing off new GPUs CPUs and gaming laptops at shows like CES and continuing to improve their Linux drivers the ecosystem is moving quickly. Research like Qu’s along with tools such as VulnBERT aim to make sure the underlying kernel that powers all those systems is catching up on stability too.
Original article and image: https://www.pcgamer.com/software/linux/linux-researcher-and-developer-says-there-are-bugs-in-your-kernel-right-now-that-wont-be-found-for-years-i-know-because-i-analyzed-125-183-of-them/
