Linux-next5.1.2 was just uploaded with a severe Intel CVE addressed, see:
https://www.spinics.net/lists/kernel/msg3128513.html
https://xenbits.xen.org/xsa/advisory-297.html
for more background
As you can read in the above, it has been known for a few months, work has been done in secret, patches are basically untested and many more will probably follow.
So my question is now, risk stability in the linux kernel and already move it now to 5.016? Or my preference, wait a few weeks and let the dust settle a bit, and for those who worry about this, use the linux-next kernel?

I'm of the same opinion: linux-next for these who need/want the fix right now, linux can wait until the dusk settles (and as fallback if something really should go wrong on the specific hardware on the user). I think users of KaOS are not primary target vector.

Maybe an update of the microcode with the fix in it (when available) would be another option for linux too.

  • demm replied to this.

    adurol Maybe an update of the microcode with the fix in it (when available) would be another option for linux too.

    New intel-ucode is added today, will be build into any kernel compiled after today, so new linux version for sure will have latest microcode.

    "wait a few weeks and let the dust settle a bit, and for those who worry about this, use the linux-next kernel"
    is OK for me.